fix(builders): add proper snowflake validation

[rie03p]

close #11289

Please describe the changes this PR makes and why it should be merged:

This PR adds proper Snowflake validation to the builders package. Previously, multiple instances were using plain z.string() for Snowflake IDs, which didn't validate that the values are numeric strings as required by Discord's Snowflake format.

Changes:

• Added snowflakePredicate (z.string().regex(/^\d{17,20}$/)) to validate Snowflake format
• Replaced z.string() with snowflakePredicate in:
  • emojiPredicate.id
  • buttonPremiumPredicate.sku_id
  • default_values.id for channel, mentionable, role, and user select menu predicates

Status and versioning classification:

• Code changes have been tested against the Discord API, or there are no code changes
• I know how to update typings and have done so, or typings don't need updating

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

2 Skipped Deployments

Project	Deployment	Preview	Comments	Updated (UTC)
discord-js	Skipped			Nov 27, 2025 0:08am
discord-js-guide	Skipped			Nov 27, 2025 0:08am

[Jiralite]

I believe this should accept a snowflake too:

discord.js/packages/builders/src/messages/Assertions.ts

Line 18 in c5a6e5e

id: z.union([z.string(), z.number()]),

discord.js/packages/builders/src/messages/Attachment.ts

Line 42 in c5a6e5e

public setId(id: Snowflake | number): this {

[Jiralite]

@rie03p looks like something is not quite right because tests are failing, may need to update them?

[rie03p]

@Jiralite You're right! The validation is now working correctly and rejecting invalid IDs like 'hi!' and '0'. I've updated the existing tests to use valid IDs (numbers or proper snowflakes) so they pass with the new validation.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 44.99%. Comparing base (5dea946) to head (fa09bc2).
⚠️ Report is 6 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #11290      +/-   ##
==========================================
+ Coverage   44.97%   44.99%   +0.01%     
==========================================
  Files         317      317              
  Lines       18222    18224       +2     
  Branches     1817     1817              
==========================================
+ Hits         8196     8199       +3     
+ Misses      10013    10012       -1     
  Partials       13       13              

Flag	Coverage Δ
builders	81.19% <100.00%> (+0.04%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Resolved.

[rie03p]

I’ve fixed the tests that were failing.

[vladfrangu]

0 is perfectly valid in a snowflake, and could increase the limit too

[vladfrangu]

Suggested change

	export const snowflakePredicate = z.string().regex(/^[1-9]\d{16,18}$/);
	export const snowflakePredicate = z.string().regex(/^[0-9]\d{16,19}$/);

[Jiralite]

0 is perfectly valid at the start?

Also, disagree on increasing the limit. The API doesn't even accept snowflakes that large...

[vladfrangu]

0 is perfectly valid at the start?

I do not like that we have that at the start, I completely missed that its two parts... But also why not? technically even 0 is a valid snowflake (and can be used in pagination to use as a starting point)

[Jiralite]

This is builders though. Snowflakes here are not used for pagination. They're used for emoji ids, select menus (role ids, channel ids, and user ids)... I'd argue someone is building something not at the start of Discord's time, so realistically, 0 is invalid.

If in the future, we ever make builders for methods that use pagination, we can revisit this?

[vladfrangu]

🤷, my two cents is that this should've been \d{17,20} and not overly complex but w/e (plus for attachments it can literally be just \d+ when creating)...

And before you argue for attachments that it cannot be \d+ bc the spec says so -> API cares about the limit, not the ID last I checked

[vladfrangu]

This PR alters that too, soo maybe that needs to be undone? Also you miss the point, the string "0" will work too

[Jiralite]

It alters it because we're being strict on input: snowflakes for editing and numbers for uploading, which is the documented way.

Also you miss the point, the string "0" will work too

0 actually gets set to undefined:

discord.js/packages/builders/src/messages/Attachment.ts

Line 151 in 02fc101

key: this.data.id ? `files[${this.data.id}]` : undefined,

Is... is that an issue?

Someone shouldn't be passing "0" though, right? That seems like a mistake...

[didinele]

Someone shouldn't be passing "0" though, right? That seems like a mistake...

yup. it should be 0 (number)

IMO the meaning of the ID is either snowflake (as in, literal, actual snowflake when editing, already uploaded attachment) or index, as in "im uploading this now, its the nth file"

re the code, yes. that's a bad falsy check

[Jiralite]

Opened #11314 to track that.

[almeidx]

I'm down to change this regex to the one from the spec.

https://github.com/discord/discord-api-spec/blob/28ef48483b4745bcf176b2b53b931a27142e2f55/specs/openapi.json#L33311-L33315