Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
@equisoft/eslint-config
Advanced tools
Equisoft's ESLint configuration
This project hosts Equisoft's ESLint configuration. It is versatile enough to be used with NodeJS or Web projects.
When using frameworks or libraries, you can augment it with the use of flavors, such as @equisoft/eslint-config-react.
Versioning
The versioning of this project respects semver. That means your project's package.json can caret (^) import it.
Installation
Install the libraries in your project:
yarn add --dev @equisoft/eslint-config eslint
Then create a .eslintrc file that uses Equisoft's configuration:
{
"extends": ["@equisoft/eslint-config"]
}
Finally create a script in your package.json to easily run ESLint:
{
"scripts": {
"eslint": "eslint src",
"eslint:ci": "yarn eslint --format junit -o build/tests/eslint/junit.xml"
}
}
Now you can use yarn eslint to validate the code style of your Javascript files!
Continuous Integration
We strongly suggest that you enforce code style checks on your CI. For example, on CircleCI you can add a configuration similar to this one to your .circleci/config.yml:
eslint:
executor: 'node'
steps:
- run: 'mkdir -p build/tests/eslint/'
- run: 'yarn eslint:ci'
- store_test_results:
path: 'build/tests'
Migrating an existing codebase
ESLint supports exclusion of globs in .eslintignore. One way to gradually migrate a legacy code base to this configuration is to exclude all source files and add conforming files one at a time. To achieve this, add this to your .eslintignore:
src/**/*.js
!src/contacts/**/*.js
Note how an entry prefixed by ! is added to re-include some source files.
For more information on this technique, you can read the ESLint documentation.
Keywords
FAQs
Equisoft's ESLint configuration. Based on eslint-config-airbnb-base
The npm package @equisoft/eslint-config receives a total of 91 weekly downloads. As such, @equisoft/eslint-config popularity was classified as not popular.
We found that @equisoft/eslint-config demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 13 open source maintainers collaborating on the project.
Package last updated on 06 Dec 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025