New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added new custom email validator #90
Conversation
refs https://github.com/TryGhost/Team/issues/2235 The `validator` package used in our codebase is stuck on an old version due to some constraints. The `isEmail` check on the old version is unable to detect some invalid email addresses causing them to sneak through and get stored. This change adds a custom `isEmail` validator picked from the latest version of `validator` package, and allows us to gradually update the email checks to use the new version so we can prevent invalid email addresses to enter the system.
packages/validator/lib/validator.js
Outdated
validators.isEmail = function isEmail(str, options = {}) { | ||
assertString(str); | ||
// Use the latest email validator if the option is set | ||
if (options?.latest) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ErisDS The only thing i'd like to get a sense check on this PR is naming for the option that determines if the new email validator should be used instead of default, have named it as latest
to denote using the latest version of email validator.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd like to leave an issue open to clean this up, so we go through and change all the existing calls to explicitly declare they use the old version.
So I'd probably reverse this concept and have the option be called legacy
and have it default to true?
So your call will do isEmail('xxx', {legacy: false})
.
We can then later change the default to be legacy: false
which makes more sense long term?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yup that's way better, I wasn't warming up to latest
! 🙏 I'll clean this up now and add an issue for us to clean up legacy
usage across codebase in future.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated
refs https://github.com/TryGhost/Team/issues/2235
The
validator
package used in our codebase is stuck on an old version due to some constraints. TheisEmail
check on the old version is unable to detect some invalid email addresses causing them to sneak through and get stored. This change adds a customisEmail
validator picked from the latest version ofvalidator
package, and allows us to gradually update the email checks to use the new version so we can prevent invalid email addresses to enter the system.