You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
'Implement the placeholder. If the work is too large, do NOT delete the marker — leave the file unchanged and explain in your final reply.',
216
233
'socket/no-fetch-prefer-http-request':
217
234
'Replace `fetch(url, opts)` with the right helper from `@socketsecurity/lib-stable/http-request`: `httpJson` when the caller calls `.json()` on the response, `httpText` when it calls `.text()`, `httpRequest` for raw access. Add the named import.',
235
+
'socket/no-malformed-bypass-marker':
236
+
'A disable marker (`oxlint-disable-next-line <rule>` or `socket-lint: allow <rule>`) is missing its required `-- <reason>`. Append ` -- <reason>` where the reason states WHY the waiver is correct, read from the disabled line plus any comment directly above it (for example `// oxlint-disable-next-line socket/prefer-undefined-over-null -- spec returns null here`). Keep the marker AND the code it guards exactly as-is; only add the reason. If multiple rules are listed, justify them all. Never delete the marker or change the guarded line.',
237
+
'socket/no-namespace-import':
238
+
'Rewrite a namespace import (`import * as X from "..."`) to named imports with the names actually used: inspect every `X.foo` reference in the file, import exactly those (`import { foo, bar } from "..."`), and change each `X.foo` to bare `foo`. If `X` is passed as a value (for example `someApi(X)`), or the import is a test module-mock or a bare Node builtin, keep the namespace form and add a `// no-namespace-import: passed-as-value` comment instead.',
239
+
'socket/no-source-sniffing':
240
+
'Code that scans source/file TEXT with a regex to infer behavior (for example, regex-testing a file string for a `module.exports =` assignment or an export keyword). Prefer rewriting to import the module and read its typed export (e.g. a `defineHook` instance), or parse the AST, instead of matching raw text. If a behavior-preserving rewrite is not safely possible because the text-scan is genuinely necessary (e.g. it lints raw source that cannot be imported), append `// oxlint-disable-next-line socket/no-source-sniffing -- <reason>` with a concrete justification. Never silently weaken behavior to satisfy the rule.',
241
+
'socket/prefer-non-capturing-group':
242
+
'A bare `(...)` capture group fired. If its captured text IS used (referenced by group index or name, or consumed by `String.prototype.split` / `matchAll` / `replace` group references), convert it to a NAMED group `(?<name>...)` with a descriptive name. If the group exists only for precedence or quantification and its capture is never read, convert it to non-capturing `(?:...)`. Read how the regex matches are consumed to decide. Do not change what the pattern matches.',
243
+
'socket/prefer-normalize-path':
244
+
'A manual path-separator rewrite fired (replacing backslashes with forward slashes on a path string). Replace the hand-rolled rewrite with `normalizePath(p)` and add the import, matching the import style the file already uses for sibling lib modules: the canonical `@socketsecurity/lib/paths/normalize` in `src/`/`test/` (vitest aliases it to local source), a relative path to `paths/normalize` when the module is nearby, or the `-stable` alias `@socketsecurity/lib-stable/paths/normalize` in scripts/hooks/config. Verify the rewrite is semantically identical (normalizePath yields one forward-slash-separated representation across platforms).',
218
245
'socket/require-regex-comment': `Add a \`//\` comment that explains the flagged regex for a junior reader who won't mentally execute it. Put it on the line directly ABOVE the regex (preferred) or trailing the same line. Break the pattern into its parts and say what each MATCHES, not just what the variable is for.
0 commit comments