Awesome
This repository has been archived as read-only
We recommend looking at https://github.com/mozilla/eslint-plugin-no-unsanitized if you are interested in xss-prevention techniques.
ScanJS Rules through ESLint.
If you want to get something like ScanJS using ESLint. This is the config file.
Install
npm -g install
* cp -v .eslintrc ~/.scanjs-eslintrc
<!--
Note that a globally installed eslint can see only globally installed plugins.
So you either have to install eslint itself and then required packages locally
Or everything globally.
-->
Running
cd project-to-scan/
eslint --no-eslintrc -c ~/.scanjs-eslintrc .
Usage within IntelliJ IDEs (WebStorm, PyCharm etc.)
- Open the Settings dialog and navigate to Languages & Frameworks → JavaScript → Code Quality Tools → ESLint.
- Enable ESLint and make sure your settings match your installation: Use a globally installed eslint package, the installer will place this in
/usr/lib/node_modules/eslint
orusr/local/lib/node_modules/eslint
. - Supply the config path
~/.scanjs-eslintrc
- Reset the default rules, by providing extra eslint options, so we only use the provided config. This disables the default eslint rules, which check for coding style, not security:
--no-eslintrc -c ~/.scanjs-eslintrc .