
Security News
New CNA Scorecard Tool Ranks CVE Data Quality Across the Ecosystem
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.
@gitlab/eslint-config
Advanced tools
is GitLab's shared ESLint config file to be used in all javascript projects across GitLab. It encapsulates our coding standards and is based primarily upon eslint-config-airbnb-base
and eslint-plugin-vue
with the expectation that code formatting is handled separately by prettier.
yarn install
to install the project dependencies$ npm install @gitlab/eslint-config
after installing, make sure to add the following to your .eslintrc
file
{
"extends": [
"@gitlab"
]
}
This project automatically publishes the master
branch using semantic-release.
If a new commit/merge request is merged into master
and it's commit(s) follows the Angular Commit Message Conventions,
a release will be automatically generated and published. Commits that do not follow the convention will be ignored and a release will not be made for them.
FAQs
GitLab ESLint base configuration
We found that @gitlab/eslint-config demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.
Research
/Security News
Two npm packages masquerading as WhatsApp developer libraries include a kill switch that deletes all files if the phone number isn’t whitelisted.
Research
/Security News
Socket uncovered 11 malicious Go packages using obfuscated loaders to fetch and execute second-stage payloads via C2 domains.