Headlines: Added, Changed, Deprecated, Removed, Fixed, Security
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
errorMapoption for the Zod adapter, for simplified error handling in localization. (Zod docs)
isTaintednow works with undefined values in the$taintedstore.- Fixed default properties for Record in schemas.
FormPathnow extends only basic objects and arrays, avoiding issues with classes, all built-in objects likeFileandDate, and special "branded" types that validation libraries are using. Thanks to Matt DeKok for this fix!- SuperDebug always renders left-to-right now.
- Discriminated unions for the form itself weren't including the union keys for the schema, when parsing the form data.
devalueupdated to^5.0.0to handle invalid dates.
- Support for "raw" JSON Schema validation with the new schemasafe adapter. Thanks to sukeshpabolu for the initial work on this!
- Errors weren't reset properly when the form was resetted, causing client-side validation to behave like the field was tainted.
- The Zod adapter didn't handle reused schemas ($ref) properly.
- The "GET to POST" modification for
use:enhancewas only intended for SPA mode to fully support progressive enhancement, so it now properly checks for that before adding the missingmethod="POST"attribute on the form. - The tainted message didn't trigger on page refresh or closing a tab in the browser.
FormPathLeavescaused a memory leak when usingsvelte-package.
- SuperDebug support for
MapandSet. submitmethod now falls back to submit, if no support for requestSubmit in browser.isTaintednow handles the type of$taintedin generic components.idoption for superForm (not superValidate) wasn't used in multiple form scenarios.
- Fixed
FormResulttype that can be used inonUpdate, it didn't filter out SuperValidated.
- SPA action form now supports form elements as well, by adding its
use:enhanceon all related forms.
- Fixed type inference for
FormPathwith nested arrays. Error output improved as well. - If method is "GET" or doesn't exist on an enhanced form, it's now automatically set to "POST".
- The
ActionResultfor success or failure is now added to theonUpdateevent in theresultproperty. Can be used to more easily access theActionData. - Added a
failfunction, works the same as the SvelteKit fail, but removes files and setsform.validtofalse. options.configadded to the Zod adapter, so the JSON Schema generation can be customized.
- Snapshots couldn't handle files. They are now reverted to their default value when captured and restored in a snapshot, including the tainted state for these fields.
- The clearOnSubmit option didn't clear the errors when supposed to. To avoid a breaking change, the default option for clearOnSubmit is now
message, noterrors-and-message, as it didn't work anyway.
- the
event.result.errorsignature in onError was incorrect, it doesn't always matchApp.Error. It is now a union betweenApp.Error, The built-in JSErrorclass, and the default App.Error signature{ message: string }.
fileProxy,filesProxy,fileFieldProxyandfilesFieldProxy, soFileobjects can be used withbind:fileson the input field. See file uploads for examples.- Exported
FormPathLeavesWithErrors, for thesetErrorfunction.
- Support for
instanceandspecialvalidators for Valibot, which now enables File validation for Valibot! taintedMessagedidn't always work when navigating with the History API.tainteddidn't untaint automatically when using arrays.- Client-side validation triggered for incorrect fields when starting with the same name.
- "SPA action mode", the
SPAoption can now take a string, corresponding to a form action, and it will post there, even without a html form on the page. Especially useful for debounced server checks like available usernames.
- Fixed types for constraints, tainted and errors when using intersections and unions in schemas.
- Fixed SuperDebug collapsed height by preventing global css leak.
- Redirect in SPA mode cancelled normal redirects, preventing applyAction.
- Default objects sent to
superFormreturned a form with an empty id, causing collisions, it is now a random string. customValiditydidn't clear without client-side validators.
- Clipboard copy button for SuperDebug. Also fixed height when collapsed without label.
- Storybook fix for missing
pagestore.
- Support for object unions, with implicit default values.
- Experimental storybook support.
- It wasn't possible to directly assign
undefinedto a field in the$errorsstore. - Intersections in Zod schemas weren't handled properly.
- It wasn't possible to change the reference to the result in
onResult.
newStateoption forreset, to set a new state for future resets. Can be used instead of thedataoption.
- Empty file entries didn't return
nullfor nullable schema fields. Ensure that all required file fields aren't set to nullable. - Allowed
stringindex in$errorsand$tainted. submitcan now be passed directly to event handlers.- Updated to latest
valibot-json-schema, with support for enum_, amongst others. - Zod adapter now supports
ZodType.
- Schema literals weren't treated as their
typeoftype, which prevented multi-type union detection. FormPathandFormPathLeavesdidn't narrow the types correctly forDate,SetandFile.stringProxydidn't acceptFormPathLeavesas path.- Fixed removal of uploads for empty files (as is the default for empty file inputs), they are now ignored.
- Exported
Schematype, for any supported validation schema.
- Type narrowing for
FormPathand its relatives, to filter the paths based on a specific type, likeFormPathLeaves<T, Date>. - Proxy types:
FieldProxy,FormFieldProxyandArrayProxy. - Added
invalidateAlloption'force', to always use the load function form data, instead of the one returned from the form action. Useful when updating the form data partially, to ensure that the data is refreshed from the server (a "pessimistic" update compared to the default, which is optimistic). Setting this also bases theresetfunction on the latest load function data returned for the form.
defaultsdidn't infer the input type, and didn't generate correctSuperValidateddata, makingsuperFormconfused. Also fixed type signature and removed thejsonSchemaoption that wasn't applicable.- Using
gotoin events didn't work when the target page redirected. FormPathandFormPathLeavesdidn't handle fields with typeunknownandany.- Missing boolean fields were valid in strict mode.
getandsetaccessor foronChange.submitmethod forsuperForm, a convenience instead of using requestSubmit. Requiresuse:enhanceor that aHTMLElementinside the form (or the form itself) is passed as an argument.
- Type parameter was missing in
ChangeEvent, which should be of the inferred schema type. - Type for
onChange.pathswasn't strongly typed toFormPath. - Initial data was dereferenced after calling
superForm, so it wasn't possible to update it when usingreset. FormOptionstype required a type parameter that should've been defaulted toRecord<string, unknown>.- Auto-overflow on SuperDebug, for small spaces.
- Added
configoption to Valibot adapter, for the SchemaConfig type.
- Nullable fields weren't always detected in JSON Schemas.
- Constraints weren't added when using default values for Arktype, Vine and Valibot schemas.
- Fixed null support for Joi, Arktype and Vine schemas.
- Depending on the JSON Schema, dates were sometimes set to
undefinedwhen posting invalid data.
onSubmit.jsonData, to override what's being submitted, when dataType is set to'json'and validation succeeds for$form.onSubmit.validators, to temporarily override validators for the current submission.
- Added
focusOnErroroption toSuperForm.validateFormtype (it was only in the implementation). - Enums could not be detected as an invalid value if the posted value was an empty string, instead it defaulted to the enum first value.
$postedwas reset by mistake tofalseafter posting, whenresetFormoption was true.
- VineJS adapter!
- Added
focusOnErroroption tovalidateForm, defaulttrue.
- Autofocus is now working when using
validateForm({ update: true }). - Default values are now applied properly for single-type unions, even a mix of integers and numbers.
- SuperStruct types,
$errorsprimarily, didn't handle nested data properly.
- The inferred type parameters were swapped in
message, it can now be used to specify the message type.
- Enums can now be required again, as they don't need an explicit default value anymore. If no explicit default value exists, the first enum value will be used.
- Empty arrays were set to
undefinedwhen usingdataType: 'json'.
superForm.fieldswas a rarely used and lesser version offormFieldProxy, switch to that instead.- Removed
fieldsoptions when setting tainted status. - Remvoed
messageparameter inonErrorevent, use$messagedirectly instead.
- Adapters required for validation! Import from
sveltekit-superforms/adaptersand usesuperValidate(zod(schema))instead ofsuperValidate(schema). If type parameters are used, it must now be wrapped withInferfor schemas. - Default
superFormoptions now follow SvelteKit more closely:resetForm: trueandtaintedMessage: falseare default now. Adddefine: { SUPERFORMS_LEGACY: true }invite.config.tsto keep the old behavior. superValidateSyncis renamed todefaults. It returns default values for the schema, and does no validation anymore. Use+page.tsif initial validation is required, as described on the SPA page.arrayProxy:fieldErrorsrenamed tovalueErrors.- Enums must have an explicit default value in the schema.
- Numeric enums cannot be parsed with their string values anymore.
- Superform validator functions, previously just an object with functions, requires the
superformClientadapter. The input for the validator functions can now beundefined. - If
superValidateis called with just the schema, the default values aren't validated (i.e. no side-effects for default values) unlesserrorsis set totrue. - Properties with default values don't have
requiredin their constraints anymore. - Form id cannot be
undefinedanymore, must bestring. (Set automatically by default now). flashMessage.onError.messageoption insuperFormrenamed toflashMessage.onError.flashMessage.constraintsare now optional in theSuperValidatedtype, and are returned only when loading data, not posting. This is only relevant if you modify constraints before callingsuperForm.- Removed the
defaultValidatorsoption,'clear'can now be set directly onvalidatorsinstead. - Removed the
emptyIfZerosetting fromnumberProxyandintProxy. validate()called with no arguments is renamed tovalidateForm()and can take two extra options,updateandschema.
- Support for unions in schemas. A union must have an explicit default value, and multi-type unions can only be used with
dataType: 'json'set. - Added
superForm.isTainted(path?)andsuperForm.isTainted($tainted)for better tainted fields check. - File upload support! Use
withFileswhen returning in form actions:return withFiles({ form }). - SuperDebug now displays
FileandFileList. - All proxies can now take the whole
superFormobject (previously only theformstore was accepted), with an extrataintoption to prevent tainting. taintedMessagecan now be an async function resolving totrueif navigation should be allowed, despite the form being tainted.- Added an
onChangeevent tosuperForm, that returns a list of modified fields whenever$formis updated. - Added
'zero'to the empty option ofnumberProxyandintProxy. Also addedinitiallyEmptyIfZerooption, to show the placeholder for numeric inputs, which would otherwise display0.