TTC
Theo's Typesafe Cult17mo ago
Sturlen

Should you validate the output of DB query?

I know user input should always be validated before being stored in a DB, but what about query results? should they also be validated with zod or in a tRPC output function? interested to know if anyone has any thoughts on this.
Solution:
I personally wouldn't bother with it unless I'm transforming it further but if you want to do it you can either manually schema.parse in the body or rely on the .output property of the procedure to ensure its what you want
Jump to solution
2 Replies
Neto
Neto17mo ago
trpc allows you to validate the output
Solution
Keef
Keef17mo ago
I personally wouldn't bother with it unless I'm transforming it further but if you want to do it you can either manually schema.parse in the body or rely on the .output property of the procedure to ensure its what you want
Want results from more Discord servers?
Add your server