{"id":29821083,"url":"https://github.com/axotion/class-validator-security-enhancer","last_synced_at":"2025-07-28T23:40:08.913Z","repository":{"id":305190007,"uuid":"1022207489","full_name":"axotion/class-validator-security-enhancer","owner":"axotion","description":"AI-powered security enhancement tool for class-validator DTOs and request objects. ","archived":false,"fork":false,"pushed_at":"2025-07-18T16:34:32.000Z","size":13,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-07-18T20:51:40.148Z","etag":null,"topics":["class-validator","nestjs","security"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/axotion.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-07-18T16:29:18.000Z","updated_at":"2025-07-18T19:37:10.000Z","dependencies_parsed_at":"2025-07-18T20:51:43.414Z","dependency_job_id":"39d6a14b-536c-4325-9b0c-29c912317217","html_url":"https://github.com/axotion/class-validator-security-enhancer","commit_stats":null,"previous_names":["axotion/class-validator-security-enhancer"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/axotion/class-validator-security-enhancer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/axotion%2Fclass-validator-security-enhancer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/axotion%2Fclass-validator-security-enhancer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/axotion%2Fclass-validator-security-enhancer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/axotion%2Fclass-validator-security-enhancer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/axotion","download_url":"https://codeload.github.com/axotion/class-validator-security-enhancer/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/axotion%2Fclass-validator-security-enhancer/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267604812,"owners_count":24114554,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-28T02:00:09.689Z","response_time":68,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["class-validator","nestjs","security"],"created_at":"2025-07-28T23:40:04.790Z","updated_at":"2025-07-28T23:40:08.890Z","avatar_url":"https://github.com/axotion.png","language":"TypeScript","readme":"# Class Validator Security Enhancer\n\nAI-powered security enhancement tool for [class-validator](https://github.com/typestack/class-validator). This tool automatically scans your TypeScript files and enhances them with robust security validation decorators using Google's Gemini AI.\n\n## 🔧 Features\n\n- **AI-Powered Enhancement**: Uses Google Gemini models to intelligently enhance validation\n- **Multiple Model Support**: Choose from Gemini 2.5 Flash, Gemini 2.5 Pro\n- **Configurable Patterns**: Scan custom file patterns or default `.request.ts`/`.dto.ts` files\n- **In-Place Modification**: Modifies original files for easy pull request creation\n- **Cost Calculation**: Shows token usage and pricing estimates before processing\n- **Security-First**: Focuses on critical security patterns for tokens, IDs, and user inputs\n\n## 🛠 Installation\n\n```bash\n# Clone the repository\ngit clone https://github.com/axotion/class-validator-security-enhancer.git\ncd class-validator-security-enhancer\n\n# Install dependencies using Bun\nbun install\n\n# Set up your Google AI API key\nexport GOOGLE_GENERATIVE_AI_API_KEY=\"your-api-key-here\"\n```\n\n## 📖 Usage\n\n```bash\n# Run the security enhancer on your project\nbun run main.ts /path/to/your/project\n\n# Or use the npm scripts\nbun start /path/to/your/project\n```\n\n## 🔒 Security Enhancements Applied\n\n### Critical Token/ID Security\n```typescript\n// ❌ BEFORE (Vulnerable)\n@IsString()\nuserToken: string;\n\n// ✅ AFTER (Secure)\n@IsUUID(4)\n@IsNotEmpty()\n@Matches(/^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i)\nuserToken: string;\n```\n\n### Email Security\n```typescript\n// ❌ BEFORE\n@IsString()\nemail: string;\n\n// ✅ AFTER\n@IsEmail()\n@MaxLength(255)\n@Transform(({ value }) =\u003e value?.toLowerCase()?.trim())\nemail: string;\n```\n\n### Array Security\n```typescript\n// ❌ BEFORE\n@IsArray()\ntags: string[];\n\n// ✅ AFTER\n@IsArray()\n@ArrayMaxSize(100)\n@ArrayNotEmpty()\n@IsString({ each: true })\n@MaxLength(50, { each: true })\ntags: string[];\n```\n\n## 🎯 Target Patterns\n\nThe tool automatically detects and secures:\n\n- **Tokens \u0026 IDs**: `userToken`, `contextId`, `sessionToken`, `apiKey`\n- **Authentication**: `email`, `password`, `role`\n- **User Input**: Search queries, descriptions, file names\n- **Arrays**: Size limits, element validation, uniqueness\n- **Nested Objects**: Proper `@ValidateNested()` usage\n- **Enums**: Replace `@IsString()` with `@IsEnum()`\n\n## 📝 Requirements\n\n- **Bun**: \u003e= 1.0.0\n- **Google AI API Key**: For Gemini model access\n- **TypeScript Files**: Works with `.ts` and `.js` files containing `@ApiProperty()` decorators\n\n## 🤝 Contributing\n\n1. Fork the repository\n2. Create a feature branch\n3. Make your changes\n4. Run the tool on test files to verify functionality\n5. Submit a pull request\n\n## 📄 License\n\nMIT License - see LICENSE file for details\n\n## ⚠️ Important Notes\n\n- **Backup your code** before running the tool\n- **Review changes** carefully before committing\n- **Test thoroughly** after enhancement\n- The tool modifies files in-place for easy PR creation\n- Always validate that your application still works after enhancement\n\n## 🛡️ Security Best Practices\n\nThis tool enforces these critical security patterns:\n\n1. **UUID Validation**: All tokens and IDs use proper UUID format validation\n2. **Input Sanitization**: Email normalization, string trimming, safe character patterns\n3. **Array Limits**: Prevent DoS attacks with size limits and element validation\n4. **Enum Enforcement**: Replace string validation with proper enum validation\n5. **Injection Prevention**: Strict pattern matching for user inputs\n6. **Transform Security**: Automatic sanitization of common input types\n\n---\n\n**Remember**: Security is not a one-time fix but an ongoing process. This tool helps establish a strong foundation, but always review and test your validation logic!\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faxotion%2Fclass-validator-security-enhancer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faxotion%2Fclass-validator-security-enhancer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faxotion%2Fclass-validator-security-enhancer/lists"}