Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@strv/eslint-config-javascript
Advanced tools
Write bulletproof JavaScript like a pro! 😎
This repository contains various configuration files for the awesome JavaScript linter, ESLint. The configuration files are purposefully separated into various categories to allow their composition according to developers' preferences or requirements. It should also make adoption of ESLint across existing codebases easier.
This package can be installed via npm (make sure you also install the latest version of ESLint):
npm install --save-dev eslint@latest @strv/eslint-config-javascript@latest
Once the ruleset is installed, you must create your own .eslintrc.{js,json,yml} configuration file in your project's root (or in some of the subfolders, if you want to apply different rules to different parts of your code) and include those rulesets that you want to use. See the tutorial directory for, well... tutorial.
See the editor-integrations document for tips.
See the tutorial directory for lots of example config files.
This one contains rules specific to web accessibility best practices.
Requires configuration. See the docs for more info.
These rulesets include rules which deal with how the code looks like and not how it works. They help keep the code clean and consistent.
@strv/javascript/coding-styles/recommended
@strv/javascript/coding-styles/fixable
This is a subset of the
recommended
coding style ruleset and includes only rules which ESLint can fix automatically. This is great for gradual adoption of coding style rulesets into existing projects.
@strv/javascript/coding-styles/flow
This one contains coding style rules for code using Flow
This software is licensed under the BSD-3-Clause License. See the LICENSE file for more information.
FAQs
Write bulletproof JavaScript like a pro! 😎
The npm package @strv/eslint-config-javascript receives a total of 301 weekly downloads. As such, @strv/eslint-config-javascript popularity was classified as not popular.
We found that @strv/eslint-config-javascript demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.