fix: set defaults during validation to prevent override zero values

[barata0]

Summary by CodeRabbit

Release Notes

• New Features

  • Enhanced input validation with default value handling across various components.
  • Introduced new input types with resolver logic for improved error handling.

• Bug Fixes

  • Improved error handling for input validation failures, ensuring clearer error messages.

• Tests

  • Added new test cases to verify the handling of default values in request bodies.
  • Updated existing tests to utilize the new validation method, ensuring comprehensive coverage.

These changes enhance the robustness and reliability of input handling within the application.

[coderabbitai]

Walkthrough

The changes in this pull request focus on enhancing the validation logic across multiple test files and the core huma library. The primary modification involves replacing calls to huma.Validate with huma.ValidateAndSetDefaults, which not only validates input parameters but also sets default values for omitted fields. New types and methods for input validation were introduced, improving error handling for specific conditions. The overall structure of the benchmarking and validation tests remains intact, but the logic for handling input and defaults is significantly refined.

Changes

File Path	Change Summary
adapters/humabunrouter/humabunrouter_test.go	Enhanced validation logic in BenchmarkRawBunRouter, added GreetingInputWithResolver and GreetingInputWithResolverBody types with resolver methods.
adapters/humachi/humachi_test.go	Updated BenchmarkRawChi to use ValidateAndSetDefaults, enhancing validation for parameters and body.
adapters/humaecho/humaecho_test.go	Modified BenchmarkRawEcho to replace Validate with ValidateAndSetDefaults, improving parameter and body validation.
adapters/humago/humago_test.go	Changed BenchmarkRawGo to utilize ValidateAndSetDefaults for input validation, ensuring defaults are set.
huma.go	Updated Register function to replace Validate with ValidateAndSetDefaults, enhancing input validation and error handling.
huma_test.go	Added a new test case request-body-defaults-respect-input to verify handling of default values in request bodies.
schema_test.go	Replaced Validate with ValidateAndSetDefaults in TestSchema and BenchmarkSchema, enhancing validation logic.
validate.go	Renamed Validate to ValidateAndSetDefaults, integrating default value handling into the validation process.
validate_test.go	Updated multiple test cases to use ValidateAndSetDefaults, ensuring comprehensive validation coverage.

Possibly related PRs

• fix: panic - allow for parameters to be subtype of string #592: This PR modifies the Register function in huma.go to enhance input body validation, which is directly related to the changes made in the main PR regarding validation logic in humabunrouter_test.go.
• refactor: use type switch instead of if-else #595: This PR also updates the Register function in huma.go, focusing on improving the handling of resolvers and error management, which aligns with the enhancements in validation logic introduced in the main PR.

Suggested reviewers

• danielgtaylor

🐇 In the world of code we hop,
Validation's leap, we can't stop!
Defaults set, errors caught,
In every test, our efforts sought.
With each change, our logic grows,
Huma's heart, in code it shows! 🐇

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 20d38ca and cdce3c3.

📒 Files selected for processing (2)

• validate.go (13 hunks)
• validate_test.go (5 hunks)

🔇 Additional comments (11)

validate.go (5)

275-275: LGTM: Function calls updated consistently

The rename from Validate to ValidateAndSetDefaults has been applied consistently across all validation functions.

Also applies to: 293-293, 341-341

---

Line range hint 345-361: LGTM: Documentation updated appropriately

The function documentation has been updated to reflect the new behavior of setting default values, and the example code correctly shows the new function name.

---

607-609: Consider extracting duplicate default value logic

The default value setting logic is duplicated between handleMapString and handleMapAny. This was previously flagged in past reviews but hasn't been addressed yet.

Also applies to: 729-731

---

580-580: LGTM: Function calls updated consistently

The rename from Validate to ValidateAndSetDefaults has been applied consistently throughout the codebase.

Also applies to: 668-668, 777-777, 808-808, 872-872

---

Line range hint 345-361: Verify the impact of default value modification

The function now modifies the input by setting default values. Verify that all callers are aware of and expect this behavior.

✅ Verification successful

Let me analyze the function calls to understand the context better.

---

Let me check one more aspect to understand how defaults are actually set.

---

Based on the gathered information, I can now provide the final response:

Default value setting behavior is documented and expected

The function's default value setting behavior is explicitly documented in the function's comment and properly implemented. The code shows that:

• Default values are only set when a field is nil and has a default value defined (if m[k] == nil && v.Default != nil)
• All callers are test cases or internal validation functions that expect this behavior
• The behavior is part of the public API documentation and example usage

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for all direct calls to ValidateAndSetDefaults to identify affected code
rg "ValidateAndSetDefaults\(" --type go

Length of output: 4273

---

Script:

#!/bin/bash
# Check the documentation and implementation around ValidateAndSetDefaults
rg -B 5 -A 5 "ValidateAndSetDefaults" validate.go

# Look for any existing default value setting behavior
ast-grep --pattern 'Default: $_'

Length of output: 3326

---

Script:

#!/bin/bash
# Look for the implementation of default value setting
rg -B 3 -A 10 "Default" validate.go

# Check test cases that verify default value behavior
rg -B 3 -A 10 "Default" validate_test.go

Length of output: 9539

validate_test.go (6)

1428-1428: LGTM: Consistent with PR objective.

The change from Validate to ValidateAndSetDefaults aligns with the PR's goal to set defaults during validation to prevent overriding zero values.

---

1463-1463: LGTM: Custom error formatter test updated.

The test case for custom error formatting has been correctly updated to use ValidateAndSetDefaults.

---

1486-1486: LGTM: Schema transformer test updated.

The test case for schema transformation has been correctly updated to use ValidateAndSetDefaults.

---

1563-1563: LGTM: Benchmark test updated.

The benchmark test has been correctly updated to use ValidateAndSetDefaults.

---

1682-1682: LGTM: Discriminator test updated.

The test case for discriminator validation has been correctly updated to use ValidateAndSetDefaults.

---

Line range hint 1428-1682: Verify test coverage for zero values.

While the changes look good, we should ensure there are test cases that specifically verify the handling of zero values during validation.

Consider adding test cases that explicitly verify:

1. Zero values are not overridden by defaults
2. Zero values are properly validated
3. Zero values are handled correctly in nested structures

✅ Verification successful

Let me search for more specific test cases related to zero values, particularly in nested structures and with defaults.

---

Let me try a different approach to search for test cases with nested structures and default values.

---

Based on the search results, I can now provide a final response regarding the test coverage for zero values.

Test coverage for zero values is adequate and well-implemented

The codebase already has comprehensive test coverage for zero values across different scenarios:

• Zero numeric values are tested in minimum/maximum validation cases (e.g., input: map[string]any{"value": 0})
• Empty strings are tested in minLength validation cases (e.g., input: map[string]any{"value": ""})
• Null/nil values are tested for optional and nullable fields (e.g., input: map[string]any{"value": nil})
• Empty arrays/maps are tested in minItems/minProperties validation cases
• Zero values are properly tested with various validation rules including:
  • Required fields
  • Minimum/maximum constraints
  • Length constraints
  • Pattern matching
  • Enum validation

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for test cases involving zero values
# Test: Search for test cases with zero values. Expect: Test cases that verify zero value handling.
rg -A 5 'input: .*0[^0-9]' validate_test.go

Length of output: 5117

---

Script:

#!/bin/bash
# Search for test cases with default values and nested structures
rg -A 5 'default:' validate_test.go

# Search for test cases with nested structures
ast-grep --pattern 'type $_ struct {
  $$$
  $_  struct {
    $$$
  } `json:"$_"`
  $$$
}'

Length of output: 128

---

Script:

#!/bin/bash
# Search for struct definitions in test file
ast-grep --pattern 'type $_ struct {
  $$$
}'

# Search for test cases with default tag
rg -B 2 -A 2 '`.*default:".*"`' validate_test.go

# Search for validation tests with nested maps or structs
rg -A 5 'input: map\[string\]' validate_test.go

Length of output: 131142

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 6

🧹 Outside diff range and nitpick comments (6)

adapters/humago/humago_test.go (2)

Line range hint 132-139: Optimize request body handling and improve error handling

1. The code performs double JSON unmarshaling which could impact performance in the benchmark.
2. Error handling uses panic which is not ideal for a production environment.

Consider combining the validation and unmarshaling steps:

-		var tmp any
-		if err := json.Unmarshal(data, &tmp); err != nil {
-			panic(err)
-		}
-
-		huma.ValidateAndSetDefaults(registry, schema, pb, huma.ModeWriteToServer, tmp, res)
-		if len(res.Errors) > 0 {
-			panic(res.Errors)
-		}
-
-		var input GreetingInput
-		if err := json.Unmarshal(data, &input); err != nil {
-			panic(err)
-		}
+		var input GreetingInput
+		if err := json.Unmarshal(data, &input); err != nil {
+			res.Errors = append(res.Errors, &huma.ValidationError{
+				Path: "",
+				Code: "json",
+				Message: "invalid JSON format",
+			})
+			return
+		}
+
+		huma.ValidateAndSetDefaults(registry, schema, pb, huma.ModeWriteToServer, input, res)
+		if len(res.Errors) > 0 {
+			w.WriteHeader(http.StatusBadRequest)
+			json.NewEncoder(w).Encode(res.Errors)
+			return
+		}

---

Line range hint 112-135: Consider benchmark implications of validation changes

While the changes to use ValidateAndSetDefaults are correct, note that this might affect benchmark results as it performs additional operations compared to the previous Validate calls. Consider adding comments in the benchmark results to highlight this difference.

adapters/humachi/humachi_test.go (1)

Line range hint 213-217: Consider consistent error handling approach.

While the validation error handling is appropriate, it differs from the error handling approach used for other operations (direct panic vs. panic with errors). Consider standardizing the error handling approach across all validations.

Apply this diff to make the error handling consistent:

 		huma.ValidateAndSetDefaults(registry, schema, pb, huma.ModeWriteToServer, tmp, res)
 		if len(res.Errors) > 0 {
-			panic(res.Errors)
+			panic(err)
 		}

schema_test.go (1)

Line range hint 1187-1457: Consider adding test cases for zero values.

Given that the PR's objective is specifically about preventing override of zero values during validation, it would be beneficial to add test cases that verify this behavior.

Consider adding test cases like:

func TestZeroValueDefaults(t *testing.T) {
    type TestStruct struct {
        IntValue    int     `json:"int_value" default:"42"`
        FloatValue  float64 `json:"float_value" default:"3.14"`
        BoolValue   bool    `json:"bool_value" default:"true"`
    }
    
    cases := []struct {
        name     string
        input    map[string]any
        expected TestStruct
    }{
        {
            name: "explicit zeros should not be overridden",
            input: map[string]any{
                "int_value": 0,
                "float_value": 0.0,
                "bool_value": false,
            },
            expected: TestStruct{
                IntValue: 0,
                FloatValue: 0.0,
                BoolValue: false,
            },
        },
    }
    // ... test implementation
}

validate.go (1)

354-354: Consider adding unit tests for ValidateAndSetDefaults

To ensure the new functionality of setting default values during validation works as expected, consider adding unit tests for ValidateAndSetDefaults.

Would you like assistance in creating test cases for this function?

huma.go (1)

1322-1324: Remove unnecessary commented-out code

The if block at line 1322 is empty due to the commented-out line. To enhance code readability, consider removing the entire if block.

Apply this diff to remove the unused code:

- if item.IsZero() {
-     // item.Set(reflect.Indirect(reflect.ValueOf(def)))
- }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 52482f3 and c46ee1e.

📒 Files selected for processing (9)

• adapters/humabunrouter/humabunrouter_test.go (2 hunks)
• adapters/humachi/humachi_test.go (2 hunks)
• adapters/humaecho/humaecho_test.go (2 hunks)
• adapters/humago/humago_test.go (2 hunks)
• huma.go (3 hunks)
• huma_test.go (1 hunks)
• schema_test.go (3 hunks)
• validate.go (13 hunks)
• validate_test.go (5 hunks)

🧰 Additional context used

🪛 golangci-lint

validate.go

338-338: ommited is a misspelling of omitted

(misspell)

🔇 Additional comments (21)

adapters/humago/humago_test.go (1)

112-112: LGTM: Path parameter validation updated correctly

The change to ValidateAndSetDefaults for the path parameter is appropriate and aligns with the PR's objective.

adapters/humaecho/humaecho_test.go (4)

115-115: LGTM! The change aligns with common header validation practices.

Using ValidateAndSetDefaults for headers is appropriate as they commonly have default values in OpenAPI specifications.

---

135-138: LGTM! Proper validation of request body with defaults.

The implementation correctly validates the raw unmarshaled data before converting to the typed struct, allowing proper handling of default values. This aligns well with the PR objective of preventing override of zero values.

---

Line range hint 1-238: Consider consistent validation approach across benchmarks.

The file contains three benchmark functions (BenchmarkHumaEcho, BenchmarkRawEcho, and BenchmarkRawEchoFast), but only BenchmarkRawEcho is updated to use ValidateAndSetDefaults. Consider updating the validation approach consistently across all benchmark functions to ensure comparable results.

#!/bin/bash
# Description: Check for consistency in validation approach across benchmark files

# Search for benchmark functions using Validate
rg -U 'func Benchmark.*\n[\s\S]*?huma\.Validate\('

# Search for benchmark functions using ValidateAndSetDefaults
rg -U 'func Benchmark.*\n[\s\S]*?huma\.ValidateAndSetDefaults\('

---

112-112: Verify the necessity of setting defaults for path parameters.

Since path parameters are required by nature in the Echo framework and cannot be optional, using ValidateAndSetDefaults here might be unnecessary. Consider whether Validate would be more appropriate for path parameters.

adapters/humabunrouter/humabunrouter_test.go (3)

193-193: LGTM: Proper validation for path parameter.

The change to ValidateAndSetDefaults is appropriate for the path parameter validation.

---

216-219: LGTM: Proper validation sequence for request body.

The validation is correctly performed on the raw JSON data before type-specific unmarshaling, allowing proper default value handling and validation.

---

196-196: Verify default Content-Type handling.

The change to ValidateAndSetDefaults is appropriate. Since Content-Type is an optional header, verify that the default value handling works as expected when the header is missing.

✅ Verification successful

Based on the gathered information, I can now provide the final response:

Content-Type validation is properly implemented with default handling

The validation using ValidateAndSetDefaults for Content-Type is correct and includes proper default value handling. The code validates the Content-Type header in ModeReadFromServer mode, which is appropriate for server-side validation, and the framework includes built-in Content-Type handling with defaults (e.g., "application/json" for JSON format). No issues were found with the implementation.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check if there are any default Content-Type definitions in the schema
# or configuration that would be applied during validation

# Look for Content-Type related schema definitions or defaults
rg -i "content.?type.*default" --type go

Length of output: 294

---

Script:

#!/bin/bash
# Let's examine the actual implementation and usage context

# Check the schema definition and validation logic for Content-Type
rg -A 5 -B 5 "contentType.*default" --type go

# Look for Content-Type related test cases
ast-grep --pattern 'func Test$_($_, $_) {
  $$$
  "Content-Type"
  $$$
}'

# Check for any Content-Type related constants or defaults
rg -A 2 "const.*ContentType" --type go

Length of output: 739

---

Script:

#!/bin/bash
# Let's check the specific validation logic in the humabunrouter package

# Look for Content-Type header handling in the test file
rg -A 5 -B 5 "Header.*Content-Type" adapters/humabunrouter/humabunrouter_test.go

# Check the schema validation implementation
ast-grep --pattern 'ValidateAndSetDefaults($$$)'

# Look for default Content-Type handling in the main implementation
rg -A 5 -B 5 "Content-Type" adapters/humabunrouter/humabunrouter.go

Length of output: 3844

---

Script:

#!/bin/bash
# Let's check the schema validation implementation details

# Look for string schema definition
rg -A 10 "strSchema.*:=" adapters/humabunrouter/humabunrouter_test.go

# Check the validation modes and their handling
rg -A 5 "ModeReadFromServer" --type go

# Look for any default value handling in the schema validation
rg -A 5 "Default.*string" --type go

Length of output: 12526

adapters/humachi/humachi_test.go (1)

190-199: Add test cases for zero value handling.

The changes to use ValidateAndSetDefaults align with the PR objective of preventing zero value overrides. However, the current benchmark test doesn't explicitly verify this behavior.

Consider adding test cases that verify:

1. Zero values are preserved during validation
2. Default values are correctly set when parameters are omitted

schema_test.go (3)

1187-1187: LGTM: Consistent with PR objectives.

The change from Validate to ValidateAndSetDefaults aligns with the PR's goal of properly handling default values during validation.

---

1415-1423: LGTM: Benchmark updated consistently.

The benchmark has been correctly updated to use ValidateAndSetDefaults, maintaining test coverage for the new validation behavior.

---

1449-1457: LGTM: Error handling benchmark updated.

The error handling benchmark has been properly updated to use ValidateAndSetDefaults, ensuring that error cases are still properly tested.

huma_test.go (1)

645-679: LGTM! Well-structured test case for validating default value behavior.

The test case effectively verifies that default values do not override explicitly provided values, particularly for boolean fields where false is a valid value. The test coverage is comprehensive, including:

• Primitive types (string, int)
• Slice types (strings, ints)
• Struct fields within slices (verified, id)

validate.go (2)

700-702: ⚠️ Potential issue

Properly check for missing keys in map before setting defaults

In handleMapAny, the condition m[k] == nil may not correctly identify keys that are absent from the map. To ensure default values are set for omitted fields, use the _, ok := m[k] syntax to check for the key's existence.

Apply this diff:

-if m[k] == nil && v.Default != nil {
+if _, ok := m[k]; !ok && v.Default != nil {
    m[k] = v.Default
}

Likely invalid or redundant comment.

---

601-602: ⚠️ Potential issue

Properly check for missing keys in map before setting defaults

When setting default values for missing properties in a map, using m[k] == nil does not distinguish between an absent key and a key with a nil value. To accurately identify missing keys, use the _, ok := m[k] syntax.

Apply this diff to fix the issue:

-if m[k] == nil && v.Default != nil {
+if _, ok := m[k]; !ok && v.Default != nil {
    m[k] = v.Default
}

Likely invalid or redundant comment.

validate_test.go (5)

1391-1391: Verify tests handle defaults correctly after changing to ValidateAndSetDefaults

By replacing huma.Validate with huma.ValidateAndSetDefaults at line 1391, default values are now being set during validation. Ensure that all test cases in the TestValidate function correctly account for default values being applied, and update any assertions if necessary.

---

1426-1426: Ensure custom error formatting works with defaults

In TestValidateCustomFormatter, changing to huma.ValidateAndSetDefaults may affect how default values influence error messages. Verify that the custom error formatter still produces the expected output when defaults are set during validation.

---

1449-1449: Check schema transformations with defaults applied

For TestValidateSchemaTransformerDeleteField, replacing huma.Validate with huma.ValidateAndSetDefaults means defaults are now set during validation. Confirm that the schema transformation correctly handles default values and that deleted fields do not introduce unexpected behavior.

---

1518-1518: Assess performance impact of setting defaults in benchmarks

In BenchmarkValidate, the change to huma.ValidateAndSetDefaults could impact performance benchmarks due to the additional overhead of setting defaults. Evaluate whether this affects benchmark results significantly and consider if setting defaults is necessary for benchmarking purposes.

---

1637-1637: Validate discriminator handling with defaults

In Test_validateWithDiscriminator, the switch to huma.ValidateAndSetDefaults may affect how discriminators process default values. Ensure that the tests accurately reflect the behavior when defaults are applied and that the discriminator logic remains correct.

huma.go (1)

1171-1171: Correct replacement of Validate with ValidateAndSetDefaults

You've correctly replaced Validate with ValidateAndSetDefaults to ensure that default values are set during parameter validation.

[coderabbitai]

🛠️ Refactor suggestion

Consider adding Content-Type format validation

While the change to ValidateAndSetDefaults is correct, Content-Type headers typically follow a specific format (e.g., "type/subtype"). Consider adding format validation to ensure valid media types.

-		huma.ValidateAndSetDefaults(registry, strSchema, pb, huma.ModeReadFromServer, ct, res)
+		mediaTypeSchema := registry.Schema(reflect.TypeOf(""), false, "format:media-type")
+		huma.ValidateAndSetDefaults(registry, mediaTypeSchema, pb, huma.ModeReadFromServer, ct, res)

Committable suggestion was skipped due to low confidence.

[coderabbitai]

⚠️ Potential issue

Improve error handling for query parameter conversion

The current implementation panics on conversion failure. Consider handling the error gracefully and using the validation result to report the error.

-		num, err := strconv.Atoi(r.URL.Query().Get("num"))
-		if err != nil {
-			panic(err)
-		}
-		huma.ValidateAndSetDefaults(registry, numSchema, pb, huma.ModeReadFromServer, num, res)
+		numStr := r.URL.Query().Get("num")
+		num := 0
+		if numStr != "" {
+			var err error
+			num, err = strconv.Atoi(numStr)
+			if err != nil {
+				res.Errors = append(res.Errors, &huma.ValidationError{
+					Path: "num",
+					Code: "type",
+					Message: "invalid number format",
+				})
+				return
+			}
+		}
+		huma.ValidateAndSetDefaults(registry, numSchema, pb, huma.ModeReadFromServer, num, res)

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	num, err := strconv.Atoi(r.URL.Query().Get("num"))
	if err != nil {
	panic(err)
	}
	huma.Validate(registry, numSchema, pb, huma.ModeReadFromServer, num, res)
	huma.ValidateAndSetDefaults(registry, numSchema, pb, huma.ModeReadFromServer, num, res)
	numStr := r.URL.Query().Get("num")
	num := 0
	if numStr != "" {
	var err error
	num, err = strconv.Atoi(numStr)
	if err != nil {
	res.Errors = append(res.Errors, &huma.ValidationError{
	Path: "num",
	Code: "type",
	Message: "invalid number format",
	})
	return
	}
	}
	huma.ValidateAndSetDefaults(registry, numSchema, pb, huma.ModeReadFromServer, num, res)

[coderabbitai]

🛠️ Refactor suggestion

Consider validating before type conversion.

The current implementation converts the query parameter to integer before validation. This might interfere with default value handling, especially for zero values. Consider validating the raw string value first, then performing the conversion.

-		num, err := strconv.Atoi(c.QueryParam("num"))
-		if err != nil {
-			panic(err)
-		}
-		huma.ValidateAndSetDefaults(registry, numSchema, pb, huma.ModeReadFromServer, num, res)
+		numStr := c.QueryParam("num")
+		huma.ValidateAndSetDefaults(registry, strSchema, pb, huma.ModeReadFromServer, numStr, res)
+		if len(res.Errors) > 0 {
+			panic(res.Errors)
+		}
+		num, err := strconv.Atoi(numStr)
+		if err != nil {
+			panic(err)
+		}

Committable suggestion was skipped due to low confidence.

[coderabbitai]

⚠️ Potential issue

Consider validating before type conversion.

The current implementation returns an error for invalid numbers before ValidateAndSetDefaults can apply any default values. Consider moving the validation before the conversion to allow proper default handling for missing or invalid query parameters.

-		num, err := strconv.Atoi(r.URL.Query().Get("num"))
-		if err != nil {
-			return err
-		}
-		huma.ValidateAndSetDefaults(registry, numSchema, pb, huma.ModeReadFromServer, num, res)
+		numStr := r.URL.Query().Get("num")
+		var num int
+		if numStr != "" {
+			var err error
+			num, err = strconv.Atoi(numStr)
+			if err != nil {
+				return err
+			}
+		}
+		huma.ValidateAndSetDefaults(registry, numSchema, pb, huma.ModeReadFromServer, num, res)

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	num, err := strconv.Atoi(r.URL.Query().Get("num"))
	if err != nil {
	return err
	}
	huma.Validate(registry, numSchema, pb, huma.ModeReadFromServer, num, res)
	huma.ValidateAndSetDefaults(registry, numSchema, pb, huma.ModeReadFromServer, num, res)
	numStr := r.URL.Query().Get("num")
	var num int
	if numStr != "" {
	var err error
	num, err = strconv.Atoi(numStr)
	if err != nil {
	return err
	}
	}
	huma.ValidateAndSetDefaults(registry, numSchema, pb, huma.ModeReadFromServer, num, res)

[coderabbitai]

🛠️ Refactor suggestion

Consider optimizing default value handling to avoid re-marshaling

Re-marshaling the parsed input back into body introduces additional overhead. You might consider applying default values directly to the input struct to improve performance.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between c46ee1e and 20d38ca.

📒 Files selected for processing (1)

• validate.go (13 hunks)

🔇 Additional comments (3)

validate.go (3)

354-354: LGTM: Function rename accurately reflects the expanded functionality.

The function name change from Validate to ValidateAndSetDefaults better describes its dual responsibility of validation and default value assignment.

---

268-268: LGTM: Consistent function name updates across all call sites.

All call sites have been properly updated to use the new ValidateAndSetDefaults function name.

Also applies to: 286-286, 334-334, 374-374, 380-380, 573-573, 648-648, 671-671, 747-747, 778-778, 842-842

---

354-354: Verify test coverage for default value handling.

Please ensure that test cases cover various scenarios for default value handling:

1. Setting defaults for nil values
2. Not overriding existing zero values
3. Handling nested objects with defaults

✅ Verification successful

Test coverage for default value handling is sufficient

The codebase shows comprehensive test coverage for default value handling through:

• Validation tests with nil values and zero values
• Tests for optional fields with omitempty tags
• Tests for nullable fields and pointer types
• Tests across different validation modes (ReadFromServer, WriteToServer)
• Integration tests across multiple adapters that exercise the ValidateAndSetDefaults function

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for test coverage of default value handling

# Look for test cases related to default values
rg -l "Default.*nil|v\.Default|default.*value" --type go --glob "*_test.go"

# Look for specific test function names related to defaults
rg -l "Test.*Default|Default.*Test" --type go --glob "*_test.go"

Length of output: 571

---

Script:

#!/bin/bash
# Let's examine the actual test cases for default value handling in the most relevant test files

# Check registry_test.go for default value test cases
echo "=== Registry Test Cases ==="
rg "func.*Test.*Default|test.*default" registry_test.go -B 1 -A 10

# Check huma_test.go for default value test cases
echo -e "\n=== Huma Test Cases ==="
rg "func.*Test.*Default|test.*default" huma_test.go -B 1 -A 10

# Look for actual default value assertions in test files
echo -e "\n=== Default Value Assertions ==="
rg "Default.*=|SetDefault|v\.Default" --type go --glob "*_test.go" -B 1 -A 3

Length of output: 8936

---

Script:

#!/bin/bash
# Let's specifically look for test cases in validate_test.go since it's the most relevant
echo "=== Validate Test Cases ==="
rg "func Test.*" validate_test.go -B 1 -A 15

# Look for test cases with nil or zero values
echo -e "\n=== Nil/Zero Value Test Cases ==="
rg "nil|Zero" validate_test.go -B 2 -A 5

# Look for struct definitions with default values in test files
echo -e "\n=== Test Structs with Default Values ==="
ast-grep --pattern 'type $_ struct {
  $$$
  $_  $_ `$$$default:"$_"$$$`
  $$$
}'

Length of output: 5378

[coderabbitai]

🛠️ Refactor suggestion

Consider extracting duplicate default value logic.

The default value setting logic is duplicated between handleMapString and handleMapAny. Consider extracting this into a helper function to follow the DRY principle.

+func setDefaultIfNil(m map[any]any, k any, defaultValue any) {
+    if m[k] == nil && defaultValue != nil {
+        m[k] = defaultValue
+    }
+}

 func handleMapString(r Registry, s *Schema, path *PathBuffer, mode ValidateMode, m map[string]any, res *ValidateResult) {
     // ...
-    if m[k] == nil && v.Default != nil {
-        m[k] = v.Default
-    }
+    setDefaultIfNil(unsafeMapCast(m), k, v.Default)
     // ...
 }

 func handleMapAny(r Registry, s *Schema, path *PathBuffer, mode ValidateMode, m map[any]any, res *ValidateResult) {
     // ...
-    if m[k] == nil && v.Default != nil {
-        m[k] = v.Default
-    }
+    setDefaultIfNil(m, k, v.Default)
     // ...
 }

+// unsafeMapCast performs an unsafe cast from map[string]any to map[any]any
+// This is safe because string keys are compatible with any keys
+func unsafeMapCast(m map[string]any) map[any]any {
+    return *(*map[any]any)(unsafe.Pointer(&m))
+}

Also applies to: 699-701

[danielgtaylor]

Superceded by #633 and released in v2.25.0