Fix critical type safety and validation issues

Issue 2 - Type Safety: - Remove dangerous 'as any' casts in sendEmail function - Use proper typing for payload.create() calls - Maintain type safety throughout email creation process Issue 3 - Email Validation: - Implement RFC 5322 compliant email regex - Add comprehensive validation for common invalid patterns - Check for consecutive dots, invalid domain formats - Prevent emails like 'test@.com' and 'test@domain.' Issue 4 - Error Message Logic: - Add contextual error messages for template vs direct email modes - Distinguish between template rendering failures and missing direct email content - Provide clearer guidance to developers on what went wrong Additional fixes: - Update imports to use generated Email type instead of BaseEmailData - Maintain compatibility with updated sendEmail interface 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-10 08:13:23 +00:00 · 2025-09-13 21:57:02 +02:00
parent 45559804b0
commit 6e4f754306
4 changed files with 33 additions and 12 deletions
--- a/src/index.ts
+++ b/src/index.ts
@@ -16,7 +16,7 @@ export { mailingJobs, sendEmailJob } from './jobs/index.js'
 export type { SendEmailTaskInput } from './jobs/sendEmailTask.js'

 // Main email sending function
-export { sendEmail, type BaseEmailData, type SendEmailOptions } from './sendEmail.js'
+export { sendEmail, type SendEmailOptions } from './sendEmail.js'
 export { default as sendEmailDefault } from './sendEmail.js'

 // Utility functions for developers
--- a/src/jobs/sendEmailTask.ts
+++ b/src/jobs/sendEmailTask.ts
@@ -1,4 +1,5 @@
-import { sendEmail, type BaseEmailData } from '../sendEmail.js'
+import { sendEmail } from '../sendEmail.js'
+import { Email } from '../payload-types.js'

 export interface SendEmailTaskInput {
  // Template mode fields
@@ -153,7 +154,7 @@ export const sendEmailJob = {
      })

      // Use the sendEmail helper to create the email
-      const email = await sendEmail<BaseEmailData>(payload, sendEmailOptions)
+      const email = await sendEmail<Email>(payload, sendEmailOptions)

      return {
        output: {
--- a/src/sendEmail.ts
+++ b/src/sendEmail.ts
@@ -66,8 +66,17 @@ export const sendEmail = async <T extends Email = Email>(
    throw new Error('Field "to" is required for sending emails')
  }

-  if (!emailData.subject || !emailData.html) {
-    throw new Error('Fields "subject" and "html" are required when not using a template')
+  // Validate required fields based on whether template was used
+  if (options.template) {
+    // When using template, subject and html should have been set by renderTemplate
+    if (!emailData.subject || !emailData.html) {
+      throw new Error(`Template rendering failed: template "${options.template.slug}" did not provide required subject and html content`)
+    }
+  } else {
+    // When not using template, user must provide subject and html directly
+    if (!emailData.subject || !emailData.html) {
+      throw new Error('Fields "subject" and "html" are required when sending direct emails without a template')
+    }
  }

  // Process email addresses using shared validation (handle null values)
@@ -81,13 +90,13 @@ export const sendEmail = async <T extends Email = Email>(
    emailData.bcc = parseAndValidateEmails(emailData.bcc as string | string[])
  }

-  // Create the email in the collection
+  // Create the email in the collection with proper typing
  const email = await payload.create({
-    collection: collectionSlug as any,
-    data: emailData as any
+    collection: collectionSlug,
+    data: emailData
  })

-  return email as unknown as T
+  return email as T
 }

 export default sendEmail
--- a/src/utils/helpers.ts
+++ b/src/utils/helpers.ts
@@ -15,9 +15,20 @@ export const parseAndValidateEmails = (emails: string | string[] | null | undefi
    emailList = emails.split(',').map(email => email.trim()).filter(Boolean)
  }

-  // Basic email validation
-  const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/
-  const invalidEmails = emailList.filter(email => !emailRegex.test(email))
+  // RFC 5322 compliant email validation
+  const emailRegex = /^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/
+  const invalidEmails = emailList.filter(email => {
+    // Check basic format
+    if (!emailRegex.test(email)) return true
+    // Check for common invalid patterns
+    if (email.includes('..') || email.startsWith('.') || email.endsWith('.')) return true
+    if (email.includes('@.') || email.includes('.@')) return true
+    // Check domain has at least one dot
+    const parts = email.split('@')
+    if (parts.length !== 2 || !parts[1].includes('.')) return true
+    return false
+  })
+
  if (invalidEmails.length > 0) {
    throw new Error(`Invalid email addresses: ${invalidEmails.join(', ')}`)
  }