Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
mocha-jshint
Advanced tools
Run jshint as Mocha tests.
To install in your node.js project as devDependency, run this command, in the root of your project
npm install mocha-jshint --save-dev
Mocha defaults to looking for your test specs in the test
folder of your project.
Add this file as test/jshint.spec.js
in your project, with the following content:
require('mocha-jshint')();
That is it you are done.
To grep only the jshint test, just do
mocha --grep jshint
In the root of your project you can add a .jshintignore
file, where each line is a file or directory for jshint to ignore
and not check for errors. (see this project for an example)
At the root of your project you can add a .jshintrc
file, that specifies what options you want jshint to run with
(see this project for an example)
You can also add a .jshintrc
file to any subdirectory of your project, to override the .jshintrc settings in the root.
For example in this project I allow some global variables in the test
folder. Global variables that are set when I
run mocha tests. Global variables that are only allowed to be used, in the .js files in the test folder
This module was created to:
FAQs
run JSHint as mocha tests
The npm package mocha-jshint receives a total of 7,420 weekly downloads. As such, mocha-jshint popularity was classified as popular.
We found that mocha-jshint demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.