Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
eslint-plugin-inclusive-language
Advanced tools
An ESLint plugin to raise awareness for using inclusive language not only in your codebase, but in life.
An ESLint plugin to raise awareness for using inclusive language not only in your codebase, but in life.
If you're upgrading from 1.x.x. to 2.x.x, please read the migration document here first.
This is a great question to ask.
Lets start with a general definition of "inclusive language":
Inclusive language is language that is free from words, phrases or tones that reflect prejudiced, stereotyped or discriminatory views of particular people or groups. It is also language that doesn’t deliberately or inadvertently exclude people from being seen as part of a group. (Source)
While it sounds obvious to adhere to use language that is inclusive, it may not always be as obvious to apply as you think. Sometimes it can also be subtle, and you're just not aware. Especially when you're using language that is not your first language. I am speaking out of my own experience.
Let me give you a simple example (where I had to unlearn non-inclusive behavior myself): How often do you use the term "hey guys" when addressing a group of people? And how often can you say with 100% certainty that all members of that group identify as male? In English lessons I learned many decades ago that it's OK to use "guys" to address any group. In reality it's not OK, and adjusting (in this case my own) language helps others to be more included in conversations.
There are many terms that we can have really looooong arguments about if they are inclusive, or non-inclusive. And there are many that are really obvious. Depending on your first language, it can be even more difficult to differentiate.
This plugin contains, for now, four terms, where IMHO the tech industry as a whole is coming to/came to a consensus to change (the existing) standards. It will grow, over time. If you want to see some of this for yourself, there is a discussion about these terms here.
Now, if you ask yourself "Do I really need this plugin?"... read further.
There may be a high likelihood you won't need it. You still may want to use it though.
First, if you read all this text, and if you haven't been aware of this topic until now, then I've reached my goal for this project. Think about it, read about it (there's plenty of information on the internet), discuss with your colleagues and friends, and hopefully apply a more inclusive language.
Second, if you want to raise awareness, using this plugin is an option (eventually not the only one). Just having it in your codebase, and with that eventually bringing people to this repository and text, is a step. When more people learn, more people will apply these patterns to their own language.
Third, if you want to participate, you can open issues on the repo. Or customize this plugin for your own usage or language, fork the repository, whatever you prefer. I don't care really about npm installs, or stars on this particular repo. I care that you start learning about inclusive language, and how to apply it. It's still a journey for me, unlearning many different behaviours.
Ok, you're here, so let's come to the technical part.
You'll first need to install ESLint:
$ npm i eslint --save-dev
Next, install eslint-plugin-inclusive-language
:
$ npm install eslint-plugin-inclusive-language --save-dev
Note: If you installed ESLint globally (using the -g
flag) then you must also install eslint-plugin-inclusive-language
globally.
Add inclusive-language
to the plugins section of your .eslintrc
configuration file. You can omit the eslint-plugin-
prefix:
{
"plugins": ["inclusive-language"]
}
Then configure the rule use-inclusive-words
.
{
"rules": {
"inclusive-language/use-inclusive-words": "error"
}
}
That's it. You can find information on how to customize it in the rule documentation.
FAQs
An ESLint plugin to raise awareness for using inclusive language not only in your codebase, but in life.
The npm package eslint-plugin-inclusive-language receives a total of 14,588 weekly downloads. As such, eslint-plugin-inclusive-language popularity was classified as popular.
We found that eslint-plugin-inclusive-language demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.