Security News
Supply Chain Attack Detected in @solana/web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
ESLint is a static code analysis tool for identifying problematic patterns found in JavaScript code. It is primarily used for finding and fixing problems in JavaScript code, enforcing coding standards, and improving code quality.
Linting JavaScript Files
Run ESLint on all JavaScript files in the 'src' directory and its subdirectories.
eslint 'src/**/*.js'
Fixing Problems Automatically
Automatically fix problems in JavaScript files that ESLint is capable of fixing.
eslint --fix 'src/**/*.js'
Customizable Configuration
Customize ESLint rules and extend from recommended presets in the ESLint configuration file.
{ 'extends': 'eslint:recommended', 'rules': { 'eqeqeq': 'warn', 'no-unused-vars': 'error' } }
Integrating with Build Tools
Integrate ESLint with build tools like Grunt by using the corresponding plugin.
grunt.loadNpmTasks('grunt-eslint');
Using Plugins
Extend ESLint's capabilities with plugins for specific libraries or frameworks, such as React.
{ 'plugins': ['react'], 'rules': { 'react/jsx-uses-vars': 'error' } }
JSHint is a community-driven tool that detects errors and potential problems in JavaScript code. It is less configurable than ESLint and does not support custom rule creation.
JSCS is a code style linter for programmatically enforcing your style guide. It has been deprecated and merged with ESLint, which now covers its functionality.
Prettier is an opinionated code formatter that supports many languages and integrates with most editors. Unlike ESLint, it does not check for code errors but focuses on maintaining a consistent code style.
TSLint was a linter for TypeScript, providing similar functionality to ESLint but specifically for TypeScript code. It has been deprecated in favor of typescript-eslint, which allows ESLint to be used with TypeScript.
Standard is a JavaScript style guide, linter, and formatter with a set of predefined rules. It enforces a strict coding standard but is less configurable than ESLint.
Website | Configuring | Rules | Contributing | Reporting Bugs | Code of Conduct | Twitter | Mailing List | Chat Room
ESLint is a tool for identifying and reporting on patterns found in ECMAScript/JavaScript code. In many ways, it is similar to JSLint and JSHint with a few exceptions:
There are two ways to install ESLint: globally and locally.
If you want to include ESLint as part of your project's build system, we recommend installing it locally. You can do so using npm:
$ npm install eslint --save-dev
You should then setup a configuration file:
$ ./node_modules/.bin/eslint --init
After that, you can run ESLint on any file or directory like this:
$ ./node_modules/.bin/eslint yourfile.js
Any plugins or shareable configs that you use must also be installed locally to work with a locally-installed ESLint.
If you want to make ESLint available to tools that run across all of your projects, we recommend installing ESLint globally. You can do so using npm:
$ npm install -g eslint
You should then setup a configuration file:
$ eslint --init
After that, you can run ESLint on any file or directory like this:
$ eslint yourfile.js
Any plugins or shareable configs that you use must also be installed globally to work with a globally-installed ESLint.
Note: eslint --init
is intended for setting up and configuring ESLint on a per-project basis and will perform a local installation of ESLint and its plugins in the directory in which it is run. If you prefer using a global installation of ESLint, any plugins used in your configuration must also be installed globally.
After running eslint --init
, you'll have a .eslintrc
file in your directory. In it, you'll see some rules configured like this:
{
"rules": {
"semi": ["error", "always"],
"quotes": ["error", "double"]
}
}
The names "semi"
and "quotes"
are the names of rules in ESLint. The first value is the error level of the rule and can be one of these values:
"off"
or 0
- turn the rule off"warn"
or 1
- turn the rule on as a warning (doesn't affect exit code)"error"
or 2
- turn the rule on as an error (exit code will be 1)The three error levels allow you fine-grained control over how ESLint applies rules (for more configuration options and details, see the configuration docs).
These folks keep the project moving and are resources for help.
We have scheduled releases every two weeks on Friday or Saturday.
Before filing an issue, please be sure to read the guidelines for what you're reporting:
ESLint follows semantic versioning. However, due to the nature of ESLint as a code quality tool, it's not always clear when a minor or major version bump occurs. To help clarify this for everyone, we've defined the following semantic versioning policy for ESLint:
eslint:recommended
is updated.According to our policy, any minor update may report more errors than the previous release (ex: from a bug fix). As such, we recommend using the tilde (~
) in package.json
e.g. "eslint": "~3.1.0"
to guarantee the results of your builds.
The most significant difference is that ESlint has pluggable linting rules. That means you can use the rules it comes with, or you can extend it with rules created by others or by yourself!
ESLint is slower than JSHint, usually 2-3x slower on a single file. This is because ESLint uses Espree to construct an AST before it can evaluate your code whereas JSHint evaluates your code as it's being parsed. The speed is also based on the number of rules you enable; the more rules you enable, the slower the process.
Despite being slower, we believe that ESLint is fast enough to replace JSHint without causing significant pain.
Yes. Since we are solving the same problems, ESLint and JSCS teams have decided to join forces and work together in the development of ESLint instead of competing with each other. You can read more about this in both ESLint and JSCS announcements.
Maybe, depending on how much you need it. JSCS has reached end of life, but if it is working for you then there is no reason to move yet. We are still working to smooth the transition. You can see our progress here. We’ll announce when all of the changes necessary to support JSCS users in ESLint are complete and will start encouraging JSCS users to switch to ESLint at that time.
If you are having issues with JSCS, you can try to move to ESLint. We are focusing our time and energy on JSCS compatibility issues.
ESLint does both traditional linting (looking for problematic patterns) and style checking (enforcement of conventions). You can use it for both.
Yes, ESLint natively supports parsing JSX syntax (this must be enabled in configuration.). Please note that supporting JSX syntax is not the same as supporting React. React applies specific semantics to JSX syntax that ESLint doesn't recognize. We recommend using eslint-plugin-react if you are using React and want React semantics.
ESLint has full support for ECMAScript 6. By default, this support is off. You can enable ECMAScript 6 syntax and global variables through configuration.
ESLint doesn't natively support experimental ECMAScript language features. You can use babel-eslint to use any option available in Babel.
Once a language feature has been adopted into the ECMAScript standard (stage 4 according to the TC39 process), we will accept issues and pull requests related to the new feature, subject to our contributing guidelines. Until then, please use the appropriate parser and plugin(s) for your experimental feature.
Join our Mailing List or Chatroom
FAQs
An AST-based pattern checker for JavaScript.
The npm package eslint receives a total of 40,524,901 weekly downloads. As such, eslint popularity was classified as popular.
We found that eslint demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.