Installations
npm install babel-eslint-parserDeveloper Guide
BETA
Typescript
No
Module System
CommonJS, ESM
Min. Node Version
^10.13.0 || ^12.13.0 || >=14.0.0
Node Version
14.5.0
NPM Version
6.14.8
Score
31.9
Supply Chain
92.7
Quality
73.4
Maintenance
100
Vulnerability
98.9
License
Releases
419
Contributors
1,104
Languages
6
TypeScript
JavaScript
Shell
Makefile
HTML
Batchfile
TypeScript (68.8%)
JavaScript (30.46%)
Shell (0.58%)
Makefile (0.09%)
HTML (0.06%)
Developer
Download Statistics
Total Downloads
24,456
Last Day
76
Last Week
188
Last Month
1,168
Last Year
11,943
GitHub Statistics
43,333 Stars
16,738 Commits
5,653 Forks
804 Watching
16 Branches
1,104 Contributors
Maintainers
1
Package Meta Information
Latest Version
7.13.10
Package Id
babel-eslint-parser@7.13.10
Unpacked Size
45.60 kB
Size
12.65 kB
File Count
12
NPM Version
6.14.8
Node Version
14.5.0
Total Downloads
Cumulative downloads
Total Downloads
24,456
Last day
28.8%
76
Compared to previous day
Last week
-46.9%
188
Compared to previous week
Last month
12.4%
1,168
Compared to previous month
Last year
58.1%
11,943
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Peer Dependencies
2
Dev Dependencies
3
Versions
@babel/eslint-parser 
@babel/eslint-parser allows you to lint ALL valid Babel code with the fantastic ESLint.
When should I use @babel/eslint-parser?
ESLint's default parser and core rules only support the latest final ECMAScript standard and do not support experimental (such as new features) and non-standard (such as Flow or TypeScript types) syntax provided by Babel. @babel/eslint-parser is a parser that allows ESLint to run on source code that is transformed by Babel.
Note: You only need to use @babel/eslint-parser if you are using Babel to transform your code. If this is not the case, please use the relevant parser for your chosen flavor of ECMAScript (note that the default parser supports all non-experimental syntax as well as JSX).
How does it work?
ESLint allows for the use of custom parsers. When using this plugin, your code is parsed by Babel's parser (using the configuration specified in your Babel configuration file) and the resulting AST is transformed into an ESTree-compliant structure that ESLint can understand. All location info such as line numbers, columns is also retained so you can track down errors with ease.
Note: ESLint's core rules do not support experimental syntax and may therefore not work as expected when using @babel/eslint-parser. Please use the companion @babel/eslint-plugin plugin for core rules that you have issues with.
Usage
Installation
1$ npm install eslint @babel/core @babel/eslint-parser --save-dev 2# or 3$ yarn add eslint @babel/core @babel/eslint-parser -D
Note: @babel/eslint-parser requires @babel/core@>=7.2.0 and a valid Babel configuration file to run. If you do not have this already set up, please see the Babel Usage Guide.
Setup
To use @babel/eslint-parser, "@babel/eslint-parser" must be specified as the parser in your ESLint configuration file (see here for more detailed information).
.eslintrc.js
1module.exports = { 2 parser: "@babel/eslint-parser", 3};
With the parser set, your configuration can be configured as described in the Configuring ESLint documentation.
Note: The parserOptions described in the official documentation are for the default parser and are not necessarily supported by @babel/eslint-parser. Please see the section directly below for supported parserOptions.
Additional parser configuration
Additional configuration options can be set in your ESLint configuration under the parserOptions key. Please note that the ecmaFeatures config property may still be required for ESLint to work properly with features not in ECMAScript 5 by default.
requireConfigFile(defaulttrue) can be set tofalseto allow @babel/eslint-parser to run on files that do not have a Babel configuration associated with them. This can be useful for linting files that are not transformed by Babel (such as tooling configuration files), though we recommend using the default parser via glob-based configuration. Note: @babel/eslint-parser will not parse any experimental syntax when no configuration file is found.sourceTypecan be set to"module"(default) or"script"if your code isn't using ECMAScript modules.allowImportExportEverywhere(defaultfalse) can be set totrueto allow import and export declarations to appear anywhere a statement is allowed if your build environment supports that. Otherwise import and export declarations can only appear at a program's top level.ecmaFeatures.globalReturn(defaultfalse) allow return statements in the global scope when used withsourceType: "script".babelOptionsis an object containing Babel configuration options that are passed to Babel's parser at runtime. For cases where users might not want to use a Babel configuration file or are running Babel through another tool (such as Webpack withbabel-loader).
.eslintrc.js
1module.exports = { 2 parser: "@babel/eslint-parser", 3 parserOptions: { 4 sourceType: "module", 5 allowImportExportEverywhere: false, 6 ecmaFeatures: { 7 globalReturn: false, 8 }, 9 babelOptions: { 10 configFile: "path/to/config.js", 11 }, 12 }, 13};
.eslintrc.js using glob-based configuration
This configuration would use the default parser for all files except for those found by the "files/transformed/by/babel/*.js" glob.
1module.exports = { 2 rules: { 3 indent: "error", 4 }, 5 overrides: [ 6 { 7 files: ["files/transformed/by/babel/*.js"], 8 parser: "@babel/eslint-parser", 9 }, 10 ], 11};
Run
1$ ./node_modules/.bin/eslint yourfile.js
TypeScript
While @babel/eslint-parser can parse TypeScript, we don't currently support linting TypeScript using the rules in @babel/eslint-plugin. This is because the TypeScript community has centered around @typescript-eslint and we want to avoid duplicate work. Additionally, since @typescript-eslint uses TypeScript under the hood, its rules can be made type-aware, which is something Babel doesn't have the ability to do.
Questions and support
If you have an issue, please first check if it can be reproduced with the default parser and with the latest versions of eslint and @babel/eslint-parser. If it is not reproducible with the default parser, it is most likely an issue with @babel/eslint-parser.
For questions and support please visit the #discussion Babel Slack channel (sign up here) or the ESLint Gitter.
No vulnerabilities found.
Reason
30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
no binaries found in the repo
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:58
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:237
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/update-compat-data.yml:15
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/update-parser-tests.yml:17
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/update-windows-fixtures.yml:16
- Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/update-windows-fixtures.yml:17
- Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:6
- Info: topLevel 'contents' permission set to 'read': .github/workflows/e2e-tests-breaking-esm.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/e2e-tests.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/issue-triage.yml:8
- Info: found token with 'none' permissions: .github/workflows/lock.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/release.yml:20
- Info: topLevel 'contents' permission set to 'read': .github/workflows/repl.yml:6
- Warn: no topLevel permission defined: .github/workflows/update-compat-data.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/update-parser-tests.yml:11
- Info: topLevel 'contents' permission set to 'read': .github/workflows/update-windows-fixtures.yml:11
Reason
Found 24/30 approved changesets -- score normalized to 8
Reason
badge detected: InProgress
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:532: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:534: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:541: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:150: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:413: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:415: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:442: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:454: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:460: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:466: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:472: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:478: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:484: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:490: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:496: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:502: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:508: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:514: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:520: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:674: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:676: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:678: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:680: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:682: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:684: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:686: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:688: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:696: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:701: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:191: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:198: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:249: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:255: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:270: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:384: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:386: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:393: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:283: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:285: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:323: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:325: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:331: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:557: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:559: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:566: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:582: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:584: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:589: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:604: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:619: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:621: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:627: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:633: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:646: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:663: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:359: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:361: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:368: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-triage.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/issue-triage.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-triage.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/issue-triage.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-triage.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/issue-triage.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-triage.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/issue-triage.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/lock.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:186: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:220: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:252: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:265: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:298: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:304: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:317: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/reminders.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/reminders.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/repl.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/repl.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/repl.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/repl.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-compat-data.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-compat-data.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-compat-data.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-compat-data.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-compat-data.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-compat-data.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-compat-data.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-compat-data.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-parser-tests.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-parser-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-parser-tests.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-parser-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-parser-tests.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-parser-tests.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-parser-tests.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-parser-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-windows-fixtures.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-windows-fixtures.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-windows-fixtures.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-windows-fixtures.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-windows-fixtures.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-windows-fixtures.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: scripts/integration-tests/e2e-create-react-app.sh:22
- Warn: npmCommand not pinned by hash: scripts/integration-tests/e2e-create-react-app.sh:60
- Warn: npmCommand not pinned by hash: scripts/integration-tests/e2e-create-react-app.sh:63
- Warn: npmCommand not pinned by hash: scripts/integration-tests/e2e-nextjs-10.sh:28
- Warn: npmCommand not pinned by hash: scripts/integration-tests/e2e-react-native.sh:47
- Info: 0 out of 109 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 15 third-party GitHubAction dependencies pinned
- Info: 3 out of 8 npmCommand dependencies pinned
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 24 are checked with a SAST tool
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
23 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-4xcv-9jjx-gfj3
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-x6fg-f45m-jf5q
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
6.3
/10
Last Scanned on 2024-12-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to babel-eslint-parser
@babel/eslint-parser
7.25.9
ESLint parser that allows for linting of experimental syntax transformed by Babel
babel-eslint
10.1.0
Custom parser for ESLint
@babel/eslint-plugin
7.25.9
Companion rules for @babel/eslint-parser
@nicolo-ribaudo/eslint-scope-5-internals
5.1.1-v1
Proxy package exposing internals of eslint-scope@5 for @babel/eslint-parser