adds image types

[ljonesfl]

Note

Adds first-class image property type with built-in validation and documentation.

• Introduces image validator in Property.php using Validation\IsImage (checks base64/data URI; SVG disabled by default)
• Updates readme.md to list image and base64 types, usage examples, supported formats, and security notes for SVG
• Adds examples/image-example.yaml demonstrating DTOs with image fields across common scenarios
• Adds tests/Dto/ImagePropertyTest.php covering valid base64/data URI images, required/optional behavior, JSON output, non-image/invalid data handling, SVG rejection, and type errors

^{Written by Cursor Bugbot for commit eecf661. This will update automatically on new commits. Configure here.}

Summary by CodeRabbit

Release Notes

• New Features

  • Added image type support for DTOs with base64 and data URI validation.
  • Supports JPEG, PNG, GIF, WebP, and SVG formats with configurable security controls.
  • Includes comprehensive documentation and practical examples for working with images.

• Tests

  • Added test coverage for image property validation, error handling, and JSON export functionality.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds image handling capabilities to the DTO validation library, including a new "image" type validator, comprehensive YAML examples demonstrating image-centric DTO configurations, documentation detailing validation features and usage patterns, and extensive test coverage for image property validation scenarios.

Changes

Cohort / File(s)	Summary
Documentation & Examples readme.md, examples/image-example.yaml	Introduces "image" and "base64" type definitions; documents image validation features (base64/data URI support, MIME-type detection, format constraints); provides configuration and code examples; includes security considerations for SVG handling. New example file demonstrates image properties in real-world DTO schemas with single/multi-image fields, nested image structures, and metadata.
Core Implementation src/Dto/Property.php	Registers new "image" type validator in the Property class type map, enabling Validation\IsImage validation with SVGs disabled by default.
Test Coverage tests/Dto/ImagePropertyTest.php	Comprehensive test suite with 10 test methods covering optional and required image properties, base64/data URI validation, error handling, multiple image fields, JSON serialization, SVG rejection, edge cases, and non-string value handling.

Sequence Diagram

sequenceDiagram
    participant User
    participant Factory
    participant DTO Property
    participant IsImage Validator
    participant Result

    User->>Factory: Create DTO with image property definition
    Factory->>DTO Property: Initialize property with type="image"
    User->>DTO Property: Set image data (base64/data URI)
    DTO Property->>IsImage Validator: Validate image content
    alt Valid Image
        IsImage Validator->>Result: Return success
        Result->>User: Image set successfully
    else Invalid Image
        IsImage Validator->>Result: Return validation error
        Result->>User: Validation exception
    end
    User->>DTO Property: Call validate()
    DTO Property->>DTO Property: Check all image constraints
    DTO Property->>User: Return validation status

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 Hopping through images in digital arrays,
Base64 whiskers brighten our days,
From PNG ears to data URIs we roam,
Validating each pixel with code as our home!
SVG spooks stay locked away tight,
While images shine through, so perfectly right! 🎨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'adds image types' accurately summarizes the main change—introducing a new image type validator and related image handling capabilities throughout the codebase.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

Flag	Coverage Δ	Complexity Δ
dto	96.33% <100.00%> (+<0.01%)	202.00 <0.00> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ	Complexity Δ
src/Dto/Property.php	100.00% <100.00%> (ø)	36.00 <0.00> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @src/Dto/Property.php:
- Line 43: The $typeValidators array in Property (entry 'image' => new
Validation\IsImage(...)) references a non-existent Validation\IsImage class and
will throw ClassNotFoundException; either remove the 'image' entry from the
$typeValidators array in the Property class if you don't need image validation,
or implement and register a custom validator class named Validation\IsImage that
implements the validation interface used by the project and update any
dependency injection/loader to recognize it, or replace the entry with a
validator provided by your installed validation package (referencing its actual
class name) and adjust constructor args accordingly.

🧹 Nitpick comments (1)

readme.md (1)

786-796: Minor style consideration: redundant phrasing.

The phrase "SVG images" is technically redundant since SVG stands for "Scalable Vector Graphics." Consider using just "SVGs" instead. This is a very minor documentation style nit.

📝 Suggested wording changes

-- **SVG Security**: SVG images are disabled by default as they can con...
+- **SVG Security**: SVGs are disabled by default as they can con...

-SVG images are **disabled by default** because they...
+SVGs are **disabled by default** because they...

-If you need to accept SVG images, you must:
+If you need to accept SVGs, you must:

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7546d73 and eecf661.

📒 Files selected for processing (4)

• examples/image-example.yaml
• readme.md
• src/Dto/Property.php
• tests/Dto/ImagePropertyTest.php

🧰 Additional context used

🧬 Code graph analysis (2)

src/Dto/Property.php (1)

src/Dto/Validation.php (1)

• Validation (11-29)

tests/Dto/ImagePropertyTest.php (3)

src/Dto/Dto.php (1)

• Dto (15-267)

src/Dto/Validation.php (1)

• Validation (11-29)

src/Dto/Property.php (2)

• validate (235-257)
• getAsJson (310-323)

🪛 LanguageTool

readme.md

[style] ~786-~786: This phrase is redundant (‘G’ stands for ‘graphic’). Use simply “SVGs”.
Context: ...a custom validator) - SVG Security: SVG images are disabled by default as they can con...

(ACRONYM_TAUTOLOGY)

---

[style] ~789-~789: This phrase is redundant (‘G’ stands for ‘graphic’). Use simply “SVGs”.
Context: ... #### Security Considerations for SVG SVG images are disabled by default because the...

(ACRONYM_TAUTOLOGY)

---

[style] ~796-~796: This phrase is redundant (‘G’ stands for ‘graphic’). Use simply “SVGs”.
Context: ...used for attacks If you need to accept SVG images, you must: 1. Explicitly enable SVG sup...

(ACRONYM_TAUTOLOGY)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Cursor Bugbot

🔇 Additional comments (13)

examples/image-example.yaml (1)

1-261: Well-structured example configuration.

This example file comprehensively demonstrates image-type DTO configurations including single images, arrays, nested objects, and validation metadata. The security note about SVG exclusion (line 134) is helpful for users.

readme.md (1)

722-811: Comprehensive documentation for image handling.

The documentation thoroughly covers image property configuration, supported formats, validation features, and security considerations. The security warnings for SVG are appropriately prominent.

tests/Dto/ImagePropertyTest.php (11)

12-31: LGTM! Solid test for valid image property.

The test correctly validates that a base64-encoded JPEG can be set and retrieved from an image property. Using a real 1x1 pixel JPEG ensures the test reflects actual usage.

---

36-55: LGTM! Good coverage for required field validation.

The test properly verifies that a missing required image property fails validation and produces the expected error message.

---

60-79: LGTM! Data URI format support is tested.

The test validates that data URI format (data:image/png;base64,...) is properly accepted by the image validator.

---

84-101: LGTM! Invalid base64 rejection is properly tested.

The test confirms that invalid base64 strings are rejected with an appropriate validation exception.

---

106-123: LGTM! Non-image data validation is tested.

The test verifies that valid base64 encoding of non-image content (plain text) is correctly rejected.

---

128-162: LGTM! Multiple image properties test provides good coverage.

The test validates handling of multiple image properties with different formats (JPEG, PNG, GIF) in a single DTO.

---

167-187: LGTM! JSON output test verifies serialization.

The test confirms that image properties are correctly serialized in JSON output.

---

192-213: LGTM! Critical security test for SVG rejection.

This test is essential—it verifies that SVG content is rejected by default, protecting against potential XSS attacks embedded in SVG files.

---

218-240: LGTM! Empty optional field handling is tested.

The test confirms that empty strings for optional image fields pass validation without errors.

---

245-262: LGTM! Non-string value rejection is tested.

The test verifies that non-string values (like integers) are properly rejected for image properties.

---

1-8: The namespace recommendation is not consistent with this project's conventions. While the suggestion appears well-intentioned, the evidence shows:

1. PSR-4 autoloading in composer.json covers only src/ (via Neuron\\), not test files
2. Multiple test files in tests/Dto/ lack namespaces, including ParameterTest, PropertyValidationTest, and EnumValidationTest
3. When namespaces are used, they vary inconsistently (Dto, Test\Dto, Tests\Dto)

The file ImagePropertyTest.php follows the existing project pattern by omitting a namespace, consistent with similar tests in the same directory.

Likely an incorrect or invalid review comment.