Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
eslint-config-openlayers
Advanced tools
This package provides shareable ESLint configurations for JavaScript projects that conform with the OpenLayers coding style.
To make use of this config, install ESLint and this package as a development dependency of your project:
npm install eslint eslint-config-openlayers --save-dev
Next, create a eslint.config.js
file at the root of your project. This file should export the openlayers configuration along with any overrides your project might include:
// eslint.config.js
import openlayers from 'eslint-config-openlayers';
export default [
...openlayers
];
See the ESLint configuration guide for details on additional configuration options. Any rules configured in your eslint.config.js
file will override those provided by the eslint-config-openlayers
package.
You should run the linter as part of (or before) your tests. Assuming tests are run before any proposed changes are merged, this will ensure coding standards are maintained in your default branch. Using npm scripts is the preferred way to run the linter without requiring it to be a global dependency. Assuming you want to lint all JavaScript files in your project, add the following entry to your package.json
:
{
"scripts": {
"pretest": "eslint src"
}
}
With this pretest
entry in your package.json
, ESLint will run on all JavaScript files in the src
directory of your project using your .eslintrc
config when tests are run:
npm test
See the ESLint CLI guide for additional options when running ESLint.
In addition to running the linter when your tests are run, you should configure your editor to run the linter as well. See the ESLint integration page to find details on configuring your editor to warn you of ESLint errors.
If you are using VSCode, you'll need to configure it to use ESLint's flat config syntax:
{
"eslint.useFlatConfig": true
}
See the examples directory for more usage examples.
To add another configuration profile, add a new config script to the root of the repository directory (e.g. new-config.js
). This script should export an ESLint config object and should have an extends: './index.js' property
. People using this config will add extends/new-config
to their own ESLint config.
You should add and example for your new profile and ensure that tests pass with any changes.
npm test
After adding a new config profile or modifying an existing one, publish a new version of the package. Adding a new "error" level rule constitutes a major release. A new profile or non-breaking modification to an existing profile (e.g. a "warning" level rule) can be a minor release.
Publishing a new minor release would look like this:
# commit and push any changes first
npm version minor # this bumps the package.json version number and tags
git push --tags origin main
npm publish
FAQs
ESLint configuration for OpenLayers
The npm package eslint-config-openlayers receives a total of 588 weekly downloads. As such, eslint-config-openlayers popularity was classified as not popular.
We found that eslint-config-openlayers demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.