Add 6 more rules: no-unbound, no-with, no-duplicate-id, no-inline-styles, link-rel-noopener, no-unnecessary-concat (20/127 total)

Copilot · NullVoxPopuli · Copilot · commit 51e20d45e0f1 · 2026-01-27T22:31:30.000Z
Co-authored-by: NullVoxPopuli &lt;199018+NullVoxPopuli@users.noreply.github.com&gt;
diff --git a/README.md b/README.md
@@ -190,7 +190,10 @@ rules in templates can be disabled with eslint directives with mustache or html
 | :--------------------------------------------------------------------------------- | :----------------------------------------------------- | :-------------------------------------------------------------- | :- | :- |
 | [template-no-debugger](docs/rules/template-no-debugger.md)                         | disallow {{debugger}} in templates                     | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) |    |    |
 | [template-no-duplicate-attributes](docs/rules/template-no-duplicate-attributes.md) | disallow duplicate attribute names in templates        | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) | 🔧 |    |
+| [template-no-duplicate-id](docs/rules/template-no-duplicate-id.md)                 | disallow duplicate id attributes                       | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) |    |    |
+| [template-no-inline-styles](docs/rules/template-no-inline-styles.md)               | disallow inline styles                                 |                                                                 |    |    |
 | [template-no-log](docs/rules/template-no-log.md)                                   | disallow {{log}} in templates                          | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) |    |    |
+| [template-no-unnecessary-concat](docs/rules/template-no-unnecessary-concat.md)     | disallow unnecessary string concatenation              | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) | 🔧 |    |
 | [template-require-button-type](docs/rules/template-require-button-type.md)         | require button elements to have a valid type attribute | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) | 🔧 |    |
 
 ### Components
@@ -252,6 +255,8 @@ rules in templates can be disabled with eslint directives with mustache or html
 | [template-deprecated-render-helper](docs/rules/template-deprecated-render-helper.md)             | disallow {{render}} helper                                | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) |    |    |
 | [template-no-action](docs/rules/template-no-action.md)                                           | disallow {{action}} helper                                | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) |    |    |
 | [template-no-partial](docs/rules/template-no-partial.md)                                         | disallow {{partial}} helper                               | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) |    |    |
+| [template-no-unbound](docs/rules/template-no-unbound.md)                                         | disallow {{unbound}} helper                               | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) |    |    |
+| [template-no-with](docs/rules/template-no-with.md)                                               | disallow {{with}} helper                                  | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) |    |    |
 
 ### Ember Data
 
@@ -322,9 +327,10 @@ rules in templates can be disabled with eslint directives with mustache or html
 
 ### Security
 
-| Name                                                                   | Description                                                   | 💼                                                              | 🔧 | 💡 |
-| :--------------------------------------------------------------------- | :------------------------------------------------------------ | :-------------------------------------------------------------- | :- | :- |
-| [template-no-triple-curlies](docs/rules/template-no-triple-curlies.md) | disallow usage of triple curly brackets (unescaped variables) | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) |    |    |
+| Name                                                                   | Description                                                     | 💼                                                              | 🔧 | 💡 |
+| :--------------------------------------------------------------------- | :-------------------------------------------------------------- | :-------------------------------------------------------------- | :- | :- |
+| [template-link-rel-noopener](docs/rules/template-link-rel-noopener.md) | require rel="noopener noreferrer" on links with target="_blank" | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) | 🔧 |    |
+| [template-no-triple-curlies](docs/rules/template-no-triple-curlies.md) | disallow usage of triple curly brackets (unescaped variables)   | ![gjs logo](/docs/svgs/gjs.svg) ![gts logo](/docs/svgs/gts.svg) |    |    |
 
 ### Services
 
diff --git a/docs/rules/template-link-rel-noopener.md b/docs/rules/template-link-rel-noopener.md
@@ -0,0 +1,15 @@
+# ember/template-link-rel-noopener
+
+💼 This rule is enabled in the following [configs](https://github.com/ember-cli/eslint-plugin-ember#-configurations): ![gjs logo](/docs/svgs/gjs.svg) `recommended-gjs`, ![gts logo](/docs/svgs/gts.svg) `recommended-gts`.
+
+🔧 This rule is automatically fixable by the [`--fix` CLI option](https://eslint.org/docs/latest/user-guide/command-line-interface#--fix).
+
+<!-- end auto-generated rule header -->
+
+## Examples
+
+See ember-template-lint documentation.
+
+## References
+
+- [ember-template-lint link-rel-noopener](https://github.com/ember-template-lint/ember-template-lint/blob/master/docs/rule/link-rel-noopener.md)
diff --git a/docs/rules/template-no-duplicate-id.md b/docs/rules/template-no-duplicate-id.md
@@ -0,0 +1,13 @@
+# ember/template-no-duplicate-id
+
+💼 This rule is enabled in the following [configs](https://github.com/ember-cli/eslint-plugin-ember#-configurations): ![gjs logo](/docs/svgs/gjs.svg) `recommended-gjs`, ![gts logo](/docs/svgs/gts.svg) `recommended-gts`.
+
+<!-- end auto-generated rule header -->
+
+## Examples
+
+See ember-template-lint documentation.
+
+## References
+
+- [ember-template-lint no-duplicate-id](https://github.com/ember-template-lint/ember-template-lint/blob/master/docs/rule/no-duplicate-id.md)
diff --git a/docs/rules/template-no-inline-styles.md b/docs/rules/template-no-inline-styles.md
@@ -0,0 +1,11 @@
+# ember/template-no-inline-styles
+
+<!-- end auto-generated rule header -->
+
+## Examples
+
+See ember-template-lint documentation.
+
+## References
+
+- [ember-template-lint no-inline-styles](https://github.com/ember-template-lint/ember-template-lint/blob/master/docs/rule/no-inline-styles.md)
diff --git a/docs/rules/template-no-unbound.md b/docs/rules/template-no-unbound.md
@@ -0,0 +1,13 @@
+# ember/template-no-unbound
+
+💼 This rule is enabled in the following [configs](https://github.com/ember-cli/eslint-plugin-ember#-configurations): ![gjs logo](/docs/svgs/gjs.svg) `recommended-gjs`, ![gts logo](/docs/svgs/gts.svg) `recommended-gts`.
+
+<!-- end auto-generated rule header -->
+
+## Examples
+
+See ember-template-lint documentation.
+
+## References
+
+- [ember-template-lint no-unbound](https://github.com/ember-template-lint/ember-template-lint/blob/master/docs/rule/no-unbound.md)
diff --git a/docs/rules/template-no-unnecessary-concat.md b/docs/rules/template-no-unnecessary-concat.md
@@ -0,0 +1,15 @@
+# ember/template-no-unnecessary-concat
+
+💼 This rule is enabled in the following [configs](https://github.com/ember-cli/eslint-plugin-ember#-configurations): ![gjs logo](/docs/svgs/gjs.svg) `recommended-gjs`, ![gts logo](/docs/svgs/gts.svg) `recommended-gts`.
+
+🔧 This rule is automatically fixable by the [`--fix` CLI option](https://eslint.org/docs/latest/user-guide/command-line-interface#--fix).
+
+<!-- end auto-generated rule header -->
+
+## Examples
+
+See ember-template-lint documentation.
+
+## References
+
+- [ember-template-lint no-unnecessary-concat](https://github.com/ember-template-lint/ember-template-lint/blob/master/docs/rule/no-unnecessary-concat.md)
diff --git a/docs/rules/template-no-with.md b/docs/rules/template-no-with.md
@@ -0,0 +1,13 @@
+# ember/template-no-with
+
+💼 This rule is enabled in the following [configs](https://github.com/ember-cli/eslint-plugin-ember#-configurations): ![gjs logo](/docs/svgs/gjs.svg) `recommended-gjs`, ![gts logo](/docs/svgs/gts.svg) `recommended-gts`.
+
+<!-- end auto-generated rule header -->
+
+## Examples
+
+See ember-template-lint documentation.
+
+## References
+
+- [ember-template-lint no-with](https://github.com/ember-template-lint/ember-template-lint/blob/master/docs/rule/no-with.md)
diff --git a/lib/recommended-rules-gjs.js b/lib/recommended-rules-gjs.js
@@ -7,17 +7,22 @@
 module.exports = {
   "ember/template-deprecated-inline-view-helper": "error",
   "ember/template-deprecated-render-helper": "error",
+  "ember/template-link-rel-noopener": "error",
   "ember/template-no-abstract-roles": "error",
   "ember/template-no-accesskey-attribute": "error",
   "ember/template-no-action": "error",
   "ember/template-no-aria-hidden-body": "error",
   "ember/template-no-autofocus-attribute": "error",
   "ember/template-no-debugger": "error",
   "ember/template-no-duplicate-attributes": "error",
+  "ember/template-no-duplicate-id": "error",
   "ember/template-no-let-reference": "error",
   "ember/template-no-log": "error",
   "ember/template-no-partial": "error",
   "ember/template-no-positive-tabindex": "error",
   "ember/template-no-triple-curlies": "error",
+  "ember/template-no-unbound": "error",
+  "ember/template-no-unnecessary-concat": "error",
+  "ember/template-no-with": "error",
   "ember/template-require-button-type": "error"
 }
diff --git a/lib/recommended-rules-gts.js b/lib/recommended-rules-gts.js
@@ -7,17 +7,22 @@
 module.exports = {
   "ember/template-deprecated-inline-view-helper": "error",
   "ember/template-deprecated-render-helper": "error",
+  "ember/template-link-rel-noopener": "error",
   "ember/template-no-abstract-roles": "error",
   "ember/template-no-accesskey-attribute": "error",
   "ember/template-no-action": "error",
   "ember/template-no-aria-hidden-body": "error",
   "ember/template-no-autofocus-attribute": "error",
   "ember/template-no-debugger": "error",
   "ember/template-no-duplicate-attributes": "error",
+  "ember/template-no-duplicate-id": "error",
   "ember/template-no-let-reference": "error",
   "ember/template-no-log": "error",
   "ember/template-no-partial": "error",
   "ember/template-no-positive-tabindex": "error",
   "ember/template-no-triple-curlies": "error",
+  "ember/template-no-unbound": "error",
+  "ember/template-no-unnecessary-concat": "error",
+  "ember/template-no-with": "error",
   "ember/template-require-button-type": "error"
 }
diff --git a/lib/rules/template-link-rel-noopener.js b/lib/rules/template-link-rel-noopener.js
@@ -0,0 +1,51 @@
+/** @type {import('eslint').Rule.RuleModule} */
+module.exports = {
+  meta: {
+    type: 'problem',
+    docs: {
+      description: 'require rel="noopener noreferrer" on links with target="_blank"',
+      category: 'Security',
+      recommendedGjs: true,
+      recommendedGts: true,
+      url: 'https://github.com/ember-cli/eslint-plugin-ember/tree/master/docs/rules/template-link-rel-noopener.md',
+    },
+    fixable: 'code',
+    schema: [],
+    messages: {
+      missingRel: 'links with target="_blank" must have rel="noopener noreferrer"',
+    },
+  },
+  create(context) {
+    return {
+      GlimmerElementNode(node) {
+        if (node.tag !== 'a') return;
+        
+        const targetAttr = node.attributes?.find((a) => a.name === 'target');
+        if (!targetAttr?.value || targetAttr.value.type !== 'GlimmerTextNode') return;
+        if (targetAttr.value.chars !== '_blank') return;
+
+        const relAttr = node.attributes?.find((a) => a.name === 'rel');
+        const hasProperRel =
+          relAttr?.value?.type === 'GlimmerTextNode' &&
+          /noopener/.test(relAttr.value.chars) &&
+          /noreferrer/.test(relAttr.value.chars);
+
+        if (!hasProperRel) {
+          context.report({
+            node: targetAttr,
+            messageId: 'missingRel',
+            fix(fixer) {
+              const sourceCode = context.sourceCode;
+              const openTag = sourceCode.getText(node).match(/^<a[^>]*/)[0];
+              const insertPos = node.range[0] + openTag.length;
+              return fixer.insertTextBeforeRange(
+                [insertPos, insertPos],
+                ' rel="noopener noreferrer"'
+              );
+            },
+          });
+        }
+      },
+    };
+  },
+};
diff --git a/lib/rules/template-no-duplicate-id.js b/lib/rules/template-no-duplicate-id.js
@@ -0,0 +1,34 @@
+/** @type {import('eslint').Rule.RuleModule} */
+module.exports = {
+  meta: {
+    type: 'problem',
+    docs: {
+      description: 'disallow duplicate id attributes',
+      category: 'Best Practices',
+      recommendedGjs: true,
+      recommendedGts: true,
+      url: 'https://github.com/ember-cli/eslint-plugin-ember/tree/master/docs/rules/template-no-duplicate-id.md',
+    },
+    schema: [],
+    messages: { duplicate: 'Duplicate id attribute "{{id}}" found' },
+  },
+  create(context) {
+    const seenIds = new Map();
+    return {
+      'GlimmerTemplate:exit'() {
+        seenIds.clear();
+      },
+      GlimmerElementNode(node) {
+        const idAttr = node.attributes?.find((a) => a.name === 'id');
+        if (idAttr?.value?.type === 'GlimmerTextNode') {
+          const id = idAttr.value.chars;
+          if (seenIds.has(id)) {
+            context.report({ node: idAttr, messageId: 'duplicate', data: { id } });
+          } else {
+            seenIds.set(id, idAttr);
+          }
+        }
+      },
+    };
+  },
+};
diff --git a/lib/rules/template-no-inline-styles.js b/lib/rules/template-no-inline-styles.js
@@ -0,0 +1,25 @@
+/** @type {import('eslint').Rule.RuleModule} */
+module.exports = {
+  meta: {
+    type: 'suggestion',
+    docs: {
+      description: 'disallow inline styles',
+      category: 'Best Practices',
+      recommendedGjs: false,
+      recommendedGts: false,
+      url: 'https://github.com/ember-cli/eslint-plugin-ember/tree/master/docs/rules/template-no-inline-styles.md',
+    },
+    schema: [],
+    messages: { noInlineStyles: 'Inline styles are not allowed' },
+  },
+  create(context) {
+    return {
+      GlimmerElementNode(node) {
+        const styleAttr = node.attributes?.find((a) => a.name === 'style');
+        if (styleAttr) {
+          context.report({ node: styleAttr, messageId: 'noInlineStyles' });
+        }
+      },
+    };
+  },
+};
diff --git a/lib/rules/template-no-unbound.js b/lib/rules/template-no-unbound.js
@@ -0,0 +1,27 @@
+/** @type {import('eslint').Rule.RuleModule} */
+module.exports = {
+  meta: {
+    type: 'suggestion',
+    docs: {
+      description: 'disallow {{unbound}} helper',
+      category: 'Deprecations',
+      recommendedGjs: true,
+      recommendedGts: true,
+      url: 'https://github.com/ember-cli/eslint-plugin-ember/tree/master/docs/rules/template-no-unbound.md',
+    },
+    schema: [],
+    messages: { unexpected: 'Unexpected unbound helper usage.' },
+  },
+  create(context) {
+    function check(node) {
+      if (node.path?.type === 'GlimmerPathExpression' && node.path.original === 'unbound') {
+        context.report({ node, messageId: 'unexpected' });
+      }
+    }
+    return {
+      GlimmerMustacheStatement: check,
+      GlimmerBlockStatement: check,
+      GlimmerSubExpression: check,
+    };
+  },
+};
diff --git a/lib/rules/template-no-unnecessary-concat.js b/lib/rules/template-no-unnecessary-concat.js
@@ -0,0 +1,38 @@
+/** @type {import('eslint').Rule.RuleModule} */
+module.exports = {
+  meta: {
+    type: 'suggestion',
+    docs: {
+      description: 'disallow unnecessary string concatenation',
+      category: 'Best Practices',
+      recommendedGjs: true,
+      recommendedGts: true,
+      url: 'https://github.com/ember-cli/eslint-plugin-ember/tree/master/docs/rules/template-no-unnecessary-concat.md',
+    },
+    fixable: 'code',
+    schema: [],
+    messages: {
+      unnecessary: 'Unnecessary string concatenation. Use {{inner}} instead of {{outer}}.',
+    },
+  },
+  create(context) {
+    return {
+      GlimmerConcatStatement(node) {
+        if (node.parts?.length === 1) {
+          const sourceCode = context.sourceCode;
+          context.report({
+            node,
+            messageId: 'unnecessary',
+            data: {
+              inner: sourceCode.getText(node.parts[0]),
+              outer: sourceCode.getText(node),
+            },
+            fix(fixer) {
+              return fixer.replaceText(node, sourceCode.getText(node.parts[0]));
+            },
+          });
+        }
+      },
+    };
+  },
+};
diff --git a/lib/rules/template-no-with.js b/lib/rules/template-no-with.js
@@ -0,0 +1,27 @@
+/** @type {import('eslint').Rule.RuleModule} */
+module.exports = {
+  meta: {
+    type: 'suggestion',
+    docs: {
+      description: 'disallow {{with}} helper',
+      category: 'Deprecations',
+      recommendedGjs: true,
+      recommendedGts: true,
+      url: 'https://github.com/ember-cli/eslint-plugin-ember/tree/master/docs/rules/template-no-with.md',
+    },
+    schema: [],
+    messages: {
+      deprecated:
+        'The use of `{{with}}` has been deprecated. See https://deprecations.emberjs.com/v3.x/#toc_ember-glimmer-with-syntax',
+    },
+  },
+  create(context) {
+    return {
+      GlimmerBlockStatement(node) {
+        if (node.path?.type === 'GlimmerPathExpression' && node.path.original === 'with') {
+          context.report({ node, messageId: 'deprecated' });
+        }
+      },
+    };
+  },
+};
diff --git a/tests/lib/rules/template-link-rel-noopener.js b/tests/lib/rules/template-link-rel-noopener.js
@@ -0,0 +1,16 @@
+const rule = require('../../../lib/rules/template-link-rel-noopener');
+const RuleTester = require('eslint').RuleTester;
+const ruleTester = new RuleTester({
+  parser: require.resolve('ember-eslint-parser'),
+  parserOptions: { ecmaVersion: 2022, sourceType: 'module' },
+});
+ruleTester.run('template-link-rel-noopener', rule, {
+  valid: ['<template><a href="/" target="_blank" rel="noopener noreferrer">Link</a></template>'],
+  invalid: [
+    { 
+      code: '<template><a href="/" target="_blank">Link</a></template>', 
+      output: '<template><a href="/" target="_blank" rel="noopener noreferrer">Link</a></template>',
+      errors: [{ messageId: 'missingRel' }] 
+    },
+  ],
+});
diff --git a/tests/lib/rules/template-no-duplicate-id.js b/tests/lib/rules/template-no-duplicate-id.js
diff --git a/tests/lib/rules/template-no-inline-styles.js b/tests/lib/rules/template-no-inline-styles.js
diff --git a/tests/lib/rules/template-no-unbound.js b/tests/lib/rules/template-no-unbound.js
diff --git a/tests/lib/rules/template-no-unnecessary-concat.js b/tests/lib/rules/template-no-unnecessary-concat.js
diff --git a/tests/lib/rules/template-no-with.js b/tests/lib/rules/template-no-with.js
