Sure. You tend to think about the edges of your application.
1. Router
Tanstack Router: Supports runtime validation libraries such as z0d. So I have routes such as example.com/viewer/$uuid/$number, it should 400 if those aren't actually validate uuid and numbers.
React Router: Supports Types, but every type is a string because, well, they technically are, but this isn't useful in practice in my opinion. There are 3rd party libs such as: https://github.com/fenok/react-router-typesafe-routes
2. API
Lets say you're making your API public to clients you can't trust to send the correct data ( which probably also includes your own client ).
ownagefool|3 months ago
1. Router
Tanstack Router: Supports runtime validation libraries such as z0d. So I have routes such as example.com/viewer/$uuid/$number, it should 400 if those aren't actually validate uuid and numbers.
React Router: Supports Types, but every type is a string because, well, they technically are, but this isn't useful in practice in my opinion. There are 3rd party libs such as: https://github.com/fenok/react-router-typesafe-routes
2. API
Lets say you're making your API public to clients you can't trust to send the correct data ( which probably also includes your own client ).
https://www.npmjs.com/package/express-openapi-validator
This library advertises validating both your input and your output
3. State
https://github.com/pmndrs/zustand/discussions/1722
4. Database
https://www.npmjs.com/package/prisma-zod-generator
5. Forms
https://medium.com/@toukir.ahamed.pigeon/react-hook-form-wit...
6. ENV
https://jfranciscosousa.com/blog/validating-environment-vari...
Obviously checks on the agent are primarily a DX/UX thing, whilst checks on the server step are also security controls.