Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
editorconfig-tools
Advanced tools
Tools for verifying/fixing code style based on an EditorConfig file
This tool-set is for validating or fixing code that doesn't adhere to settings defined in .editorconfig
. It also is able to infer settings from existing code and generate an .editorconfig
file that matches all the files that are passed to it. See the EditorConfig Project for details about the .editorconfig
file.
The CLI is (currently) the only way of using editorconfig-tools. The following sections detail the 3 subcommands that editorconfig-tools provides.
Infer .editorconfig
settings from one or more files and generate an .editorconfig
file that matches all the files that are passed to it.
Here's an example using the files from this project. It is assumed that you have globstar enabled in your shell. While editorconfig-tools itself doesn't require it, these examples do use it to pass whole directories of files to editorconfig-tools.
$ editorconfig-tools infer ./* ./lib/**/* ./test/**/*
[*]
end_of_line = lf
indent_style = space
indent_size = 2
insert_final_newline = true
max_line_length = 80
trim_trailing_whitespace = true
[{./test/fixtures/end-of-line/file}]
end_of_line = crlf
[{./Makefile,./test/fixtures/indent-char-tab/file}]
indent_style: tab
[{./test/fixtures/insert-final-newline-false/file}]
insert_final_newline = false
As you can see, a set of rules has been generated that matches all of the files that we passed in. If we were making an .editorconfig
file for a project that doesn't already have one, we might want to write this out to a file:
$ editorconfig-tools infer ./* ./lib/**/* ./test/**/* > .editorconfig
We would still probably want to add root = true
to the file (if this is saved at the root of the project), but editorconfig-tools has done most of the work required to make an .editorconfig
file.
Check (validate) that file(s) adhere to .editorconfig
settings and return a non-zero exit code if errors are encountered (making it suitable for running as a test). For example, if we added some trailing whitespace to our readme, this would be the result:
$ editorconfig-tools check README.md
README.md failed trim_trailing_whitespace on line 46: found setting 'false', should be 'true'
Fix formatting errors that disobey .editorconfig
settings. This will modify your files without warning, so you should ensure that your project is under version control before running it.
For example, if we write a file with 4-space indentation, and then run the fix command (using the settings of this particular project) we will get back a 2-space indented file:
$ echo -e 'line one\n line two' > example-file
$ editorconfig-tools fix ./example-file
$ cat example-file
line one
line two
FAQs
Tools for verifying/fixing code style based on an EditorConfig file
The npm package editorconfig-tools receives a total of 7,185 weekly downloads. As such, editorconfig-tools popularity was classified as popular.
We found that editorconfig-tools demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.