eslint-plugin-etc-misc 1.1.7 → 1.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (81) hide show
  1. package/dist/_internal/import-patterns.js +3 -3
  2. package/dist/_internal/import-patterns.js.map +1 -1
  3. package/dist/_internal/rule-catalog.js +4 -4
  4. package/dist/_internal/rule-catalog.js.map +1 -1
  5. package/dist/_internal/symbol-usage.d.ts +1 -1
  6. package/dist/_internal/symbol-usage.d.ts.map +1 -1
  7. package/dist/_internal/symbol-usage.js +1 -1
  8. package/dist/_internal/symbol-usage.js.map +1 -1
  9. package/dist/plugin.cjs +61 -84
  10. package/dist/plugin.cjs.map +3 -3
  11. package/dist/rules/match-filename.js +2 -2
  12. package/dist/rules/match-filename.js.map +1 -1
  13. package/dist/rules/no-assign-mutated-array.js +3 -3
  14. package/dist/rules/no-assign-mutated-array.js.map +1 -1
  15. package/dist/rules/no-const-enum.d.ts.map +1 -1
  16. package/dist/rules/no-const-enum.js +8 -6
  17. package/dist/rules/no-const-enum.js.map +1 -1
  18. package/dist/rules/no-deprecated.js +3 -3
  19. package/dist/rules/no-deprecated.js.map +1 -1
  20. package/dist/rules/no-foreach.js +2 -2
  21. package/dist/rules/no-foreach.js.map +1 -1
  22. package/dist/rules/no-implicit-any-catch.d.ts.map +1 -1
  23. package/dist/rules/no-implicit-any-catch.js.map +1 -1
  24. package/dist/rules/no-internal.js +3 -3
  25. package/dist/rules/no-internal.js.map +1 -1
  26. package/dist/rules/no-misused-generics.js +11 -11
  27. package/dist/rules/no-misused-generics.js.map +1 -1
  28. package/dist/rules/no-use-extend-native.d.ts.map +1 -1
  29. package/dist/rules/no-use-extend-native.js +2 -1
  30. package/dist/rules/no-use-extend-native.js.map +1 -1
  31. package/dist/rules/object-format.js +2 -2
  32. package/dist/rules/object-format.js.map +1 -1
  33. package/dist/rules/sort-array.js +2 -2
  34. package/dist/rules/sort-array.js.map +1 -1
  35. package/dist/rules/sort-class-members.d.ts.map +1 -1
  36. package/dist/rules/sort-class-members.js.map +1 -1
  37. package/dist/rules/sort-export-specifiers.js +2 -2
  38. package/dist/rules/sort-export-specifiers.js.map +1 -1
  39. package/dist/rules/switch-case-spacing.d.ts.map +1 -1
  40. package/dist/rules/switch-case-spacing.js +5 -4
  41. package/dist/rules/switch-case-spacing.js.map +1 -1
  42. package/dist/rules/throw-error.js +4 -4
  43. package/dist/rules/throw-error.js.map +1 -1
  44. package/dist/rules/typescript-array-callback-return-type.d.ts.map +1 -1
  45. package/dist/rules/typescript-array-callback-return-type.js.map +1 -1
  46. package/dist/rules/typescript-class-methods-use-this.d.ts.map +1 -1
  47. package/dist/rules/typescript-class-methods-use-this.js +3 -3
  48. package/dist/rules/typescript-class-methods-use-this.js.map +1 -1
  49. package/dist/rules/typescript-no-redundant-undefined-const.d.ts.map +1 -1
  50. package/dist/rules/typescript-no-redundant-undefined-const.js +1 -4
  51. package/dist/rules/typescript-no-redundant-undefined-const.js.map +1 -1
  52. package/dist/rules/typescript-no-redundant-undefined-default-parameter.d.ts.map +1 -1
  53. package/dist/rules/typescript-no-redundant-undefined-default-parameter.js +1 -4
  54. package/dist/rules/typescript-no-redundant-undefined-default-parameter.js.map +1 -1
  55. package/dist/rules/typescript-no-redundant-undefined-let.d.ts.map +1 -1
  56. package/dist/rules/typescript-no-redundant-undefined-let.js +1 -4
  57. package/dist/rules/typescript-no-redundant-undefined-let.js.map +1 -1
  58. package/dist/rules/typescript-no-redundant-undefined-promise-return-type.d.ts.map +1 -1
  59. package/dist/rules/typescript-no-redundant-undefined-promise-return-type.js +1 -4
  60. package/dist/rules/typescript-no-redundant-undefined-promise-return-type.js.map +1 -1
  61. package/dist/rules/typescript-no-redundant-undefined-readonly-property.d.ts.map +1 -1
  62. package/dist/rules/typescript-no-redundant-undefined-readonly-property.js +1 -4
  63. package/dist/rules/typescript-no-redundant-undefined-readonly-property.js.map +1 -1
  64. package/dist/rules/typescript-no-redundant-undefined-return-type.d.ts.map +1 -1
  65. package/dist/rules/typescript-no-redundant-undefined-return-type.js +1 -4
  66. package/dist/rules/typescript-no-redundant-undefined-return-type.js.map +1 -1
  67. package/dist/rules/typescript-no-redundant-undefined-var.d.ts.map +1 -1
  68. package/dist/rules/typescript-no-redundant-undefined-var.js +1 -4
  69. package/dist/rules/typescript-no-redundant-undefined-var.js.map +1 -1
  70. package/dist/rules/typescript-prefer-enum.d.ts.map +1 -1
  71. package/dist/rules/typescript-prefer-enum.js.map +1 -1
  72. package/dist/rules/typescript-prefer-named-tuple-members.d.ts.map +1 -1
  73. package/dist/rules/typescript-prefer-named-tuple-members.js +2 -5
  74. package/dist/rules/typescript-prefer-named-tuple-members.js.map +1 -1
  75. package/docs/AGENTS.md +1 -0
  76. package/docs/docusaurus/package.json +1 -1
  77. package/docs/docusaurus/src/components/GitHubStats.module.css +18 -3
  78. package/docs/rules/no-function-declare-after-return.md +31 -34
  79. package/docs/rules/no-use-extend-native.md +23 -25
  80. package/docs/rules/no-vulnerable.md +23 -25
  81. package/package.json +5 -5
@@ -2,20 +2,6 @@
2
2
 
3
3
  Disallow usage of non-native members on built-in JavaScript objects.
4
4
 
5
- ## Why this rule is included here
6
-
7
- This rule was integrated into `eslint-plugin-etc-misc` to avoid requiring a separate single-rule plugin dependency.
8
-
9
- Original plugin source: [`eslint-plugin-no-use-extend-native`](https://github.com/dustinspecker/eslint-plugin-no-use-extend-native).
10
-
11
- ## Rule details
12
-
13
- This rule helps prevent implicit reliance on monkey-patched native prototypes (for example from legacy libraries that add methods like `String.prototype.green`).
14
-
15
- Relying on extended native objects can make code unpredictable across runtimes, bundling targets, and dependency versions.
16
-
17
- This rule reports member usage on obvious built-in values when the accessed member is not part of the native API.
18
-
19
5
  ## Targeted pattern scope
20
6
 
21
7
  This rule is intentionally conservative and focuses on obvious built-in object shapes such as:
@@ -27,6 +13,16 @@ This rule is intentionally conservative and focuses on obvious built-in object s
27
13
 
28
14
  It does **not** attempt full-flow inference for arbitrary identifiers.
29
15
 
16
+ ## What this rule reports
17
+
18
+ This rule helps prevent implicit reliance on monkey-patched native prototypes (for example from legacy libraries that add methods like `String.prototype.green`).
19
+
20
+ This rule reports member usage on obvious built-in values when the accessed member is not part of the native API.
21
+
22
+ ## Why this rule exists
23
+
24
+ Relying on extended native objects can make code unpredictable across runtimes, bundling targets, and dependency versions.
25
+
30
26
  ## ❌ Incorrect
31
27
 
32
28
  ```ts
@@ -55,11 +51,11 @@ const value = [].map((entry) => entry);
55
51
  const value = String.prototype.toLowerCase.call("ABC");
56
52
  ```
57
53
 
58
- ## Options
54
+ ## Behavior and migration notes
59
55
 
60
56
  This rule has no options.
61
57
 
62
- ## Relationship to ESLint `no-extend-native`
58
+ ### Relationship to ESLint `no-extend-native`
63
59
 
64
60
  - ESLint core [`no-extend-native`](https://eslint.org/docs/latest/rules/no-extend-native) prevents adding properties to native prototypes.
65
61
  - This rule prevents consuming non-native members when they appear in code.
@@ -69,15 +65,7 @@ Using both rules together gives better protection:
69
65
  1. Prevent introducing prototype extension.
70
66
  2. Prevent relying on prototype extension from third-party code.
71
67
 
72
- ## When not to use it
73
-
74
- - If your project intentionally and explicitly relies on controlled prototype extension.
75
- - If your runtime environment guarantees specific prototype patches and that dependency is accepted in your architecture.
76
-
77
- ## Further reading
78
-
79
- - [ESLint `no-extend-native`](https://eslint.org/docs/latest/rules/no-extend-native)
80
- - [MDN: Inheritance and the prototype chain](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Inheritance_and_the_prototype_chain)
68
+ Original plugin source: [`eslint-plugin-no-use-extend-native`](https://github.com/dustinspecker/eslint-plugin-no-use-extend-native).
81
69
 
82
70
  ## ESLint flat config example
83
71
 
@@ -93,3 +81,13 @@ export default [
93
81
  },
94
82
  ];
95
83
  ```
84
+
85
+ ## When not to use it
86
+
87
+ - If your project intentionally and explicitly relies on controlled prototype extension.
88
+ - If your runtime environment guarantees specific prototype patches and that dependency is accepted in your architecture.
89
+
90
+ ## Further reading
91
+
92
+ - [ESLint `no-extend-native`](https://eslint.org/docs/latest/rules/no-extend-native)
93
+ - [MDN: Inheritance and the prototype chain](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Inheritance_and_the_prototype_chain)
@@ -2,28 +2,24 @@
2
2
 
3
3
  Disallow regular expressions that are potentially vulnerable to ReDoS (Regular Expression Denial of Service).
4
4
 
5
- ## Why this rule is included here
5
+ ## Targeted pattern scope
6
6
 
7
- This rule was integrated into `eslint-plugin-etc-misc` to avoid requiring a separate single-rule plugin dependency.
7
+ This rule checks:
8
8
 
9
- Original plugin source: [`eslint-plugin-redos-detector`](https://github.com/tjenkinson/eslint-plugin-redos-detector).
9
+ - `/(...)/flags` literals.
10
+ - `RegExp("...")` and `new RegExp("...", "flags")` when both arguments are statically-known strings.
11
+
12
+ This rule intentionally skips dynamic patterns/flags it cannot resolve safely at lint time.
10
13
 
11
- ## Rule details
14
+ ## What this rule reports
12
15
 
13
16
  This rule analyzes regular expression literals and statically-resolvable `RegExp(...)` constructor calls using [`recheck`](https://www.npmjs.com/package/recheck).
14
17
 
15
- Catastrophic backtracking can make an application spend excessive CPU time on crafted inputs. In server contexts, that can become an availability issue.
16
-
17
18
  This rule reports patterns that `recheck` identifies as vulnerable with polynomial or exponential complexity.
18
19
 
19
- ## What this rule checks
20
-
21
- This rule checks:
22
-
23
- - `/(...)/flags` literals.
24
- - `RegExp("...")` and `new RegExp("...", "flags")` when both arguments are statically-known strings.
20
+ ## Why this rule exists
25
21
 
26
- This rule intentionally skips dynamic patterns/flags it cannot resolve safely at lint time.
22
+ Catastrophic backtracking can make an application spend excessive CPU time on crafted inputs. In server contexts, that can become an availability issue.
27
23
 
28
24
  ## ❌ Incorrect
29
25
 
@@ -50,7 +46,7 @@ const source = getPatternFromConfig();
50
46
  const maybeUnsafe = RegExp(source); // Dynamic value: intentionally not analyzed.
51
47
  ```
52
48
 
53
- ## Options
49
+ ## Behavior and migration notes
54
50
 
55
51
  ```ts
56
52
  type Options = [
@@ -94,17 +90,7 @@ For example, to allow polynomial but still report exponential:
94
90
  }
95
91
  ```
96
92
 
97
- ## When not to use it
98
-
99
- - If your codebase never handles untrusted input with regexes.
100
- - If lint-time regex analysis cost is unacceptable for your workflow.
101
- - If you prefer running ReDoS scanning as a separate CI security step rather than as an ESLint rule.
102
-
103
- ## Further reading
104
-
105
- - [OWASP: Regular expression Denial of Service (ReDoS)](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)
106
- - [`recheck` package](https://www.npmjs.com/package/recheck)
107
- - [MDN: Regular expressions](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_expressions)
93
+ Original plugin source: [`eslint-plugin-redos-detector`](https://github.com/tjenkinson/eslint-plugin-redos-detector).
108
94
 
109
95
  ## ESLint flat config example
110
96
 
@@ -120,3 +106,15 @@ export default [
120
106
  },
121
107
  ];
122
108
  ```
109
+
110
+ ## When not to use it
111
+
112
+ - If your codebase never handles untrusted input with regexes.
113
+ - If lint-time regex analysis cost is unacceptable for your workflow.
114
+ - If you prefer running ReDoS scanning as a separate CI security step rather than as an ESLint rule.
115
+
116
+ ## Further reading
117
+
118
+ - [OWASP: Regular expression Denial of Service (ReDoS)](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)
119
+ - [`recheck` package](https://www.npmjs.com/package/recheck)
120
+ - [MDN: Regular expressions](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_expressions)
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "$schema": "https://www.schemastore.org/package.json",
3
3
  "name": "eslint-plugin-etc-misc",
4
- "version": "1.1.7",
4
+ "version": "1.1.8",
5
5
  "private": false,
6
6
  "description": "ESLint Plugin combining eslint-plugin-etc and eslint-plugin-misc!",
7
7
  "keywords": [
@@ -239,8 +239,8 @@
239
239
  "cross-env": "^10.1.0",
240
240
  "detect-secrets": "^1.0.6",
241
241
  "esbuild": "^0.28.0",
242
- "eslint": "^10.3.0",
243
- "eslint-config-nick2bad4u": "^1.0.16",
242
+ "eslint": "^10.5.0",
243
+ "eslint-config-nick2bad4u": "^2.0.4",
244
244
  "eslint-formatter-unix": "^9.0.1",
245
245
  "fast-check": "^4.8.0",
246
246
  "git-cliff": "^2.13.1",
@@ -283,10 +283,10 @@
283
283
  "yamllint-js": "^0.2.4"
284
284
  },
285
285
  "peerDependencies": {
286
- "eslint": "^9.0.0 || ^10.3.0",
286
+ "eslint": "^9.0.0 || ^10.5.0",
287
287
  "typescript": ">=5.0.0"
288
288
  },
289
- "packageManager": "npm@11.14.1",
289
+ "packageManager": "npm@11.18.0",
290
290
  "engines": {
291
291
  "node": ">=20.19.0"
292
292
  },