Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
eslint-plugin-node
Advanced tools
The eslint-plugin-node package is an ESLint plugin that contains rules that are specific to Node.js development. It helps in identifying issues related to syntax and patterns that are not optimal or could lead to errors in a Node.js context.
Process Exit As Throw
This rule treats calls to process.exit() as throw statements, which can be useful for highlighting an unexpected termination of the Node.js process.
/* eslint node/no-process-exit: 'error' */
process.exit(1);
No Deprecated API
This rule prevents the use of deprecated Node.js APIs to encourage best practices and avoid potential future issues with deprecated methods.
/* eslint node/no-deprecated-api: 'error' */
const domain = require('domain');
No Missing Imports
This rule ensures that all modules that are imported into a file are actually resolvable, helping to catch typos and incorrect module names.
/* eslint node/no-missing-import: 'error' */
import someModule from 'nonexistent-module';
No Unpublished Bin
This rule checks that all files referenced in the 'bin' field of package.json are actually published, preventing issues with npm packages.
/* eslint node/no-unpublished-bin: 'error' */
{
"bin": "bin/nonexistent.js"
}
This package provides similar functionality to eslint-plugin-node in terms of managing imports and exports in your code. It includes features like ensuring imports point to a file/module that can be resolved.
While eslint-plugin-node focuses on Node.js-specific rules, eslint-plugin-promise provides rules that are specific to the use of promises in JavaScript, which can be relevant in Node.js for handling asynchronous operations.
This package focuses on identifying potential security issues in Node.js code, which complements eslint-plugin-node's focus on Node.js best practices and avoiding deprecated or problematic patterns.
Additional ESLint's rules for Node.js
> npm install --save-dev eslint eslint-plugin-node
^4.0.0 || >=6.0.0
>=3.1.0
Note: It recommends a use of the "engines" field of package.json. The "engines" field is used by no-unsupported-features rule.
.eslintrc.json (An example)
{
"plugins": ["node"],
"extends": ["eslint:recommended", "plugin:node/recommended"],
"rules": {
"node/exports-style": ["error", "module.exports"],
}
}
package.json (An example)
{
"name": "your-module",
"version": "1.0.0",
"engines": {
"node": ">=4.0.0"
}
}
Rule ID | Description | ||
---|---|---|---|
exports-style | Enforce either module.exports or exports . | ||
:star: | no-deprecated-api | Disallow deprecated API. | |
no-hide-core-modules | Disallow third-party modules which are hiding core modules. | ||
no-missing-import | Disallow import declarations for files that don't exist. :warning: | ||
:star: | no-missing-require | Disallow require() s for files that don't exist. | |
:star: | no-unpublished-bin | Disallow bin files that npm ignores. | |
no-unpublished-import | Disallow import declarations for files that npm ignores. :warning: | ||
:star: | no-unpublished-require | Disallow require() s for files that npm ignores. | |
:star: | no-unsupported-features | Disallow unsupported ECMAScript features on the specified version. | |
:star: | process-exit-as-throw | Make the same code path as throw at process.exit() . | |
:star: | :pencil: | shebang | Suggest correct usage of shebang. |
This plugin provides plugin:node/recommended
preset config.
This preset config:
process.exit()
.{ecmaVersion: 8}
into parserOptions
.no-missing-import
/ no-missing-require
rules don't work with nested folders in SublimeLinter-eslinteslint-plugin-node
follows semantic versioning and ESLint's Semantic Versioning Policy.
Welcome contributing!
Please use GitHub's Issues/PRs.
npm test
runs tests and measures coverage.npm run coverage
shows the coverage result of npm test
command.npm run clean
removes the coverage result of npm test
command.FAQs
Additional ESLint's rules for Node.js
The npm package eslint-plugin-node receives a total of 2,669,469 weekly downloads. As such, eslint-plugin-node popularity was classified as popular.
We found that eslint-plugin-node demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.