Package Health Score

50 / 100

security
Security review needed
popularity
Popular
maintenance
Inactive
community
Sustainable

Explore Similar Packages

Security

Security review needed

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

Version				Vulnerabilities	License Risk
8.1.0	\|	08/2022	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
8.0.2	\|	05/2022		0 C 0 H 0 M 0 L	0 H 0 M 0 L
7.0.0	\|	06/2021		0 C 0 H 0 M 0 L	0 H 0 M 0 L
6.1.0	\|	12/2020		0 C 0 H 0 M 0 L	0 H 0 M 0 L
6.0.0	\|	08/2020		0 C 0 H 0 M 0 L	0 H 0 M 0 L

License

MIT

Security Policy

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Popular

Weekly Downloads (101,906)

GitHub Stars: 751
Forks: 32
Contributors: 20

Direct Usage Popularity

The npm package eslint-nibble receives a total of 101,906 downloads a week. As such, we scored eslint-nibble popularity level to be Popular.

Based on project statistics from the GitHub repository for the npm package eslint-nibble, we found that it has been starred 751 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Sustainable

Readme.md: Yes
Contributing.md: No
Code of Conduct: No
Contributors: 20
Funding: No

With more than 10 contributors for the eslint-nibble repository, this is possibly a sign for a growing and inviting community.

We found a way for you to contribute to the project! Looks like eslint-nibble is missing a Code of Conduct.

Embed Package Health Score Badge

Maintenance

Inactive

Commit Frequency

No Recent Commits

Open Issues: 11
Open PR: 4
Last Release: 2 years ago
Last Commit: 7 months ago

Further analysis of the maintenance status of eslint-nibble based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Inactive.

An important project maintenance signal to consider for eslint-nibble is that it hasn't seen any new versions released to npm in the past 12 months, and could be considered as a discontinued project, or that which receives low attention from its maintainers.

In the past month we didn't find any pull request activity or change in issues status has been detected for the GitHub repository.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: >=12.0.0

Age: 9 years
Dependencies: 7 Direct
Versions: 41
Install Size: 194 kB
Dist-tags: 3
# of Files: 16
Maintainers: 1
TS Typings: No

eslint-nibble has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Readme

eslint-nibble

Sometimes running ESLint against an existing project and fixing the hundreds or thousands of errors is biting off more than you can chew.
Instead, eslint-nibble will give a quick overview of your failing rules, and then show the detailed error reports for one rule at a time.

If a rule can be automatically fixed by ESLint, eslint-nibble will allow you to run autofix on individual rules, allowing you to make more focused commits.

Read this excellent blog post from Paul Hands for a clear explanation of what eslint-nibble can do for your project: Hiring a gardener to trim the weeds.

Installation

npm install --no-save eslint-nibble

You can also install eslint-nibble globally, but it is not recommended.

Instead, try installing eslint-nibble in your project with --no-save (as shown above), because this tool is intended only to get you up and running. Once you're happy with your rules and your code, you can remove eslint-nibble.

Note: as of version 5.0.0, eslint-nibble no longer comes with its own bundled version of eslint. Instead, you should install eslint into your project (see getting started), and eslint-nibble will use the version you install.

This module does not make any decisions about which ESLint rules to run. Make sure your project has an .eslintrc file if you want ESLint to do anything. No linting rules are enabled by default.

Usage

There are a few methods you can use to run eslint-nibble, depending on the package manager you are using.

npx

If you're using npm@5.2.0 or later, you can simply run:

npx eslint-nibble

yarn

Similarly, if you are using yarn, you can run:

yarn eslint-nibble

package.json script

Add something like the following to your package.json file:

"scripts": {
  "nibble": "eslint-nibble "
}

Then, to run eslint-nibble, you can use:

npm run nibble

Eslint-nibble will then display a rundown of the rules that are failing and a summary of the results, using eslint-stats and eslint-summary, and will ask you to pick a rule to work on:

eslint-stats-screenshot

Select one of the rules by arrowing up/down and pressing enter.
If the rule can be fixed automatically, ESLint will ask if you'd like it to attempt perform fixes for you. If there are lint warnings, you will also be asked whether you want those to be auto-fixed.

If you decide not to make autofixes, or the autofix completes but cannot fix all the errors, then a detailed list of the errors will be presented, using eslint-friendly-formatter.
If you are using iTerm2 or Guake, you can set them up so that your text editor opens to the correct line when you click on the filename.

eslint-friendly-formatter-screenshot

Options

`--config, -c`

ESLint will automatically detect config files with standard naming. Add the --config option to specify a different config file for ESLint to use.

`--cache`

Highly recommended. ESLint will cache the results of linting, causing subsequent runs to be much faster. See the ESLint docs for more details.

`--cache-location`

When used in conjunction with the --cache flag, controls where the ESLint cache is written. See the ESLint docs for more details.

`--ext`

If your Javascript files have an extension other than .js, you can use the --ext flag to specify which extensions to examine. For example, this will check all files ending in .jsx or .js:

eslint-nibble --ext .jsx,.js lib/

`--format, -f`

When used in conjunction with --no-interactive, controlls the output format from ESLint. Has no effect in interactive mode. The default ESLint formatter will be used if --format is not set.

`--fixable-only`

Only show rules that are autofixable.

`--multi`

Allows selection of more than one rule at a time in the interactive cli.

`--no-interactive`

Potentially useful in CI, or any other situation where you would like to run ESLint using your standard project config (.eslintrc), but only on a subset of rules (using the --rule flag). Using --no-interactive will prevent eslint-nibble from displaying a menu, but will instead print out any warnings/errors and return an exit code of 1 if there are errors, or 0 otherwise, just like ESLint itself does.

`--no-warnings`

Only show results for linting errors, not warnings.

`--resolve-plugins-relative-to`

Changes the folder where plugins are resolved from. See the ESLint docs for more details.

`--rule`

If you have so many failing rules that navigating the list is cumbersome, use this flag to filter down the rules that are displayed. Multiple rules can be included as comma-separated strings (e.g. --rule semi,quotes), or by using multiple --rule flags (e.g. --rule semi --rule quotes).

`--rulesdir`

This corresponds to the eslint --rulesdir option. Use it to specify a path to custom eslint rules.

globs

You are not limited to directory and file names as arguments, you can also specify a glob pattern. For example, to examine all *.jsx files in all test/ directories under lib/:

eslint-nibble lib/**/test/**/*.jsx

eslint-nibble dependencies

@ianvs/eslint-stats chalk eslint-filtered-fix eslint-formatter-friendly eslint-summary inquirer optionator

eslint-nibble development dependencies

eslint eslint-config-standard eslint-plugin-import eslint-plugin-node eslint-plugin-promise tap-difflet tape tape-catch

FAQs

What is eslint-nibble?

Ease into ESLint, by fixing one rule at a time. Visit Snyk Advisor to see a full health score report for eslint-nibble, including popularity, security, maintenance & community analysis.

Is eslint-nibble popular?

The npm package eslint-nibble receives a total of 101,906 weekly downloads. As such, eslint-nibble popularity was classified as a popular. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is eslint-nibble well maintained?

We found indications that eslint-nibble is an Inactive project. See the full package health analysis to learn more about the package maintenance status.

Is eslint-nibble safe to use?

While scanning the latest version of eslint-nibble, we found that a security review is needed. A total of 1 vulnerabilities or license issues were detected. See the full security scan results.

Last updated on 16 April-2024, at 05:35 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP