Security Notes

This page collects security notes for schema definitions, custom validators, and exporter usage. It is not required for the first quick start; use it when a schema handles credentials, URLs, regex patterns, or generated database constraints.

Run npm audit --audit-level=moderate.
Confirm that the document examples do not contain real keys, tokens, or passwords.
Custom regex should avoid catastrophic backtracking.
Custom validators should not execute code generated by untrusted input.

Current recommendations

Complete tests and build validation should be re-run after dependency upgrades.

Corresponding sample file

Example entry: security-checklist.ts Description: Use placeholder tokens, restricted character sets, and explicit URL validation to demonstrate how to write "do not expose real credentials" and "regular expressions must be bounded" in the document.

#Security Notes

#Before publishing schema-related code

#Current recommendations

#Corresponding sample file

Security Notes

Before publishing schema-related code

Current recommendations

Corresponding sample file