Gathering detailed insights and metrics for @vue/eslint-config-prettier
Gathering detailed insights and metrics for @vue/eslint-config-prettier
`eslint-config-prettier` for `create-vue` setups
Installations
npm install @vue/eslint-config-prettierDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS, ESM
Node Version
22.12.0
NPM Version
10.9.0
Score
88
Supply Chain
72.5
Quality
88.8
Maintenance
100
Vulnerability
98.6
License
Releases
10
Contributors
73
Languages
1
JavaScript
JavaScript (100%)
Love this project? Help keep it running — sponsor us today! 🚀
Developer
vuejs
Download Statistics
Total Downloads
102,930,713
Last Day
144,420
Last Week
763,449
Last Month
3,262,639
Last Year
33,946,402
GitHub Statistics
MIT License
71 Stars
122 Commits
9 Forks
6 Watchers
4 Branches
73 Contributors
Updated on Feb 11, 2025
Maintainers
5
Package Meta Information
Latest Version
10.2.0
Package Id
@vue/eslint-config-prettier@10.2.0
Unpacked Size
6.23 kB
Size
2.91 kB
File Count
7
NPM Version
10.9.0
Node Version
22.12.0
Published on
Jan 18, 2025
Total Downloads
Cumulative downloads
Total Downloads
102,930,713
Last Day
-2.2%
144,420
Compared to previous day
Last Week
4.6%
763,449
Compared to previous week
Last Month
52.2%
3,262,639
Compared to previous month
Last Year
36.7%
33,946,402
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
@vue/eslint-config-prettier
A wrapper around
eslint-config-prettierdesigned to work more intuitively withcreate-vuesetups.
This config is specifically designed to be used by create-vue setups
and is not meant for outside use (it can be used but some adaptations
on the user side might be needed - for details see the config file).
A part of its design is that this config may implicitly depend on
other parts of create-vue setups.
Installation
1npm add --dev @vue/eslint-config-prettier
Please also make sure that you have prettier and eslint installed.
Usage
Note: the current version doesn't support the legacy
.eslintrc*configuration format. For that you need to use version 9 or earlier. See the corresponding README for more usage instructions.
Import @vue/eslint-config-prettier in eslint.config.js (or eslint.config.mjs), and put it in the configuration array – after other configs that you want to override.
1import someConfig from "some-other-config-you-use"; 2import prettierConfig from "@vue/eslint-config-prettier"; 3 4export default [someConfig, prettierConfig];
Make sure to put it last, so it gets the chance to override other configs.
This configuration is the most straightward way to use ESLint with Prettier.
It disables all rules that are unnecessary or might conflict with Prettier.
It also enables the eslint-plugin-prettier plugin, which runs Prettier as an ESLint rule and reports differences as individual ESLint issues.
By default all formatting issues are reported as warnings, and will be automatically fixed during eslint --fix.
Use Separate Commands for Linting and Formatting
While the above setup is very straightforward, it is not necessarily the best way.
Running prettier inside the linter slows down the linting process, might clutter the editor with annoying warnings, and adds one layer of indirection where things may break. Prettier's official documentation recommends using separate commands for linting and formatting, i.e., Prettier for code formatting concerns and ESLint for code-quality concerns.
So we offered an additional ruleset to support this workflow:
1import someConfig from "some-other-config-you-use"; 2import skipFormattingConfig from "@vue/eslint-config-prettier/skip-formatting"; 3 4export default [someConfig, skipFormattingConfig];
Formatting issues won't be reported with this config.
You can run prettier --check . separately to check for formatting issues, or prettier --write . to fix them.
Further Reading
The default config is based on the recommended configuration of eslint-plugin-prettier, which also depends on eslint-config-prettier. Please refer to their corresponding documentations for more implementation details.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/publish.yml:9
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
0 existing vulnerabilities detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish.yml:14
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Info: no jobLevel write permissions found
Reason
5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'main'
- Info: 'force pushes' disabled on branch 'main'
- Info: 'branch protection settings apply to administrators' is required to merge on branch 'main'
- Warn: could not determine whether codeowners review is allowed
- Warn: no status checks found to merge onto branch 'main'
- Warn: PRs are not required to make changes on branch 'main'; or we don't have data to detect it.If you think it might be the latter, make sure to run Scorecard with a PAT or use Repo Rules (that are always public) instead of Branch Protection settings
Reason
Found 2/25 approved changesets -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/eslint-config-prettier/publish.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/eslint-config-prettier/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/eslint-config-prettier/publish.yml/main?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 8 are checked with a SAST tool
Score
5.2
/10
Last Scanned on 2025-02-03
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More