Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
eslint-plugin-simple-import-sort
Advanced tools
Package description
The eslint-plugin-simple-import-sort package is an ESLint plugin that automatically sorts import statements in your JavaScript and TypeScript files. It helps in maintaining a consistent order of imports, making the codebase easier to read and maintain. It can sort imports alphabetically, group and separate different types of imports, and remove duplicate imports.
Sorting import statements
This feature automatically sorts import statements alphabetically and groups them. After running ESLint with this plugin, the imports would be sorted as follows: import React from 'react'; import z from 'zoo'; import { a, b } from 'alphabet'; import { c as cat, d as dog } from 'animals';
import React from 'react';
import { b, a } from 'alphabet';
import z from 'zoo';
import { d as dog, c as cat } from 'animals';
Grouping and separating imports
This feature groups and separates imports by their origin. Built-in modules, external modules, internal modules, and local modules are grouped together and separated by a blank line. After sorting, the imports would be grouped as follows: import fs from 'fs'; import path from 'path'; import React from 'react'; import myLocalModule from './myLocalModule';
import fs from 'fs';
import path from 'path';
import myLocalModule from './myLocalModule';
import React from 'react';
Removing duplicate imports
This feature detects and removes duplicate import statements. After running ESLint with this plugin, only one import statement will remain: import { a } from 'module';
import { a } from 'module';
import { a } from 'module';
This package provides a set of rules that help enforce a convention in the order of require/import statements. It is more configurable than eslint-plugin-simple-import-sort and includes a variety of other rules to ensure proper imports, prevent misspellings, and manage dependencies.
This is not an ESLint plugin but a standalone tool that sorts imports using various style configurations. It can be used in conjunction with ESLint but requires separate configuration and execution.
This package extends ESLint's autofixing capabilities and can be used to sort imports among other things. However, it is not solely focused on import sorting and requires additional configuration to achieve similar functionality to eslint-plugin-simple-import-sort.
Changelog
Version 12.1.0 (2024-04-13)
This release adds TypeScript type definitions for the plugin itself. This is useful when you use TypeScript to check your ESLint configuration. It assumes that you install @types/eslint
yourself. Thanks to @Logicer16!
Readme
Easy autofixable import sorting.
eslint --fix
– no new toolinggit diff
friendlyrequire
This is for those who use eslint --fix
(autofix) a lot and want to completely forget about sorting imports!
FAQs
Easy autofixable import sorting
The npm package eslint-plugin-simple-import-sort receives a total of 1,701,910 weekly downloads. As such, eslint-plugin-simple-import-sort popularity was classified as popular.
We found that eslint-plugin-simple-import-sort demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.