(Another, even more obscure Mac-only bug, this time with JSLint’s Konfabulator widget: Dragging a BBEdit document icon onto the widget moves the document to the trash. The developer, Douglas Crockford, hadn’t tried the widget on a Mac.)
UPDATED ANSWER, 2017: Yes. Use ESLint. http://eslint.org
In addition to JSLint (already mentioned in Flash Sheridan’s answer) and the Closure compiler (previously mentioned in awhyte’s answer) I have have also gotten a lot of benefit from running JSHint and PHP CodeSniffer. As of 2012, all four tools are free open-source and have a large and active developer community behind them. They’re each a bit different (and I think, complementary) in the kinds of checks they perform:
I particularly like that I can tell JSHint to report all of the errors in a file, even if there are hundreds of errors. By contrast, although JSLint does have a
maxerr configuration option, it will generally bail out relatively early when attempting to process files that contain large numbers of errors.
The Closure compiler is extremely useful in that, if code won’t compile with Closure, you can feel very certain said code is deeply hosed in some fundamental way. Closure compilation is possibly the closest thing that there is in the JS world to an “interpreter” syntax check like
php -l or
Closure also warns you about potential issues such as missing parameters and undeclared or redefined variables. If you aren’t seeing the warnings you expect, try increasing the warning level by invoking Closure with an option of
Google’s “Closure” JS compiler produces configurable warnings and errors at compile-time. It definitely finds misspelled variables and methods, plus arity mistakes. If you’re willing to write JsDoc the Closure way, it can do a lot with type information, too.
The YUI “Compressor” tool can produce warnings too, but haven’t tried it yet.
I haven’t had much luck with the Aptana IDE, built on Eclipse, but other people like it. See Stack Overflow discussion of JS IDEs.
The IntelliJ IDE, which isn’t free last I checked, has frickin’ excellent JS support. It will detect and highlight misspelled vars and methods as you type, and more. It’s got autocomplete, too.
In summary, JSLint, JSHint, Plato, ESLint, Google Closure-Linter are the tools available.
I faced installation issues while trying out Google Closure-Linter for Windows. But, it does mention on the web page that its support for Windows is experimental.
I found and tried another tool which works well. Here is the link for it:
Also, this is the github link for the tool Esprima:
I tried out ESlint and found it good..you can also add custom rules there..Here is the github repo: https://github.com/nzakas/eslint and here is the introduction to it: http://www.nczonline.net/blog/2013/07/16/introducing-eslint/
tools suitable for including in coming Mozilla projects or for
- DOM-based XSS
- Client-side SQL injection
- WebSocket hijacking
- Local file path manipulation
- DOM-based open redirection
- Cookie manipulation
- Ajax request header manipulation
- DOM-based denial of service
- Web message manipulation
- HTML5 storage manipulation
I like Jslint for this sort of thing…
Now, here are some typos it finds (exact typo left as an exercise for the reader, to emphasize how easily these can be overlooked):
A tool in the Wiki, but not mentioned in this post, is DeepScan.
Its focus is to find runtime errors and quality issues rather than coding conventions of linters. It covers also TypeScript and React.
You can try it out for your GitHub project.
JSAnalyse has just been published on codeplex.
JSAnalyse can be executed as a command line tool or configured via the Visual Studio Layer Diagramm. It is also easy to integrate into the build. With gated check-ins you can keep the dependencies under control.
Flow does static analysis with and without annotations.
If you need annotations, the syntax is compatible to TypeScript.
Install the package with :
npm install --global flow-bin
It uses the language syntax to guide the detection, so it will find clones in spite of format changes, inserted/deleted comments, renamed variables and even some inserted/deleted statements.
The site has a sample CloneDR run on Google’s Closure library.
Full disclosure, I’m behind this: http://www.toptensoftware.com/minime which does minification, obfuscation and a reasonable set of lint style checks.