.eslintrc.security.json•1.93 kB
{
"root": true,
"parser": "@typescript-eslint/parser",
"parserOptions": {
"ecmaVersion": 2022,
"sourceType": "module",
"ecmaFeatures": {
"jsx": true
}
},
"env": {
"browser": true,
"node": true,
"es2022": true
},
"extends": [
"plugin:security/recommended-legacy"
],
"plugins": [
"security",
"@typescript-eslint"
],
"rules": {
// Security rules
"security/detect-non-literal-fs-filename": "error",
"security/detect-non-literal-regexp": "warn",
"security/detect-unsafe-regex": "error",
"security/detect-buffer-noassert": "error",
"security/detect-child-process": "warn",
"security/detect-disable-mustache-escape": "error",
"security/detect-eval-with-expression": "error",
"security/detect-new-buffer": "warn",
"security/detect-no-csrf-before-method-override": "error",
"security/detect-possible-timing-attacks": "warn",
"security/detect-pseudoRandomBytes": "error",
"security/detect-sql-injection": "error",
// TypeScript specific security patterns
"@typescript-eslint/no-explicit-any": "warn",
"@typescript-eslint/explicit-function-return-type": "off",
"@typescript-eslint/no-unused-vars": ["error", { "argsIgnorePattern": "^_" }],
// Additional security patterns
"no-eval": "error",
"no-implied-eval": "error",
"no-new-func": "error",
"no-script-url": "error",
"no-with": "error",
"no-alert": "warn",
"no-console": ["warn", { "allow": ["warn", "error"] }]
},
"overrides": [
{
"files": ["*.test.ts", "*.test.tsx", "*.spec.ts", "*.spec.tsx"],
"rules": {
"security/detect-non-literal-fs-filename": "off",
"security/detect-child-process": "off",
"no-console": "off"
}
}
],
"ignorePatterns": [
"node_modules/",
"dist/",
"build/",
".next/",
"coverage/",
"*.min.js",
"*.min.css"
]
}