App Validation

Discover the essential criteria and checks your app must meet to pass the validation phase. This section covers functional testing, security protocols, performance benchmarks, and compatibility requirements to ensure your app meets Freshworks' high standards.

When running the fdk validate and fdk pack commands on an app, the Freshworks Developer Kit (FDK) performs linting on the app’s source code and reports possible errors. The rules that the linter goes through are a collection of best practices that the app should adhere to. Violations are displayed based on the severity category (Warning/Error) and they must be fixed before the app is submitted for approval to the Freshworks Marketplace.

Adhering to these rules ensures that the app conforms to the quality and security standards of a Freshworks Marketplace app.

Note:

You can use the $fdk validate --fix command to auto-fix the following errors or warnings:

Errors

Avoid using front-end libraries from unpkg CDN

Category: Error

Description: The support for the unpkg CDN has been discontinued for both self-hosted and third-party libraries in frontend apps. Use alternative CDNs, such as jsDelivr, cdnjs, or any other CDN, when importing libraries for your frontend apps.

Avoid adding an invalid super() call (constructor-super)

Category: Error

Description: Constructors of derived classes should call super(). If constructors of non derived classes call super(), the JavaScript engine will raise a runtime error.

Correct approach: Avoid adding an invalid super() call in the app code.

Disallow creating infinite loop condition (for-direction)

Category: Error

Description: This error occurs when a loop’s condition is written in such a way that it will result in an infinite loop because the loop's control variable is moving in the wrong direction relative to the termination condition.

Correct approach: Ensure that the loop's control variable moves in the correct direction relative to the termination condition.

Disallow use of alert (no-alert)

Category: Error

Description: JavaScript's alert, confirm, and prompt functions are widely considered to be obtrusive as UI elements and should be replaced by a more appropriate custom UI implementation.

Correct Approach

Don't use alert, confirm, or prompt in front-end code. Obtain inputs via forms or Interface methods (modals or confirmation dialog) only.

Disallow reassigning class members (no-class-assign)

Category: Error

Description: This error occurs when you try to reassign a class identifier. This rule prevents accidentally overwriting a class with a new value, which can lead to unexpected behavior and bugs.

Correct approach: Avoid reassigning the class name. To learn more about this error and ways to fix it, see no-class-assign.

Remove unused dependencies and avoid the use of unlisted dependencies (no-dependency-mismatch)

Category: Error

Description: In serverless applications, avoid using dependencies that are declared but left unused and dependencies that are used but undeclared.

Disallow duplicate module imports (no-duplicate-imports)

Category: Error

Description: Adding multiple import statements per module makes the code look unorganized. This error occurs when there are multiple import statements from the same module.

Correct approach: Combine all imports from the same module into a single import statement.

Disallow empty functions (no-empty-function)

Category: Error

Description: Empty functions can reduce code readability because readers need to guess whether it is intentional or not. Writing a clear comment for empty functions is good practice.

Disallow null comparisons without type-checking operators (no-eq-null)

Category: Error

Description: Using == or != can lead to unintended results due to type coercion.

Correct approach: Use strict equality operators (=== or !==) to avoid these issues and make the code more predictable and reliable.

Disallow eval() (no-eval)

Category: Error

Description: Avoid using JavaScript's eval() function, on untrusted code, as it can open a program to several different injection attacks.

Correct approach: Strictly avoid eval().

Disallow new operators with global non-constructor functions (no-new-native-nonconstructor)

Category: Error

Description: This error occurs when native JavaScript global functions, such as Symbol or BigInt, are incorrectly used with the new operator.

Correct approach: Disallow the usage of the native JavaScript global functions with the new keyword. To learn more about this error, see Eslint’s document on no-new-native-nonconstructor.

Disallow variable redeclaration (no-redeclare)

Category: Error

Description: A variable is declared using var. Redeclaring a variable can lead to unexpected behavior in your code.

Correct approach: If you need to assign a new value to a variable, use an assignment rather than a redeclaration.

Disallow identical assignments (no-self-assign)

Category: Error

Description: Assigning a variable to itself may indicate a logical error or a redundant code.

Correct approach: Avoid using self-assignment if it serves no purpose.

Disallow returning values from setters (no-setter-return)

Category: Error

Description: Setters should not return any value; they are intended solely for assigning values to properties.

Correct approach: Avoid using return statements from the setter methods.

Disallow using identifiers from shadowing restricted names (no-shadow-restricted-names)

Category: Error

Description: This error occurs when you use variable names that shadow reserved words or built-in names. Assigning variable names to shadow reserved words can lead to confusion and bugs, as it overrides or hides important global variables or keywords.

Correct approach: Avoid assigning variable names that shadow reserved words or built-in objects.

Disallow this/super before calling super() in constructors (no-this-before-super)

Category: Error

Description: This error occurs when you use this in a constructor before calling super().

Correct approach: In classes, if you extend another class, you must call super() before accessing this to ensure the parent class is properly initialized.

Disallow unreachable code (no-unreachable)

Category: Error

Description: The return, throw, break, and continue statements unconditionally exit a block of code and any statements after them cannot be executed.

Correct approach: Avoid having unreachable statements.

Disallow single-iteration loops (no-unreachable-loop)

Category: Error

Description: A loop that cannot reach a second iteration may indicate a potential error in the code.

Correct approach: Remove or move the loop to ensure it is reachable.

Disallow control flow statements in finally blocks (no-unsafe-finally)

Category: Error

Description: The code within the finally block should not alter the flow of control in ways that could lead to unpredictable results.

Correct approach: Avoid using return, throw, break, and continue statements inside finally blocks.

Disallow optional chaining where undefined is not allowed (no-unsafe-optional-chaining)

Category: Error

Description: Optional chaining (?.) allows you to access deeply nested properties without checking each level for null or undefined. Treating the result of an optional chaining expression as a function, object, number, etc., can lead to TypeError or unexpected results.

Correct approach: Avoid using optional chaining in contexts where it could produce unpredictable outcomes.

Disallow unused variables (no-unused-vars)

Category: Error

Description: Variables that are declared and not used anywhere in the code might be residues of incomplete refactoring. Retaining these variables takes up space in the code and can lead to confusion.

Correct Approach

Don't declare variables that are not going to be used in the code.

Disallow unnecessary catch clauses (no-useless-catch)

Category: Error

Description: If your code contains a catch clause that rethrows the original error, it’s best practice to remove such unnecessary catch clauses.

Correct approach: Remove unnecessary catch clauses from the code.

Disallow using var for declaring variables (no-var)

Category: Error

Description: The var keyword is generally discouraged because it has function scope rather than block scope, which can lead to unexpected behavior. Using the let and const keywords allows you to create variables with block scope instead of function scope.

Correct approach: Replace var with let or const as appropriate. Use let when the variable's value will change, and const when it won't.

Disallow async functions without await (require-await)

Category: Error

Description: Using async implies that a function handles asynchronous operations, but without await, it does not actually manage any asynchronous tasks.

Correct approach: Either add the await keyword inside the async function to handle an asynchronous operation or remove the async keyword if no asynchronous operations are needed.

Ensure valid strings in typeof comparisons (valid-typeof)

Category: Error

Description: The typeof operator returns one of a specific set of strings: undefined, object, boolean, number, string, function, symbol, and bigint. Using any string outside this set is considered invalid. This error occurs when the typeof operator is used with an invalid string or an incorrectly spelled type name.

Correct approach: Use a valid string for the typeof comparison.

Warnings

Limit cyclomatic complexity (complexity)

Category: Warning

Description: Cyclomatic complexity measures the number of linearly independent paths through a program's source code. The current threshold is 7.

Require the use of === and !== (eqeqeq)

Category: Warning

Description: This warning occurs when non-strict equality operators (== and !=) are used instead of strict equality operators (=== and !==). Non-strict equality operators perform type coercion, which can lead to unexpected results.

Correct approach: Use strict equality operators to ensure that both the value and the type are compared, making the code more predictable and reliable.

Use return statements in getters (getter-return)

Category: Warning

Description: Every getter defined in the code is expected to return a value.

Correct approach: Ensure that the getter function includes a return statement that returns a value.

Enforce callback error handling (handle-callback-err)

Category: Warning

Description: The callback pattern, typically used in asynchronous programming, expects an error object or null as the first argument of the callback. Forgetting to handle this can lead to ambiguous behavior in the application.

Limit the depth of nested callbacks (max-nested-callbacks)

Category: Warning

Description: In asynchronous programming, when using a callback function, a common pitfall is nesting callbacks. The deeper callbacks are nested, the more difficult it is to read the code. The threshold of nested callbacks is 4.

Disallow use of async function as Promise executor (no-async-promise-executor)

Category: Warning

Description: An async function should not be used as a Promise executor. The executor function for a Promise must be synchronous and should not return a Promise.

Correct approach: Use a synchronous function as the Promise executor and handle asynchronous operations within the executor function or outside it.

Disallow use of caller/callee (no-caller)

Category: Warning

Description: The use of arguments.caller and arguments.callee is deprecated in JavaScript. Avoid using these in ECMAScript 5, in strict mode.

Correct Approach

Avoid using arguments.caller and arguments.callee.

Disallow lexical declarations in case clauses (no-case-declarations)

Category: Warning

Description: This warning occurs when variable declarations such as, let, const, function, and class, are used directly inside a case or default clause in a switch statement.

Correct approach: Wrap the variable declarations in a block using curly braces {}.

Disallow comparing against -0 (no-compare-neg-zero)

Category: Warning

Description: This warning occurs when code compares a value directly to negative zero (-0) using the === operator. Since -0 and 0 are considered equal, directly comparing a value to negative zero can lead to unexpected behavior.

Correct approach: Use a different method to check for negative zero, such as using the Object.is() method.

Disallow assignment operators in conditional expressions (no-cond-assign)

Category: Warning

Description: This warning occurs when an assignment operator (=) is used instead of a comparison operator (==, ===, !=, or !==) in a conditional statement (if, for, while, and do...while).

Correct approach: Replace the assignment operator with a comparison operator.

Disallow reassigning const variables (no-const-assign)

Category: Warning

Description: Modifying variables that are declared using the const keyword is not supported. const is used to declare variables that should not be reassigned after their initial assignment

Correct approach: Ensure that const variables are not reassigned. If a variable needs to be reassigned, use let instead of const.

Disallow constant expressions in conditions (no-constant-condition)

Category: Warning

Description: This warning occurs when a conditional expression is always true or always false. It can result in code that either runs unconditionally or is never executed.

Correct approach: Ensure that the conditions in your conditional statements are dynamic and can change based on program logic. To learn more about debugging this warning, see Eslint document on no-constant-condition.

Disallow control characters in regular expressions (no-control-regex)

Category: Warning

Description: This warning occurs when a regular expression contains control characters. Control characters are non-printable characters in the ASCII range 0-31, which can make the regular expression difficult to understand and maintain.

Correct approach: Ensure that the regular expression does not contain unintended control characters.

Avoid cross scope variable assignment (no-cross-scope-assign)

Category: Warning

Description: When writing asynchronous code, avoid declaring and assigning variables in different scopes as this can create subtle race condition bugs.

Disallow the use of debugger (no-debugger)

Category: Warning

Description: In the production code, avoid using debugger; as it stops the browser from running code and opens an appropriate debugger.

Correct Approach: Don't use debugger; in production apps.

Disallow deleting variables (no-delete-var)

Category: Warning

Description: This warning occurs when the delete operator is used on a variable. The delete operator is used to remove properties from objects, not variables.

Correct approach: Avoid using the delete operator on variables. Instead, set the variable to null or undefined if you need to clear its value.

Disallow duplicate arguments in function definitions (no-dupe-args)

Category: Warning

Description: This warning occurs when a function is defined with duplicate arguments. If duplicate arguments are present, the last occurrence of the argument will overwrite the previous ones, leading to unexpected behavior in the code.

Correct approach: Ensure that each argument in a function declaration is unique.

Disallow duplicate class members (no-dupe-class-members)

Category: Warning

Description: This warning occurs when there are duplicate members in the class. Duplicate members in a class can lead to unexpected behavior, as the last one defined will override previous ones, potentially causing bugs that are hard to trace.

Correct approach: Ensure that each class member has a unique name.

Disallow duplicate conditions in if-else-if chains (no-dupe-else-if)

Category: Warning

Description: This warning occurs when there are duplicate conditions in if...else if chains, which can lead to redundant or unreachable code.

Correct approach: Ensure that each else if condition is unique and does not repeat any prior conditions.

Disallow duplicate keys in object literals (no-dupe-keys)

Category: Warning

Description: This warning occurs when there are duplicate property names in JavaScript object literals. Duplicate keys can lead to unexpected behavior, as only the last occurrence of a duplicate key is retained, while previous ones are overridden.

Correct approach: Ensure each key in an object is unique.

Disallow duplicate case labels (no-duplicate-case)

Category: Warning

Description: This warning occurs when there are duplicate case labels in a switch statement.

Correct approach: Ensure that each case label in a switch statement is unique.

Disallow empty block statements (no-empty)

Category: Warning

Description: This warning occurs when a block of code is left empty. It can lead to confusion in the code.

Correct approach: Ensure that all blocks of code contain meaningful content or add a comment to explain why the block is intentionally left empty.

Disallow empty character classes in regular expressions (no-empty-character-class)

Category: Warning

Description: This warning occurs when a regular expression contains an empty character class ([]).

Correct approach: Ensure that the character class in your regular expression contains the characters you intend to match.

Disallow empty destructuring patterns (no-empty-pattern)

Category: Warning

Description: This warning occurs when a destructuring pattern in your code is empty.

Correct approach: Ensure that your destructuring patterns are properly defined and used. To learn more about this warning, see Eslint’s document on no-empty-pattern.

Disallow reassigning exceptions in catch clauses (no-ex-assign)

Category: Warning

Description: This warning occurs when you try to reassign the exception parameter in a catch block.

Correct approach: Avoid reassigning the exception parameter inside the catch block. Instead, use a different variable if you need to perform further operations. To learn more about this warning, see Eslint’s document on no-ex-assign.

Disallow unnecessary boolean casts (no-extra-boolean-cast)

Category: Warning

Description: This warning occurs when a boolean value is cast using double negation (!!).

Correct approach: Ensure to remove the unnecessary boolean cast and use the value directly in contexts where a boolean is expected. To learn more about this warning, see Eslint’s document on no-extra-boolean-cast.

Disallow unnecessary semicolons (no-extra-semi)

Category: Warning

Description: This warning occurs when there is an unnecessary semicolon in your code.

Correct approach: Ensure to remove the unnecessary semicolons from your code.

Disallow fallthrough of case statements (no-fallthrough)

Category: Warning

Description: This warning occurs when a switch statement case does not end with a break, return, throw, or another statement that prevents the execution from falling through to the next case.

Correct approach: Ensure that each case ends with a break statement or other control flow statement to prevent unintentional fallthrough.

Disallow reassigning function declarations (no-func-assign)

Category: Warning

Description: This warning occurs when a function declaration is reassigned.

Correct approach: Avoid reassigning function declarations. If you need to change the behavior of a function, consider using a function expression or variable. To learn more about this warning, see Eslint’s document on no-func-assign.

Disallow assignments to read-only global variables (no-global-assign)

Category: Warning

Description: This warning occurs when you try to assign a value to a read-only global variable or to a global property that should not be modified.

Correct approach: Avoid assigning values to read-only global variables or modifying built-in global objects. To learn more about this warning, see Eslint’s document on no-global-assign.

Disallow assigning to imported bindings (no-import-assign)

Category: Warning

Description: This warning occurs when you try to modify an imported binding.

Correct approach: Avoid assigning values to imported bindings. Instead, if you need to use a modifiable version of the imported value, assign it to a new variable. To learn more about this warning, see Eslint’s document on no-import-assign.

Disallow declaring variables or functions in nested blocks (no-inner-declarations)

Category: Warning

Description: This warning occurs when a function or variable is declared inside a block, such as an if, for, or while statement.

Correct approach: Ensure that you declare functions and variables at the top level of their scope, not inside blocks. To learn more about this warning, see Eslint’s document on no-inner-declarations.

Disallow invalid regular expression strings in RegExp constructors (no-invalid-regexp)

Category: Warning

Description: This warning occurs when an invalid regular expression string is used in the RegExp constructor.

Correct approach: Ensure that you use valid regular expression strings in RegExp constructors. To learn more about this warning, see Eslint’s document on no-invalid-regexp.

Disallow irregular whitespace (no-irregular-whitespace)

Category: Warning

Description: This warning occurs when there is irregular whitespace in the code. Irregular whitespace includes non-breaking spaces, zero-width spaces, and other non-standard whitespace characters that are not easily visible. These can cause bugs and confusion in the code.

Correct approach: Ensure that you remove or replace irregular whitespace characters with standard spaces. To learn more about this warning, see Eslint’s document on no-irregular-whitespace.

Disallow logging just the error object during promise rejections (no-logging-rejections)

Category: Warning

Description: In promise rejection handlers, logging only the error object is not sufficient. The error should be reported (via notifications) to users/agents, in layperson's terms, so that they can undertake subsequent actions.

Disallow literal numbers that lose precision (no-loss-of-precision)

Category: Warning

Description: This warning occurs when a numeric literal in the code loses precision at runtime due to 64-bit floating-point rounding when converted to a JavaScript number.

Correct approach: Ensure that numeric literals do not exceed the safe integer range. To learn more about this warning, see Eslint’s document on no-loss-of-precision.

Disallow multi-code-point characters in character classes (no-misleading-character-class)

Category: Warning

Description: This warning occurs when regular expressions include multiple code point characters in character class syntax.

Correct approach: Ensure that character classes in regular expressions are clear and unambiguous. To learn more about this warning, see Eslint’s document on no-misleading-character-class.

Disallow mixed spaces and tabs for indentation (no-mixed-spaces-and-tabs)

Category: Warning

Description: This warning occurs when a code file uses both spaces and tabs for indentation. Mixing spaces and tabs can lead to inconsistent formatting.

Correct approach: Choose either spaces or tabs for indentation and apply your chosen method consistently throughout the file.

Disallow non-Request API calls in the front end (no-non-client-request-model)

Category: Warning

Description: Ensure that REST API calls are made from front-end apps using the Request method to subvert many security issues and to work within the CORS policy of a browser.

Disallow \8 and \9 escape sequences in string literals (no-nonoctal-decimal-escape)

Category: Warning

Description: This warning occurs when a regular expression or string contains the \8 and \9 escape sequences.

Correct approach: Use valid escape sequences and avoid using decimal escapes. To learn more about this warning, see Eslint’s document on no-nonoctal-decimal-escape.

Disallow calling global object properties as functions (no-obj-calls)

Category: Warning

Description: This warning occurs when built-in global objects, such as Math, JSON, Reflect, Atomics, or Intl, are incorrectly used as constructors or invoked as if they were functions.

Correct approach: Ensure that built-in global objects are used correctly, according to their intended purpose. They should not be invoked as functions. To learn more about this warning, see Eslint’s document on no-obj-calls.

Disallow octal literals (no-octal)

Category: Warning

Description: This warning occurs when octal literals are used in the code.

Correct approach: Replace octal literals with their decimal equivalents or enclose the octal literal in double quotes (" "). To learn more about this warning, see Eslint’s document on no-octal.

Disallow process.env (no-process-env)

Category: Warning

Description: The process**.env object in Node.js is used to store deployment or configuration parameters. Littering it throughout a project can lead to maintenance issues, as it is another kind of global dependency.

Correct approach: Avoid using process.env.

Disallow calling Object.prototype methods directly on objects (no-prototype-builtins)

Category: Warning

Description: This warning occurs when built-in object methods, such as, hasOwnProperty, isPrototypeOf, or propertyIsEnumerable are accessed directly from object instances.

Correct approach: Access these methods via Object.prototype to ensure they are called safely from any object. To learn more about this warning, see Eslint’s document on no-prototype-builtins.

Disallow multiple spaces in regular expressions (no-regex-spaces)

Category: Warning

Description: This warning occurs when multiple spaces are used consecutively within a regular expression pattern.

Correct approach: Replace multiple spaces with a space quantifier {n}, where n is the number of spaces. For example: var regex = /foo {2}bar/;. To learn more about this warning, see Eslint’s document on no-regex-spaces.

Disallow sparse arrays (no-sparse-arrays)

Category: Warning

Description: This warning occurs when a sparse array is created. A sparse array is one in which not all elements are defined. This can lead to unexpected behavior and bugs,

Correct approach: Ensure that all elements in the array are defined. If you need to leave a position empty, consider using undefined explicitly. To learn more about this warning, see Eslint’s document on no-sparse-arrays.

Disallow confusing multiline expressions (no-unexpected-multiline)

Category: Warning

Description: This warning occurs when a multiline expression's behavior might be ambiguous due to automatic semicolon insertion (ASI) in JavaScript. Such ambiguity can lead to unexpected results, as the code may be interpreted differently from the intended logic.

Correct approach: Ensure that the code structure clearly indicates your intent, either by restructuring the code or by using parentheses to clarify the intended behavior. To learn more about this warning, see Eslint’s document on no-unexpected-multiline.

No unhandled promises (no-unhandled-promise)

Category: Warning

Description: Forgetting to handle promise rejections can lead to ambiguous behavior in the application.

Disallow negating the left operand of relational operators (no-unsafe-negation)

Category: Warning

Description: This warning arises when the negation operator (!) is used in an unsafe manner with relational operators, such as in and instanceof.

Correct approach: Ensure that the negation is applied to the entire expression, not just part of it. To learn more about this warning, see Eslint’s document on no-unsafe-negation.

Disallow unused labels (no-unused-labels)

Category: Warning

Description: This warning occurs when a label is defined but not used within the code.

Correct approach: Either use the label appropriately or remove it if it is unnecessary. To learn more about this warning, see Eslint’s document on no-unused-labels.

Disallow useless backreferences in regular expressions (no-useless-backreference)

Category: Warning

Description: This warning occurs when a backreference in a regular expression refers to a group that appears later in the expression, or when it refers to a non-existent group.

Correct approach: Ensure that all backreferences refer to groups that appear earlier in the regular expression and exist. To learn more about this warning, see Eslint’s document on no-useless-backreference.

Disallow unnecessary escape characters (no-useless-escape)

Category: Warning

Description: This warning occurs when there is an unnecessary escape character (\) in a string or regular expression.

Correct approach: Remove the unnecessary escape characters.

Disallow with statements (no-with)

Category: Warning

Description: This warning occurs when the with statement is used in the code.

Correct approach: Restructure the code to avoid using with. To learn more about this warning, see Eslint’s document on no-with.

Require const for variables never reassigned (prefer-const)

Category: Warning

Description: This warning suggests using const instead of let or var for variables that are never reassigned after their initial assignment.

Correct approach: Declare the variable using const if it is never reassigned.

Require generator functions to contain yield (require-yield)

Category: Warning

Description: This warning is triggered when a generator function is defined without a yield expression.

Correct approach: Ensure that the generator function contains at least one yield expression. To learn more about this warning, see Eslint’s document on require-yield.

Require calls to isNaN() when checking for NaN (use-isnan)

Category: Warning

Description: This warning occurs when a value is compared to NaN using operators such as == or !=.

Correct approach: Use the isNaN() function to check if a value is NaN. To learn more about this warning, see Eslint’s document on use-isnan.