Fix: Add maximum length validation for communityName and communityBio (issue #129)

[anshul23102]

Summary

Adds maximum length validation constraints to the communityName and communityBio fields in the signup form schema. These fields previously had only minimum length requirements, allowing users to submit arbitrarily long strings that could cause UI layout issues, database storage bloat, and field overflow.

Problem Statement

The signup schema in src/features/Auth/v1/hooks/useSignupForm.ts validates input fields with only minimum length constraints:

communityName: z.string().min(2, "Community name must be at least 2 characters"),
communityBio: z.string().min(10, "Bio must be at least 10 characters"),

Without maximum length constraints:

1. Users can submit community names or bios containing thousands of characters
2. Oversized community names cause layout corruption in UI elements (headers, sidebars, dropdowns)
3. Oversized bios inflate database storage and exceed column width limits
4. No validation feedback to users when they exceed reasonable limits

Solution

Added maximum length constraints:

• communityName: Limited to 100 characters (suitable for community header displays)
• communityBio: Limited to 500 characters (suitable for textarea display and database storage)

These limits are:

• Reasonable: Accommodates typical community descriptions while preventing abuse
• Enforced at validation: Zod validates before submission, providing immediate user feedback
• Clearly communicated: Error messages inform users of exceeded limits

Changes Made

File: src/features/Auth/v1/hooks/useSignupForm.ts

Before:

communityName: z.string().min(2, "Community name must be at least 2 characters"),
communityBio: z.string().min(10, "Bio must be at least 10 characters"),

After:

communityName: z.string().min(2, "Community name must be at least 2 characters").max(100, "Community name must not exceed 100 characters"),
communityBio: z.string().min(10, "Bio must be at least 10 characters").max(500, "Bio must not exceed 500 characters"),

Testing

The changes can be tested by:

1. Frontend validation:

   • Navigate to community signup form (step 1)
   • Enter community name exceeding 100 characters
   • Verify validation error message appears
   • Verify form submission is blocked

2. Bio validation:

   • On the same form
   • Enter bio text exceeding 500 characters
   • Verify validation error message appears
   • Verify form submission is blocked

3. Valid submissions:

   • Enter community name with 2-100 characters
   • Enter bio with 10-500 characters
   • Verify form validation passes and submission proceeds

Impact

• User Experience: Users receive clear feedback when field limits are exceeded
• Data Integrity: Prevents oversized values from corrupting database or UI
• Security: Reduces attack surface for DoS via input bloat
• Compliance: Aligns with UI/UX best practices for form validation

Related Issues

Fixes #129

[anshul23102]

Program Attribution & Label Request

This contribution is being made under NSoC'26 (Nexus Spring of Code 2026).

Recommended Labels

To help track and prioritize this work, I recommend adding the following labels to this PR:

• bug - Addresses input validation issue
• type:security - Prevents data integrity issues and DoS attacks
• NSoC'26 - Program attribution
• input-validation - Category for input validation improvements

These labels will help with:

• Tracking NSoC'26 contributions
• Categorizing bug fixes
• Visibility of security improvements
• Community recognition of program participation

Thank you for reviewing this PR!

[anshul23102]

Issue Resolution Summary

Fixes: #129

What This PR Addresses

Issue #129 identified a validation vulnerability where the signup form schema accepted arbitrarily long strings for:

• communityName (had min: 2 characters, no max)
• communityBio (had min: 10 characters, no max)

Solution Provided

Added reasonable maximum length constraints:

• communityName: max 100 characters

  • Prevents layout corruption in UI components
  • Suitable for header displays
  • Clear error message when exceeded

• communityBio: max 500 characters

  • Matches typical textarea sizing
  • Balances detail with storage efficiency
  • Professional community bio length

Testing Status

Ready for testing:

1. Validation works correctly for inputs within limits
2. Validation error messages display when limits exceeded
3. Form submission blocked for oversized inputs
4. Error messages match existing code patterns

All changes follow the Zod validation pattern already established in the codebase.

[gemini-code-assist]

Code Review

This pull request updates the signupSchema in useSignupForm.ts by adding maximum length constraints to both communityName (maximum 100 characters) and communityBio (maximum 500 characters). The reviewer recommends trimming whitespace from these inputs before validation to prevent users from bypassing minimum length requirements with spaces or including accidental leading/trailing spaces.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[gemini-code-assist]

It is recommended to trim whitespace from the input strings before validating their length. Without .trim(), users can bypass the minimum length requirements by entering spaces, or accidentally include leading/trailing spaces that count towards the maximum length limit.

Suggested change

	communityName: z.string().min(2, "Community name must be at least 2 characters").max(100, "Community name must not exceed 100 characters"),
	communityBio: z.string().min(10, "Bio must be at least 10 characters").max(500, "Bio must not exceed 500 characters"),
	communityName: z.string().trim().min(2, "Community name must be at least 2 characters").max(100, "Community name must not exceed 100 characters"),
	communityBio: z.string().trim().min(10, "Bio must be at least 10 characters").max(500, "Bio must not exceed 500 characters"),