feat: add invalid-import rule for ssr (#204)

Author: RageJS

README.md

@@ -127,6 +127,7 @@ To choose from three configuration settings, install the [`eslint-config-lwc`](h
 | [lwc/ssr-no-restricted-browser-globals](./docs/rules/ssr/ssr-no-restricted-browser-globals.md)                                         | disallow access to global browser APIs during SSR                              |         |
 | [lwc/ssr-no-unsupported-properties](./docs/rules/ssr/ssr-no-unsupported-properties.md)                                                 | disallow access of unsupported properties in SSR                               |         |
 | [lwc/ssr-no-node-env](./docs/rules/ssr/ssr-no-node-env.md)                                                                             | disallow usage of process.env.NODE_ENV in SSR                                  |         |
+| [lwc/ssr-no-disallowed-lwc-imports](./docs/rules/ssr/ssr-no-disallowed-lwc-imports.md)                                                 | restrict specific imports from the lwc package in SSR-able components          |         |
 | [lwc/valid-graphql-wire-adapter-callback-parameters](./docs/rules/valid-graphql-wire-adapter-callback-parameters.md)                   | ensure graphql wire adapters are using 'errors' instead of 'error'             |         |
 | [lwc/ssr-no-host-mutation-in-connected-callback](./docs/rules/ssr/ssr-no-host-mutation-in-connected-callback.md)                       | disallow the host element mutation in 'connectedCallback'                      |         |
 | [lwc/ssr-no-static-imports-of-user-specific-scoped-modules](./docs/rules/ssr/ssr-no-static-imports-of-user-specific-scoped-modules.md) | disallow static imports of user-specific scoped modules in SSR-able components |         |

docs/rules/ssr/ssr-no-disallowed-lwc-imports.md

@@ -0,0 +1,95 @@
+# Prevent importing restricted APIs from the "lwc" package in SSR-able components (`@lwc/lwc/ssr-no-disallowed-lwc-imports`)
+
+Restricts importing specific modules from the `lwc` package in components that may be server-side rendered (`lightning__ServerRenderable` or `lightning__ServerRenderableWithHydration`). Certain LWC APIs may not be compatible with server-side rendering and should be avoided in SSR-able components.
+
+This rule is complementary to the general `no-disallowed-lwc-imports` rule and only flags LWC APIs that are otherwise valid but not supported in SSR contexts.
+
+## Rule details
+
+This rule prevents imports of LWC APIs that are not supported or recommended in server-side rendering contexts. By default, it disallows:
+
+-   `readonly` - Not supported in SSR environment
+
+Examples of **incorrect** code:
+
+```js
+import { readonly } from 'lwc';
+
+export default class MyComponent extends LightningElement {
+    @api value = readonly({ name: 'test' });
+}
+```
+
+```js
+import { LightningElement, readonly } from 'lwc';
+
+export default class MyComponent extends LightningElement {
+    data = readonly({ items: [] });
+}
+```
+
+Examples of **correct** code:
+
+```js
+import { LightningElement } from 'lwc';
+
+export default class MyComponent extends LightningElement {
+    @api value = { name: 'test' };
+}
+```
+
+```js
+import { LightningElement, api, track } from 'lwc';
+
+export default class MyComponent extends LightningElement {
+    @api data;
+    @track items = [];
+}
+```
+
+```js
+// Re-exporting is allowed since the component doesn't use the API itself
+export { readonly } from 'lwc';
+
+export default class MyUtilityComponent extends LightningElement {
+    // This component is SSR-compatible
+}
+```
+
+## Configuration
+
+### `disallowlist`
+
+The `disallowlist` property allows you to specify which LWC APIs should be disallowed in SSR context. It accepts an array of strings and overrides the default list.
+
+Examples of **incorrect** code with custom disallowlist:
+
+```js
+/* eslint @lwc/lwc/ssr-no-disallowed-lwc-imports: ["error", { "disallowlist": ["readonly", "track"] }] */
+import { track } from 'lwc';
+```
+
+```js
+/* eslint @lwc/lwc/ssr-no-disallowed-lwc-imports: ["error", { "disallowlist": ["readonly", "track"] }] */
+import { readonly } from 'lwc';
+```
+
+Examples of **correct** code with custom disallowlist:
+
+```js
+/* eslint @lwc/lwc/ssr-no-disallowed-lwc-imports: ["error", { "disallowlist": ["readonly", "track"] }] */
+import { LightningElement, api } from 'lwc';
+```
+
+## When Not To Use It
+
+If your components are never server-side rendered or if you need to use specific LWC APIs that are flagged by this rule, you may want to disable it. However, be aware that using unsupported APIs in SSR contexts may cause runtime errors or unexpected behavior during server-side rendering.
+
+## Relationship to Other Rules
+
+This rule works alongside the general `lwc/no-disallowed-lwc-imports` rule:
+
+-   **`no-disallowed-lwc-imports`**: Handles general import/export validation (bare imports, namespace imports, default imports, etc.)
+-   **`ssr-no-disallowed-lwc-imports`**: Focuses only on SSR-specific import restrictions for otherwise valid imports
+
+Both rules should typically be used together in SSR-able components.

lib/index.js

@@ -39,6 +39,7 @@ const rules = {
     'ssr-no-unsupported-node-api': require('./rules/ssr/ssr-no-unsupported-node-api'),
     'ssr-no-static-imports-of-user-specific-scoped-modules': require('./rules/ssr/ssr-no-static-imports-of-user-specific-scoped-modules'),
     'ssr-no-form-factor': require('./rules/ssr/ssr-no-form-factor'),
+    'ssr-no-disallowed-lwc-imports': require('./rules/ssr/ssr-no-disallowed-lwc-imports'),
 };
 
 const processors = {

lib/rules/ssr/ssr-no-disallowed-lwc-imports.js

@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 2024, salesforce.com, inc.
+ * All rights reserved.
+ * SPDX-License-Identifier: MIT
+ * For full license text, see the LICENSE file in the repo root or https://opensource.org/licenses/MIT
+ */
+'use strict';
+
+const { docUrl } = require('../../util/doc-url');
+
+// Default APIs that are not supported in SSR context
+const SSR_DISALLOWED_APIS = new Set(['readonly']);
+
+const isLwcImport = (node) =>
+    node.source && node.source.type === 'Literal' && node.source.value === 'lwc';
+
+module.exports = {
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'restrict specific imports from the lwc package in SSR-able components',
+            category: 'LWC',
+            url: docUrl('ssr/ssr-no-disallowed-lwc-imports'),
+            recommended: true,
+        },
+        messages: {
+            invalidImport:
+                'Invalid import. "{{importName}}" from "lwc" cannot be used in SSR context.',
+        },
+        schema: [
+            {
+                type: 'object',
+                properties: {
+                    disallowlist: {
+                        type: 'array',
+                        items: {
+                            type: 'string',
+                        },
+                        description: 'List of LWC APIs to disallow in SSR context',
+                    },
+                },
+                additionalProperties: false,
+            },
+        ],
+    },
+
+    create(context) {
+        const options = context.options[0] || {};
+        const { disallowlist } = options;
+
+        // Use custom disallowlist if provided, otherwise use default
+        let ssrDisallowedApis = SSR_DISALLOWED_APIS;
+        if (disallowlist) {
+            ssrDisallowedApis = new Set(disallowlist);
+        }
+
+        return {
+            ImportDeclaration(node) {
+                if (isLwcImport(node)) {
+                    const { specifiers } = node;
+                    for (const specifier of specifiers) {
+                        const { type, imported } = specifier;
+                        if (type === 'ImportSpecifier' && ssrDisallowedApis.has(imported.name)) {
+                            // import { readonly } from 'lwc'
+                            context.report({
+                                node: specifier,
+                                messageId: 'invalidImport',
+                                data: {
+                                    importName: imported.name,
+                                },
+                            });
+                        }
+                    }
+                }
+            },
+        };
+    },
+};

test/lib/rules/ssr/ssr-no-disallowed-lwc-imports.js

@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2024, salesforce.com, inc.
+ * All rights reserved.
+ * SPDX-License-Identifier: MIT
+ * For full license text, see the LICENSE file in the repo root or https://opensource.org/licenses/MIT
+ */
+'use strict';
+
+const { testRule } = require('../../shared');
+
+testRule('ssr/ssr-no-disallowed-lwc-imports', {
+    valid: [
+        {
+            code: `import { LightningElement } from 'lwc';`,
+        },
+        {
+            code: `import { LightningElement, api, track, wire } from 'lwc';`,
+        },
+        {
+            code: `import { readonly } from 'lwc';`,
+            options: [{ disallowlist: ['track'] }],
+        },
+    ],
+    invalid: [
+        {
+            code: `import { readonly } from 'lwc';`,
+            errors: [
+                {
+                    message: 'Invalid import. "readonly" from "lwc" cannot be used in SSR context.',
+                },
+            ],
+        },
+        {
+            code: `import { LightningElement, readonly } from 'lwc';`,
+            errors: [
+                {
+                    message: 'Invalid import. "readonly" from "lwc" cannot be used in SSR context.',
+                },
+            ],
+        },
+        {
+            code: `import { track } from 'lwc';`,
+            options: [{ disallowlist: ['track'] }],
+            errors: [
+                {
+                    message: 'Invalid import. "track" from "lwc" cannot be used in SSR context.',
+                },
+            ],
+        },
+    ],
+});