New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket

@biomejs/biome

Package Overview
Dependencies
Maintainers
4
Versions
79
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@biomejs/biome - npm Package Versions

1
68

1.2.2-nightly.ee2e2ab

Diff

dominionl
published 1.2.2-nightly.1e3fc94 •

dominionl
published 1.2.2 •

Changelog

Source

1.2.2 (2023-09-16)

CLI

Bug fixes
  • Fix a condition where import sorting wasn't applied when running biome check --apply
dominionl
published 1.2.1 •

Changelog

Source

1.2.1 (2023-09-15)

Configuration

  • Fix an edge case where the formatter language configuration wasn't picked.
  • Fix the configuration schema, where json.formatter properties weren't transformed in camel case.
dominionl
published 1.2.0 •

Changelog

Source

1.2.0 (2023-09-15)

CLI

New features
  • Add new options to customize the behaviour the formatter based on the language of the file
    • --json-formatter-enabled
    • --json-formatter-indent-style
    • --json-formatter-indent-size
    • --json-formatter-line-width
    • --javascript-formatter-enabled
    • --javascript-formatter-indent-style
    • --javascript-formatter-indent-size
    • --javascript-formatter-line-width
Bug fixes
  • Fix a bug where --errors-on-warning didn't work when running biome ci command.

Configuration

New features
  • Add new options to customize the behaviour of the formatter based on the language of the file
    • json.formatter.enabled
    • json.formatter.indentStyle
    • json.formatter.indentSize
    • json.formatter.lineWidth
    • javascript.formatter.enabled
    • javascript.formatter.indentStyle
    • javascript.formatter.indentSize
    • javascript.formatter.lineWidth

Linter

Promoted rules

New rules are incubated in the nursery group. Once stable, we promote them to a stable group. The following rules are promoted:

New rules
  • Add noConfusingVoidType rule. The rule reports the unusual use of the void type. Contributed by @shulandmimi
Removed rules
  • Remove noConfusingArrow

    Code formatters, such as prettier and Biome, always adds parentheses around the parameter or the body of an arrow function. This makes the rule useless.

    Contributed by @Conaclos

Enhancements
  • noFallthroughSwitchClause now relies on control flow analysis to report most of the switch clause fallthrough. Contributed by @Conaclos

  • noAssignInExpressions no longer suggest code fixes. Most of the time the suggestion didn't match users' expectations. Contributed by @Conaclos

  • noUselessConstructor no longer emits safe code fixes. Contributed by @Conaclos

    All code fixes are now emitted as unsafe code fixes. Removing a constructor can change the behavior of a program.

  • useCollapsedElseIf now only provides safe code fixes. Contributed by @Conaclos

  • noUnusedVariables now reports more cases.

    The rule is now able to ignore self-writes. For example, the rule reports the following unused variable:

    let a = 0;
    a++;
    a += 1;
    

    The rule is also capable of detecting an unused declaration that uses itself. For example, the rule reports the following unused interface:

    interface I {
      instance(): I
    }
    

    Finally, the rule now ignores all TypeScript declaration files, including global declaration files.

    Contributed by @Conaclos

Bug fixes
  • Fix #182, making useLiteralKeys retains optional chaining. Contributed by @denbezrukov

  • Fix #168, fix useExhaustiveDependencies false positive case when stable hook is on a new line. Contributed by @denbezrukov

  • Fix #137, fix noRedeclare false positive case with TypeScript module declaration:

    declare module '*.gif' {
        const src: string;
    }
    
    declare module '*.bmp' {
        const src: string;
    }
    

    Contributed by @denbezrukov

  • Fix #258, fix noUselessFragments the case where the rule removing an assignment. Contributed by @denbezrukov

  • Fix #266, where complexity/useLiteralKeys emitted a code action with an invalid AST. Contributed by @ematipico

  • Fix #105, removing false positives reported by noUnusedVariables.

    The rule no longer reports the following used variable:

    const a = f(() => a);
    

    Contributed by @Conaclos

VSCode

Enhancements
  • Improve server binary resolution when using certain package managers, notably pnpm.

    The new strategy is to point to node_modules/.bin/biome path, which is consistent for all package managers.

dominionl
published 1.1.2-nightly.9c28238 •

dominionl
published 1.1.2 •

Changelog

Source

1.1.2 (2023-09-07)

Editors

Bug fixes
  • Fix a case where an empty JSON file would cause the LSP server to crash. Contributed by @ematipico

Linter

Enhancements
  • useNamingConvention now accepts import namespaces in PascalCase and rejects export namespaces in CONSTANT_CASE.

    The following code is now valid:

    import * as React from "react";
    

    And the following code is now invalid:

    export * as MY_NAMESPACE from "./lib.js";
    

    Contributed by @Conaclos

  • noUselessConstructor now ignores decorated classes and decorated parameters. The rule now gives suggestions instead of safe fixes when parameters are annotated with types. Contributed by @Conaclos

dominionl
published 1.1.1 •

Changelog

Source

1.1.1 (2023-09-07)

Analyzer

Bug fixes
  • The diagnostic for // rome-ignore suppression comment should not be a warning. A warning could block the CI, marking a gradual migration difficult. The code action that changes // rome-ignore to // biome-ignore is disabled as consequence. Contributed by @ematipico
dominionl
published 1.1.0 •

Changelog

Source

1.1.0 (2023-09-06)

Analyzer

Enhancements
  • Add a code action to replace rome-ignore with biome-ignore. Use biome check --apply-unsafe to update all the comments. The action is not bulletproof, and it might generate unwanted code, that's why it's unsafe action. Contributed by @ematipico

CLI

Enhancements
  • Biome now reports a diagnostics when a rome.json file is found.
  • biome migrate --write creates biome.json from rome.json, but it won't delete the rome.json file. Contributed by @ematipico
Bug fixes
  • Biome uses biome.json first, then it attempts to use rome.json.
  • Fix a case where Biome couldn't compute correctly the ignored files when the VSC integration is enabled. Contributed by @ematipico

Configuration

Editors

Bug fixes
  • The LSP now uses its own socket and won't rely on Biome's socket. This fixes some cases where users were seeing multiple servers in the rage output.

Formatter

Enhancements
  • You can use // biome-ignore as suppression comment.
  • The // rome-ignore suppression is deprecated.

JavaScript APIs

Linter

New features
  • Add useCollapsedElseIf rule. This new rule requires merging an else and an if, if the if statement is the only statement in the else block. Contributed by @n-gude
Enhancements
  • useTemplate now reports all string concatenations.

    Previously, the rule ignored concatenation of a value and a newline or a backquote. For example, the following concatenation was not reported:

    v + "\n";
    "`" + v + "`";
    

    The rule now reports these cases and suggests the following code fixes:

    - v + "\n";
    + `${v}\n`;
    - v + "`";
    + `\`${v}\``;
    

    Contributed by @Conaclos

  • useExponentiationOperator suggests better code fixes.

    The rule now preserves any comment preceding the exponent, and it preserves any parenthesis around the base or the exponent. It also adds spaces around the exponentiation operator **, and always adds parentheses for pre- and post-updates.

    - Math.pow(a++, /**/ (2))
    + (a++) ** /**/ (2)
    

    Contributed by @Conaclos

  • You can use // biome-ignore as suppression comment.

  • The // rome-ignore suppression is deprecated.

Bug fixes
  • Fix #80, making noDuplicateJsxProps case-insensitive.

    Some frameworks, such as Material UI, rely on the case-sensitivity of JSX properties. For example, TextField has two properties with the same name, but distinct cases:

    <TextField inputLabelProps="" InputLabelProps=""></TextField>
    

    Contributed by @Conaclos

  • Fix #138

    noCommaOperator now correctly ignores all use of comma operators inside the update part of a for loop. The following code is now correctly ignored:

    for (
      let i = 0, j = 1, k = 2;
      i < 100;
      i++, j++, k++
    ) {}
    

    Contributed by @Conaclos

  • Fix rome#4713.

    Previously, useTemplate made the following suggestion:

    - a + b + "px"
    + `${a}${b}px`
    

    This breaks code where a and b are numbers.

    Now, the rule makes the following suggestion:

    - a + b + "px"
    + `${a + b}px`
    

    Contributed by @Conaclos

  • Fix rome#4109

    Previously, useTemplate suggested an invalid code fix when a leading or trailing single-line comment was present:

      // leading comment
    - 1 /* inner comment */ + "+" + 2 // trailing comment
    + `${// leading comment
    + 1 /* inner comment */}+${2 //trailing comment}` // trailing comment
    

    Now, the rule correctly handles this case:

      // leading comment
    - 1 + "+" + 2 // trailing comment
    + `${1}+${2}` // trailing comment
    

    As a sideeffect, the rule also suggests the removal of any inner comments.

    Contributed by @Conaclos

  • Fix rome#3850

    Previously useExponentiationOperator suggested invalid code in a specific edge case:

    - 1 +Math.pow(++a, 2)
    + 1 +++a**2
    

    Now, the rule properly adds parentheses:

    - 1 +Math.pow(++a, 2)
    + 1 +(++a) ** 2
    

    Contributed by @Conaclos

  • Fix #106

    noUndeclaredVariables now correctly recognizes some TypeScript types such as Uppercase.

    Contributed by @Conaclos

  • Fix rome#4616

    Previously noUnreachableSuper reported valid codes with complex nesting of control flow structures.

    Contributed by @Conaclos

dominionl
published 1.0.0 •

Changelog

Source

1.0.0 (2023-08-28)

Analyzer

BREAKING CHANGES
  • The organize imports feature now groups import statements by "distance".

    Modules "farther" from the user are put on the top, and modules "closer" to the user are placed on the bottom. Check the documentation for more information about it.

  • The organize imports tool is enabled by default. If you don't want to use it, you need to disable it explicitly:

    {
      "organizeImports": {
        "enabled": false
      }
    }
    

CLI

BREAKING CHANGES
  • The CLI now exists with an error when there's an error inside the configuration.

    Previously, biome would raise warnings and continue the execution by applying its defaults.

    This could have been better for users because this could have created false positives in linting or formatted code with a configuration that wasn't the user's.

  • The command biome check now shows formatter diagnostics when checking the code.

    The diagnostics presence will result in an error code when the command finishes.

    This aligns with semantic and behaviour meant for the command biome check.

  • init command emits a biome.json file;

Other changes
  • Fix #4670, don't crash at empty default export.

  • Fix #4556, which correctly handles new lines in the .gitignore file across OS.

  • Add a new option to ignore unknown files --files-ignore-unknown:

    biome format --files-ignore-unknown ./src
    

    Doing so, Biome won't emit diagnostics for files that doesn't know how to handle.

  • Add the new option --no-errors-on-unmatched:

    biome format --no-errors-on-unmatched ./src
    

    Biome doesn't exit with an error code if no files were processed in the given paths.

  • Fix the diagnostics emitted when running the biome format command.

  • Biome no longer warns when discovering (possibly infinite) symbolic links between directories.

    This fixes #4193 which resulted in incorrect warnings when a single file or directory was pointed at by multiple symbolic links. Symbolic links to other symbolic links do still trigger warnings if they are too deeply nested.

  • Introduced a new command called biome lint, which will only run lint rules against the code base.

  • Biome recognizes known files as "JSON files with comments allowed":

    • typescript.json;
    • tsconfig.json;
    • jsconfig.json;
    • tslint.json;
    • babel.config.json;
    • .babelrc.json;
    • .ember-cli;
    • typedoc.json;
    • .eslintrc.json;
    • .eslintrc;
    • .jsfmtrc;
    • .jshintrc;
    • .swcrc;
    • .hintrc;
    • .babelrc;
  • Add support for biome.json;

Configuration

Other changes
  • Add a new option to ignore unknown files:

    {
       "files": {
          "ignoreUnknown": true
       }
    }
    

    Doing so, Biome won't emit diagnostics for file that it doesn't know how to handle.

  • Add a new "javascript" option to support the unsafe/experimental parameter decorators:

    {
       "javascript": {
          "parser": {
             "unsafeParameterDecoratorsEnabled": true
          }
       }
    }
    
  • Add a new "extends" option, useful to split the configuration file in multiple files:

    {
      "extends": ["../sharedFormatter.json", "linter.json"]
    }
    

    The resolution of the files is file system based, Biome doesn't know how to resolve dependencies yet.

  • The commands biome check and biome lint now show the remaining diagnostics even when --apply-safe or --apply-unsafe are passed.

  • Fix the commands biome check and biome lint, they won't exit with an error code if no error diagnostics are emitted.

  • Add a new option --error-on-warnings, which instructs Biome to exit with an error code when warnings are emitted.

    biome check --error-on-warnings ./src
    
  • Add a configuration to enable parsing comments inside JSON files:

    {
      "json": {
        "parser": {
          "allowComments": true
        }
      }
    }
    

Editors

Other changes
  • The Biome LSP can now show diagnostics belonging to JSON lint rules.

  • The Biome LSP no longer applies unsafe quickfixes on-save when editor.codeActionsOnSave.quickfix.biome is enabled.

  • Fix #4564; files too large don't emit errors.

  • The Biome LSP sends client messages when files are ignored or too big.

Formatter

  • Add a new option called --jsx-quote-style.

    This option lets you choose between single and double quotes for JSX attributes.

  • Add the option --arrow-parentheses.

    This option allows setting the parentheses style for arrow functions.

  • The JSON formatter can now format .json files with comments.

Linter

Removed rules
  • Remove complexity/noExtraSemicolon (#4553)

    The Biome formatter takes care of removing extra semicolons. Thus, there is no need for this rule.

  • Remove useCamelCase

    Use useNamingConvention instead.

New rules
Promoted rules

New rules are promoted, please check #4750 for more details:

The following rules are now recommended:

**- noUselessFragments

Other changes
  • Add new TypeScript globals (AsyncDisposable, Awaited, DecoratorContext, and others) 4643.

  • noRedeclare: allow redeclare of index signatures are in different type members #4478

Improve noConsoleLog, noGlobalObjectCalls, useIsNan, and useNumericLiterals by handling globalThis and window namespaces.

For instance, the following code is now reported by noConsoleLog:

globalThis.console.log("log")
  • Improve noDuplicateParameters to manage constructor parameters.

  • Improve noInnerDeclarations

    Now, the rule doesn't report false-positives about ambient TypeScript declarations. For example, the following code is no longer reported by the rule:

    declare var foo;
    
  • Improve useEnumInitializers

    The rule now reports all uninitialized members of an enum in a single diagnostic.

    Moreover, ambient enum declarations are now ignored. This avoids reporting ambient enum declarations in TypeScript declaration files.

    declare enum Weather {
      Rainy,
      Sunny,
    }
    
  • Relax noBannedTypes and improve documentation

    The rule no longer reports a user type that reuses a banned type name. The following code is now allowed:

    import { Number } from "a-lib";
    declare const v: Number;
    

    The rule now allows the use of the type {} to denote a non-nullable generic type:

    function f<T extends {}>(x: T) {
        assert(x != null);
    }
    

    And in a type intersection for narrowing a type to its non-nullable equivalent type:

    type NonNullableMyType = MyType & {};
    
  • Improve noConstantCondition

    The rule now allows while(true). This recognizes a common pattern in the web community:

    while (true) {
      if (cond) {
        break;
      }
    }
    
  • Improve the diagnostic and the code action of useDefaultParameterLast.

    The diagnostic now reports the last required parameter which should precede optional and default parameters.

    The code action now removes any whitespace between the parameter name and its initialization.

  • Relax noConfusingArrow

    All arrow functions that enclose its parameter with parenthesis are allowed. Thus, the following snippet no longer trigger the rule:

    var x = (a) => 1 ? 2 : 3;
    

    The following snippet still triggers the rule:

    var x = a => 1 ? 2 : 3;
    
  • Relax useLiteralEnumMembers

    Enum members that refer to previous enum members are now allowed. This allows a common pattern in enum flags like in the following example:

    enum FileAccess {
      None = 0,
      Read = 1,
      Write = 1 << 1,
      All = Read | Write,
    }
    

    Arbitrary numeric constant expressions are also allowed:

    enum FileAccess {
      None = 0,
      Read = 2**0,
      Write = 2**1,
      All = Read | Write,
    }
    
  • Improve useLiteralKeys.

    Now, the rule suggests simplifying computed properties to string literal properties:

    {
    -  ["1+1"]: 2,
    +  "1+1": 2,
    }
    

    It also suggests simplifying string literal properties to static properties:

    {
    -  "a": 0,
    +  a: 0,
    }
    

    These suggestions are made in object literals, classes, interfaces, and object types.

  • Improve noNewSymbol.

    The rule now handles cases where Symbol is namespaced with the global globalThis or window.

  • The rules useExhaustiveDependencies and useHookAtTopLevel accept a different shape of options

    Old configuration:

    {
      "linter": {
         "rules": {
            "nursery": {
               "useExhaustiveDependencies": {
                  "level": "error",
                  "options": {
                     "hooks": [
                        ["useMyEffect", 0, 1]
                     ]
                  }
               }
            }
         }
      }
    }
    

    New configuration:

    {
      "linter": {
         "rules": {
            "nursery": {
               "useExhaustiveDependencies": {
                  "level": "error",
                  "options": {
                     "hooks": [
                        {
                           "name": "useMyEffect",
                           "closureIndex": 0,
                           "dependenciesIndex": 1
                        }
                     ]
                  }
               }
            }
         }
      }
    }
    
  • noRedundantUseStrict check only 'use strict' directive to resolve false positive diagnostics.

    React introduced new directives, "use client" and "use server". The rule raises false positive errors about these directives.

  • Fix a crash in the NoParameterAssign rule that occurred when there was a bogus binding. #4323

  • Fix useExhaustiveDependencies in the following cases #4330:

    • when the first argument of hooks is a named function
    • inside an export default function
    • for React.use hooks
  • Fix noInvalidConstructorSuper that erroneously reported generic parents #4624.

  • Fix noDuplicateCase that erroneously reported as equals the strings literals "'" and '"' #4706.

  • Fix NoUnreachableSuper's false positive diagnostics (#4483) caused to nested if statement.

    The rule no longer reports This constructor calls super() in a loop when using nested if statements in a constructor.

  • Fix useHookAtTopLevel's false positive diagnostics (#4637)

    The rule no longer reports false positive diagnostics when accessing properties directly from a hook and calling a hook inside function arguments.

  • Fix noUselessConstructor which erroneously reported constructors with default parameters rome#4781

  • Fix noUselessFragments's panics when running biome check --apply-unsafe (#4637)

    This rule's code action emits an invalid AST, so I fixed using JsxString instead of JsStringLiteral

  • Fix noUndeclaredVariables's false positive diagnostics (#4675)

    The semantic analyzer no longer handles this reference identifier.

  • Fix noUnusedVariables's false positive diagnostics (#4688)

    The semantic analyzer handles ts export declaration clause correctly.

Parser

  • Add support for decorators in class method parameters, example:

    class AppController {
       get(@Param() id) {}
       // ^^^^^^^^ new supported syntax
    }
    

    This syntax is only supported via configuration, because it's a non-standard syntax.

    {
       "javascript": {
          "parser": {
             "unsafeParameterDecoratorsEnabled": true
          }
       }
    }
    
  • Add support for parsing comments inside JSON files:

    {
      "json": {
        "parser": {
          "allowComments": true
        }
      }
    }
    
  • Add support for the new using syntax

    const using = resource.lock();
    
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc