Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@ued2345/stylelint-config
Advanced tools
CSS 编码规范之 stylelint 配置文件 ‧ UED2345
在你的项目中安装 stylelint 和本配置包:
npm i -D stylelint
npm i -D @ued2345/stylelint-config
在你的项目的根目录添加 .stylelintrc.js
文件:
module.exports = {
extends: [
'@ued2345/stylelint-config',
],
}
在 extends
字段指定本配置包预设的规则集,各规则集的具体含义参见下面的 “规则集” 段落。
如果你的项目需要禁用或覆盖规则集中的某条规则,可以添加 rules
字段并写入你自己的规则配置:
rules: {
'block-no-empty': null, // 禁用某条规则
'color-hex-case': 'lower', // 覆盖某条规则
},
如果你需要把特定文件排除在校验范围之外,可添加 ignoreFiles
字段:
ignoreFiles: [
'./src/vendor/**/*.*',
],
在你的项目的 package.json
文件中添加脚本:
{
"scripts": {
"lint-css": "stylelint src/**/*.scss src/**/*.vue"
}
}
执行以下命令开始校验 CSS 代码:
npm run lint-css
如果需要 stylelint 帮忙修复(只有部分问题可以自动修复),执行以下命令:
npm run lint-css -- --fix
如有必要,你可以把上述命令整合到 CI、Git hook 等工作流中。
本配置包包含了多个预设的规则集,可以搭配使用。它们的含义分别如下:
规则集 | 含义 | 备注 |
---|---|---|
'@ued2345/stylelint-config' | 包含 所有规则 | 相当于同时启用以下三个规则集 |
'@ued2345/stylelint-config/preset/essential' | 包含 “疑似写错” 类型的规则 | 强制所有项目使用 |
'@ued2345/stylelint-config/preset/recommended' | 包含 “限制语言特性” 类型的规则 | 强烈推荐所有项目使用 |
'@ued2345/stylelint-config/preset/stylistic' | 包含 “代码风格约定” 类型的规则 | 推荐使用 |
我们可以在 .stylelintrc.js
文件的 extends
字段同时指定多个规则集:
extends: [
'@ued2345/stylelint-config/preset/essential',
'@ued2345/stylelint-config/preset/recommended',
],
FAQs
Stylelint config by UED2345
The npm package @ued2345/stylelint-config receives a total of 0 weekly downloads. As such, @ued2345/stylelint-config popularity was classified as not popular.
We found that @ued2345/stylelint-config demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.