fraqtal/agentic-dev
Template
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
7dd46b68b2e5a16891fe1b2bee2e26f5efb2af49
agentic-dev/packages/core-eslint/base.js
Danijel Martinek 1cab88916a feat(core-eslint): add no-undeclared-consent-check rule (conformance gate 12) 
Extends the conformance ESLint layer with the consent-check rule:

- `no-undeclared-consent-check` (warn): `consent.isGranted("X")` in a
  use-case file must match a category declared in `manifest.requiresConsent`;
  also warns when requiresConsent is declared but no isGranted call is found.
- `_manifest-ast.js`: adds `parseManifestFully` which extracts top-level
  `name`, `requiredCores`, `requiresConsent`, and per-use-case maps from the
  manifest AST; `requiresConsent` extraction tested in `_manifest-ast.test.js`.
- `_rule-context.js` / `_rule-schema.js`: shared helpers extracted from the
  existing per-rule files so the new rule can resolve use-case name + feature
  root without duplication.
- Existing rules (`no-undeclared-audit`, `no-undeclared-event-publish`,
  `no-undeclared-analytics-event`) updated to use the shared helpers.
- `plugin.js` + `base.js` register the rule at warn severity.
- CLAUDE.md + conformance-quickref.md: rule count advanced from 11 → 12.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-19 11:51:30 +00:00

193 lines
7.3 KiB
JavaScript
Raw Blame History

import js from "@eslint/js";
import eslintConfigPrettier from "eslint-config-prettier";
import tseslint from "typescript-eslint";
import turboPlugin from "eslint-plugin-turbo";
import boundaries from "eslint-plugin-boundaries";
import globals from "globals";
import conformancePlugin from "./plugin.js";
import path from "node:path";
import { fileURLToPath } from "node:url";
// <gen:realtime-rules-imports>
const __dirname = path.dirname(fileURLToPath(import.meta.url));
const repoRoot = path.resolve(__dirname, "..", "..");
export default [
{
ignores: [
"dist/**",
"node_modules/**",
".next/**",
".turbo/**",
"storybook-static/**",
],
},
js.configs.recommended,
{
files: ["**/*.{mjs,cjs,js}", "**/*.config.{ts,tsx}"],
languageOptions: {
globals: { ...globals.node },
},
},
...tseslint.configs.recommended,
eslintConfigPrettier,
{
plugins: { turbo: turboPlugin },
rules: {
"turbo/no-undeclared-env-vars": "warn",
},
},
{
plugins: { conformance: conformancePlugin },
rules: {
// Structural conformance rules (milestone iii.a).
// All 5 features now have manifests; promoted to ERROR.
"conformance/feature-must-have-manifest": ["error", { repoRoot }],
"conformance/usecase-must-have-test-file": "error",
"conformance/required-cores-installed": ["error", { repoRoot }],
"conformance/no-undeclared-event-publish": ["warn", { repoRoot }],
"conformance/no-undeclared-audit": ["warn", { repoRoot }],
"conformance/no-undeclared-analytics-event": ["warn", { repoRoot }],
"conformance/usecase-must-be-wired": ["error", { repoRoot }],
"conformance/component-must-have-story": "warn",
"conformance/component-must-have-test": "warn",
"conformance/atomic-tier-import-direction": "warn",
"conformance/pii-declaration-must-be-complete": "warn",
"conformance/no-undeclared-consent-check": ["warn", { repoRoot }],
},
},
{
rules: {
// Honour the leading-underscore convention for intentionally-unused params/vars.
"@typescript-eslint/no-unused-vars": [
"error",
{
argsIgnorePattern: "^_",
varsIgnorePattern: "^_",
caughtErrorsIgnorePattern: "^_",
},
],
},
},
{
plugins: { boundaries },
settings: {
"boundaries/elements": [
{ type: "app", pattern: "apps/*" },
{ type: "tooling", pattern: "packages/core-eslint" },
{ type: "tooling", pattern: "packages/core-typescript" },
{ type: "tooling", pattern: "packages/core-testing" },
{ type: "core-composition", pattern: "packages/core-api" },
{ type: "core-composition", pattern: "packages/core-cms" },
{ type: "core", pattern: "packages/core-*" },
{ type: "feature", pattern: "packages/!(core-*)" },
],
},
rules: {
"boundaries/element-types": [
2,
{
default: "disallow",
rules: [
{
from: "app",
allow: ["app", "core", "core-composition", "feature", "tooling"],
},
{ from: "feature", allow: ["core", "tooling"] },
{ from: "core", allow: ["core", "tooling"] },
{ from: "core-composition", allow: ["core", "feature", "tooling"] },
{ from: "tooling", allow: ["tooling"] },
],
},
],
},
},
// Block direct @sentry/* imports outside the allowlisted instrumentation paths.
{
files: ["**/*.{ts,tsx,mjs,cjs,js}"],
rules: {
"no-restricted-imports": [
"error",
{
patterns: [
{
group: ["@sentry/*"],
message:
"Import from @repo/core-shared/instrumentation instead — feature packages must not depend on Sentry directly.",
},
],
},
],
},
},
// Allowlist — the only paths permitted to import @sentry/*.
// Per ADR-017, server-side Sentry SDK usage is limited to the OTel bridge
// and browser/client init files. Patterns are double-star prefixed so they
// match whether eslint runs from the repo root or from inside a sub-package.
{
files: [
// OTel bridge — the only server-side file that may import @sentry/opentelemetry
"**/instrumentation/otel/sentry-bridge.{ts,js}",
"**/instrumentation/otel/sentry-bridge.test.{ts,js}",
// OTel DI binder — may import @sentry/opentelemetry via sentry-bridge
"**/instrumentation/di/bind-otel-instrumentation.{ts,js}",
"**/instrumentation/di/bind-otel-instrumentation.test.{ts,js}",
// Browser-side Sentry init helpers (server-only migration — browser keeps Sentry SDK directly)
"**/instrumentation/sentry/init-client.{ts,js}",
"**/instrumentation/sentry/init-client.test.{ts,js}",
"**/instrumentation/sentry/init-client-react.{ts,js}",
"**/instrumentation/sentry/init-client-react.test.{ts,js}",
// Server-side Sentry SDK init still used by apps (calls Sentry.init with DSN)
"**/instrumentation/sentry/init-server.{ts,js}",
"**/instrumentation/sentry/init-server.test.{ts,js}",
"**/instrumentation/sentry/init-server-node.{ts,js}",
"**/instrumentation/sentry/init-server-node.test.{ts,js}",
// Test guard — mocks Sentry + OTel SDKs to prevent real init in test processes
"**/setup/no-instrumentation.{ts,js}",
"**/setup/no-instrumentation.test.{ts,js}",
// Legacy alias for one release cycle
"**/setup/no-sentry.{ts,js}",
"**/setup/no-sentry.test.{ts,js}",
// App-level instrumentation entry points and build config
"**/instrumentation.{ts,js,mjs}",
"**/instrumentation-client.{ts,js,mjs}",
"**/next.config.{mjs,ts,js}",
"**/vite.config.{ts,mjs,js}",
"**/sentry.*.config.{ts,mjs,js}",
],
rules: {
"no-restricted-imports": "off",
},
},
// OTel SDK packages (@opentelemetry/sdk-*, @opentelemetry/resources,
// @opentelemetry/semantic-conventions, @opentelemetry/instrumentation-*,
// @sentry/opentelemetry) are restricted to core-shared/instrumentation/otel/
// and app-level init paths.
// The vendor-neutral API packages (@opentelemetry/api, @opentelemetry/api-logs)
// are unrestricted within core-shared/instrumentation/ — features use them for
// advanced tracing without coupling to the SDK.
{
files: [
"**/instrumentation/otel/**/*.{ts,tsx,mjs,cjs,js}",
// App-level init and build config also allowed to import OTel SDK packages
"**/instrumentation.{ts,js,mjs}",
"**/next.config.{mjs,ts,js}",
"**/vite.config.{ts,mjs,js}",
],
rules: {
"no-restricted-imports": "off",
},
},
// E1 — Event handlers must not be re-exported. Wire them only inside the
// consumer feature's bind-production / bind-dev-seed (spec § 2.2 Rule E1).
// J — Direct `payload.jobs.*` access is forbidden outside the integration
// layer. Use IJobQueue (from @repo/core-shared/jobs) instead.
// Events + jobs rules are added here when @repo/core-events is scaffolded
// via `pnpm turbo gen core-package events`.
// <gen:events-rules>
// R2 / R1 (ADR-016) — realtime-specific ESLint rules (no-direct-socket-io,
// no-realtime-handler-reexport) are added here when @repo/core-realtime is
// scaffolded via `pnpm turbo gen core-package realtime`.
// <gen:realtime-rules>
];
Reference in New Issue View Git Blame Copy Permalink