eslint-plugin-no-react-component-snapshots
Advanced tools
eslint-plugin-no-react-component-snapshots - npm Package Compare versions
Comparing version 0.0.1-security to 1.0.1
| { | ||
| "name": "eslint-plugin-no-react-component-snapshots", | ||
| "version": "0.0.1-security", | ||
| "description": "security holding package", | ||
| "repository": "npm/security-holder", | ||
| "dependencies": {} | ||
| "name": "eslint-plugin-no-react-component-snapshots", | ||
| "version": "1.0.1", | ||
| "description": "Disallows the use of React component snapshots.", | ||
| "keywords": [ | ||
| "eslint", | ||
| "eslintplugin", | ||
| "eslint-plugin" | ||
| ], | ||
| "author": "Riley Gowan", | ||
| "main": "lib/index.js", | ||
| "repository": "git://github.com/rileygowan/eslint-plugin-no-react-component-snapshots", | ||
| "scripts": { | ||
| "lint": "eslint .", | ||
| "test": "mocha tests --recursive" | ||
| }, | ||
| "dependencies": { | ||
| "requireindex": "^1.1.0" | ||
| }, | ||
| "devDependencies": { | ||
| "eslint": "^7.1.0", | ||
| "eslint-plugin-eslint-plugin": "^3.2.0", | ||
| "eslint-plugin-node": "^11.0.0", | ||
| "mocha": "^9.0.0" | ||
| }, | ||
| "engines": { | ||
| "node": "12.x || 14.x || >= 16" | ||
| }, | ||
| "peerDependencies": { | ||
| "eslint": ">=6" | ||
| }, | ||
| "license": "MIT" | ||
| } |
@@ -1,7 +0,37 @@ | ||
| # Security holding package | ||
| # eslint-plugin-no-react-component-snapshots | ||
| This package name is not currently in use, but was formerly occupied | ||
| by another package. To avoid malicious use, npm is hanging on to the | ||
| package name. | ||
| Disallows the use of React component snapshots. | ||
| ## Installation | ||
| You'll first need to install [ESLint](https://eslint.org/): | ||
| ```sh | ||
| npm i eslint --save-dev | ||
| ``` | ||
| Next, install `eslint-plugin-no-react-component-snapshots`: | ||
| ```sh | ||
| npm install eslint-plugin-no-react-component-snapshots --save-dev | ||
| ``` | ||
| ## Usage | ||
| Add `no-react-component-snapshots` to the plugins section of your `.eslintrc` configuration file. You can omit the `eslint-plugin-` prefix: | ||
| ```json | ||
| { | ||
| "plugins": ["no-react-component-snapshots"] | ||
| } | ||
| ``` | ||
| Then configure the rules you want to use under the rules section. | ||
| ```json | ||
| { | ||
| "rules": { | ||
| "no-react-component-snapshots/no-react-component-snapshots": 2 | ||
| } | ||
| } | ||
| ``` |
New alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
Fixed alerts
Known malware
Supply chain riskThis package is malware. We have asked the package registry to remove it.
Found 1 instance in 1 package
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
No contributors or author data
MaintenancePackage does not specify a list of contributors or an author in package.json.
Found 1 instance in 1 package
No License Found
License(Experimental) License information could not be found.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1485.25%
5913
- Number of package files
- increased by300%
8
- Number of low license alerts
- decreased by-100%
0
- Lines of code
- increased byInfinity%
122
- Number of low maintenance alerts
- decreased by-50%
1
- Number of low quality alerts
- decreased by-50%
1
- Number of lines in readme file
- increased by375%
38
- Number of critical supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Dependency count
- increased byInfinity%
2
- Dev dependency count
- increased byInfinity%
4
- Number of low supply chain risk alerts
- increased by100%
2
Dependency changes
+ Addedrequireindex@^1.1.0
+ Added@eslint-community/eslint-utils@4.4.1(transitive)
+ Added@eslint-community/regexpp@4.12.1(transitive)
+ Added@eslint/config-array@0.19.2(transitive)
+ Added@eslint/core@0.10.0(transitive)
+ Added@eslint/eslintrc@3.2.0(transitive)
+ Added@eslint/js@9.19.0(transitive)
+ Added@eslint/object-schema@2.1.6(transitive)
+ Added@eslint/plugin-kit@0.2.5(transitive)
+ Added@humanfs/core@0.19.1(transitive)
+ Added@humanfs/node@0.16.6(transitive)
+ Added@humanwhocodes/module-importer@1.0.1(transitive)
+ Added@humanwhocodes/retry@0.3.10.4.1(transitive)
+ Added@types/estree@1.0.6(transitive)
+ Added@types/json-schema@7.0.15(transitive)
+ Addedacorn@8.14.0(transitive)
+ Addedacorn-jsx@5.3.2(transitive)
+ Addedajv@6.12.6(transitive)
+ Addedansi-styles@4.3.0(transitive)
+ Addedargparse@2.0.1(transitive)
+ Addedbalanced-match@1.0.2(transitive)
+ Addedbrace-expansion@1.1.11(transitive)
+ Addedcallsites@3.1.0(transitive)
+ Addedchalk@4.1.2(transitive)
+ Addedcolor-convert@2.0.1(transitive)
+ Addedcolor-name@1.1.4(transitive)
+ Addedconcat-map@0.0.1(transitive)
+ Addedcross-spawn@7.0.6(transitive)
+ Addeddebug@4.4.0(transitive)
+ Addeddeep-is@0.1.4(transitive)
+ Addedescape-string-regexp@4.0.0(transitive)
+ Addedeslint@9.19.0(transitive)
+ Addedeslint-scope@8.2.0(transitive)
+ Addedeslint-visitor-keys@3.4.34.2.0(transitive)
+ Addedespree@10.3.0(transitive)
+ Addedesquery@1.6.0(transitive)
+ Addedesrecurse@4.3.0(transitive)
+ Addedestraverse@5.3.0(transitive)
+ Addedesutils@2.0.3(transitive)
+ Addedfast-deep-equal@3.1.3(transitive)
+ Addedfast-json-stable-stringify@2.1.0(transitive)
+ Addedfast-levenshtein@2.0.6(transitive)
+ Addedfile-entry-cache@8.0.0(transitive)
+ Addedfind-up@5.0.0(transitive)
+ Addedflat-cache@4.0.1(transitive)
+ Addedflatted@3.3.2(transitive)
+ Addedglob-parent@6.0.2(transitive)
+ Addedglobals@14.0.0(transitive)
+ Addedhas-flag@4.0.0(transitive)
+ Addedignore@5.3.2(transitive)
+ Addedimport-fresh@3.3.1(transitive)
+ Addedimurmurhash@0.1.4(transitive)
+ Addedis-extglob@2.1.1(transitive)
+ Addedis-glob@4.0.3(transitive)
+ Addedisexe@2.0.0(transitive)
+ Addedjs-yaml@4.1.0(transitive)
+ Addedjson-buffer@3.0.1(transitive)
+ Addedjson-schema-traverse@0.4.1(transitive)
+ Addedjson-stable-stringify-without-jsonify@1.0.1(transitive)
+ Addedkeyv@4.5.4(transitive)
+ Addedlevn@0.4.1(transitive)
+ Addedlocate-path@6.0.0(transitive)
+ Addedlodash.merge@4.6.2(transitive)
+ Addedminimatch@3.1.2(transitive)
+ Addedms@2.1.3(transitive)
+ Addednatural-compare@1.4.0(transitive)
+ Addedoptionator@0.9.4(transitive)
+ Addedp-limit@3.1.0(transitive)
+ Addedp-locate@5.0.0(transitive)
+ Addedparent-module@1.0.1(transitive)
+ Addedpath-exists@4.0.0(transitive)
+ Addedpath-key@3.1.1(transitive)
+ Addedprelude-ls@1.2.1(transitive)
+ Addedpunycode@2.3.1(transitive)
+ Addedrequireindex@1.2.0(transitive)
+ Addedresolve-from@4.0.0(transitive)
+ Addedshebang-command@2.0.0(transitive)
+ Addedshebang-regex@3.0.0(transitive)
+ Addedstrip-json-comments@3.1.1(transitive)
+ Addedsupports-color@7.2.0(transitive)
+ Addedtype-check@0.4.0(transitive)
+ Addeduri-js@4.4.1(transitive)
+ Addedwhich@2.0.2(transitive)
+ Addedword-wrap@1.2.5(transitive)
+ Addedyocto-queue@0.1.0(transitive)