Skip to content

Removal of NodeSecurity, GoLint and SCSSLint

On the week of March 9th 2020, we'll be removing some tools from Codacy.

Those tools are: NodeSecurity, GoLint and SCSSLint.

These tools have become deprecated or stopped being updated by their maintainers and started providing a bad experience for Codacy users either by reporting false positives or causing other unexpected issues.

We've been working on alternatives for each tool. Continue reading to find out how you can replace each of the removed tool:

  • NodeSecurity: This tool detects outdated NPM dependencies. It stopped being maintained two years ago when it was acquired and replaced by NPM itself. Since it stopped being updated it will no longer find new vulnerabilities, thus becoming useless and only providing a false sense of security. Recommendation: If you have an NPM repository you now have this functionality out-of-the-box.
  • GoLint: Last month we launched a new Go tool - revive - which is a drop-in replacement for GoLint supporting all of its rules and even more. Recommendation: Revive was enabled by default for your Go repositories with GoLint's. Check that the default patterns make sense for your team.
  • SCSSLint: This tool is now unmaintained for four years with the old maintainers suggesting that users migrate to Stylelint which is already support by Codacy for quite some time. Recommendation: Check that the Stylelint is enabled and its default patterns make sense for your team.
Last update: August 7, 2020