LowFile-scopeJavaScript / TypeScript Plug & play

Use next/script safely and avoid inline scripts

For third-party scripts, use <Script> with an appropriate strategy and onLoad callbacks. Avoid dangerouslySetInnerHTML for scripts.

Why this matters

Controls priority, reduces blocking, and improves security/CSP.

Side-by-side examples engineers can pattern-match during review.

Avoid

<script>/* vendor inline */</script>

Prefer

import Script from 'next/script'
export default function Analytics(){ return (<Script src="/vendor.js" strategy="afterInteractive" />) }

Bad

Inline <script> in layout

Good

<Script strategy="afterInteractive" />

From the same buckets as this rule.

High
Keep 'use client' at the leaf: default to Server Components
Prefer Server Components for pages/layouts and move interactivity to small leaf Client Components. Only add 'use client' where browser APIs or event handlers are strictly necessary.
stack-nextjsstack-react+2
High
Make fetch caching explicit in Server Components
For dynamic data use { cache: 'no-store' } or file-level dynamic = 'force-dynamic'. For ISR use { next: { revalidate: N, tags: [...] } }.
stack-nextjsstack-react+2
High
Middleware only for light auth/rewrites
Keep middleware fast and side-effect free (no DB writes). Narrow the matcher and skip static assets. Use Route Handlers for heavy logic.
stack-nextjsstack-react+2