Security News
JSR Working Group Kicks Off with Ambitious Roadmap and Plans for Open Governance
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
@clausehq/eslint-config
Advanced tools
A set of reuseable eslint linting rules used by Clause.io. Feel free to use these for your own projects.
Install this package and it's peer dependencies
yarn add -D @clausehq/eslint-config
yarn add -D eslint eslint-config-airbnb eslint-config-loopback eslint-plugin-import eslint-plugin-jest eslint-plugin-jsx-a11y eslint-plugin-promise eslint-plugin-react eslint-plugin-react-hooks
Create a file in the root of your repo called .eslintrc
with the contents
{
"extends": ["@clausehq/eslint-config"]
}
Although for serverless functions, where logs are aggregated directly from CloudWatch, you may want this config:
{
"extends": ["@clausehq/eslint-config"],
"rules": {
"no-console": "off"
}
}
Loopback 3 projects may want to add this rule for remote method declaration which by convention breaks this rule:
"no-param-reassign": 0
For React apps, use the following config:
{
"extends": ["@clausehq/eslint-config"],
"parser": "babel-eslint",
"settings": {
"import/resolver": {
"node": {
"paths": ["src"],
"extensions": [".js", ".jsx", ".ts", ".tsx"]
}
},
"react": {
"version": "detect"
}
}
}
Optionally add a file called .eslintignore
, here are some suggested contents
coverage
node_modules
FAQs
Reuseable eslint config. Created by Clause.io
We found that @clausehq/eslint-config demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.