TypeScript-first policy evaluation library for rule-based validation and decision-making

Bantai

Bantai is a powerful, type-safe policy evaluation library that enables you to build complex validation and decision-making logic using composable rules and policies. Built with TypeScript and Zod, it provides end-to-end type safety while remaining flexible enough to handle diverse use cases.

Website: https://bantai.vercel.app/

What is Bantai?

Bantai helps you build policy-based decision systems where you can:

Define Contexts: Create type-safe schemas for your input data using Zod
Create Rules: Write individual validation rules that return typed allow() or deny() responses
Compose Policies: Group multiple rules into policies with custom evaluation strategies
Evaluate Decisions: Get instant decisions with detailed violation information

Key Features

Type Safety: Full TypeScript support with type inference from Zod schemas
Flexible Strategies: Choose between preemptive (fail-fast) or exhaustive (collect all violations) evaluation
Extensible: Add tools like storage and rate limiting through extensions
Async Support: Rules can be synchronous or asynchronous
Hooks: Execute side effects on allow/deny with rule hooks
Composable: Build complex policies from simple, reusable rules

Packages

This monorepo contains the following packages:

@bantai-dev/core - Core policy evaluation library
@bantai-dev/with-rate-limit - Rate limiting extension for Bantai
@bantai-dev/with-storage - Storage plugin for Bantai
@bantai-dev/storage-redis - Redis storage adapter for Bantai

Quick Example

import { z } from 'zod';
import { defineContext, defineRule, definePolicy, evaluatePolicy, allow, deny } from '@bantai-dev/core';

// 1. Define context schema
const ageContext = defineContext(
  z.object({
    age: z.number().min(0).max(150),
  })
);

// 2. Define a rule
const ageVerificationRule = defineRule(
  ageContext,
  'age-verification',
  async (input) => {
    if (input.age >= 18) {
      return allow({ reason: 'User is of legal age' });
    }
    return deny({ reason: 'User must be 18 or older' });
  }
);

// 3. Define a policy
const agePolicy = definePolicy(
  ageContext,
  'age-verification-policy',
  [ageVerificationRule],
  {
    defaultStrategy: 'preemptive',
  }
);

// 4. Evaluate policy
const result = await evaluatePolicy(agePolicy, { age: 25 });

console.log(result.decision); // 'allow' or 'deny'
console.log(result.isAllowed); // true or false
console.log(result.violatedRules); // Array of violations
console.log(result.evaluatedRules); // Array of all evaluated rules

Getting Started

Ready to start building with Bantai? Check out our Getting Started Guide to learn how to install and use Bantai in your project.

Documentation

Getting Started - Installation and quick start
Concepts - Core concepts: contexts, rules, policies
API Reference - Complete API documentation
Examples - Real-world examples and use cases
Extensions - Rate limiting, storage, and Redis adapters

Use Cases

Bantai is designed for policy-based decision-making across various domains:

Business Rule Enforcement: Validate business logic across your application
Compliance & Validation: Ensure regulatory compliance and data validation
Quota Management: Track and enforce usage limits (API quotas, AI tokens, etc.)
Payment Processing: Validate transactions, fraud checks, and account status
E-commerce: Order validation, inventory checks, shipping restrictions
Multi-tenant SaaS: Tenant isolation, feature access control
Content Moderation: Spam detection, profanity filtering, content policies
Financial Services: Banking transactions, crypto trading, KYC/AML checks

Requirements

Node.js >= 18
TypeScript >= 5.0
Zod >= 4.3.5

License

This project is licensed under the MIT License.

Introduction