🚒 The guts of `standard` modularized for reuse
Installations
npm install standard-engine
Developer
standard
Developer Guide
Module System
Unable to determine the module system for this package.
Min. Node Version
^12.22.0 || ^14.17.0 || >=16.0.0
Typescript Support
Yes
Node Version
18.16.0
NPM Version
9.5.1
Statistics
145 Stars
1,009 Commits
40 Forks
12 Watching
7 Branches
60 Contributors
Updated on 07 Nov 2024
Bundle Size
27.47 kB
Minified
9.30 kB
Minified + Gzipped
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
120,281,629
Last day
0.2%
124,925
Compared to previous day
Last week
-0.5%
756,732
Compared to previous week
Last month
43.6%
2,830,803
Compared to previous month
Last year
3.9%
24,810,615
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
4
Dev Dependencies
22
standard-engine
Overview
Wrap your own eslint rules in a easy-to-use command line tool and/or a JS module.
Install
1npm install standard-engine
Who is using standard-engine
?
Here is a list of packages using standard-engine
. Dive into them for ideas!
- standard - JavaScript Standard Style.
- semistandard - It's
standard
with semicolons sprinkled on top. - standardx - JavaScript Standard Style with custom tweaks
- happiness - JavaScript Happiness Style (semicolons and tabs)
- doublestandard - Require TWO semicolons at the end of every line!
- strict-standard - Standard Style with strict error checking.
- standard-own - Standard configurable.
- ts-standard - TypeScript Standard Style.
Did you make your own? Create a pull request and we will add it to the README!
Usage
Create the files below and fill in your own values for options.js
.
index.js
1// programmatic usage 2const { StandardEngine } = require('standard-engine') 3const opts = require('./options.js') 4module.exports = new StandardEngine(opts)
cli.js
1#!/usr/bin/env node 2 3const opts = require('./options.js') 4 5require('standard-engine').cli(opts)
options.js
1const eslint = require('eslint') 2const path = require('path') 3const pkg = require('./package.json') 4 5/** @type {import('standard-engine').StandardEngineOptions} **/ 6module.exports = { 7 // homepage, version and bugs pulled from package.json 8 version: pkg.version, 9 homepage: pkg.homepage, 10 bugs: pkg.bugs.url, 11 eslint, // pass any version of eslint >= 7.0.0 12 cmd: 'pocketlint', // should match the "bin" key in your package.json 13 tagline: 'Live by your own standards!', // displayed in output --help 14 eslintConfig: { 15 overrideConfigFile: path.join(__dirname, 'eslintrc.json') 16 } 17}
Additionally an optional resolveEslintConfig()
function can be provided. See below for details.
eslintrc.json
Put all your .eslintrc rules in this file. A good practice is to create an ESLint Shareable Config and extend it, but its not required:
1{ 2 // pretend that the package eslint-config-pocketlint exists! 3 "extends": ["pocketlint"] 4}
Take a look at eslint-config-standard as an example, or if you want to extend/mutate standard
, see eslint-config-semistandard.
Editor Integrations
Integrations and plugins should recognize the standard-engine
tag in a
package.json
file. This allows end users to specify an arbitrary standard-engine
compatible linter that the plugin should use. The standard-engine
tag can be a
string of the package:
1{ 2 "standard-engine": "pocketlint" 3}
or an object with a name
value of the package:
1{ 2 "standard-engine": { 3 "name": "pocketlint" 4 } 5}
Atom
linter-js-standard-engine is an Atom plugin that supports some of
the more popular standard-engine implementations out of the box. It detects them
by scanning through the dependencies of the project that you are editing.
You can use it with any other implementation through configuration in the
projects package.json
file.
Engine Features
Extensions
The extensions .js
, .jsx
, .mjs
, and .cjs
are linted by default. If you
pass directory paths to the standardEngine.lintFiles()
method,
standard-engine
checks the files in those directories that have the given
extensions.
For example, when passing the src/
directory and the extensions
option is
['.js', '.jsx']
, standard-engine
will lint *.js
and *.jsx
files in
src/
.
You can disable these default ignores by setting the noDefaultExensions
option to true
.
Ignoring Files
The paths node_modules/**
, *.min.js
, coverage/**
, hidden files/folders
(beginning with .
), and all patterns in a project's root .gitignore
file are
automatically ignored.
Sometimes you need to ignore additional folders or specific minfied files. To do that, add
a ignore
property to package.json
:
1"pocketlint": { // this key should equal the value of cmd in options.js 2 "ignore": [ 3 "**/out/", 4 "/lib/select2/", 5 "/lib/ckeditor/", 6 "tmp.js" 7 ] 8}
Some files are ignored by default:
1const DEFAULT_IGNORE = [ 2 '*.min.js', 3 'coverage/', 4 'node_modules/', 5 'vendor/' 6]
You can disable these default ignores by setting the noDefaultIgnore
option to true
.
Hiding Warnings
Since standard-engine
uses eslint
under-the-hood, you can hide warnings as you normally would if you used eslint
directly.
Disable all rules on a specific line:
1file = 'I know what I am doing' // eslint-disable-line
Or, disable only the "no-use-before-define"
rule:
1file = 'I know what I am doing' // eslint-disable-line no-use-before-define
Or, disable the "no-use-before-define"
rule for multiple lines:
1/*eslint-disable no-use-before-define */ 2// offending code here... 3// offending code here... 4// offending code here... 5/*eslint-enable no-use-before-define */
Defining Globals in a project's package.json
standard-engine
will also look in a project's package.json
and respect any global variables defined like so:
1{ 2 "pocketlint": { // this key should equal the value of cmd in options.js 3 "globals": [ // can be a string or an array of strings 4 "myVar1", 5 "myVar2" 6 ] 7 } 8}
You may use global
as an alias for globals
(just don't specify both).
Loading ESLint plugins in a project's package.json
Additional ESLint plugins can be specified like so:
1{ 2 "pocketlint": { // this key should equal the value of cmd in options.js 3 "plugins": [ // can be a string or an array of strings 4 "flowtype" 5 ] 6 } 7}
You may use plugin
as an alias for plugins
(just don't specify both). Plugins must be installed (example: npm install eslint-plugin-flowtype
or globally: npm install eslint-plugin-flowtype -g
).
Loading additional environments in a project's package.json
Additional environments can be specified like so:
1{ 2 "pocketlint": { // this key should equal the value of cmd in options.js 3 "envs": [ "browser", "mocha" ] 4 } 5}
envs
can be a string, an array of strings, or an object. In the latter case the keys are used as the environment name, but falsy values mean the environment is not actually loaded. You cannot unload environments by setting a falsy value.
You may use env
as an alias for envs
(just don't specify both).
Custom JS parsers for bleeding-edge ES6 or ES7 support?
standard-engine
supports custom JS parsers. To use a custom parser, install it from npm
(example: npm install babel-eslint
) and add this to your package.json
:
1{ 2 "pocketlint": { // this key should equal the value of cmd in your options.js 3 "parser": "babel-eslint" 4 } 5}
If you're using your custom linter globally (you installed it with -g
), then you also need to
install babel-eslint
globally with npm install babel-eslint -g
.
Custom options
You can provide a resolveEslintConfig()
function in the options.js
exports:
1const eslint = require('eslint') 2const path = require('path') 3const pkg = require('./package.json') 4 5module.exports = { 6 // homepage, version and bugs pulled from package.json 7 version: pkg.version, 8 homepage: pkg.homepage, 9 bugs: pkg.bugs.url, 10 eslint, // pass any version of eslint >= 7.0.0 11 cmd: 'pocketlint', // should match the "bin" key in your package.json 12 tagline: 'Live by your own standards!', // displayed in output --help 13 eslintConfig: { 14 overrideConfigFile: path.join(__dirname, 'eslintrc.json') 15 }, 16 resolveEslintConfig: function (eslintConfig, opts, packageOpts, rootDir) { 17 // provide implementation here, then return the eslintConfig object (or a new one) 18 return eslintConfig 19 } 20}
This function is called with the current ESLint config (the options passed to the ESLint
constructor), the options object (opts
), any options extracted from the project's package.json
(packageOpts
), and the directory that contained that package.json
file (rootDir
, equivalent to opts.cwd
if no file was found).
Modify and return eslintConfig
, or return a new object with the eslint config to be used.
API Usage
async engine.lintText(text, [opts])
Lint the provided source text
to enforce your defined style. An opts
object may
be provided:
1{ 2 // unique to lintText 3 filename: '', // path of file containing the text being linted 4 5 // common to lintText and lintFiles 6 cwd: '', // current working directory (default: process.cwd()) 7 fix: false, // automatically fix problems 8 extensions: [], // file extensions to lint (has sane defaults) 9 globals: [], // custom global variables to declare 10 plugins: [], // custom eslint plugins 11 envs: [], // custom eslint environment 12 parser: '', // custom js parser (e.g. babel-eslint) 13 usePackageJson: true, // use options from nearest package.json? 14 useGitIgnore: true // use file ignore patterns from .gitignore? 15}
All options are optional, though some ESLint plugins require the filename
option.
Additional options may be loaded from a package.json
if it's found for the current working directory. See below for further details.
Returns a Promise
resolving to the results
or rejected with an Error
.
The results
object will contain the following properties:
1const results = { 2 results: [ 3 { 4 filePath: '', 5 messages: [ 6 { ruleId: '', message: '', line: 0, column: 0 } 7 ], 8 errorCount: 0, 9 warningCount: 0, 10 output: '' // fixed source code (only present with {fix: true} option) 11 } 12 ], 13 errorCount: 0, 14 warningCount: 0 15}
async engine.lintFiles(files, [opts])
Lint the provided files
globs. An opts
object may be provided:
1{ 2 // unique to lintFiles 3 ignore: [], // file globs to ignore (has sane defaults) 4 5 // common to lintText and lintFiles 6 cwd: '', // current working directory (default: process.cwd()) 7 fix: false, // automatically fix problems 8 extensions: [], // file extensions to lint (has sane defaults) 9 globals: [], // custom global variables to declare 10 plugins: [], // custom eslint plugins 11 envs: [], // custom eslint environment 12 parser: '', // custom js parser (e.g. babel-eslint) 13 usePackageJson: true, // use options from nearest package.json? 14 useGitIgnore: true // use file ignore patterns from .gitignore? 15}
Additional options may be loaded from a package.json
if it's found for the current working directory. See below for further details.
Both ignore
and files
patterns are resolved relative to the current working directory.
Returns a Promise
resolving to the results
or rejected with an Error
(same as above).
NOTE: There is no synchronous version of engine.lintFiles()
.
Full set of opts
This is the full set of options accepted by the above APIs. Not all options make sense for each API, for example ignore
is not used with lintText()
, and filename
is not used with lintFiles()
.
1{ 2 ignore: [], // file patterns to ignore (has sane defaults) 3 cwd: '', // current working directory (default: process.cwd()) 4 filename: '', // path of the file containing the text being linted (optional) 5 fix: false, // automatically fix problems 6 globals: [], // custom global variables to declare 7 plugins: [], // custom eslint plugins 8 envs: [], // custom eslint environment 9 parser: '' // custom js parser (e.g. babel-eslint) 10}
The following aliases are available:
1{ 2 global: [], // custom global variables to declare 3 plugin: [], // custom eslint plugins 4 env: [], // custom eslint environment 5}
Note that globals
, plugins
and envs
take preference.
The parser
option takes preference over any parser
setting in the project's package.json
.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/standard/.github/SECURITY.md:1
- Info: Found linked content: github.com/standard/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/standard/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/standard/.github/SECURITY.md:1
Reason
Found 8/11 approved changesets -- score normalized to 7
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/standard/standard-engine/lint.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/standard/standard-engine/lint.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/standard/standard-engine/lint.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/standard/standard-engine/nodejs.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/standard/standard-engine/nodejs.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/standard/standard-engine/nodejs.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/lint.yml:39
- Warn: npmCommand not pinned by hash: .github/workflows/nodejs.yml:39
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/add-to-project.yaml:1
- Warn: no topLevel permission defined: .github/workflows/lint.yml:1
- Warn: no topLevel permission defined: .github/workflows/nodejs.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 27 are checked with a SAST tool
Score
5.2
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More