Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

style(eslint-config): allow globals that SES makes powerless #1071

Merged
merged 3 commits into from
Feb 15, 2022
Merged

style(eslint-config): allow globals that SES makes powerless #1071

merged 3 commits into from
Feb 15, 2022

Conversation

turadg
Copy link
Member

@turadg turadg commented Feb 12, 2022
edited
Loading

The @Endo lint config was unnecessarily conservative in what globals it allowed. One effect was requiring code adopting this config to manually opt into safe globals such as BigUint64Array (example).

All of the SES whitelist of powerless globals are safe to use so this adds them all to the eslint config.

dckc
dckc reviewed Feb 12, 2022
View reviewed changes
packages/eslint-config/eslint-config.json
Comment on lines +26 to +27
// Allow what SES makes powerless, copied from its whitelist
// *** Constructor Properties of the Global Object
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

JS comments in a JSON file? If this is read by something other than a JSON parser, note that at the top, maybe?

@dckc
Copy link
Contributor

dckc commented Feb 12, 2022
edited
Loading

I wonder about maintenance... is it straightforward to add a test that fails if this list and the SES whitelist get out of sync?

kriskowal
kriskowal approved these changes Feb 12, 2022
View reviewed changes
Copy link
Member

@kriskowal kriskowal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I too am a JSON comments skeptic. Perhaps we can describe the design choices in README.md. Looks good when lint is green.

@kriskowal
Copy link
Member

I wonder about maintenance... is it straightforward to add a test that fails if this list and the SES whitelist get out of sync?

This is a good idea. A SES test could import this JSON and the permits to raise any discrepancies. I believe our expectation is for eslint to include everything that’s permitted in SES. We also should permit things that are not present in SES since Endo adds them, like the text encoder, URL, and HandledPromise. I’m comfortable with our Base64 hack being left out since that should only be used in a few places.

@turadg
Copy link
Member Author

turadg commented Feb 15, 2022

Config comments

I also prefer not to put comments in .json files but I see the value of having comments on config choices as far outweighing that. ESLint lets you express the rules in JS, JSONC or YAML. I assert YAML is the best because:

  • most readable (vs JS, JSON)
  • allows comments (vs JSON)
  • does not allow arbitrary code (vs JS)

I'd be happy to follow up with a PR to change the config format to YAML.

Maintenance of the sync between esilnt config and the SES whitelist

I agree it's a good idea. I see it as out of scope for this change and something that could be prioritized, though I don't anticipate it being a high priority because the list changes very rarely and the consequences for it getting out of sync are very small.

@turadg turadg enabled auto-merge (squash) February 15, 2022 21:58
@turadg turadg merged commit 3126fb8 into master Feb 15, 2022
@turadg turadg deleted the ta/eslint-allow-powerless-globals branch February 15, 2022 22:00
@kriskowal
Copy link
Member

Though YAML is awful, I’m okay with YAML for this purpose. @michaelfig is also a stake-holder in that decision.

@michaelfig
Copy link
Member

I’m okay with YAML for this purpose. @michaelfig is also a stake-holder in that decision.

As long as I'm not maintaining it, I don't have a preference.

@turadg turadg mentioned this pull request Feb 16, 2022
Closed
@turadg
Copy link
Member Author

turadg commented Feb 16, 2022

YAML conversion PR ^

While looking for examples of ESLint configs, I noticed ESlint projects defines globals like this https://github.com/eslint/eslint/blob/main/conf/globals.js

Also with Lerna on this monorepo we have a build step so maybe building the whitelist from SES wouldn't be as much work as I thought. Still putting this down for now. :)

@turadg turadg mentioned this pull request Feb 16, 2022
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dckc dckc dckc left review comments

@kriskowal kriskowal kriskowal approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@turadg @dckc @kriskowal @michaelfig