Research
npm Malware Targets Telegram Bot Developers with Persistent SSH Backdoors
Malicious npm packages posing as Telegram bot libraries install SSH backdoors and exfiltrate data from Linux developer machines.
By Kush Pandya - Apr 18, 2025
You're Invited: Meet the Socket team at BSidesSF and RSAC - April 27 - May 1.RSVP →
eslint-config-react-app
Advanced tools
What is eslint-config-react-app?
The eslint-config-react-app package is a set of ESLint rules curated for React applications created with Create React App. It provides a baseline ESLint configuration that enforces best practices and common conventions for React and JavaScript code.
What are eslint-config-react-app's main functionalities?
Enforcing Code Style
This feature allows developers to enforce a consistent code style across their React project by extending the eslint-config-react-app in their project's ESLint configuration.
"eslintConfig": { "extends": "react-app" }Catching Common Errors
The package helps catch common errors, such as using incorrect data types or misusing React hooks, which can prevent potential bugs in the application.
// Example of an error caught by ESLint using eslint-config-react-app
const [count, setCount] = useState('0');
setCount(count + 1);Integration with Create React App
eslint-config-react-app is designed to integrate seamlessly with projects bootstrapped using Create React App, providing out-of-the-box linting that adheres to the conventions and rules preferred for React apps.
// No specific code sample, as this is about integration
// When using Create React App, eslint-config-react-app is automatically included.Other packages similar to eslint-config-react-app
eslint-config-airbnb
This package provides Airbnb's ESLint configuration, which is a popular style guide in the JavaScript community. It includes React-specific linting rules and differs from eslint-config-react-app by enforcing stricter code conventions and patterns.
eslint-config-standard-react
This is an ESLint configuration package that extends the StandardJS ruleset with React-specific rules. It offers a different set of opinions on code style and best practices compared to eslint-config-react-app.
eslint-config-prettier
eslint-config-prettier disables all ESLint rules that might conflict with Prettier formatting. While it doesn't provide React-specific rules, it's often used in conjunction with other ESLint configs, like eslint-config-react-app, to ensure code style consistency.
eslint-config-react-app
This package includes the shareable ESLint configuration used by Create React App.
Please refer to its documentation:
- Getting Started – How to create a new app.
- User Guide – How to develop apps bootstrapped with Create React App.
Usage in Create React App Projects
The easiest way to use this configuration is with Create React App, which includes it by default.
You don’t need to install it separately in Create React App projects.
Usage Outside of Create React App
If you want to use this ESLint configuration in a project not built with Create React App, you can install it with the following steps.
First, install this package and ESLint.
npm install --save-dev eslint-config-react-app eslint@^8.0.0
Then create a file named .eslintrc.json with following contents in the root folder of your project:
{
"extends": "react-app"
}
That's it! You can override the settings from eslint-config-react-app by editing the .eslintrc.json file. Learn more about configuring ESLint on the ESLint website.
Jest rules
This config also ships with optional Jest rules for ESLint (based on eslint-plugin-jest).
You can enable these rules by adding the Jest config to the extends array in your ESLint config.
{
"extends": ["react-app", "react-app/jest"]
}
Accessibility Checks
The following rules from the eslint-plugin-jsx-a11y plugin are activated:
- alt-text
- anchor-has-content
- aria-activedescendant-has-tabindex
- aria-props
- aria-proptypes
- aria-role
- aria-unsupported-elements
- heading-has-content
- href-no-hash
- iframe-has-title
- img-redundant-alt
- no-access-key
- no-distracting-elements
- no-redundant-roles
- role-has-required-aria-props
- role-supports-aria-props
- scope
If you want to enable even more accessibility rules, you can create an .eslintrc.json file in the root of your project with this content:
{
"extends": ["react-app", "plugin:jsx-a11y/recommended"],
"plugins": ["jsx-a11y"]
}
However, if you are using Create React App and have not ejected, any additional rules will only be displayed in the IDE integrations, but not in the browser or the terminal.
FAQs
ESLint configuration used by Create React App
The npm package eslint-config-react-app receives a total of 3,271,613 weekly downloads. As such, eslint-config-react-app popularity was classified as popular.
We found that eslint-config-react-app demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Package last updated on 12 Apr 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Python Tools Are Quickly Adopting the New pylock.toml Standard
pip, PDM, pip-audit, and the packaging library are already adding support for Python’s new lock file format.
By Sarah Gooding - Apr 18, 2025
Product
Go Support Is Now Generally Available
Socket's Go support is now generally available, bringing automatic scanning and deep code analysis to all users with Go projects.
By Peter van der Zee, Ryan Eberhardt - Apr 17, 2025