Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
eslint-config-frost-standard
Advanced tools
Standard ESLint rules for Frost projects (based on standard
).
It is our goal to not deviate from standard
but rather augment it with some additional rules not currently covered
by standard
. For example, we currently add some rules w.r.t. JSDoc comments.
One of the reasons for this package's existence is to be able to define some additional rules that standard
didn't see fit to include, but that we find useful/necessary. Here we will highlight what these rules are, but just in case our documentation ever falls behind :scream:, You can always find the full list of additions here.
camelcase
Enforces a camelCase
variable naming convention. More details available here.
complexity
Enforces a maximum cyclomatic complexity (of 5) for functions. More details available here.
max-len
Enforces a maximum line length of 120 characters. More details available here
valid-jsdoc
Make sure your JSDoc
comment blocks are valid/consistent. More details available here.
eslint-plugin-mocha
We use a number of rules from eslint-plugin-mocha
but we currently use our own fork of the project to provide support for ember-cli-mocha
. We should be updating to the latest soon since our fork is no longer necessary and we can define this in our rule config
mocha/handle-done-callback
Make sure that when you define the done
callback, you actually call it somewhere. More details available here.
mocha/no-exclusive-tests
Make sure you don't accidentally check in a describe.only
. More details available here.
mocha/no-global-tests
Make sure you don't use an it()
outside of a describe()
. More details available here.
mocha/no-pending-tests
Make sure you don't include empty it()
calls. More details available here.
mocha/no-skipped-tests
Emit a warning when you use it.skip()
or describe.skip()
. Sometimes it's necessary, but it's nice to easily see them all listed out in one place, and they should be temporary whenever they are checked in. More details available here.
no-unused-expressions
Stop developers from using property assertions like expect(foo).to.be.true
. Mainly because of this issue.
More details available here.
5.2.0
ocd/sort-imports
rule to separate internal and external modules.FAQs
Standard ESLint rules for Frost projects
The npm package eslint-config-frost-standard receives a total of 15 weekly downloads. As such, eslint-config-frost-standard popularity was classified as not popular.
We found that eslint-config-frost-standard demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.