docs/projects/regal/rules/imports/import-shadows-builtin.md
Summary: Import shadows built-in namespace
Category: Imports
Avoid
package policy
# Shadows the built-in `print` function
import data.print
# Shadows the built-in `http.send` function
import input.attributes.http
Prefer To either use different names for your packages, or use import aliases to avoid shadowing built-ins.
package policy
# Using a different package name
import data.printer
# Using an alias
import input.attributes.http as http_attributes
OPA will not complain about an import shadowing the name or the "namespace" (i.e. array in array.slice) until a
conflicting built-in function is used in the same policy. Preventing this to happen in the first place is a better
option!
Why does this happen? The OPA compiler rewrites any import used in a policy, so that the shorthand form expands to its longer form. Provided a simple policy like this:
package policy
import data.http
allow if {
http.send({"method": "GET", "url": "https://example.com"})
}
The compiler will go ahead and rewrite the http.send call using the import:
allow if {
data.http.send({"method": "GET", "url": "https://example.com"})
}
This is obviously not what the policy author intended.
This linter rule provides the following configuration options:
rules:
imports:
import-shadows-builtin:
# one of "error", "warning", "ignore"
level: error