Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@ministryofjustice/eslint-config-hmpps
Advanced tools
ESLint rules for HMPPS typescript projects
This package aims so simplify code style enforcement in HMPPS typescript projects using eslint
.
It should include all:
Usage is best demonstrated by the HMPPS typescript template as it already includes npm scripts and continuous integration tooling. New projects based on this template will automatically adopt this package.
The package will self install by running via npx:
npx @ministryofjustice/eslint-config-hmpps
The final step of the installation script is to run the linting tool, with --fix
.
This may expose some issues that need to manually fixed and some minor config overrides may need to be applied.
The template project was migrated as part of pull request 470, so you can either manually adopt changes from it or cherry-pick the squashed commit.
Essentially, the move from eslint v8 to v9 requires changes to eslint configuration:
npm uninstall @typescript-eslint/eslint-plugin @typescript-eslint/parser eslint eslint-config-airbnb-base eslint-config-prettier eslint-import-resolver-typescript eslint-plugin-cypress eslint-plugin-import eslint-plugin-no-only-tests eslint-plugin-prettier
npm install --save-dev @ministryofjustice/eslint-config-hmpps
.eslintignore
and .eslintrc.json
are not supported so can be deletedeslint.config.mjs
@ministryofjustice/eslint-config-hmpps
.eslintrc.json
compared with the template project,
include them after the shared defaultsnpm run lint
and address changes as necessary
eslint.config.mjs
to suit your project’s needsThe point of having shared styling rules is that it reduces bike-shedding and adds some consistency across projects.
If some overriding is required to make your project successfully build configuration can be overriden via eslint.config.mjs
,
e.g: here
and here.
It is deliberately not using typescript or rollup so that building is not required. CommonJS enables the parent and sibling packages to use the rules directly for lint checks.
FAQs
ESLint rules for HMPPS typescript projects
We found that @ministryofjustice/eslint-config-hmpps demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.