Description: Some validation rules should differ between development and production. For example, HTTPS requirement for webhook URLs is critical in production but annoying in development.
Requirements:
- Add an
isProduction flag or accept NODE_ENV in validation context
- Make security-critical validations conditional on the environment
- Document which rules are environment-specific
Suggested execution steps:
- Create an
EnvAwareSchema factory that accepts NODE_ENV
- Use
.superRefine() or conditional .refine() based on the env
- Apply to webhook URL, CORS origins, and other security schemas
Example commit message:
feat(validation): add environment-aware validation modes
Security validations (HTTPS, CORS) are now conditional on NODE_ENV,
allowing relaxed rules in development while enforcing them in production.
Description: Some validation rules should differ between development and production. For example, HTTPS requirement for webhook URLs is critical in production but annoying in development.
Requirements:
isProductionflag or acceptNODE_ENVin validation contextSuggested execution steps:
EnvAwareSchemafactory that acceptsNODE_ENV.superRefine()or conditional.refine()based on the envExample commit message: