Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
eslint-plugin-import
Advanced tools
The eslint-plugin-import npm package is a plugin for ESLint that provides linting functionality for ES2015+ (ES6+) import/export syntax, and helps prevent issues with misspelling of file paths and import names, as well as other common mistakes in import declaration.
Static analysis
This feature checks for modules that are imported but cannot be resolved to a file in the file system. It helps in catching typos or incorrect paths in import statements.
"rules": { "import/no-unresolved": "error" }
Helpful warnings
This feature ensures that named imports correspond to a named export in the remote file. It prevents importing names that do not exist in the exported module.
"rules": { "import/named": "error" }
Style guide enforcement
This feature enforces a convention in module import order, making the code more readable and organized by ensuring a consistent order of imports.
"rules": { "import/order": "error" }
Preventing issues
This feature prevents exporting mutable bindings which can create hard to follow bugs due to their values being changed by other modules.
"rules": { "import/no-mutable-exports": "error" }
Forbidding certain imports
This feature allows you to restrict which files can be imported in a given folder, helping to enforce separation of concerns within your codebase.
"rules": { "import/no-restricted-paths": "error" }
This package provides similar linting rules for Node.js specific features and best practices. It includes rules that prevent issues related to file paths and imports, but is more focused on Node.js environment compatibility.
This is another plugin that focuses on linting ECMAScript 2015+ module syntax. However, it is not as widely used or as comprehensive as eslint-plugin-import.
This plugin is designed for linting RequireJS import syntax. It is similar in that it helps with module import issues, but it is specific to the RequireJS AMD module loader, whereas eslint-plugin-import is for ES2015+ module syntax.
This plugin intends to support linting of ES6 import syntax, and prevent issues with misspelling of file paths and import names. All the goodness that the ES6 static module syntax intends to provide, marked up in your editor.
Current support:
exists
)named
)default
)no-common
)namespace
)exists
Ensures an imported module exists, as defined by standard Node require.resolve
behavior.
named
Verifies that all named imports are part of the set of named exports in the referenced module.
Note that if there are no named exports, nor a default export, this rule will not report a mismatch, to allow Babel-style import
of CommonJS modules.
Provide the es6-only
option in your rule config if you would like to enforce this on all imports.
default
If a default import is requested, this rule will report if there is no default export in the imported module.
Note that if there are no named exports, nor a default export, this rule will not report a mismatch, to allow Babel-style import
of CommonJS modules.
Provide the es6-only
option in your rule config if you would like to enforce this on all imports.
no-common
Report for imports that are defined as CommonJS modules, identified by the presence of module.exports
or exports[...]
assignments within the module. Off by default.
namespace
Enforces names exist at the time they are dereferenced, when imported as a full namespace (i.e. import * as foo from './foo'; foo.bar();
will report if bar
is not exported by ./foo
.).
If remote module is CommonJS, will not attempt to enforce.
Will report at the import declaration if there are no exported names found.
Also, will report for computed references (i.e. foo["bar"]()
).
Implementation note: currently, this rule does not check for possible redefinition of the namespace in an intermediate scope. Adherence to the ESLint no-shadow
rule for namespaces will prevent this from being a problem.
FAQs
Import with sanity.
The npm package eslint-plugin-import receives a total of 22,834,092 weekly downloads. As such, eslint-plugin-import popularity was classified as popular.
We found that eslint-plugin-import demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.