Skip to content

fix(backend): Add input validation and sanitization across all DTOs #398

Description

@KuchiMercy

Description

Not all DTOs have complete class-validator decorators. Audit and harden all DTOs across all modules.

DTO locations: src/modules/escrow/dto/, admin/dto/, assets/dto/, auth/dto/
Library: class-validator and class-transformer (installed)

Acceptance Criteria

  • Audit every DTO and list fields missing validation decorators
  • Add @IsString(), @IsNotEmpty() to all required string fields
  • Add @IsUUID() to all ID fields
  • Add @MinLength() and @MaxLength() to text fields
  • Add @Matches() with Stellar public key regex for address fields
  • Add @IsNumber(), @Min(), @Max() to amount fields
  • Add @IsOptional() to nullable fields
  • Add @IsEnum() for enum-typed fields
  • Enable global ValidationPipe with whitelist and forbidNonWhitelisted
  • Create @IsStellarAddress() custom decorator
  • Unit tests for each DTO

Points: 100

Metadata

Metadata

Assignees

Labels

Stellar WaveIssues in the Stellar wave programbackendbugSomething isn't workinggood first issueGood for newcomersphase-1Sprint 1-2: Foundation & StabilitysecuritySecurity improvements

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions