UNPKG

create-quality-automation

Version:

Bootstrap quality automation for JavaScript/TypeScript and Python projects with GitHub Actions, pre-commit hooks, linting, formatting, and freemium dependency monitoring

github.com/brettstark73/quality-automation-template

brettstark73/quality-automation-template

100 lines (90 loc) 2.56 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
const js = require('@eslint/js') const globals = require('globals') let tsPlugin = null let tsParser = null let security = null try { tsPlugin = require('@typescript-eslint/eslint-plugin') tsParser = require('@typescript-eslint/parser') } catch { // TypeScript tooling not installed yet; fall back to JS-only config. } try { security = require('eslint-plugin-security') } catch { // Security plugin not installed yet; fall back to basic config } const configs = [ { ignores: ['**/node_modules/**', '**/dist/**', '**/build/**'], }, js.configs.recommended, ] // Add security config if available if (security) { configs.push(security.configs.recommended) } // Base rules configuration const baseRules = { // XSS Prevention patterns - critical for web applications 'no-eval': 'error', 'no-implied-eval': 'error', 'no-new-func': 'error', 'no-script-url': 'error', } // Security rules only if plugin is loaded const securityRules = security ? { // Security rules from WFHroulette patterns - adjusted for build tools 'security/detect-object-injection': 'warn', // Build tools often use dynamic object access 'security/detect-non-literal-regexp': 'error', 'security/detect-unsafe-regex': 'error', 'security/detect-buffer-noassert': 'error', 'security/detect-child-process': 'warn', // Build tools may spawn processes 'security/detect-disable-mustache-escape': 'error', 'security/detect-eval-with-expression': 'error', 'security/detect-no-csrf-before-method-override': 'error', 'security/detect-non-literal-fs-filename': 'warn', // Build tools need dynamic file operations 'security/detect-non-literal-require': 'error', 'security/detect-possible-timing-attacks': 'error', 'security/detect-pseudoRandomBytes': 'error', } : {} configs.push({ files: ['**/*.{js,jsx,mjs,cjs,html}'], languageOptions: { ecmaVersion: 2022, sourceType: 'module', globals: { ...globals.browser, ...globals.node, }, }, rules: { ...baseRules, ...securityRules, }, }) if (tsPlugin && tsParser) { configs.push({ files: ['**/*.{ts,tsx}'], languageOptions: { parser: tsParser, parserOptions: { ecmaVersion: 2022, sourceType: 'module', }, globals: { ...globals.browser, ...globals.node, }, }, plugins: { '@typescript-eslint': tsPlugin, }, rules: { ...tsPlugin.configs.recommended.rules, }, }) } module.exports = configs