https://github.com/rustcohlnikov/eslint-config-sec

🔒 Linting rules for safe and secure client code
https://github.com/rustcohlnikov/eslint-config-sec

eslint fe-sec linter security

Last synced: 21 days ago
JSON representation

🔒 Linting rules for safe and secure client code

• Host: GitHub
• URL: https://github.com/rustcohlnikov/eslint-config-sec
• Owner: rustcohlnikov
• License: mit
• Created: 2019-10-15T07:44:34.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2019-10-15T11:06:24.000Z (over 5 years ago)
• Last Synced: 2025-03-16T14:36:38.707Z (about 1 month ago)
• Topics: eslint, fe-sec, linter, security
• Language: JavaScript
• Homepage:
• Size: 5.86 KB
• Stars: 3
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md

Awesome Lists containing this project

• awesome-frontend-security - `eslint-config-sec` - ESLint rules for writing safe and secure client code. (Code / Linters)

README

        
# :umbrella: eslint-config-sec

![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square)

![License](https://img.shields.io/npm/l/eslint-config-sec?style=flat-square)

![Dependencies](https://img.shields.io/david/peer/rustcohlnikov/eslint-config-sec?style=flat-square)

[![Chat on Gitter](https://img.shields.io/gitter/room/fe-sec/community)](https://gitter.im/fe-sec/community)

Linting rules for safe and secure client code

# Rules included

Extends `eslint-plugin-no-unsanitized`, see [documentation](https://github.com/mozilla/eslint-plugin-no-unsanitized/tree/master/docs/rules).

Additional rules:

* `no-eval` - eval('evil code')

* `no-implied-eval` - same as eval

* `radix` - parseInt('12345', 10) without radix

* `no-debugger` - disallow debugger; in code

* `no-new-func` - new Function('evil code')

# Usage

1. Install the config:

```bash

npm i -D eslint-config-sec

```

2. Add config to the `extends` section on your `.eslintrc.js` file:

```diff

"extends": [

+  "eslint-config-sec"

]

```