npm-package-json-lint
Advanced tools
npm-package-json-lint is a tool for linting package.json files, ensuring they adhere to a defined set of rules and best practices. It helps maintain consistency and correctness in package.json files across projects.
Linting package.json files
This feature allows you to define a set of rules for linting package.json files. The code sample shows a configuration file that extends the default configuration and specifies rules for the name type, version format, and requiring an author field.
module.exports = {
extends: 'npm-package-json-lint-config-default',
rules: {
'name-type': 'error',
'version-format': 'error',
'require-author': 'error'
}
};Custom rule definitions
You can define custom rules to enforce specific requirements in your package.json files. The code sample demonstrates how to restrict certain dependencies and require the scripts field.
module.exports = {
rules: {
'no-restricted-dependencies': ['error', ['lodash', 'underscore']],
'require-scripts': 'error'
}
};Command-line interface
The package provides a CLI for linting package.json files. The code sample shows how to run the linter using npx and a specified configuration file.
npx npm-package-json-lint . --config .npmpackagejsonlintrc.jsoneslint-plugin-json is an ESLint plugin that allows you to lint JSON files, including package.json. It provides a way to enforce JSON-specific rules using the familiar ESLint framework. Compared to npm-package-json-lint, it integrates JSON linting into the broader ESLint ecosystem.
jsonlint is a pure JavaScript library for validating and formatting JSON data. While it doesn't provide package.json-specific rules, it ensures that JSON files are syntactically correct. It is more general-purpose compared to npm-package-json-lint.
json-schema is a library for validating JSON documents against a JSON Schema. It can be used to enforce a schema for package.json files, ensuring they adhere to a predefined structure. Unlike npm-package-json-lint, it focuses on schema validation rather than linting rules.
A package.json linter for Node projects
npm-package-json-lint helps enforce standards for your package.json file. Currently it can check for:
name should always be a string.Please see the wiki for a list of rules.
First thing first, let's make sure you have the necessary pre-requisites.
npm install npm-package-json-lint -g| Command | Alias | Description |
|---|---|---|
| pjl-cli --help | -h | Lists supported CLI options |
| pjl-cli --version | -v | Lists the current version number |
| pjl-cli --file | -f | File path including name. Defaults to package.json |
| pjl-cli --rule | -r | Valid rule name to check. Defaults to nothing |
| pjl-cli --rules-file | -c | File path of .npmpackagejsonlintrc |
| pjl-cli --ignore-warnings | -w | Ignore warnings |
Run a specific rule, author-valid-values, on a file relative to the current working directory.
pjl-cli -f "../relative-path/package.json" -r "require-author: 'error'"
Run a specific rule, author-valid-values, ignoring warnings on a file relative to the current working directory.
pjl-cli -f "../relative-path/package.json" -r "require-author: 'error'" --ignore-warnings
Run using the config in .npmpackagejsonlintrc on a file relative to the current working directory.
pjl-cli -f "../relative-path/package.json" -c "./.npmpackagejsonlintrc"
Run using the default config on a file relative to the current working directory
pjl-cli -f "../relative-path/package.json"
npm-package-json-lint has a configurable set of rules. Please see the wiki for a full list of available rules. By default only type checks and name/version rules are enforced. This is the bare minimum configuration.
Each rule contains the following properties:
As mentioned in the "Commands and configuration" section there are two ways to specify rule sets. The first is using --rule to specify a given rule. This will run npm-package-json-lint with just this rule. The second is using --rules-file to specify a JSON file, named .npmpackagejsonlintrc, to run a set of rules. If neither of the options above are specified then npm-package-json-lint looks for a global .npmpackagejsonlintrc file in the root of your user directory. Finally, if a global .npmpackagejsonlintrc file doesn't exist then the defaults are used.
npm-package-json-lint rules can either be run as an error or a warning.
Ex: "require-author": "error"
Please see CONTRIBUTING.md.
Please see CONTRIBUTING.md.
Please see CHANGELOG.md.
Copyright (c) 2016 Thomas Lindner. Licensed under the MIT license.
FAQs
Configurable linter for package.json files.
The npm package npm-package-json-lint receives a total of 91,896 weekly downloads. As such, npm-package-json-lint popularity was classified as popular.
We found that npm-package-json-lint demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.