Security News
Fluent Assertions Faces Backlash After Abandoning Open Source Licensing
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
eslint-plugin-promise
Advanced tools
The eslint-plugin-promise package is an ESLint plugin that enforces best practices and common idioms for dealing with promises in JavaScript. It provides a set of rules that catch common mistakes and enforce conventions when working with promises.
Avoiding creation of new promises outside of utility libraries
This rule ensures that the executor function of a new Promise has the parameters named 'resolve' and 'reject'.
/* eslint promise/param-names: 'error' */
new Promise((resolve, reject) => { /* executor function */ });
Ensuring that each time a then() is applied to a promise, a catch() is applied as well
This rule enforces the use of catch() on unhandled promises.
/* eslint promise/catch-or-return: 'error' */
promise.then(function(data) {
// handle data
}).catch(function(error) {
// handle error
});
Enforcing the return of a promise in certain contexts
This rule ensures that promise chains always return a value, preventing silent failures and unhandled rejections.
/* eslint promise/always-return: 'error' */
function foo() {
return doSomething().then(function() {
// do something else
return 'result';
});
}
This plugin provides ESLint rules for async/await syntax, which is related to promises. It helps to enforce best practices and catch common mistakes when using async/await, but it does not focus on promises directly.
Part of the 'eslint-plugin-standard' plugin includes rules that are applicable to promises, as it adheres to the JavaScript Standard Style. However, it covers a broader range of JavaScript features and is not solely focused on promises.
Enforce best practices for JavaScript promises.
You'll first need to install ESLint:
$ npm install eslint --save-dev
Next, install eslint-plugin-promise
:
$ npm install eslint-plugin-promise --save-dev
Note: If you installed ESLint globally (using the -g
flag) then you must
also install eslint-plugin-promise
globally.
Add promise
to the plugins section of your .eslintrc
configuration file. You
can omit the eslint-plugin-
prefix:
{
"plugins": ["promise"]
}
Then configure the rules you want to use under the rules section.
{
"rules": {
"promise/always-return": "error",
"promise/no-return-wrap": "error",
"promise/param-names": "error",
"promise/catch-or-return": "error",
"promise/no-native": "off",
"promise/no-nesting": "warn",
"promise/no-promise-in-callback": "warn",
"promise/no-callback-in-promise": "warn",
"promise/avoid-new": "warn",
"promise/no-new-statics": "error",
"promise/no-return-in-finally": "warn",
"promise/valid-params": "warn"
}
}
or start with the recommended rule set
{
"extends": ["plugin:promise/recommended"]
}
rule | description | recommended | fixable |
---|---|---|---|
catch-or-return | Enforces the use of catch() on un-returned promises. | :bangbang: | |
no-return-wrap | Avoid wrapping values in Promise.resolve or Promise.reject when not needed. | :bangbang: | |
param-names | Enforce consistent param names when creating new promises. | :bangbang: | :wrench: |
always-return | Return inside each then() to create readable and reusable Promise chains. | :bangbang: | |
no-native | In an ES5 environment, make sure to create a Promise constructor before using. | ||
no-nesting | Avoid nested then() or catch() statements | :warning: | |
no-promise-in-callback | Avoid using promises inside of callbacks | :warning: | |
no-callback-in-promise | Avoid calling cb() inside of a then() (use nodeify instead) | :warning: | |
avoid-new | Avoid creating new promises outside of utility libs (use pify instead) | ||
no-new-statics | Avoid calling new on a Promise static method | :bangbang: | |
no-return-in-finally | Disallow return statements in finally() | :warning: | |
valid-params | Ensures the proper number of arguments are passed to Promise functions | :warning: | |
prefer-await-to-then | Prefer await to then() for reading Promise values | :seven: | |
prefer-await-to-callbacks | Prefer async/await to the callback pattern | :seven: |
Key
icon | description |
---|---|
:bangbang: | Reports as error in recommended configuration |
:warning: | Reports as warning in recommended configuration |
:seven: | ES2017 Async Await rules |
:wrench: | Rule is fixable with eslint --fix |
FAQs
Enforce best practices for JavaScript promises
The npm package eslint-plugin-promise receives a total of 3,734,624 weekly downloads. As such, eslint-plugin-promise popularity was classified as popular.
We found that eslint-plugin-promise demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.