Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
eslint-config-flowics
Advanced tools
#eslint-config-flowics
Common coding conventions for ensuring consistent style across Flowics JavaScript projects
eslint-config-flowics
exports several configuration, that can be combined with each other:
lib/base
: Rules only from eslint (no plugins). Several style rules & best practiceslib/promises
: requires eslint-plugin-promise
plugin. Promises checks & best practiceslib/react
: requires eslint-plugin-react
plugin. React checks & best practiceslib/flowtype
: requires eslint-plugin-flowtype
plugin. Flowtype checks & best practiceslib/imports
: requires eslint-plugin-import
plugin. Checks imports. Allows to detect
if you are importing a symbol that is no exported in the source module. USE IT!lib/tests
: Use it to override lib/base
to loosen up some rules in tests, and enable env jest & mocha.To use them, just configure your .eslintrc.json
as:
{
"parser": "babel-eslint",
"extends": [
"flowics/lib/base",
"flowics/lib/promises",
"flowics/lib/react",
"flowics/lib/flowtype",
"flowics/lib/imports",
"flowics/lib/tests",
]
}
Just combine the ones you are interested in.
The old way of using this config is still available (for now), but not recommend.
You have a few presets that include several of the mentioned configs.
lib/frontend
: Composes base
,promises
,flowtype
,imports
,react
& adds env: browser
lib/backend
: Composes base
,promises
,flowtype
,imports
,react
& adds env: node
Don't use them, it's better to compose the config on your own, so you only add the traits your project uses. (maybe you are not using flowtype or react, or don't care about promises rules)
Install eslint, the config, and the required plugins
yarn add --dev eslint babel-eslint eslint-config-flowics
Optionally, if you use the imports
config, also do:
yarn add --dev eslint-plugin-import
Optionally, if you use the react
config, also do:
yarn add --dev eslint-plugin-react
Optionally, if you use the promise
config, also do:
yarn add --dev eslint-plugin-promise
Optionally, if you use the flowtype
config, also do:
yarn add --dev eslint-plugin-flowtype
Run
npm publish
And answer the questions!
FAQs
ESLint's shareable config for Flowics JavaScript projects
The npm package eslint-config-flowics receives a total of 3 weekly downloads. As such, eslint-config-flowics popularity was classified as not popular.
We found that eslint-config-flowics demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.