🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
DemoInstallSign in
Socket
DemoInstallSign in

eslint-plugin-import-extensions

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

eslint-plugin-import-extensions

TypeScript [doesn't transform extensions](https://github.com/microsoft/TypeScript/issues/16577) and [doesn't enforce file extensions](https://github.com/microsoft/TypeScript/issues/42813).

0.1.5
latest
Source
npm
Version published
Weekly downloads
56
180%
Maintainers
1
Weekly downloads
 
Created
Source

eslint-plugin-import-extensions

TypeScript doesn't transform extensions and doesn't enforce file extensions.

This is a simple eslint plugin that ensures that relative imports and exports have extensions as desired (e.g. .js, .ts, .cjs, etc.). It also ensures that index files are explicitly imported.

This is a fork of eslint-plugin-require-extensions.

Credit for the original implementation goes to johnrees. ❤️

Install

npm install --save-dev eslint-plugin-require-extensions

Edit .eslintrc

{
    "extends": ["plugin:import-extensions/recommended"],
    "plugins": ["import-extensions"]
}

Rules Configuration

The default expectedExtensions option is ['js'], but you may override it and extensions will be used in priority order (most important first).

{
    "rules": {
        "import-extensions/require-extensions": ["error", { "expectedExtensions": ["ts"] }],

        "import-extensions/require-index": ["error", { "expectedExtensions": ["ts"] }]
    }
}

Code

// source.js

import Target from './target';

Lint

eslint .

source.js
  1:1  error  Relative imports and exports must end with .js  import-extensions/require-extensions

Fix

eslint --fix .

// source.js

import Target from './target.js';

FAQs

Package last updated on 25 Mar 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign

Research

Security News

60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign

Socket’s Threat Research Team has uncovered 60 npm packages using post-install scripts to silently exfiltrate hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.

By Kirill Boychenko  -  May 23, 2025