data-validation
Validate untrusted data at boundaries with schema-based contracts — types, ranges, enums, regex, uniqueness, referential integrity, freshness — so bad input is rejected with precise errors at ingestion, not found later in a dashboard. Covers Zod/Pydantic/JSON-Schema, sanitization vs validation, parse-don't-validate.
Included with Vanara Pro ($10/mo) — unlocks all 206 items. See pricing →
Overview
Untrusted data is anything you didn't create yourself in this process: HTTP request bodies, query params, file uploads, message-queue payloads, third-party API responses, env vars, and rows from a feed you don't own. The rule is simple and absolute: validate at the boundary, reject loudly, and only let typed, known-good data into your core logic. Catching a bad value at ingestion is cheap; finding
What it covers
- Mental model: parse, don't validate
- Define an explicit contract
- Validate at the boundary, fail fast
- Sanitization vs validation — not the same thing
- Beyond field rules: cross-field and global checks
- Trust boundaries and defense in depth
- Validation Errors — Precise, Actionable, Loud
- Schema Libraries — Zod vs Pydantic vs JSON-Schema