Security News
Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
eslint-config-modular
Advanced tools
ESLint Modular is a shareable config for ESLint that's broken-up into different modules that can be mixed-and-matched to match the needs of your project.
Each module defines rules that are meant to be reasonable defaults and best practices, but you can easily extend or override any of the rules to suit your needs.
tslint-modular
Modular TSLint configuration for TypeScript projects
@jsdevtools/eslint-config
Opinionated JSDevTools ESLint config for JavaScript, TypeScript, and JSX
Run the following npm command to install ESLint and ESLint Modular as dev-dependencies of your project:
npm install eslint @jsdevtools/eslint-config-modular --save-dev
Shareable configs are designed to work with the extends
feature of .eslintrc
files. You can learn more about
Shareable Configs on the official ESLint website.
To use ESLint Modular in your project, create an .eslintrc.yml
file with the following contents:
.eslintrc.yml
extends:
# These modules would be good for a Node.js project written in ES5
- "@jsdevtools/modular/best-practices"
- "@jsdevtools/modular/style"
- "@jsdevtools/modular/node"
- "@jsdevtools/modular/es5"
rules:
# You can override or extend any rules here
Modular ESLint Configuration includes the following modules. Mix-and-match them as applicable to your project.
@jsdevtools/modular/best-practices
(source)This module contains rules that prevent accidental bugs, insecure code, and bad coding practices. You can use this module directly, or use any/all of its sub-modules.
@jsdevtools/modular/best-practices/bugs
(source)The rules in this module prevent syntax that is likely to lead to accidental bugs or runtime errors. Examples include not reassigning native objects, and using ===
instead of ==
for comparisons. Most of the rules in this file will raise an error if violated, but some less-severe ones will only raise warnings.
@jsdevtools/modular/best-practices/security
(source)These rules help enforce security best-practices such as avoiding the eval()
statement and requiring "use strict"
directives.
@jsdevtools/modular/browser
(source)This module configures ESLint to recognize browser globals, such as window
, document
, navigator
, etc. It also contains rules that are specific to projects that are intended to run in web browsers, such as avoiding the alert()
statement and requiring the use strict
directive within a function.
@jsdevtools/modular/browser/jsx
(source)This module configures ESLint to parse JSX syntax. It also contains JSX-specific rules, such as enforcing the use of double-quotes in JSX attributes.
@jsdevtools/modular/es5
(source)This module configures ESLint to parse EcmaScript 5 code. It also disables ES6-specific rules, such as using let
instead of var
.
@jsdevtools/modular/es6
(source)This module configures ESLint to parse EcmaScript 6 (and newer) code. It also contains ES6-specific rules, such as not assigning to constants, calling super()
in constructors, and using let
instead of var
.
@jsdevtools/modular/modules/cjs
(source)This module configures ESLint to parse your JavaScript files with script semantics rather than ES6 module semantics, since CommonJS modules are not "true" JavaScript modules.
@jsdevtools/modular/modules/esm
(source)This module configures ESLint to parse your JavaScript files with ES6 module semantics rather than script semantics. It also disallows the use strict
directive, since ES6 modules are always strict.
@jsdevtools/modular/node
(source)This module configures ESLint to recognize Node.js globals, such as process
, __dirname
, Buffer
, etc. It also contains rules that are specific to Node.js projects, such as avoding new require()
syntax and disallowing concatenation with __dirname
.
@jsdevtools/modular/style
(source)This module contains code-styling and consistency rules. You can use this module directly, or use any/all of its sub-modules.
@jsdevtools/modular/style/conventions
(source)The rules in this module enforce an opinionated set of conventions, such as using double-quotes and semi-colons.
@jsdevtools/modular/style/naming
(source)These rules enforce JavaScript naming conventions, such as camel-case variables and capitialized classes.
@jsdevtools/modular/style/syntax
(source)These rules disallow outdated, nonstandard, and confusing syntax. Examples include labels, the comma operator, and nonstandard multiline strings.
@jsdevtools/modular/style/whitespace
(source)This module enforces opinionated whitespace rules, such as two-space indentation, Stroustrup style opening braces, and commas at the end of the line.
@jsdevtools/modular/test
(source)This module configures ESLint to recognize globals that are defined by common test frameworks, such as describe
, it
, beforeEach
, etc. It also disables rules that tend to cause problems with certain test frameworks.
Note: We recommend that you create a separate
.eslintrc.yml
file in your test folder. That way, it can use different modules and rules than the rest of your codebase.
ESLint Config Modular is 100% free and open-source, under the MIT license. Use it however you want.
This package is Treeware. If you use it in production, then we ask that you buy the world a tree to thank us for our work. By contributing to the Treeware forest you’ll be creating employment for local families and restoring wildlife habitats.
Thanks to these awesome companies for their support of Open Source developers ❤
FAQs
Modular ESLint configuration
The npm package eslint-config-modular receives a total of 1,400 weekly downloads. As such, eslint-config-modular popularity was classified as popular.
We found that eslint-config-modular demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.