Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Easily use JSLint from the command line.
jslint bin/jslint.js
Added latest jslint, 2018-01-27.
Version 0.12.0 contains the latest jslint-es6
See CHANGELOG.md for detailed change history
npm i jslint
jslint lib/color.js
jslint --edition=latest lib/color.js
For example, edition 2013-02-03 which shipped with node-jslint 0.1.9:
jslint --edition=2013-02-03 lib/color.js
As of node-jslint 0.4.0, a streams interface is exposed. You can use it in client code like this:
Install as a dependency:
$ npm install --save jslint
Pull it into your code with require:
var LintStream = require('jslint').LintStream;
Create and configure the stream linter:
var options = {
"edition": "latest",
"length": 100
},
l = new LintStream(options);
Send files to the linter:
var fileName, fileContents;
l.write({file: fileName, body: fileContents});
Receive lint from the linter:
l.on('data', function (chunk, encoding, callback) {
// chunk is an object
// chunk.file is whatever you supplied to write (see above)
assert.deepEqual(chunk.file, fileName);
// chunk.linted is an object holding the result from running JSLint
// chunk.linted.ok is the boolean return code from JSLINT()
// chunk.linted.errors is the array of errors, etc.
// see JSLINT for the complete contents of the object
callback();
});
You can only pass options to the LintStream when creating it. The edition
option can be
used to select different editions of JSLint.
The LintStream is in object mode (objectMode: true). It expects an
object with two properties: file
and body
. The file
property
can be used to pass metadata along with the file. The body
property
contains the file to be linted; it can be either a string or a Buffer.
The LintStream emits 'data'
events containing an object with two properties.
The file
property is copied from the file
property that is passed in. The
linted
property contains the results of running JSLINT.
The simple interface provides an edition-aware loader. This can be used as a frontend to node-jslint's collection of editions of the JSLINT code.
var node_jslint = require('jslint'),
JSLINT = node_jslint.load(edition);
This exposes the same loading interface used in node-jslint, so it supports the special
edition names default
and latest
as well as date-based edition names such as 2013-08-26
As of version 0.5.0, the load
function also accepts filenames. To be recognized as a filename,
the argument to load must contain a path-separator character (/
or \
) or end with the extension
.js
.
Multiple files
jslint lib/color.js lib/reporter.js
All JSLint options supported
jslint --white --vars --regexp lib/color.js
Defaults to true, but you can specify false
jslint --bitwise false lib/color.js
Pass arrays
jslint --predef $ --predef Backbone lib/color.js
JSLint your entire project
jslint '**/*.js'
Start with the included jslint.conf.example
file, name it jslint.conf
and customize your options
per project or copy it to $HOME/.jslint.conf
to apply your setting globally
See LICENSE file.
FAQs
The JavaScript Code Quality Tool
We found that jslint demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.