feat(schema): add universal Zod/TypeBox schema validator

jdalton · jdalton · commit 10c407773a44 · 2026-04-20T08:52:35.000-04:00
Adds three new public modules:

- `@socketsecurity/lib/schema/validate` — non-throwing validator. Returns
  `{ ok: true, value } | { ok: false, errors }` with normalized
  `{ path, message }` issues. Accepts any Zod-shaped schema
  (duck-typed on `.safeParse`); internally also recognizes TypeBox
  for socket-lib's own use (e.g. `src/ipc.ts` stub validation).

- `@socketsecurity/lib/schema/parse` — throwing twin for fail-fast
  trust boundaries (app startup, config files). Summarizes all
  issues into a single Error message.

- `@socketsecurity/lib/schema/types` — shared types: `Schema&lt;T&gt;`,
  `ParseResult&lt;T&gt;`, `ValidateResult&lt;T&gt;`, `ValidationIssue`, and
  `Infer&lt;S&gt;` (which unwraps Zod v3/v4 and TypeBox output shapes).

No runtime dependency on zod — consumers bring their own.
diff --git a/docs/api-index.md b/docs/api-index.md
@@ -5,7 +5,7 @@ Each entry links to the source module and shows the first sentence of its `@file
 
 > Regenerate with `node scripts/fix/generate-api-index.mts` after adding or removing exports. Do not edit this file by hand.
 
-**Jump to:** [Top-level](#top-level) · [argv/](#argv) · [constants/](#constants) · [cover/](#cover) · [dlx/](#dlx) · [effects/](#effects) · [env/](#env) · [json/](#json) · [packages/](#packages) · [paths/](#paths) · [releases/](#releases) · [stdio/](#stdio) · [themes/](#themes) · [validation/](#validation)
+**Jump to:** [Top-level](#top-level) · [argv/](#argv) · [constants/](#constants) · [cover/](#cover) · [dlx/](#dlx) · [effects/](#effects) · [env/](#env) · [json/](#json) · [packages/](#packages) · [paths/](#paths) · [releases/](#releases) · [schema/](#schema) · [stdio/](#stdio) · [themes/](#themes) · [validation/](#validation)
 
 ## Top-level
 
@@ -193,6 +193,14 @@ Each entry links to the source module and shows the first sentence of its `@file
 | [`@socketsecurity/lib/releases/github`](../src/releases/github.ts)         | GitHub release download utilities.     |
 | [`@socketsecurity/lib/releases/socket-btm`](../src/releases/socket-btm.ts) | Socket-btm release download utilities. |
 
+## schema/
+
+| Subpath                                                            | Description                                |
+| ------------------------------------------------------------------ | ------------------------------------------ |
+| [`@socketsecurity/lib/schema/parse`](../src/schema/parse.ts)       | Throwing twin of `validateSchema`.         |
+| [`@socketsecurity/lib/schema/types`](../src/schema/types.ts)       | Shared types for schema validation.        |
+| [`@socketsecurity/lib/schema/validate`](../src/schema/validate.ts) | Universal schema validator — non-throwing. |
+
 ## stdio/
 
 | Subpath                                                          | Description                                    |
diff --git a/package.json b/package.json
@@ -547,6 +547,18 @@
       "types": "./dist/releases/socket-btm.d.ts",
       "default": "./dist/releases/socket-btm.js"
     },
+    "./schema/parse": {
+      "types": "./dist/schema/parse.d.ts",
+      "default": "./dist/schema/parse.js"
+    },
+    "./schema/types": {
+      "types": "./dist/schema/types.d.ts",
+      "default": "./dist/schema/types.js"
+    },
+    "./schema/validate": {
+      "types": "./dist/schema/validate.d.ts",
+      "default": "./dist/schema/validate.js"
+    },
     "./sea": {
       "types": "./dist/sea.d.ts",
       "default": "./dist/sea.js"
diff --git a/src/schema/parse.ts b/src/schema/parse.ts
@@ -0,0 +1,38 @@
+/**
+ * @fileoverview Throwing twin of `validateSchema`.
+ *
+ * Use `parseSchema(schema, data)` for fail-fast trust boundaries (app
+ * startup, config files, internal assertions). Use the non-throwing
+ * `validateSchema` for recoverable input (form fields, API request bodies,
+ * anywhere errors need to surface to a user).
+ *
+ * @example
+ * ```ts
+ * import { z } from 'zod'
+ * import { parseSchema } from '@socketsecurity/lib/schema/parse'
+ *
+ * const Config = z.object({ host: z.string(), port: z.number() })
+ * const config = parseSchema(Config, json)  // throws on invalid
+ * ```
+ */
+
+import { validateSchema } from './validate'
+import type { Infer } from './types'
+
+/**
+ * Parse `data` against `schema` and return the validated value.
+ *
+ * @throws {Error} When validation fails. The message lists all issues as
+ *   `path: message, path: message, ...`. Use `validateSchema` if you need
+ *   structured access to the error list.
+ */
+export function parseSchema<S>(schema: S, data: unknown): Infer<S> {
+  const result = validateSchema(schema, data)
+  if (result.ok) {
+    return result.value
+  }
+  const summary = result.errors
+    .map(e => `${e.path.join('.') || '(root)'}: ${e.message}`)
+    .join(', ')
+  throw new Error(`Validation failed: ${summary}`)
+}
diff --git a/src/schema/types.ts b/src/schema/types.ts
@@ -0,0 +1,127 @@
+/**
+ * @fileoverview Shared types for schema validation.
+ *
+ * `Schema<T>` is the Zod-shaped duck-type contract — any validator with
+ * a `.safeParse(data)` method returning `{ success, data?, error? }`
+ * satisfies it. socket-lib detects Zod (v3 and v4) structurally via this
+ * interface; consumers bring their own Zod.
+ *
+ * `ValidateResult<T>` / `ValidationIssue` / `Infer<S>` / `AnySchema` are
+ * the normalized shapes produced by `@socketsecurity/lib/schema/validate`
+ * and `@socketsecurity/lib/schema/parse`.
+ */
+
+/**
+ * Result of a Zod-shaped schema's `.safeParse()` call.
+ *
+ * @template T - The expected type of the parsed data
+ */
+export interface ParseResult<T> {
+  /** Indicates whether parsing was successful */
+  success: boolean
+  /** Parsed and validated data (only present when `success` is `true`) */
+  data?: T | undefined
+  /** Error information (only present when `success` is `false`) */
+  error?: unknown
+}
+
+/**
+ * Zod-shaped duck-type for any validator exposing `safeParse` / `parse`.
+ *
+ * @template T - The expected output type after validation
+ *
+ * @example
+ * ```ts
+ * import { z } from 'zod'
+ *
+ * const userSchema = z.object({ name: z.string(), age: z.number() })
+ *
+ * // Schema satisfies this interface
+ * const schema: Schema<User> = userSchema
+ * const result = schema.safeParse({ name: 'Alice', age: 30 })
+ * ```
+ */
+export interface Schema<T = unknown> {
+  /** Non-throwing parse. */
+  safeParse(data: unknown): ParseResult<T>
+  /** Throwing parse. */
+  parse(data: unknown): T
+  /** Optional schema name for debugging. */
+  _name?: string | undefined
+}
+
+/**
+ * Internal structural shape of a Zod v4 schema — carries the inferred
+ * output type on `_zod.output`. Used for type-only detection in `Infer<S>`.
+ *
+ * @internal
+ */
+interface ZodV4LikeSchema<O = unknown> {
+  _zod: { output: O }
+  safeParse(data: unknown): unknown
+}
+
+/**
+ * Internal structural shape of a Zod v3 schema — carries the inferred
+ * output type on `_output`. Used for type-only detection in `Infer<S>`.
+ *
+ * @internal
+ */
+interface ZodV3LikeSchema<O = unknown> {
+  _output: O
+  safeParse(data: unknown): unknown
+}
+
+/**
+ * Internal structural shape of a TypeBox `TSchema` — carries the inferred
+ * output type on the phantom `static` field. Only used inside socket-lib
+ * for type-only detection in `Infer<S>`; external callers should pass
+ * Zod schemas.
+ *
+ * @internal
+ */
+interface TypeBoxLikeSchema {
+  static: unknown
+}
+
+/**
+ * Any schema kind the validators accept.
+ */
+export type AnySchema =
+  | ZodV4LikeSchema<unknown>
+  | ZodV3LikeSchema<unknown>
+  | TypeBoxLikeSchema
+  | Schema<unknown>
+
+/**
+ * Infer the validated output type from any supported schema kind.
+ *
+ * Order matters: TypeBox schemas carry a phantom `static` field, so we
+ * check for TypeBox before falling through to Zod and the duck-type.
+ */
+export type Infer<S> = S extends { static: infer Static }
+  ? Static
+  : S extends { _zod: { output: infer O } }
+    ? O
+    : S extends { _output: infer O }
+      ? O
+      : S extends Schema<infer T>
+        ? T
+        : unknown
+
+/**
+ * A single normalized validation error.
+ */
+export interface ValidationIssue {
+  /** Array path into the value (e.g. `['user', 'age']`). */
+  path: Array<string | number>
+  /** Human-readable description of the failure. */
+  message: string
+}
+
+/**
+ * Tagged-union result of `validateSchema`. Callers narrow on `ok`.
+ */
+export type ValidateResult<T> =
+  | { ok: true; value: T }
+  | { ok: false; errors: ValidationIssue[] }
diff --git a/src/schema/validate.ts b/src/schema/validate.ts
@@ -0,0 +1,170 @@
+/**
+ * @fileoverview Universal schema validator — non-throwing.
+ *
+ * Accepts any Zod-shaped schema (`.safeParse`-exposing) and returns a tagged
+ * result `{ ok: true, value } | { ok: false, errors }` with normalized
+ * `{ path, message }` issues. No runtime dependency on `zod` — detection
+ * is purely structural.
+ *
+ * @internal
+ * socket-lib additionally recognizes TypeBox schemas for its own internal
+ * use (e.g. `src/ipc.ts`'s stub-file validation). That path is not a
+ * supported consumer API.
+ *
+ * @example
+ * ```ts
+ * import { z } from 'zod'
+ * import { validateSchema } from '@socketsecurity/lib/schema/validate'
+ *
+ * const User = z.object({ name: z.string() })
+ * const r = validateSchema(User, data)
+ * if (r.ok) r.value.name // string
+ * else r.errors           // ValidationIssue[]
+ * ```
+ */
+
+import type {
+  Infer,
+  ParseResult,
+  ValidateResult,
+  ValidationIssue,
+} from './types'
+
+/**
+ * Detect a TypeBox schema structurally: object with a symbol key whose
+ * description is `'TypeBox.Kind'`, holding a string value.
+ *
+ * @internal
+ */
+function isTypeBoxSchema(schema: unknown): boolean {
+  if (schema === null || typeof schema !== 'object') {
+    return false
+  }
+  for (const sym of Object.getOwnPropertySymbols(schema)) {
+    if (sym.description === 'TypeBox.Kind') {
+      return typeof (schema as Record<symbol, unknown>)[sym] === 'string'
+    }
+  }
+  return false
+}
+
+/**
+ * Normalize a TypeBox `ValueError` iterator into plain issues.
+ * TypeBox paths are JSON Pointers (`/user/0/name`); convert to arrays.
+ *
+ * @internal
+ */
+function normalizeTypeBoxErrors(
+  errors: Iterable<{ path: string; message: string }>,
+): ValidationIssue[] {
+  const out: ValidationIssue[] = []
+  for (const err of errors) {
+    const segs = err.path.split('/').filter(Boolean)
+    out.push({
+      path: segs.map(s => {
+        const n = Number(s)
+        return Number.isInteger(n) && String(n) === s ? n : s
+      }),
+      message: err.message,
+    })
+  }
+  return out
+}
+
+/**
+ * Normalize a Zod error object (v3 or v4) into plain issues.
+ * Both versions expose `.issues: Array<{ path, message }>`.
+ *
+ * @internal
+ */
+function normalizeZodError(err: unknown): ValidationIssue[] {
+  if (err === null || typeof err !== 'object') {
+    return [{ path: [], message: String(err) }]
+  }
+  const issues = (err as { issues?: unknown }).issues
+  if (!Array.isArray(issues)) {
+    return [{ path: [], message: 'Unknown validation error' }]
+  }
+  return issues.map(issue => {
+    const i = issue as {
+      path?: Array<string | number>
+      message?: string
+    }
+    return {
+      path: Array.isArray(i.path) ? i.path : [],
+      message: typeof i.message === 'string' ? i.message : 'Invalid value',
+    }
+  })
+}
+
+/**
+ * Validate `data` against a Zod-style `schema`. Non-throwing.
+ *
+ * The return type narrows `value` to `Infer<S>`, so callers get
+ * `z.infer<typeof S>` with no casts. Errors are normalized to
+ * `{ path, message }` regardless of the underlying validator.
+ *
+ * @throws {TypeError} When `schema` is not a recognized validator kind.
+ */
+export function validateSchema<S>(
+  schema: S,
+  data: unknown,
+): ValidateResult<Infer<S>> {
+  // Internal TypeBox path: socket-lib uses TypeBox schemas in a few
+  // places (e.g. src/ipc.ts), detected here via the structural
+  // `[Kind]: string` marker. Not a supported consumer API. The runtime
+  // is loaded lazily from the bundled external under `src/external/`.
+  if (isTypeBoxSchema(schema)) {
+    // eslint-disable-next-line @typescript-eslint/no-require-imports
+    const { Value } = require('../external/@sinclair/typebox/value') as {
+      Value: {
+        Check(schema: unknown, value: unknown): boolean
+        Errors(
+          schema: unknown,
+          value: unknown,
+        ): Iterable<{ path: string; message: string }>
+      }
+    }
+    if (Value.Check(schema, data)) {
+      return { ok: true, value: data as Infer<S> }
+    }
+    return {
+      ok: false,
+      errors: normalizeTypeBoxErrors(Value.Errors(schema, data)),
+    }
+  }
+
+  // Zod / Schema<T> duck-type path: any object exposing `.safeParse`.
+  if (
+    schema !== null &&
+    typeof schema === 'object' &&
+    typeof (schema as { safeParse?: unknown }).safeParse === 'function'
+  ) {
+    const result = (
+      schema as unknown as {
+        safeParse(
+          data: unknown,
+        ):
+          | ParseResult<unknown>
+          | { success: true; data: unknown }
+          | { success: false; error: unknown }
+      }
+    ).safeParse(data)
+
+    if ((result as { success: boolean }).success === true) {
+      return {
+        ok: true,
+        value: (result as { data: unknown }).data as Infer<S>,
+      }
+    }
+    return {
+      ok: false,
+      errors: normalizeZodError((result as { error: unknown }).error),
+    }
+  }
+
+  throw new TypeError(
+    'validateSchema: unsupported schema kind. Expected a Zod schema or ' +
+      'an object with a safeParse method.',
+  )
+}
