Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@magijs/lint
Advanced tools
我们通常会在项目中使用 ESLint、Stylelint 来协助我们把控编码质量,为了实现低成本、高性能、更稳定地接入工具, 提供了开箱即用的 Lint 能力,包含以下特性:
在现有规范下,把分散在项目中的依赖统一集成到了zalint命令包中维护升级。对于规范将内置在zalint中,不提供外部配置方式。后续将使用 zalint 内置的规范执行
yarn add @magijs/lint@latest
# 执行eslint检查js代码规范
zalint eslint
# 执行stylelint检查样式规范
zalint stylelint
# 生成报告,同时执行eslint和stylelint
zalint report
#
zalint staged
# 指定扫描client目录
zalint eslint -d client -fix
# 指定扫描client目录
zalint stylelint -d client -fix
# 指定扫描client目录
zalint report -d client
将 lint 与 Git 工作流结合使用,以便在提交代码时自动 lint 本次变更的代码。
git commit 流程检查:
FAQs
The npm package @magijs/lint receives a total of 22 weekly downloads. As such, @magijs/lint popularity was classified as not popular.
We found that @magijs/lint demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.