Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
eslint-config-standard-kit
Advanced tools
Standard.js is a fantastic collection of linter rules, but it difficult to integrate with other code-quality tools like Prettier, TypeScript, or Flow.
This package makes it easy to integrate Standard.js with these other tools by breaking its configuration into modular pieces. Just mix & match the bits you need for your particular setup:
standard-kit
- Basic Standard.js rulesstandard-kit/node
- Node.js runtime support, including CommonJS features like require
standard-kit/jsx
- JSX language supportstandard-kit/typescript
- TypeScript language supportstandard-kit/flow
- Flow language supportIf you use a tool like Prettier to format your source code, just prefix the rule names with standard-kit/lint
instead of standard-kit
. This will remove all formatting rules, leaving just the code-quality rules.
For example, here is an .eslintrc.json
that supports Prettier, JSX, and Typescript:
{
"extends": [
"standard-kit/lint",
"standard-kit/lint/jsx",
"standard-kit/lint/typescript"
],
"parserOptions": {
"project": "./tsconfig.json"
}
}
First, add eslint-plugin-standard-kit
as one of your project's devDependencies
:
npm install --save-dev eslint-plugin-standard-kit
Depending on which configurations you enable, you will need to add several other dependencies as well:
eslint-plugin-import
eslint-plugin-promise
eslint-plugin-standard
eslint-plugin-node
eslint-plugin-react
@typescript-eslint/parser
@typescript-eslint/eslint-plugin
babel-eslint
eslint-plugin-flowtype
Finally, edit your ESLint configuration file to enable your selected rules, as shown in the example above.
If you are using JSX or Typescript, you may want to pass the --ext
option to ESlint to tell it about the .jsx
or .ts
file extensions:
eslint --ext .js,.jsx,.ts src/
The TypeScript rules also need to know where your tsconfig.json
file is located. You can configure this using the parserOptions.project
setting, as shown in the example above.
This package auto-generate its configuration files based on the official eslint-config-standard and eslint-config-standard-jsx packages. This means you are getting the exact same rules as the official Standard.js project, just filtered into smaller files.
Typescript support comes from the @typescript-eslint/eslint-plugin recommended settings, but with a few adjustments to be more in line with what Standard.js does (like using 2-space indents instead of 4).
Flow support uses the recommended settings from eslint-plugin-flowtype.
0.13.0 (2019-07-30)
FAQs
Standard.js linting rules - broken into modular pieces
The npm package eslint-config-standard-kit receives a total of 1,660 weekly downloads. As such, eslint-config-standard-kit popularity was classified as popular.
We found that eslint-config-standard-kit demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.