Security News
Crates.io Implements Trusted Publishing Support
Crates.io adds Trusted Publishing support, enabling secure GitHub Actions-based crate releases without long-lived API tokens.
By Sarah Gooding - Jul 16, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
eslint-plugin-erasable-syntax-only
Advanced tools
eslint-plugin-erasable-syntax-only
ESLint plugin to granularly enforce TypeScript's erasableSyntaxOnly flag. ❎
eslint-plugin-erasable-syntax-only
ESLint plugin to granularly enforce TypeScript's erasableSyntaxOnly flag.
❎
Usage
Add this plugin to the list of plugins in your ESLint configuration file:
npm i eslint-plugin-erasable-syntax-only -D
import eslint from "@eslint/js";
import erasableSyntaxOnly from "eslint-plugin-erasable-syntax-only";
import tseslint from "typescript-eslint";
export default tseslint.config(
eslint.configs.recommended,
tseslint.configs.recommended,
erasableSyntaxOnly.configs.recommended, // 👈
);
Rules
These are all set to "error" in the recommended config:
💡 Manually fixable by editor suggestions.
| Name | Description | 💡 |
|---|---|---|
| enums | Avoid using TypeScript's enums. | |
| import-aliases | Avoid using TypeScript's import aliases. | 💡 |
| namespaces | Avoid using TypeScript's namespaces. | |
| parameter-properties | Avoid using TypeScript's class parameter properties. |
This plugin requires ESLint >=9 and Node.js >=20.18.0.
What?
eslint-plugin-erasable-syntax-only is an ESLint plugin.
It provides rules that report on using syntax that will not be allowed by TypeScript's --erasableSyntaxOnly option:
Recently, Node.js 23.6 unflagged experimental support for running TypeScript files directly; however, only certain constructs are supported under this mode.
...
TypeScript 5.8 introduces the
--erasableSyntaxOnlyflag. When this flag is enabled, TypeScript will only allow you to use constructs that can be erased from a file, and will issue an error if it encounters any constructs that cannot be erased.
Why?
If you've already enabled TypeScript's --erasableSyntaxOnly option then you do not need this plugin.
However, if you have many existing violations, it can be time-consuming to enable TypeScript options like --erasableSyntaxOnly.
TypeScript compiler options can only be configured widely at the TSConfig-level, not granularly per-file.
eslint-plugin-erasable-syntax-only allows for more gradual migrations towards only using erasable syntax.
It allows you to:
- Enable only one rule at a time
- Restrict which rules apply to which files
- Use granular ESLint
eslint-disablecomments instead of// @ts-expect-errors
For example, this config avoids banning enums in specific files:
import erasableSyntaxOnly from "eslint-plugin-erasable-syntax-only";
import tseslint from "typescript-eslint";
export default tseslint.config(
eslint.configs.recommended,
tseslint.configs.recommended,
erasableSyntaxOnly.configs.recommended,
// TODO (#...)
{
files: ["src/some/files/*.ts"],
rules: {
"erasable-syntax-only/enums": "off",
},
},
);
💡 Tip: Put a TODO comment linking to a tracking issue/ticket on any temporary disables of rules. It will help keep track of pending work and indicate when rule disables aren't meant to stay long-term.
See Also
@typescript-eslint/no-namespace: Dedicated, more granular typescript-eslint rule for reportingnamespaces@typescript-eslint/parameter-properties: Dedicated, more granular typescript-eslint rule for parameter properties
Development
See .github/CONTRIBUTING.md, then .github/DEVELOPMENT.md.
Thanks! ❎
Contributors
 Alex Muñoz 💻 |  Jake Bailey 🐛 |  Josh Goldberg ✨ 💻 🖋 📖 🤔 🚇 🚧 📆 🔧 🐛 |
💝 This package was templated with
create-typescript-appusing the Bingo engine.
FAQs
ESLint plugin to granularly enforce TypeScript's erasableSyntaxOnly flag. ❎
The npm package eslint-plugin-erasable-syntax-only receives a total of 4,255 weekly downloads. As such, eslint-plugin-erasable-syntax-only popularity was classified as popular.
We found that eslint-plugin-erasable-syntax-only demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 03 Apr 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Tracking Protestware Spread: 28 npm Packages Affected by Payload Targeting Russian-Language Users
Undocumented protestware found in 28 npm packages disrupts UI for Russian-language users visiting Russian and Belarusian domains.
By Olivia Brown - Jul 15, 2025
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
By Kirill Boychenko - Jul 14, 2025