Simplifying String Validation in Go: Introducing validatorgo

A library of string validators and sanitizers, based on the js library validator.js

Why Choose validatorgo?

Why not use popular Go libraries like Package validator or govalidator? While both libraries are well-known, validatorgo focuses on standalone string validation and provides an extensive collection of customizable validators inspired by validator.js, which neither of these Go libraries fully implement.

Here’s how validatorgo stands out compared to go-playground/validator and govalidator:

---

1. Compared to go-playground/validator

• Direct String Validation: go-playground/validator is primarily built for validating struct fields using tags, which is ideal for handling JSON or struct-based data. However, it’s not designed for validating individual strings, which ValidatorGo does seamlessly, without the need for struct tags or additional setup.

• Performance: go-playground/validator relies on reflection to dynamically inspect struct tags. While powerful, reflection can introduce performance overhead—especially when large or complex data structures are validated. validatorgo avoids reflection, which boosts performance, making it faster and more efficient for scenarios where single-field validations are needed.

---

2. Compared to asaskevich/govalidator

• Customization and Flexibility: govalidator provides a range of validators for strings, but validatorgo enhances flexibility by allowing specific options and configurations for individual validators. For example, date formats or locale specifications can be customized, giving developers more control over validation rules tailored to project needs.

Project Motivation

I created validatorgo to serve as a dependency for another Go library called ginvalidator, which validates HTTP requests in Go web applications. Inspired by express-validator, the popular validation library for Node.js and Express, ValidatorGo fills a gap in the Go ecosystem for efficient, customizable, and straightforward string validation. Since other libraries were either overkill, lacked functionality, or didn’t meet my use case, I built validatorgo to offer a practical solution.

Installation

Using go get.

 go get github.com/bube054/validatorgo

Then import the package into your own code.

 import (
   "fmt"
   "github.com/bube054/validatorgo"
 )

If you are unhappy using the long validatorgo package name, you can do this.

 import (
   "fmt"
   vgo "github.com/bube054/validatorgo"
 )

Simple validator example

 func main(){
   id := "5f2a6c69e1d7a4e0077b4e6b"
   validId := vgo.IsMongoID(id)
   fmt.Println(validId) // true
 }

Some Validators

Below is a list of validators provided by the validatorgo package, which covers various string formats and types, making it versatile for multiple validation needs.

Validator	Description
Contains	Checks if a string contains a specified substring.
Equals	Validates if a string is exactly equal to a comparison string.
IsAbaRouting	Checks if the string is a valid ABA routing number (US bank accounts).
IsAfter	Validates if a date string is after a specified date.
IsAlpha	Ensures the string contains only letters (a-zA-Z).
IsAlphanumeric	Validates if a string contains only letters and numbers.
IsAscii	Checks if the string contains only ASCII characters.
IsBase32	Checks if the string is a valid Base32 encoded value.
IsBase64	Validates if a string is in Base64 encoding.
IsBefore	Ensures the date is before a specified date.
IsBoolean	Checks if the string is either "true" or "false".
IsCreditCard	Validates if the string is a valid credit card number.
IsCurrency	Checks if the string is a valid currency format.
IsDate	Validates if a string is a valid date.
IsDecimal	Ensures the string represents a valid decimal number.
IsEmail	Checks if the string is a valid email address format.
IsEmpty	Validates if a string is empty.
IsFQDN	Checks if the string is a fully qualified domain name.
IsFloat	Ensures the string represents a floating-point number.
IsHexColor	Validates if a string is a valid hex color (e.g., #FFFFFF).
IsIP	Checks if the string is a valid IP address (IPv4 or IPv6).
IsISO8601	Validates if the string is in ISO8601 date format.
IsLength	Checks if the string’s length is within a specified range.
IsMimeType	Validates if the string is a valid MIME type.
IsMobilePhone	Checks if the string is a valid mobile phone number for specified locales.
IsMongoID	Validates if the string is a valid MongoDB ObjectID.
IsNumeric	Ensures the string contains only numeric characters.
IsPostalCode	Checks if the string is a valid postal code for specified locale.
IsRFC3339	Validates if the string is in RFC3339 date format.
IsSlug	Checks if the string is URL-friendly (only letters, numbers, and dashes).
IsStrongPassword	Ensures the string meets common password strength requirements.
IsURL	Validates if the string is a URL.
IsUUID	Checks if the string is a valid UUID (versions 1-5).
IsUpperCase	Ensures the string is all uppercase.
IsVAT	Checks if the string is a valid VAT number for specified countries.
Matches	Validates if the string matches a specified regular expression.

This table should cover most validators currently available in validatorgo. Make sure to refer to the package's documentation for more detailed usage of each validator.

⚠ Caution

When using a validator that requires an options struct (either a pointer or non-pointer), always provide values for all the struct fields explicitly.
Unlike in validator.js, where missing fields are automatically set to defaults, Go uses strict types.
This means missing values will default to false for booleans, 0 for number types, etc.
Not specifying all fields could lead to unexpected behavior if you're used to the JavaScript version.

Examples

  // do this (using the default options specified in the docs)
  ok := validatorgo.IsFQDN("example", nil)

  // or this (explicitly setting all possible fields for the structs)
  ok := validatorgo.IsFQDN("example", &validatorgo.IsFQDNOpts{
    RequireTld: false,
    AllowUnderscores: false,
    AllowTrailingDot: true,
    AllowNumericTld: false,
    IgnoreMaxLength: true
  })

  // but rarely this(not explicitly setting all possible fields)
  ok := validatorgo.IsFQDN("example", &validatorgo.IsFQDNOpts{ RequireTld: false, })

Simple sanitizer example

  import (
   "fmt"
   "github.com/bube054/validatorgo/sanitizer"
 )

 func main(){
   str := sanitizer.Whitelist("Hello123 World!", "a-zA-Z")
   fmt.Println(str) // "HelloWorld"
 }

Sanitizers

Sanitizer	Description
Trim	Removes whitespace from both ends of the string.
LTrim	Removes whitespace from the left side of the string.
RTrim	Removes whitespace from the right side of the string.
ToLower	Converts the entire string to lowercase.
ToUpper	Converts the entire string to uppercase.
Escape	Escapes HTML characters in the string to prevent injection attacks.
Unescape	Reverts escaped HTML characters back to normal characters.
NormalizeEmail	Standardizes an email address, e.g., removing dots in Gmail addresses.
Blacklist	Removes characters from the string that match specified characters or patterns.
Whitelist	Retains only characters in the string that match specified characters or patterns.
Replace	Replaces occurrences of a substring with a specified replacement.
StripLow	Removes control characters, optionally allowing some specified ones.
TrimSpace	Trims all types of whitespace from both ends of the string.
ToBoolean	Converts common truthy and falsy values in strings into boolean true or false.
ToInt	Converts a numeric string into an integer, if possible.
ToFloat	Converts a numeric string into a floating-point number, if possible.

These sanitizers are often used to ensure data consistency and security by stripping out or modifying potentially unwanted or dangerous characters.

Make sure to refer to the official validatorgo documentation for specific implementations and examples of each sanitizer.

Summary

validatorgo is the ideal choice if you need:

• Efficient, reflection-free validations for individual fields without the performance costs associated with struct-based reflection.
• Highly customizable validation options that align with modern data formats, providing the same robustness as validator.js.

With validatorgo, you get a tool specifically designed for string validation, supporting both standalone and web application requirements in Go.

Maintainers

• bube054 - Attah Gbubemi David (author)