Security News
NVD Backlog Tops 20,000 CVEs Awaiting Analysis as NIST Prepares System Updates
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
neostandard
Advanced tools
standard
npm install -D neostandard eslint
npx neostandard --migrate > eslint.config.js
(uses our config helper)standard
with eslint
in all places where you run standard
, eg. "scripts"
and .github/workflows/
(neostandard
CLI tracked in #2)npm uninstall standard
"standard"
top level key from your package.json
standard
specific integrations if you no longer use them (eg. vscode-standard))npm install -D neostandard eslint
Add an eslint.config.js
:
Using config helper:
npx neostandard --esm > eslint.config.js
Or to get CommonJS:
npx neostandard > eslint.config.js
Or manually create the file as ESM:
import neostandard from 'neostandard'
export default neostandard({
// options
})
Or as CommonJS:
module.exports = require('neostandard')({
// options
})
Run neostandard
by running ESLint, eg. using npx eslint
, npx eslint --fix
or similar
env
- string[]
- adds additional globals by importing them from the globals npm modulefiles
- string[]
- additional file patterns to match. Uses the same shape as ESLint files
filesTs
- string[]
- additional file patterns for the TypeScript configs to match. Uses the same shape as ESLint files
globals
- string[] | object
- an array of names of globals or an object of the same shape as ESLint languageOptions.globals
ignores
- string[]
- an array of glob patterns for files that the config should not apply to, see ESLint documentation for detailsnoJsx
- boolean
- if set, no jsx rules will be added. Useful if for some reason its clashing with your use of JSX-style syntaxnoStyle
- boolean
- if set, no style rules will be added. Especially useful when combined with Prettier, dprint or similarsemi
- boolean
- if set, enforce rather than forbid semicolons (same as semistandard
did)ts
- boolean
- if set, TypeScript syntax will be supported and *.ts
(including *.d.ts
) will be checked. To add additional file patterns to the TypeScript checks, use filesTs
The neostandard()
function returns an ESLint config array which is intended to be exported directly or, if you want to modify or extend the config, can be combined with other configs like any other ESLint config array:
import neostandard from 'neostandard'
import jsdoc from 'eslint-plugin-jsdoc';
export default [
...neostandard(),
jsdoc.configs['flat/recommended-typescript-flavor'],
]
Do note that neostandard()
is intended to be a complete linting config in itself, only extend it if you have needs that goes beyond what neostandard
provides, and open an issue if you believe neostandard
itself should be extended or changed in that direction.
It's recommended to stay compatible with the plain config when extending and only make your config stricter, not relax any of the rules, as your project would then still pass when using just the plain neostandard
-config, which helps people know what baseline to expect from your project.
Finds a .gitignore
file that resides in the same directory as the ESLint config file and returns an array of ESLint ignores that matches the same files.
ESM:
import neostandard, { resolveIgnoresFromGitignore } from 'neostandard'
export default neostandard({
ignores: resolveIgnoresFromGitignore(),
})
CommonJS:
module.exports = require('neostandard')({
ignores: require('neostandard').resolveIgnoresFromGitignore(),
})
neostandard
exports all the ESLint plugins that it uses. This to ensure that users who need to reference the plugin themselves will use the exact same instance of the plugin, which is a necessity when a plugin prefix is defined in multiple places.
@stylistic
- export of @stylistic/eslint-plugin
n
- export of eslint-plugin-n
promise
- export of eslint-plugin-promise
react
- export of eslint-plugin-react
typescript-eslint
- export of typescript-eslint
If one eg. wants to add the eslint-plugin-n
recommended config, then one can do:
import neostandard, { plugins } from 'neostandard'
export default [
...neostandard(),
plugins.n.configs['flat/recommended'],
]
eslint-plugin-import
rules from standard
: #15neostandard
runner: #33 / #2Full list in 1.0.0 milestone
standard-engine
eslint-stylistic
rulesstandard
behaviour of bundling JSX-support (ported from eslint-config-standard-jsx
) with a noJsx
option that deactivates it to match eslint-config-standard
ts
option makes *.ts
files be checked as well (used to be handled by ts-standard
)semi
option enforces rather than ban semicolons (used to be handled by semistandard
)noStyle
option deactivates style rules (used to require something like eslint-config-prettier
)@stylistic/comma-dangle
– changed – set to ignore dangling commas in arrays, objects, imports, exports and is it set to warn
rather than error
@stylistic/no-multi-spaces
– changed – sets ignoreEOLComments
to true
, useful for aligning comments across multiple linedot-notation
– deactivated – clashes with the noPropertyAccessFromIndexSignature
check in TypeScriptn/no-deprecated-api
– changed – changed to warn
instead of error
as they are not urgent to fixeslint-plugin-import
You can use the provided CLI tool to generate a config for you:
neostandard --semi --ts > eslint.config.js
To see all available flags, run:
neostandard --help
The CLI tool can also migrate an existing "standard"
configuration from package.json
:
neostandard --migrate > eslint.config.js
Migrations can also be extended, so to eg. migrate a semistandard
setup, do:
neostandard --semi --migrate > eslint.config.js
Yes! If you use neostandard
in your project, you can include one of these badges in
your readme to let people know that your code is using the neostandard style.
[![neostandard javascript style](https://img.shields.io/badge/neo-standard-7fffff?style=flat&labelColor=ff80ff)](https://github.com/neostandard/neostandard)
[![neostandard javascript style](https://img.shields.io/badge/code_style-neostandard-7fffff?style=flat&labelColor=ff80ff)](https://github.com/neostandard/neostandard)
[![neostandard javascript style](https://img.shields.io/badge/code_style-neostandard-brightgreen?style=flat)](https://github.com/neostandard/neostandard)
Prior to the 1.0.0
release we are still rapidly evolving with fixes and improvements to reach rule parity with standard
, hence more breaking changes will be experienced until then, as well as evolution of this statement
neostandard
intends to set an expectable baseline for project linting that's descriptive of best practices rather than prescriptive of any opinionated approach.
neostandard
rules describes current best practices in the community and help align developers, contributors and maintainers along thoseneostandard
rules are not a tool to promote changed practices within the community by prescribing new such practicesneostandard
rule changes and additions should be aligned with projects prior to being released, by eg. sending PR:s to them to align them ahead of time. When new best practices are incompatible with current best practices, rules should first be relaxed to allow for both approaches, then be made stricter when the community has moved to the new approachneostandard
rule changes and additions should improve the description of project best practices, not prescribe new practicesneostandard
should, when faced with no clear best practice, avoid adding such a rule as it risks becoming prescriptive rather than descriptive. If leaving out such a rule would make neostandard
an incomplete baseline config, and the community is split between a few clear alternatives (such as semi
), then making it configurable can enable it to still be added, but that should only be done in exceptional casesneostandard
is a community project with open governance.
See GOVERNANCE.md for specifics.
A subset of some of the projects that rely on neostandard
:
FAQs
A modern successor to standard
The npm package neostandard receives a total of 21,779 weekly downloads. As such, neostandard popularity was classified as popular.
We found that neostandard demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.