Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
eslint-plugin-es
Advanced tools
The eslint-plugin-es npm package is a plugin for ESLint that provides linting rules for ES2015+ (ES6+) code. It helps developers to follow best practices and avoid common pitfalls when writing modern JavaScript.
Linting for new syntax
This feature allows developers to enforce rules that prevent the use of certain ES2015+ syntax. In the code sample, the rule 'no-arrow-functions' is set to 'error', which means ESLint will report an error if an arrow function is used.
"rules": {
"es/no-arrow-functions": "error"
}
Disallowing specific ES features
With this feature, developers can disallow the use of specific ES features that they do not want in their codebase. The code sample shows how to disallow template literals by setting the 'no-template-literals' rule to 'error'.
"rules": {
"es/no-template-literals": "error"
}
Configurable rules for ES versions
This feature allows developers to configure ESLint to only allow features from certain versions of ECMAScript. In the code sample, all ES2015 features are disabled.
"settings": {
"es": { "features": { "[ES2015]": false } }
}
This package provides linting rules to ensure compatibility with specific browser versions. It is similar to eslint-plugin-es in that it helps with writing code that conforms to certain constraints, but it focuses on browser compatibility rather than ECMAScript versions.
eslint-plugin-node offers linting rules that are specific to Node.js development. It includes rules that prevent issues related to Node.js features and APIs. While eslint-plugin-es focuses on ECMAScript syntax, eslint-plugin-node focuses on Node.js environment rules.
This plugin provides a set of rules related to ES6+ import/export syntax. It helps in managing module imports, ensuring proper syntax and order. It complements eslint-plugin-es by focusing on module system rules, whereas eslint-plugin-es focuses on a broader range of ECMAScript features.
ESLint plugin which disallows each ECMAScript syntax.
Espree, the default parser of ESLint, has supported ecmaVersion
option.
However, the error messages of new syntax are not readable (e.g., "unexpected token" or something like).
When we use this plugin along with the latest ecmaVersion
option value, it tells us the readable error message for the new syntax, such as "ES2020 BigInt is forbidden."
Plus, this plugin lets us disable each syntactic feature individually.
See documentation
This plugin follows semantic versioning and ESLint's semantic versioning policy.
See releases.
Welcome contributing!
Please use GitHub's Issues/PRs.
npm test
runs tests and measures coverage.npm run clean
removes the coverage result of npm test
command.npm run coverage
shows the coverage result of the last npm test
command.npm run docs:build
builds documentation.npm run docs:watch
builds documentation on each file change.npm run watch
runs tests on each file change.FAQs
ESLint plugin about ECMAScript syntactic features.
The npm package eslint-plugin-es receives a total of 3,714,933 weekly downloads. As such, eslint-plugin-es popularity was classified as popular.
We found that eslint-plugin-es demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.