Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
eslint-plugin-shopify
Advanced tools
Shopify’s ESLint rules and configs.
You'll first need to install ESLint:
$ npm i eslint --save-dev
Next, install eslint-plugin-shopify
:
$ npm install eslint-plugin-shopify --save-dev
Note: If you installed ESLint globally (using the -g
flag) then you must also install eslint-plugin-shopify
globally.
Shopify’s ESLint configs come bundled in this package. In order to use them, you simply extend the relevant configuration in your project’s .eslintrc
. For example, the following will extend the ESNext (ES2015 and later) config:
{
"extends": "plugin:shopify/esnext"
}
If using React, extend the React version of the configuration (which adds some React-specific rules to those in the ESNext config):
{
"extends": "plugin:shopify/react"
}
If working on an ES5 project, extend the ES5 version of the configuration:
{
"extends": "plugin:shopify/es5"
}
You can also add some "augmenting" configs on top of the "core" config by extending an array of linting configs. For example, this package provides a lodash linting config, which can be added to the ESNext config with the following configuration file:
{
"extends": [
"plugin:shopify/esnext",
"plugin:shopify/lodash",
"plugin:shopify/mocha"
]
}
This plugin provides the following core configurations:
This plugin also provides the following tool-specific configurations, which can be used on top of the core configurations:
If you are working on a node module, we also provide the node configuration for you. Note that this configuration needs to be used in conjunction with one of the core configurations (either es5
or esnext
). If you plan to transpile your code using Babel, use the esnext
config. If you do not plan to do so, the config you choose depends on the version of node you wish to support, and how many ESNext features are natively available in that version. You can see a detailed list of what version of node supports what new JavaScript features by visiting http://node.green.
A node project that will use Babel for transpilation would need the following ESLint config:
{
"extends": [
"plugin:shopify/esnext",
"plugin:shopify/node"
]
}
This plugin provides the following custom rules, which are included as appropriate in all core linting configs:
$
.The easiest way to add new rules is to use the ESLint Yeoman generator. Running yo eslint:rule
from the root of this project should add the required main file, docs, and test for your new rules. Make sure that these are all filled out and consistent with the other rules before merging. All tests can be run using npm test
.
FAQs
Shopify’s ESLint rules and configs.
The npm package eslint-plugin-shopify receives a total of 4,414 weekly downloads. As such, eslint-plugin-shopify popularity was classified as popular.
We found that eslint-plugin-shopify demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.