From harness-claude
Validates and transforms request data in NestJS using PipeTransform, ValidationPipe, and custom pipes for DTOs, route params, and query params.
How this skill is triggered — by the user, by Claude, or both
Slash command
/harness-claude:nestjs-pipes-patternThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
> Validate and transform request data with PipeTransform, ValidationPipe, and custom pipes
Validate and transform request data with PipeTransform, ValidationPipe, and custom pipes
main.ts (recommended for most applications):app.useGlobalPipes(
new ValidationPipe({
whitelist: true, // strip properties not in DTO
forbidNonWhitelisted: true, // throw on extra properties
transform: true, // auto-transform payload to DTO class instance
transformOptions: { enableImplicitConversion: true },
})
);
@Get(':id')
findOne(@Param('id', ParseUUIDPipe) id: string) { ... }
@Get(':page')
list(@Query('page', ParseIntPipe) page: number) { ... }
@Param('status', new ParseEnumPipe(UserStatus)) status: UserStatus
import { IsEmail, IsString, MinLength, IsOptional } from 'class-validator';
export class CreateUserDto {
@IsEmail()
email: string;
@IsString()
@MinLength(8)
password: string;
@IsOptional()
@IsString()
displayName?: string;
}
PipeTransform<T, R>:@Injectable()
export class TrimPipe implements PipeTransform<string, string> {
transform(value: string): string {
if (typeof value !== 'string') return value;
return value.trim();
}
}
Apply custom pipes at the parameter level: @Body('name', TrimPipe) name: string.
For pipes that may fail (e.g., parsing), throw BadRequestException rather than returning null.
Pipes serve two roles: validation (throw if invalid) and transformation (convert to the expected type). Both happen before the handler executes.
whitelist: true behavior: ValidationPipe strips any property on the incoming JSON that has no corresponding decorator in the DTO. This prevents mass-assignment attacks where clients send unexpected fields (e.g., isAdmin: true). forbidNonWhitelisted: true goes further and throws a 400 if any extra property is present.
transform: true: Without this, @Body() dto: CreateUserDto gives you a plain object, not a CreateUserDto instance. With it, NestJS runs class-transformer's plainToInstance automatically so you get a proper class instance and @Type() decorators work correctly.
Class-validator integration: All class-validator decorators (@IsEmail(), @IsUUID(), @IsEnum(), @Min(), @Max(), etc.) work with ValidationPipe. Nested DTOs require @ValidateNested() combined with @Type(() => NestedDto).
Scope: Pipes can be applied at four levels (most specific wins):
app.useGlobalPipes()@UsePipes()@UsePipes()@Param('id', ParseUUIDPipe)Async pipes: transform() can return Promise<R>. This enables async validation (e.g., checking a database for uniqueness), though this is better done at the service layer.
npx claudepluginhub intense-visions/harness-engineering --plugin harness-claudeDefines DTO classes with class-validator decorators for validating NestJS request payloads, including nested objects, partial updates, and Swagger integration.
Provides NestJS architecture patterns for building modular, production-grade TypeScript backends with validation, guards, interceptors, and config.
Implements NestJS guards and interceptors for authentication, authorization, logging, and request/response transformation. Covers CanActivate, ExecutionContext, and JWT patterns for cross-cutting concerns.