Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
eslint-plugin-always
Advanced tools
ESLint plugin that always reports with a configurable message.
Simply reports ALWAYS!
There is a reason why we want to do so! See Why?
$ yarn add eslint-plugin-always --dev
Add the plugin to your ESLint configuration:
{
"plugins": [
"always"
]
}
And then add the following rule:
{
"rules": {
"always/always": ["error", {
"message": "Hello World"
}]
}
}
I need to notice the team members that the new folder must contain a ESLint configuration.
Notice
I will simply show you the use case which is the reason why I created this plugin.
There is a cartridges/
folder in the project. This folder contains multiple packages which may need a different ESLint configuration.
The surrounding application uses another ESLint configuration.
But this configuration isn't applicable for the packages in the cartridges/
folder.
├── cartridges
│ ├── app_foo
│ │ ├── .eslintrc.json
│ ├── int_foo
│ │ ├── .eslintrc.json
│ ├── int_bar
│ │ ├── .eslintrc.json
│ ├── int_new <-- DETECT WHY THIS FOLDER DOESN'T HAVE A LINT CONFIGURATION
│ ├── bc_foo
│ │ ├── .eslintrc.json
│ ├── .eslintrc.json <-- THE FILE THAT ENABLES THIS RULE AND CONTAINING root: true
├── packages.json <-- CONTAINING THE SURROUNDING LINT CONFIGURATION
For a new package cartidges/int_new
a valid ESLint configuration must be added.
cartridges/.eslintrc.json
resets the ESLint configuration and adds this rule.
{
"root": true,
"plugins": [
"always"
],
"rules": {
"always/always": ["error", {
"message": "No ESLint config found. Please add one or ignore the cartridge."
}]
}
}
So all files in this folder structure won't check any ESLint rules. The subfolders must contain ESLint configurations which can differ between each subfolder.
For the case that someone adds a subfolder and forgets the ESLint configuration this rule was created. So every file within the subfolder will report an error
No ESLint config found. Please add one or ignore the cartridge.
MIT © 2023 Jens Simon
FAQs
ESLint plugin that always reports with configurable message
The npm package eslint-plugin-always receives a total of 513 weekly downloads. As such, eslint-plugin-always popularity was classified as not popular.
We found that eslint-plugin-always demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.