{"id":20840064,"url":"https://github.com/ackama/eslint-config-ackama","last_synced_at":"2026-02-26T06:11:21.536Z","repository":{"id":37025979,"uuid":"231825027","full_name":"ackama/eslint-config-ackama","owner":"ackama","description":"Standard ESLint configurations for Ackama projects.","archived":false,"fork":false,"pushed_at":"2026-02-12T16:52:14.000Z","size":3748,"stargazers_count":4,"open_issues_count":7,"forks_count":2,"subscribers_count":14,"default_branch":"main","last_synced_at":"2026-02-13T00:42:01.120Z","etag":null,"topics":["ackama","config","eslint","javascript","jest","lint","linting","react","typescript"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ackama.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-01-04T20:37:45.000Z","updated_at":"2026-02-02T05:12:29.000Z","dependencies_parsed_at":"2023-10-16T16:37:25.674Z","dependency_job_id":"e697e992-ffc9-4886-b1d2-7fcd950cae44","html_url":"https://github.com/ackama/eslint-config-ackama","commit_stats":{"total_commits":369,"total_committers":8,"mean_commits":46.125,"dds":0.6991869918699187,"last_synced_commit":"0e97ab0b518e6b6bdef061d4cca896759ef6a94f"},"previous_names":[],"tags_count":39,"template":false,"template_full_name":null,"purl":"pkg:github/ackama/eslint-config-ackama","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ackama%2Feslint-config-ackama","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ackama%2Feslint-config-ackama/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ackama%2Feslint-config-ackama/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ackama%2Feslint-config-ackama/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ackama","download_url":"https://codeload.github.com/ackama/eslint-config-ackama/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ackama%2Feslint-config-ackama/sbom","scorecard":{"id":162997,"data":{"date":"2025-08-11","repo":{"name":"github.com/ackama/eslint-config-ackama","commit":"bd015fa2f99a055fdb18614f64864bcf9e82084e"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.6,"checks":[{"name":"Code-Review","score":1,"reason":"Found 3/21 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Maintained","score":7,"reason":"9 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 7","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:115","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/ci.yml:144","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:27","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:39","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:60","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:88","Info: found token with 'none' permissions: .github/workflows/ci.yml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":5,"reason":"dependency not pinned by hash detected -- score normalized to 5","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/ackama/eslint-config-ackama/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/ackama/eslint-config-ackama/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/ackama/eslint-config-ackama/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/ackama/eslint-config-ackama/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/ackama/eslint-config-ackama/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/ackama/eslint-config-ackama/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/ackama/eslint-config-ackama/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/ackama/eslint-config-ackama/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/ackama/eslint-config-ackama/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/ackama/eslint-config-ackama/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/ackama/eslint-config-ackama/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/ackama/eslint-config-ackama/ci.yml/main?enable=pin","Warn: npmCommand not pinned by hash: tools/install-eslint-dependencies.sh:8","Warn: npmCommand not pinned by hash: tools/install-eslint-dependencies.sh:17","Info:   0 out of  11 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   5 out of   7 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":3,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Warn: 'branch protection settings apply to administrators' is disabled on branch 'main'","Warn: branch 'main' does not require approvers","Warn: codeowners review is not required on branch 'main'","Warn: no status checks found to merge onto branch 'main'","Warn: PRs are not required to make changes on branch 'main'; or we don't have data to detect it.If you think it might be the latter, make sure to run Scorecard with a PAT or use Repo Rules (that are always public) instead of Branch Protection settings"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":3,"reason":"SAST tool is not run on all commits -- score normalized to 3","details":["Warn: 9 commits out of 27 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T14:04:02.329Z","repository_id":37025979,"created_at":"2025-08-16T14:04:02.330Z","updated_at":"2025-08-16T14:04:02.330Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29849836,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-25T22:37:40.667Z","status":"online","status_checked_at":"2026-02-26T02:00:06.774Z","response_time":89,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ackama","config","eslint","javascript","jest","lint","linting","react","typescript"],"created_at":"2024-11-18T01:15:09.341Z","updated_at":"2026-02-26T06:11:21.520Z","avatar_url":"https://github.com/ackama.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Ackama ESLint Configuration\n\nStandard ESLint configurations for Ackama projects.\n\n#### Basic Setup\n\nInstall this package \u0026 the required plugins:\n\n    npm install --save-dev eslint-config-ackama @types/eslint @eslint-community/eslint-plugin-eslint-comments @eslint/js @stylistic/eslint-plugin-js eslint eslint-plugin-import eslint-plugin-n eslint-plugin-prettier prettier\n\nAdd an `eslint.config.js` to your repo that imports this config:\n\n```js\nconst configAckamaBase = require('eslint-config-ackama');\n\n/** @type {import('eslint').Linter.FlatConfig[]} */\nconst config = [\n  { files: ['**/*.{js,jsx,cjs,mjs,ts,tsx,cts,mts}'] },\n  ...configAckamaBase\n];\n\nmodule.exports = config;\n```\n\nTo reduce potential errors, the configurations provided by this package\ndeliberately avoid making assumptions about the environment you're working in,\nmeaning you will need to configure what globals are available using the\n`globals` package:\n\n```js\nconst configAckamaBase = require('eslint-config-ackama');\nconst globals = require('globals');\n\n/** @type {import('eslint').Linter.FlatConfig[]} */\nconst config = [\n  { files: ['**/*.{js,jsx,cjs,mjs,ts,tsx,cts,mts}'] },\n  ...configAckamaBase,\n  {\n    languageOptions: {\n      globals: {\n        ...globals.node, // for NodeJS apps\n        ...globals.browser, // for browser apps\n        ...globals.commonjs // for browser apps that are bundled using a bundler such as webpack\n      }\n    }\n  }\n];\n\nmodule.exports = config;\n```\n\n\u003e [!NOTE]\n\u003e\n\u003e The legacy configuration set the `es2017` env by default, since the majority\n\u003e of projects should be using ES2017 or higher.\n\u003e\n\u003e The equivalent to this in the flat configuration format is the\n\u003e `languageOptions.ecmaVersion` property, which defaults to `latest` meaning you\n\u003e don't need to set it unless you're using a different version of ECMAScript.\n\nYou can also add a `lint` script to the `scripts` property in your apps\n`package.json` to make it easier for developers to run eslint against the app:\n\n```json\n{\n  \"scripts\": {\n    \"lint\": \"eslint\"\n  }\n}\n```\n\nThis can be called via `npm run lint` or `yarn run lint`, depending on the\npackage manager you're using.\n\n#### Additional Configs\n\nIn addition to the `ackama` config (which pulls in `index.js`) for vanilla\nJavascript, this config package ships with a number of other configs for linting\nspecific packages and frameworks.\n\nYou can use these by extending them by their names in the same way as the base\nconfig, except you must prefix them with `ackama/`. You will also be required to\ninstall any extra plugins and dependencies these configs require that are not\nrequired for the base config.\n\nBelow is a complete list of the configs provided, and their dependencies:\n\n\u003c!-- begin configs list --\u003e\n\n- `ackama`\n  - `@eslint-community/eslint-plugin-eslint-comments`\n  - `@stylistic/eslint-plugin-js`\n  - `eslint-plugin-prettier`\n  - `eslint-plugin-import`\n  - `eslint-plugin-n`\n- `ackama/jest`\n  - `eslint-plugin-jest`\n- `ackama/react`\n  - `eslint-plugin-prettier`\n  - `eslint-plugin-react`\n  - `eslint-plugin-react-hooks`\n  - `eslint-plugin-jsx-a11y`\n- `ackama/typescript`\n  - `@typescript-eslint/parser`\n  - `@typescript-eslint/eslint-plugin`\n  - `@stylistic/eslint-plugin-ts`\n  - `eslint-plugin-prettier`\n\n\u003c!-- end configs list --\u003e\n\n### Ignoring files\n\nOften there are files and folders that you don't want ESLint to check. While the\nbase config already setups ignores for common folders, including `node_modules`,\n`vendor`, `coverage`, `lib`, `out`, and a few more, unique projects might need\nto ignore additional folders, or inversely might want to un-ignore a preset\nignore.\n\nThis can be done by\n[including a configuration object with just an `ignores` key](https://eslint.org/docs/latest/use/configure/ignore),\nmaking it act as a global ignore:\n\n```js\nconst configAckamaBase = require('eslint-config-ackama');\n\n/** @type {import('eslint').Linter.FlatConfig[]} */\nconst config = [\n  { files: ['**/*.{js,jsx,cjs,mjs,ts,tsx,cts,mts}'] },\n  { ignores: ['infra'] },\n  ...configAckamaBase\n];\n\nmodule.exports = config;\n```\n\n### Typical complete example\n\nHere's what a typical `eslint.config.js` would look like for a TypeScript\nproject that uses `jest` \u0026 `react`:\n\n```js\nconst configAckamaBase = require('eslint-config-ackama');\nconst configAckamaJest = require('eslint-config-ackama/jest');\nconst configAckamaReact = require('eslint-config-ackama/react');\nconst configAckamaTypeScript = require('eslint-config-ackama/typescript');\nconst globals = require('globals');\n\n/** @type {import('eslint').Linter.FlatConfig[]} */\nconst config = [\n  { files: ['**/*.{js,jsx,cjs,mjs,ts,tsx,cts,mts}'] },\n  { ignores: ['infra'] },\n  ...configAckamaBase,\n  ...configAckamaTypeScript,\n  {\n    languageOptions: {\n      parserOptions: { projectService: true },\n      globals: globals.commonjs\n    }\n  },\n  ...configAckamaReact,\n  ...[\n    ...configAckamaJest,\n    /** @type {import('eslint').Linter.FlatConfig} */ ({\n      rules: { 'jest/prefer-expect-assertions': 'off' }\n    })\n  ].map(c =\u003e ({ ...c, files: ['test/**'] })),\n  {\n    files: ['**/*.js'],\n    languageOptions: { sourceType: 'script' },\n    rules: {\n      '@typescript-eslint/no-require-imports': 'off',\n      '@typescript-eslint/no-var-requires': 'off'\n    }\n  }\n];\n\nmodule.exports = config;\n```\n\n### Notes \u0026 Considerations\n\nWhile the majority of rules enabled by these configurations are sound, a few\nhave edge cases or are potentially not as suitable as initially hoped.\n\nSome of these edge cases are already well-known, and may have possible fixes in\nthe future; the details of these rules are documented below.\n\nIn general, we are more acceptance of rules that don't catch everything than\nrules that report too many false positives.\n\n#### Usage with legacy ESLint configurations\n\nOfficially configurations are now exported as flat configuration objects which\ncan only be used with the\n[\"flat config\"](https://eslint.org/blog/2022/08/new-config-system-part-2/)\nsystem introduced in ESLint v8.23.0, since that is required to be able to move\nbeyond ESLint v8 so codebases should be migrating to that system.\n\nUnofficially however, since the upgrade involves replacing a number of plugins\nunrelated to flat configuration, the configurations will export a legacy\nconfiguration if the `ESLINT_USE_FLAT_CONFIG` environment variable is set to\n`false`.\n\n\u003e [!NOTE]\n\u003e\n\u003e This environment variable is also what tells ESLint v9 to use the legacy\n\u003e configuration format.\n\nThis allows complex codebases to handle the upgrade as a two-step process: first\nupgrading to the latest version of ESLint and the new plugins, and then\nupgrading to the flat configuration system.\n\nThis legacy configuration will be removed in the next major if not sooner, so\nshould not be relied on beyond the upgrade process.\n\n#### React: Lint custom hooks that accept a dependency array\n\nIf you create a custom hook for a project that takes a dependency array, you can\nhave `react-hooks/exhaustive-deps` lint it in the same manner as core hooks by\npassing it the name of your custom hook via its `additionalHooks` option:\n\n```json\n{\n  \"rules\": {\n    \"react-hooks/exhaustive-deps\": [\"error\", { \"additionalHooks\": \"useHook\" }]\n  }\n}\n```\n\nNote that this option expects a _RegExp string_.\n\n### Versioning\n\nVersioning is modeled after [semantic versioning](https://semver.org/); however,\nsince these configurations are for a code quality tool meaning just about every\nchange to a config is likely going to result in a new error in at least one of\nour codebases (and so arguably be a breaking change), we consider general\nconfiguration changes to be _minor features_, and release them as such.\n\nIn addition to this covering changes like enabling a new rule and adjusting the\nconfiguration of an already-enabled rule, this also includes updating to new\nmajor versions of a plugin which might have removed or renamed rules used in our\nconfigs.\n\nWe specify which versions of plugins is expected by our configs as optional peer\ndependencies, meaning your package manager should warn you if a minor version of\nour package requires a related plugin to be updated for compatibility.\n\nMajor versions are generally reserved for when we're making a significant number\nof changes, which can be common with new major versions of ESLint that have\nsignificant breaking changes that require the surrounding ecosystem to release\nnew major versions.\n\n### Releasing\n\nReleases are handled using\n[semantic release](https://github.com/semantic-release/semantic-release), which\nis run on `main` and releases versions based on\n[the commit messages](https://semantic-release.gitbook.io/semantic-release#commit-message-format).\n\n#### Contributing\n\nThis repo uses\n[conventional commits](https://www.conventionalcommits.org/en/v1.0.0/) to enable\nsemantic releases \u0026 changelog generation, which requires that commits on the\n`main` branch follow that format.\n\nAs we squash our pull requests when merging by default, you should ideally use\ntitle your pull requests using the conventional commit format since that will be\nused as the commit message for the squashed commit.\n\nWe run `commitlint` on pull requests to ensure that commit messages follow the\nformat - while not strictly required when the commits will be squashed, it can\nhelp ensure you're following the format correctly.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fackama%2Feslint-config-ackama","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fackama%2Feslint-config-ackama","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fackama%2Feslint-config-ackama/lists"}