Improve error message for invalid JSON values (#224)

Mrtenz · web-flow · commit f3d602aa8ab8 · 2024-12-10T13:28:53.000+01:00
Currently we use `assertStruct` in the `JsonStruct`, to ensure that the
value is JSON-serialisable before coercing it. `assertStruct` returns a
generic `AssertionError`, and Superstruct doesn't have any information
about where the error was thrown (such as the path). Given the following
struct for example:

```ts
const ExampleStruct = object({
  value: JsonStruct,
});
```

An invalid `value` would result in an `AssertionError` with the
following message:

&gt; Assertion failed: Expected a value of type `JSON`, but received:
`undefined`.

After this change, a `StructError` is thrown instead, with the following
message:

&gt; At path: value -- Expected a value of type `JSON`, but received:
`undefined`.

This makes it more clear that the error happens at `value`, and it also
makes more sense to throw a `StructError` in this case.
diff --git a/src/json.test.ts b/src/json.test.ts
@@ -239,6 +239,18 @@ describe('json', () => {
         'Expected a value of type `JSON`, but received: `undefined`',
       );
     });
+
+    it('returns a readable error message for a nested JsonStruct', () => {
+      const struct = object({
+        value: JsonStruct,
+      });
+
+      const [error] = validate({ value: undefined }, struct);
+      assert(error !== undefined);
+      expect(error.message).toBe(
+        'At path: value -- Expected a value of type `JSON`, but received: `undefined`',
+      );
+    });
   });
 
   describe('getSafeJson', () => {
diff --git a/src/json.ts b/src/json.ts
@@ -16,6 +16,7 @@ import {
   union,
   unknown,
   Struct,
+  refine,
 } from '@metamask/superstruct';
 import type {
   Context,
@@ -215,18 +216,20 @@ export const UnsafeJsonStruct: Struct<Json> = define('JSON', (json) =>
  * This struct sanitizes the value before validating it, so that it is safe to
  * use with untrusted input.
  */
-export const JsonStruct = coerce(UnsafeJsonStruct, any(), (value) => {
-  assertStruct(value, UnsafeJsonStruct);
-  return JSON.parse(
-    JSON.stringify(value, (propKey, propValue) => {
-      // Strip __proto__ and constructor properties to prevent prototype pollution.
-      if (propKey === '__proto__' || propKey === 'constructor') {
-        return undefined;
-      }
-      return propValue;
-    }),
-  );
-});
+export const JsonStruct = coerce(
+  UnsafeJsonStruct,
+  refine(any(), 'JSON', (value) => is(value, UnsafeJsonStruct)),
+  (value) =>
+    JSON.parse(
+      JSON.stringify(value, (propKey, propValue) => {
+        // Strip __proto__ and constructor properties to prevent prototype pollution.
+        if (propKey === '__proto__' || propKey === 'constructor') {
+          return undefined;
+        }
+        return propValue;
+      }),
+    ),
+);
 
 /**
  * Check if the given value is a valid {@link Json} value, i.e., a value that is
