npmpackage.info

Gathering detailed insights and metrics for @eslint/js

Other packages similar to @eslint/js

eslint-config-airbnb-base

15.0.0

Airbnb's base JS ESLint config, following our styleguide

@stylistic/eslint-plugin-js

4.4.1

JavaScript stylistic rules for ESLint, migrated from [eslint core](https://github.com/eslint/eslint).

@modern-js/eslint-config

2.59.0

A Progressive React Framework for modern web development.

@modern-js-app/eslint-config

2.59.0

A Progressive React Framework for modern web development.

Gathering detailed insights and metrics for @eslint/js

@eslint/js - 9.31.0 | npmpackage.info

@eslint/js

Find and fix problems in your JavaScript code.

9.31.0

26,097

MIT

JavaScript

14.16 kB

6.8

Installations

npm install @eslint/js

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Min. Node Version

^18.18.0 || ^20.9.0 || >=21.1.0

Node Version

20.9.0

NPM Version

10.1.0 Pull Requests

Open

18

Total

8,018

Closed

1,397

Merged

6,603

Issues

Open

74

Total

10,653

Closed

10,579

Releases

355

v9.31.0

Updated on Jul 11, 2025

v9.30.1

Updated on Jul 01, 2025

v9.30.0

Updated on Jun 27, 2025

v9.29.0

Updated on Jun 13, 2025

v9.28.0

Updated on May 30, 2025

v9.27.0

Updated on May 16, 2025

View All 355 releases

Languages

JavaScript

TypeScript

EJS

HTML

Shell

JavaScript (99.45%)

TypeScript (0.5%)

EJS (0.04%)

HTML (0.01%)

Developer

eslint

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

26,097 Stars

10,270 Commits

4,755 Forks

311 Watchers

98 Branches

1,052 Contributors

Updated on Jul 12, 2025

Sponsor this package

https://eslint.org/donate

Maintainers

View All 1,052 Contributors

Package Meta Information

Latest Version

9.31.0

Package Id

@eslint/js@9.31.0

Unpacked Size

14.16 kB

Size

4.10 kB

File Count

NPM Version

10.1.0

Node Version

20.9.0

Published on

Jul 11, 2025

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

No dependencies detected.

ESLint JavaScript Plugin

The beginnings of separating out JavaScript-specific functionality from ESLint.

Right now, this plugin contains two configurations:

recommended - enables the rules recommended by the ESLint team (the replacement for "eslint:recommended")
all - enables all ESLint rules (the replacement for "eslint:all")

Installation

1npm install @eslint/js -D

Usage

Use in your eslint.config.js file anytime you want to extend one of the configs:

1import { defineConfig } from "eslint/config";
2import js from "@eslint/js";
3
4export default defineConfig([
5	// apply recommended rules to JS files
6	{
7		name: "your-project/recommended-rules",
8		files: ["**/*.js"],
9		plugins: {
10			js,
11		},
12		extends: ["js/recommended"],
13	},
14
15	// apply recommended rules to JS files with an override
16	{
17		name: "your-project/recommended-rules-with-override",
18		files: ["**/*.js"],
19		plugins: {
20			js,
21		},
22		extends: ["js/recommended"],
23		rules: {
24			"no-unused-vars": "warn",
25		},
26	},
27
28	// apply all rules to JS files
29	{
30		name: "your-project/all-rules",
31		files: ["**/*.js"],
32		plugins: {
33			js,
34		},
35		extends: ["js/all"],
36		rules: {
37			"no-unused-vars": "warn",
38		},
39	},
40]);

License

MIT

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Security-Policy

Determines if the project has published a security policy.

10

SAST

Determines if the project uses static code analysis.

6

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/annotate_pr.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/annotate_pr.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/annotate_pr.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/annotate_pr.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-ci.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/docs-ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-ci.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/docs-ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-labeler.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/pr-labeler.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rebuild-docs-sites.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/rebuild-docs-sites.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/stale.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:197: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:199: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/types-integration.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/types-integration.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/types-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-readme.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/update-readme.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-readme.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/eslint/eslint/update-readme.yml/main?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:22
Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:26
Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:95
Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:116
Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:144
Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:148
Warn: npmCommand not pinned by hash: .github/workflows/docs-ci.yml:29
Warn: npmCommand not pinned by hash: .github/workflows/docs-ci.yml:32
Warn: npmCommand not pinned by hash: .github/workflows/types-integration.yml:98
Warn: npmCommand not pinned by hash: .github/workflows/types-integration.yml:102
Warn: npmCommand not pinned by hash: .github/workflows/types-integration.yml:130
Warn: npmCommand not pinned by hash: .github/workflows/types-integration.yml:140
Warn: npmCommand not pinned by hash: .github/workflows/types-integration.yml:168
Warn: npmCommand not pinned by hash: .github/workflows/types-integration.yml:172
Warn: npmCommand not pinned by hash: .github/workflows/types-integration.yml:174
Warn: npmCommand not pinned by hash: .github/workflows/types-integration.yml:206
Warn: npmCommand not pinned by hash: .github/workflows/types-integration.yml:34
Warn: npmCommand not pinned by hash: .github/workflows/types-integration.yml:38
Warn: npmCommand not pinned by hash: .github/workflows/types-integration.yml:66
Warn: npmCommand not pinned by hash: .github/workflows/types-integration.yml:70
Warn: npmCommand not pinned by hash: .github/workflows/update-readme.yml:21
Info: 0 out of 37 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 6 third-party GitHubAction dependencies pinned
Info: 0 out of 21 npmCommand dependencies pinned

0

Fuzzing

Determines if the project uses fuzzing.

Score

6.8

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More