Gathering detailed insights and metrics for eslint-plugin-mocha
Gathering detailed insights and metrics for eslint-plugin-mocha
Installations
npm install eslint-plugin-mochaScore
86.6
Supply Chain
94.2
Quality
83.6
Maintenance
100
Vulnerability
95.1
License
Releases
62
Contributors
47
![greenkeeper[bot]](https://avatars.githubusercontent.com/in/505?v=4){kind=avatar}
Developer
lo1tuma
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>=14.0.0
Typescript Support
No
Node Version
21.7.3
NPM Version
10.5.0
Statistics
281 Stars
681 Commits
61 Forks
7 Watching
7 Branches
47 Contributors
Updated on 31 Oct 2024
Bundle Size
126.50 kB
Minified
29.31 kB
Minified + Gzipped
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
213,779,830
Last day
-6.8%
237,388
Compared to previous day
Last week
5.1%
1,416,198
Compared to previous week
Last month
25.2%
5,301,458
Compared to previous month
Last year
11.1%
52,908,530
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Peer Dependencies
1
Versions
eslint-plugin-mocha
ESLint rules for mocha.
Install and configure
This plugin requires ESLint 9.0.0 or later.
1npm install --save-dev eslint-plugin-mocha
Configuration via eslint.config.js
To use this plugin with the new eslint configuration format (flat config):
1import mochaPlugin from "eslint-plugin-mocha"; 2 3export default [ 4 mochaPlugin.configs.flat.recommended, // or `mochaPlugin.configs.flat.all` to enable all 5 // ... Your configurations here 6];
Plugin Settings
This plugin supports the following settings, which are used by multiple rules:
-
additionalCustomNames: This allows rules to check additional function names when looking for suites or test cases. This might be used with a custom Mocha extension, such asember-mochaormocha-each.Example:
1{ 2 "rules": { 3 "mocha/no-skipped-tests": "error", 4 "mocha/no-exclusive-tests": "error" 5 }, 6 "settings": { 7 "mocha/additionalCustomNames": [ 8 { 9 "name": "describeModule", 10 "type": "suite", 11 "interfaces": ["BDD"] 12 }, 13 { 14 "name": "testModule", 15 "type": "testCase", 16 "interfaces": ["TDD"] 17 } 18 ] 19 } 20}The
nameproperty can be in any of the following forms:-
A plain name e.g.
describeModule, which allows:1describeModule("example", function() { ... }); -
A dotted name, e.g.
describe.modifier, which allows:1describe.modifier("example", function() { ... }); -
A name with parentheses, e.g.
forEach().describe, which allows:1forEach([ 1, 2, 3 ]) 2 .describe("example", function(n) { ... }); -
Any combination of the above, e.g.
forEach().describeModule.modifier, which allows:1forEach([ 1, 2, 3 ]) 2 .describeModule.modifier("example", function(n) { ... });
-
Configs
recommended
This plugin exports a recommended config that enforces good practices.
Enable it with the extends option:
1{ 2 "extends": ["plugin:mocha/recommended"] 3}
all
There's also a configuration that enables all of our rules.
See Configuring Eslint on eslint.org for more info.
Rules
💼 Configurations enabled in.
⚠️ Configurations set to warn in.
🚫 Configurations disabled in.
✅ Set in the recommended configuration.
🔧 Automatically fixable by the --fix CLI option.
| Name | Description | 💼 | ⚠️ | 🚫 | 🔧 |
|---|---|---|---|---|---|
| consistent-spacing-between-blocks | Require consistent spacing between blocks | ✅ | 🔧 | ||
| handle-done-callback | Enforces handling of callbacks for async tests | ✅ | |||
| max-top-level-suites | Enforce the number of top-level suites in a single file | ✅ | |||
| no-async-describe | Disallow async functions passed to describe | ✅ | 🔧 | ||
| no-empty-description | Disallow empty test descriptions | ✅ | |||
| no-exclusive-tests | Disallow exclusive tests | ✅ | |||
| no-exports | Disallow exports from test files | ✅ | |||
| no-global-tests | Disallow global tests | ✅ | |||
| no-hooks | Disallow hooks | ✅ | |||
| no-hooks-for-single-case | Disallow hooks for a single test or test suite | ✅ | |||
| no-identical-title | Disallow identical titles | ✅ | |||
| no-mocha-arrows | Disallow arrow functions as arguments to mocha functions | ✅ | 🔧 | ||
| no-nested-tests | Disallow tests to be nested within other tests | ✅ | |||
| no-pending-tests | Disallow pending tests | ✅ | |||
| no-return-and-callback | Disallow returning in a test or hook function that uses a callback | ✅ | |||
| no-return-from-async | Disallow returning from an async test or hook | ✅ | |||
| no-setup-in-describe | Disallow setup in describe blocks | ✅ | |||
| no-sibling-hooks | Disallow duplicate uses of a hook at the same level inside a describe | ✅ | |||
| no-skipped-tests | Disallow skipped tests | ✅ | |||
| no-synchronous-tests | Disallow synchronous tests | ✅ | |||
| no-top-level-hooks | Disallow top-level hooks | ✅ | |||
| prefer-arrow-callback | Require using arrow functions for callbacks | ✅ | 🔧 | ||
| valid-suite-description | Require suite descriptions to match a pre-configured regular expression | ✅ | |||
| valid-test-description | Require test descriptions to match a pre-configured regular expression | ✅ |
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 10/11 approved changesets -- score normalized to 9
Reason
4 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/lo1tuma/eslint-plugin-mocha/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/lo1tuma/eslint-plugin-mocha/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/lo1tuma/eslint-plugin-mocha/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/lo1tuma/eslint-plugin-mocha/ci.yml/main?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
0 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 29 are checked with a SAST tool
Score
4.6
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More