biome-plugin-drizzle 0.0.2

package/LICENSE

@@ -0,0 +1,26 @@
+MIT License
+
+Copyright (c) 2024 biome-plugin-drizzle contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+---
+
+This plugin is inspired by eslint-plugin-drizzle from the Drizzle Team.
+See: https://github.com/drizzle-team/drizzle-orm/tree/main/eslint-plugin-drizzle

package/README.md

@@ -0,0 +1,234 @@
+# biome-plugin-drizzle
+
+Biome linter plugin for Drizzle ORM safety rules. Enforces `.where()` clauses on delete and update operations to prevent accidental data loss.
+
+This plugin is a port of [eslint-plugin-drizzle](https://github.com/drizzle-team/drizzle-orm/tree/main/eslint-plugin-drizzle) for the [Biome](https://biomejs.dev/) toolchain.
+
+## Features
+
+- **enforce-delete-with-where**: Catches `.delete()` calls without `.where()` that would delete all rows
+- **enforce-update-with-where**: Catches `.update().set()` calls without `.where()` that would update all rows
+- **Object name filtering**: Optionally restrict rules to specific Drizzle object names (e.g., `db`, `tx`)
+- **CLI generator**: Generate customized plugin configurations
+
+## Installation
+
+```bash
+npm install -D biome-plugin-drizzle @biomejs/biome
+```
+
+## Quick Setup
+
+### Option 1: Using the CLI (Recommended)
+
+```bash
+# Initialize with default settings (broad matching)
+npx biome-plugin-drizzle init
+
+# Or initialize with object name filtering (reduces false positives)
+npx biome-plugin-drizzle init --object-names db,tx
+```
+
+### Option 2: Manual Configuration
+
+Add the plugin to your `biome.json`:
+
+```json
+{
+  "$schema": "https://biomejs.dev/schemas/2.0.0/schema.json",
+  "plugins": ["./node_modules/biome-plugin-drizzle/dist/drizzle.grit"],
+  "linter": {
+    "enabled": true
+  }
+}
+```
+
+> **Note:** This plugin requires Biome 2.0.0 or later, which introduced support for GritQL plugins.
+
+Then run Biome:
+
+```bash
+npx biome lint .
+```
+
+## Configuration
+
+### Default Plugin (Broad Matching)
+
+The default plugin matches any `.delete()` or `.update().set()` call, which may cause false positives if you have other classes with similar method names.
+
+```json
+{
+  "plugins": ["./node_modules/biome-plugin-drizzle/dist/drizzle.grit"]
+}
+```
+
+### Generated Plugin (Object Name Filtering)
+
+To reduce false positives, generate a customized plugin that only matches specific object names:
+
+```bash
+# Generate a plugin that only matches 'db' and 'tx' objects
+npx biome-plugin-drizzle generate --out ./.biome/drizzle.grit --object-names db,tx
+```
+
+Then update your `biome.json`:
+
+```json
+{
+  "plugins": ["./.biome/drizzle.grit"]
+}
+```
+
+This is equivalent to the ESLint plugin's `drizzleObjectName` option:
+
+```javascript
+// ESLint equivalent
+{
+  "drizzle/enforce-delete-with-where": ["error", { "drizzleObjectName": ["db", "tx"] }]
+}
+```
+
+## Rules
+
+### drizzle/enforce-delete-with-where
+
+Ensures all `.delete()` operations include a `.where()` clause to prevent accidental deletion of entire tables.
+
+#### Failing Examples
+
+```typescript
+// Will delete ALL rows in the users table!
+db.delete(users);
+
+// Still deletes all rows (returning doesn't add safety)
+db.delete(users).returning();
+
+// Async operations without where
+await db.delete(posts);
+```
+
+#### Passing Examples
+
+```typescript
+// Safe: has where clause
+db.delete(users).where(eq(users.id, 1));
+
+// Safe: where can be anywhere in the chain
+db.delete(users).returning().where(eq(users.id, 1));
+
+// Safe: with CTEs
+db.with(someCte).delete(users).where(eq(users.id, 1));
+```
+
+### drizzle/enforce-update-with-where
+
+Ensures all `.update().set()` operations include a `.where()` clause to prevent accidental updates to entire tables.
+
+#### Failing Examples
+
+```typescript
+// Will update ALL rows in the users table!
+db.update(users).set({ name: "John" });
+
+// Still updates all rows
+db.update(users).set({ status: "active" }).returning();
+
+// Async operations without where
+await db.update(posts).set({ views: 0 });
+```
+
+#### Passing Examples
+
+```typescript
+// Safe: has where clause
+db.update(users).set({ name: "John" }).where(eq(users.id, 1));
+
+// Safe: where can be anywhere in the chain
+db.update(users).set({ email: "new@email.com" }).returning().where(eq(users.id, 1));
+
+// Safe: complex conditions
+db.update(users)
+  .set({ verified: true })
+  .where(and(eq(users.status, "pending"), gt(users.age, 18)));
+```
+
+## CLI Reference
+
+### `init`
+
+Initialize biome-plugin-drizzle in your project.
+
+```bash
+npx biome-plugin-drizzle init [options]
+```
+
+Options:
+- `-c, --config <path>`: Path to biome.json (default: `./biome.json`)
+- `--object-names <names>`: Comma-separated list of Drizzle object names
+- `--out <path>`: Output path for generated .grit file (default: `./.biome/drizzle.grit`)
+
+### `generate`
+
+Generate a customized .grit plugin file.
+
+```bash
+npx biome-plugin-drizzle generate --out <path> [options]
+```
+
+Options:
+- `-o, --out <path>`: Output path for the generated .grit file (required)
+- `--object-names <names>`: Comma-separated list of Drizzle object names
+- `--no-delete-rule`: Exclude the enforce-delete-with-where rule
+- `--no-update-rule`: Exclude the enforce-update-with-where rule
+
+### `print-path`
+
+Print the path to the installed default plugin.
+
+```bash
+npx biome-plugin-drizzle print-path [--absolute]
+```
+
+Options:
+- `--absolute`: Print the absolute path instead of relative
+
+## Limitations
+
+### Biome Plugin System
+
+- Biome linter plugins are currently GritQL-based and can only report diagnostics
+- Unlike ESLint, Biome plugins cannot accept configuration options in `biome.json`
+- Workaround: Use the CLI generator to create customized plugins with object name filtering
+
+### Pattern Matching
+
+- The plugin uses structural pattern matching, which may not catch all edge cases
+- Complex dynamic code patterns may not be detected
+- When in doubt, add explicit `.where()` clauses to your queries
+
+## How to Release
+
+1. Update version in `package.json`
+2. Update CHANGELOG if you have one
+3. Build and test:
+   ```bash
+   npm run build
+   npm test
+   ```
+4. Publish to npm:
+   ```bash
+   npm publish
+   ```
+
+## Contributing
+
+Contributions are welcome! Please feel free to submit issues and pull requests.
+
+## License
+
+MIT
+
+---
+
+Inspired by [eslint-plugin-drizzle](https://github.com/drizzle-team/drizzle-orm/tree/main/eslint-plugin-drizzle) from the Drizzle Team.

package/dist/cli.d.ts

@@ -0,0 +1,11 @@
+#!/usr/bin/env node
+/**
+ * CLI for biome-plugin-drizzle
+ *
+ * Commands:
+ * - init: Initialize plugin configuration in the current project
+ * - generate: Generate a customized .grit plugin file
+ * - print-path: Print the path to the installed plugin
+ */
+export {};
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAEA;;;;;;;GAOG"}

package/dist/cli.js

@@ -0,0 +1,128 @@
+#!/usr/bin/env node
+/**
+ * CLI for biome-plugin-drizzle
+ *
+ * Commands:
+ * - init: Initialize plugin configuration in the current project
+ * - generate: Generate a customized .grit plugin file
+ * - print-path: Print the path to the installed plugin
+ */
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
+import { dirname, join, resolve } from "node:path";
+import { program } from "commander";
+import { generatePlugin } from "./generator.js";
+import { getPluginPath, getRelativePluginPath } from "./utils.js";
+const packageJson = JSON.parse(readFileSync(join(dirname(getPluginPath()), "..", "package.json"), "utf-8"));
+program
+    .name("biome-plugin-drizzle")
+    .description("CLI for biome-plugin-drizzle - Drizzle ORM safety rules")
+    .version(packageJson.version);
+program
+    .command("init")
+    .description("Initialize biome-plugin-drizzle in your project")
+    .option("-c, --config <path>", "Path to biome.json config file", "./biome.json")
+    .option("--object-names <names>", "Comma-separated list of Drizzle object names (e.g., db,tx)")
+    .option("--out <path>", "Output path for generated .grit file (only used with --object-names)")
+    .action((options) => {
+    const configPath = resolve(options.config);
+    // Determine plugin path
+    let pluginPath;
+    if (options.objectNames) {
+        // Generate a custom plugin with object name filtering
+        const objectNames = options.objectNames
+            .split(",")
+            .map((n) => n.trim())
+            .filter(Boolean);
+        const outputPath = options.out || "./.biome/drizzle.grit";
+        const absoluteOutputPath = resolve(outputPath);
+        // Ensure output directory exists
+        const outputDir = dirname(absoluteOutputPath);
+        if (!existsSync(outputDir)) {
+            mkdirSync(outputDir, { recursive: true });
+        }
+        // Generate and write the plugin
+        const content = generatePlugin({ objectNames });
+        writeFileSync(absoluteOutputPath, content);
+        console.log(`Generated custom plugin at: ${absoluteOutputPath}`);
+        console.log(`Object name filter: ${objectNames.join(", ")}`);
+        pluginPath = outputPath;
+    }
+    else {
+        // Use the default plugin from node_modules
+        pluginPath = getRelativePluginPath();
+        console.log(`Using default plugin from: ${pluginPath}`);
+    }
+    // Update or create biome.json
+    let biomeConfig = {};
+    if (existsSync(configPath)) {
+        try {
+            biomeConfig = JSON.parse(readFileSync(configPath, "utf-8"));
+        }
+        catch {
+            console.error(`Error: Could not parse ${configPath}`);
+            process.exit(1);
+        }
+    }
+    // Add or update plugins array
+    const plugins = biomeConfig.plugins || [];
+    if (!plugins.includes(pluginPath)) {
+        plugins.push(pluginPath);
+    }
+    biomeConfig.plugins = plugins;
+    writeFileSync(configPath, `${JSON.stringify(biomeConfig, null, 2)}\n`);
+    console.log(`Updated ${configPath} with plugin configuration`);
+    console.log("\nSetup complete! Run 'biome lint' to check your code.");
+});
+program
+    .command("generate")
+    .description("Generate a customized .grit plugin file")
+    .requiredOption("-o, --out <path>", "Output path for the generated .grit file")
+    .option("--object-names <names>", "Comma-separated list of Drizzle object names to match (e.g., db,tx)")
+    .option("--no-delete-rule", "Exclude the enforce-delete-with-where rule")
+    .option("--no-update-rule", "Exclude the enforce-update-with-where rule")
+    .action((options) => {
+    const outputPath = resolve(options.out);
+    // Parse object names if provided
+    const objectNames = options.objectNames
+        ?.split(",")
+        .map((n) => n.trim())
+        .filter(Boolean);
+    // Generate the plugin content
+    const content = generatePlugin({
+        objectNames,
+        includeDeleteRule: options.deleteRule,
+        includeUpdateRule: options.updateRule,
+    });
+    // Ensure output directory exists
+    const outputDir = dirname(outputPath);
+    if (!existsSync(outputDir)) {
+        mkdirSync(outputDir, { recursive: true });
+    }
+    // Write the plugin file
+    writeFileSync(outputPath, content);
+    console.log(`Generated plugin at: ${outputPath}`);
+    if (objectNames?.length) {
+        console.log(`Object name filter: ${objectNames.join(", ")}`);
+    }
+    else {
+        console.log("Object name filter: none (matches all objects)");
+    }
+    console.log(`Delete rule: ${options.deleteRule ? "enabled" : "disabled"}`);
+    console.log(`Update rule: ${options.updateRule ? "enabled" : "disabled"}`);
+    console.log("\nAdd the following to your biome.json:");
+    console.log(`  "plugins": ["${options.out}"]`);
+});
+program
+    .command("print-path")
+    .description("Print the path to the installed default plugin")
+    .option("--absolute", "Print the absolute path instead of relative")
+    .action((options) => {
+    if (options.absolute) {
+        console.log(getPluginPath());
+    }
+    else {
+        console.log(getRelativePluginPath());
+    }
+});
+program.parse();
+//# sourceMappingURL=cli.js.map

package/dist/cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAEA;;;;;;;GAOG;AAEH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC7E,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAElE,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAC5B,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC,EAAE,IAAI,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,CAC5E,CAAC;AAEF,OAAO;KACJ,IAAI,CAAC,sBAAsB,CAAC;KAC5B,WAAW,CAAC,yDAAyD,CAAC;KACtE,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;AAEhC,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,iDAAiD,CAAC;KAC9D,MAAM,CACL,qBAAqB,EACrB,gCAAgC,EAChC,cAAc,CACf;KACA,MAAM,CACL,wBAAwB,EACxB,4DAA4D,CAC7D;KACA,MAAM,CACL,cAAc,EACd,sEAAsE,CACvE;KACA,MAAM,CAAC,CAAC,OAA+D,EAAE,EAAE;IAC1E,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAE3C,wBAAwB;IACxB,IAAI,UAAkB,CAAC;IAEvB,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QACxB,sDAAsD;QACtD,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW;aACpC,KAAK,CAAC,GAAG,CAAC;aACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB,MAAM,CAAC,OAAO,CAAC,CAAC;QACnB,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,IAAI,uBAAuB,CAAC;QAC1D,MAAM,kBAAkB,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;QAE/C,iCAAiC;QACjC,MAAM,SAAS,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAC9C,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3B,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5C,CAAC;QAED,gCAAgC;QAChC,MAAM,OAAO,GAAG,cAAc,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC;QAChD,aAAa,CAAC,kBAAkB,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,+BAA+B,kBAAkB,EAAE,CAAC,CAAC;QACjE,OAAO,CAAC,GAAG,CAAC,uBAAuB,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAE7D,UAAU,GAAG,UAAU,CAAC;IAC1B,CAAC;SAAM,CAAC;QACN,2CAA2C;QAC3C,UAAU,GAAG,qBAAqB,EAAE,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,8BAA8B,UAAU,EAAE,CAAC,CAAC;IAC1D,CAAC;IAED,8BAA8B;IAC9B,IAAI,WAAW,GAA4B,EAAE,CAAC;IAE9C,IAAI,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;QAC9D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,KAAK,CAAC,0BAA0B,UAAU,EAAE,CAAC,CAAC;YACtD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAED,8BAA8B;IAC9B,MAAM,OAAO,GAAI,WAAW,CAAC,OAAoB,IAAI,EAAE,CAAC;IACxD,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;QAClC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC3B,CAAC;IACD,WAAW,CAAC,OAAO,GAAG,OAAO,CAAC;IAE9B,aAAa,CAAC,UAAU,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;IACvE,OAAO,CAAC,GAAG,CAAC,WAAW,UAAU,4BAA4B,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;AACxE,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,UAAU,CAAC;KACnB,WAAW,CAAC,yCAAyC,CAAC;KACtD,cAAc,CACb,kBAAkB,EAClB,0CAA0C,CAC3C;KACA,MAAM,CACL,wBAAwB,EACxB,qEAAqE,CACtE;KACA,MAAM,CAAC,kBAAkB,EAAE,4CAA4C,CAAC;KACxE,MAAM,CAAC,kBAAkB,EAAE,4CAA4C,CAAC;KACxE,MAAM,CACL,CAAC,OAKA,EAAE,EAAE;IACH,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAExC,iCAAiC;IACjC,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW;QACrC,EAAE,KAAK,CAAC,GAAG,CAAC;SACX,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,OAAO,CAAC,CAAC;IAEnB,8BAA8B;IAC9B,MAAM,OAAO,GAAG,cAAc,CAAC;QAC7B,WAAW;QACX,iBAAiB,EAAE,OAAO,CAAC,UAAU;QACrC,iBAAiB,EAAE,OAAO,CAAC,UAAU;KACtC,CAAC,CAAC;IAEH,iCAAiC;IACjC,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IACtC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC3B,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,wBAAwB;IACxB,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAEnC,OAAO,CAAC,GAAG,CAAC,wBAAwB,UAAU,EAAE,CAAC,CAAC;IAClD,IAAI,WAAW,EAAE,MAAM,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,uBAAuB,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC/D,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;IAChE,CAAC;IACD,OAAO,CAAC,GAAG,CACT,gBAAgB,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAC9D,CAAC;IACF,OAAO,CAAC,GAAG,CACT,gBAAgB,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAC9D,CAAC;IACF,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;IACvD,OAAO,CAAC,GAAG,CAAC,kBAAkB,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC;AACjD,CAAC,CACF,CAAC;AAEJ,OAAO;KACJ,OAAO,CAAC,YAAY,CAAC;KACrB,WAAW,CAAC,gDAAgD,CAAC;KAC7D,MAAM,CAAC,YAAY,EAAE,6CAA6C,CAAC;KACnE,MAAM,CAAC,CAAC,OAA8B,EAAE,EAAE;IACzC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC;IAC/B,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,CAAC,CAAC;IACvC,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,OAAO,CAAC,KAAK,EAAE,CAAC"}

package/dist/drizzle.grit

@@ -0,0 +1,34 @@
+engine biome(1.0)
+language js
+
+// biome-plugin-drizzle: Safety rules for Drizzle ORM
+// Enforces .where() clauses on delete and update operations to prevent accidental data loss.
+//
+// Rules included:
+// - drizzle/enforce-delete-with-where: Catches .delete() without .where()
+// - drizzle/enforce-update-with-where: Catches .update().set() without .where()
+
+or {
+    // Rule: drizzle/enforce-delete-with-where
+    // Bad:  db.delete(users)
+    // Good: db.delete(users).where(eq(users.id, 1))
+    `$obj.delete($args)` as $call where {
+        not $call <: within `$_.where($_)`,
+        register_diagnostic(
+            span = $call,
+            message = "[drizzle/enforce-delete-with-where] Missing .where() clause. Calling .delete() without .where() will delete all rows in the table. Use db.delete(table).where(...) instead.",
+            severity = "error"
+        )
+    },
+    // Rule: drizzle/enforce-update-with-where
+    // Bad:  db.update(users).set({ name: 'John' })
+    // Good: db.update(users).set({ name: 'John' }).where(eq(users.id, 1))
+    `$obj.update($table).set($values)` as $call where {
+        not $call <: within `$_.where($_)`,
+        register_diagnostic(
+            span = $call,
+            message = "[drizzle/enforce-update-with-where] Missing .where() clause. Calling .update().set() without .where() will update all rows in the table. Use db.update(table).set(...).where(...) instead.",
+            severity = "error"
+        )
+    }
+}

package/dist/generator.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Generator for customized Drizzle GritQL plugin files.
+ *
+ * This module generates GritQL plugin content with optional object name filtering,
+ * similar to the ESLint plugin's `drizzleObjectName` option.
+ */
+export interface GeneratePluginOptions {
+    /**
+     * Array of Drizzle object names to match against.
+     * When provided, rules will only trigger when the receiver object
+     * matches one of these names, reducing false positives.
+     *
+     * Example: ['db', 'tx', 'database']
+     */
+    objectNames?: string[];
+    /**
+     * Whether to include the delete rule.
+     * @default true
+     */
+    includeDeleteRule?: boolean;
+    /**
+     * Whether to include the update rule.
+     * @default true
+     */
+    includeUpdateRule?: boolean;
+}
+/**
+ * Generates a complete GritQL plugin file with the specified options.
+ */
+export declare function generatePlugin(options?: GeneratePluginOptions): string;
+//# sourceMappingURL=generator.d.ts.map

package/dist/generator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"generator.d.ts","sourceRoot":"","sources":["../src/generator.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,WAAW,qBAAqB;IACpC;;;;;;OAMG;IACH,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IAEvB;;;OAGG;IACH,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAE5B;;;OAGG;IACH,iBAAiB,CAAC,EAAE,OAAO,CAAC;CAC7B;AA4FD;;GAEG;AACH,wBAAgB,cAAc,CAAC,OAAO,GAAE,qBAA0B,GAAG,MAAM,CAuC1E"}

package/dist/generator.js

@@ -0,0 +1,120 @@
+/**
+ * Generator for customized Drizzle GritQL plugin files.
+ *
+ * This module generates GritQL plugin content with optional object name filtering,
+ * similar to the ESLint plugin's `drizzleObjectName` option.
+ */
+/**
+ * Generates the GritQL pattern for matching object names.
+ * If no object names are provided, matches any object.
+ */
+function generateObjectPattern(objectNames) {
+    if (!objectNames || objectNames.length === 0) {
+        return "$obj";
+    }
+    if (objectNames.length === 1) {
+        return `\`${objectNames[0]}\``;
+    }
+    // Generate an "or" pattern for multiple object names
+    const patterns = objectNames.map((name) => `\`${name}\``).join(", ");
+    return `or { ${patterns} }`;
+}
+/**
+ * Generates the enforce-delete-with-where rule pattern body.
+ */
+function generateDeleteRuleBody(objectNames) {
+    const objPattern = generateObjectPattern(objectNames);
+    const objDescription = objectNames?.length
+        ? `Drizzle object (${objectNames.join(", ")})`
+        : "any object";
+    // If we have specific object names, we need a different pattern structure
+    if (objectNames && objectNames.length > 0) {
+        return `    // Rule: drizzle/enforce-delete-with-where
+    // Configured to match: ${objDescription}
+    \`$obj.delete($args)\` as $call where {
+        $obj <: ${objPattern},
+        not $call <: within \`$_.where($_)\`,
+        register_diagnostic(
+            span = $call,
+            message = "[drizzle/enforce-delete-with-where] Missing .where() clause. Calling .delete() without .where() will delete all rows in the table. Use db.delete(table).where(...) instead.",
+            severity = "error"
+        )
+    }`;
+    }
+    return `    // Rule: drizzle/enforce-delete-with-where
+    // Configured to match: ${objDescription}
+    \`$obj.delete($args)\` as $call where {
+        not $call <: within \`$_.where($_)\`,
+        register_diagnostic(
+            span = $call,
+            message = "[drizzle/enforce-delete-with-where] Missing .where() clause. Calling .delete() without .where() will delete all rows in the table. Use db.delete(table).where(...) instead.",
+            severity = "error"
+        )
+    }`;
+}
+/**
+ * Generates the enforce-update-with-where rule pattern body.
+ */
+function generateUpdateRuleBody(objectNames) {
+    const objPattern = generateObjectPattern(objectNames);
+    const objDescription = objectNames?.length
+        ? `Drizzle object (${objectNames.join(", ")})`
+        : "any object";
+    // If we have specific object names, we need a different pattern structure
+    if (objectNames && objectNames.length > 0) {
+        return `    // Rule: drizzle/enforce-update-with-where
+    // Configured to match: ${objDescription}
+    \`$obj.update($table).set($values)\` as $call where {
+        $obj <: ${objPattern},
+        not $call <: within \`$_.where($_)\`,
+        register_diagnostic(
+            span = $call,
+            message = "[drizzle/enforce-update-with-where] Missing .where() clause. Calling .update().set() without .where() will update all rows in the table. Use db.update(table).set(...).where(...) instead.",
+            severity = "error"
+        )
+    }`;
+    }
+    return `    // Rule: drizzle/enforce-update-with-where
+    // Configured to match: ${objDescription}
+    \`$obj.update($table).set($values)\` as $call where {
+        not $call <: within \`$_.where($_)\`,
+        register_diagnostic(
+            span = $call,
+            message = "[drizzle/enforce-update-with-where] Missing .where() clause. Calling .update().set() without .where() will update all rows in the table. Use db.update(table).set(...).where(...) instead.",
+            severity = "error"
+        )
+    }`;
+}
+/**
+ * Generates a complete GritQL plugin file with the specified options.
+ */
+export function generatePlugin(options = {}) {
+    const { objectNames, includeDeleteRule = true, includeUpdateRule = true, } = options;
+    const header = [
+        "engine biome(1.0)",
+        "language js",
+        "",
+        "// Generated by biome-plugin-drizzle",
+        `// Object filter: ${objectNames?.length ? objectNames.join(", ") : "none (matches all)"}`,
+        "",
+    ];
+    const ruleBodies = [];
+    if (includeDeleteRule) {
+        ruleBodies.push(generateDeleteRuleBody(objectNames));
+    }
+    if (includeUpdateRule) {
+        ruleBodies.push(generateUpdateRuleBody(objectNames));
+    }
+    // If we have multiple rules, wrap them in or {}
+    if (ruleBodies.length === 0) {
+        return `${header.join("\n")}// No rules enabled\n`;
+    }
+    if (ruleBodies.length === 1) {
+        // Single rule - no need for or {} wrapper
+        const singleRule = ruleBodies[0].replace(/^ {4}/gm, "");
+        return `${header.join("\n") + singleRule}\n`;
+    }
+    // Multiple rules - wrap in or {}
+    return `${header.join("\n")}or {\n${ruleBodies.join(",\n")}\n}\n`;
+}
+//# sourceMappingURL=generator.js.map

package/dist/generator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generator.js","sourceRoot":"","sources":["../src/generator.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAyBH;;;GAGG;AACH,SAAS,qBAAqB,CAAC,WAAiC;IAC9D,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7C,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,OAAO,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC;IACjC,CAAC;IAED,qDAAqD;IACrD,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACrE,OAAO,QAAQ,QAAQ,IAAI,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,SAAS,sBAAsB,CAAC,WAAiC;IAC/D,MAAM,UAAU,GAAG,qBAAqB,CAAC,WAAW,CAAC,CAAC;IACtD,MAAM,cAAc,GAAG,WAAW,EAAE,MAAM;QACxC,CAAC,CAAC,mBAAmB,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;QAC9C,CAAC,CAAC,YAAY,CAAC;IAEjB,0EAA0E;IAC1E,IAAI,WAAW,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1C,OAAO;8BACmB,cAAc;;kBAE1B,UAAU;;;;;;;MAOtB,CAAC;IACL,CAAC;IAED,OAAO;8BACqB,cAAc;;;;;;;;MAQtC,CAAC;AACP,CAAC;AAED;;GAEG;AACH,SAAS,sBAAsB,CAAC,WAAiC;IAC/D,MAAM,UAAU,GAAG,qBAAqB,CAAC,WAAW,CAAC,CAAC;IACtD,MAAM,cAAc,GAAG,WAAW,EAAE,MAAM;QACxC,CAAC,CAAC,mBAAmB,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;QAC9C,CAAC,CAAC,YAAY,CAAC;IAEjB,0EAA0E;IAC1E,IAAI,WAAW,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1C,OAAO;8BACmB,cAAc;;kBAE1B,UAAU;;;;;;;MAOtB,CAAC;IACL,CAAC;IAED,OAAO;8BACqB,cAAc;;;;;;;;MAQtC,CAAC;AACP,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,UAAiC,EAAE;IAChE,MAAM,EACJ,WAAW,EACX,iBAAiB,GAAG,IAAI,EACxB,iBAAiB,GAAG,IAAI,GACzB,GAAG,OAAO,CAAC;IAEZ,MAAM,MAAM,GAAG;QACb,mBAAmB;QACnB,aAAa;QACb,EAAE;QACF,sCAAsC;QACtC,qBAAqB,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,oBAAoB,EAAE;QAC1F,EAAE;KACH,CAAC;IAEF,MAAM,UAAU,GAAa,EAAE,CAAC;IAEhC,IAAI,iBAAiB,EAAE,CAAC;QACtB,UAAU,CAAC,IAAI,CAAC,sBAAsB,CAAC,WAAW,CAAC,CAAC,CAAC;IACvD,CAAC;IAED,IAAI,iBAAiB,EAAE,CAAC;QACtB,UAAU,CAAC,IAAI,CAAC,sBAAsB,CAAC,WAAW,CAAC,CAAC,CAAC;IACvD,CAAC;IAED,gDAAgD;IAChD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,uBAAuB,CAAC;IACrD,CAAC;IAED,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,0CAA0C;QAC1C,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QACxD,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,UAAU,IAAI,CAAC;IAC/C,CAAC;IAED,iCAAiC;IACjC,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;AACpE,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,9 @@
+/**
+ * biome-plugin-drizzle
+ *
+ * Biome linter plugin for Drizzle ORM safety rules.
+ * Enforces .where() clauses on delete and update operations.
+ */
+export { type GeneratePluginOptions, generatePlugin } from "./generator.js";
+export { getDefaultPluginContent, getPluginPath } from "./utils.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,KAAK,qBAAqB,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAC5E,OAAO,EAAE,uBAAuB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC"}

package/dist/index.js

@@ -0,0 +1,9 @@
+/**
+ * biome-plugin-drizzle
+ *
+ * Biome linter plugin for Drizzle ORM safety rules.
+ * Enforces .where() clauses on delete and update operations.
+ */
+export { generatePlugin } from "./generator.js";
+export { getDefaultPluginContent, getPluginPath } from "./utils.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAA8B,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAC5E,OAAO,EAAE,uBAAuB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC"}

package/dist/utils.d.ts

@@ -0,0 +1,18 @@
+/**
+ * Utility functions for biome-plugin-drizzle.
+ */
+/**
+ * Returns the absolute path to the default plugin .grit file.
+ * Useful for wiring up biome.json configuration.
+ */
+export declare function getPluginPath(): string;
+/**
+ * Returns the content of the default plugin .grit file.
+ */
+export declare function getDefaultPluginContent(): string;
+/**
+ * Resolves the plugin path relative to node_modules.
+ * Returns a path suitable for use in biome.json plugins array.
+ */
+export declare function getRelativePluginPath(): string;
+//# sourceMappingURL=utils.d.ts.map

package/dist/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAAA;;GAEG;AAQH;;;GAGG;AACH,wBAAgB,aAAa,IAAI,MAAM,CAEtC;AAED;;GAEG;AACH,wBAAgB,uBAAuB,IAAI,MAAM,CAEhD;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,IAAI,MAAM,CAE9C"}

package/dist/utils.js

@@ -0,0 +1,28 @@
+/**
+ * Utility functions for biome-plugin-drizzle.
+ */
+import { readFileSync } from "node:fs";
+import { dirname, join } from "node:path";
+import { fileURLToPath } from "node:url";
+const __dirname = dirname(fileURLToPath(import.meta.url));
+/**
+ * Returns the absolute path to the default plugin .grit file.
+ * Useful for wiring up biome.json configuration.
+ */
+export function getPluginPath() {
+    return join(__dirname, "drizzle.grit");
+}
+/**
+ * Returns the content of the default plugin .grit file.
+ */
+export function getDefaultPluginContent() {
+    return readFileSync(getPluginPath(), "utf-8");
+}
+/**
+ * Resolves the plugin path relative to node_modules.
+ * Returns a path suitable for use in biome.json plugins array.
+ */
+export function getRelativePluginPath() {
+    return "./node_modules/biome-plugin-drizzle/dist/drizzle.grit";
+}
+//# sourceMappingURL=utils.js.map

package/dist/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,MAAM,SAAS,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAE1D;;;GAGG;AACH,MAAM,UAAU,aAAa;IAC3B,OAAO,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;AACzC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB;IACrC,OAAO,YAAY,CAAC,aAAa,EAAE,EAAE,OAAO,CAAC,CAAC;AAChD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,qBAAqB;IACnC,OAAO,uDAAuD,CAAC;AACjE,CAAC"}

package/docs/rules/enforce-delete-with-where.md

@@ -0,0 +1,113 @@
+# drizzle/enforce-delete-with-where
+
+Ensures all Drizzle ORM `.delete()` operations include a `.where()` clause to prevent accidental deletion of entire tables.
+
+## Rule Details
+
+This rule prevents dangerous delete operations that would affect all rows in a table. In Drizzle ORM, calling `.delete()` without `.where()` will delete every row in the specified table - often not the intended behavior.
+
+### Why This Rule Exists
+
+```typescript
+// This deletes ALL users - probably not what you wanted!
+db.delete(users);
+
+// This is what you likely meant
+db.delete(users).where(eq(users.id, userId));
+```
+
+Forgetting a `.where()` clause can result in catastrophic data loss. This rule catches such mistakes at lint time.
+
+## Examples
+
+### Failing Code
+
+```typescript
+import { users, posts } from "./schema";
+
+// Simple delete without where
+db.delete(users);
+
+// Delete with returning but no where
+db.delete(users).returning();
+
+// Delete in expression
+const result = db.delete(posts);
+
+// Async delete without where
+async function deleteAllUsers() {
+  await db.delete(users);
+}
+
+// Chained methods but no where
+db.delete(users).returning().execute();
+```
+
+### Passing Code
+
+```typescript
+import { users, posts } from "./schema";
+import { eq, and, gt } from "drizzle-orm";
+
+// Simple delete with where
+db.delete(users).where(eq(users.id, 1));
+
+// Delete with where and returning
+db.delete(users).where(eq(users.id, 1)).returning();
+
+// Where can come after returning
+db.delete(users).returning().where(eq(users.id, 1));
+
+// Complex where conditions
+db.delete(users).where(
+  and(
+    eq(users.status, "inactive"),
+    gt(users.lastLogin, thirtyDaysAgo)
+  )
+);
+
+// With CTEs
+db.with(archivedUsers).delete(users).where(eq(users.archived, true));
+
+// Async with where
+async function deleteUser(id: number) {
+  await db.delete(users).where(eq(users.id, id));
+}
+```
+
+## Configuration
+
+### Default (Broad Matching)
+
+By default, the rule matches any `.delete()` call on any object:
+
+```json
+{
+  "plugins": ["./node_modules/biome-plugin-drizzle/dist/drizzle.grit"]
+}
+```
+
+### Object Name Filtering
+
+To reduce false positives (e.g., if you have other classes with `.delete()` methods), generate a plugin with object name filtering:
+
+```bash
+npx biome-plugin-drizzle generate --out ./.biome/drizzle.grit --object-names db,tx
+```
+
+This will only trigger on `db.delete()` and `tx.delete()`, not on `myArray.delete()` or `myCustomClass.delete()`.
+
+## When Not To Use This Rule
+
+- If you intentionally want to delete all rows and understand the implications
+- If you have a separate validation layer that ensures `.where()` is always called
+- If you're using a different ORM or query builder that happens to have similar method names (use object name filtering instead)
+
+## Related Rules
+
+- [enforce-update-with-where](./enforce-update-with-where.md) - Similar rule for update operations
+
+## Further Reading
+
+- [Drizzle ORM Delete Documentation](https://orm.drizzle.team/docs/delete)
+- [ESLint Plugin Drizzle](https://github.com/drizzle-team/drizzle-orm/tree/main/eslint-plugin-drizzle)

package/docs/rules/enforce-update-with-where.md

@@ -0,0 +1,129 @@
+# drizzle/enforce-update-with-where
+
+Ensures all Drizzle ORM `.update().set()` operations include a `.where()` clause to prevent accidental updates to entire tables.
+
+## Rule Details
+
+This rule prevents dangerous update operations that would affect all rows in a table. In Drizzle ORM, calling `.update().set()` without `.where()` will update every row in the specified table - often not the intended behavior.
+
+### Why This Rule Exists
+
+```typescript
+// This updates ALL users - probably not what you wanted!
+db.update(users).set({ role: "admin" });
+
+// This is what you likely meant
+db.update(users).set({ role: "admin" }).where(eq(users.id, userId));
+```
+
+Forgetting a `.where()` clause can result in mass data corruption. This rule catches such mistakes at lint time.
+
+## Examples
+
+### Failing Code
+
+```typescript
+import { users, posts } from "./schema";
+
+// Simple update without where
+db.update(users).set({ name: "John" });
+
+// Update with returning but no where
+db.update(users).set({ status: "active" }).returning();
+
+// Update in expression
+const result = db.update(posts).set({ views: 0 });
+
+// Async update without where
+async function resetAllUserNames() {
+  await db.update(users).set({ name: "Anonymous" });
+}
+
+// Chained methods but no where
+db.update(users).set({ lastLogin: new Date() }).returning().execute();
+```
+
+### Passing Code
+
+```typescript
+import { users, posts } from "./schema";
+import { eq, and, gt, sql } from "drizzle-orm";
+
+// Simple update with where
+db.update(users).set({ name: "John" }).where(eq(users.id, 1));
+
+// Update with where and returning
+db.update(users)
+  .set({ status: "active" })
+  .where(eq(users.id, 1))
+  .returning();
+
+// Where can come after returning
+db.update(users)
+  .set({ email: "new@email.com" })
+  .returning()
+  .where(eq(users.id, 1));
+
+// Complex where conditions
+db.update(users)
+  .set({ verified: true })
+  .where(
+    and(
+      eq(users.status, "pending"),
+      gt(users.createdAt, thirtyDaysAgo)
+    )
+  );
+
+// Using SQL expressions
+db.update(posts)
+  .set({ views: sql`views + 1` })
+  .where(eq(posts.id, postId));
+
+// With CTEs
+db.with(activeUsers)
+  .update(users)
+  .set({ tier: "premium" })
+  .where(eq(users.active, true));
+
+// Async with where
+async function updateUser(id: number, data: UserUpdate) {
+  await db.update(users).set(data).where(eq(users.id, id));
+}
+```
+
+## Configuration
+
+### Default (Broad Matching)
+
+By default, the rule matches any `.update().set()` call on any object:
+
+```json
+{
+  "plugins": ["./node_modules/biome-plugin-drizzle/dist/drizzle.grit"]
+}
+```
+
+### Object Name Filtering
+
+To reduce false positives (e.g., if you have other classes with `.update()` methods), generate a plugin with object name filtering:
+
+```bash
+npx biome-plugin-drizzle generate --out ./.biome/drizzle.grit --object-names db,tx
+```
+
+This will only trigger on `db.update().set()` and `tx.update().set()`, not on other objects.
+
+## When Not To Use This Rule
+
+- If you intentionally want to update all rows and understand the implications
+- If you have a separate validation layer that ensures `.where()` is always called
+- If you're using a different ORM or query builder that happens to have similar method names (use object name filtering instead)
+
+## Related Rules
+
+- [enforce-delete-with-where](./enforce-delete-with-where.md) - Similar rule for delete operations
+
+## Further Reading
+
+- [Drizzle ORM Update Documentation](https://orm.drizzle.team/docs/update)
+- [ESLint Plugin Drizzle](https://github.com/drizzle-team/drizzle-orm/tree/main/eslint-plugin-drizzle)

package/package.json

@@ -0,0 +1,77 @@
+{
+  "name": "biome-plugin-drizzle",
+  "version": "0.0.2",
+  "description": "Biome linter plugin for Drizzle ORM safety rules - enforces .where() clauses on delete and update operations",
+  "keywords": [
+    "biome",
+    "linter",
+    "plugin",
+    "drizzle",
+    "drizzle-orm",
+    "database",
+    "sql",
+    "safety",
+    "gritql"
+  ],
+  "author": "",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/TeamWarp/biome-plugin-drizzle"
+  },
+  "homepage": "https://github.com/TeamWarp/biome-plugin-drizzle#readme",
+  "bugs": {
+    "url": "https://github.com/TeamWarp/biome-plugin-drizzle/issues"
+  },
+  "type": "module",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    },
+    "./plugin": "./dist/drizzle.grit",
+    "./plugin.grit": "./dist/drizzle.grit"
+  },
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "bin": {
+    "biome-plugin-drizzle": "./dist/cli.js"
+  },
+  "files": [
+    "dist",
+    "docs",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "build": "tsc && npm run copy-grit",
+    "copy-grit": "cp grit/*.grit dist/",
+    "clean": "rm -rf dist",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "lint": "biome check .",
+    "format": "biome format --write .",
+    "prepublishOnly": "npm run clean && npm run build && npm test",
+    "pack": "npm pack"
+  },
+  "dependencies": {
+    "commander": "^12.1.0"
+  },
+  "devDependencies": {
+    "@biomejs/biome": "^2.3.11",
+    "@types/node": "^22.10.2",
+    "typescript": "^5.7.2",
+    "vitest": "^2.1.8"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "peerDependencies": {
+    "@biomejs/biome": ">=2.0.0"
+  },
+  "peerDependenciesMeta": {
+    "@biomejs/biome": {
+      "optional": true
+    }
+  }
+}