Gathering detailed insights and metrics for eslint-mdx
Gathering detailed insights and metrics for eslint-mdx
Installations
npm install eslint-mdxReleases
129
eslint-mdx@2.3.4
eslint-mdx@2.3.4
Published on 14 Jan 2024
eslint-plugin-mdx@2.3.4
eslint-plugin-mdx@2.3.4
Published on 14 Jan 2024
v2.3.5
v2.3.5
Published on 14 Jan 2024
eslint-plugin-mdx@3.1.5
eslint-plugin-mdx@3.1.5
Published on 14 Jan 2024
eslint-mdx@3.1.5
eslint-mdx@3.1.5
Published on 14 Jan 2024
v3.1.5
v3.1.5
Published on 14 Jan 2024
Developer
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>=18.0.0
Typescript Support
Yes
Node Version
20.10.0
NPM Version
10.2.3
Statistics
267 Stars
406 Commits
32 Forks
8 Watching
13 Branches
26 Contributors
Updated on 21 Nov 2024
Bundle Size
70.10 kB
Minified
22.90 kB
Minified + Gzipped
Languages
TypeScript (98.61%)
JavaScript (1.39%)
Total Downloads
Cumulative downloads
Total Downloads
28,534,572
Last day
-4.9%
55,753
Compared to previous day
Last week
1.7%
302,138
Compared to previous week
Last month
5.9%
1,284,958
Compared to previous month
Last year
78.1%
13,097,938
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
ESLint Parser/Plugin for MDX, helps you lint all ES syntaxes. Linting
codeblocks can be enabled withmdx/code-blockssetting too! Work perfectly witheslint-plugin-import,eslint-plugin-prettieror any other eslint plugins. And also can be integrated with remark-lint plugins to lint markdown syntaxes.
TOC
- VSCode Extension
- Packages
- Install
- Notice
- Usage
- Parser Options
- Parser API
- Rules
- Prettier Integration
- Sponsors
- Backers
- Changelog
- License
VSCode Extension
VSCode MDX: Integrates with VSCode ESLint, syntaxes highlighting and error reporting.
Packages
This repository is a monorepo managed by changesets what means we actually publish several packages to npm from same codebase, including:
| Package | Description | Version |
|---|---|---|
eslint-mdx | ESLint Parser for MDX |  |
eslint-plugin-mdx | ESLint Plugin, Configuration and Rules for MDX |  |
Install
1# yarn 2yarn add -D eslint-plugin-mdx 3 4# npm 5npm i -D eslint-plugin-mdx
Notice
If you're using multi languages, js/jsx/ts/tsx/vue, etc for example, you'd better to always use overrides feature of ESLint, because configs may be overridden by following configs.
See #251 for more details.
Usage
Classic
.eslintrc file:
1{ 2 "extends": ["plugin:mdx/recommended"], 3 // optional, if you want to lint code blocks at the same time 4 "settings": { 5 "mdx/code-blocks": true, 6 // optional, if you want to disable language mapper, set it to `false` 7 // if you want to override the default language mapper inside, you can provide your own 8 "mdx/language-mapper": {} 9 } 10}
Flat Config
eslint.config.js file:
1import * as mdx from 'eslint-plugin-mdx' 2 3export default [ 4 { 5 ...mdx.flat, 6 // optional, if you want to lint code blocks at the same 7 processor: mdx.createRemarkProcessor({ 8 lintCodeBlocks: true, 9 // optional, if you want to disable language mapper, set it to `false` 10 // if you want to override the default language mapper inside, you can provide your own 11 languageMapper: {}, 12 }), 13 }, 14 { 15 ...mdx.flatCodeBlocks, 16 rules: { 17 ...mdx.flatCodeBlocks.rules, 18 // if you want to override some rules for code blocks 19 'no-var': 'error', 20 'prefer-const': 'error', 21 }, 22 }, 23]
Then, make sure ESLint knows to run on .md or .mdx files:
1eslint . --ext js,md,mdx
Parser Options
-
extensions(string | string[]):eslint-mdxwill only resolve.mdxfiles by default, if you want to resolve other extensions as like.mdx, you can use this option. -
markdownExtensions(string | string[]):eslint-mdxwill only treat.mdfiles as plain markdown by default, and will lint them via remark plugins. If you want to resolve other extensions as like.md, you can use this option. -
ignoreRemarkConfig(boolean): Ignore theremarkconfiguration defined in the project.
Parser API
MDXCode
A new MDXCode estree node type is exported from eslint-mdx which represents code blocks in mdx like the following:
1<div> 2 ```js 3 export function foo() { 4 return 'bar' 5 } 6 ``` 7</div>
See also https://github.com/syntax-tree/mdast#code
MDXHeading
A new MDXHeading estree node type is exported from eslint-mdx which represents markdown heading in mdx like the following:
1<div> 2# Here's a text gradient short code! 3</div>
See also https://github.com/syntax-tree/mdast#heading
Typings
1import type { BaseNode } from 'estree' 2import type { JSXElement } from 'estree-jsx' 3 4export interface MDXCode extends BaseNode { 5 type: 'MDXCode' 6 value: string 7 lang?: string | null 8 meta?: string | null 9} 10 11export type HeadingDepth = 1 | 2 | 3 | 4 | 5 | 6 12 13export interface MDXHeading extends BaseNode { 14 type: 'MDXHeading' 15 depth: HeadingDepth 16 children: JSXElement['children'] 17}
Rules
mdx/remark
possible fixable depends on your remark plugins:
Integration with remark-lint plugins, it will read remark's configuration automatically via unified-engine. But .remarkignore will not be respected, you should use .eslintignore instead.
If you want to disable or change severity of some related rules, it won't work by setting rules in eslint config like 'remark-lint-no-duplicate-headings': 0, you should change your remark config instead like following:
1{ 2 "plugins": [ 3 "@1stg/remark-config", 4 // change to error severity, notice `[]` is required 5 ["lint-no-duplicate-headings", [2]], 6 // disable following plugin 7 [ 8 "lint-no-multiple-toplevel-headings", 9 [0] // or false 10 ] 11 ] 12}
Prettier Integration
If you're using remark-lint feature with Prettier both together, you can try remark-preset-prettier which helps you to turn off all rules that are unnecessary or might conflict with Prettier.
1{ 2 "plugins": [ 3 "preset-lint-consistent", 4 "preset-lint-recommended", 5 "preset-lint-markdown-style-guide", 6 "preset-prettier" 7 ] 8}
Sponsors
| 1stG | RxTS | UnTS |
|---|---|---|
 |  |  |
Backers
| 1stG | RxTS | UnTS |
|---|---|---|
 |  |  |
Changelog
Detailed changes for each release are documented in CHANGELOG.md.
License
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/mdx-js/.github/security.md:1
- Info: Found linked content: github.com/mdx-js/.github/security.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/mdx-js/.github/security.md:1
- Info: Found text in security policy: github.com/mdx-js/.github/security.md:1
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 17 commits out of 24 are checked with a SAST tool
Reason
9 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-8266-84wp-wv5c
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Reason
0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 2/22 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:15
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:14
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Warn: no topLevel permission defined: .github/workflows/codeql.yml:1
- Warn: no topLevel permission defined: .github/workflows/pkg-size.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg-size.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/pkg-size.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg-size.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/pkg-size.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pkg-size.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/pkg-size.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/mdx-js/eslint-mdx/release.yml/master?enable=pin
- Info: 0 out of 10 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 third-party GitHubAction dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
- Warn: branch protection not enabled for branch 'release-v2'
Score
3.8
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More