Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@nabla/vite-plugin-eslint
Advanced tools
Plugs ESLint into Vite dev server.
Because of this, the plugin can't fail the build and is only applied in dev. Like typechecking, linting should be done before or in parallel of the build command.
yarn add --dev @nabla/vite-plugin-eslint
import { defineConfig } from "vite";
import eslintPlugin from "@nabla/vite-plugin-eslint";
export default defineConfig({
plugins: [eslintPlugin()],
});
{ cache: true }
Note: the fix
option is only supported from 1.3.4
(path: string) => boolean
(path) => path.match(/\/src\/[^?]*\.(vue|svelte|m?[jt]sx?)$/)
You can use DEBUG=eslint node_modules/.bin/vite
to debug this option (available in 1.4.0
)
string | ((result: ESLint.LintResult) => void)
If provided, the value is passed to eslint.loadFormatter
. Use stylish
to get a CRA like output. Async formatters are supported in 1.5.0
. Function support was added in 2.0.2
.
FAQs
Plugs ESLint into Vite dev server
We found that @nabla/vite-plugin-eslint demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.