Apply additional form field validation before and after submission

[allanlasser]

Layering in form/field validation would be an improvement for UX, app stability, and security.

I've used zod before, although in my experience it doesn't play well with FormData. With zod, you define a schema and use it to evaluate objects/values. It's framework independent and would be useful for validating server action inputs.

svelte-form would be another option, and I'm sure there are others worth considering, too. svelte-form maintains form stores and provides bindings to know whether a form has valid or invalid before submission. It's unclear to me if it provides utilities for validation inside a server action.

[eyeseast]

We already have ajv in the stack, too. That's actually doing an initial form validation. We just don't do anything with the errors that come back.