feat: Add flag ignorePrivate to no-unpublished-x rules (#298)

* feat: Add flag ignorePrivate to no-unpublished-x rules This rule make it possible to selectively disable/enable the rule in private packages * docs: Add documentation of ignorePrivate * Simplify property access and fallback
eslint-community · Jun 14, 2024 · 0609431 · 0609431
1 parent 1bcb006
commit 0609431
Show file tree

Hide file tree

Showing 7 changed files with 92 additions and 9 deletions.
diff --git a/docs/rules/no-unpublished-import.md b/docs/rules/no-unpublished-import.md
@@ -66,6 +66,34 @@ In this way, the following code will not be reported:
 import type foo from "foo";
 ```
 
+### ignorePrivate
+
+In a private package you sometimes want to disable checking for unpublished dependencies, e.g. if the package is not published.
+
+However, there are situations where you want to mark it as private, though still ensure only published dependencies are used in your source code.
+An example, for such a case would be a package that is deployed to a server.
+
+Defaults to `true`.
+
+package.json:
+
+```json
+{
+    "private": true,
+    ...
+}
+```
+
+```json
+{
+    "rules": {
+        "n/no-unpublished-import": ["error", {
+            "ignorePrivate": true
+        }]
+    }
+}
+```
+
 ## 🔎 Implementation
 
 - [Rule source](../../lib/rules/no-unpublished-import.js)

diff --git a/docs/rules/no-unpublished-require.md b/docs/rules/no-unpublished-require.md
@@ -53,6 +53,34 @@ Please see the shared settings documentation for more information.
 This can be configured in the rule options or as a shared setting [`settings.tryExtensions`](../shared-settings.md#tryextensions).
 Please see the shared settings documentation for more information.
 
+### ignorePrivate
+
+In a private package you sometimes want to disable checking for unpublished dependencies, e.g. if the package is not published.
+
+However, there are situations where you want to mark it as private, though still ensure only published dependencies are used in your source code.
+An example, for such a case would be a package that is deployed to a server.
+
+Defaults to `true`.
+
+package.json:
+
+```json
+{
+    "private": true,
+    ...
+}
+```
+
+```json
+{
+    "rules": {
+        "n/no-unpublished-import": ["error", {
+            "ignorePrivate": true
+        }]
+    }
+}
+```
+
 ## 🔎 Implementation
 
 - [Rule source](../../lib/rules/no-unpublished-require.js)

diff --git a/lib/rules/no-unpublished-import.js b/lib/rules/no-unpublished-import.js
@@ -29,6 +29,7 @@ module.exports = {
                     convertPath: getConvertPath.schema,
                     resolvePaths: getResolvePaths.schema,
                     ignoreTypeImport: { type: "boolean", default: false },
+                    ignorePrivate: { type: "boolean", default: true },
                 },
                 additionalProperties: false,
             },
@@ -38,17 +39,15 @@ module.exports = {
     create(context) {
         const filePath = context.filename ?? context.getFilename()
         const options = context.options[0] || {}
-        const ignoreTypeImport =
-            options.ignoreTypeImport === void 0
-                ? false
-                : options.ignoreTypeImport
+        const ignoreTypeImport = options.ignoreTypeImport ?? false
+        const ignorePrivate = options.ignorePrivate ?? true
 
         if (filePath === "<input>") {
             return {}
         }
 
         return visitImport(context, { ignoreTypeImport }, targets => {
-            checkPublish(context, filePath, targets)
+            checkPublish(context, filePath, targets, { ignorePrivate })
         })
     },
 }
diff --git a/lib/rules/no-unpublished-require.js b/lib/rules/no-unpublished-require.js
@@ -30,6 +30,7 @@ module.exports = {
                     convertPath: getConvertPath.schema,
                     resolvePaths: getResolvePaths.schema,
                     tryExtensions: getTryExtensions.schema,
+                    ignorePrivate: { type: "boolean", default: true },
                 },
                 additionalProperties: false,
             },
@@ -38,12 +39,15 @@ module.exports = {
     },
     create(context) {
         const filePath = context.filename ?? context.getFilename()
+        const options = context.options[0] || {}
+        const ignorePrivate = options.ignorePrivate ?? true
+
         if (filePath === "<input>") {
             return {}
         }
 
         return visitRequire(context, {}, targets => {
-            checkPublish(context, filePath, targets)
+            checkPublish(context, filePath, targets, { ignorePrivate })
         })
     },
 }
diff --git a/lib/util/check-publish.js b/lib/util/check-publish.js
@@ -18,17 +18,25 @@ const { getPackageJson } = require("./get-package-json")
  * @param {import('eslint').Rule.RuleContext} context - A context to report.
  * @param {string} filePath - The current file path.
  * @param {import('./import-target.js')[]} targets - A list of target information to check.
+ * @param {{ignorePrivate: boolean}} options - Configuration options for checking for published files.
  * @returns {void}
  */
-exports.checkPublish = function checkPublish(context, filePath, targets) {
+exports.checkPublish = function checkPublish(
+    context,
+    filePath,
+    targets,
+    options
+) {
     const packageJson = getPackageJson(filePath)
     if (typeof packageJson?.filePath !== "string") {
         return
     }
 
-    // Private packages are never published so we don't need to check the imported dependencies either.
+    // Flag to ignore checking imported dependencies in private packages.
+    // For projects that need to be deployed to a server checking for imported dependencies may still be desireable
+    // while making it a private package.
     // More information: https://docs.npmjs.com/cli/v8/configuring-npm/package-json#private
-    if (packageJson.private === true) {
+    if (options.ignorePrivate && packageJson.private === true) {
         return
     }
 

diff --git a/tests/lib/rules/no-unpublished-import.js b/tests/lib/rules/no-unpublished-import.js
@@ -292,5 +292,13 @@ ruleTester.run("no-unpublished-import", rule, {
             code: "import type foo from 'foo';",
             errors: [{ messageId: "notPublished" }],
         },
+
+        // devDependency in a private package
+        {
+            filename: fixture("private-package/index.js"),
+            code: "import bbb from 'bbb';",
+            errors: ['"bbb" is not published.'],
+            options: [{ ignorePrivate: false }],
+        },
     ],
 })
diff --git a/tests/lib/rules/no-unpublished-require.js b/tests/lib/rules/no-unpublished-require.js
@@ -359,5 +359,13 @@ ruleTester.run("no-unpublished-require", rule, {
             code: "require('../2/a.js');",
             errors: ['"../2/a.js" is not published.'],
         },
+
+        // devDependency in a private package
+        {
+            filename: fixture("private-package/index.js"),
+            code: "require('bbb');",
+            errors: ['"bbb" is not published.'],
+            options: [{ ignorePrivate: false }],
+        },
     ],
 })