feat: add environment variable validation and update dependencies

Author: Le-Caignec

propose-safe-multisig-tx/package-lock.json

@@ -12,9 +12,12 @@
     "@safe-global/api-kit": "^4.0.0",
     "@safe-global/protocol-kit": "^6.1.1",
     "@safe-global/types-kit": "^3.0.0",
-    "viem": "^2.21.0"
+    "dotenv": "^16.3.1",
+    "viem": "^2.21.0",
+    "zod": "^3.22.4"
   },
   "devDependencies": {
+    "@types/node": "^24.7.0",
     "typescript": "^5.0.0"
   }
 }

propose-safe-multisig-tx/package.json

@@ -0,0 +1,52 @@
+import 'dotenv/config';
+import { z } from 'zod';
+
+const addressRegex = /(^|\b)(0x)?[0-9a-fA-F]{40}(\b|$)/;
+const privateKeyRegex = /(^|\b)(0x)?[0-9a-fA-F]{64}(\b|$)/;
+const hexDataRegex = /^0x[0-9a-fA-F]*$/;
+
+const envSchema = z.object({
+  // Private key of the proposer wallet
+  PROPOSER_PRIVATE_KEY: z
+    .string()
+    .regex(privateKeyRegex, 'Invalid private key format')
+    .min(1, 'Proposer private key is required'),
+
+  // RPC URL for blockchain network connection
+  RPC_URL: z
+    .string()
+    .url('RPC_URL must be a valid URL')
+    .min(1, 'RPC URL is required'),
+
+  // Safe multisig contract address
+  SAFE_ADDRESS: z
+    .string()
+    .regex(addressRegex, 'Invalid Safe address format')
+    .min(1, 'Safe address is required'),
+
+  // Target address for the transaction
+  TRANSACTION_TO: z
+    .string()
+    .regex(addressRegex, 'Invalid transaction target address format')
+    .min(1, 'Transaction target address is required'),
+
+  // Safe API key for transaction service
+  SAFE_API_KEY: z
+    .string()
+    .min(1, 'Safe API key is required'),
+
+  // Value to send in the transaction (in wei)
+  TRANSACTION_VALUE: z
+    .string()
+    .default('0')
+    .pipe(z.coerce.bigint().nonnegative('Transaction value must be a positive amount'))
+    .transform(String),
+
+  // Transaction data/calldata
+  TRANSACTION_DATA: z
+    .string()
+    .regex(hexDataRegex, 'Transaction data must be valid hex data')
+    .default('0x'),
+});
+
+export const env = envSchema.parse(process.env);

propose-safe-multisig-tx/src/env.ts

@@ -4,28 +4,20 @@ import Safe from "@safe-global/protocol-kit";
 import { OperationType, MetaTransactionData } from "@safe-global/types-kit";
 import { createPublicClient, http } from "viem";
 import { privateKeyToAccount } from "viem/accounts";
+import { env } from "./env.js";
 
 async function run() {
   try {
-    // Get inputs from environment variables
-    const proposerPrivateKey = process.env.INPUT_PROPOSER_PRIVATE_KEY;
-    const rpcUrl = process.env.INPUT_RPC_URL;
-    const safeAddress = process.env.INPUT_SAFE_ADDRESS;
-    const transactionTo = process.env.INPUT_TRANSACTION_TO;
-    const safeApiKey = process.env.INPUT_SAFE_API_KEY;
-    const transactionValue = process.env.INPUT_TRANSACTION_VALUE || "0";
-    const transactionData = process.env.INPUT_TRANSACTION_DATA || "0x";
-
-    // Validate required inputs
-    if (
-      !proposerPrivateKey ||
-      !rpcUrl ||
-      !safeAddress ||
-      !transactionTo ||
-      !safeApiKey
-    ) {
-      throw new Error("Missing required environment variables");
-    }
+    // Environment variables are already validated and parsed
+    const {
+      PROPOSER_PRIVATE_KEY: proposerPrivateKey,
+      RPC_URL: rpcUrl,
+      SAFE_ADDRESS: safeAddress,
+      TRANSACTION_TO: transactionTo,
+      SAFE_API_KEY: safeApiKey,
+      TRANSACTION_VALUE: transactionValue,
+      TRANSACTION_DATA: transactionData,
+    } = env;
 
     core.info(`🚀 Starting Safe transaction proposal...`);
     core.info(`📍 Safe Address: ${safeAddress}`);
@@ -94,8 +86,8 @@ async function run() {
     const transaction = await apiKit.getTransaction(safeTxHash);
 
     // Set outputs
-    core.setOutput("safe-tx-hash", safeTxHash);
-    core.setOutput("transaction", JSON.stringify(transaction));
+    core.setOutput("tx-hash", safeTxHash);
+    core.setOutput("tx-details", JSON.stringify(transaction));
 
     core.info(`✅ Transaction proposed successfully!`);
     core.info(`🔗 Transaction Hash: ${safeTxHash}`);