Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
eslint-config-neo
Advanced tools
Official Neo Financial ESLint configuration
yarn add --dev eslint-config-neo
You can also install a specific version of the package by appending the version tag. For example, to install version 1.0.0
yarn add --dev eslint-config-neo@1.0.0
yarn add --dev eslint lint-staged husky typescript
yarn add --dev --exact prettier@1.16.4
It is recommended that you install an exact version of Prettier as they may introduce formatting changes in minor versions.
Add .eslintrc
to project root
{
"extends": "eslint-config-neo/config-backend"
}
Use eslint-config-neo/config-frontend
for frontend projects
Add .prettierrc
to project root
{
"printWidth": 100,
"singleQuote": true
}
Optional: If there are any files you want to exclude from Prettier add .prettierignore
to project root
Add .editorconfig
to project root
# http://editorconfig.org
root = true
[*]
charset = utf-8
end_of_line = lf
indent_size = 2
indent_style = space
insert_final_newline = true
max_line_length = 120
[*.md]
max_line_length = 0
trim_trailing_whitespace = false
[COMMIT_EDITMSG]
max_line_length = 0
Add the engines field to package.json
"engines": {
"node": ">=10.0.0"
}
Add scripts for linting and formatting to package.json
"scripts": {
"precommit": "lint-staged",
"lint": "eslint .",
"format": "prettier --write \"**/*.{ts,tsx,js,json,graphql,md}\"",
"format:check": "prettier --debug-check \"**/*.{ts,tsx,js,json,graphql,md}\""
}
Add a precommit hook to package.json
to automatically lint and format any files staged for commit
"lint-staged": {
"concurrent": false,
"linters": {
"*.{ts,tsx,js}": [
"eslint --quiet",
"git add"
],
"*.{ts,tsx,js,json,graphql,md}": [
"prettier --write",
"git add"
]
}
}
If you've added Prettier to an existing project you will want to format all the code. The precommit hook only updates files that have been changed and staged for commit. To format the entire codebase run
yarn format
Should I override the rule X? I don't like it.
No. If you want to do this, you have to ask the team. If a rule really doesn't make sense then we should remove or disable it.
Can I disable the rule on one line in my code, I have a good reason.
Yes. That's ok. Use a single-line disable.
0.1.0 (April 11, 2019)
Initial release! :tada:
FAQs
Official Neo Financial ESLint configuration
The npm package eslint-config-neo receives a total of 4,822 weekly downloads. As such, eslint-config-neo popularity was classified as popular.
We found that eslint-config-neo demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.