Gathering detailed insights and metrics for eslint-plugin-mocha
Gathering detailed insights and metrics for eslint-plugin-mocha
Installations
npm install eslint-plugin-mochaDeveloper Guide
BETA
Typescript
Yes
Module System
ESM
Node Version
22.14.0
Releases
64
Languages
2
TypeScript
JavaScript
TypeScript (98.22%)
JavaScript (1.78%)
Developer
lo1tuma
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
286 Stars
717 Commits
66 Forks
6 Watchers
7 Branches
47 Contributors
Updated on May 30, 2025
Maintainers
4
Package Meta Information
Latest Version
11.1.0
Package Id
eslint-plugin-mocha@11.1.0
Unpacked Size
120.11 kB
Size
22.57 kB
File Count
46
Node Version
22.14.0
Published on
May 24, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Peer Dependencies
1
eslint-plugin-mocha
ESLint rules for mocha.
Install and configure
This plugin requires ESLint 9.0.0 or later.
1npm install --save-dev eslint-plugin-mocha
Configuration via eslint.config.js
To use this plugin with eslint flat configuration format:
1import mochaPlugin from "eslint-plugin-mocha"; 2 3export default [ 4 mochaPlugin.configs.recommended, // or `mochaPlugin.configs.all` to enable all 5 // ... Your configurations here 6];
Plugin Settings
This plugin supports the following settings, which are used by multiple rules:
-
additionalCustomNames: This allows rules to check additional function names when looking for suites or test cases. This might be used with a custom Mocha extension, such asember-mochaormocha-each.Example:
1{ 2 "rules": { 3 "mocha/no-pending-tests": "error", 4 "mocha/no-exclusive-tests": "error" 5 }, 6 "settings": { 7 "mocha/additionalCustomNames": [ 8 { 9 "name": "describeModule", 10 "type": "suite", 11 "interface": "BDD" 12 }, 13 { 14 "name": "testModule", 15 "type": "testCase", 16 "interface": "TDD" 17 } 18 ] 19 } 20}The
nameproperty can be in any of the following forms:-
A plain name e.g.
describeModule, which allows:1describeModule("example", function() { ... }); -
A dotted name, e.g.
describe.modifier, which allows:1describe.modifier("example", function() { ... }); -
A name with parentheses, e.g.
forEach().describe, which allows:1forEach([ 1, 2, 3 ]) 2 .describe("example", function(n) { ... }); -
Any combination of the above, e.g.
forEach().describeModule.modifier, which allows:1forEach([ 1, 2, 3 ]) 2 .describeModule.modifier("example", function(n) { ... });
-
-
interface: This allows to select eitherTDD,BDD(default) orexports. When usingexportsmocha variables are resolved from namedimportstatements instead of global variables.
Rules
💼 Configurations enabled in.
⚠️ Configurations set to warn in.
🚫 Configurations disabled in.
✅ Set in the recommended configuration.
🔧 Automatically fixable by the --fix CLI option.
| Name | Description | 💼 | ⚠️ | 🚫 | 🔧 |
|---|---|---|---|---|---|
| consistent-interface | Enforces consistent use of mocha interfaces | ||||
| consistent-spacing-between-blocks | Require consistent spacing between blocks | ✅ | 🔧 | ||
| handle-done-callback | Enforces handling of callbacks for async tests | ✅ | |||
| max-top-level-suites | Enforce the number of top-level suites in a single file | ✅ | |||
| no-async-suite | Disallow async functions passed to a suite | ✅ | 🔧 | ||
| no-empty-title | Disallow empty test descriptions | ✅ | |||
| no-exclusive-tests | Disallow exclusive tests | ✅ | |||
| no-exports | Disallow exports from test files | ✅ | |||
| no-global-tests | Disallow global tests | ✅ | |||
| no-hooks | Disallow hooks | ✅ | |||
| no-hooks-for-single-case | Disallow hooks for a single test or test suite | ✅ | |||
| no-identical-title | Disallow identical titles | ✅ | |||
| no-mocha-arrows | Disallow arrow functions as arguments to mocha functions | ✅ | 🔧 | ||
| no-nested-tests | Disallow tests to be nested within other tests | ✅ | |||
| no-pending-tests | Disallow pending tests | ✅ | |||
| no-return-and-callback | Disallow returning in a test or hook function that uses a callback | ✅ | |||
| no-return-from-async | Disallow returning from an async test or hook | ✅ | |||
| no-setup-in-describe | Disallow setup in describe blocks | ✅ | |||
| no-sibling-hooks | Disallow duplicate uses of a hook at the same level inside a suite | ✅ | |||
| no-synchronous-tests | Disallow synchronous tests | ✅ | |||
| no-top-level-hooks | Disallow top-level hooks | ✅ | |||
| prefer-arrow-callback | Require using arrow functions for callbacks | ✅ | 🔧 | ||
| valid-suite-title | Require suite descriptions to match a pre-configured regular expression | ✅ | |||
| valid-test-title | Require test descriptions to match a pre-configured regular expression | ✅ |
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
24 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 11/16 approved changesets -- score normalized to 6
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/lo1tuma/eslint-plugin-mocha/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/lo1tuma/eslint-plugin-mocha/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/lo1tuma/eslint-plugin-mocha/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/lo1tuma/eslint-plugin-mocha/ci.yml/main?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
8 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-x4c5-c7rf-jjgv
- Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 28 are checked with a SAST tool
Score
4.8
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More