🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@technote-space/eslint-plugin-strict-dependencies

Package Overview
Dependencies
Maintainers
1
Versions
15
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@technote-space/eslint-plugin-strict-dependencies

Restrict imports between files according to the configured dependency rules.

0.3.4
latest
Source
npm
Version published
Weekly downloads
21
250%
Maintainers
1
Weekly downloads
 
Created
Source

eslint-plugin-strict-dependencies

ESlint plugin to define custom module dependency rules.

NOTE: eslint-plugin-strict-dependencies uses tsconfig, tsconfig.json must be present.

Table of Contents

Details
  • Installation
  • Supported Rules
  • Usage
  • License

Installation

npm install @technote-space/eslint-plugin-strict-dependencies --save-dev

Supported Rules

  • strict-dependencies
    • module: string (Glob or Forward matching string)
      • target module path
    • allowReferenceFrom: string[] (Glob or Forward matching string)
      • Paths of files where target module imports are allowed.
    • allowSameModule: boolean
      • Whether it can be imported by other files in the same directory
    • allowTypeImport: boolean
      • Whether to allow type import

Options

  • resolveRelativeImport: boolean[default = false]
    • Whether to resolve relative import as in the following example
    • src/components/aaa.ts
    import bbb from './bbb';
    • ./bbb: resolveRelativeImport = false
    • src/components/bbb: resolveRelativeImport = true
  • allowTypeImport: boolean
    • Whether to allow type import

Usage

.eslintrc:

"plugins": [
  "@technote-space/strict-dependencies",
],
"rules": {
  "@technote-space/strict-dependencies/strict-dependencies": [
    "error",
    [
      /**
       * Example:
       * Limit the dependencies in the following directions
       * pages -> components/page -> components/ui
       */
      {
        "module": "src/components/page",
        "allowReferenceFrom": ["src/pages"],
        // components/page can't import other components/page
        "allowSameModule": false,
        "allowTypeImport": true
      },
      {
        "module": "src/components/ui",
        "allowReferenceFrom": ["src/components/page"],
        // components/ui can import other components/ui
        "allowSameModule": true
      },

      /**
       * example:
       * Disallow to import `next/router` directly. it should always be imported using `libs/router.ts`.
       */
      {
        "module": "next/router",
        "allowReferenceFrom": ["src/libs/router.ts"],
        "allowSameModule": false
      },
    ],
    // options
    // {
    //   "resolveRelativeImport": true,
    //   "allowTypeImport": true
    // }
  ]
}

License

MIT

FAQs

Package last updated on 07 May 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

NPM targeted by malware campaign mimicking familiar library names

Research

NPM targeted by malware campaign mimicking familiar library names

Socket uncovered npm malware campaign mimicking popular Node.js libraries and packages from other ecosystems; packages steal data and execute remote code.

By Socket Research Team  -  May 02, 2025