/** * JSON-safe validation schemas * * Provides Zod schemas that guarantee JSON roundtrip safety: * - Rejects NaN, Infinity, -Infinity (not valid JSON numbers) * - Rejects undefined (dropped by JSON.stringify) * - Rejects non-plain objects (Date, Map, Set, class instances) * - Rejects functions, symbols, bigints */ import { z } from 'zod'; import type { JsonValue, JsonObject, JsonArray } from '@peac/kernel'; /** * JSON primitive schema - string, finite number, boolean, null */ export declare const JsonPrimitiveSchema: z.ZodUnion; /** * JSON value schema - recursive type for any valid JSON value * * Validates: * - Primitives: string, finite number, boolean, null * - Arrays: containing valid JSON values * - Objects: plain objects with string keys and valid JSON values * * Rejects: * - undefined (dropped by JSON.stringify) * - NaN, Infinity, -Infinity (become null in JSON) * - BigInt (throws in JSON.stringify) * - Date (becomes ISO string - implicit conversion) * - Map, Set (become {} in JSON) * - Functions, Symbols (dropped by JSON.stringify) * - Class instances (prototype chain lost) */ export declare const JsonValueSchema: z.ZodType; /** * JSON object schema - plain object with string keys and JSON values * * Rejects non-plain objects (Date, Map, Set, class instances). */ export declare const JsonObjectSchema: z.ZodType; /** * JSON array schema - array of JSON values */ export declare const JsonArraySchema: z.ZodType; /** * Default limits for JSON evidence validation. * * Derived from KERNEL_CONSTRAINTS (single source of truth). * These are conservative defaults to prevent DoS attacks via deeply nested * or excessively large JSON structures. */ export declare const JSON_EVIDENCE_LIMITS: { /** Maximum nesting depth (default: 32) */ readonly maxDepth: 32; /** Maximum array length (default: 10,000) */ readonly maxArrayLength: 10000; /** Maximum object keys (default: 1,000) */ readonly maxObjectKeys: 1000; /** Maximum string length in code units (default: 65,536) */ readonly maxStringLength: 65536; /** Maximum total nodes to visit (default: 100,000) */ readonly maxTotalNodes: 100000; }; /** * Limits for JSON evidence validation * * @internal - Not part of public API. Use validateEvidence() with defaults. * * For testing only: import via UNSAFE_JsonEvidenceLimits */ export interface JsonEvidenceLimits { maxDepth?: number; maxArrayLength?: number; maxObjectKeys?: number; maxStringLength?: number; maxTotalNodes?: number; } /** * Result of JSON safety validation */ export type JsonSafetyResult = { ok: true; } | { ok: false; error: string; path: (string | number)[]; }; /** * Iterative JSON safety validator * * Validates that a value is JSON-safe without using recursion, preventing * stack overflow on deeply nested structures. Uses an explicit stack for * traversal with entry/exit markers for correct cycle detection. * * Cycle Detection: * Uses a path-based approach where only objects on the current traversal * path are tracked. This correctly allows diamond structures (same object * referenced from multiple paths) while rejecting actual cycles (object * references itself through its descendants). * * Rejects: * - Cycles (object references itself directly or indirectly) * - Non-plain objects (Date, Map, Set, class instances) * - Non-finite numbers (NaN, Infinity, -Infinity) * - undefined, BigInt, functions, symbols * - Structures exceeding depth/size limits * * Allows: * - Diamond structures (same object referenced from multiple paths) * * @param value - Value to validate * @param limits - Optional limits (defaults to JSON_EVIDENCE_LIMITS) * @returns Result indicating success or failure with error details */ export declare function assertJsonSafeIterative(value: unknown, limits?: JsonEvidenceLimits): JsonSafetyResult; //# sourceMappingURL=json.d.ts.map