Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

eslint-plugin-security

Package Overview
Dependencies
Maintainers
1
Versions
14
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

eslint-plugin-security - npm Package Compare versions

Comparing version 1.1.0 to 1.2.0

2

package.json
{
"name": "eslint-plugin-security",
"version": "1.1.0",
"version": "1.2.0",
"description": "Security rules for eslint",

@@ -5,0 +5,0 @@ "main": "index.js",

var safe = require('safe-regex');
/**
* Check if the regex is evil or not using the safe-regex module
* @author Adam Baldwin
* @author Adam Baldwin
*/

@@ -14,5 +14,2 @@

"use strict";
var getSource = function(token) {
return token.loc.start.line + ': ' + context.getSourceLines().slice(token.loc.start.line - 1, token.loc.end.line).join('\n\t');
}

@@ -27,5 +24,12 @@ return {

if (!safe(nodeValue)) {
context.report(node, "Unsafe Regular Expression\n" + getSource(token));
context.report(node, "Unsafe Regular Expression");
}
}
},
"NewExpression": function(node) {
if (node.callee.name == "RegExp" && node.arguments && node.arguments.length > 0 && node.arguments[0].type == "Literal") {
if (!safe(node.arguments[0].value)) {
context.report(node, "Unsafe Regular Expression (new RegExp)");
}
}
}

@@ -32,0 +36,0 @@ };

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc