Use require.resolve as a fallback of path.resolve #342
Conversation
|
Since then, I have used |
|
Thanks for a quick reply @DavidAnson! I'm happy to address your comments within 12 hours – just going to sleep now 🙂 |
|
Alternatively, feel free to tweak the PR yourself if that’s preferred. I don’t worry much about the authorship, so will be also happy is you close this PR and implement require.resolve fallback yourself – whatever you find easier. Speak soon! |
|
No hurry. Get some sleep! |
Co-authored-by: fisker Cheung <lionkay@gmail.com>
|
Please also update the PR to be against next branch instead of main. |
|
Thanks for another review @DavidAnson! Happy to do address more comments if you want – no rush with the merge. Let’s do it properly 💪 |
|
I'm the author of |
|
@fisker That rule is enabled because I agree with it and it looks to be supported by Node version 10+ (as this library is). You may know better, but I'm guessing that I have ESLint slightly misconfigured to be using a language version that does not allow the optional binding? I will look into that and fix it if so. |
|
Ah, the Line 3 in 82cf680 I think it should be at least |
|
@fisker Yes, probably. If there is a good mapping from Node version to this setting, I'd love to know! I will update this tomorrow and remove the unnecessary suppressions. Thanks! |
|
@fisker I like that site and it's what I use, but note that some of those features are supported by Node 10 and some are not. I guess what I really want is to specify the minimum Node version to ESLint rather than the JavaScript version. No big deal; I will go with 2019 and make the associated updates. Thanks again! |
|
Thanks again for reviewing and merging this PR @DavidAnson! Looking forward to trying it out in the released version 🚀 |
|
👋 @DavidAnson! What are your thoughts on releasing the next version, which would include this change? |
|
I picked out 6 "enhancement" issues to include with the next release. I'm about half way through them now. Once done, I plan to publish! |
Hi @DavidAnson! We had a discussion about resolving
config.extendsin the CLI some time ago; this PR is a follow-up.My initial question a few months ago was about extending
jsfiles in an auto-discoveredjsonconfig and you explained some unwanted security implications of a change in the logic. We also discussed an opportunity of usingrequire.resolveas a risk-free option for those who want to use a shared markdownlint config and avoid writing something like this in their.markdownlint.json:This is what used to stick with till now.
This weekend I was playing with Yarn v2 (Berry) and realised that the conversion of
"./node_modules/@my-company/markdownlint-config/index.json"to"@my-company/markdownlint-config"became unavoidable. The folder callednode_modulesno longer exists and the real location of all dependency files is now fully controlled by Yarn. Thus, there is no way to refer to a config file in a third-party package without usingrequire.resolve.This PR adds
require.resolveas a fallback topath.resolvein a fully backwards-compatible manner. It should not affect the security model and does not change the error messages in the existing scenarios. The resolution strategy just becomes a little bit more optimistic and can successfully handle more cases than it used to before. So the change in the logic remains unnoticeable for the existing Markdownlint users, while making it possible to use fancier and shorter"extends"paths.I'd be keen to hear what you think about this change and if you're generally happy with the approach, I'm happy to add tests and resolve any other review comments you might have. WDYT?