tslint has been deprecated for quite a long time now - from 2019: https://github.com/palantir/tslint/issues/4534

werent one of the js linters part of a supply chain attack recently?

Maybe, are you sure Go dependencies are immune to similar attacks?

Yes, with the difference that Google would have to be compromised in order to poison the go distributable containing fmt tool. With js, it’s enough to poison any single one of the 1400 dependencies of the linter

I forgot that even though fmt will never suffer from middle man attacks downloading the Go toolchain, the standard library already covers 100% of the uses cases someone cares about using Go for, and no one is using CGO.

I used to use CGO quite a lot in linux-embedded environment.

And we had huge dependency chains as well to non-standard library stuff, nowhere near as bad as an average nodejs project but still not free from the problem.

Use biome, it doesn't have any external dependencies. eslint should have been put to rest a long time ago.

Good advice. That was my conclusion as well after years of fighting with eslint.

someone else recommended this too, I'll give it a shot next time I'm in js land.

We added biome to our project, now we have eslint, prettier and biome in the project.

Seriously though it is nice, but migrating away from your existing tooling is painful and underappreciated.

go std lib being compromised would be a pretty major achievement