Socket
Socket
Sign inDemoInstall

vile

Package Overview
Dependencies
33
Maintainers
1
Versions
21
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

vile

A code quality tool for any language or platform.


Version published
Maintainers
1
Weekly downloads
5
decreased by-66.67%

Weekly downloads

Readme

Source

Vile Logo

Main Linux Builds Windows Builds Linux/OSX Builds code quality score coverage status dependencies status npm package

Overview

vile is a general purpose code quality tool for any language or platform that statically analyzes your software project and its dependencies.

Along with its hosted service it provides a highly flexible platform for continuous software analysis that integrates directly into your CI process and development workflow.

Demo

Features

  • :fire: Analyze complexity & churn
  • :truck: Check for outdated software packages
  • :mag: Identify similar and duplicate code
  • :globe_with_meridians: Calculate test coverage
  • :closed_lock_with_key: Check for vulnerabilities in libraries and code
  • :clipboard: Generate file statistics
  • :clock2: Capture commit data
  • :wrench: Run traditional linter tools
  • :electric_plug: Flexible and easy to use plugin system
  • :hearts: Supports Windows, Linux, and MacOS
+ vile.io
  • :part_alternation_mark: Track code quality and issues over time
  • :muscle: Get automated insights and suggestions based on the current state of your project
  • :email: Get notified about new issues and insights
  • :raising_hand: Collaborate with other users
  • :octocat: Set GitHub pull request statuses
  • :shower: Schedule routine CI builds for popular services like CircleCI, AppVeyor, and Codeship

Installation & Usage

The main library requires you at least have Node.js installed.

A simple install and setup:

cd my_project/
npm i vile
npx vile init
npx vile analyze

Please see docs.vile.io for more detailed info.

Plugins

The core vile package comes with a general set of plugins that support basic multi-language analysis.

To analyze your code further, such as tracking outdated RubyGems, plugging in your favourite linter, tracking code complexity, or checking for vulnerabilities, you need to install extra plugins first.

Common Use Cases

  • Run vile a locally to analyze your code and print any issues or data
  • Run vile a -u on every build server commit to continuously analyze your code
  • Run vile a -d -p lint-plugin my/file.ext to run a plugin on a specific file
  • Run vile a -d -e -p lint-plugin,security-plugin to run certain lint checks during a build

Contributing

Any contributions are welcome and appreciated!

Please see CONTRIBUTING for more info.

Licensing

This project is licensed under the MPL-2.0 license.

Any contributions made to this project are made under the current license.

Versioning

This project uses Semver.

Maintainers

Project Goals

  • :rainbow: Provide an open and extensible platform for any type of software analysis
  • :seedling: Help maintain and foster an open and inclusive community around code quality
  • :vhs: Distill various types of software analysis into a language independent data format
  • :tada: Support and complement existing tooling (linters, complexity tools, etc.)
  • :nut_and_bolt: Create new libraries and plugins that backfill language support (ex: synt)

For more info on why vile was created checkout our post on Medium.

Keywords

FAQs

Last updated on 10 Mar 2018

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc