From 83e31fa052e4ba871c76626844b222de2ca7f2a9 Mon Sep 17 00:00:00 2001 From: Mike Nason Date: Mon, 24 Jul 2017 09:34:36 -0400 Subject: [PATCH] Enhance node esling config --- README.md | 10 +++++----- node-security.js | 14 -------------- node.js | 24 ++++++++++++++++++++++++ package.json | 2 ++ yarn.lock | 13 +++++++++++-- 5 files changed, 42 insertions(+), 21 deletions(-) delete mode 100644 node-security.js create mode 100644 node.js diff --git a/README.md b/README.md index f1c3c35..01650fb 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ eslint-config-wework # Introduction -ESLint config for WeWork projects. This is an extension of `eslint-config-airbnb` and also provides `react`, `imports`, `lodash`, `mocha`, and `node-security` presets. +ESLint config for WeWork projects. This is an extension of `eslint-config-airbnb` and also provides `react`, `imports`, `lodash`, `mocha`, and `node` presets. # Usage @@ -111,13 +111,13 @@ To enable linting of Mocha/Chai/Sinon tests add a eslintrc file to your test fol } ``` -### Node Security: -To enable identification of security hotspots add a eslintrc file to your node src folder: +### Node: +For Node specific config, including identification of security hotspots, add a eslintrc file to your node src folder: ``` { "extends": [ - "wework/node-security", + "wework/node", ], "rules": { # Override preset rules here @@ -125,7 +125,7 @@ To enable identification of security hotspots add a eslintrc file to your node s } ``` -Note: this plugin is slow, finds a lot of false positives which need triage by a human, and isn't geared towards client-side. Use sparingly! +Note: the security plugin is slow, finds a lot of false positives which need triage by a human, and isn't geared towards client-side. Use sparingly! See https://github.com/nodesecurity/eslint-plugin-security for more info. # Development diff --git a/node-security.js b/node-security.js deleted file mode 100644 index b12105e..0000000 --- a/node-security.js +++ /dev/null @@ -1,14 +0,0 @@ -// Config for identifying security hotspots -// Note: this plugin is slow, finds a lot of false positives which need triage by a human, -// and is more useful for node projects than client-side. Use sparingly! - -module.exports = { - plugins: [ - 'security', - ], - extends: [ - 'plugin:security/recommended', - ], -}; - - diff --git a/node.js b/node.js new file mode 100644 index 0000000..198bab9 --- /dev/null +++ b/node.js @@ -0,0 +1,24 @@ +// Config for Node projects +// +// Note this includes the `security` plugin to help identify security hotspots +// This plugin is slow, finds a lot of false positives which need triage by a human, +// and is not useful on the client-side! + +module.exports = { + plugins: [ + 'node', + 'security', + ], + extends: [ + 'plugin:node/recommended', + 'plugin:security/recommended', + ], + + rules: { + // Disable https://github.com/mysticatea/eslint-plugin-node/blob/master/docs/rules/no-unsupported-features.md + // since projects have vastly different setups. Reccomend re-configuring in individual projects. + 'node/no-unsupported-features': 0, + }, +}; + + diff --git a/package.json b/package.json index d0da545..b33fbdf 100644 --- a/package.json +++ b/package.json @@ -45,6 +45,7 @@ "eslint-plugin-jsx-a11y": "5.1.1", "eslint-plugin-lodash": "2.4.4", "eslint-plugin-mocha": "4.11.0", + "eslint-plugin-node": "5.1.1", "eslint-plugin-react": "7.1.0", "eslint-plugin-security": "1.4.0" }, @@ -54,6 +55,7 @@ "eslint-plugin-jsx-a11y": "5.1.1", "eslint-plugin-lodash": "2.4.4", "eslint-plugin-mocha": "4.11.0", + "eslint-plugin-node": "5.1.1", "eslint-plugin-react": "7.1.0", "eslint-plugin-security": "1.4.0" } diff --git a/yarn.lock b/yarn.lock index 77526f2..be760a8 100644 --- a/yarn.lock +++ b/yarn.lock @@ -567,6 +567,15 @@ eslint-plugin-mocha@4.11.0: dependencies: ramda "^0.24.1" +eslint-plugin-node@5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/eslint-plugin-node/-/eslint-plugin-node-5.1.1.tgz#a7ed956e780c22aef6afd1116005acd82f26eac6" + dependencies: + ignore "^3.3.3" + minimatch "^3.0.4" + resolve "^1.3.3" + semver "5.3.0" + eslint-plugin-react@7.1.0: version "7.1.0" resolved "https://registry.yarnpkg.com/eslint-plugin-react/-/eslint-plugin-react-7.1.0.tgz#27770acf39f5fd49cd0af4083ce58104eb390d4c" @@ -1675,7 +1684,7 @@ resolve-from@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" -resolve@^1.2.0: +resolve@^1.2.0, resolve@^1.3.3: version "1.3.3" resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.3.3.tgz#655907c3469a8680dc2de3a275a8fdd69691f0e5" dependencies: @@ -1743,7 +1752,7 @@ semver-diff@^2.0.0: dependencies: semver "^5.0.3" -"semver@2 || 3 || 4 || 5", semver@^5.0.3, semver@^5.1.0, semver@^5.2.0, semver@^5.3.0: +"semver@2 || 3 || 4 || 5", semver@5.3.0, semver@^5.0.3, semver@^5.1.0, semver@^5.2.0, semver@^5.3.0: version "5.3.0" resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f"