
Security News
Package Maintainers Call for Improvements to GitHub’s New npm Security Plan
Maintainers back GitHub’s npm security overhaul but raise concerns about CI/CD workflows, enterprise support, and token management.
@loadsmart/stylelint-config
Advanced tools
A shareable default Stylelint config for ease of use in projects
A default configuration for Stylelint to be used on all projects that have CSS code in the company (or whoever wants to use it).
# with yarn
yarn add -D stylelint
# with npm
npm install --save-dev stylelint
# with yarn
yarn add -D @loadsmart/stylelint-config
# with npm
npm install --save-dev @loadsmart/stylelint-config
.stylelintrc.*
file like so:{
"...": "hide other properties for brevity",
"extends": ["...", "@loadsmart/stylelint-config"],
}
Keep in mind that rules that come last in the array will have higher priority and override the others that came before it.
It is recommended to have this ruleset in the first spot, and project specific rule sets after it (which should be kept to a minimum ideally).
This preset includes a few of the more important presets for stylelint and should be considered the standard for Loadsmart.
This preset includes/extends:
And uses the following plugins:
Major shout-outs and thanks to the contributors and maintainers of each of these projects! :celebrate:
For more info, take a look at the default export in the index.js
file. The config there is pretty self-explanatory.
To contribute, simply open a PR.
For major rule changes that can affect everyone, it is advised to first start an RFC to discuss it.
For issues, report them straight to the github repo's issues page.
FAQs
A shareable default Stylelint config for ease of use in projects
We found that @loadsmart/stylelint-config demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 18 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Maintainers back GitHub’s npm security overhaul but raise concerns about CI/CD workflows, enterprise support, and token management.
Product
Socket Firewall is a free tool that blocks malicious packages at install time, giving developers proactive protection against rising supply chain attacks.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.