Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
eslint-plugin-relay
Advanced tools
eslint-plugin-relay
is a plugin for ESLint to catch common problems in code using Relay early.
npm i --save-dev eslint-plugin-relay
"relay"
to your eslint plugins
section."relay/graphql-syntax": "error"
to your eslint rules
section, see the example for all rules.Example .eslintrc.js:
module.exports = {
// Other eslint properties here
rules: {
'relay/graphql-syntax': 'error',
'relay/compat-uses-vars': 'warn',
'relay/graphql-naming': 'error',
'relay/generated-flow-types': 'warn',
'relay/must-colocate-fragment-spreads': 'warn',
'relay/no-future-added-value': 'warn',
'relay/unused-fields': 'warn',
'relay/function-required-argument': 'warn',
'relay/hook-required-argument': 'warn'
},
plugins: ['relay']
};
You can also enable all the recommended or strict rules at once.
Add plugin:relay/recommended
or plugin:relay/strict
in extends
:
{
"extends": [
"plugin:relay/recommended"
]
}
The following rules support suppression within graphql tags:
Supported rules can be suppressed by adding # eslint-disable-next-line relay/name-of-rule
to the preceding line:
graphql`fragment foo on Page {
# eslint-disable-next-line relay/must-colocate-fragment-spreads
...unused1
}`
Note that only the eslint-disable-next-line
form of suppression works. eslint-disable-line
doesn't currently work until graphql-js provides support for parsing Comment nodes in their AST.
We actively welcome pull requests, learn how to contribute.
eslint-plugin-relay
is MIT licensed.
FAQs
ESLint plugin for Relay.
The npm package eslint-plugin-relay receives a total of 61,435 weekly downloads. As such, eslint-plugin-relay popularity was classified as popular.
We found that eslint-plugin-relay demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.