Skip to content

refactor: split up bridge quote validators#9413

Open
micaelae wants to merge 9 commits into
mainfrom
swaps4546-refactor-validators
Open

refactor: split up bridge quote validators#9413
micaelae wants to merge 9 commits into
mainfrom
swaps4546-refactor-validators

Conversation

@micaelae

@micaelae micaelae commented Jul 7, 2026

Copy link
Copy Markdown
Member

Explanation

References

Checklist

  • I've updated the test suite for new or updated code as appropriate
  • I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate
  • I've communicated my changes to consumers by updating changelogs for packages I've changed
  • I've introduced breaking changes in this PR and have prepared draft pull requests for clients and consumer packages to resolve them

Note

Medium Risk
Large refactor across bridge quote parsing and package exports, with stricter/slimmer step schemas and renamed validators—consumers on deep imports or rich step payloads could break until aligned with V2.

Overview
Replaces the monolithic utils/validators.ts with a src/validators/ module layout (quote, trade, feature-flags, batch-sell, intent, etc.) ahead of QuoteResponse V2, and wires the controller, fetch layer, selectors, metrics, and tests to the new import paths.

Public surface: index.ts now re-exports quote/trade types and validators from ./validators/* instead of ./types and ./utils/validators; trade type guards move from trade-utils to validators/trade (only extractTradeData stays in trade-utils). validateSwapsTokenObject is renamed to validateBridgeAsset.

Validation behavior: SSE/HTTP quote failures log via new formatStructErrors (path + message) while metrics still use aggregatorId|path keys. Step validation drops protocol, per-step amounts, and related fields; mocks are trimmed to match. Quote gains optional V2-oriented fields (walletAddress, slippage, protocols, metabridge BPS, FeeType.NETWORK / RELAYER). QuoteResponse V1 schema adds optional l1GasFeesInHexWei / nonEvmFeesInNative on the struct; legacy fee types in types.ts are marked deprecated.

Cleanup: Removes Protocol / ProtocolSchema from shared types; trims eslint suppressions; changelog notes the validator split.

Reviewed by Cursor Bugbot for commit f262909. Bugbot is set up for automated code reviews on this repo. Configure here.

@micaelae micaelae force-pushed the swaps4546-refactor-validators branch from a3b1b6c to 86125be Compare July 7, 2026 17:08
@micaelae micaelae force-pushed the swaps4546-refactor-validators branch from 6513b61 to 4092316 Compare July 7, 2026 19:29
@micaelae micaelae marked this pull request as ready for review July 7, 2026 19:39
@micaelae micaelae requested review from a team as code owners July 7, 2026 19:39
@micaelae micaelae temporarily deployed to default-branch July 7, 2026 19:39 — with GitHub Actions Inactive

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit 2cdd2f6. Configure here.

value: HexString,
data: HexString,
gasLimit: nullable(number()),
effectiveGas: optional(number()),

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Loose hex validation accepts invalid trades

Medium Severity

Trade and intent fields now use a custom HexString pattern (0x plus any alphanumeric characters) instead of isStrictHexString and isValidHexAddress. Malformed to/from lengths and non-hex characters in value/data (and intent token addresses) can pass quote validation and reach downstream signing or submission.

Additional Locations (1)
Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 2cdd2f6. Configure here.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is intentional. Clients should use whatever the backend provides

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant