Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
npm-groovy-lint
Advanced tools
Groovy / Jenkinsfile linter and autofixer
Based on CodeNarc , this out of the box package allows to track groovy errors and correct a part of them
Use option --fix to activate autofixing (the function is still in experimental phase, you may have to run it several times at first so CodeNarc take in account the updates)
Easy to integrate in a CD/CI process (Jenkins Pipeline,CircleCI...) to lint your groovy or Jenkinsfile at each build :)
$ npm install -g npm-groovy-lint
$ npm-groovy-lint OPTIONS
Parameter | Type | Description |
---|---|---|
-p --path | String | Directory containing the files to lint Example: ./path/to/my/groovy/files |
-f --files | String | Comma-separated list of Ant-style file patterns specifying files that must be included. Default: "**/*.groovy,**/Jenkinsfile" , or "**/*.groovy" if --rulesets Groovy, or **/Jenkinsfile if --rulesets Jenkinsfile Examples: - "**/Jenkinsfile"<br/> - "*/*.groovy" |
-r --rulesets | String | RuleSet file(s) to use for linting. If it is a directory, all rulesets will be used. RuleSet file definition: http://codenarc.github.io/CodeNarc/codenarc-creating-ruleset.html. If not specified, npm-groovy-script default ones will be used depending on file types found in --path: - Groovy recommended rules, also usable with --rulesets Groovy - Jenkinsfile recommended rules, also usable with --rulesets Jenkinsfile Examples: - "./config/codenarc/RuleSet-Custom.groovy" - "./path/to/my/ruleset/files" - Jenkinsfile |
-o --output | String | Output format (txt,json,html,xml), or path to a file with one of these extensions Default: txt Examples: - "txt" - "json" - "./logs/myLintResults.txt" - "./logs/myLintResults.json" - "./logs/myLintResults.html" - "./logs/myLintResults.xml" |
-l --loglevel | String | Log level (error,warning or info) Default: info |
-v --verbose | Boolean | More outputs in console, including performed fixes |
--fix | Boolean | (Experimental) Automatically fix problems when possible See Autofixable rules |
-i --ignorepattern | String | Comma-separated list of Ant-style file patterns specifying files that must be ignored Default: none Example: "**/test/*"" |
--failonerror | Boolean | Fails if at least one error is found |
--failonwarning | Boolean | Fails if at least one warning is found |
--failoninfo | Boolean | Fails if at least one error is found |
--codenarcargs | Boolean | Use core CodeNarc arguments (all npm-groovy-lint arguments will be ignored) Doc: http://codenarc.github.io/CodeNarc/codenarc-command-line.html Example: npm-groovy-lint --codenarcargs -basedir="jdeploy-bundle/lib/example" -rulesetfiles="file:jdeploy-bundle/lib/example/RuleSet-Groovy.groovy" -maxPriority1Violations=0 -report="xml:ReportTestCodenarc.xml |
-h --help | Boolean | Show help (npm-groovy-lint -h OPTIONNAME to see option detail with examples) |
$ npm-groovy-lint --rulesets Jenkinsfile
$ npm-groovy-lint --rulesets Groovy
$ npm-groovy-lint --rulesets Jenkinsfile --fix
$ npm-groovy-lint --rulesets Groovy --output json
$ npm-groovy-lint --path "./path/to/my/groovy/files" --files "**/*.groovy" --rulesets "./config/codenarc/RuleSet-Custom.groovy" --loglevel warning --output txt
$ npm-groovy-lint --codenarcargs -basedir="jdeploy-bundle/lib/example" -rulesetfiles="file:jdeploy-bundle/lib/example/RuleSet-Groovy.groovy" -title="TestTitleCodenarc" -maxPriority1Violations=0' -report="html:ReportTestCodenarc.html"
Contribute to add more rules fixes :)
You can import npm-groovy-lint into your NPM package and call lint & fix via module, using the same options than from npm-groovy-lint command line
Example
$ npm install npm-groovy-lint --save
const NpmGroovyLint = require("npm-groovy-lint/jdeploy-bundle/groovy-lint.js");
const fse = require("fs-extra");
const npmGroovyLintConfig = {
source: fse.readFileSync('./lib/example/SampleFile.groovy').toString(),
fix: true,
loglevel: 'warning',
output: 'none'
};
const linter = new NpmGroovyLint(npmGroovyLintConfig, {});
await linter.run();
console.log(JSON.stringify(linter.lintResult));
Contributions are very welcome !
npm run lint
then npm run test
to check your updates didn't break anythingThis package uses :
FAQs
Lint, format and auto-fix your Groovy / Jenkinsfile / Gradle files
We found that npm-groovy-lint demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.