Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
eslint-plugin-compat
Advanced tools
Readme
Lint the browser compatibility of your code
npm install eslint-plugin-compat
.eslintrc.json
{
"plugins": ["compat"],
"extends": ["plugin:compat/recommended"],
"env": {
"browser": true
}
// ...
}
Browser targets are configured using browserslist. You can configure browser targets in your package.json
:
package.json
{
// ...
"browserslist": ["defaults"]
}
If no configuration is found, browserslist defaults to "> 0.5%, last 2 versions, Firefox ESR, not dead"
.
See browserslist/browserslist for more details.
Add polyfills to the settings section of your eslint config. Append the name of the object and the property if one exists. Here are some examples:
{
// ...
"settings": {
"polyfills": [
// Example of marking entire API and all methods and properties as polyfilled
"Promise",
// Example of marking specific method of an API as polyfilled
"WebAssembly.compile",
// Example of API with no property (i.e. a function)
"fetch",
// Example of instance method, must add `.prototype.`
"Array.prototype.push"
]
}
}
This plugin also supports linting the compatibility of ES APIs in addition to Web APIs. This is an experimental feature and is disabled by default. To enable this feature, add the following to your eslint config:
{
// ...
"settings": {
"lintAllEsApis": true
}
}
Browserslist allows specifying different browser queries for multiple environments. By default, this plugin targets the production
browserslist environment. To change this default, set the settings.browserslistOpts.env
property in your eslint config:
Example:
A browserslist with multiple environments:
"browserslist": {
"production": [
"> 1%",
"not dead"
],
"modern": [
"last 1 chrome version",
"last 1 firefox version"
]
}
Target modern
browserslist environment:
{
"settings": {
"browserslistOpts": {
"env": "modern"
}
}
}
For a minimal demo, see amilajack/eslint-plugin-compat-demo
Toolchains for native platforms, like iOS and Android, have had API linting from the start. It's about time that the web had similar tooling.
This project was inspired by a two hour conversation I had with someone on the experience of web development and if it is terrible or not. The premise they argued was that x
browser doesn't support y
feature while z
browser does. Eventually, I agreed with him on this and made this plugin to save web developers from having to memorize the browser compatibility of WebAPIs.
This project exists thanks to all the people who contribute. [Contribute].
Become a financial contributor and help us sustain our community. [Contribute]
Support this project with your organization. Your logo will show up here with a link to your website. [Contribute]
FAQs
Lint browser compatibility of API used
We found that eslint-plugin-compat demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.