chore(ui): upgrade zod v4, zustand v5, and ai sdk v5 (#8801)

ui/types/authFormSchema.ts

@@ -64,54 +64,66 @@ export const validatePassword = () => {
     );
 };
 
+const baseAuthSchema = z.object({
+  email: z
+    .email({ message: "Please enter a valid email address." })
+    .trim()
+    .toLowerCase(),
+  password: z.string(),
+  isSamlMode: z.boolean().optional(),
+});
+
+export const signInSchema = baseAuthSchema
+  .extend({
+    password: z.string().min(1, { message: "Password is required." }),
+  })
+  .refine(
+    (data) => {
+      // If SAML mode, password is not required
+      if (data.isSamlMode) return true;
+      // Otherwise, password must be filled
+      return data.password.length > 0;
+    },
+    {
+      message: "Password is required.",
+      path: ["password"],
+    },
+  );
+
+export const signUpSchema = baseAuthSchema
+  .extend({
+    name: z
+      .string()
+      .min(3, {
+        message: "The name must be at least 3 characters.",
+      })
+      .max(20),
+    password: validatePassword(),
+    confirmPassword: z.string().min(1, {
+      message: "Please confirm your password.",
+    }),
+    company: z.string().optional(),
+    invitationToken: z.string().optional(),
+    termsAndConditions:
+      process.env.NEXT_PUBLIC_IS_CLOUD_ENV === "true"
+        ? z.boolean().refine((value) => value === true, {
+            message: "You must accept the terms and conditions.",
+          })
+        : z.boolean().optional(),
+  })
+  .refine(
+    (data) => {
+      if (data.isSamlMode) return true;
+      return data.password === data.confirmPassword;
+    },
+    {
+      message: "The password must match",
+      path: ["confirmPassword"],
+    },
+  );
+
 export const authFormSchema = (type: string) =>
-  z
-    .object({
-      // Sign Up
-      company:
-        type === "sign-in" ? z.string().optional() : z.string().optional(),
-      name:
-        type === "sign-in"
-          ? z.string().optional()
-          : z
-              .string()
-              .min(3, {
-                message: "The name must be at least 3 characters.",
-              })
-              .max(20),
-      confirmPassword:
-        type === "sign-in"
-          ? z.string().optional()
-          : z.string().min(1, {
-              message: "Please confirm your password.",
-            }),
-      invitationToken:
-        type === "sign-in" ? z.string().optional() : z.string().optional(),
+  type === "sign-in" ? signInSchema : signUpSchema;
 
-      termsAndConditions:
-        type === "sign-in" || process.env.NEXT_PUBLIC_IS_CLOUD_ENV !== "true"
-          ? z.boolean().optional()
-          : z.boolean().refine((value) => value === true, {
-              message: "You must accept the terms and conditions.",
-            }),
-
-      // Fields for Sign In and Sign Up
-      // Trim and normalize email, and provide consistent message
-      email: z
-        .string()
-        .trim()
-        .toLowerCase()
-        .email({ message: "Please enter a valid email address." }),
-      password: type === "sign-in" ? z.string() : validatePassword(),
-      isSamlMode: z.boolean().optional(),
-    })
-    .refine(
-      (data) => {
-        if (data.isSamlMode) return true;
-        return type === "sign-in" || data.password === data.confirmPassword;
-      },
-      {
-        message: "The password must match",
-        path: ["confirmPassword"],
-      },
-    );
+export type SignInFormData = z.infer<typeof signInSchema>;
+export type SignUpFormData = z.infer<typeof signUpSchema>;

ui/types/formSchemas.ts

@@ -72,7 +72,7 @@ export const awsCredentialsTypeSchema = z.object({
 export const addProviderFormSchema = z
   .object({
     providerType: z.enum(PROVIDER_TYPES, {
-      required_error: "Please select a provider type",
+      error: "Please select a provider type",
     }),
   })
   .and(
@@ -125,53 +125,53 @@ export const addCredentialsFormSchema = (
         ? {
             [ProviderCredentialFields.AWS_ACCESS_KEY_ID]: z
               .string()
-              .nonempty("AWS Access Key ID is required"),
+              .min(1, "AWS Access Key ID is required"),
             [ProviderCredentialFields.AWS_SECRET_ACCESS_KEY]: z
               .string()
-              .nonempty("AWS Secret Access Key is required"),
+              .min(1, "AWS Secret Access Key is required"),
             [ProviderCredentialFields.AWS_SESSION_TOKEN]: z.string().optional(),
           }
         : providerType === "azure"
           ? {
               [ProviderCredentialFields.CLIENT_ID]: z
                 .string()
-                .nonempty("Client ID is required"),
+                .min(1, "Client ID is required"),
               [ProviderCredentialFields.CLIENT_SECRET]: z
                 .string()
-                .nonempty("Client Secret is required"),
+                .min(1, "Client Secret is required"),
               [ProviderCredentialFields.TENANT_ID]: z
                 .string()
-                .nonempty("Tenant ID is required"),
+                .min(1, "Tenant ID is required"),
             }
           : providerType === "gcp"
             ? {
                 [ProviderCredentialFields.CLIENT_ID]: z
                   .string()
-                  .nonempty("Client ID is required"),
+                  .min(1, "Client ID is required"),
                 [ProviderCredentialFields.CLIENT_SECRET]: z
                   .string()
-                  .nonempty("Client Secret is required"),
+                  .min(1, "Client Secret is required"),
                 [ProviderCredentialFields.REFRESH_TOKEN]: z
                   .string()
-                  .nonempty("Refresh Token is required"),
+                  .min(1, "Refresh Token is required"),
               }
             : providerType === "kubernetes"
               ? {
                   [ProviderCredentialFields.KUBECONFIG_CONTENT]: z
                     .string()
-                    .nonempty("Kubeconfig Content is required"),
+                    .min(1, "Kubeconfig Content is required"),
                 }
               : providerType === "m365"
                 ? {
                     [ProviderCredentialFields.CLIENT_ID]: z
                       .string()
-                      .nonempty("Client ID is required"),
+                      .min(1, "Client ID is required"),
                     [ProviderCredentialFields.CLIENT_SECRET]: z
                       .string()
-                      .nonempty("Client Secret is required"),
+                      .min(1, "Client Secret is required"),
                     [ProviderCredentialFields.TENANT_ID]: z
                       .string()
-                      .nonempty("Tenant ID is required"),
+                      .min(1, "Tenant ID is required"),
                     [ProviderCredentialFields.USER]: z.string().optional(),
                     [ProviderCredentialFields.PASSWORD]: z.string().optional(),
                   }
@@ -259,7 +259,7 @@ export const addCredentialsRoleFormSchema = (providerType: string) =>
           [ProviderCredentialFields.PROVIDER_TYPE]: z.string(),
           [ProviderCredentialFields.ROLE_ARN]: z
             .string()
-            .nonempty("AWS Role ARN is required"),
+            .min(1, "AWS Role ARN is required"),
           [ProviderCredentialFields.EXTERNAL_ID]: z.string().optional(),
           [ProviderCredentialFields.AWS_ACCESS_KEY_ID]: z.string().optional(),
           [ProviderCredentialFields.AWS_SECRET_ACCESS_KEY]: z
@@ -347,8 +347,8 @@ export const editProviderFormSchema = (currentAlias: string) =>
   });
 
 export const editInviteFormSchema = z.object({
-  invitationId: z.string().uuid(),
-  invitationEmail: z.string().email(),
+  invitationId: z.uuid(),
+  invitationEmail: z.email(),
   expires_at: z.string().optional(),
   role: z.string().optional(),
 });
@@ -360,10 +360,7 @@ export const editUserFormSchema = () =>
       .min(3, { message: "The name must have at least 3 characters." })
       .max(150, { message: "The name cannot exceed 150 characters." })
       .optional(),
-    email: z
-      .string()
-      .email({ message: "Please enter a valid email address." })
-      .optional(),
+    email: z.email({ error: "Please enter a valid email address." }).optional(),
     password: z
       .string()
       .min(1, { message: "The password cannot be empty." })

ui/types/integrations.ts

@@ -289,7 +289,7 @@ export const editSecurityHubIntegrationFormSchema =
 export const jiraIntegrationFormSchema = z.object({
   integration_type: z.literal("jira"),
   domain: z.string().min(1, "Domain is required"),
-  user_mail: z.string().email("Invalid email format"),
+  user_mail: z.email({ error: "Invalid email format" }),
   api_token: z.string().min(1, "API token is required"),
   enabled: z.boolean().default(true),
 });
@@ -297,7 +297,7 @@ export const jiraIntegrationFormSchema = z.object({
 export const editJiraIntegrationFormSchema = z.object({
   integration_type: z.literal("jira"),
   domain: z.string().min(1, "Domain is required").optional(),
-  user_mail: z.string().email("Invalid email format").optional(),
+  user_mail: z.email({ error: "Invalid email format" }).optional(),
   api_token: z.string().min(1, "API token is required").optional(),
 });
 

ui/types/lighthouse/findings.ts

@@ -40,9 +40,9 @@ export const getFindingsSchema = z.object({
   query: z
     .string()
     .describe("The query to search for. Default is empty string."),
-  sort: z
-    .string(sortFieldsEnum)
-    .describe("The sort order to use. Default is empty string."),
+  sort: sortFieldsEnum.describe(
+    "The sort order to use. Default is empty string.",
+  ),
   filters: z
     .object({
       "filter[check_id]": z

ui/types/lighthouse/scans.ts

@@ -32,9 +32,9 @@ export const getScansSchema = z.object({
   query: z
     .string()
     .describe("The query to search for. Default is empty string."),
-  sort: z
-    .string(getScansSortEnum)
-    .describe("The sort order to use. Default is empty string."),
+  sort: getScansSortEnum.describe(
+    "The sort order to use. Default is empty string.",
+  ),
   filters: z
     .object({
       // Date filters