14 — Input Validation & Sanitization

Core Concepts

• Zod — TypeScript-first schema validation library
• Schema composition — reuse schemas via extend, merge, pick, omit
• Coercion — auto-convert strings to numbers/dates from query params
• Sanitization — trim whitespace, lowercase emails, strip HTML
• Request DTOs — type-safe data transfer objects
• Validation middleware — reusable middleware factory