Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
eslint-config-frost-standard
Advanced tools
Standard ESLint rules for Frost projects (based on standard
).
It is our goal to not deviate from standard
but rather augment it with some additional rules not currently covered
by standard
. For example, we currently add some rules w.r.t. JSDoc comments.
One of the reasons for this package's existence is to be able to define some additional rules that standard
didn't see fit to include, but that we find useful/necessary. Here we will highlight what these rules are, but just
in case our documentation ever falls behind :scream:, You can always find the full list of additions here.
camelcase
Enforces a camelCase
variable naming convention. More details available
here.
complexity
Enforces a maximum cyclomatic complexity (of 5) for functions. More details available here.
max-len
Enforces a maximum line length of 120 characters. More details available here
no-var
Enforces the use of let
or const
instead of var
. More details available
here.
object-curly-spacing
Enforces that object literals do not have spaces around the curly braces. More details available here.
no-unused-expressions
This is mainly to avoid using dangerous property assertions in chai
like expect().to.be.null
. Some discussion
about why those are dangerous is available here.
More details available here.
valid-jsdoc
Make sure your JSDoc
comment blocks are valid/consistent. More details available
here.
eslint-plugin-ember-standard
We use a number of rules from
eslint-plugin-ember-standard
. More details
about each possible rule are available
here.
ember-standard/computed-property-readonly
Ensure that all computed properties are read-only.
ember-standard/destructure
Ensure that the Ember
object is destructured.
ember-standard/import
Ensure that the Ember
is explicitly imported.
ember-standard/logger
Ensure that the Ember.Logger
is used instead of console.log()
.
ember-standard/no-set-in-computed-property
Ensure that values are not set()
inside a computed property (no side-effects).
ember-standard/no-settimeout
Ensure that Ember.run
is used instead of setTimeout()
.
ember-standard/prop-types
Ensure that PropTypes
references from ember-prop-types
are valid.
ember-standard/single-destructure
Ensure Ember properties are destructured in a single variable declaration.
eslint-plugin-mocha
We use a number of rules from eslint-plugin-mocha
mocha/handle-done-callback
Make sure that when you define the done
callback, you actually call it somewhere. More details available here.
mocha/no-exclusive-tests
Make sure you don't accidentally check in a describe.only
. More details available here.
mocha/no-global-tests
Make sure you don't use an it()
outside of a describe()
. More details available here.
mocha/no-pending-tests
Make sure you don't include empty it()
calls. More details available here.
mocha/no-skipped-tests
Emit a warning when you use it.skip()
or describe.skip()
. Sometimes it's necessary, but it's nice to easily see them all listed out in one place, and they should be temporary whenever they are checked in. More details available here.
eslint-plugin-ocd
We use a number of rules from eslint-plugin-ocd
.
More details about the rules are available here.
ocd/sort-import-declaration-specifiers
Ensures that named imports within a single import block are sorted alphabetically.
ocd/sort-import-declaration
Ensures that imports are sorted alphabetically (by the module name, not the thing being imported).
ocd/sort-variable-declarator-properties
Ensures that destructured variables are sorted alphabetically.
10.0.1 (2018-09-25)
FAQs
Standard ESLint rules for Frost projects
The npm package eslint-config-frost-standard receives a total of 15 weekly downloads. As such, eslint-config-frost-standard popularity was classified as not popular.
We found that eslint-config-frost-standard demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.