Skip to content

Fix/398 dto validation#458

Open
pharwasz wants to merge 3 commits into
StayLitCodes:mainfrom
pharwasz:fix/398-dto-validation
Open

Fix/398 dto validation#458
pharwasz wants to merge 3 commits into
StayLitCodes:mainfrom
pharwasz:fix/398-dto-validation

Conversation

@pharwasz

Copy link
Copy Markdown

Summary

Closes #398

Adds comprehensive input validation across all DTOs using class-validator decorators, ensuring request payloads are properly validated before reaching business logic.

Changes

  • Auth DTOs (auth.dto.ts, profile.dto.ts) – added validation for email, password strength, and profile fields
  • Asset DTOs (asset.dto.ts) – validated asset creation and update payloads
  • Escrow DTOs – validated all escrow lifecycle operations (create, fund, cancel, dispute, expire, milestone, etc.)
  • Admin DTOs (consistency-check.dto.ts) – validated admin consistency check inputs
  • Validators util (validators.ts) – added shared custom validator logic with unit tests

Tests

All DTOs have corresponding .spec.ts files covering valid and invalid input scenarios.

@drips-wave

drips-wave Bot commented Jun 29, 2026

Copy link
Copy Markdown

@pharwasz Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

@pharwasz

Copy link
Copy Markdown
Author

kindly approve workflow

@pharwasz

pharwasz commented Jul 1, 2026

Copy link
Copy Markdown
Author

Hi, pls kindly approve

@pharwasz pharwasz force-pushed the fix/398-dto-validation branch from bb8944d to 2710238 Compare July 3, 2026 06:31
@pharwasz

pharwasz commented Jul 3, 2026

Copy link
Copy Markdown
Author

hello, are you there

- Replace manual Stellar address regex checks with @IsStellarAddress()
- Add @IsUUID() to ID fields referencing UUID primary keys (userId, actorId)
- Add @maxlength()/@isnotempty() to text fields across all DTOs
- Add @max() bounds to monetary amount fields
- Add unit tests for all escrow DTOs
- Fix invalid Stellar address test fixtures (wrong length)
- Load reflect-metadata globally via jest-setup.js for class-validator
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

fix(backend): Add input validation and sanitization across all DTOs

1 participant