Module validate 

Structs

RequestValidator

Shared validation facade routed through by HTTP handlers, MCP tools, and CLI subcommands (issue #966, Wave-2 Tier-C1).

ValidationError

Typed validation failure surfaced by RequestValidator entry points. Carries the offending field name and a reason string matching the existing bail! shape so the wire-side error messages remain byte-equal to the pre-#966 surface.

Constants

DEFAULT_NHI_SOURCE

v0.7.x (issue #1175) — the canonical vendor-neutral substrate default for source on AI-NHI-minted rows. Use this constant at every substrate write site that previously hardcoded "claude".

RESERVED_AGENT_IDS

Reserved internal agent identifiers (issue #977).

Functions

normalize_namespace

Normalize a namespace input to the canonical form accepted by validate_namespace. Not called by write paths (would lowercase existing flat namespaces and break their lookup keys); instead exposed as a helper that callers opt into, and used by Task 1.5+ when accepting user-typed hierarchical paths.

validate_agent_id

Validate an agent identifier (NHI-hardened) for wire-side use.

validate_agent_id_shape

Shape-only validation for an agent identifier — the pre-#977 behaviour, separated so internal callers that legitimately need to load/generate keypairs with reserved-sentinel labels (e.g. the daemon’s own self-signing keypair under crate::identity::keypair::DAEMON_KEYPAIR_LABEL) can opt into the looser check.

validate_agent_pubkey_b64

Validate a wire-supplied base64-encoded Ed25519 agent public key (#626 Layer-3, Task 1.3).

validate_agent_type

Validate an agent type. Accepts any value matching one of these forms (red-team #235 — the original closed whitelist blocked future agents):

validate_capabilities

Validate a list of capability strings. Shares validate_tags rules (non-empty, <=128 bytes each, clean chars, <=50 entries).

validate_citation

v0.7.0 Form 4 (issue #757) — validate a Citation envelope.

validate_citations

v0.7.0 Form 4 — validate the full citations vector.

validate_confidence

validate_consolidate

Validate consolidation request.

validate_content

validate_create

Validate a full CreateMemory before insert.

validate_expires_at

validate_expires_at_format

Validate expires_at format only (no past-date check). Used by update path.

validate_governance_policy

Validate a [GovernancePolicy] (Task 1.8). Closed-set tag checks are already handled by serde on deserialization; this adds semantic bounds: consensus quorum must be ≥ 1, Agent references must pass validate_agent_id, and the policy as a whole must not use GovernanceLevel::Approve without a meaningful approver.

validate_id

validate_kind

v0.7.0 #1467 — validate the optional Form-6 kind wire value.

validate_link

Validate link creation.

validate_memory

Validate a full Memory (used for import).

validate_metadata

validate_namespace

Validate a namespace (flat or hierarchical, Task 1.4).

validate_priority

validate_relation

validate_scope

Validate a visibility scope against the closed VALID_SCOPES set (Task 1.5). Enforced on write paths that accept an explicit scope parameter. Memories with no scope metadata are treated as private by the query layer without needing explicit validation here.

validate_source

validate_source_span

v0.7.0 Form 4 (issue #757) — validate a SourceSpan byte-range.

validate_source_span_for_body

v0.7.0 Form 4 / Cluster-A — body-aware SourceSpan validation.

validate_source_uri

v0.7.0 Form 4 (issue #757) — validate a URI-form source pointer.

validate_tags

validate_title

validate_ttl_secs

validate_update

Validate update fields (only validates present fields). Note: expires_at allows past dates in updates for programmatic TTL management and GC testing — only format is validated, not chronological ordering.