Gathering detailed insights and metrics for eslint-config-airbnb-base
Gathering detailed insights and metrics for eslint-config-airbnb-base
Installations
npm install eslint-config-airbnb-baseDeveloper Guide
BETA
Typescript
No
Module System
CommonJS, ESM
Min. Node Version
^10.12.0 || >=12.0.0
Node Version
17.0.1
NPM Version
8.1.0
Score
87.3
Supply Chain
92.3
Quality
78.5
Maintenance
100
Vulnerability
96.4
License
Releases
Unable to fetch releases
Languages
1
JavaScript
JavaScript (100%)
Developer
airbnb
Download Statistics
Total Downloads
1,641,148,187
Last Day
349,891
Last Week
6,558,294
Last Month
28,684,304
Last Year
338,780,338
GitHub Statistics
MIT License
146,993 Stars
1,983 Commits
26,769 Forks
3,725 Watchers
5 Branches
514 Contributors
Updated on Jul 01, 2025
Bundle Size
555.00 B
Minified
354.00 B
Minified + Gzipped
Maintainers
5
Package Meta Information
Latest Version
15.0.0
Package Id
eslint-config-airbnb-base@15.0.0
Unpacked Size
91.82 kB
Size
23.61 kB
File Count
21
NPM Version
8.1.0
Node Version
17.0.1
Published on
Nov 09, 2021
Total Downloads
Cumulative downloads
Total Downloads
1,641,148,187
Last Day
-0.2%
349,891
Compared to previous day
Last Week
-10.1%
6,558,294
Compared to previous week
Last Month
0.5%
28,684,304
Compared to previous month
Last Year
3.1%
338,780,338
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
eslint-config-airbnb-base 
This package provides Airbnb's base JS .eslintrc (without React plugins) as an extensible shared config.
Usage
We export two ESLint configurations for your usage.
eslint-config-airbnb-base
Our default export contains all of our ESLint rules, including ECMAScript 6+. It requires eslint and eslint-plugin-import.
- Install the correct versions of each package, which are listed by the command:
1npm info "eslint-config-airbnb-base@latest" peerDependencies
If using npm 5+, use this shortcut
1npx install-peerdeps --dev eslint-config-airbnb-base
If using yarn, you can also use the shortcut described above if you have npm 5+ installed on your machine, as the command will detect that you are using yarn and will act accordingly.
Otherwise, run npm info "eslint-config-airbnb-base@latest" peerDependencies to list the peer dependencies and versions, then run yarn add --dev <dependency>@<version> for each listed peer dependency.
If using npm < 5, Linux/OSX users can run
1( 2 export PKG=eslint-config-airbnb-base; 3 npm info "$PKG@latest" peerDependencies --json | command sed 's/[\{\},]//g ; s/: /@/g' | xargs npm install --save-dev "$PKG@latest" 4)
Which produces and runs a command like:
1 npm install --save-dev eslint-config-airbnb-base eslint@^#.#.# eslint-plugin-import@^#.#.#
If using npm < 5, Windows users can either install all the peer dependencies manually, or use the install-peerdeps cli tool.
1npm install -g install-peerdeps 2install-peerdeps --dev eslint-config-airbnb-base
The cli will produce and run a command like:
1npm install --save-dev eslint-config-airbnb-base eslint@^#.#.# eslint-plugin-import@^#.#.#
- Add
"extends": "airbnb-base"to your .eslintrc.
eslint-config-airbnb-base/legacy
Lints ES5 and below. Requires eslint and eslint-plugin-import.
- Install the correct versions of each package, which are listed by the command:
1npm info "eslint-config-airbnb-base@latest" peerDependencies
Linux/OSX users can run
1( 2 export PKG=eslint-config-airbnb-base; 3 npm info "$PKG" peerDependencies --json | command sed 's/[\{\},]//g ; s/: /@/g' | xargs npm install --save-dev "$PKG" 4)
Which produces and runs a command like:
1npm install --save-dev eslint-config-airbnb-base eslint@^#.#.# eslint-plugin-import@^#.#.#
- Add
"extends": "airbnb-base/legacy"to your .eslintrc
See Airbnb's overarching ESLint config, Airbnb's JavaScript styleguide, and the ESlint config docs for more information.
eslint-config-airbnb-base/whitespace
This entry point only errors on whitespace rules and sets all other rules to warnings. View the list of whitespace rules here.
Improving this config
Consider adding test cases if you're making complicated rules changes, like anything involving regexes. Perhaps in a distant future, we could use literate programming to structure our README as test cases for our .eslintrc?
You can run tests with npm test.
You can make sure this module lints with itself using npm run lint.
No vulnerabilities found.
Reason
all changesets reviewed
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.md:0
Reason
0 existing vulnerabilities detected
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/airbnb/.github/SECURITY.md:1
- Info: Found linked content: github.com/airbnb/.github/SECURITY.md:1
- Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy
- Info: Found text in security policy: github.com/airbnb/.github/SECURITY.md:1
Reason
0 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 4
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/node-pretest.yml:1
- Warn: no topLevel permission defined: .github/workflows/node.yml:1
- Warn: no topLevel permission defined: .github/workflows/rebase.yml:1
- Warn: no topLevel permission defined: .github/workflows/require-allow-edits.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node-pretest.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node-pretest.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node-pretest.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node-pretest.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.yml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/node.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rebase.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/rebase.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/rebase.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/rebase.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/require-allow-edits.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/airbnb/javascript/require-allow-edits.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/node.yml:151
- Warn: npmCommand not pinned by hash: .github/workflows/node.yml:88
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 10 third-party GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Score
5.9
/10
Last Scanned on 2025-06-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More