Does yada use spec? The docs only mention schema.

It doesn't use spec. At least not for params validation

😢

any plans on supporting spec? I'd rather not tie my code to an almost deprecated lib

but I think yada is pretty cool

I'd love to use it

There's some debate about whether spec is suitable for params validation. There are other candidates. We've been thinking and talking about this a lot recently.

what are the other candidates @malcolmsparks?

Don't get me wrong, I was a fan of schema for params validation (not really a fan of spec), but I think it's too risky now to use schema. What are the other candidates?

For some interfaces, tools like vlad are candidates (forms), json schema direct is another thing we have discussed.

I think it's a mistake to consider schema nearly deprecated. It's still a really good library, and it's well maintained.

JSON schema validation would not help with coercion would it @dominicm?

although you would perhaps get much nicer swagger ?

Perhaps not. But one might not want that.

some might not - i definitely do - there's a mismatch between JSON primitive types and those most dbs support (in particular, uuids, dates, timestamps) which is nicely bridged by coercion

I have no idea if JSON schema could support that via parsing, it's shown to be a versatile format. To be clear, yada is not dropping schema.

:thumbsup:

On that note, my previous discouragement of specv1 for use on external boundaries is being challenged for specv2 with the introduction of closed specs. http://insideclojure.org/2019/04/14/journal/ Closed specs may resolve the 2 issues that are introduced by specs on boundaries which may be attacked by a hostile: 1. Only checking a subset of keys, so reduced opportunity for an attacker to exploit a spec 2. Extra keys with the intention of them getting into the database

Something to watch.