Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
eslint-config-openlayers
Advanced tools
This package provides shareable ESLint configurations for JavaScript projects that conform with the OpenLayers coding style.
To make use of this config, install ESLint and this package as a development dependency of your project:
npm install eslint eslint-config-openlayers --save-dev
Next, create a .eslintrc
file at the root of your project. At a minimum, this config file must include an extends
member:
{
"extends": "openlayers"
}
See the ESLint configuration guide for details on additional configuration options. Any rules configured in your .eslintrc
file will override those provided by the eslint-config-openlayers
package.
You should run the linter as part of (or before) your tests. Assuming tests are run before any proposed changes are merged, this will ensure coding standards are maintained in your default branch. Using npm scripts is the preferred way to run the linter without requiring it to be a global dependency. Assuming you want to lint all JavaScript files in your project, add the following entry to your package.json
:
{
"scripts": {
"pretest": "eslint src"
}
}
With this pretest
entry in your package.json
, ESLint will run on all JavaScript files in the src
directory of your project using your .eslintrc
config when tests are run:
npm test
See the ESLint CLI guide for additional options when running ESLint.
In addition to running the linter when your tests are run, you should configure your editor to run the linter as well. See the ESLint integration page to find details on configuring your editor to warn you of ESLint errors.
See the examples directory for more usage examples.
The eslint-config-openlayers
package includes a number of ESLint configuration profiles for different types of projects.
openlayers
(base config)The "base" config is suitable for Node projects or browser-based projects using a CommonJS module loader (e.g. Browserify or Webpack).
Example .eslintrc
:
{
"extends": "openlayers"
}
To add another configuration profile, add a new config script to the root of the repository directory (e.g. new-config.js
). This script should export an ESLint config object and should have an extends: './index.js' property
. People using this config will add extends/new-config
to their own ESLint config.
You should add and example for your new profile and ensure that tests pass with any changes.
npm test
After adding a new config profile or modifying an existing one, publish a new version of the package. Adding a new "error" level rule constitutes a major release. A new profile or non-breaking modification to an existing profile (e.g. a "warning" level rule) can be a minor release.
Publishing a new minor release would look like this:
# commit and push any changes first
npm version minor # this bumps the package.json version number and tags
git push --tags origin main
npm publish
FAQs
ESLint configuration for OpenLayers
The npm package eslint-config-openlayers receives a total of 602 weekly downloads. As such, eslint-config-openlayers popularity was classified as not popular.
We found that eslint-config-openlayers demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.