npmpackage.info

Gathering detailed insights and metrics for @swissquote/rollup-plugin-eslint

@swissquote/rollup-plugin-eslint

The task runner that binds them all

1.22.3

Apache-2.0

JavaScript

5.07 kB

16,621 4.8

Installations

npm install @swissquote/rollup-plugin-eslint

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

16.13.2

NPM Version

8.1.2 Score

Supply Chain

86.1

Quality

76.2

Maintenance

100

Vulnerability

License

Pull Requests

Open

6

Total

2,444

Closed

624

Merged

1,814

Issues

Open

7

Total

88

Closed

81

Releases

1.27.0

v1.27.0

Published on 03 Sept 2024

v1.26.0

Published on 16 May 2024

v1.25.0

Published on 27 Feb 2024

v1.24.0

Published on 19 Dec 2023

1.23.0

v1.23.0

Published on 03 Oct 2023

1.22.3

v1.22.3

Published on 27 Apr 2023

View all 59 releases

Contributors

View all 16 contributors

Languages

JavaScript

TypeScript

SCSS

CSS

Shell

JavaScript (94.81%)

TypeScript (3.5%)

SCSS (1.29%)

CSS (0.22%)

Shell (0.18%)

Developer

swissquote

Download Statistics

Total Downloads

16,621

Last Day

Last Week

Last Month

Last Year

1,258

GitHub Statistics

31 Stars

3,091 Commits

13 Forks

4 Watching

11 Branches

16 Contributors

Maintainers

Package Meta Information

Latest Version

1.22.3

Package Id

@swissquote/rollup-plugin-eslint@1.22.3

Unpacked Size

5.07 kB

Size

2.08 kB

File Count

NPM Version

8.1.2

Node Version

16.13.2

Publised On

26 Apr 2023

Total Downloads

Cumulative downloads

Total Downloads

16,621

Last day

Compared to previous day

Last week

500%

Compared to previous week

Last month

84.2%

Compared to previous month

Last year

-76.2%

1,258

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@rollup/pluginutils eslint

Dev Dependencies

@rollup/plugin-node-resolve ansi-colors ava c8 rollup

Versions

@swissquote/rollup-plugin-eslint

Rollup plugin to verify entry point and all imported files with ESLint.

This plugin is a fork of rollup-plugin-eslint with one difference Linting is done on all files and a single report is printed at the end of the run this allows to lint all files and not fail after the first one.

Install

1yarn add @swissquote/rollup-plugin-eslint --dev

Usage

1import { rollup } from "rollup";
2import eslint from "@swissquote/rollup-plugin-eslint";
3
4export default {
5  input: "main.js",
6  plugins: [
7    eslint({
8      /* your options */
9    })
10  ]
11};

Options

See more options here eslint-config.

You can also use eslint configuration in the form of a .eslintrc.* file in your project's root. It will be loaded automatically.

fix

Type: boolean
Default: false

If true, will auto fix source code.

throwOnError

Type: boolean
Default: false

If true, will throw an error if any errors were found.

throwOnWarning

Type: boolean
Default: false

If true, will throw an error if any warnings were found.

include

Type: array or string
Default: []

A single file, or array of files, to include when linting.

exclude

Type: array or string or RegExp Default: /node_modules/

A single file, or array of files, to exclude when linting.

formatter

Type: function or string
Default: stylish

Custom error formatter or the name of a built-in formatter.

License

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Maintained

Determines if the project is "actively maintained".

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

9

SAST

Determines if the project uses static code analysis.

8

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

Fuzzing

Determines if the project uses fuzzing.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/swissquote/crafty/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/swissquote/crafty/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/swissquote/crafty/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/swissquote/crafty/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/documentation.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/swissquote/crafty/documentation.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/documentation.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/swissquote/crafty/documentation.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/documentation.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/swissquote/crafty/documentation.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/swissquote/crafty/nodejs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sonarcloud.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/swissquote/crafty/sonarcloud.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sonarcloud.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/swissquote/crafty/sonarcloud.yml/master?enable=pin
Info: 2 out of 9 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 3 third-party GitHubAction dependencies pinned

Score

4.8

/10

Last Scanned on 2024-12-16

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More