ESLint plugin enforces auth protection on Next.js routes
@clerk/eslint-plugin@0.1.0
Minor Changes
-
Add an experimental ESLint plugin
@clerk/eslint-plugin, with a singlerequire-auth-protectionrule for the Next.js App router. This rule helps enforce auth protections are present at the page/route/server function level. (#8704) by @EphemThe lint rule offers an editor quick-fix suggestion for unprotected resources that inserts
await auth.protect()at the top of the function. Suggestions are opt-in and are not applied byeslint --fix.Includes a bulk auto-fixer, available as the
clerk-next-fix-auth-protectioncommand. It lints with your existing ESLint config and applies theawait auth.protect()suggestion to every resource it can safely fix, reporting the rest as needing manual attention. Supports--dry-run.
Fetched June 18, 2026

