Gathering detailed insights and metrics for eslint-config-futagozaryuu
Installations
npm install eslint-config-futagozaryuuDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>= 8
Node Version
12.5.0
NPM Version
6.9.0
Score
61.4
Supply Chain
89.8
Quality
71.3
Maintenance
50
Vulnerability
96.1
License
Releases
Unable to fetch releases
Contributors
1
Unable to fetch Contributors
Languages
1
JavaScript
JavaScript (100%)
Love this project? Help keep it running — sponsor us today! 🚀
Developer
futagoza
Download Statistics
Total Downloads
19,011
Last Day
5
Last Week
117
Last Month
297
Last Year
1,469
GitHub Statistics
NOASSERTION License
2 Stars
635 Commits
2 Forks
2 Watchers
2 Branches
1 Contributors
Updated on Sep 01, 2021
Bundle Size
264.00 B
Minified
200.00 B
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
7.0.4
Package Id
eslint-config-futagozaryuu@7.0.4
Unpacked Size
97.62 kB
Size
18.34 kB
File Count
31
NPM Version
6.9.0
Node Version
12.5.0
Total Downloads
Cumulative downloads
Total Downloads
19,011
Last Day
-86.8%
5
Compared to previous day
Last Week
129.4%
117
Compared to previous week
Last Month
336.8%
297
Compared to previous month
Last Year
-35.2%
1,469
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
5
Dev Dependencies
2
This package contains configuration files for ESLint v6+
TypeScript configurations require TypeScript v3+
These are configurations for ESLint that I use in my JavaScript and TypeScript projects. Most of the configurations assume development in ES2015+ compatible environments, but the default configuration does not do this.
installation
1$ npm install --save-dev eslint-config-futagozaryuu
usage
Put the following into your configuration (.eslintrc.json file or the "eslintConfig" field in package.json):
1{ 2 "extends": "futagozaryuu" 3}
configurations
A list of usable configurations as well the configurations they use:
futagozaryuu(default, includes: possible-errors, best-practices, stylistic-issues and variables)futagozaryuu/possible-errorsfutagozaryuu/best-practicesfutagozaryuu/stylistic-issuesfutagozaryuu/variablesfutagozaryuu/es5(includes: default)futagozaryuu/es2015(includes: es5)futagozaryuu/es2016(includes: es2015)futagozaryuu/es2017(includes: es2016)futagozaryuu/es2018(includes: es2017)futagozaryuu/es2019(includes: es2018)futagozaryuu/nodefutagozaryuu/node-v4(includes: es2015 and node)futagozaryuu/node-v6(includes: es2015 and node)futagozaryuu/node-v8(includes: es2017 and node)futagozaryuu/node-v10(includes: es2018 and node)futagozaryuu/node-v12(includes: es2019 and node)futagozaryuu/typescript(includes: es2019)futagozaryuu/typescript/node(includes: node, test and typescript)futagozaryuu/typescript/node-v4(includes: node-v4, test and typescript)futagozaryuu/typescript/node-v6(includes: node-v6, test and typescript)futagozaryuu/typescript/node-v8(includes: node-v8, test and typescript)futagozaryuu/typescript/node-v10(includes: node-v10, test and typescript)futagozaryuu/typescript/node-v12(includes: node-v12, test and typescript)futagozaryuu/deprecatedfutagozaryuu/testfutagozaryuu/dev(includes: es2019, node and test)
If you open the source files for these configurations, you will find each rule has a JSDoc description. Some of these descriptions have icons:
- ⚠️ means a feature that has not been widely implemented
- 📝 means a rule that can be fixed using the
--fixflag
versioning
Since v7 of this package I will try to follow a semver based versioning:
4.17.0 = RELEASE.REVISION.PATCH
RELEASE- a new configuration has been added
- a new dependency is required
REVISION- confirmed compatibility with ESLint release's
- changes to existing configurations
PATCH- a bug is fixed
- docs are updated
- dependency upgrades (without configuration updates)
- is reset when
REVISIONincrements
Also to note on dependencies; before 4.17 my dependencies were always fixed (on any package), but since I've started to embrace tools like Yarn, I thought why not also use practices like tildes (e.g. ~) and carets (e.g. ^). See this answer on StackOverflow for a clear explanation about the two.
license
Copyright (c) 2017+ Futago-za Ryuu
Released under the MIT License, http://opensource.org/licenses/MIT
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/main.yml:1
- Info: no jobLevel write permissions found
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/futagoza/eslint-config-futagozaryuu/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/futagoza/eslint-config-futagozaryuu/main.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/main.yml:29
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
13 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-wv8q-r932-8hc7
- Warn: Project is vulnerable to: GHSA-8266-84wp-wv5c
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Score
2.5
/10
Last Scanned on 2025-02-10
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More