Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
eslint-config-dxmweb
Advanced tools
在线浏览规则描述及示例:https://cloud.tencent.com/developer/section/1135602
安装:
npm i -D eslint babel-eslint eslint-config-dxmweb
在你的项目根目录下创建 .eslintrc.js
,并将以下内容复制到文件中:
module.exports = {
extends: [
'eslint-config-dxmweb',
],
globals: {
// 这里填入你的项目需要的全局变量
// 这里值为 false 表示这个全局变量不允许被重新赋值,比如:
//
// jQuery: false,
// $: false
},
rules: {
// 这里填入你的项目需要的个性化配置,比如:
//
// // @fixable 一个缩进必须用两个空格替代
// 'indent': [
// 'error',
// 2,
// {
// SwitchCase: 1,
// flatTernaryExpressions: true
// }
// ]
}
};
安装:
npm i -D eslint babel-eslint vue-eslint-parser eslint-plugin-vue eslint-config-dxmweb
在你的项目根目录下创建 .eslintrc.js
,并将以下内容复制到文件中:
module.exports = {
extends: [
'eslint-config-dxmweb/vue',
],
globals: {
// 这里填入你的项目需要的全局变量
// 这里值为 false 表示这个全局变量不允许被重新赋值,比如:
//
// Vue: false
},
rules: {
// 这里填入你的项目需要的个性化配置,比如:
//
// // @fixable 一个缩进必须用两个空格替代
// 'indent': [
// 'error',
// 2,
// {
// SwitchCase: 1,
// flatTernaryExpressions: true
// }
// ]
}
};
VSCode 对扩展(插件)的支持非常友好,在 VSCode 中使用 eslint 需要 「扩展 > 搜索eslint > 安装」,按照提示重新加载窗口即可以使用
在 VSCode 中,默认 ESLint 并不能识别 .vue
、.ts
或 .tsx
文件,需要在「文件 => 首选项 => 设置」里做如下配置:
{
"eslint.validate": [
"javascript",
"javascriptreact",
"html",
"vue"
]
}
如果需要针对 .vue
、.ts
和 .tsx
文件开启 ESLint 的 autoFix,则需要配置成:
{
"eslint.autoFixOnSave": true,
"eslint.validate": [
"javascript",
"javascriptreact",
"html",
{
"language": "vue",
"autoFix": true
}
]
}
FAQs
dxm eslint config
The npm package eslint-config-dxmweb receives a total of 6 weekly downloads. As such, eslint-config-dxmweb popularity was classified as not popular.
We found that eslint-config-dxmweb demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.