npm-package-json-lint
Advanced tools
npm-package-json-lint is a tool for linting package.json files, ensuring they adhere to a defined set of rules and best practices. It helps maintain consistency and correctness in package.json files across projects.
Linting package.json files
This feature allows you to define a set of rules for linting package.json files. The code sample shows a configuration file that extends the default configuration and specifies rules for the name type, version format, and requiring an author field.
module.exports = {
extends: 'npm-package-json-lint-config-default',
rules: {
'name-type': 'error',
'version-format': 'error',
'require-author': 'error'
}
};Custom rule definitions
You can define custom rules to enforce specific requirements in your package.json files. The code sample demonstrates how to restrict certain dependencies and require the scripts field.
module.exports = {
rules: {
'no-restricted-dependencies': ['error', ['lodash', 'underscore']],
'require-scripts': 'error'
}
};Command-line interface
The package provides a CLI for linting package.json files. The code sample shows how to run the linter using npx and a specified configuration file.
npx npm-package-json-lint . --config .npmpackagejsonlintrc.jsoneslint-plugin-json is an ESLint plugin that allows you to lint JSON files, including package.json. It provides a way to enforce JSON-specific rules using the familiar ESLint framework. Compared to npm-package-json-lint, it integrates JSON linting into the broader ESLint ecosystem.
jsonlint is a pure JavaScript library for validating and formatting JSON data. While it doesn't provide package.json-specific rules, it ensures that JSON files are syntactically correct. It is more general-purpose compared to npm-package-json-lint.
json-schema is a library for validating JSON documents against a JSON Schema. It can be used to enforce a schema for package.json files, ensuring they adhere to a predefined structure. Unlike npm-package-json-lint, it focuses on schema validation rather than linting rules.
A package.json linter for Node projects
npm-package-json-lint helps enforce standards for your package.json file. This helps to ensure that your files are of the highest standard and quality. It is also customisable to match your specific project guidline requirements/desires. It has support for both command line and programmatic usage. Currently it can check for:
name should always be a string.Please see the website for a list of rules.
First thing first, let's make sure you have the necessary pre-requisites.
npm install npm-package-json-lint -gnpm install npm-package-json-lintnpx npm-package-json-lint. This will go through the process of linting/validating
your code to meet your desired specifications.The linter can also be used as a module in the program and the output be displayed via a log message. Adding the following code to your file can accomplish this.
const npmPackageJsonLint = require("npm-package-json-lint");
const result = npmPackageJsonLint.lintFiles(["package.json"]);
console.log(result);
npm-package-json-lint has the ability to be constomly configured to match your desires. To configure the linter navigate to the .npmpackagejsonlintrc file in the repository and add in or remove your desired rules.
Follow these steps to get your local environement set up to allow you to contribute to the repository
git clone https://github.com/tclindner/npm-package-json-lint.gitQuick links
CLI commands and configuration | Node.js API | Integrations
Please see the migration guide.
Please see the migration guide.
Please see the migration guide.
Please see the migration guide.
Please see the migration guide.
Please see the migration guide.
Please see the migration guide.
Please see CONTRIBUTING.md.
Please see CHANGELOG.md.
Copyright (c) 2016-2023 Thomas Lindner. Licensed under the MIT license.
FAQs
Configurable linter for package.json files.
The npm package npm-package-json-lint receives a total of 91,896 weekly downloads. As such, npm-package-json-lint popularity was classified as popular.
We found that npm-package-json-lint demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.
Security News
Research
Socket researchers found a malicious Maven package impersonating the legitimate ‘XZ for Java’ library, introducing a backdoor for remote code execution.