defense-in-depth-validation

mrgoonie's avatarfrom mrgoonie

Validate at every layer data passes through to make bugs impossible

1.1kstars🔀227forks📁View on GitHub🕐Updated Dec 30, 2025
[Testing and QA]

When & Why to Use This Skill

Defense-in-Depth Validation is a robust software engineering pattern designed to eliminate bugs by implementing multi-layered data verification. Instead of relying on a single check, this skill enforces validation at the entry point, business logic, environment, and debug levels, making system failures structurally impossible and ensuring data integrity across complex workflows. It is an essential practice for building resilient, self-healing applications and reducing the time spent on forensic debugging.

Use Cases

  • Multi-Layered Input Validation: Prevent invalid data from propagating through the system by catching errors at the API boundary and again within core business logic.
  • Context-Aware Safety Guards: Protect sensitive environments by restricting dangerous operations (like file system modifications or database wipes) to authorized directories or conditions.
  • Structural Bug Prevention: Eliminate entire classes of bugs by ensuring that data requirements are satisfied at every internal checkpoint, preventing failures deep in execution.
  • Enhanced Forensic Analysis: Utilize automated debug instrumentation to capture stack traces and execution context, providing immediate clarity when validation layers are triggered.
nameDefense-in-Depth Validation
descriptionValidate at every layer data passes through to make bugs impossible
when_to_usewhen invalid data causes failures deep in execution, requiring validation at multiple system layers
version1.1.0
languagesall

Defense-in-Depth Validation

Overview

When you fix a bug caused by invalid data, adding validation at one place feels sufficient. But that single check can be bypassed by different code paths, refactoring, or mocks.

Core principle: Validate at EVERY layer data passes through. Make the bug structurally impossible.

Why Multiple Layers

Single validation: "We fixed the bug" Multiple layers: "We made the bug impossible"

Different layers catch different cases:

  • Entry validation catches most bugs
  • Business logic catches edge cases
  • Environment guards prevent context-specific dangers
  • Debug logging helps when other layers fail

The Four Layers

Layer 1: Entry Point Validation

Purpose: Reject obviously invalid input at API boundary

function createProject(name: string, workingDirectory: string) {
  if (!workingDirectory || workingDirectory.trim() === '') {
    throw new Error('workingDirectory cannot be empty');
  }
  if (!existsSync(workingDirectory)) {
    throw new Error(`workingDirectory does not exist: ${workingDirectory}`);
  }
  if (!statSync(workingDirectory).isDirectory()) {
    throw new Error(`workingDirectory is not a directory: ${workingDirectory}`);
  }
  // ... proceed
}

Layer 2: Business Logic Validation

Purpose: Ensure data makes sense for this operation

function initializeWorkspace(projectDir: string, sessionId: string) {
  if (!projectDir) {
    throw new Error('projectDir required for workspace initialization');
  }
  // ... proceed
}

Layer 3: Environment Guards

Purpose: Prevent dangerous operations in specific contexts

async function gitInit(directory: string) {
  // In tests, refuse git init outside temp directories
  if (process.env.NODE_ENV === 'test') {
    const normalized = normalize(resolve(directory));
    const tmpDir = normalize(resolve(tmpdir()));

    if (!normalized.startsWith(tmpDir)) {
      throw new Error(
        `Refusing git init outside temp dir during tests: ${directory}`
      );
    }
  }
  // ... proceed
}

Layer 4: Debug Instrumentation

Purpose: Capture context for forensics

async function gitInit(directory: string) {
  const stack = new Error().stack;
  logger.debug('About to git init', {
    directory,
    cwd: process.cwd(),
    stack,
  });
  // ... proceed
}

Applying the Pattern

When you find a bug:

  1. Trace the data flow - Where does bad value originate? Where used?
  2. Map all checkpoints - List every point data passes through
  3. Add validation at each layer - Entry, business, environment, debug
  4. Test each layer - Try to bypass layer 1, verify layer 2 catches it

Example from Session

Bug: Empty projectDir caused git init in source code

Data flow:

  1. Test setup → empty string
  2. Project.create(name, '')
  3. WorkspaceManager.createWorkspace('')
  4. git init runs in process.cwd()

Four layers added:

  • Layer 1: Project.create() validates not empty/exists/writable
  • Layer 2: WorkspaceManager validates projectDir not empty
  • Layer 3: WorktreeManager refuses git init outside tmpdir in tests
  • Layer 4: Stack trace logging before git init

Result: All 1847 tests passed, bug impossible to reproduce

Key Insight

All four layers were necessary. During testing, each layer caught bugs the others missed:

  • Different code paths bypassed entry validation
  • Mocks bypassed business logic checks
  • Edge cases on different platforms needed environment guards
  • Debug logging identified structural misuse

Don't stop at one validation point. Add checks at every layer.

defense-in-depth-validation – AI Agent Skills | Claude Skills