From 4424b6799ad0946092d9adf6d96973261fa1ac77 Mon Sep 17 00:00:00 2001 From: capitnflam Date: Fri, 15 Mar 2024 22:26:00 +0100 Subject: [PATCH] feat(react): add some security linting (#10) --- package-lock.json | 31 ++++++++++++++++++++++++++++++- package.json | 4 +++- src/configs/react.ts | 2 ++ 3 files changed, 35 insertions(+), 2 deletions(-) diff --git a/package-lock.json b/package-lock.json index 23665ba..3961070 100644 --- a/package-lock.json +++ b/package-lock.json @@ -14,9 +14,11 @@ "eslint-config-prettier": "9.1.0", "eslint-plugin-import": "2.29.1", "eslint-plugin-jsx-a11y": "6.8.0", + "eslint-plugin-no-unsanitized": "4.0.2", "eslint-plugin-react": "7.34.0", "eslint-plugin-react-hooks": "4.6.0", - "eslint-plugin-unicorn": "51.0.1" + "eslint-plugin-unicorn": "51.0.1", + "eslint-plugin-xss": "0.1.12" }, "devDependencies": { "@commitlint/cli": "19.2.0", @@ -3288,6 +3290,14 @@ "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" }, + "node_modules/eslint-plugin-no-unsanitized": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/eslint-plugin-no-unsanitized/-/eslint-plugin-no-unsanitized-4.0.2.tgz", + "integrity": "sha512-Pry0S9YmHoz8NCEMRQh7N0Yexh2MYCNPIlrV52hTmS7qXnTghWsjXouF08bgsrrZqaW9tt1ZiK3j5NEmPE+EjQ==", + "peerDependencies": { + "eslint": "^6 || ^7 || ^8" + } + }, "node_modules/eslint-plugin-react": { "version": "7.34.0", "resolved": "https://registry.npmjs.org/eslint-plugin-react/-/eslint-plugin-react-7.34.0.tgz", @@ -3531,6 +3541,17 @@ "node": ">=8" } }, + "node_modules/eslint-plugin-xss": { + "version": "0.1.12", + "resolved": "https://registry.npmjs.org/eslint-plugin-xss/-/eslint-plugin-xss-0.1.12.tgz", + "integrity": "sha512-L5oYaD//ZE7fKNtWUfVgYTRW19jrZlvaHe2swyFLxXQ5pwVQLivi5m92rtXd/ww8yqg4Drasqyi0hlBmhf9YQg==", + "dependencies": { + "requireindex": "~1.1.0" + }, + "engines": { + "node": ">=0.10.0" + } + }, "node_modules/eslint-scope": { "version": "7.2.2", "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.2.2.tgz", @@ -9734,6 +9755,14 @@ "node": ">=0.10.0" } }, + "node_modules/requireindex": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/requireindex/-/requireindex-1.1.0.tgz", + "integrity": "sha512-LBnkqsDE7BZKvqylbmn7lTIVdpx4K/QCduRATpO5R+wtPmky/a8pN1bO2D6wXppn1497AJF9mNjqAXr6bdl9jg==", + "engines": { + "node": ">=0.10.5" + } + }, "node_modules/resolve": { "version": "1.22.8", "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", diff --git a/package.json b/package.json index ab4cc37..bd9f8e0 100644 --- a/package.json +++ b/package.json @@ -19,9 +19,11 @@ "eslint-config-prettier": "9.1.0", "eslint-plugin-import": "2.29.1", "eslint-plugin-jsx-a11y": "6.8.0", + "eslint-plugin-no-unsanitized": "4.0.2", "eslint-plugin-react": "7.34.0", "eslint-plugin-react-hooks": "4.6.0", - "eslint-plugin-unicorn": "51.0.1" + "eslint-plugin-unicorn": "51.0.1", + "eslint-plugin-xss": "0.1.12" }, "devDependencies": { "@commitlint/cli": "19.2.0", diff --git a/src/configs/react.ts b/src/configs/react.ts index c16a139..3beb944 100644 --- a/src/configs/react.ts +++ b/src/configs/react.ts @@ -8,6 +8,8 @@ export const react: ESLintConfig = { 'plugin:react/jsx-runtime', 'plugin:react-hooks/recommended', 'plugin:jsx-a11y/recommended', + 'plugin:xss/recommended', + 'plugin:no-unsanitized/DOM', ], settings: { react: {