ESLint

​

Files

• .js
• .ts
• .cjs
• .mjs
• .d.cts
• .d.mts
• .jsx
• .tsx
• .css
• .vue
• .svelte
• .astro

​

Configuration

• ESLint configuration is read from the repository and is used as is. No additional configuration is required.
• Please ensure that all ESLint dependencies are defined in your package.json file(s).
• Yarn and PNPM workspaces are supported.
• Private ESLint plugins or configurations are not supported at the moment. Please reach out to us on Discord if you would like us to add support for this.
• For @typescript-eslint, linting with type information at the moment. The type checking rules are disabled.
• For eslint-plugin-import, the following rules are disabled:
  • import/no-unresolved
• For the eslint-plugin-n, the following rules are disabled:
  • n/no-missing-import
  • n/no-missing-require
• For the eslint-plugin-node, the following rules are disabled:
  • node/no-missing-import
  • node/no-missing-require

​

What CodeRabbit runs

​

Security policy and restrictions

• We extract referenced plugins from configs (the plugins array, extends: "plugin:...", eslint-plugin-... mentions).
• If any plugin outside our allow-list is referenced, we skip ESLint for the run.
• We do not install or execute arbitrary third-party plugins from the repository.
• The following plugins are currently allowed:
  • @typescript-eslint
  • eslint-comments
  • import
  • jest
  • jsx-a11y
  • n
  • node
  • promise
  • react
  • react-hooks
  • security
  • sonarjs
  • unicorn
  • prettier
  • vitest
  • testing-library
  • turbo
  • hydrogen
  • tailwindcss
  • svelte
  • nuxt

​

When we skip ESLint

• The config references a plugin not in the allow-list.
• The config can’t be parsed or is otherwise unsafe.