@newrelic/eslint-config 0.4.0 → 0.6.0

package/CHANGELOG.md

@@ -1,3 +1,24 @@
+### v0.6.0 (2025-08-12)
+
+#### Miscellaneous chores
+
+* Updated config ([#40](https://github.com/newrelic/eslint-config-newrelic/pull/40)) ([6e31965](https://github.com/newrelic/eslint-config-newrelic/commit/6e319656c6818461ca24ad57a3b564fcdbb1e28f))
+
+### v0.5.0 (2025-01-08)
+
+#### Features
+
+* Migrated to eslint@9 ([#37](https://github.com/newrelic/eslint-config-newrelic/pull/37)) ([f40248f](https://github.com/newrelic/eslint-config-newrelic/commit/f40248f8101db759449c1f137b56a02870f30012))
+
+#### Miscellaneous chores
+
+* Removed lockfile and added .npmrc ([#34](https://github.com/newrelic/eslint-config-newrelic/pull/34)) ([c578002](https://github.com/newrelic/eslint-config-newrelic/commit/c5780025fff0c92d6d9012e6132e84fb42ad2459))
+
+#### Continuous integration
+
+* Removed `use_new_release` input from prepare release workflow ([#27](https://github.com/newrelic/eslint-config-newrelic/pull/27)) ([115ac47](https://github.com/newrelic/eslint-config-newrelic/commit/115ac47ec5cd69655c9a7b3dcf63f91f79952ba4))
+* Updated CI process for releases ([#26](https://github.com/newrelic/eslint-config-newrelic/pull/26)) ([861d983](https://github.com/newrelic/eslint-config-newrelic/commit/861d983c74639af88a4f738abe24d73d959f1ca8))
+
 ### v0.4.0 (2024-01-02)
 
 * Set new baseline ECMAScript version

package/CONTRIBUTING.md

@@ -18,6 +18,30 @@ Before submitting an Issue, please search for similar ones in the
 2. Increase the version numbers in any examples files and the README.md to the new version that this Pull Request would represent. The versioning scheme we use is [SemVer](http://semver.org/).
 3. You may merge the Pull Request in once you have the sign-off of two other developers, or if you do not have permission to do that, you may request the second reviewer to merge it for you.
 
+### Commit Guidelines
+
+We use [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) to format commit messages for this repository. Conventional Commits provide a standardized format for commit messages that allows for automatic generation of changelogs and easy tracking of changes.
+
+When contributing to this repository, please ensure that your commit messages adhere to the Conventional Commit guidelines. Specifically, your commit messages should:
+
+* Start with a type, indicating the kind of change being made (e.g. `feat` for a new feature, `fix` for a bugfix, etc.). The types we support are:
+  * `build`: changes that affect the build system or external dependencies
+  * `chore`: changes that do not modify source or test files
+  * `ci`: changes to our CI configuration files and scripts
+  * `docs`: documentation additions or updates
+  * `feat`: new features or capabilities added to the agent
+  * `fix`: bugfixes or corrections to existing functionality
+  * `perf`: performance improvements
+  * `refactor`: changes that do not add new feature or fix bugs, but improve code structure or readability
+  * `revert`: revert a previous commit
+  * `security`: changes related to the security of the agent, including the updating of dependencies due to CVE
+  * `style` - changes that do not affect the meaning of the code (e.g. formatting, white-space, etc.)
+  * `test` - adding new tests or modifying existing tests
+* Use the imperative, present tense (e.g. "add feature" instead of "added feature")
+* Optionally, include a scope in parantheses after the type to indicate which part of the repository is affected (e.g. `feat(instrumentation): add support for Prisma Client`)
+
+Please note that we use the [Squash and Merge](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges#squash-and-merge-your-commits) method when merging Pull Requests into the main branch. We do not use the original commit messages from each individual commit. Instead, we use the Pull Request title as the commit message for the squashed commit, and as such, require that the Pull Request title adheres to our Conventional Commit standards. Any additional documentation or information relevant to the release notes should be added to the "optional extended description" section of the squash commit on merge.
+
 ## Contributor License Agreement
 
 Keep in mind that when you submit your Pull Request, you'll need to sign the CLA via the click-through using CLA-Assistant. If you'd like to execute our corporate CLA, or if you have any questions, please drop us an email at opensource@newrelic.com.

package/README.md

@@ -2,43 +2,73 @@
 
 # New Relic Eslint Config
 
-Base eslint configuration for New Relic Node.js agent team
+Base eslint configuration for New Relic Node.js agent team.
 
 ## Installation
 
 ```
-npm install --save-dev @newrelic/eslint-config
+npm install --save-dev @newrelic/eslint-config eslint
 ```
 
 ## Getting Started
 
-Add the following to your `.eslintrc.js`:
+Add the following to your `eslint.config.js`:
 
+```js
+'use strict'
+
+const sharedConfig = require('@newrelic/eslint-config')
+
+module.exports = [
+  ...sharedConfig.recommended
+]
 ```
-{
-  "extends": "@newrelic"
-}
-```
+
+That should be all you need to do for a simple project. However, some projects
+have requirements that go beyond the baseline. In order to support such
+projects, all of the internal configuration and plugins are exported:
+
++ `configs`: An object where the keys are descriptive names of eslint
+configuration objects, and the values are those configuration objects.
++ `plugins`: An object where the keys are plugin names, and the values are
+those plugins.
++ `recommended`: An array of the baseline configurations.
 
 ## Support
 
-New Relic hosts and moderates an online forum where customers can interact with New Relic employees as well as other customers to get help and share best practices. Like all official New Relic open source projects, there's a related Community topic in the New Relic Explorers Hub. You can find this project's topic/threads [here](https://forum.newrelic.com).
+New Relic hosts and moderates an online forum where customers can interact with
+New Relic employees as well as other customers to get help and share best
+practices. Like all official New Relic open source projects, there's a related
+Community topic in the New Relic Explorers Hub. You can find this project's
+topic/threads [here](https://forum.newrelic.com).
 
 ## Contribute
 
-We encourage your contributions to improve [project name]! Keep in mind that when you submit your pull request, you'll need to sign the CLA via the click-through using CLA-Assistant. You only have to sign the CLA one time per project.
+We encourage your contributions to improve [project name]! Keep in mind that
+when you submit your pull request, you'll need to sign the CLA via the
+click-through using CLA-Assistant. You only have to sign the CLA one time
+per project.
 
-If you have any questions, or to execute our corporate CLA (which is required if your contribution is on behalf of a company), drop us an email at opensource@newrelic.com.
+If you have any questions, or to execute our corporate CLA (which is required if
+your contribution is on behalf of a company), drop us an email at
+opensource@newrelic.com.
 
 **A note about vulnerabilities**
 
-As noted in our [security policy](../../security/policy), New Relic is committed to the privacy and security of our customers and their data. We believe that providing coordinated disclosure by security researchers and engaging with the security community are important means to achieve our security goals.
+As noted in our [security policy](../../security/policy), New Relic is committed
+to the privacy and security of our customers and their data. We believe that
+providing coordinated disclosure by security researchers and engaging with the
+security community are important means to achieve our security goals.
 
-If you believe you have found a security vulnerability in this project or any of New Relic's products or websites, we welcome and greatly appreciate you reporting it to New Relic through [HackerOne](https://hackerone.com/newrelic).
+If you believe you have found a security vulnerability in this project or any of
+New Relic's products or websites, we welcome and greatly appreciate you
+reporting it to New Relic through [HackerOne](https://hackerone.com/newrelic).
 
-If you would like to contribute to this project, review [these guidelines](./CONTRIBUTING.md).
+If you would like to contribute to this project, review
+[these guidelines](./CONTRIBUTING.md).
 
 
 ## License
-New Relic Eslint Config is licensed under the [Apache 2.0](http://apache.org/licenses/LICENSE-2.0.txt) License.
+New Relic Eslint Config is licensed under the
+[Apache 2.0](http://apache.org/licenses/LICENSE-2.0.txt) License.
 

package/eslint-plugin-newrelic-header.js

@@ -0,0 +1,71 @@
+/*
+ * Copyright 2024 New Relic Corporation. All rights reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+'use strict'
+
+const headerTmpl = `
+/*
+ * Copyright {{year}} New Relic Corporation. All rights reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+`.trim()
+
+const rule = {
+  meta: {
+    type: 'layout',
+    fixable: 'whitespace',
+    schema: false
+  },
+
+  create (context) {
+    return {
+      Program (node) {
+        const src = context.sourceCode.getText()
+        if (hasHeader(src) === true) {
+          return
+        }
+        context.report({
+          loc: node.loc,
+          message: 'missing or invalid header',
+          fix (fixer) {
+            const rendered = headerTmpl.replace('{{year}}', new Date().getFullYear() + '') + '\n\n'
+            if (hasShebang(src) === true) {
+              return fixer.insertTextAfterRange([0, src.indexOf('\n')], '\n' + rendered)
+            }
+            return fixer.insertTextBefore(
+              node,
+              rendered
+            )
+          }
+        })
+      }
+    }
+  }
+}
+
+module.exports = {
+  meta: {
+    name: 'eslint-plugin-newrelic-header',
+    version: '1.0.0'
+  },
+  rules: {
+    header: rule
+  }
+}
+
+function hasShebang (src) {
+  return /^#!\s?\//.test(src)
+}
+
+function hasHeader (src) {
+  const headerLines = src.split('\n').slice(0, 5)
+  if (hasShebang(src) === true) {
+    headerLines.shift()
+  }
+  return headerLines[0] === '/*' &&
+    / \* Copyright \d{4} New Relic Corporation\. All rights reserved\./.test(headerLines[1]) === true &&
+    / \* SPDX-License-Identifier: Apache-2\.0/.test(headerLines[2]) === true &&
+    headerLines[3] === ' */'
+}

package/index.js

@@ -1,133 +1,182 @@
-/*
- * Copyright 2020 New Relic Corporation. All rights reserved.
- * SPDX-License-Identifier: Apache-2.0
- */
-
 'use strict'
-const currentYear = new Date().getFullYear()
 
-module.exports = {
-  env: {
-    es6: true,
-    node: true,
-    browser: false
-  },
-  extends: [
-    'plugin:node/recommended',
-    'plugin:prettier/recommended',
-    'plugin:sonarjs/recommended'
-  ],
-  parserOptions: {
-    ecmaVersion: 'latest'
+const neostandard = require('neostandard')
+const json = require('@eslint/json').default
+const sonarjs = require('eslint-plugin-sonarjs')
+const header = require('./eslint-plugin-newrelic-header.js')
+
+// The new eslint configuration format is a simple array of configuration
+// objects. See https://eslint.org/docs/latest/use/configure/configuration-files#configuration-objects.
+//
+// While working on the config, it can be helpful to run:
+//  npx @eslint/config-inspector
+
+const plugins = {
+  ...neostandard.plugins,
+  json,
+  sonarjs,
+  header
+}
+
+const nodeRecommended = neostandard.plugins.n.configs['flat/recommended']
+delete nodeRecommended.languageOptions.sourceType
+nodeRecommended.rules['n/no-unsupported-features/node-builtins'] = ['error', { version: '>=18.8.0' }]
+nodeRecommended.rules['n/no-process-exit'] = 'off'
+nodeRecommended.rules['n/no-deprecated-api'] = [
+  'error',
+  {
+    ignoreModuleItems: [
+      'url.parse'
+    ]
+  }
+]
+
+const baselineNewRelicConfig = {
+  plugins: {
+    header,
   },
-  plugins: [
-    'header',
-    'prettier',
-    'sonarjs'
-  ],
-  ignorePatterns: ['invalid-json/'],
+
   rules: {
-    'brace-style': 'error',
-    'comma-style': ['error', 'last'],
-    'consistent-return': 'error',
-    curly: 'error',
-    'eol-last': 'error',
-    eqeqeq: ['error', 'smart'],
-    camelcase: ['error', {properties: 'never'}],
-    'dot-notation': 'error',
-    'func-names': 'error',
-    'guard-for-in': 'error',
-    'header/header': ['error', 'block', [
-      '',
-      {
-        pattern: ' * Copyright \\d{4} New Relic Corporation. All rights reserved.',
-        template: ` * Copyright ${currentYear} New Relic Corporation. All rights reserved.`
-      },
-      ' * SPDX-License-Identifier: Apache-2.0',
-      ' '
-    ], 2],
-    'keyword-spacing': 'error',
-    'max-nested-callbacks': ['error', 3],
-    'max-params': ['error', 5],
-    'new-cap': 'error',
-    'no-const-assign': 'error',
+    'consistent-return': 'off',
     'no-console': 'warn',
-    'no-debugger': 'error',
-    'no-else-return': 'error',
-    'no-floating-decimal': 'error',
-    'no-lonely-if': 'error',
-    'no-mixed-requires': 'error',
-    'no-multiple-empty-lines': 'error',
-    'no-multi-spaces': ['error', { ignoreEOLComments: true }],
-    'no-new': 'error',
-    'no-new-func': 'warn',
-    'no-shadow': ['warn', {allow: ['shim']}],
-    'no-undef': 'error',
-    'no-unused-vars': 'error',
-    'no-use-before-define': ['error', {functions: false, classes: false}],
-    'node/shebang': 'off',
-    'node/no-deprecated-api': [
-      'error',
-      {
-        ignoreModuleItems: [
-          'url.parse'
-        ]
-      }
-    ],
-    'one-var': ['error', 'never'],
-    'padded-blocks': ['error', 'never'],
-    'prettier/prettier': [
-      'error',
-      {
-        arrowParens: 'always',
-        printWidth: 100,
-        quoteProps: 'consistent',
-        semi: false,
-        singleQuote: true,
-        tabWidth: 2,
-        trailingComma: 'none',
-        useTabs: false
-      }
-    ],
-    radix: 'error',
-    'space-before-blocks': 'error',
-    'space-infix-ops': 'error',
-    'spaced-comment': 'error',
-    'space-unary-ops': 'error',
-    strict: 'error',
-    'use-isnan': 'error',
-    'wrap-iife': 'error',
-    'prefer-const': 'error',
-    'no-var': 'warn'
+
+    // Enable file header checking and autocorrection.
+    'header/header': 'error',
+
+    // This one enforces `!!thing` syntax, which some folks find difficult
+    // to read:
+    'no-unneeded-ternary': 'off',
+
+    // There are times we'd rather have import statements close to the
+    // thing that needed them:
+    'import-x/first': 'off',
+
+    // Prefer single quotes, but utilize others to avoid escaping:
+    '@stylistic/quotes': ['error', 'single', { avoidEscape: true }],
+
+    // Neostandard sets this to "warn", but we'd like "error":
+    'object-shorthand': 'error',
+
+    // @eslint/config-inspector has highlighted this rule as being deprecated.
+    // We don't JSX anyway, so goodbye:
+    '@stylistic/jsx-indent': 'off',
+
+    // These neostandard would generate unnecessary noise:
+    '@stylistic/space-before-function-paren': 'off',
+
+    // Enforce consistency for arrow functions:
+    'arrow-body-style': ['error', 'as-needed', { requireReturnForObjectLiteral: true }],
+    '@stylistic/arrow-parens': ['error', 'always'],
+    '@stylistic/implicit-arrow-linebreak': ['error', 'beside'],
+    '@stylistic/no-confusing-arrow': 'error',
+
+    // Enforce consistency for ternary statements:
+    '@stylistic/multiline-ternary': ['error', 'always-multiline'],
+    'no-nested-ternary': 'error',
+
+    // Function styling:
+    '@stylistic/function-call-argument-newline': ['error', 'consistent'],
+    '@stylistic/function-paren-newline': ['error', 'consistent'],
+
+    // Object declaration styling:
+    // TODO: add destructuring when the rule is available https://github.com/eslint-stylistic/eslint-stylistic/pull/840
+    '@stylistic/object-curly-newline': ['error', {
+      // e.g. const foo = { a }
+      ObjectExpression: { consistent: true },
+      // e.g. const { a } = foo
+      ObjectPattern: { consistent: true },
+      // e.g. import { a } from foo
+      ImportDeclaration: { multiline: true },
+      // e.g. export { a }
+      ExportDeclaration: { consistent: true }
+    }]
   },
-  overrides: [
+
+  linterOptions: {
+    reportUnusedDisableDirectives: 'error'
+  }
+}
+
+const configs = {
+  baselineNewRelicConfig,
+  nodeRecommended,
+
+  neostandard: neostandard(),
+
+  json: [
     {
-      files: [
-        'test/versioned/**/**',
-        'tests/versioned/**/**'
-      ],
-      rules: {
-        'node/no-extraneous-require': 'off',
-        'node/no-missing-require': 'off',
-        'node/no-unpublished-require': 'off',
-        'node/no-unpublished-import': 'off',
-        'node/no-extraneous-import': 'off',
-        'node/no-missing-import': 'off',
-      }
+      files: ['**/*.json'],
+      plugins: { json },
+      language: 'json/json',
+      ignores: ['package-lock.json'],
+      rules: json.configs.recommended.rules
     },
     {
-      files: [
-        'test/**/**/**',
-        'tests/**/**/**'
-      ],
-      rules: {
-        'func-names': 'off',
-        'max-nested-callbacks': 'off',
-        'no-shadow': ['warn', { allow: ['t', 'err', 'shim', 'error'] }],
-        // TODO: remove these overrides as part of https://issues.newrelic.com/browse/NEWRELIC-5257
-        'sonarjs/no-duplicate-string': 'off',
-        'sonarjs/cognitive-complexity': 'off'
-      }
+      files: ['**/*.jsonc'],
+      plugins: { json },
+      language: 'json/jsonc',
+      rules: json.configs.recommended.rules
+    },
+  ],
+
+  sonarjsBaselineOverrides: {
+    rules: {
+      // This rule picks up inlined lambda functions as a violation:
+      'sonarjs/no-nested-functions': 'off',
+
+      // Don't bug us. We'll get to it (maybe):
+      'sonarjs/todo-tag': 'warn',
+      'sonarjs/fixme-tag': 'warn',
+
+      // Sonar be on that stuff. `static readonly FOO` is not valid JavaScript:
+      'sonarjs/public-static-readonly': 'off',
+
+      // Agree to disagree on their explanation for this one:
+      'sonarjs/no-parameter-reassignment': 'off'
     }
+  },
+
+  sonarjsTestsOverrides: {
+    rules: {
+      // We sometimes need to shadow things like Promise for testing:
+      'sonarjs/no-globals-shadowing': 'off',
+      // Sonar doesn't like our test files that build tests:
+      'sonarjs/no-empty-test-file': 'off',
+      // Some of our tests hit local HTTP endpoints:
+      'sonarjs/no-clear-text-protocols': 'off',
+      // We don't always need secure random in tests:
+      'sonarjs/pseudo-random': 'off',
+      // We need to use `os.exec` and such at times:
+      'sonarjs/os-command': 'off',
+      'sonarjs/no-os-command-from-path': 'off',
+      // We have to use bunk passwords in tests:
+      'sonarjs/no-hardcoded-passwords': 'off',
+      // We will have slow regular expressions in tests and it is okay:
+      'sonarjs/slow-regex': 'off',
+      // The x-powered-by header has no bearing on the quality of our tests:
+      'sonarjs/x-powered-by': 'off',
+      // We sometimes need to build new functions via `new Function`:
+      'sonarjs/code-eval': 'off',
+      'no-new-func': 'off',
+      // Sometimes we add dummy values that sonar doesn't like:
+      'sonarjs/no-hardcoded-ip': 'off',
+      // We need some side effect constructors in tests:
+      'sonarjs/constructor-for-side-effects': 'off',
+      // Tests don't need "safe" permissions:
+      'sonarjs/file-permissions': 'off',
+    }
+  }
+}
+
+module.exports = {
+  configs,
+  plugins,
+  recommended: [
+    ...neostandard(),
+    sonarjs.configs.recommended,
+    configs.sonarjsBaselineOverrides,
+    nodeRecommended,
+    ...configs.json,
+    baselineNewRelicConfig
   ]
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@newrelic/eslint-config",
-  "version": "0.4.0",
+  "version": "0.6.0",
   "description": "Eslint ruleset for New Relic Node.js agent",
   "main": "index.js",
   "scripts": {
@@ -12,25 +12,21 @@
   ],
   "author": "New Relic Node.js agent team <nodejs@newrelic.com>",
   "license": "Apache-2.0",
-  "devDependencies": {},
-  "dependencies": {
-    "eslint": "^8.24.0",
-    "eslint-config-prettier": "^9.1.0",
-    "eslint-plugin-header": "^3.1.1",
-    "eslint-plugin-node": "^11.1.0",
-    "eslint-plugin-prettier": "^5.1.2",
-    "eslint-plugin-sonarjs": "^0.23.0",
-    "prettier": "^3.1.1"
-  },
-  "engines": {
-    "node": ">=12"
-  },
   "repository": {
     "type": "git",
     "url": "https://github.com/newrelic/eslint-config-newrelic"
   },
   "files": [
     "index.js",
+    "eslint-plugin-newrelic-header.js",
     "*.md"
-  ]
+  ],
+  "peerDependencies": {
+    "eslint": "^9.17.0"
+  },
+  "dependencies": {
+    "@eslint/json": "^0.13.1",
+    "eslint-plugin-sonarjs": "^3.0.4",
+    "neostandard": "^0.12.2"
+  }
 }