feat(security): Initial security plugin

Signed-off-by: Valentin Popov <info@valentineus.link>
author: Valentin Popov <info@valentineus.link> 2020-02-14 11:17:13 +0300
committer: Valentin Popov <info@valentineus.link> 2020-02-14 11:18:59 +0300
commit: 570290241dc983abfb14bb20b0e8eb8b3a74a22d (patch)
tree: 02927cc2b68251f68669056cdc7b31abe4ab0c07
parent: f9ebfb719aa850b01ce3e1ee3a9d7ab359e73058 (diff)
download: eslint-config-570290241dc983abfb14bb20b0e8eb8b3a74a22d.tar.xz
eslint-config-570290241dc983abfb14bb20b0e8eb8b3a74a22d.zip
5 files changed, 51 insertions, 7 deletions
diff --git a/ROADMAP.md b/ROADMAP.md
index 46c3102..8cc9d68 100644
--- a/ROADMAP.md
+++ b/ROADMAP.md
@@ -324,6 +324,22 @@
 - [ ] "prefer-default-export"
 - [ ] "unambiguous"
 
+## Security
+
+- [ ] "detect-buffer-noassert"
+- [ ] "detect-child-process"
+- [ ] "detect-disable-mustache-escape"
+- [ ] "detect-eval-with-expression"
+- [ ] "detect-new-buffer"
+- [ ] "detect-no-csrf-before-method-override"
+- [ ] "detect-non-literal-fs-filename"
+- [ ] "detect-non-literal-regexp"
+- [ ] "detect-non-literal-require"
+- [ ] "detect-object-injection"
+- [ ] "detect-possible-timing-attacks"
+- [ ] "detect-pseudoRandomBytes"
+- [ ] "detect-unsafe-regex"
+
 ## TypeScript
 
 - [ ] "adjacent-overload-signatures"
diff --git a/package.json b/package.json
index b61e905..b20c629 100644
--- a/package.json
+++ b/package.json
@@ -17,7 +17,8 @@
     "@typescript-eslint/parser": "^2.19.2",
     "eslint": "^6.8.0",
     "eslint-plugin-import": "^2.20.1",
-    "rollup": "^1.31.0",
+    "eslint-plugin-security": "^1.4.0",
+    "rollup": "^1.31.1",
     "rollup-plugin-terser": "^5.2.0",
     "tslib": "^1.10.0",
     "typescript": "^3.7.5"
@@ -26,7 +27,8 @@
     "@typescript-eslint/eslint-plugin": "^2.19.0",
     "@typescript-eslint/parser": "^2.19.0",
     "eslint": "^6.8.0",
-    "eslint-plugin-import": "^2.20.1"
+    "eslint-plugin-import": "^2.20.1",
+    "eslint-plugin-security": "^1.4.0"
   },
   "dependencies": {}
 }
diff --git a/src/javascript.ts b/src/javascript.ts
index 6dd6ac8..9026379 100644
--- a/src/javascript.ts
+++ b/src/javascript.ts
@@ -1,5 +1,6 @@
 import rDefault from "./rules/default.json";
 import rImport from "./rules/import.json";
+import rSecurity from "./rules/security.json";
 
 module.exports = {
 	"extends": [
@@ -7,10 +8,15 @@ module.exports = {
 		"plugin:import/errors",
 		"plugin:import/recommended",
 		"plugin:import/warnings",
+		"plugin:security/recommended",
+	],
+	"plugins": [
+		"import",
+		"security",
 	],
-	"plugins": ["import"],
 	"rules": {
 		...rDefault,
 		...rImport,
+		...rSecurity,
 	},
 };
diff --git a/src/rules/security.json b/src/rules/security.json
new file mode 100644
index 0000000..0967ef4
--- /dev/null
+++ b/src/rules/security.json
@@ -0,0 +1 @@
+{}
diff --git a/yarn.lock b/yarn.lock
index d8e5f08..f73ba79 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -386,6 +386,13 @@ eslint-plugin-import@^2.20.1:
     read-pkg-up "^2.0.0"
     resolve "^1.12.0"
 
+eslint-plugin-security@^1.4.0:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/eslint-plugin-security/-/eslint-plugin-security-1.4.0.tgz#d4f314484a80b1b613b8c8886e84f52efe1526c2"
+  integrity sha512-xlS7P2PLMXeqfhyf3NpqbvbnW04kN8M9NtmhpR3XGyOvt/vNKS7XPXT5EDbwKW9vCjWH4PpfQvgD/+JgN0VJKA==
+  dependencies:
+    safe-regex "^1.1.0"
+
 eslint-scope@^5.0.0:
   version "5.0.0"
   resolved "https://registry.yarnpkg.com/eslint-scope/-/eslint-scope-5.0.0.tgz#e87c8887c73e8d1ec84f1ca591645c358bfc8fb9"
@@ -1073,6 +1080,11 @@ restore-cursor@^3.1.0:
     onetime "^5.1.0"
     signal-exit "^3.0.2"
 
+ret@~0.1.10:
+  version "0.1.15"
+  resolved "https://registry.yarnpkg.com/ret/-/ret-0.1.15.tgz#b8a4825d5bdb1fc3f6f53c2bc33f81388681c7bc"
+  integrity sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg==
+
 rimraf@2.6.3:
   version "2.6.3"
   resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.6.3.tgz#b2d104fe0d8fb27cf9e0a1cda8262dd3833c6cab"
@@ -1098,10 +1110,10 @@ rollup-pluginutils@^2.8.2:
   dependencies:
     estree-walker "^0.6.1"
 
-rollup@^1.31.0:
-  version "1.31.0"
-  resolved "https://registry.yarnpkg.com/rollup/-/rollup-1.31.0.tgz#e2a87212e96aa7850f3eb53fdd02cf89f2d2fe9a"
-  integrity sha512-9C6ovSyNeEwvuRuUUmsTpJcXac1AwSL1a3x+O5lpmQKZqi5mmrjauLeqIjvREC+yNRR8fPdzByojDng+af3nVw==
+rollup@^1.31.1:
+  version "1.31.1"
+  resolved "https://registry.yarnpkg.com/rollup/-/rollup-1.31.1.tgz#4170d6f87148d46e5fbe29b493f8f3ea3453c96f"
+  integrity sha512-2JREN1YdrS/kpPzEd33ZjtuNbOuBC3ePfuZBdKEybvqcEcszW1ckyVqzcEiEe0nE8sqHK+pbJg+PsAgRJ8+1dg==
   dependencies:
     "@types/estree" "*"
     "@types/node" "*"
@@ -1121,6 +1133,13 @@ rxjs@^6.5.3:
   dependencies:
     tslib "^1.9.0"
 
+safe-regex@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/safe-regex/-/safe-regex-1.1.0.tgz#40a3669f3b077d1e943d44629e157dd48023bf2e"
+  integrity sha1-QKNmnzsHfR6UPURinhV91IAjvy4=
+  dependencies:
+    ret "~0.1.10"
+
 "safer-buffer@>= 2.1.2 < 3":
   version "2.1.2"
   resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a"
author	Valentin Popov <info@valentineus.link>	2020-02-14 11:17:13 +0300
committer	Valentin Popov <info@valentineus.link>	2020-02-14 11:18:59 +0300
commit	570290241dc983abfb14bb20b0e8eb8b3a74a22d (patch)
tree	02927cc2b68251f68669056cdc7b31abe4ab0c07
parent	f9ebfb719aa850b01ce3e1ee3a9d7ab359e73058 (diff)
download	eslint-config-570290241dc983abfb14bb20b0e8eb8b3a74a22d.tar.xz eslint-config-570290241dc983abfb14bb20b0e8eb8b3a74a22d.zip