
Security News
PodRocket Podcast: Inside the Recent npm Supply Chain Attacks
Socket CEO Feross Aboukhadijeh discusses the recent npm supply chain attacks on PodRocket, covering novel attack vectors and how developers can protect themselves.
hint
)If you want to have an idea of what webhint
does and you
have an updated version of npm
(v6.x) and Node.js LTS (v14.x)
or later, x64 version recommended
you can use the following command:
npx hint https://example.com
The recommended way of running webhint is as a devDependency
of
your project.
npm install hint --save-dev
And then add a script task to your package.json
:
{
...
"scripts": {
"webhint": "hint http://localhost:8080"
}
}
And run it via:
npm run webhint
You can also run webhint from within VS Code and as a browser extension.
NOTE: If you run into any issues during the install process please check the troubleshoot section.
Now that you have webhint
up and running, it is time to learn a bit
more about the different pieces:
To know more about the internals of webhint
, the structure of the
project, how to create new hints, collectors, formatters, etc, take a
look at the online contributor
guide (or the local
version).
This project adheres to the JS Foundation’s code of conduct. By participating in this project you agree to abide by its terms.
The code is available under the Apache 2.0 license.
FAQs
The linting tool for the web
We found that hint demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket CEO Feross Aboukhadijeh discusses the recent npm supply chain attacks on PodRocket, covering novel attack vectors and how developers can protect themselves.
Security News
Maintainers back GitHub’s npm security overhaul but raise concerns about CI/CD workflows, enterprise support, and token management.
Product
Socket Firewall is a free tool that blocks malicious packages at install time, giving developers proactive protection against rising supply chain attacks.