Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
eslint-config-qx
Advanced tools
ESLint shareable config for Qooxdoo
This depends on eslint-plugins-qx-rules
$ npm install --save-dev eslint-config-qx
For the esnext
version you'll also need Babel's ESLint parser and plugin:
$ npm install --save-dev babel-eslint eslint-plugin-babel
This will let you use ES2016 features like async
/await
and decorators. For a full list of features see Babel's experimental features and their Learn ES2015.
package.json
Create a new file package.json
with the following contents in your project:
{
"name": "<appname>",
"description": "<appdesc>",
"author": "Your Name <your@email.com>",
"version": "0.0.1",
"license": "MIT",
"dependencies": {},
"devDependencies": {
"eslint-config-qx": "^0.0.7"
},
"engine": "node >= 4.5",
"eslintConfig": {
"extends": [
"qx"
]
},
"scripts": {
"eslint": "eslint --cache"
}
}
Replace name, description and author ofc.
package.json
Add these lines to it:
{
"devDependencies": {
"eslint-config-qx": "^0.0.7"
},
"eslintConfig": {
"extends": [
"qx/browser"
]
},
"scripts": {
"eslint": "eslint --cache"
}
}
Add .eslintcache
to it.
eslint
and eslint-config-qx
$ npm install
$ npm run eslint -- .
Or lint AND fix:
$ npm run eslint -- --fix .
Normaly your app has its own globals, like qxl
for Qooxdoo Contribs,
for that you need to extend qx/browser
with your own config.
Create a file .eslintrc-qx
:
{
"globals": {
"qxl": false
}
}
This file tells eslint to ignore qxl
but don't allow writes to it.
Now you need to tell eslint about it in package.json
:
{
"eslintConfig": {
"extends": [
"qx/browser",
".eslintrc-qx"
]
}
}
Thats all.
.eslintignore
ESLint has its own .eslintignore
file, when you run npm run eslint .
it will lint
all JS files found including generated ones, to exclude them you can create a
.eslintignore
and files/directories to it like in .gitignore
.
This is mine:
build/
gh-pages/
node_modules/
source/script/
source/resource/
# No need for lint
Gruntfile.js
Supports parsing ES2015, but doesn't enforce it by default.
This package also exposes qx/esnext
if you want ES2015+ rules:
{
"extends": "qx/esnext"
}
And qx/browser
if you're in the browser:
{
"extends": "qx/browser"
}
If you want only check for safety-errors then extend qx/safety:
{
"extends": "qx/safety"
}
MIT
FAQs
ESLint shareable config for Qooxdoo
We found that eslint-config-qx demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.