eslint-plugin-security-node

    1.0.14 • Public • Published

    eslint-plugin-security-node

    ESLint plugin containing Node.js security rules

    This plugin will help to identify potential threats and prevent attacks.

    Installation

    npm install --save-dev eslint-plugin-security-node

    Usage

    Add the following configuration to your .eslintrc file:

    "plugins": [
        "security-node"
    ],
    "extends": [
        "plugin:security-node/recommended"
    ]
    

    Developer guide

    Tests

    Type the following to test all the rules:

    $ npm test

    Type the following to test a particular rule:

    $ ./node_modules/.bin/mocha tests/lib/rules/rule_name

    Rules

    detect non literal regular expr

    For details check the documentation file non-literal-reg-expr

    detect absence of property:name in express-session

    For details check the documentation file detect-absence-of-name-option-in-exrpress-session

    detect Buffer unsafe allocation

    For details check the documentation file detect-buffer-unsafe-allocation

    detect exec of child_process with non-Literal argument

    For details check the documentation file detect-child-process

    detect crlf attack

    For details check the documentation file detect-crlf

    detect dangerous redirects

    For more information check the documentation file detect-dangerous-redirects

    detect-eval-with-expr

    For more information check the documentation file detect-eval-with-expr

    detect-html-injection

    For more information check the documentation file detect-html-injection

    detect-insecure-randomness

    For more information check the documentation file detect-insecure-randomness

    detect-non-literal-require-calls

    For more information check the documentation file detect-non-literal-require-calls

    detect-nosql-injection.md

    For more information check the documentation file detect-nosql-injection

    detect-option-multiplestatements-in-mysql'

    For more information check the documentation file detect-option-multiplestatements-in-mysql

    detect-option-rejectunauthorized-in-nodejs-httpsrequest

    For more information check the documentation file detect-option-rejectunauthorized-in-nodejs-httpsrequest

    detect-option-unsafe-in-serialize-javascript-npm-package

    For more information check the documentation file detect-option-unsafe-in-serialize-javascript-npm-package

    detect-possible-timing-attacks

    For more information check the documentation file detect-possible-timing-attacks

    detect-runinthiscontext-method-in-nodes-vm

    For more information check the documentation file detect-runinthiscontext-method-in-nodes-vm.

    detect-security-missconfiguration-cookie

    For more information check the documentation file detect-security-missconfiguration-cookie

    detect-sql-injection

    For more information check the documentation file detect-sql-injection

    disable-ssl-across-node-server

    For more information check the documentation file disable-ssl-across-node-server

    Install

    npm i eslint-plugin-security-node

    DownloadsWeekly Downloads

    8,336

    Version

    1.0.14

    License

    ISC

    Unpacked Size

    114 kB

    Total Files

    61

    Last publish

    Collaborators

    • gkouziik