Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
eslint-plugin-node
Advanced tools
The eslint-plugin-node package is an ESLint plugin that contains rules that are specific to Node.js development. It helps in identifying issues related to syntax and patterns that are not optimal or could lead to errors in a Node.js context.
Process Exit As Throw
This rule treats calls to process.exit() as throw statements, which can be useful for highlighting an unexpected termination of the Node.js process.
/* eslint node/no-process-exit: 'error' */
process.exit(1);
No Deprecated API
This rule prevents the use of deprecated Node.js APIs to encourage best practices and avoid potential future issues with deprecated methods.
/* eslint node/no-deprecated-api: 'error' */
const domain = require('domain');
No Missing Imports
This rule ensures that all modules that are imported into a file are actually resolvable, helping to catch typos and incorrect module names.
/* eslint node/no-missing-import: 'error' */
import someModule from 'nonexistent-module';
No Unpublished Bin
This rule checks that all files referenced in the 'bin' field of package.json are actually published, preventing issues with npm packages.
/* eslint node/no-unpublished-bin: 'error' */
{
"bin": "bin/nonexistent.js"
}
This package provides similar functionality to eslint-plugin-node in terms of managing imports and exports in your code. It includes features like ensuring imports point to a file/module that can be resolved.
While eslint-plugin-node focuses on Node.js-specific rules, eslint-plugin-promise provides rules that are specific to the use of promises in JavaScript, which can be relevant in Node.js for handling asynchronous operations.
This package focuses on identifying potential security issues in Node.js code, which complements eslint-plugin-node's focus on Node.js best practices and avoiding deprecated or problematic patterns.
Additional ESLint's rules for Node.js
> npm install --save-dev eslint eslint-plugin-node
.eslintrc
{
"plugins": ["node"],
"extends": ["eslint:recommended", "plugin:node/recommended"]
}
This plugin provides plugin:node/recommended
preset config.
This preset config:
Note: It recommends a use of the "engines" field of package.json. The "engines" field is used by no-unsupported-features rule.
Rule ID | Description | ||
---|---|---|---|
:star: | no-deprecated-api | Disallow deprecated API. | |
no-missing-import | Disallow import and export declarations for files that don't exist. | ||
:star: | no-missing-require | Disallow require() s for files that don't exist. | |
no-unpublished-import | Disallow import and export declarations for files that are not published. | ||
:star: | no-unpublished-require | Disallow require() s for files that are not published. | |
:star: | no-unsupported-features | Disallow unsupported ECMAScript features on the specified version. | |
process-exit-as-throw | Make the same code path as throw at process.exit() . (⚠ Experimental) | ||
:star: | :pencil: | shebang | Suggest correct usage of shebang. |
eslint-plugin-node
follows semantic versioning and ESLint's Semantic Versioning Policy.
eslint-plugin-node
reporting fewer errors.eslint-plugin-node
reporting more errors.Q: The no-missing-import
/ no-missing-require
rules don't work with nested folders in SublimeLinter-eslint
A: See context.getFilename() in rule returns relative path in the SublimeLinter-eslint FAQ.
FAQs
Additional ESLint's rules for Node.js
The npm package eslint-plugin-node receives a total of 2,669,469 weekly downloads. As such, eslint-plugin-node popularity was classified as popular.
We found that eslint-plugin-node demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.