Headlines: Added, Changed, Deprecated, Removed, Fixed, Security
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Array-level errors weren't typed correctly when changing the cardinality of an array field in the schema (for example with
nonempty). customValiditynow works withselect,textareaandbutton, not justinput.- SuperDebug looks a bit better now when there is no css styling on the page.
- Forms in components weren't resetted properly when destroyed and created again.
- In rare cases, timers weren't resetted when redirecting to the same route.
- Client-side validation was ignored when a data property was missing or didn't match the schema type. It now fails with a console error. (#243)
- A boolean schema field didn't accept a boolean
falsevalue when posted, it was coerced astrue. - A SuperDebug truncated string showed only the whole string length, not the truncated.
- Added
customValidityoption tosuperForm, which will use the browser's validation message reporting for validation errors. More information and an example here. - Added
emptyIfZerooption tonumberProxyandintProxy.
- When multiple forms exists with the same id, the warning is now displayed on
superForminstantiation, not just when new form data is received. - Fixed client-side validation for
Dateschema fields. (#232) numberProxyandintProxynow works with theemptyoption. (#232)- Fixed timer state in combination with navigation events.
- Added
delimiteroption tonumberProxy.
- Fixed persisting form data when component used data from
$pagein combination withonDestroy. (#164, thank you to everyone in that thread!) - Fixed exception message when the
dataTypeoption isn't set to'json'and the schema contains a nested object. (#225) - Superforms are now ignoring normal SvelteKit form actions when they are posted. (#230)
- More configuration options, customizable styling, automatic promise and store support for SuperDebug, thanks to Josue!
- The
scrollToErroroption can now take the same parameters as scrollIntoView, which makes it work for nested scrollbars. - Added
setErrorsignature, to more conveniently set a form-level error:setError(form, 'Form-level error message')
- If the
resetFormoption was enabled, the form was reset even iffailwas returned.
- Form-level errors couldn't be overwritten.
- Array-level errors couldn't be added with
setError. - Native string enums weren't working when posting the actual string value.
- Svelte 4 compatibility.
- Set comparison added in 1.1.0 wasn't fully functional.
- Support for
Setin schemas, usingz.set(). (#194)
- Nested array and object-level errors are now all cleared on a successful client-side validation. (#196)
- Boolean fields with a default value of
truealways returnedtruewhen validating. - Fixed infinite deep type instantiation on
message. (#143, thanks to Alisson Cavalcante Agiani) - Fixed typesVersions map that caused incorrect auto-import paths (#191, thanks to CokaKoala)
- New Superforms domain! https://superforms.rocks
- When a redirect response is received, form timers will not reset until after navigation or
onDestroy. - Fixed prototype mismatch for Zod schemas in different modules.
- SuperDebug color scheme updated. (Thanks to gregorymcmillan)
- It's not possible to send arbitrary data to
superFormanymore, aSuperValidatedstructure is required, which is returned fromsuperValidateon the server andsuperValidateSync, so in most cases this is not a problem. - Reverted that
message/setMessageandsetErrorwill throw an error if status is lower than 400. Using a range error type check instead.
- Fixed flash messages being displayed early. This update also means that at least sveltekit-flash-message 1.0.0-rc.3 is required to work together with Superforms.
- Form data was reset to its previous state when
errorwas thrown. - Form-level errors can be added with
setError, using an empty string as path.
- For type safety, you cannot send
nullorundefinedtosuperFormanymore. UsesuperValidate, or pass a complete data object tosuperForm. Default values can be added with thedefaultValuesfunction. - The
validoption is removed frommessage, any status >= 400 will return a fail.
message/setMessageandsetErrorwill now throw an error if the status option is below 400.
- Arrays and objects in the schema can now have errors! They can be found at
field._errorsin the$errorsstore. validatewill now validate the whole form when it's called with no arguments.- Support for
passthrough()on a schema,superValidatewill allow extra keys in that case.
- As with effects, array and object errors now forces the whole Zod schema to be validated client-side.
- The
Validationtype is now calledSuperValidated. StringPathandStringPathLeavesare renamed toFormPathandFormPathLeaves.
- The
$valid,$emptyand$firstErrorstores are removed from the client, they weren't that useful.allErrorscan be used instead, together with the$postedstore. emptyis removed fromSuperForm
- Async validation works again for custom validators and
superValidate.
- Added a
postedstore, a boolean which is false if the form hasn't been posted during its current lifetime. resetnow has an additionaldataoption that can be used to re-populate the form with data, andidto set a different form id.intProxy,numberProxy,dateProxyandstringProxynow have anemptyoption, so empty values can be set tonullorundefined.
- Explicitly setting a form
idfor multiple forms is not required anymore when usinguse:enhance, unless the forms are using the same schema. An id can be specified in the options or in a hidden form field called__superform_id. setErrordoesn't handle form-level errors anymore, use refine/superRefine on the schema, or themessagehelper.FieldPathis gone - the following methods are now using a string accessor liketags[2].idinstead of an array like['tags', 2, 'id']:validate,setErrorand all proxy methods (ending withProxy). This also applies to generic components.- The signature for
allErrorsandfirstErrorhas changed to{ path: string; messages: string[] }. - The literal
"any"is now an allowed value instepfor constraints. - Multiple
regexandstepis now allowed in a schema. A warning will be emitted by default, that can be turned off. - The signature for
options.resetFormhas changed toboolean | () => boolean(it was async before). - The undocumented
defaultDatais now calleddefaultValues. - Added
[aria-invalid="true"]toerrorSelectoroption. options.resetFormnow works withoutuse:enhance!
options.noErrorsis removed. Useoptions.errorsinstead.- The virtually unused
metahas been removed. Use the Zod schema directly instead for reflection.
- Fixed deprecation notices for
use:enhance.
- Added
superValidateSync, useful in components for SPA:s. - Added
defaultValues, which takes a schema and returns the default values for it. - Support for
ZodPipeline.
onUpdatedidn't cancelapplyActionandinvalidateAll.- Hopefully fixed excessively deep infinity type instantiation on
messagehelper. - Removed
errors.clearoptional parameterundefinePath, which was left there by mistake.
onUpdatenow hasformElin its signature.
- Posting without Javascript enabled in the browser didn't detect new validation data.
captureandrestoreare now hoisted functions.- Fixed timing issues with radio buttons and validation with side-effects.
- Using standard array access to fix problems with iOS and iPadOS <= 15.3
- Fixed client validation problems with multi-select fields.
- Client validation now runs properly when
$formis modified directly by assignment.
- Select fields had some timing issue, but should now work properly with client-side validation.
- Fixed a few problems with error/tainted checking for client-side validation.
- Typing should now work properly with schema fields containing union types.
- Realtime validation now takes
refineandsuperRefinefully into account. If a schema uses them, the whole schema will be validated, to ensure that side effects are propagated to the correct fields.
allErrorsstopped working when realtime validation errors were cleared.- Large payloads with
dataType: 'json'still didn't work, fixed now.
- Realtime validation didn't work for Zod schemas without effects.
- Client-side validators now works in realtime, based on "reward early, validate late": If no field error, validate on
blur. If field error exists, validate oninput.
- The rarely used
updatefunction is removed. Useforminstead, which now has an option for not tainting the affected fields.
taintedwasn't updated properly for array data.dataType: 'json'now handles large (+1Mb) payloads.
- Added
validatetosuperForm, which can be used to validate any field, at any time. - Client-side validation can be customized with the
validationMethod: 'auto' | 'oninput' | 'onblur' | 'submit-only'option. - The option
{ taint: boolean | 'untaint' | 'untaint-all' }has been added toform.setandform.update. - The
resetFormoption can now take anasync () => booleanfunction to determine whether the form should be resetted or not.
- Zod client-side validation wasn't always detected with minified builds.
- Single page application (SPA) support! Super easy to add with the
SPA: trueoption insuperForm.
- Event chain is fully propagated when client-side validators fail. (Previously, it stopped after
onSubmit) formargument inonUpdatedis nowReadonly, to signify that it won't affect stores at this point.- The default
onErrorevent now emits a console warning onActionResulterrors. ImplementonErrorto handle errors in a user-friendly way. - The
noErrorsfunction is removed, use theerrorsoption ofsuperValidateinstead.
- When
dataType = 'json', file data is now returned when it has the same name as a schema field.
- Flash messages can now be sent in
actionResult.
optionsare now returned fromsuperForm.
fieldProxyandformFieldProxyare now exported fromsveltekit-superforms/client.
- Fixed timing for auto-focus on error field.
- All types now handle schemas with effects.
- Added
errorsoption forsuperValidate
- superValidate:
noErrorsis deprecated, use theerrorsoption instead. - Use
SuperForminstead ofEnhancedForm.
- Tainted check errored for nested properties.
- Fixed form-level errors on client.
- Removed undocumented support for array validation errors.
- Tainted store check fixed for multiple updates.
- Form-level errors sometimes made
$errorsbecome an array.
$taintedstore is now writable.
- If POST request body has already been used, an error is thrown instead of returning an empty object.
- Finally,
eventis no longer needed in the function call tosuperValidatefor empty forms. Just pass the schema as the first parameter.
- The
EnhancedFormtype should now be referred to asSuperForm.
- It's now possible to use schemas modified with refine/superrefine/transform as a type parameter to
superValidate.
URLandURLSearchParamscan now be passed tosuperValidate.
- Form wasn't reset properly after more than one reset.
- Stores weren't updated until after
onUpdatedwas called.
- Implicit default value for
ZodRecord(empty object) - UTC date/time formats for
dateProxy. - Form-level Zod issues, can be added with
refineon the schema, accessed by$errors._errors.
- Added the Superforms website! https://superforms.vercel.app/
- Added
validoption tomessage, so form validity can be set at the same time as returning a message.
- Follow ESM import standards (#78)
messagehelper on the server, to make it easier to send a message with the form.options.syncFlashMessagewhen using sveltekit-flash-message, to sync the flash message withform.message, so you don't have to use both.
- Zod schemas on client now accepts
ZodEffects(refine/transform/superRefine). - Empty data gives no errors when
ZodEffectsare used. formIdwasn't updated properly.
- Array values wasn't coerced to their correct type if empty, i.e. strings were resolved to
[]instead of"".
- Support for snapshots with the
captureandrestorefunctions, returned fromsuperForm. - Added
options.selectErrorTextfor selecting all text in the first invalid text field, instead of just focusing on it and the cursor is placed at the end of the text. use:enhancecan now take all events as a parameter, in case you want to pass it on to other components.- Added a
formIdstore tosuperForm, which can be used to change the form id, in case of complicated multi-form scenarios.
superValidatedidn't use async validation, on Node! How embarrassing, but fixed now.
- For internal data cloning, if
structuredCloneis not available, using devalue instead. - Multiple forms should now be detected in
page.formeven when javascript is disabled. - Removed some debug messages.
form.messageis now defaultanytype, and usesundefinedinstead ofnullto signify no value. This means thatsuperValidateandsuperForm, as well as some of the types, likeValidationandFormOptions, can take a second generic parametr that can specify themessagetype.options.onErrorcan now only be set toapply, or a callback({result, message}) => voidfor handling the error result. It does not automatically set the error message anymore, since it can be of any type.- Default value for
options.defaultValidatoris nowkeep, to give the user better error feedback. - The signature for
allErrorsandfirstErroris now{ path: string[], message: string }. - If
options.dataTypeisn't set tojsonand a nested object is detected in the data sent tosuperForm, an error will be thrown. - The callback for
options.flashMessage.onErrornow follows the same signature asoptions.onError. SuperFormErroris thrown instead ofError.- The
fieldsstore lists all top-level fields as an object, with writable stores forvalue,errorsandconstraints, so they can be passed to sub-components.
options.validatorsnow also accepts a Zod schema, for complete client-side validation!errors,constraintsandtaintednow supports nested data structures!superValidatenow accepts schemas modified withrefine/superRefine/transform.- Added
metastore, which is populated whenoptions.includeMeta = trueinsuperValidate.
- The undocumented
defaultsoption ofsuperValidateis removed, it can be replaced withtransform/refine/superRefinein the validation schema. formdatais removed fromoptions.dataType. Usejsoninstead, it will cover all cases except some very narrow ones.- The
updateparameter inonResultis removed. It has the same effect as not cancelling the event, so it's redundant. - Proxies cannot set an initial value to avoid interfering with
tainted, so the last parameter when creating a proxy is removed.
- Using
onDestroyto unsubscribe from thepagestore, preventing memory leaks. onSubmitwasn't called withawait.- Default data is now cloned, not just referenced.
- Last but not least, a big thanks to Dale Ryan for making the
SuperDebugcomponent even more super!
- Default values didn't exist for nested entities.
resetnow takes akeepMessageproperty, to optionally avoid clearing the message.
- Redirecting to a page with no validation form caused an error.
- Removed
cryptodependency, prevented Cloudflare deployment.
- Support for multiple forms, using the
idoption. FAQ entry. setErrornow takes astatusoption, default is400.
actionResultnow returns a proper error if astringis used when creating anerrorresult.
- Form was untainted on
errorresponse.
- Allowed coercion of default values to avoid schema duplication.
- Support for native enums in validation schemas.
- A default value accidentally removed the
requiredconstraint. - Client-side validation now handles falsy values, not removing the error message when it's not supposed to.
- Form didn't reset to initial values.
- Reset also cleared last message.
- Checking for missing fields only if no
FormDataexists. - Correct comparison for client-side
Datevalidation. - Timers were waiting for
onUpdated. - Improved cacheability for validation data.
- Added a
fieldsstore, which can be used to loop through all fields in the form. options.validatorscan now also returnstring[].
validstore return fromsuperFormwas incorrectly namedvalidated.- Client-side validators were still overwriting errors passed from the server.
- Client-side validators were overwriting errors passed from the server.
- Cleared timers after submit is complete.
- Options to date proxy and boolean proxy.
- Date proxy now working properly.
SuperDebugdate output now handles invalid dates.
- Reset form also on redirect, if
options.resetFormis set. - Check if value passed to
superFormis a validation object.
superValidate.constraintswith attributes that maps directly to the HTML5 form validation standard.
- Proxy objects, for converting string data to other types.
superForm.tainted- A readable store for checking if form is modified.- If the schema type is
array, multiple form values with the same name are now added to it.
- Data returned from
superValidateis now guaranteed to have all fields populated.
ZodEnumis now handled properly.- Support for sveltekit-flash-message is back.
- Improved styles for
SuperDebug.
- Removed flash message support until a better module loading solution is found.
- Displaying a flash message is now prevented when cancelling the update.
- Removed sass from
SuperDebug.
- Posting without
use:enhancenow works again.
- Support for sveltekit-flash-message
options.defaultValidatornow has default valueclear.
form.validatedrenamed toform.valid, and is nowfalsefor empty entities.
- Renamed
validationtoformin theonUpdateandonUpdatedevents.
taintedMessagenow acceptsnull.
- Renamed
form.successtoform.validated.
- Initial release