diff --git a/.eslintignore b/.eslintignore
new file mode 100644
index 0000000..c1cb757
--- /dev/null
+++ b/.eslintignore
@@ -0,0 +1,2 @@
+.nyc_output/
+coverage/
diff --git a/.eslintrc b/.eslintrc
deleted file mode 100644
index c49f04f..0000000
--- a/.eslintrc
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-  "env": {
-    "es6": true
-  },
-  "rules": {
-    "indent": [2,2]
-  }
-}
\ No newline at end of file
diff --git a/.eslintrc.json b/.eslintrc.json
new file mode 100644
index 0000000..572b76f
--- /dev/null
+++ b/.eslintrc.json
@@ -0,0 +1,23 @@
+{
+  "root": true,
+  "parserOptions": {
+    "ecmaVersion": 6
+  },
+  "env": {
+    "es6": true,
+    "node": true
+  },
+  "rules": {
+    "comma-style": "error",
+    "dot-notation": "error",
+    "indent": ["error", 2],
+    "no-control-regex": "error",
+    "no-div-regex": "error",
+    "no-eval": "error",
+    "no-implied-eval": "error",
+    "no-invalid-regexp": "error",
+    "no-trailing-spaces": "error",
+    "no-undef": "error",
+    "no-unused-vars": "error"
+  }
+}
diff --git a/.jshintrc b/.jshintrc
deleted file mode 100644
index 2c03a0a..0000000
--- a/.jshintrc
+++ /dev/null
@@ -1,22 +0,0 @@
-{
-  "evil": true,
-  "regexdash": true,
-  "browser": true,
-  "wsh": true,
-  "trailing": true,
-  "sub": true,
-  "unused": true,
-  "undef": true,
-  "laxcomma": true,
-  "node": true,
-  "browser": false,
-  "esnext": true,
-  "globals": {
-    "describe": true,
-    "it": true,
-    "require": true,
-    "atob": false,
-    "escape": true,
-    "before": true
-  }
-}
\ No newline at end of file
diff --git a/package.json b/package.json
index d84013c..d7e09f7 100644
--- a/package.json
+++ b/package.json
@@ -4,7 +4,8 @@
   "description": "JSON Web Token implementation (symmetric and asymmetric)",
   "main": "index.js",
   "scripts": {
-    "test": "nyc --reporter=html --reporter=text mocha && nsp check && cost-of-modules"
+    "lint": "eslint .",
+    "test": "npm run lint && nyc --reporter=html --reporter=text mocha && nsp check && cost-of-modules"
   },
   "repository": {
     "type": "git",
@@ -34,6 +35,7 @@
     "chai": "^1.10.0",
     "conventional-changelog": "~1.1.0",
     "cost-of-modules": "^1.0.1",
+    "eslint": "^4.19.1",
     "mocha": "^2.1.0",
     "nsp": "^2.6.2",
     "nyc": "^11.8.0",
diff --git a/test/.eslintrc.json b/test/.eslintrc.json
new file mode 100644
index 0000000..7eeefc3
--- /dev/null
+++ b/test/.eslintrc.json
@@ -0,0 +1,5 @@
+{
+  "env": {
+    "mocha": true
+  }
+}
diff --git a/test/async_sign.tests.js b/test/async_sign.tests.js
index d22f974..6a4f153 100644
--- a/test/async_sign.tests.js
+++ b/test/async_sign.tests.js
@@ -19,14 +19,14 @@ describe('signing a token asynchronously', function() {
     });
 
     it('should work with empty options', function (done) {
-      jwt.sign({abc: 1}, "secret", {}, function (err, res) {
+      jwt.sign({abc: 1}, "secret", {}, function (err) {
         expect(err).to.be.null();
         done();
       });
     });
 
     it('should work without options object at all', function (done) {
-      jwt.sign({abc: 1}, "secret", function (err, res) {
+      jwt.sign({abc: 1}, "secret", function (err) {
         expect(err).to.be.null();
         done();
       });
diff --git a/test/decoding.tests.js b/test/decoding.tests.js
index 7c90148..3bd8c13 100644
--- a/test/decoding.tests.js
+++ b/test/decoding.tests.js
@@ -1,6 +1,5 @@
 var jwt = require('../index');
 var expect = require('chai').expect;
-var atob = require('atob');
 
 describe('decoding', function() {
 
diff --git a/test/invalid_exp.tests.js b/test/invalid_exp.tests.js
index 397b62f..dfb89b4 100644
--- a/test/invalid_exp.tests.js
+++ b/test/invalid_exp.tests.js
@@ -1,13 +1,12 @@
 var jwt = require('../index');
 var expect = require('chai').expect;
-var assert = require('chai').assert;
 
 describe('invalid expiration', function() {
 
   it('should fail with string', function (done) {
     var broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIxMjMiLCJmb28iOiJhZGFzIn0.cDa81le-pnwJMcJi3o3PBwB7cTJMiXCkizIhxbXAKRg';
 
-    jwt.verify(broken_token, '123', function (err, decoded) {
+    jwt.verify(broken_token, '123', function (err) {
       expect(err.name).to.equal('JsonWebTokenError');
       done();
     });
diff --git a/test/issue_304.tests.js b/test/issue_304.tests.js
index db4a1e3..c1ed8af 100644
--- a/test/issue_304.tests.js
+++ b/test/issue_304.tests.js
@@ -4,35 +4,35 @@ var expect = require('chai').expect;
 describe('issue 304 - verifying values other than strings', function() {
 
   it('should fail with numbers', function (done) {
-    jwt.verify(123, 'foo', function (err, decoded) {
+    jwt.verify(123, 'foo', function (err) {
       expect(err.name).to.equal('JsonWebTokenError');
       done();
     });
   });
 
   it('should fail with objects', function (done) {
-    jwt.verify({ foo: 'bar' }, 'biz', function (err, decoded) {
+    jwt.verify({ foo: 'bar' }, 'biz', function (err) {
       expect(err.name).to.equal('JsonWebTokenError');
       done();
     });
   });
 
   it('should fail with arrays', function (done) {
-    jwt.verify(['foo'], 'bar', function (err, decoded) {
+    jwt.verify(['foo'], 'bar', function (err) {
       expect(err.name).to.equal('JsonWebTokenError');
       done();
     });
   });
 
   it('should fail with functions', function (done) {
-    jwt.verify(function() {}, 'foo', function (err, decoded) {
+    jwt.verify(function() {}, 'foo', function (err) {
       expect(err.name).to.equal('JsonWebTokenError');
       done();
     });
   });
 
   it('should fail with booleans', function (done) {
-    jwt.verify(true, 'foo', function (err, decoded) {
+    jwt.verify(true, 'foo', function (err) {
       expect(err.name).to.equal('JsonWebTokenError');
       done();
     });
diff --git a/test/jwt.hs.tests.js b/test/jwt.hs.tests.js
index af977da..5c12a73 100644
--- a/test/jwt.hs.tests.js
+++ b/test/jwt.hs.tests.js
@@ -102,7 +102,7 @@ describe('HS256', function() {
 
     it('should return the "invalid token" error', function(done) {
       var malformedToken = token + ' '; // corrupt the token by adding a space
-      jwt.verify(malformedToken, secret, { algorithm: 'HS256', ignoreExpiration: true }, function(err, decoded) {
+      jwt.verify(malformedToken, secret, { algorithm: 'HS256', ignoreExpiration: true }, function(err) {
         assert.isNotNull(err);
         assert.equal('JsonWebTokenError', err.name);
         assert.equal('invalid token', err.message);
diff --git a/test/undefined_secretOrPublickey.tests.js b/test/undefined_secretOrPublickey.tests.js
index 01132ad..39d4f13 100644
--- a/test/undefined_secretOrPublickey.tests.js
+++ b/test/undefined_secretOrPublickey.tests.js
@@ -1,4 +1,3 @@
-var fs = require('fs');
 var jwt = require('../index');
 var JsonWebTokenError = require('../lib/JsonWebTokenError');
 var expect = require('chai').expect;
diff --git a/test/verify.tests.js b/test/verify.tests.js
index 51d107e..f0c26fe 100644
--- a/test/verify.tests.js
+++ b/test/verify.tests.js
@@ -308,7 +308,7 @@ describe('verify', function() {
       var clockTimestamp = 1000000000;
       it('should verify unexpired token relative to user-provided clockTimestamp', function (done) {
         var token = jwt.sign({foo: 'bar', iat: clockTimestamp, exp: clockTimestamp + 1}, key);
-        jwt.verify(token, key, {clockTimestamp: clockTimestamp}, function (err, p) {
+        jwt.verify(token, key, {clockTimestamp: clockTimestamp}, function (err) {
           assert.isNull(err);
           done();
         });
@@ -340,7 +340,7 @@ describe('verify', function() {
           nbf: clockTimestamp + 1,
           exp: clockTimestamp + 2
         }, key);
-        jwt.verify(token, key, {clockTimestamp: clockTimestamp + 1}, function (err, p) {
+        jwt.verify(token, key, {clockTimestamp: clockTimestamp + 1}, function (err) {
           assert.isNull(err);
           done();
         });