From harness-claude
Defines DTO classes with class-validator decorators for validating NestJS request payloads, including nested objects, partial updates, and Swagger integration.
How this skill is triggered — by the user, by Claude, or both
Slash command
/harness-claude:nestjs-dto-validationThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
> Validate request payloads with class-validator, class-transformer, and DTO patterns
Validate request payloads with class-validator, class-transformer, and DTO patterns
npm install class-validator class-transformer
import {
IsEmail,
IsString,
MinLength,
IsOptional,
IsEnum,
ValidateNested,
Type,
} from 'class-validator';
export enum UserRole {
ADMIN = 'admin',
USER = 'user',
}
export class CreateUserDto {
@IsEmail()
email: string;
@IsString()
@MinLength(8, { message: 'Password must be at least 8 characters' })
password: string;
@IsOptional()
@IsString()
displayName?: string;
@IsEnum(UserRole)
role: UserRole = UserRole.USER;
}
@ValidateNested() + @Type():export class AddressDto {
@IsString() street: string;
@IsString() city: string;
@IsPostalCode('US') zip: string;
}
export class CreateOrderDto {
@ValidateNested()
@Type(() => AddressDto)
shippingAddress: AddressDto;
@IsArray()
@ValidateNested({ each: true })
@Type(() => LineItemDto)
items: LineItemDto[];
}
PartialType from @nestjs/mapped-types:import { PartialType } from '@nestjs/mapped-types';
export class UpdateUserDto extends PartialType(CreateUserDto) {}
@ApiProperty alongside validators:@ApiProperty({ example: '[email protected]' })
@IsEmail()
email: string;
Or use @nestjs/swagger's @ApiProperty auto-generation via PickType, OmitType, IntersectionType.
ValidationPipe globally with whitelist: true and transform: true (see nestjs-pipes-pattern).DTOs (Data Transfer Objects) define the shape of data flowing into your API. They serve three purposes simultaneously: validation, transformation, and documentation.
Common class-validator decorators:
@IsString(), @IsNumber(), @IsBoolean(), @IsDate()@IsEmail(), @IsUrl(), @IsUUID(), @IsPostalCode()@IsEnum(MyEnum), @IsIn(['a', 'b', 'c'])@Min(n), @Max(n), @MinLength(n), @MaxLength(n)@IsArray(), @ArrayMinSize(n), @ArrayMaxSize(n)@IsOptional() — skips validation if the field is absent or undefined@IsDefined() — fails if the field is undefined (stricter than @IsNotEmpty())whitelist: true and forbidNonWhitelisted: true: With whitelist enabled, any property without a decorator is silently removed. With forbidNonWhitelisted, a 400 is thrown instead. Both protect against mass-assignment vulnerabilities.
@Expose() and @Exclude() (class-transformer): When using ClassSerializerInterceptor, decorate response entity fields with @Exclude() to hide sensitive data (passwords, internal IDs). The @Expose() decorator marks which fields to include when excludeExtraneousValues: true is set.
Validation groups: class-validator supports groups for conditional validation. Rarely needed — prefer creating separate DTOs (CreateUserDto vs UpdateUserDto) over validation groups.
https://docs.nestjs.com/techniques/validation
npx claudepluginhub intense-visions/harness-engineering --plugin harness-claudeValidates and transforms request data in NestJS using PipeTransform, ValidationPipe, and custom pipes for DTOs, route params, and query params.
Guides creation of request/response DTOs, applies Symfony Validator constraints, and uses #[MapRequestPayload]/#[MapQueryString] for automatic deserialization and validation.
Scaffolds and configures NestJS modules, controllers, services, DTOs, guards, interceptors, pipes, and validation for enterprise-grade TypeScript backends with REST APIs or GraphQL. Integrates JWT/Passport auth, TypeORM/Prisma, and Swagger docs.