Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
eslint-config-brigade
Advanced tools
Readme
This package provides Brigade's ESLint config (.eslintrc
) as an extensible shared config.
npm install --save-dev eslint-config-brigade
npm info "eslint-config-brigade@latest" peerDependencies
.eslintrc
, use the extends
feature:{
extends: 'eslint-config-brigade'
}
If you are using this in a project with React, extend the React configuration instead:
{
extends: 'eslint-config-brigade/react'
}
If you disagree with any of our rules, simply override them locally in the rules
section of your .eslintrc
. For example, to allow not using semi-colons:
{
rules: {
'semi': 0, // 0 for off, 1 to warn, 2 to error
}
}
Unlike many other configs, eslint-config-brigade
should have no issue being installed in a production (NODE_ENV=production
) environment.
eslint-config-brigade
breaks on npm2eslint-config-brigade
does NOT support npm2 and below. This is because npm3 changed the way the peerDependencie
s are handled compared to npm2, and we believe the npm2 implementation to sub-par, and supporting it requires package.json
"hacks" that we don't like. eslint-config-brigade
may work with npm2, but we offer no support if it does not.
NOTE: We have found that even if you are using npm2, you may be able to get the package to install properly if you use the yarn package manager instead. (We almost exclusively use yarn at Brigade; it is significantly faster than npm.)
FAQs
Brigade's ESLint configuration
The npm package eslint-config-brigade receives a total of 38 weekly downloads. As such, eslint-config-brigade popularity was classified as not popular.
We found that eslint-config-brigade demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.