Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →

@locker/eslint-plugin-locker

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

@locker/eslint-plugin-locker - npm Package Compare versions

Comparing version 0.14.7 to 0.14.11

dist/rules/distorted-html-element-style-getter.js

		@@ -17,4 +17,3 @@ "use strict";
		search: ['*.style'],
		onMatch: eslint_rule_maker_1.matchers.matchAsNonWritable,
		},
		});

dist/rules/distorted-html-frame-iframe-object-element-content-document-getter.js

		@@ -17,4 +17,3 @@ "use strict";
		search: ['*.contentDocument'],
		onMatch: eslint_rule_maker_1.matchers.matchAsNonWritable,
		},
		});

dist/rules/distorted-html-frame-iframe-object-element-content-window-getter.js

		@@ -17,4 +17,3 @@ "use strict";
		search: ['*.contentWindow'],
		onMatch: eslint_rule_maker_1.matchers.matchAsNonWritable,
		},
		});

docs/rules/distorted-document-blocked-properties.md

		@@ -1,4 +0,4 @@
		# Distorted Document Blocked Properties (distorted-document-blocked-properties)
		# Prevent access to certain Document properties (distorted-document-blocked-properties)

		For security the following `Document` properties are prohibited in Lightning Locker:
		The following `Document` properties are prohibited when Lightning Web Security is enabled:
		- exitFullscreen
		@@ -5,0 +5,0 @@ - fullscreen

docs/rules/distorted-document-domain-setter.md

		@@ -1,5 +0,17 @@
		# Distorted Document#domain Setter (distorted-document-domain-setter)
		# Prevent setting value of document.domain (distorted-document-domain-setter)

		For security the `Document#domain` setter is distorted in Lightning Locker.
		Setting the value of `document.domain` is not allowed. Although behavior varies across browsers, setting `document.domain` to any value when Lightning Web Security is enabled will result in an error being thrown.

		See [Related Distortions](#related-distortions) below for more details.

		## Rule Details

		Example of incorrect code:

		```js
		document.domain = 'example.com';
		```

		## Related Distortions

		<!-- START generated embed: @locker/distortion/src/Document/docs/domain-setter.md -->
		@@ -6,0 +18,0 @@ ## set: Document.prototype.domain

docs/rules/distorted-element-blocked-properties.md

		@@ -1,4 +0,4 @@
		# Distorted Element Blocked Properties (distorted-element-blocked-properties)
		# Prevent access to certain Element properties (distorted-element-blocked-properties)

		For security the following `Element` properties are prohibited in Lightning Locker:
		The following `Element` properties are prohibited when Lightning Web Security is enabled:
		- mozRequestFullScreen
		@@ -5,0 +5,0 @@ - onfullscreenchange

docs/rules/distorted-element-shadow-root-getter.md

		@@ -1,5 +0,17 @@
		# Distorted Element#shadowRoot Getter (distorted-element-shadow-root-getter)
		# Disallow usage of Element.shadowRoot getter (distorted-element-shadow-root-getter)

		For security the `Element#shadowRoot` getter is distorted in Lightning Locker.
		The `Element.shadowRoot` getter returns `null` when Lightning Web Security is enabled.

		See [Related Distortions](#related-distortions) below for more details.

		## Rule Details

		Example of incorrect code:

		```js
		element.shadowRoot.querySelector('div');
		```

		## Related Distortions

		<!-- START generated embed: @locker/distortion/src/Element/docs/shadowRoot-getter.md -->
		@@ -6,0 +18,0 @@ ## get: Element.prototype.shadowRoot [Main]

docs/rules/distorted-html-element-blocked-properties.md

		@@ -1,4 +0,4 @@
		# Disallow Blocked HTMLElement Properties (blocked-html-element-properties)
		# Prevent access to certain HTMLElement properties (distorted-html-element-blocked-properties)

		For security the following `HTMLElement` properties are prohibited in Lightning Locker:
		The following `HTMLElement` properties are prohibited when Lightning Web Security is enabled:
		- nonce
		@@ -5,0 +5,0 @@ - onrejectionhandled

docs/rules/distorted-html-embed-object-element-blocked-properties.md

		@@ -1,5 +0,4 @@
		# Distorted HTML{Embed\|Object}Element Blocked Properties (distorted-html-embed-object-element-blocked-properties)
		# Prevent access to certain HTML{Embed\|Object}Element properties (distorted-html-embed-object-element-blocked-properties)

		For security the following `HTML{Embed\|Object}Element` properties are prohibited
		in Lightning Locker:
		The following `HTML{Embed\|Object}Element` properties are prohibited when Lightning Web Security is enabled:
		- getSVGDocument
		@@ -6,0 +5,0 @@

docs/rules/distorted-html-frame-iframe-object-element-content-document-getter.md

		@@ -1,6 +0,17 @@
		# Distorted HTML{Frame\|IFrame\|Object}Element#contentDocument Getter (distorted-html-frame-iframe-object-element-content-document-getter)
		# Prevent access to HTML{Frame\|IFrame\|Object}Element.contentDocument (distorted-html-frame-iframe-object-element-content-document-getter)

		For security the `HTML{Frame\|IFrame\|Object}Element#contentDocument` getter is
		distorted in Lightning Locker.
		The `HTML{Frame\|IFrame\|Object}Element.contentDocument` getter returns `null` when Lightning Web Security is enabled.

		See [Related Distortions](#related-distortions) below for more details.

		## Rule Details

		Example of incorrect code:

		```js
		document.getElementsByTagName('iframe')[0].contentDocument;
		```

		## Related Distortions

		<!-- START generated embed: @locker/distortion/src/HTMLFrameElement/docs/contentDocument-getter.md -->
		@@ -7,0 +18,0 @@ ## get: HTMLFrameElement.prototype.contentDocument

docs/rules/distorted-html-iframe-element-blocked-properties.md

		@@ -1,4 +0,4 @@
		# Distorted HTMLIFrameElement Blocked Properties (distorted-html-iframe-element-blocked-properties)
		# Prevent access to certain HTMLIFrameElement properties (distorted-html-iframe-element-blocked-properties)

		For security the following `HTMLIFrameElement` properties are prohibited in Lightning Locker:
		For security the following `HTMLIFrameElement` properties are prohibited when Lightning Web Security is enabled:
		- allowPaymentRequest
		@@ -16,3 +16,3 @@ - csp
		```js
		iframe.allowPaymentRequest;
		document.getElementsByTagName('iframe')[0].allowPaymentRequest;
		```

docs/rules/distorted-navigator-service-worker-getter.md

		@@ -1,5 +0,17 @@
		# Distorted Navigator#serviceWorker Getter (distorted-navigator-service-worker-getter)
		# Prevent access to Navigator.serviceWorker and ServiceWorkerContainer properties and methods(distorted-navigator-service-worker-getter)

		For security the `Navigator#serviceWorker` getter is distorted in Lightning Locker.
		`Navigator.serviceWorker` returns `undefined` and accessing `ServiceWorkerContainer` properties and methods throws a `TypeError` when Lightning Web Security is enabled.

		See [Related Distortions](#related-distortions) below for more details.

		## Rule Details

		Example of incorrect code:

		```js
		navigator.serviceWorker.controller;
		```

		## Related Distortions

		<!-- START generated embed: @locker/distortion/src/Navigator/docs/serviceWorker-getter.md -->
		@@ -6,0 +18,0 @@ ## get: Navigator.prototype.serviceWorker

docs/rules/distorted-shared-worker-constructor.md

		@@ -1,5 +0,17 @@
		# Distorted SharedWorker Constructor (distorted-shared-worker-constructor)
		# Prevent access to the SharedWorker constructor (distorted-shared-worker-constructor)

		For security the `SharedWorker` constructor is distorted in Lightning Locker.
		A `RangeError` will be thrown accessing the `SharedWorker` constructor when Lightning Web Security is enabled.

		See [Related Distortions](#related-distortions) below for more details.

		## Rule Details

		Example of incorrect code:

		```js
		const worker = new SharedWorker('worker.js');
		```

		## Related Distortions

		<!-- START generated embed: @locker/distortion/src/SharedWorker/docs/constructor-value.md -->
		@@ -6,0 +18,0 @@ ## SharedWorker Global Constructor

docs/rules/distorted-worker-constructor.md

		@@ -1,5 +0,17 @@
		# Distorted Worker Constructor (distorted-worker-constructor)
		# Prevent access to Worker constructor (distorted-worker-constructor)

		For security the `Worker` constructor is distorted in Lightning Locker.
		A `RangeError` will be thrown accessing the `Worker` constructor when Lightning Web Security is enabled.

		See [Related Distortions](#related-distortions) below for more details.

		## Rule Details

		Example of incorrect code:

		```js
		const worker = new Worker('/worker.js');
		```

		## Related Distortions

		<!-- START generated embed: @locker/distortion/src/Worker/docs/constructor-value.md -->
		@@ -6,0 +18,0 @@ ## Worker Global Constructor

docs/rules/no-export-platform-resource-loader.md

		@@ -1,5 +0,4 @@
		# Disallow Export from 'lightning/platformResourceLoader' (no-export-platform-resource-loader)
		# Disallow export from lightning/platformResourceLoader (no-export-platform-resource-loader)

		Lightning Locker does not support exporting directly from the
		`'lightning/platformResourceLoader'` module.
		Lightning Web Security does not support exporting directly from the `lightning/platformResourceLoader` module.

		@@ -6,0 +5,0 @@ ## Rule Details

docs/rules/undefined-document-all.md

		@@ -1,5 +0,4 @@
		# Undefined document.all (undefined-document-all)
		# Prevent access to document.all (undefined-document-all)

		The value of `document.all` in Lightning Locker is `undefined`. This isn’t
		likely to break code but is something to be aware of.
		The `document.all` getter returns `undefined` when Lightning Web Security is enabled.

		@@ -6,0 +5,0 @@ ## Rule Details

package.json

		{
		"name": "@locker/eslint-plugin-locker",
		"version": "0.14.7",
		"version": "0.14.11",
		"license": "Salesforce Developer Agreement",
		@@ -13,2 +13,3 @@ "author": "Salesforce UI Security Team",
		"main": "dist/index.js",
		"sideEffects": false,
		"typings": "types/index.d.ts",
		@@ -27,3 +28,3 @@ "publishConfig": {
		"dependencies": {
		"@locker/eslint-rule-maker": "0.14.7"
		"@locker/eslint-rule-maker": "0.14.11"
		},
		@@ -35,3 +36,3 @@ "files": [
		],
		"gitHead": "3e2c8ce19585715d0db2d0980088de1e5c4e2998"
		"gitHead": "3ac0b52b291246692fa015a42e52661c6feea82f"
		}

types/rules/distorted-html-element-style-getter.d.ts.map

Sorry, the diff of this file is not supported yet

types/rules/distorted-html-frame-iframe-object-element-content-document-getter.d.ts.map

Sorry, the diff of this file is not supported yet

types/rules/distorted-html-frame-iframe-object-element-content-window-getter.d.ts.map

Sorry, the diff of this file is not supported yet

@locker/eslint-plugin-locker - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics

Dependency changes