Skip to content

Removal of NodeSecurity, GoLint, and SCSSLint March 9, 2020#

On the week of March 9th 2020, we'll be removing some tools from Codacy.

Those tools are NodeSecurity, GoLint, and SCSSLint.

These tools have become deprecated or stopped being updated by their maintainers and started providing a bad experience for Codacy users either by reporting false positives or causing other unexpected issues.

We've been working on alternatives for each tool. Continue reading to find out how you can replace each of the removed tools:

  • NodeSecurity: This tool detects outdated NPM dependencies. It stopped being maintained two years ago when it was acquired and replaced by NPM itself. Since it stopped being updated it will no longer find new vulnerabilities, thus becoming useless and only providing a false sense of security. Recommendation: If you have an NPM repository you now have this functionality out-of-the-box.
  • GoLint: Last month we launched a new Go tool - Revive - which is a drop-in replacement for GoLint supporting all its rules and even more. Recommendation: Revive was enabled by default for your Go repositories with GoLint's. Check that the default patterns make sense for your team.
  • SCSSLint: This tool is now unmaintained for four years with the old maintainers suggesting that users migrate to Stylelint which is already supported by Codacy for quite some time. Recommendation: Check that the Stylelint is enabled and its default patterns make sense for your team.

Share your feedback 📢

Did this page help you?

Thanks for the feedback! Is there anything else you'd like to tell us about this page?

We're sorry to hear that. Please let us know what we can improve:

Alternatively, you can create a more detailed issue on our GitHub repository.

Thanks for helping improve the Codacy documentation.

Edit this page on GitHub if you notice something wrong or missing.

If you have a question or need help please contact

Last modified August 26, 2022