Installations
npm install eslint-plugin-react-reduxDeveloper
Developer Guide
Module System
CommonJS
Min. Node Version
>=18.0.0
Typescript Support
No
Node Version
20.17.0
NPM Version
10.8.2
Statistics
82 Stars
72 Commits
17 Forks
4 Watching
23 Branches
15 Contributors
Updated on 10 Oct 2024
Bundle Size
15.57 kB
Minified
3.66 kB
Minified + Gzipped
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
9,013,180
Last day
-4.2%
7,482
Compared to previous day
Last week
-2.1%
40,413
Compared to previous week
Last month
5.7%
173,240
Compared to previous month
Last year
-1.6%
2,252,484
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Peer Dependencies
2
eslint-plugin-react-redux
Enforcing best practices for react-redux
Installation
You'll first need to install ESLint:
$ npm i eslint --save-dev
Next, install eslint-plugin-react-redux:
$ npm install eslint-plugin-react-redux --save-dev
Note: If you installed ESLint globally (using the -g flag) then you must also install eslint-plugin-react-redux globally.
Usage
Add react-redux to the plugins section of your .eslintrc configuration file. You can omit the eslint-plugin- prefix:
1{ 2 "plugins": [ 3 "react-redux" 4 ], 5 "extends": [ 6 "plugin:react-redux/recommended" 7 ] 8}
To configure individual rules:
1{ 2 "rules": { 3 "react-redux/connect-prefer-named-arguments": 2 4 } 5}
Supported Rules
- react-redux/connect-prefer-minimum-two-arguments Enforces that connect function has at least 2 arguments.
- react-redux/connect-prefer-named-arguments Enforces that all connect arguments have recommended names.
- react-redux/mapDispatchToProps-returns-object Enforces that mapDispatchToProps returns an object.
- react-redux/mapDispatchToProps-prefer-shorthand Enforces that all mapDispatchToProps use a shorthand method to wrap actions in dispatch calls whenever possible.
- react-redux/mapDispatchToProps-prefer-parameters-names Enforces that all mapDispatchToProps parameters have specific names.
- react-redux/mapStateToProps-no-store Prohibits binding a whole store object to a component.
- react-redux/mapStateToProps-prefer-hoisted Flags generation of copies of same-by-value but different-by-reference props.
- react-redux/mapStateToProps-prefer-parameters-names Enforces that all mapStateToProps parameters have specific names.
- react-redux/mapStateToProps-prefer-selectors Enforces that all mapStateToProps properties use selector functions.
- react-redux/useSelector-prefer-selectors Enforces that all useSelector properties use selector functions.
- react-redux/no-unused-prop-types Extension of a react's no-unused-prop-types rule filtering out false positive used in redux context.
- react-redux/prefer-separate-component-file Enforces that all connected components are defined in a separate file.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:7
Reason
Found 16/26 approved changesets -- score normalized to 6
Reason
2 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 2
Reason
dependency not pinned by hash detected -- score normalized to 1
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/DianaSuvorova/eslint-plugin-react-redux/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/DianaSuvorova/eslint-plugin-react-redux/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/DianaSuvorova/eslint-plugin-react-redux/tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/DianaSuvorova/eslint-plugin-react-redux/tests.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/tests.yml:27
- Warn: npmCommand not pinned by hash: .github/workflows/tests.yml:28
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 3 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/tests.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 28 are checked with a SAST tool
Reason
25 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-h726-x36v-rx45
- Warn: Project is vulnerable to: GHSA-779f-wgxg-qr8f
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-hj9c-8jmm-8c52
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-x2pg-mjhr-2m5x
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Score
3.4
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More