Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The tslint npm package is a static analysis tool that checks TypeScript code for readability, maintainability, and functionality errors. It is widely used to enforce a consistent code style by checking the code against a set of linting rules.
Linting TypeScript Files
This feature allows you to lint TypeScript files by specifying a configuration file and a pattern to match files. The command will process all TypeScript files in the 'src' directory and its subdirectories.
tslint -c tslint.json 'src/**/*.ts'
Fixing Linting Errors Automatically
This feature automatically fixes linting errors that can be corrected without human intervention. It is useful for fixing simple issues like whitespace or semicolon usage.
tslint --fix -c tslint.json 'src/**/*.ts'
Custom Rules
This feature allows you to use custom linting rules in addition to the predefined rules. You can specify a directory containing custom rule definitions to be applied to your code.
tslint -c tslint.json 'src/**/*.ts' --rules-dir custom_rules
ESLint is a popular linting tool for JavaScript and TypeScript. It is highly configurable and extendable, with a large ecosystem of plugins. ESLint has effectively replaced TSLint as the preferred linter for TypeScript after TSLint's deprecation.
Prettier is an opinionated code formatter that supports many languages, including TypeScript. While it does not perform static code analysis, it formats code to a consistent style. Prettier can be used alongside linters like ESLint.
Stylelint is a modern linter that helps you avoid errors and enforce conventions in your stylesheets. Although it is primarily used for CSS, it can be used in conjunction with PostCSS to lint SCSS, Sass, Less, and other CSS-like languages.
:warning: TSLint is deprecated.
See this issue for more details: Roadmap: TSLint → ESLint. If you're interested in helping with the TSLint/ESLint migration, please check out our OSS Fellowship program.
TSLint is an extensible static analysis tool that checks TypeScript code for readability, maintainability, and functionality errors. It is widely supported across modern editors & build systems and can be customized with your own lint rules, configurations, and formatters.
TSLint currently supports:
tslint:latest
, tslint-react
, etc.) and plugin compositionPlease refer to the full installation & usage documentation on the TSLint website. There, you'll find information about
There is a sandbox environment for TSLint at palantir.github.io/tslint-playground, which can be used to test rules and see how TSLint works. Issues can be filed against tslint-playground
here.
If we don't have all the rules you're looking for, you can either write your own custom rules or use rules implementations developed by the community. The repos below are a good source of custom rules:
Prerequisites:
node
v7+yarn
v1.0+git clone git@github.com:palantir/tslint.git --config core.autocrlf=input --config core.eol=lf
yarn
yarn compile
yarn test
v6.1.3
FAQs
An extensible static analysis linter for the TypeScript language
The npm package tslint receives a total of 1,426,140 weekly downloads. As such, tslint popularity was classified as popular.
We found that tslint demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.