@sun-asterisk/sunlint/rules/security/S030_directory_browsing_protection/config.json

☀️ SunLint - Multi-language static analysis tool for code quality and security | Sun* Engineering Standards

{
  "id": "S030",
  "name": "Disable directory browsing and protect sensitive metadata files",
  "category": "security",
  "description": "S030 - Disable directory browsing and protect sensitive metadata files (.git/, .env, config files, etc.) to prevent information disclosure and potential security vulnerabilities.",
  "severity": "error",
  "enabled": true,
  "semantic": {
    "enabled": true,
    "priority": "high",
    "fallback": "heuristic"
  },
  "patterns": {
    "include": [
      "**/*.js",
      "**/*.ts",
      "**/*.jsx",
      "**/*.tsx",
      "**/*.json",
      "**/*.yaml",
      "**/*.yml",
      "**/.*"
    ],
    "exclude": [
      "**/*.test.js",
      "**/*.test.ts",
      "**/*.spec.js",
      "**/*.spec.ts",
      "**/node_modules/**",
      "**/dist/**",
      "**/build/**"
    ]
  },
  "analysis": {
    "approach": "symbol-based-primary",
    "fallback": "regex-based",
    "depth": 2,
    "timeout": 5000
  },
  "validation": {
    "serverConfigs": ["express", "koa", "fastify", "hapi"],
    "sensitiveFiles": [
      ".env",
      ".git",
      ".svn",
      ".hg",
      "config",
      "settings",
      "secrets",
      "keys",
      "backup",
      "database"
    ],
    "directoryListingIndicators": [
      "autoIndex",
      "directory",
      "listing",
      "browse",
      "index"
    ],
    "protectionMethods": ["serveStatic", "static", "staticFiles", "public"]
  }
}