🚀 Feature: Accept jsr: package version specifiers

[csjewell]

Feature Request Checklist

• I have pulled the latest main branch of the repository.
• I have searched for related issues and found none that matched my issue.

Overview

In pnpm 10.9.0 - specifically, their fix for pnpm/pnpm#8941 - they now accept jsr: as a package specifier, like so: (from https://github.com/csjewell/fedi-any-page/blob/dev/packages/re-pliers/package.json#L53-L60)

  "dependencies": {
    "@ant-design/icons-svg": "^4.4.2",
    "@nihility-io/cookies": "jsr:^1.0.3",
    "@valibot/valibot": "jsr:^1.0.0",
    "htm": "^3.1.1",
    "preact": "^10.25.3",
    "preact-markup": "^2.1.1"
  },

However, I get errors like this when I use this plugin in my eslint configuration (and yes, I'm showing only one example of three package.json files in my repository that are affected by this right now)

csjewell@csjewell-desktop:~/checkouts/fedi-any-page (dev *$%=)$ pnpm eslint --fix

> @csjewell-activitypub/[email protected] eslint /home/csjewell/checkouts/fedi-any-page
> eslint --config `git rev-parse --show-toplevel`/.config/eslint.config.js --fix

(node:2900283) ExperimentalWarning: Type Stripping is an experimental feature and might change at any time
(Use `node --trace-warnings ...` to show where the warning was created)

...

/home/csjewell/checkouts/fedi-any-page/packages/re-pliers/package.json
  1:1  error  Invalid version range for dependency @nihility-io/cookies: jsr:^1.0.3  package-json/valid-package-definition
  1:1  error  Invalid version range for dependency @valibot/valibot: jsr:^1.0.0      package-json/valid-package-definition

...

✖ 14 problems (8 errors, 6 warnings)

 ELIFECYCLE  Command failed with exit code 1.

I DO understand that they translate this to standard syntax before publishing it to npm. I'd just want this to not throw the error in this case. [I can work around it right now by disabling the rule, but it feels like cutting off the foot at the ankle in order to deal with an infected toe to me.]

It appears that it might be fixable by a one-line change in the rule - at https://github.com/JoshuaKGoldberg/eslint-plugin-package-json/blob/main/src/rules/valid-package-definition.ts#L10 - to me, I just don't have time to create a formal PR at the moment! I MIGHT be able to this weekend if you'd like me to.

Additional Info

No response

[michaelfaith]

Seems like a reasonable request. Thanks for raising it. As far as where the change would need to be made, the line you pointed to is actually not what's responsible for identifying violations. That regex is just regexing the output from package-json-validator, which this plugin delegates all violation detection too for that rule. So the change would need to be made there. Specifically: https://github.com/JoshuaKGoldberg/package-json-validator/blob/main/src/validators/validateDependencies.ts#L3-L19

We'd certainly welcome the contribution!

[JoshuaKGoldberg]

@all-contributors please add @csjewell for ideas.

🤖 Beep boop! This comment was added automatically by all-contributors-auto-action.
Not all contributions can be detected from Git & GitHub alone. Please comment any missing contribution types this bot missed.
...and of course, thank you for contributing! 💙

[allcontributors]

@JoshuaKGoldberg

I've put up a pull request to add @csjewell! 🎉

[csjewell]

1. We might want to ignore violations that arise from old versions of package-json-validator by changing the regex, while newer versions get fixed there. Or just require the newest version of p-j-v in the next version of this package. However you (as maintainers) want to have it done. At any rate, I'll start the PR for package-json-validator over the weekend.
2. In other news, I saw a mention of the newest versions of Yarn being able to do this, too. (I don't use it, just saw the mention.)