objectPrototypeBuiltIns
Reports direct calls to Object.prototype methods on object instances.
✅ This rule is included in the ts logical preset.
Objects can have properties that shadow the built-in methods from Object.prototype such as hasOwnProperty, isPrototypeOf, and propertyIsEnumerable.
Additionally, objects created with Object.create(null) do not inherit from Object.prototype and will not have these methods.
Calling these methods directly on objects can lead to errors or security vulnerabilities.
Examples
Section titled “Examples”const hasKey = object.hasOwnProperty("key");const isPrototypeOf = object.isPrototypeOf(other);const isEnumerable = object.propertyIsEnumerable("prop");const hasKey = Object.prototype.hasOwnProperty.call(object, "key");const isPrototypeOf = Object.prototype.isPrototypeOf.call(object, other);const isEnumerable = {}.propertyIsEnumerable.call(object, "prop");Options
Section titled “Options”This rule is not configurable.
When Not To Use It
Section titled “When Not To Use It”If code only uses objects with hardcoded keys and never uses Object.create(null) or allows user-controlled object keys, this rule might not be necessary.
Alternately, if your codebase overrides these properties -which is a dangerous legacy pattern most runtimes recommend against- you might not be able to enable this rule.
Further Reading
Section titled “Further Reading”- MDN:
Object.prototype.hasOwnProperty - MDN:
Object.prototype.isPrototypeOf - MDN:
Object.prototype.propertyIsEnumerable - MDN:
Object.create
Equivalents in Other Linters
Section titled “Equivalents in Other Linters”- Biome:
noPrototypeBuiltins - Deno:
no-prototype-builtins - ESLint:
no-prototype-builtins - Oxlint:
eslint/no-prototype-builtins