Skip to content
Critiq Docs

Search docs

Search documentation pages and rules

security.misconfiguration

Add a global Nest ValidationPipe

Nest bootstrap entries should register `ValidationPipe` globally when controllers parse bodies or DTOs.

#Metadata

Rule ID
ts.security.nestjs-missing-global-validation-pipe
Severity
medium
Confidence
0.68
Languages
javascript, typescript
Presets
recommended, security, strict
Stability
experimental
Applies to
block
Tags
nestjs, rules-catalog, security

#Why it matters

Without a validation pipe unexpected fields can reach controllers and weaken input hygiene.

#Remediation

Call app.useGlobalPipes with ValidationPipe using whitelist and forbidNonWhitelisted flags near bootstrap completion.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.nestjs-missing-global-validation-pipe.rule.yaml.

Back to directoryOpen rule in repository