Supply Chain Security
Vulnerability
Quality
Maintenance
License
JSHint is a static code analysis tool used in software development for checking if JavaScript source code complies with coding rules. It helps developers identify potential errors and enforce coding standards.
Basic Linting
This feature allows you to perform basic linting on a piece of JavaScript code. The code sample demonstrates how to use JSHint to check a simple JavaScript snippet for errors.
const jshint = require('jshint').JSHINT;
const code = 'var a = 1;';
const options = { esversion: 6 };
jshint(code, options);
console.log(jshint.errors);Custom Configuration
JSHint allows you to customize the linting process with various options. This example shows how to enable the 'undef' option to check for the use of undefined variables.
const jshint = require('jshint').JSHINT;
const code = 'var a = 1;';
const options = { esversion: 6, undef: true };
jshint(code, options);
console.log(jshint.errors);Using JSHint with Configuration File
You can use a configuration file (e.g., .jshintrc) to define your linting rules. This example demonstrates how to read a JavaScript file and a JSHint configuration file, then lint the code using the specified rules.
const fs = require('fs');
const jshint = require('jshint').JSHINT;
const code = fs.readFileSync('path/to/your/file.js', 'utf8');
const config = JSON.parse(fs.readFileSync('.jshintrc', 'utf8'));
jshint(code, config);
console.log(jshint.errors);ESLint is another popular JavaScript linting tool that is highly configurable and supports custom rules. It provides more flexibility and a larger ecosystem of plugins compared to JSHint.
JSCS (JavaScript Code Style) is a code style linter for JavaScript. It focuses more on enforcing coding style conventions rather than finding potential errors. It has been merged with ESLint, but older versions are still in use.
TSLint is a linter for TypeScript, which is a superset of JavaScript. It provides similar functionality to JSHint but is specifically designed for TypeScript code. TSLint is now deprecated in favor of ESLint with TypeScript support.
[ Use it online • Docs • FAQ • Install • Contribute • Blog • Twitter ]
JSHint is a community-driven tool that detects errors and potential problems in JavaScript code. Since JSHint is so flexible, you can easily adjust it in the environment you expect your code to execute. JSHint is publicly available and will always stay this way.
The project aims to help JavaScript developers write complex programs without worrying about typos and language gotchas.
Any code base eventually becomes huge at some point, so simple mistakes — that would not show themselves when written — can become show stoppers and add extra hours of debugging. So, static code analysis tools come into play and help developers spot such problems. JSHint scans a program written in JavaScript and reports about commonly made mistakes and potential bugs. The potential problem could be a syntax error, a bug due to an implicit type conversion, a leaking variable, or something else entirely.
Only 15% of all programs linted on jshint.com pass the JSHint checks. In all other cases, JSHint finds some red flags that could've been bugs or potential problems.
Please note, that while static code analysis tools can spot many different kind of mistakes, it can't detect if your program is correct, fast or has memory leaks. You should always combine tools like JSHint with unit and functional tests as well as with code reviews.
To report a bug simply create a new GitHub Issue and describe your problem or suggestion. We welcome all kinds of feedback regarding JSHint including but not limited to:
Before reporting a bug, please look around to see if there are any open or closed tickets that discuss your issue, and remember the wisdom: pull request > bug report > tweet.
Engineers from these companies and projects use JSHint:
And many more!
JSHint is licensed under the MIT Expat license.
Prior to version 2.12.0 (release in August 2020), JSHint was partially licensed under the non-free JSON license. The 2020 Relicensing document details the process maintainers followed to change the license.
JSHint is currently maintained by Rick Waldron, Caitlin Potter, Mike Pennisi, and Luke Page. You can reach them via admin@jshint.org.
Originating from the JSLint project in 2010, JSHint has been maintained by a number of dedicated individuals. In chronological order, they are: Douglas Crockford, Anton Kovalyov, and Mike Sherov. We appreciate their long-term commitment!
We really appreciate all kinds of feedback and contributions. Thanks for using and supporting JSHint!
FAQs
Static analysis tool for JavaScript
The npm package jshint receives a total of 613,242 weekly downloads. As such, jshint popularity was classified as popular.
We found that jshint demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
Security News
Meet Socket at Black Hat & DEF CON 2025 for 1:1s, insider security talks at Allegiant Stadium, and a private dinner with top minds in software supply chain security.
Security News
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.