Security News
Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm
Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.
By Philipp Burckhardt - Nov 14, 2025
@readme/eslint-config
Advanced tools
@readme/eslint-config
Core coding standards for ReadMe projects.
Installation
You'll need to install ESLint and Prettier into your project. Use this shortcut to install them alongside the config (if using npm 5+):
npx install-peerdeps --dev @readme/eslint-config
If you already have eslint and prettier installed in your project you run this command to install the config:
npm install --save-dev @readme/eslint-config
Usage
Create a .eslintrc file with the following contents:
{
"extends": [
"@readme/eslint-config"
]
}
Configs
| Config | Description |
|---|---|
@readme/eslint-config | Rules for a pure JS codebase. |
Specialties
Note If you use one, or both of these, you should also extend
@readme/eslint-config.
| Config | Description |
|---|---|
@readme/eslint-config/esm | Rules for ESM codebases. |
@readme/eslint-config/react | Rules for codebases that use React. |
@readme/eslint-config/typescript | Rules for a TS codebase. |
Unit testing
| Config | Description |
|---|---|
@readme/eslint-config/testing/jest | Rules specific to the Jest test runner. |
@readme/eslint-config/testing/jest-dom | Jest-specific rules for when testing, and using jest-dom. Automaticaly imports @readme/eslint-config/testing/jest. |
@readme/eslint-config/testing/react | Rules specific to React codebases where you use @testing-library/react. Is specific to neither Jest or Vitest. |
@readme/eslint-config/testing/vitest | Rules specific to the Vitest test runner. |
Prettier
Included in this is our shared Prettier config. You can use it in your application by adding the following to your package.json:
"prettier": "@readme/eslint-config/prettier"
FAQs
ReadMe coding standards
We found that @readme/eslint-config demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 11 open source maintainers collaborating on the project.
Package last updated on 08 Mar 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PyPI Expands Trusted Publishing to GitLab Self-Managed as Adoption Passes 25 Percent
PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads
By Sarah Gooding - Nov 14, 2025
Research
/Security News
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.
By Kirill Boychenko - Nov 12, 2025