Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@jarrodldavis/eslint-config
Advanced tools
Shareable ESLint config for Prettier and TypeScript
Shareable ESLint config for Prettier and TypeScript
yarn add --dev @jarrodldavis/eslint-config
Since this is an ESLint Shareable Config, ESLint must be installed directly into your package if it isn't already:
yarn add --dev eslint
TypeScript is also required for linting TypeScript source (.ts
) and
declaration (.d.ts
) files:
yarn add --dev typescript
ESLint requires configs, plugins, and parsers referenced in configs to be
sibling modules of ESLint (i.e. they must be in exactly the same node_modules
directory).
This package specifies additional ESLint dependencies as both direct
dependencies and peer dependencies. If you are using Yarn or npm (since
v3), these dependencies should be automatically hoisted into your package's
top-level node_modules
directory.
If they are not, you will need to install these additional dependencies directly:
yarn add --dev prettier eslint-config-prettier eslint-plugin-prettier
yarn add --dev typescript-eslint-parser eslint-plugin-typescript
In your ESLint config, extend from this config:
{
"root": true,
"extends": ["@jarrodldavis"]
}
If you want to override any rule configurations, you can specify your own rule settings as normal:
{
"root": true,
"extends": ["@jarrodldavis"],
"rules": {
"no-console": "off"
}
}
For TypeScript source and declaration files, you'll need to use glob overrides:
{
"root": true,
"extends": ["@jarrodldavis"],
"rules": {
"no-console": "off"
},
"overrides": [
{
"files": "*.ts",
"rules": {
"typescript/class-name-casing": "off"
}
},
{
"files": "*.d.ts",
"rules": {
"typescript/interface-name-prefix": "warn"
}
}
]
}
FAQs
Shareable ESLint config for Prettier and TypeScript
The npm package @jarrodldavis/eslint-config receives a total of 0 weekly downloads. As such, @jarrodldavis/eslint-config popularity was classified as not popular.
We found that @jarrodldavis/eslint-config demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.