Nick2bad4u/eslint-plugin-repo v1.0.2

on GitHub

[1.0.2] - 2026-04-27

9b0461b...332a9e4

🛡️ Security

• 2e6ef22 — 🔧 [chore] Update dependencies and improve installation commands

• Updated update-deps script to use npm update --workspaces --force for better dependency management.

• Upgraded various @secretlint packages from ^12.3.0 to ^12.3.1 for improved functionality and bug fixes.

• Updated eslint-plugin-github-actions-2 from ^1.1.0 to ^1.1.1 for minor improvements.

• Upgraded git-cliff from ^2.12.0 to ^2.13.1 for enhanced features.

• Updated postcss from ^8.5.10 to ^8.5.12 for better performance and compatibility.

• Upgraded secretlint from ^12.3.0 to ^12.3.1 for improved security checks.

• Updated stylelint-define-config from ^17.8.0 to ^17.9.0 for better configuration options.

Signed-off-by: Nick2bad4u 20943337+Nick2bad4u@users.noreply.github.com

• 9b0461b — ⚡️ [perf] (file-io) Add file content cache to readTextFileIfExists; migrate rules off bare readFileSync

⚡️ [perf] (repository-text-files) Add in-process file content cache to readTextFileIfExists

• Introduces a module-level Map<string, null | string> cache so each absolute file path is read from disk at most once per ESLint process

• Cache stores null for files that don't exist or can't be read, avoiding repeated failed syscalls

• Adds exported clearFileContentCache() for test isolation — called between test runs to reset state

• Documents caching semantics and null-return contract in JSDoc

🐛 [fix] (repo-file-rule) Replace incomplete local defaultTriggerFileNames with canonical providerRuleTriggerFileNames

• Removes hardcoded ["eslint.config.js", "eslint.config.mjs", "package.json"] constant that was missing eslint.config.ts and eslint.config.cjs

• Imports and falls back to providerRuleTriggerFileNames from config-file-scanner.ts — the single source of truth for trigger files

• Eliminates a silent coverage gap: file-presence rules were not triggering on .ts and .cjs ESLint configs

🐛 [fix] (config-file-scanner) Add eslint.config.cjs to providerRuleTriggerFileNames

• eslint.config.cjs is a valid ESLint Flat Config entrypoint and was missing from the canonical trigger set

• All 90+ rules that use providerRuleTriggerFileNames now correctly activate when linting CJS flat config files

♻️ [refactor] (rules) Migrate 43 rules from local trigger-file sets to shared providerRuleTriggerFileNames

• Removes per-rule const triggerFileNames = new Set([...]) declarations across all affected rule files

• Replaces local set checks with setHas(providerRuleTriggerFileNames, lintedFileName)

• Adds import { providerRuleTriggerFileNames } from "../_internal/config-file-scanner.js" where missing

• Covers: require-bitbucket-pipelines-, require-codeowners-reviewable-patterns, require-dependabot-, require-digitalocean-, require-dockerfile-, require-dockerignore-file, require-forgejo-actions-, require-github-, require-gitlab-ci-, require-google-cloud-build-, require-license-spdx-identifier, require-netlify-, require-pr-template-checklist-items, require-readme-, require-security-policy-contact-channel

♻️ [refactor] (rules) Migrate bare readFileSync IIFE patterns to readTextFileIfExists

• Replaces inline try { readFileSync(...) } catch { return null } blocks with readTextFileIfExists(filePath)

• Removes readFileSync from node:fs imports in all migrated files; adds readTextFileIfExists to repository-text-files imports

• Fixes a TOCTOU race in require-bitbucket-pipelines-pull-requests-target-branches where existsSync was checked before reading

• Affected: require-bitbucket-pipelines-clone-depth, require-bitbucket-pipelines-default-pipeline, require-bitbucket-pipelines-image-pinned-tag, require-bitbucket-pipelines-max-time, require-bitbucket-pipelines-pull-requests, require-bitbucket-pipelines-step-name, require-codeowners-reviewable-patterns, require-forgejo-actions-job-timeout-minutes, require-forgejo-actions-no-write-all-permissions, require-forgejo-actions-pinned-sha, require-forgejo-actions-workflow-permissions, require-github-actions-workflow-name, require-github-issue-template-labels, require-gitlab-ci-default-timeout, require-gitlab-ci-rules-over-only-except, require-gitlab-ci-security-scanning, require-gitlab-ci-stages, require-license-spdx-identifier, require-pr-template-checklist-items, require-security-policy-contact-channel

🔥 [refactor] (presets) Remove GitHub-specific rules from the recommended preset

• require-dependabot-schedule: set recommended: false, removed "repoPlugin.configs.recommended" from repoConfigs

• require-codeowners-reviewable-patterns: set recommended: false, removed "repoPlugin.configs.recommended" from repoConfigs

• Both rules remain active in strict, github, and all presets — only the platform-agnostic recommended preset is narrowed

📝 [docs] Regenerate preset matrix and README rules table to reflect all changes

• Re-ran sync:presets-rules-matrix:write — updates docs/rules/presets/recommended.md and presets/index.md

• Re-ran sync:readme-rules-table:update — refreshes README.md preset columns for both affected rules

🧪 [test] (config-file-scanner) Add eslint.config.cjs to trigger-set test coverage

Signed-off-by: Nick2bad4u 20943337+Nick2bad4u@users.noreply.github.com

🛠️ Other Changes

• 889855e — 🔖 [release] [dependency] Update version 1.0.1 in package.json and package-lock.json

Signed-off-by: Nick2bad4u 20943337+Nick2bad4u@users.noreply.github.com

🧹 Chores

• 332a9e4 — Release v1.0.2

• 9534b0d — 🧹 [chore] Update update-deps script formatting for consistency

Signed-off-by: Nick2bad4u 20943337+Nick2bad4u@users.noreply.github.com