eslint-plugin-security - npm Package Versions

3.0.1 (2024-06-13)

Bug Fixes

• add name to recommended flat config (#161) (aa1c8c5)

3.0.0 (2024-04-10)

⚠ BREAKING CHANGES

• requires node ^18.18.0 || ^20.9.0 || >=21.1.0 (#146)

Features

• requires node ^18.18.0 || ^20.9.0 || >=21.1.0 (#146) (df1b606)

Bug Fixes

• Ensure everything works with ESLint v9 (#145) (ac50ab4)

2.1.1 (2024-02-14)

Bug Fixes

• Ensure empty eval() doesn't crash detect-eval-with-expression (#139) (8a7c7db)

2.1.0 (2023-12-15)

Features

• add config recommended-legacy (#132) (13d3f2f)

2.0.0 (2023-10-17)

⚠ BREAKING CHANGES

• switch the recommended config to flat (#118)

Features

• switch the recommended config to flat (#118) (e20a366)

1.7.1 (2023-02-02)

Bug Fixes

• false positives for static expressions in detect-non-literal-fs-filename, detect-child-process, detect-non-literal-regexp, and detect-non-literal-require (#109) (56102b5)

1.7.0 (2023-01-26)

Features

• improve detect-child-process rule (#108) (64ae529)

1.6.0 (2023-01-11)

Features

• Add meta object documentation for all rules (#79) (fb1d9ef)
• detect-bidi-characters rule (#95) (4294d29)
• detect-non-literal-fs-filename: change to track non-top-level require() as well (#105) (d3b1543)
• extend detect non literal fs filename (#92) (08ba476)
• non-literal-require: support template literals (#81) (208019b)

Bug Fixes

• Avoid crash when exec() is passed no arguments (7f97815), closes #82 #23
• Avoid TypeError when exec stub is used with no arguments (#97) (9c18f16)
• detect-child-process: false positive for destructuring with exec (#102) (657921a)
• detect-child-process: false positives for destructuring spawn (#103) (fdfe37d)
• Incorrect method name in detect-buffer-noassert. (313c0c6), closes #63 #80

1.5.0 / 2022-04-14

• Fix avoid crash when exec() is passed no arguments Closes #82 with ref as #23
• Fix incorrect method name in detect-buffer-noassert Closes #63 and #80
• Clean up source code formatting Fixes #4 and closes #78
• Add release script Script
• Add non-literal require TemplateLiteral support #81
• Add meta object documentation for all rules #79
• Added Git pre-commit hook to format JS files Pre-commit hook
• Added yarn installation method
• Fix linting errors and step Lint errors, Lint step
• Create workflows Check commit message on pull requests, Set up ci on main branch
• Update test and lint commands to work cross-platform Commit
• Merge pull request #47 from pdehaan/add-docs Add old liftsecurity blog posts to docs/ folder
• Bumped up dependencies
• Added package-lock.json
• Fixed typos in README and documentation Replaced dead links in README

1.4.0 / 2017-06-12

• 1.4.0
• Stuff and things for 1.4.0 beep boop 🤖
• Merge pull request #14 from travi/recommended-example Add recommended ruleset to the usage example
• Merge pull request #19 from pdehaan/add-changelog Add basic CHANGELOG.md file
• Merge pull request #17 from pdehaan/issue-16 Remove filename from error output
• Add basic CHANGELOG.md file
• Remove filename from error output
• Add recommended ruleset to the usage example for #9
• Merge pull request #10 from pdehaan/issue-9 Add 'plugin:security/recommended' config to plugin
• Merge pull request #12 from tupaschoal/patch-1 Fix broken link for detect-object-injection
• Fix broken link for detect-object-injection The current link leads to a 404 page, the new one is the proper page.
• Add 'plugin:security/recommended' config to plugin