fraqtal/agentic-dev
Template
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
72d551391645a68a77b37dcbdbe5349cf41dcb03
agentic-dev/packages/core-eslint/base.js
Danijel Martinek 955a763c66 feat(eslint+ci): R40 boundary rule for @sentry/* + R31 sendDefaultPii grep gate 
Adds two flat-config blocks to core-eslint/base.js: (1) repo-wide
no-restricted-imports for @sentry/* with the R40 message, (2) an
allowlist override for the only paths permitted to import the Sentry
SDK directly — core-shared/instrumentation/sentry/**, the bind-sentry
DI files, the no-sentry test guards, and apps' instrumentation* /
next.config / vite.config / sentry.*.config files. Patterns use
**/-prefix so they match whether ESLint runs from the repo root or
from inside a sub-package.

Also adds the standard `argsIgnorePattern: "^_"` config (used
throughout the repo) and a Node-globals override for *.mjs/*.cjs/*.js
and *.config.{ts,tsx} so withSentryConfig in next.config.mjs lints
clean. Required adding `globals` as a core-eslint dep.

Adds .github/workflows/sentry-pii-guard.yml — a lightweight CI step
that fails any PR introducing `sendDefaultPii: true` (R31). Excludes
node_modules / dist / .next / .turbo from the grep so vendored SDK
JSDoc examples don't false-positive.

Pre-existing lint nits cleared as part of getting `pnpm lint` green:
- core-testing define-contract-suite.test.ts: void the unused
  receivedTracer (mirrors the next test's pattern)
- marketing-pages bind-dev-seed.ts: drop unused MockSiteSettingsRepository
  import
- marketing-pages get-site-settings.use-case.ts: drop the now-redundant
  eslint-disable for `_input`

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 20:31:15 +02:00

107 lines
3.3 KiB
JavaScript
Raw Blame History

import js from "@eslint/js";
import eslintConfigPrettier from "eslint-config-prettier";
import tseslint from "typescript-eslint";
import turboPlugin from "eslint-plugin-turbo";
import boundaries from "eslint-plugin-boundaries";
import globals from "globals";
export default [
{ ignores: ["dist/**", "node_modules/**", ".next/**", ".turbo/**", "storybook-static/**"] },
js.configs.recommended,
{
files: ["**/*.{mjs,cjs,js}", "**/*.config.{ts,tsx}"],
languageOptions: {
globals: { ...globals.node },
},
},
...tseslint.configs.recommended,
eslintConfigPrettier,
{
plugins: { turbo: turboPlugin },
rules: {
"turbo/no-undeclared-env-vars": "warn",
},
},
{
rules: {
// Honour the leading-underscore convention for intentionally-unused params/vars.
"@typescript-eslint/no-unused-vars": [
"error",
{
argsIgnorePattern: "^_",
varsIgnorePattern: "^_",
caughtErrorsIgnorePattern: "^_",
},
],
},
},
{
plugins: { boundaries },
settings: {
"boundaries/elements": [
{ type: "app", pattern: "apps/*" },
{ type: "tooling", pattern: "packages/core-eslint" },
{ type: "tooling", pattern: "packages/core-typescript" },
{ type: "tooling", pattern: "packages/core-testing" },
{ type: "core-composition", pattern: "packages/core-api" },
{ type: "core-composition", pattern: "packages/core-cms" },
{ type: "core", pattern: "packages/core-*" },
{ type: "feature", pattern: "packages/!(core-*)" },
],
},
rules: {
"boundaries/element-types": [
2,
{
default: "disallow",
rules: [
{ from: "app", allow: ["app", "core", "core-composition", "feature", "tooling"] },
{ from: "feature", allow: ["core", "tooling"] },
{ from: "core", allow: ["core", "tooling"] },
{ from: "core-composition", allow: ["core", "feature", "tooling"] },
{ from: "tooling", allow: ["tooling"] },
],
},
],
},
},
// R40 — block direct @sentry/* imports outside the allowlisted instrumentation paths
{
files: ["**/*.{ts,tsx,mjs,cjs,js}"],
rules: {
"no-restricted-imports": [
"error",
{
patterns: [
{
group: ["@sentry/*"],
message:
"Import from @repo/core-shared/instrumentation instead — feature packages must not depend on Sentry directly (R40).",
},
],
},
],
},
},
// R40 allowlist — the only paths permitted to import @sentry/*.
// Patterns are double-star prefixed so they match whether eslint runs from
// the repo root or from inside a sub-package.
{
files: [
"**/instrumentation/sentry/**",
"**/instrumentation/di/bind-sentry-instrumentation.{ts,js}",
"**/instrumentation/di/bind-sentry-instrumentation.test.{ts,js}",
"**/setup/no-sentry.{ts,js}",
"**/setup/no-sentry.test.{ts,js}",
"**/instrumentation.{ts,js,mjs}",
"**/instrumentation-client.{ts,js,mjs}",
"**/next.config.{mjs,ts,js}",
"**/vite.config.{ts,mjs,js}",
"**/sentry.*.config.{ts,mjs,js}",
],
rules: {
"no-restricted-imports": "off",
},
},
];
Reference in New Issue View Git Blame Copy Permalink