UNPKG

@microsoft/eslint-plugin-sdl

Version:

ESLint plugin focused on common security issues and misconfigurations discoverable during static testing as part of Microsoft Security Development Lifecycle (SDL)

github.com/microsoft/eslint-plugin-sdl

microsoft/eslint-plugin-sdl

67 lines (58 loc) 2.48 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
// Copyright (c) Microsoft Corporation. // Licensed under the MIT License. "use strict"; const path = require("path"); const pluginSecurity = require("eslint-plugin-security"); const pkg = require(path.join("..", "package.json")); const plugin = { meta: { name: pkg.name, version: pkg.version }, rules: { "no-angular-bypass-sanitizer": require("./rules/no-angular-bypass-sanitizer"), "no-angular-sanitization-trusted-urls": require("./rules/no-angular-sanitization-trusted-urls"), "no-angularjs-bypass-sce": require("./rules/no-angularjs-bypass-sce"), "no-angularjs-enable-svg": require("./rules/no-angularjs-enable-svg"), "no-angularjs-sanitization-whitelist": require("./rules/no-angularjs-sanitization-whitelist"), "no-cookies": require("./rules/no-cookies"), "no-document-domain": require("./rules/no-document-domain"), "no-document-write": require("./rules/no-document-write"), "no-electron-node-integration": require("./rules/no-electron-node-integration"), "no-html-method": require("./rules/no-html-method"), "no-inner-html": require("./rules/no-inner-html"), "no-insecure-random": require("./rules/no-insecure-random"), "no-insecure-url": require("./rules/no-insecure-url"), "no-msapp-exec-unsafe": require("./rules/no-msapp-exec-unsafe"), "no-postmessage-star-origin": require("./rules/no-postmessage-star-origin"), "no-unsafe-alloc": require("./rules/no-unsafe-alloc"), "no-winjs-html-unsafe": require("./rules/no-winjs-html-unsafe") }, // Filled in later in order to reference plugin itself. configs: {} }; plugin.configs["angular"] = require("../config/angular")(plugin); plugin.configs["angularjs"] = require("../config/angularjs")(plugin); plugin.configs["common"] = require("../config/common")(plugin); plugin.configs["electron"] = require("../config/electron")(plugin); plugin.configs["node"] = require("../config/node")(plugin); plugin.configs["react"] = require("../config/react")(plugin); plugin.configs["typescript"] = require("../config/react")(plugin); plugin.configs["required"] = [ ...plugin.configs["angular"], ...plugin.configs["angularjs"], ...plugin.configs["common"], ...plugin.configs["electron"], ...plugin.configs["node"], ...plugin.configs["react"] ]; plugin.configs["recommended"] = [ ...plugin.configs["required"], ...plugin.configs["typescript"], { plugins: { security: pluginSecurity } } ]; module.exports = plugin;