Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

eslint-plugin-security

Package Overview
Dependencies
Maintainers
6
Versions
14
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

eslint-plugin-security - npm Package Versions

2

3.0.1

Diff

Changelog

Source

3.0.1 (2024-06-14)

Bug Fixes

  • add name to recommended flat config (#161) (aa1c8c5)
eslint-community-bot
published 3.0.0 •

Changelog

Source

3.0.0 (2024-04-10)

⚠ BREAKING CHANGES

  • requires node ^18.18.0 || ^20.9.0 || >=21.1.0 (#146)

Features

  • requires node ^18.18.0 || ^20.9.0 || >=21.1.0 (#146) (df1b606)

Bug Fixes

  • Ensure everything works with ESLint v9 (#145) (ac50ab4)
eslint-community-bot
published 2.1.1 •

Changelog

Source

2.1.1 (2024-02-14)

Bug Fixes

  • Ensure empty eval() doesn't crash detect-eval-with-expression (#139) (8a7c7db)
eslint-community-bot
published 2.1.0 •

Changelog

Source

2.1.0 (2023-12-15)

Features

eslint-community-bot
published 2.0.0 •

Changelog

Source

2.0.0 (2023-10-17)

⚠ BREAKING CHANGES

  • switch the recommended config to flat (#118)

Features

eslint-community-bot
published 1.7.1 •

Changelog

Source

1.7.1 (2023-02-02)

Bug Fixes

  • false positives for static expressions in detect-non-literal-fs-filename, detect-child-process, detect-non-literal-regexp, and detect-non-literal-require (#109) (56102b5)
eslint-community-bot
published 1.7.0 •

Changelog

Source

1.7.0 (2023-01-26)

Features

eslint-community-bot
published 1.6.0 •

Changelog

Source

1.6.0 (2023-01-11)

Features

  • Add meta object documentation for all rules (#79) (fb1d9ef)
  • detect-bidi-characters rule (#95) (4294d29)
  • detect-non-literal-fs-filename: change to track non-top-level require() as well (#105) (d3b1543)
  • extend detect non literal fs filename (#92) (08ba476)
  • non-literal-require: support template literals (#81) (208019b)

Bug Fixes

  • Avoid crash when exec() is passed no arguments (7f97815), closes #82 #23
  • Avoid TypeError when exec stub is used with no arguments (#97) (9c18f16)
  • detect-child-process: false positive for destructuring with exec (#102) (657921a)
  • detect-child-process: false positives for destructuring spawn (#103) (fdfe37d)
  • Incorrect method name in detect-buffer-noassert. (313c0c6), closes #63 #80
nzakas
published 1.5.0 •

Changelog

Source

1.5.0 / 2022-04-14

  • Fix avoid crash when exec() is passed no arguments Closes #82 with ref as #23
  • Fix incorrect method name in detect-buffer-noassert Closes #63 and #80
  • Clean up source code formatting Fixes #4 and closes #78
  • Add release script Script
  • Add non-literal require TemplateLiteral support #81
  • Add meta object documentation for all rules #79
  • Added Git pre-commit hook to format JS files Pre-commit hook
  • Added yarn installation method
  • Fix linting errors and step Lint errors, Lint step
  • Create workflows Check commit message on pull requests, Set up ci on main branch
  • Update test and lint commands to work cross-platform Commit
  • Merge pull request #47 from pdehaan/add-docs Add old liftsecurity blog posts to docs/ folder
  • Bumped up dependencies
  • Added package-lock.json
  • Fixed typos in README and documentation Replaced dead links in README
adam_baldwin
published 1.4.0 •

Changelog

Source

1.4.0 / 2017-06-12

  • 1.4.0
  • Stuff and things for 1.4.0 beep boop 🤖
  • Merge pull request #14 from travi/recommended-example Add recommended ruleset to the usage example
  • Merge pull request #19 from pdehaan/add-changelog Add basic CHANGELOG.md file
  • Merge pull request #17 from pdehaan/issue-16 Remove filename from error output
  • Add basic CHANGELOG.md file
  • Remove filename from error output
  • Add recommended ruleset to the usage example for #9
  • Merge pull request #10 from pdehaan/issue-9 Add 'plugin:security/recommended' config to plugin
  • Merge pull request #12 from tupaschoal/patch-1 Fix broken link for detect-object-injection
  • Fix broken link for detect-object-injection The current link leads to a 404 page, the new one is the proper page.
  • Add 'plugin:security/recommended' config to plugin
2
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc