Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Standardize the Zod usage #2968

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
steven-tey merged 3 commits into from
Oct 17, 2025
Merged

Standardize the Zod usage #2968

steven-tey merged 3 commits into from
Oct 17, 2025

Conversation

@devkiran
Copy link
Collaborator

@devkiran devkiran commented Oct 17, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores

    • Standardized schema library imports across the app to use the official package.

  • Bug Fixes

    • Removed stray debug console output from domain search.

@vercel
Copy link
Contributor

vercel bot commented Oct 17, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Updated (UTC)
dub Ready Ready Preview Oct 17, 2025 5:28pm

💡 Enable Vercel Agent with $100 free credit for automated AI reviews

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 17, 2025
edited
Loading

Walkthrough

Replaces local internal imports of zod from @/lib/zod with direct imports from the external zod package across many files; no other logic, runtime behavior, or exported signatures were changed.

Changes

Cohort / File(s) Summary
EE API Routes
apps/web/app/(ee)/api/admin/revenue/get-top-programs-by-sales.ts, apps/web/app/(ee)/api/cron/domains/transfer/route.ts, apps/web/app/(ee)/api/cron/framer/backfill-leads-batch/route.ts, apps/web/app/(ee)/api/customers/route.ts, apps/web/app/(ee)/api/embed/referrals/earnings/route.ts, apps/web/app/(ee)/api/groups/[groupIdOrSlug]/partners/route.ts, apps/web/app/(ee)/api/partner-profile/programs/[programId]/earnings/route.ts, apps/web/app/(ee)/api/stripe/integration/callback/route.ts, apps/web/app/(ee)/api/stripe/integration/route.ts		 Replace @/lib/zod imports with zod named imports; schemas unchanged
EE UI
apps/web/app/(ee)/app.dub.co/embed/referrals/leaderboard.tsx		 Swap internal zod wrapper for direct zod import used for type inference
API Routes
apps/web/app/api/ai/completion/route.ts, apps/web/app/api/domains/client/register/route.ts, apps/web/app/api/domains/client/saved/route.ts, apps/web/app/api/domains/default/route.ts, apps/web/app/api/domains/search-availability/route.ts, apps/web/app/api/links/[linkId]/transfer/route.ts, apps/web/app/api/oauth/apps/route.ts, apps/web/app/api/oauth/token/exchange-code-for-token.ts, apps/web/app/api/oauth/token/refresh-access-token.ts, apps/web/app/api/support/route.ts, apps/web/app/api/workspaces/[idOrSlug]/billing/usage/route.ts, apps/web/app/api/workspaces/[idOrSlug]/invites/route.ts, apps/web/app/api/workspaces/[idOrSlug]/route.ts, apps/web/app/api/workspaces/[idOrSlug]/saml/route.ts, apps/web/app/api/workspaces/[idOrSlug]/scim/route.ts, apps/web/app/api/workspaces/[idOrSlug]/upload-url/route.ts, apps/web/app/api/workspaces/[idOrSlug]/users/route.ts		 Replace @/lib/zod imports with zod named imports; handlers unchanged
Auth & Dashboard
apps/web/app/app.dub.co/(auth)/oauth/authorize/authorize-form.tsx, apps/web/app/app.dub.co/(auth)/oauth/authorize/page.tsx, apps/web/app/app.dub.co/(dashboard)/account/settings/security/update-password.tsx		 Swap internal zod import for zod for type/schema usage
Library API Helpers
apps/web/lib/api/domains/transform-domain.ts, apps/web/lib/api/links/bulk-update-links.ts, apps/web/lib/api/links/get-links-count.ts, apps/web/lib/api/links/get-links-for-workspace.ts		 Replace local zod alias with external zod imports
Dynadot Integration
apps/web/lib/dynadot/register-domain.ts, apps/web/lib/dynadot/search-domains.ts, apps/web/lib/dynadot/set-renew-option.ts		 Use zod package import; also remove stray console.log in search-domains.ts
Integration Schemas
apps/web/lib/integrations/hubspot/schema.ts, apps/web/lib/integrations/slack/commands.ts, apps/web/lib/integrations/slack/schema.ts		 Replace internal zod alias with external zod imports
Tinybird & Types
apps/web/lib/tinybird/record-link.ts, apps/web/lib/types.ts		 Swap @/lib/zod for zod named imports
Scripts
apps/web/scripts/tinybird/update-lead-event.ts, apps/web/scripts/tinybird/update-sale-event.ts		 Replace internal zod import with zod named imports
Tests
apps/web/tests/analytics/index.test.ts, apps/web/tests/folders/index.test.ts, apps/web/tests/links/bulk-create-link.test.ts, apps/web/tests/links/create-link.test.ts, apps/web/tests/partners/analytics.test.ts, apps/web/tests/partners/resource.ts, apps/web/tests/utils/schema.ts, apps/web/tests/webhooks/index.test.ts, apps/web/tests/workspaces/retrieve-workspace.test.ts		 Replace local zod wrapper imports with zod package imports
UI Auth & Components
apps/web/ui/auth/register/signup-email.tsx, apps/web/ui/auth/reset-password-form.tsx, apps/web/ui/modals/share-dashboard-modal.tsx		 Replace internal zod imports with zod for schema/type inference
Partners UI
apps/web/ui/partners/groups/design/application-form/fields/index.tsx, apps/web/ui/partners/groups/design/application-form/program-application-form.tsx, apps/web/ui/partners/lander/blocks/index.tsx		 Replace @/lib/zod with zod; a few minor formatting/key quoting tweaks in fields file

Sequence Diagram(s)

(No sequence diagram — changes are import-only and do not alter application control flow.)

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Bulk, consistent import changes across many files with minimal heterogeneity; verify imports, a couple formatting tweaks, and the single removed console.log.

Possibly related PRs

Suggested reviewers

  • devkiran

Poem

🐇 From aliased paths to package cheer,
zod hops home, the imports clear,
Fifty files now neatly dressed,
Same behavior, just a tidy nest,
— your friendly CodeRabbit, ears impressed 🥕

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The PR title "Standardize the Zod usage" is fully related to and accurately describes the main change in this changeset. The raw summary shows that approximately 48 files have been updated to replace imports from the local "@/lib/zod" alias with imports from the standard "zod" package, establishing a consistent pattern across the codebase. The PR objectives confirm this is the intended change: to use the standard "zod" package where OpenAPI-extended schemas are not required, reserving "@/lib/zod" only for files that need zod-openapi capabilities. The title is concise, clear, and meaningfully communicates the standardization effort without unnecessary noise.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.
✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch cleanup-zod-usage
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 995ee72 and 5680499.

📒 Files selected for processing (1)
  • apps/web/lib/types.ts (1 hunks)
🧰 Additional context used
🧠 Learnings (2)
📓 Common learnings 
Learnt from: devkiran
PR: dubinc/dub#0
File: :0-0
Timestamp: 2025-10-17T08:18:19.258Z
Learning: In the apps/web codebase, `@/lib/zod` should only be used for places that need OpenAPI extended zod schema. All other places should import from the standard `zod` package directly using `import { z } from "zod"`.
📚 Learning: 2025-10-17T08:18:19.258Z 
Learnt from: devkiran
PR: dubinc/dub#0
File: :0-0
Timestamp: 2025-10-17T08:18:19.258Z
Learning: In the apps/web codebase, `@/lib/zod` should only be used for places that need OpenAPI extended zod schema. All other places should import from the standard `zod` package directly using `import { z } from "zod"`.

Applied to files:

  • apps/web/lib/types.ts
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: build
🔇 Additional comments (1)
apps/web/lib/types.ts (1)

24-24: LGTM! Import standardization is correct.

The change to import from the standard zod package is appropriate here. This file only uses z.infer<...> (lines 179, 228, 235, etc.), which is a standard Zod feature that doesn't require OpenAPI extensions. This aligns with the PR objective and established convention: use import { z } from "zod" for standard Zod features, reserving @/lib/zod only for places that need OpenAPI-extended schemas.

Based on learnings.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Oct 17, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 5

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)
apps/web/scripts/tinybird/update-sale-event.ts (1)

59-81: SQL injection vulnerability in delete condition.

The delete_condition on line 78 is constructed using unescaped string interpolation of eventId and oldValue. Malicious input could manipulate the query logic and cause unintended deletions.

Consider parameterizing or properly escaping these values. If Tinybird's API supports parameterized queries, use that approach. Otherwise, validate and escape special characters (especially single quotes) before interpolation:

-      body: `delete_condition=event_id='${eventId}' and ${columnName}='${oldValue}'`,
+      body: `delete_condition=event_id='${eventId.replace(/'/g, "''")}' and ${columnName}='${oldValue.replace(/'/g, "''")}'`,

Better yet, implement proper input validation to ensure eventId and oldValue conform to expected formats before using them in queries.

apps/web/scripts/tinybird/update-lead-event.ts (1)

64-74: Critical: SQL injection vulnerability in delete condition.

The delete_condition parameter is constructed using unescaped string interpolation. While the current script uses hardcoded values, the deleteData function signature accepts parameters that are directly interpolated into the query string. If this function is ever reused with user-controlled input or if oldValue from Tinybird contains malicious content, it could lead to injection attacks.

Consider using proper parameterization or escaping. If Tinybird's API supports parameterized queries, use that. Otherwise, implement strict validation and escaping:

  return fetch(
    `https://api.us-east.tinybird.co/v0/datasources/${dataSource}/delete`,
    {
      method: "POST",
      headers: {
        Authorization: `Bearer ${process.env.TINYBIRD_API_KEY}`,
        "Content-Type": "application/x-www-form-urlencoded",
      },
-      body: `delete_condition=event_id='${eventId}' and ${columnName}='${oldValue}'`,
+      body: `delete_condition=event_id='${escapeSQL(eventId)}' and ${escapeSQL(columnName)}='${escapeSQL(oldValue)}'`,
    },
  ).then((res) => res.json());

You'll need to implement escapeSQL to properly escape single quotes and other special characters, or check if Tinybird provides a safer API for deletions.

🧹 Nitpick comments (2)
apps/web/scripts/tinybird/update-lead-event.ts (1)

11-11: Consider replacing z.any() with a proper schema.

Using z.any() bypasses Zod's type safety and runtime validation. If the structure of the lead event data is known, consider defining a proper schema to catch errors early and provide better TypeScript inference.

For example:

-  data: z.any(),
+  data: z.object({
+    event_id: z.string(),
+    event_name: z.string(),
+    // add other known fields
+  }).array(),

If the structure truly varies, you could use z.unknown() with downstream validation instead of z.any().

apps/web/app/app.dub.co/(dashboard)/account/settings/security/update-password.tsx (1)

11-17: Consider adding client-side validation for better UX.

The form could integrate the imported updatePasswordSchema with react-hook-form's resolver (e.g., using @hookform/resolvers/zod) to provide immediate validation feedback before submission, improving the user experience.

Example integration:

import { zodResolver } from "@hookform/resolvers/zod";

const {
  register,
  handleSubmit,
  setError,
  formState: { isSubmitting, isDirty, errors },
  reset,
} = useForm<z.infer<typeof updatePasswordSchema>>({
  resolver: zodResolver(updatePasswordSchema),
});
📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 46a8b5a and 995ee72.

📒 Files selected for processing (59)
  • apps/web/app/(ee)/api/admin/revenue/get-top-programs-by-sales.ts (1 hunks)
  • apps/web/app/(ee)/api/cron/domains/transfer/route.ts (1 hunks)
  • apps/web/app/(ee)/api/cron/framer/backfill-leads-batch/route.ts (1 hunks)
  • apps/web/app/(ee)/api/customers/route.ts (1 hunks)
  • apps/web/app/(ee)/api/embed/referrals/earnings/route.ts (1 hunks)
  • apps/web/app/(ee)/api/groups/[groupIdOrSlug]/partners/route.ts (1 hunks)
  • apps/web/app/(ee)/api/partner-profile/programs/[programId]/earnings/route.ts (1 hunks)
  • apps/web/app/(ee)/api/stripe/integration/callback/route.ts (1 hunks)
  • apps/web/app/(ee)/api/stripe/integration/route.ts (1 hunks)
  • apps/web/app/(ee)/app.dub.co/embed/referrals/leaderboard.tsx (1 hunks)
  • apps/web/app/api/ai/completion/route.ts (1 hunks)
  • apps/web/app/api/domains/client/register/route.ts (1 hunks)
  • apps/web/app/api/domains/client/saved/route.ts (1 hunks)
  • apps/web/app/api/domains/default/route.ts (1 hunks)
  • apps/web/app/api/domains/search-availability/route.ts (1 hunks)
  • apps/web/app/api/links/[linkId]/transfer/route.ts (1 hunks)
  • apps/web/app/api/oauth/apps/route.ts (1 hunks)
  • apps/web/app/api/oauth/token/exchange-code-for-token.ts (1 hunks)
  • apps/web/app/api/oauth/token/refresh-access-token.ts (1 hunks)
  • apps/web/app/api/support/route.ts (1 hunks)
  • apps/web/app/api/workspaces/[idOrSlug]/billing/usage/route.ts (1 hunks)
  • apps/web/app/api/workspaces/[idOrSlug]/invites/route.ts (1 hunks)
  • apps/web/app/api/workspaces/[idOrSlug]/route.ts (1 hunks)
  • apps/web/app/api/workspaces/[idOrSlug]/saml/route.ts (1 hunks)
  • apps/web/app/api/workspaces/[idOrSlug]/scim/route.ts (1 hunks)
  • apps/web/app/api/workspaces/[idOrSlug]/upload-url/route.ts (1 hunks)
  • apps/web/app/api/workspaces/[idOrSlug]/users/route.ts (1 hunks)
  • apps/web/app/app.dub.co/(auth)/oauth/authorize/authorize-form.tsx (1 hunks)
  • apps/web/app/app.dub.co/(auth)/oauth/authorize/page.tsx (2 hunks)
  • apps/web/app/app.dub.co/(dashboard)/account/settings/security/update-password.tsx (1 hunks)
  • apps/web/lib/api/domains/transform-domain.ts (1 hunks)
  • apps/web/lib/api/links/bulk-update-links.ts (1 hunks)
  • apps/web/lib/api/links/get-links-count.ts (1 hunks)
  • apps/web/lib/api/links/get-links-for-workspace.ts (1 hunks)
  • apps/web/lib/dynadot/register-domain.ts (1 hunks)
  • apps/web/lib/dynadot/search-domains.ts (1 hunks)
  • apps/web/lib/dynadot/set-renew-option.ts (1 hunks)
  • apps/web/lib/integrations/hubspot/schema.ts (1 hunks)
  • apps/web/lib/integrations/slack/commands.ts (1 hunks)
  • apps/web/lib/integrations/slack/schema.ts (1 hunks)
  • apps/web/lib/tinybird/record-link.ts (1 hunks)
  • apps/web/lib/types.ts (1 hunks)
  • apps/web/scripts/tinybird/update-lead-event.ts (1 hunks)
  • apps/web/scripts/tinybird/update-sale-event.ts (1 hunks)
  • apps/web/tests/analytics/index.test.ts (1 hunks)
  • apps/web/tests/folders/index.test.ts (1 hunks)
  • apps/web/tests/links/bulk-create-link.test.ts (1 hunks)
  • apps/web/tests/links/create-link.test.ts (1 hunks)
  • apps/web/tests/partners/analytics.test.ts (1 hunks)
  • apps/web/tests/partners/resource.ts (1 hunks)
  • apps/web/tests/utils/schema.ts (1 hunks)
  • apps/web/tests/webhooks/index.test.ts (1 hunks)
  • apps/web/tests/workspaces/retrieve-workspace.test.ts (1 hunks)
  • apps/web/ui/auth/register/signup-email.tsx (1 hunks)
  • apps/web/ui/auth/reset-password-form.tsx (1 hunks)
  • apps/web/ui/modals/share-dashboard-modal.tsx (1 hunks)
  • apps/web/ui/partners/groups/design/application-form/fields/index.tsx (2 hunks)
  • apps/web/ui/partners/groups/design/application-form/program-application-form.tsx (1 hunks)
  • apps/web/ui/partners/lander/blocks/index.tsx (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: build
🔇 Additional comments (56)
apps/web/lib/dynadot/set-renew-option.ts (1)

2-2: LGTM! Import correctly standardized.

The change from the internal alias to the external zod package using the standard named import is correct and aligns with the PR objective.

apps/web/scripts/tinybird/update-sale-event.ts (1)

2-2: LGTM! Import standardization is correct.

The change from the internal alias to the external zod package using the standard named import pattern is appropriate and maintains identical functionality.

apps/web/ui/partners/lander/blocks/index.tsx (1)

6-6: LGTM! Correct standardization of Zod import.

The change from a default import to the standard named import { z } from the external "zod" package is correct. The usage of z.infer remains functionally identical, and the approach of importing schemas from internal paths (line 1) while importing the core Zod library directly from the package is appropriate and consistent with the PR objectives.

apps/web/lib/dynadot/search-domains.ts (1)

1-1: LGTM! Import standardization aligns with Zod's official API.

The change from an internal default import to the named import { z } from the zod package is correct and follows Zod's standard usage pattern. This standardization improves consistency across the codebase.

apps/web/ui/auth/reset-password-form.tsx (1)

8-8: LGTM! Clean standardization to external Zod import.

The change correctly imports z from the external zod package using named import syntax. This aligns with the PR objective to standardize Zod usage across the codebase while keeping schema definitions organized in the internal library (@/lib/zod/schemas/auth).

apps/web/scripts/tinybird/update-lead-event.ts (1)

2-2: LGTM! Import standardization is correct.

The change from the internal alias to the external zod package using the standard named import syntax is correct and aligns with the PR objective.

apps/web/ui/auth/register/signup-email.tsx (1)

11-11: Import change is compatible with project's Zod version.

The web package uses Zod ^3.22.4, which fully supports the named import syntax import { z } from "zod". The standardization change is correct and safe to merge.

apps/web/lib/integrations/slack/commands.ts (1)

7-7: Import change to external zod package verified and approved.

The zod package is properly declared in apps/web/package.json (version ^3.22.4), making the import change from the internal alias to { z } from "zod" correct and safe. The type-only usage of z.infer on line 174 ensures no runtime behavior changes. No further action required.

apps/web/app/(ee)/app.dub.co/embed/referrals/leaderboard.tsx (1)

15-15: No issues found. Migration is safe and maintains functionality.

The internal @/lib/zod wrapper re-exports the official zod package without custom configuration or extensions. The z.infer<> utility extracts types from schemas identically regardless of import source—it's a compile-time operation that doesn't depend on how z is imported. The change from import z from "@/lib/zod" to import { z } from "zod" at line 15 is correct and safe.

apps/web/app/app.dub.co/(dashboard)/account/settings/security/update-password.tsx (1)

7-7: Named import syntax is correct and fully compatible.

The change to import { z } from "zod" is appropriate. The project uses Zod ^3.22.4 in apps/web, which fully supports named exports. The import change maintains identical functionality and follows modern Zod conventions.

apps/web/lib/dynadot/register-domain.ts (1)

1-1: Verification complete—change is correct and properly configured.

The import change to import { z } from "zod" is correct and verified:

  • zod "^3.22.4" is available in apps/web/package.json
  • No remaining @/lib/zod imports in the codebase
  • The pattern aligns with existing files in the same directory
apps/web/tests/webhooks/index.test.ts (1)

17-17: LGTM! Zod standardization is complete and verified across the codebase.

The import change from the internal @/lib/zod alias to the standard zod named import is correct. Verification confirms:

  • The old @/lib/zod module has been removed entirely
  • Zero remaining imports from the old module across the codebase
  • All files use the standard import { z } from "zod"; pattern
  • Project-specific schemas at @/lib/zod/schemas/* remain properly in place
apps/web/lib/tinybird/record-link.ts (1)

2-2: Import change is correct; migration nearly complete (88% done).

The @/lib/zod file is a simple re-export wrapper that applies the zod-openapi extension, so replacing it with a direct import from the zod package is safe and appropriate. The file uses the correct named import syntax { z } which matches zod's export pattern.

The systematic migration is nearly complete: 344 files have already switched to import { z } from "zod", with 46 files still using the old alias. This change is one of the final updates.

apps/web/tests/partners/resource.ts (1)

3-3: No issues; import change is safe for this test file.

The change from @/lib/zod to direct { z } from "zod" is appropriate here. While @/lib/zod does extend Zod with OpenAPI support, this test file uses only standard Zod methods (z.object(), z.string(), .nullish()) and doesn't call any OpenAPI-specific methods. This aligns with the consistent pattern across all test files in the codebase, which use direct Zod imports. The lib schema files that require OpenAPI support continue to use @/lib/zod.

apps/web/app/api/oauth/apps/route.ts (1)

12-12: LGTM - Clean refactor to external zod import.

The change correctly separates the core zod library import from custom schema imports (@/lib/zod/schemas/oauth), maintaining all existing functionality.

apps/web/app/(ee)/api/groups/[groupIdOrSlug]/partners/route.ts (1)

12-12: LGTM - Consistent with standardization effort.

apps/web/app/api/links/[linkId]/transfer/route.ts (1)

12-12: LGTM.

apps/web/lib/api/domains/transform-domain.ts (1)

6-6: LGTM - Maintains type inference correctly.

apps/web/app/(ee)/api/cron/framer/backfill-leads-batch/route.ts (1)

19-19: LGTM.

apps/web/app/api/workspaces/[idOrSlug]/saml/route.ts (1)

8-8: LGTM.

apps/web/app/api/oauth/token/exchange-code-for-token.ts (1)

12-12: LGTM.

apps/web/app/api/domains/client/saved/route.ts (1)

4-4: The suggestion to remove @/lib/zod re-export is incorrect.

The @/lib/zod module is not a redundant alias. It exports z with extendZodWithOpenApi(z) applied and is actively used in ~530 locations throughout the codebase (schema files, OpenAPI handlers, webhooks, and API error handlers). Removing it would break the zod-openapi integration that the entire system depends on. This PR's change to direct imports in a single route file does not affect this central abstraction.

Likely an incorrect or invalid review comment.

apps/web/app/(ee)/api/admin/revenue/get-top-programs-by-sales.ts (1)

4-4: LGTM! Import standardization applied correctly.

The change from the internal alias to the external zod package with a named import is correct and maintains full compatibility with the existing usage.

apps/web/lib/api/links/get-links-count.ts (1)

4-4: LGTM! Import standardization applied correctly.

The switch to the external zod package with named import is correct and preserves existing type inference behavior.

apps/web/app/api/workspaces/[idOrSlug]/invites/route.ts (1)

13-13: LGTM! Import standardization applied correctly.

The change to the external zod package maintains full compatibility with all schema definitions and validation logic in this route.

apps/web/app/api/workspaces/[idOrSlug]/upload-url/route.ts (1)

5-5: LGTM! Import standardization applied correctly.

The import change maintains full compatibility with the schema definition for upload URLs.

apps/web/app/api/support/route.ts (1)

4-4: LGTM! Import standardization applied correctly.

The switch to the external zod package preserves the support request validation schema behavior.

apps/web/app/api/domains/client/register/route.ts (1)

4-4: LGTM! Import standardization applied correctly.

The import change maintains compatibility with the domain registration schema validation.

apps/web/app/api/workspaces/[idOrSlug]/users/route.ts (1)

12-12: LGTM! Import standardization applied correctly.

The change to the external zod package maintains compatibility with all schema definitions for user role updates and removal.

apps/web/app/api/workspaces/[idOrSlug]/scim/route.ts (1)

5-5: LGTM! Import standardization applied correctly.

The import change preserves all SCIM directory schema validation logic.

apps/web/app/(ee)/api/cron/domains/transfer/route.ts (1)

9-9: LGTM! Import standardization is correct.

The switch from the internal zod wrapper to the external package maintains all functionality. The named import syntax import { z } from "zod" is the standard approach.

apps/web/lib/api/links/get-links-for-workspace.ts (1)

3-3: LGTM! Import standardization is correct.

The change correctly switches to the external zod package while maintaining the schema import from @/lib/zod/schemas/links (which is expected for application-specific schemas).

apps/web/app/api/oauth/token/refresh-access-token.ts (1)

10-10: LGTM! Import standardization is correct.

The migration to the external zod package is properly implemented with no impact on runtime behavior or type safety.

apps/web/app/api/ai/completion/route.ts (1)

9-9: LGTM! Import standardization is correct.

The external zod import works seamlessly with the schema definition and parsing logic in this file.

apps/web/tests/workspaces/retrieve-workspace.test.ts (1)

4-4: LGTM! Test import standardization is correct.

The external zod import maintains full compatibility with the test's schema extension and validation logic.

apps/web/lib/api/links/bulk-update-links.ts (1)

7-7: LGTM! Import standardization is correct.

The switch to the external zod package maintains type inference and validation functionality without any issues.

apps/web/app/(ee)/api/partner-profile/programs/[programId]/earnings/route.ts (1)

11-11: LGTM! Import standardization is correct.

The external zod import integrates properly with the schema validation and array parsing in this endpoint.

apps/web/app/api/domains/search-availability/route.ts (1)

6-6: Rewrite review comment to reflect verification findings.

The review comment's verification request is based on incorrect assumptions. The @/lib/zod wrapper file still exists at apps/web/lib/zod/index.ts and is actively used by approximately 46 files across the codebase. The wrapper exports a zod instance extended with OpenAPI support via zod-openapi. No migration of existing imports has occurred, and the old wrapper cannot be removed without breaking those dependencies.

This single-file change to use a direct zod import is locally scoped and doesn't impact the rest of the codebase—the wrapper remains functional for other files. However, this introduces inconsistency: the reviewed file now imports directly from "zod" while the majority of the codebase continues to use the standardized wrapper.

Likely an incorrect or invalid review comment.

apps/web/app/api/workspaces/[idOrSlug]/billing/usage/route.ts (1)

6-6: LGTM! Import change is correct.

The migration from the internal alias to the external zod package with a named import is correct and maintains identical functionality.

apps/web/ui/modals/share-dashboard-modal.tsx (1)

27-27: LGTM! Import standardization applied correctly.

The change to named import from the external zod package is correct and preserves all type inference functionality.

apps/web/app/(ee)/api/stripe/integration/callback/route.ts (1)

8-8: LGTM! Clean import migration.

The standardization to the external zod package is correct and maintains schema validation behavior.

apps/web/app/api/workspaces/[idOrSlug]/route.ts (1)

20-20: LGTM! Import change preserves all schema functionality.

The migration correctly maintains all advanced Zod features including schema extension, regex validation, and type unions.

apps/web/app/(ee)/api/embed/referrals/earnings/route.ts (1)

6-6: LGTM! Import standardization is correct.

The change to the external zod package maintains all coercion and array parsing functionality.

apps/web/app/(ee)/api/customers/route.ts (1)

27-27: LGTM! Import migration preserves schema operations.

The standardization correctly maintains all schema merging and parsing operations.

apps/web/lib/integrations/slack/schema.ts (1)

1-1: LGTM! Schema definitions remain fully compatible.

The import change maintains all exported schema functionality including transformations and enums.

apps/web/app/api/domains/default/route.ts (1)

7-7: LGTM! Clean import standardization.

The switch from the internal zod alias to the external package is correct, and all usages remain consistent.

apps/web/app/app.dub.co/(auth)/oauth/authorize/authorize-form.tsx (1)

11-11: LGTM!

Import change aligns with the PR's standardization goal. Type inference usage remains correct.

apps/web/app/app.dub.co/(auth)/oauth/authorize/page.tsx (2)

11-11: LGTM!

Import standardization is correct.

21-23: LGTM! Cleaner formatting.

Function signature consolidation improves readability without changing behavior.

apps/web/tests/links/bulk-create-link.test.ts (1)

4-4: LGTM!

Import standardization is consistent with the broader PR changes.

apps/web/tests/folders/index.test.ts (1)

4-4: LGTM!

Import change is correct and maintains existing type inference patterns.

apps/web/tests/partners/analytics.test.ts (1)

3-3: LGTM!

Import standardization is correct.

apps/web/ui/partners/groups/design/application-form/program-application-form.tsx (1)

29-29: LGTM!

Import standardization is correct. All type inference patterns throughout the file remain consistent.

apps/web/tests/links/create-link.test.ts (1)

6-6: LGTM!

Import change is correct and consistent with the PR's standardization goal.

apps/web/ui/partners/groups/design/application-form/fields/index.tsx (1)

2-2: LGTM! Zod import correctly standardized.

The change from importing zod via the local alias to a direct import from the zod package correctly implements the PR objective. The named import syntax is standard and the functionality remains unchanged.

apps/web/tests/analytics/index.test.ts (1)

4-4: Import change looks correct.

The migration from the internal @/lib/zod alias to the external zod package with named import syntax is appropriate and aligns with standard zod usage patterns.

Verify that @/lib/zod was a simple re-export and didn't provide custom validation, configuration, or test utilities:

@devkiran
Copy link
Collaborator Author

devkiran commented Oct 17, 2025

@coderabbitai @/lib/zod is only needed for places that need openapi extended zod schema - all other places we should use zod

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 17, 2025

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check the content of @/lib/zod to understand the OpenAPI extension
cat apps/web/lib/zod/index.ts apps/web/lib/zod.ts 2>/dev/null || fd -t f "zod" apps/web/lib/ --max-depth 2 -x cat {}

Length of output: 1931

@devkiran, thank you for clarifying! I can see that @/lib/zod extends the standard zod library with OpenAPI capabilities using zod-openapi. I'll remember this convention for future reviews—@/lib/zod should only be used when OpenAPI-extended schemas are needed, and the standard zod package should be used everywhere else.

This PR correctly standardizes the usage by moving to the standard zod package in places where the OpenAPI extension isn't required. 👍

✏️ Learnings added 
Learnt from: devkiran
URL: https://github.com/dubinc/dub/pull/2968

Timestamp: 2025-10-17T08:18:19.258Z
Learning: In the apps/web codebase, `@/lib/zod` should only be used for places that need OpenAPI extended zod schema. All other places should import from the standard `zod` package directly using `import { z } from "zod"`.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.

@devkiran devkiran requested a review from steven-tey October 17, 2025 11:07
@steven-tey steven-tey merged commit 3752f32 into main Oct 17, 2025
7 of 8 checks passed
@steven-tey steven-tey deleted the cleanup-zod-usage branch October 17, 2025 17:47
@coderabbitai coderabbitai bot mentioned this pull request Oct 22, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@steven-tey steven-tey Awaiting requested review from steven-tey

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@devkiran @steven-tey