the AST version of the code is vastly superior IMHO. The knowledge about what constitutes an access modifier is already encoded in the system so it makes more sense to just call the method to test the type of node. The regexp solution may be expedient, but it's not as resilient to change -- if new access modifiers are added in the future it's very likely this code won't be updated, which will be the source of a bug.

Your validation functions should also treat undefined and '' as the same. This is not too difficult since both undefined and '' are falsy in javascript. So a "required" validation rule would just be error = value ? undefined : 'Required'.

As to why both is_a? and kind_of? exist: I suppose it's part of Ruby's design philosophy. Python would say there should only be one way to do something; Ruby often has synonymous methods so you can use the one that sounds better. It's a matter of preference.

When there are imperfections, we rely on users and our active community to tell us how the software is not working correctly, so we can fix it. The way we do that, and have done for 15 years now, is via bug reports. Discussion is great, but detailed bug reports are better for letting developers know what’s wrong.

I think it would be much better to whitelist registries