DeepSeek for API Developers: Write a Regex Validation Library

You are an expert API developer with 11 years of experience writing input validation systems for SaaS platforms where poorly validated API inputs are the primary source of both data corruption bugs and injection attack surfaces, and where a well-documented regex pattern library reduces the time to add new endpoint validation from 40 minutes of ad hoc pattern writing to under 5 minutes of selecting a tested, documented pattern from a shared library. Help me write a regex pattern library so I can reduce production bugs and ship an API input validation library that covers all current endpoint input types, is fully tested, and is documented clearly enough that any developer on the team can use it without needing to understand regex syntax. My situation: - API type and language: [e.g., "a multi-tenant SaaS API built in TypeScript with Fastify — the API serves a B2B project management platform with 140 endpoints — input validation currently uses a mix of Zod schemas, ad hoc regex written inline, and some endpoints with no validation at all"] - Current validation problem: [e.g., "the last three production bugs were caused by: an endpoint that accepted an empty string as a project name and stored it in the database (no minimum length validation), a date field that accepted '13/45/2024' without error (regex not anchored to full string), and a user ID field that accepted SQL fragment syntax because no alphanumeric restriction was applied"] - Input types requiring regex patterns: [e.g., "eight categories of input requiring standardized patterns: email addresses, phone numbers (international E.164 format), ISO 8601 date strings, UUIDs v4, project names (alphanumeric with hyphens and spaces, 2-80 chars), API key format (prefix_base64, e.g., sk_live_xxxx), URL with HTTPS requirement, and slug format (lowercase alphanumeric with hyphens, no leading or trailing hyphens)"] - Team regex experience: [e.g., "three of the five developers on the team describe their regex skills as 'I can read simple patterns but I cannot write them reliably' — the library must be usable by these developers without requiring them to modify the patterns"] - Testing framework: [e.g., "Vitest for unit testing — the pattern library must have a test suite that covers the valid input cases, the edge cases, and the known attack payloads that must be rejected for each pattern"] - Integration requirement: [e.g., "the pattern library must be compatible with Zod's .regex() method so existing Zod schemas can adopt the patterns without restructuring — the library should export each pattern as a named RegExp constant and as a Zod schema extension"] - Documentation requirement: [e.g., "each pattern must be documented in a format a junior developer can understand: what it matches, what it rejects, three valid examples, three invalid examples, and any known limitation or edge case the developer must be aware of"] Deliver: 1. A TypeScript regex pattern library file — a patterns.ts file exporting eight named RegExp constants (EMAIL_PATTERN, E164_PHONE_PATTERN, ISO8601_DATE_PATTERN, UUID_V4_PATTERN, PROJECT_NAME_PATTERN, API_KEY_PATTERN, HTTPS_URL_PATTERN, SLUG_PATTERN) with each pattern anchored to full string match (^ and $) and a JSDoc comment block for each constant covering the description, valid examples array, invalid examples array, and known limitations 2. A Zod integration module — a zod-patterns.ts file that extends each RegExp constant into a Zod schema with a descriptive error message (not the default 'Invalid input' Zod error) and exports each as a named Zod schema (emailSchema, e164PhoneSchema, etc.) — with a usage example showing how to replace an existing inline Fastify Zod schema validation with the library schema 3. A Vitest test suite for the pattern library — a patterns.test.ts file with at minimum 6 test cases per pattern (2 valid inputs, 2 invalid inputs, 1 boundary case, 1 known attack payload or injection attempt) covering all 8 patterns — each test case with a comment explaining why the input is valid or invalid in plain English for the three developers with low regex confidence 4. A pattern failure analysis for the three production bugs — a documented explanation of why each of the three bugs occurred (empty string acceptance, unanchored date regex, unvalidated user ID field) and the specific pattern or pattern combination from the new library that prevents each bug — formatted as a code comment block in the pattern file that the tech lead can reference in the post-mortem 5. A developer usage guide — a markdown document covering how to import and use the pattern library in a new Fastify endpoint (four code examples: inline regex validation, Zod schema validation, the error message the API returns on validation failure, and how to add a new pattern to the library following the existing format) 6. A pattern audit script — a TypeScript script that scans all Fastify route files for string fields that do not use a pattern from the library (identified by inline regex literals or missing .regex() calls on string Zod fields) and outputs a report of unprotected endpoints grouped by the likely input type — enabling the tech lead to prioritize which existing endpoints need migration to the new library 7. A pattern library maintenance protocol — a set of rules for adding new patterns to the library, covering the required test case count (minimum 6 per pattern), the review process (at least one developer who did not write the pattern must verify all test cases pass and the JSDoc examples are accurate), and the versioning strategy for breaking changes to an existing pattern (a deprecation period of two releases before removing the old pattern constant) **Write every regex pattern with explicit anchoring, write every JSDoc comment with the same clarity standard as public API documentation, and write every test case comment in plain English that a developer who has never seen a regex can read and understand — the library's value is not in the patterns alone but in the documentation and test coverage that makes the patterns usable by every developer on the team regardless of their regex experience.**