New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to truly enforce no global pollution in browser code? #4906
Comments
@cowchimp Thanks for the issue! If you're reporting a bug, please be sure to include:
Requesting a new rule? Please see Proposing a New Rule for instructions. |
I think this would be hard to do, because |
Thanks for the reply. |
You can manually look for MemberExpression nodes that have The other problem is knowing if creating globals is allowed. Should So, I think what you're asking for is a bit beyond what we can do in a generic way. You can certainly create a custom rule, though. |
Hi guys, I called the rule I chose that name for the rule because it's similar in a way to the proposed Also, I think I need to address whether or not the global variable I'm comparing to is writeable or not, so consider this a proof-of-concept at this point. |
Thanks for the link. Implementation looks reasonable, but I still don't think it's a good fit for the core. There are so many ways of bypassing this rule in real life, that I don't think it would have a lot of value. As @nzakas mention, |
Closing since question was answered. |
Hi.
I'm having difficulty composing existing eslint rules in a way that should be relevant for many people (IMHO).
There's a good chance I'm missing something basic and that this can be achieved. But in case it's not I would be interested in sending in a PR.
My goal is simple:
To make sure no script relies on globals defined in another script.
I'm assuming that's something many people will want to enforce on browser js codebases that used to rely on IIFEs and are slowly migrating them to rely on AMD\Commonjs\ES6 Modules.
The problem:
The
no-undef
rule is obviously the go-to rule for this.It will definitely catch globals referenced like this:
SomeCustomGlobalObjectDefinedElsewhere.init();
And it can also catch globals referenced like this:
window.SomeCustomGlobalObjectDefinedElsewhere.init();
but only if you do not specify
browser
as the environment.And if you don't do that, then all of a sudden you'll get false reports as if these lines are invalid
window.location.href = 'http://www.github.com';
var item = localStorage.getItem('someKey');
setTimeout(function() { }, 10);
Alternatively, if you do specify
browser
as the environment then this invalid line becomes valid:window.SomeCustomGlobalObjectDefinedElsewhere.init();
References:
I looked at
no-implicit-globals
.Also looked at the proposed
no-restricted-properties
(#3218) andno-restricted-globals
(#3966) and the open issue aboutno-console
being tricked by referencingwindow.console
(#4826).But my case is kind of the opposite. I want to allow all of window's native properties, but to disallow piggybacking on
window
to define globals.I'm using v2.0.0-alpha-1.
If you need any more info from me, please LMK.
Thanks.
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.
The text was updated successfully, but these errors were encountered: