From b6ff15ec0fabbeb9005354562e63150a4b4d0410 Mon Sep 17 00:00:00 2001
From: stormfrazier22 <stormfrazier22@gmail.com>
Date: Wed, 24 Jul 2024 12:39:26 -0500
Subject: [PATCH] Modify the string transformation to be more strict. This
 fixes an issue where a string like "9 9" would pass validation because all
 whitespace was being removed. This ensures that the string only contains
 digits and an optional decimal point, white still trimming leading and
 trailing whitespace

---
 src/number.ts | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/number.ts b/src/number.ts
index 91c0932d..3207808e 100644
--- a/src/number.ts
+++ b/src/number.ts
@@ -47,9 +47,10 @@ export default class NumberSchema<
 
         let parsed = value;
         if (typeof parsed === 'string') {
-          parsed = parsed.replace(/\s/g, '');
-          if (parsed === '') return NaN;
-          // don't use parseFloat to avoid positives on alpha-numeric strings
+          //Trim leading and trailing whitespace
+          parsed = parsed.trim();
+          //Only allow strings that consist of digits, possibly with a single decimal point
+          if (!/^\d+(\.\d+)?$/.test(parsed)) return NaN;
           parsed = +parsed;
         }