Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
eslint-plugin-n
Advanced tools
forked from eslint-plugin-node v11.1.0. as the original repository seems no longer maintained.
Additional ESLint rules for Node.js
npm install --save-dev eslint eslint-plugin-n
>=16.0.0
>=7.0.0
Note: It recommends a use of the "engines" field of package.json. The "engines" field is used by n/no-unsupported-features/*
rules.
{
"extends": ["eslint:recommended", "plugin:n/recommended"],
"parserOptions": {
"ecmaVersion": 2021
},
"rules": {
"n/exports-style": ["error", "module.exports"]
}
}
eslint.config.js
(requires eslint>=v8.23.0)const nodePlugin = require("eslint-plugin-n")
module.exports = [
nodePlugin.configs["flat/recommended-script"],
{
rules: {
"n/exports-style": ["error", "module.exports"]
}
}
]
package.json (An example)
{
"name": "your-module",
"version": "1.0.0",
"type": "commonjs",
"engines": {
"node": ">=8.10.0"
}
}
The rules get the supported Node.js version range from the following, falling back to the next if unspecified:
version
node.version
package.json
[engines
] field>=16.0.0
If you omit the [engines] field, this rule chooses >=16.0.0
as the configured Node.js version since 16
is the maintained lts (see also Node.js Release Working Group).
For Node.js packages, using the [engines
] field is recommended because it's the official way to indicate support:
{
"name": "your-module",
"version": "1.0.0",
"engines": {
"node": ">=16.0.0"
}
}
For Shareable Configs or packages with a different development environment (e.g. pre-compiled, web package, etc.), you can configure ESLint with settings.node.version
to specify support.
πΌ Configurations enabled in.
βοΈ Set in the flat/recommended
configuration.
π’ Set in the flat/recommended-module
configuration.
β
Set in the flat/recommended-script
configuration.
βοΈ Set in the recommended
configuration.
π’ Set in the recommended-module
configuration.
β
Set in the recommended-script
configuration.
π§ Automatically fixable by the --fix
CLI option.
β Deprecated.
NameΒ Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β | Description | πΌ | π§ | β |
---|---|---|---|---|
callback-return | require return statements after callbacks | |||
exports-style | enforce either module.exports or exports | π§ | ||
file-extension-in-import | enforce the style of file extensions in import declarations | π§ | ||
global-require | require require() calls to be placed at top-level module scope | |||
handle-callback-err | require error handling in callbacks | |||
no-callback-literal | enforce Node.js-style error-first callback pattern is followed | |||
no-deprecated-api | disallow deprecated APIs | βοΈ π’ β βοΈ π’ β | ||
no-exports-assign | disallow the assignment to exports | βοΈ π’ β βοΈ π’ β | ||
no-extraneous-import | disallow import declarations which import extraneous modules | βοΈ π’ β βοΈ π’ β | ||
no-extraneous-require | disallow require() expressions which import extraneous modules | βοΈ π’ β βοΈ π’ β | ||
no-hide-core-modules | disallow third-party modules which are hiding core modules | β | ||
no-missing-import | disallow import declarations which import non-existence modules | βοΈ π’ β βοΈ π’ β | ||
no-missing-require | disallow require() expressions which import non-existence modules | βοΈ π’ β βοΈ π’ β | ||
no-mixed-requires | disallow require calls to be mixed with regular variable declarations | |||
no-new-require | disallow new operators with calls to require | |||
no-path-concat | disallow string concatenation with __dirname and __filename | |||
no-process-env | disallow the use of process.env | |||
no-process-exit | disallow the use of process.exit() | βοΈ π’ β βοΈ π’ β | ||
no-restricted-import | disallow specified modules when loaded by import declarations | |||
no-restricted-require | disallow specified modules when loaded by require | |||
no-sync | disallow synchronous methods | |||
no-unpublished-bin | disallow bin files that npm ignores | βοΈ π’ β βοΈ π’ β | ||
no-unpublished-import | disallow import declarations which import private modules | βοΈ π’ β βοΈ π’ β | ||
no-unpublished-require | disallow require() expressions which import private modules | βοΈ π’ β βοΈ π’ β | ||
no-unsupported-features | disallow unsupported ECMAScript features on the specified version | β | ||
no-unsupported-features/es-builtins | disallow unsupported ECMAScript built-ins on the specified version | βοΈ π’ β βοΈ π’ β | ||
no-unsupported-features/es-syntax | disallow unsupported ECMAScript syntax on the specified version | βοΈ π’ β βοΈ π’ β | ||
no-unsupported-features/node-builtins | disallow unsupported Node.js built-in APIs on the specified version | βοΈ π’ β βοΈ π’ β | ||
prefer-global/buffer | enforce either Buffer or require("buffer").Buffer | |||
prefer-global/console | enforce either console or require("console") | |||
prefer-global/process | enforce either process or require("process") | |||
prefer-global/text-decoder | enforce either TextDecoder or require("util").TextDecoder | |||
prefer-global/text-encoder | enforce either TextEncoder or require("util").TextEncoder | |||
prefer-global/url | enforce either URL or require("url").URL | |||
prefer-global/url-search-params | enforce either URLSearchParams or require("url").URLSearchParams | |||
prefer-promises/dns | enforce require("dns").promises | |||
prefer-promises/fs | enforce require("fs").promises | |||
process-exit-as-throw | require that process.exit() expressions use the same code path as throw | βοΈ π’ β βοΈ π’ β | ||
shebang | require correct usage of shebang | βοΈ π’ β βοΈ π’ β | π§ |
Name | |
---|---|
π | flat/mixed-esm-and-cjs |
βοΈ | flat/recommended |
π’ | flat/recommended-module |
β | flat/recommended-script |
βοΈ | recommended |
π’ | recommended-module |
β | recommended-script |
About each config:
recommended
: Considers both CommonJS and ES Modules. If "type":"module"
field existed in package.json then it considers files as ES Modules. Otherwise it considers files as CommonJS. In addition, it considers *.mjs
files as ES Modules and *.cjs
files as CommonJS.recommended-module
: Considers all files as ES Modules.recommended-script
: Considers all files as CommonJS.These preset configs:
process.exit()
.{ecmaVersion: 2021}
and etc into parserOptions
.globals
.plugins
.Q: The no-missing-import
/ no-missing-require
rules don't work with nested folders in SublimeLinter-eslint
A: See context.getFilename() in rule returns relative path in the SublimeLinter-eslint FAQ.
Q: How to use the flat eslint config with mixed commonjs and es modules?
A: You can use the new exported flat config flat/mixed-esm-and-cjs
, an example:
const nodePlugin = require("eslint-plugin-n");
module.exports = [
...nodePlugin.configs["flat/mixed-esm-and-cjs"],
{
rules: {
"n/exports-style": ["error", "module.exports"],
},
},
]
eslint-plugin-n
follows semantic versioning and ESLint's Semantic Versioning Policy.
Deprecated rules follow ESLint's deprecation policy.
Welcome contributing!
Please use GitHub's Issues/PRs.
npm test
runs tests and measures coverage.npm run coverage
shows the coverage result of npm test
command.npm run clean
removes the coverage result of npm test
command.FAQs
Additional ESLint's rules for Node.js
The npm package eslint-plugin-n receives a total of 2,379,799 weekly downloads. As such, eslint-plugin-n popularity was classified as popular.
We found that eslint-plugin-n demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago.Β It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISAβs 2024 report highlights the EUβs top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.