Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
eslint-config-suade
Advanced tools
This package provides shareable ESLint configurations for JavaScript/Vue projects that conform to Suade Labs' coding style.
To use this config, install this package as a dev dependencies:
npm install eslint-config-save --save-dev
Next, add an eslintConfig
attribute to your project's package.json
. This config file must include an extends
member:
{
"eslintConfig": {
"extends": "suade"
}
}
See the ESLint configuration guide for details on additional configuration options. Any rules configured in your package.json
file will override those provided by the eslint-config-suade
package.
Setup an npm command in your project's package.json. Make sure you run this as part of the code analysis in your project's CI pipeline. The plugin eslint-plugin-prettier
runs prettier as an eslint rule, so you only need to run the eslint command.
{
"scripts": {
"lint": "eslint src"
}
}
It is also helpful to configure your IDE to run the linter as you code. See the ESLint integration page to find details on configuring your editor to warn you of ESLint errors.
If you are installing this package in an existing project, when you run eslint src
it will likely return a number of warnings/errors. To fix these run the command eslint --fix
and prettier write .
if using prettier as well. These commands will overwrite and fix all eslint and prettier errors. See the ESLint CLI and Prettier CLI documentation to find out more.
If you want to ignore certain files, just include a .eslintignore
or .prettierignore
file.
The eslint-config-suade project contains two types of configuration profiles for you to choose from. See the examples directory for usage examples and how the profiles differ.
suade
(base/eslint only config)This config contains eslint config rules only (no html or css) and is NOT recommended for use in new Suade Lab projects. It should only be used in existing projects as a step toward using the prettier profile.
Example configuration in package.json
:
{
"eslintConfig": {
"extends": "suade"
}
}
suade/prettier
(eslint and prettier config)This config extends the base config to include prettier code formatting and enables prettier specific rules for formatting HTML, JS and CSS. You can override prettier by including a prettier key in your package.json or see here for other configuration file types. However, prettier is an opinionated code formatter and the maintainers do not encourage using options, read more here.
"By far the biggest reason for adopting Prettier is to stop all the ongoing debates over styles."
Example configuration in package.json
:
{
"eslintConfig": {
"extends": "suade/prettier",
},
"prettier": {}
}
FAQs
ESLint config for Suade Labs
The npm package eslint-config-suade receives a total of 1 weekly downloads. As such, eslint-config-suade popularity was classified as not popular.
We found that eslint-config-suade demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.