feat(type-utils): detect nested any in isUnsafeAssignment to flag unsafe object arguments #11834
Conversation
|
Thanks for the PR, @OleksandraKordonets! typescript-eslint is a 100% community driven project, and we are incredibly grateful that you are contributing to that community. The core maintainers work on this in their personal time, so please understand that it may not be possible for them to review your work immediately. Thanks again! 🙏 Please, if you or your company is finding typescript-eslint valuable, help us sustain the project by sponsoring it transparently on https://opencollective.com/typescript-eslint. |
✅ Deploy Preview for typescript-eslint ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
|
| Command | Status | Duration | Result |
|---|---|---|---|
nx run-many -t lint |
❌ Failed | 3m 20s | View ↗ |
nx test eslint-plugin --coverage=false |
✅ Succeeded | 5m 8s | View ↗ |
nx run-many -t typecheck |
✅ Succeeded | 2m 10s | View ↗ |
nx test eslint-plugin-internal --coverage=false |
✅ Succeeded | 10s | View ↗ |
nx test typescript-estree --coverage=false |
✅ Succeeded | 2s | View ↗ |
nx run types:build |
✅ Succeeded | 2s | View ↗ |
nx run integration-tests:test |
✅ Succeeded | 3s | View ↗ |
nx run generate-configs |
✅ Succeeded | 5s | View ↗ |
Additional runs (29) |
✅ Succeeded | ... | View ↗ |
☁️ Nx Cloud last updated this comment at 2025-12-12 01:43:26 UTC
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #11834 +/- ##
========================================
Coverage 90.53% 90.54%
========================================
Files 523 523
Lines 53096 53311 +215
Branches 8838 8897 +59
========================================
+ Hits 48073 48268 +195
- Misses 5010 5030 +20
Partials 13 13
Flags with carried forward coverage won't be shown. Click here to find out more.
🚀 New features to boost your workflow:
|
|
@JoshuaKGoldberg |
1 participant
PR Checklist
anys nested inside object arguments #11801Overview
Extend
isUnsafeAssignmentto walk object types structurally with cycle guards and early exits, so nestedanyin object arguments, unions, tuples, arrays, and index signatures are detected even when shapes are inline or via aliases, not only when the generic bases match. This aligns with the goal of the no-unsafe rules to catch any flowing through call sites and assignments, and it expands on the helper’s current simple top level behavior. All no-unsafe rules that call the helper benefit, includingno-unsafe-argument,no-unsafe-assignment, and, by extension, related rules that rely on the same type-level check, the generic fast path remains for identical bases while inline shapes now flag, andno-unsafe-assignmentsuppresses a duplicate top level diagnostic when a nested property already errors.Tests cover shallow and nested objects in
packages/type-utils/tests/isUnsafeAssignment.test.tsplus the issue’s repro inpackages/eslint-plugin/tests/rules/no-unsafe-argument.test.ts, a small website config tweak avoids spreading any to satisfy the stricter checks, and performance is guarded with early exits, default lib skipping, and cycle tracking.