Skip to content

Epic: Boundary validation consolidation #267

Description

@krisarmstrong

Goal

Consolidate stem's already-decent boundary validation into a structured layer matching seed + niac.

Context

Stem is in the best shape of the three sibling repos but has gaps. Audited 2026-05-24:

  • decodeJSONStrict() helper in internal/api/server.go (good — used by auth/license/recovery/settings handlers)
  • ❌ Post-decode validation is inline per-handler and inconsistent (e.g., testType == "" defaults, interface existence checks)
  • ❌ TS side relies on hand-rolled type guards: isStemRole(), isModeUpdateResponse() in ui/src/contexts/RoleContext.tsx
  • ❌ SSE consumer has no per-frame validation
  • ❌ No schema generation; TS types hand-written and silently drift from Go structs

Children

Phasing

Phase Children Goal
2. Go validators #268 Declarative tags replace inline checks
3. Schema gen pipeline #269, #270, #271 One source of truth: Go struct → JSON Schema → TS types
4. Trust boundary parsers #272 Validate SSE frames + outbound API responses

Tech choices

  • Go validator: github.com/go-playground/validator/v10
  • Schema generator: github.com/invopop/jsonschema (mirrors NIAC's reference impl)
  • TS codegen: json-schema-to-typescript
  • TS runtime parser: valibot

Cross-repo

Metadata

Metadata

Assignees

Labels

area: frontendFrontend area.priority: mediumUseful work with normal priority.type: epicTracking issue that groups related work.type: securitySecurity vulnerability or hardening work.

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions