Step-by-step guide for creating and implementing lint rules in Biome's analyzer. Use when implementing rules like noVar, useConst, or any custom lint/assist rule, adding code actions to fix diagnostics, implementing semantic analysis for binding references, or adding configurable options to rules.
Use this skill when creating new lint rules or assist actions for Biome. It provides scaffolding commands, implementation patterns, testing workflows, and documentation guidelines.
just install-toolscargo, just, and pnpm are availablecrates/biome_analyze/CONTRIBUTING.md for in-depth conceptsGenerate scaffolding for a JavaScript lint rule:
just new-js-lintrule useMyRuleName
For other languages:
just new-css-lintrule myRuleName
just new-json-lintrule myRuleName
just new-graphql-lintrule myRuleName
This creates a file in crates/biome_js_analyze/src/lint/nursery/use_my_rule_name.rs
Basic rule structure (generated by scaffolding):
use biome_analyze::{context::RuleContext, declare_lint_rule, Rule, RuleDiagnostic};
use biome_js_syntax::JsIdentifierBinding;
use biome_rowan::AstNode;
declare_lint_rule! {
/// Disallows the use of prohibited identifiers.
pub UseMyRuleName {
version: "next",
name: "useMyRuleName",
language: "js",
recommended: false,
}
}
impl Rule for UseMyRuleName {
type Query = Ast<JsIdentifierBinding>;
type State = ();
type Signals = Option<Self::State>;
type Options = ();
fn run(ctx: &RuleContext<Self>) -> Self::Signals {
let binding = ctx.query();
// Check if identifier matches your rule logic
if binding.name_token().ok()?.text() == "prohibited_name" {
return Some(());
}
None
}
fn diagnostic(ctx: &RuleContext<Self>, _state: &Self::State) -> Option<RuleDiagnostic> {
let node = ctx.query();
Some(
RuleDiagnostic::new(
rule_category!(),
node.range(),
markup! {
"Avoid using this identifier."
},
)
.note(markup! {
"This identifier is prohibited because..."
}),
)
}
}
Note: It's critically important to follow the guidelines in the High Quality Diagnostics section below when writing diagnostics.
For rules that need binding analysis:
use crate::services::semantic::Semantic;
impl Rule for MySemanticRule {
type Query = Semantic<JsReferenceIdentifier>;
fn run(ctx: &RuleContext<Self>) -> Self::Signals {
let node = ctx.query();
let model = ctx.model();
// Check if binding is declared
let binding = node.binding(model)?;
// Get all references to this binding
let all_refs = binding.all_references(model);
// Get only read references
let read_refs = binding.all_reads(model);
// Get only write references
let write_refs = binding.all_writes(model);
Some(())
}
}
To provide automatic fixes:
use biome_analyze::FixKind;
declare_lint_rule! {
pub UseMyRuleName {
version: "next",
name: "useMyRuleName",
language: "js",
recommended: false,
fix_kind: FixKind::Safe, // or FixKind::Unsafe
}
}
impl Rule for UseMyRuleName {
fn action(ctx: &RuleContext<Self>, _state: &Self::State) -> Option<JsRuleAction> {
let node = ctx.query();
let mut mutation = ctx.root().begin();
// Example: Replace the node
mutation.replace_node(
node.clone(),
make::js_identifier_binding(make::ident("replacement"))
);
Some(JsRuleAction::new(
ctx.metadata().action_category(ctx.category(), ctx.group()),
ctx.metadata().applicability(),
markup! { "Use 'replacement' instead" }.to_owned(),
mutation,
))
}
}
Use the quick test for rapid iteration:
// In crates/biome_js_analyze/tests/quick_test.rs
// Uncomment #[ignore] and modify:
const SOURCE: &str = r#"
const prohibited_name = 1;
"#;
let rule_filter = RuleFilter::Rule("nursery", "useMyRuleName");
Run the test:
cd crates/biome_js_analyze
cargo test quick_test -- --show-output
Create test files in tests/specs/nursery/useMyRuleName/:
tests/specs/nursery/useMyRuleName/
├── invalid.js # Code that triggers the rule
├── valid.js # Code that doesn't trigger the rule
└── options.json # Optional rule configuration
Every test file must start with a top-level comment declaring whether it expects diagnostics. The test runner enforces this — see the testing-codegen skill for full rules. The short version:
valid.js — comment is mandatory (test panics without it):
/* should not generate diagnostics */
const x = 1;
const y = 2;
invalid.js — comment is strongly recommended (also enforced when present):
/* should generate diagnostics */
const prohibited_name = 1;
const another_prohibited = 2;
Run snapshot tests:
just test-lintrule useMyRuleName
Review snapshots:
cargo insta accept # accept all snapshots
cargo insta reject # reject all snapshots
During development, use the lightweight codegen commands:
just gen-rules # Updates rule registrations in *_analyze crates
just gen-configuration # Updates configuration schemas
These generate enough code to compile and test your rule without errors.
For full codegen (migrations, schema, bindings, formatting), run:
just gen-analyzer
Note: The CI autofix job runs gen-analyzer automatically when you open a PR, so running it locally is optional.
Before committing:
just f # Format code
just l # Lint code
When a rule needs user-configurable behavior, add options via the biome_rule_options crate.
For the full reference (merge strategies, design guidelines, common patterns), see
references/OPTIONS.md.
Quick workflow:
Step 1. Define the options type in biome_rule_options/src/<snake_case_rule_name>.rs:
use biome_deserialize_macros::{Deserializable, Merge};
use serde::{Deserialize, Serialize};
#[derive(Debug, Default, Clone, Serialize, Deserialize, Deserializable, Merge)]
#[cfg_attr(feature = "schema", derive(schemars::JsonSchema))]
#[serde(rename_all = "camelCase", deny_unknown_fields, default)]
pub struct UseMyRuleNameOptions {
#[serde(skip_serializing_if = "Option::is_none")]
pub behavior: Option<MyBehavior>,
}
Step 2. Wire it into the rule:
use biome_rule_options::use_my_rule_name::UseMyRuleNameOptions;
impl Rule for UseMyRuleName {
type Options = UseMyRuleNameOptions;
fn run(ctx: &RuleContext<Self>) -> Self::Signals {
let options = ctx.options();
let behavior = options.behavior.unwrap_or_default();
// ...
}
}
Step 3. Test with options.json in the test directory (see references/OPTIONS.md for examples).
Step 4. Run codegen: just gen-rules && just gen-configuration
Key rules:
Option<T> for config merging to workBox<[Box<str>]> instead of Vec<String> for collection fields#[derive(Merge)] for simple cases, implement Merge manually for collectionsno* prefix for rules that forbid something (e.g., noVar), use* for rules that mandate something (e.g., useConst)nursery groupSemantic<Node> query when you need binding/scope analysisVec<Self::State> or Box<[Self::State]> to emit multiple diagnosticsUnsafe if they could change program behavior.ok()? pattern to handle missing nodes gracefully.jsonc files with arrays of code snippets for multiple test casesGenerally, mistakes revolve around allocating unnecessary data during rule execution, which can lead to performance issues. Common examples include:
String or Box<str> in a Rule's State type. It's a strong indicator that you are allocating a string unnecessarily. If the string comes from a CST token, this usually can be avoided by using TokenText instead.run() instead of action(). run() should only decide whether to emit a diagnostic; action() should build the fix. This matters for performance because building the action can be expensive, and we should avoid doing it when no diagnostic is emitted.// Simple AST query
type Query = Ast<JsVariableDeclaration>;
// Semantic query (needs binding info)
type Query = Semantic<JsReferenceIdentifier>;
// Multiple node types (requires declare_node_union!)
declare_node_union! {
pub AnyFunctionLike = AnyJsFunction | JsMethodObjectMember | JsMethodClassMember
}
type Query = Semantic<AnyFunctionLike>;
VERY IMPORTANT: Rule diagnostics MUST convey these messages, in this order:
If the rule has an action() to fix the issue, the 3rd message should go in the action's message. If not, it should go in the diagnostic's advice.
Diagnostics must remain focused on the specific issue that the rule is flagging. Avoid including superfluous details that aren't directly relevant to the problem, as this can overwhelm users and obscure the main point. If a rule can flag multiple classes of the same category of issue, the diagnostic messages should be surgically customized to the specific issue being flagged, rather than using generic messages that apply to all cases. This ensures that users receive precise and relevant information about the problem and how to fix it.
Good:
1. "Foo is not allowed here."
2. "Foo harms readability because of X, Y, Z."
3. "Consider using Bar instead, which is more concise and easier to read."
1. "Unexpected for-in loop."
2. "For-in loops are confusing and easy to misuse."
3. "You likely want to use a regular loop, for-of loop or forEach instead."
Bad:
1. "Prefer let or const over var." // conflates the what and the how in one message,
2. "var is bad." // not meaningful motivation to fix, doesn't explain the consequences
// third message missing is bad, because it doesn't give users a clear path to fix the issue
1. "This var declaration is not at the top of its containing scope." // Good start, explains what the problem is
2. "Move standalone var declarations before other statements in the same function, script, module, or static block." // Doesn't explain why, only tells the action. The "why" must come second, after the what.
3. "At module scope, imports and leading "<Emphasis>"export var"</Emphasis>" declarations may appear before other statements." // Doesn't explain the action, just gives a superfluous detail about module scope.
nursery group. No need to move them to another category.patch level changes. There's a skill to help write good changesets.crates/biome_analyze/CONTRIBUTING.mdcrates/biome_js_analyze/src/lint/Semantic< in existing rulesCONTRIBUTING.md testing section