accessor-pairs | Property getters and setters should come in pairs | | | | | |
alt-text | Image, area, button with image and object elements should have an alternative text | ✅ | | | | |
anchor-has-content | Anchors should contain accessible content | ✅ | | 💡 | | |
anchor-is-valid | Anchor tags should not be used as buttons | ✅ | | | | |
anchor-precedence | Alternatives in regular expressions should be grouped when used with anchors | ✅ | | | 💭 | |
argument-type | Arguments to built-in functions should match documented types | ✅ | | | 💭 | |
arguments-order | Parameters should be passed in the correct order | ✅ | | | 💭 | |
arguments-usage | "arguments" should not be accessed directly | | | | | |
array-callback-without-return | Callbacks of array methods should have return statements | ✅ | | | 💭 | |
array-constructor | Array constructors should not be used | | | 💡 | | |
arrow-function-convention | Braces and parentheses should be used consistently with arrow functions | | | | | |
assertions-in-tests | Tests should include assertions | ✅ | | | | |
aws-apigateway-public-api | Creating public APIs is security-sensitive | ✅ | | | | |
aws-ec2-rds-dms-public | Allowing public network access to cloud resources is security-sensitive | ✅ | | | | |
aws-ec2-unencrypted-ebs-volume | Using unencrypted EBS volumes is security-sensitive | ✅ | | | | |
aws-efs-unencrypted | Using unencrypted EFS file systems is security-sensitive | ✅ | | | | |
aws-iam-all-privileges | Policies granting all privileges are security-sensitive | ✅ | | | | |
aws-iam-all-resources-accessible | Policies granting access to all resources of an account are security-sensitive | | | | | |
aws-iam-privilege-escalation | AWS IAM policies should limit the scope of permissions given | ✅ | | | | |
aws-iam-public-access | Policies authorizing public access to resources are security-sensitive | ✅ | | | | |
aws-opensearchservice-domain | Using unencrypted Elasticsearch domains is security-sensitive | ✅ | | | | |
aws-rds-unencrypted-databases | Using unencrypted RDS DB resources is security-sensitive | ✅ | | | | |
aws-restricted-ip-admin-access | Administration services access should be restricted to specific IP addresses | ✅ | | | | |
aws-s3-bucket-granted-access | Granting access to S3 buckets to all or authenticated users is security-sensitive | ✅ | | | | |
aws-s3-bucket-insecure-http | Authorizing HTTP communications with S3 buckets is security-sensitive | ✅ | | | | |
aws-s3-bucket-public-access | Allowing public ACLs or policies on a S3 bucket is security-sensitive | ✅ | | | | |
aws-s3-bucket-server-encryption | Disabling server-side encryption of S3 buckets is security-sensitive | | | | | ❌ |
aws-s3-bucket-versioning | Disabling versioning of S3 buckets is security-sensitive | ✅ | | | | |
aws-sagemaker-unencrypted-notebook | Using unencrypted SageMaker notebook instances is security-sensitive | ✅ | | | | |
aws-sns-unencrypted-topics | Using unencrypted SNS topics is security-sensitive | ✅ | | | | |
aws-sqs-unencrypted-queue | Using unencrypted SQS queues is security-sensitive | ✅ | | | | |
bitwise-operators | Bitwise operators should not be used in boolean contexts | ✅ | | | | |
bool-param-default | Optional boolean parameters should have default value | | | | | |
brace-style | An open curly brace should be located at the end of a line | | 🔧 | | | ❌ |
call-argument-line | Function call arguments should not start on new lines | ✅ | | | | |
certificate-transparency | Disabling Certificate Transparency monitoring is security-sensitive | ✅ | | | | |
chai-determinate-assertion | Chai assertions should have only one reason to succeed | ✅ | | | | |
class-name | Class names should comply with a naming convention | ✅ | | | | |
class-prototype | Class methods should be used instead of "prototype" assignments | | | | 💭 | |
code-eval | Dynamically executing code is security-sensitive | ✅ | | | | |
cognitive-complexity | Cognitive Complexity of functions should not be too high | ✅ | | | | |
comma-or-logical-or-case | Comma and logical OR operators should not be used in switch cases | ✅ | | | | |
comment-regex | Track comments matching a regular expression | | | | | |
concise-regex | Regular expression quantifiers and character classes should be used concisely | ✅ | | | 💭 | |
conditional-indentation | A conditionally executed single line should be denoted by indentation | | | | | ❌ |
confidential-information-logging | Allowing confidential information to be logged is security-sensitive | ✅ | | | | |
constructor-for-side-effects | Objects should not be created to be dropped immediately without being used | ✅ | | | | |
content-length | Allowing requests with excessive content length is security-sensitive | ✅ | | | | |
content-security-policy | Disabling content security policy fetch directives is security-sensitive | ✅ | | | | |
cookie-no-httponly | Creating cookies without the "HttpOnly" flag is security-sensitive | ✅ | | | | |
cookies | Writing cookies is security-sensitive | | | | | ❌ |
cors | Having a permissive Cross-Origin Resource Sharing policy is security-sensitive | ✅ | | | | |
csrf | Disabling CSRF protections is security-sensitive | ✅ | | | | |
cyclomatic-complexity | Cyclomatic Complexity of functions should not be too high | | | | | |
declarations-in-global-scope | Variables and functions should not be declared in the global scope | | | | | |
default-param-last | Function parameters with default values should be last | ✅ | | | | |
deprecation | Deprecated APIs should not be used | ✅ | | | 💭 | |
destructuring-assignment-syntax | Destructuring syntax should be used for assignments | | | | | |
different-types-comparison | Strict equality operators should not be used with dissimilar types | ✅ | | 💡 | 💭 | |
disabled-auto-escaping | Disabling auto-escaping in template engines is security-sensitive | ✅ | | | 💭 | |
disabled-resource-integrity | Using remote artifacts without integrity checks is security-sensitive | ✅ | | | 💭 | |
disabled-timeout | Disabling Mocha timeouts should be explicit | ✅ | | | | |
dns-prefetching | Allowing browsers to perform DNS prefetching is security-sensitive | | | | | ❌ |
duplicates-in-character-class | Character classes in regular expressions should not contain the same character twice | ✅ | | | 💭 | |
elseif-without-else | "if ... else if" constructs should end with "else" clauses | | | | | |
empty-string-repetition | Repeated patterns in regular expressions should not match the empty string | ✅ | | | 💭 | |
encryption | Encrypting data is security-sensitive | | | | | ❌ |
encryption-secure-mode | Encryption algorithms should be used with secure mode and padding scheme | ✅ | | | | |
enforce-trailing-comma | Trailing commas should be used | | 🔧 | | | ❌ |
existing-groups | Replacement strings should reference existing regular expression groups | ✅ | | | 💭 | |
expression-complexity | Expressions should not be too complex | | | | | |
file-header | Track lack of copyright and license headers | | | | | |
file-name-differ-from-class | Default export names and file names should match | | | | | |
file-permissions | Setting loose POSIX file permissions is security-sensitive | ✅ | | | | |
file-uploads | File uploads should be restricted | ✅ | | | | |
fixme-tag | Track uses of "FIXME" tags | ✅ | | | | |
for-in | "for...in" loops should filter properties before acting on them | | | | | |
for-loop-increment-sign | A "for" loop update clause should move the counter in the right direction | ✅ | | | | |
frame-ancestors | Disabling content security policy frame-ancestors directive is security-sensitive | ✅ | | | | |
function-inside-loop | Functions should not be defined inside loops | ✅ | | | | |
function-name | Function and method names should comply with a naming convention | | | | | |
function-return-type | Functions should always return the same type | ✅ | | | 💭 | |
future-reserved-words | Future reserved words should not be used as identifiers | ✅ | | | | |
generator-without-yield | Generators should explicitly "yield" a value | ✅ | | | | |
hashing | Using weak hashing algorithms is security-sensitive | ✅ | | | | |
hidden-files | Statically serving hidden files is security-sensitive | ✅ | | | | |
hook-use-state | The return value of "useState" should be destructured and named symmetrically | ✅ | | 💡 | | |
html-has-lang | HTML elements should have a valid language attribute | ✅ | | 💡 | | |
in-operator-type-error | "in" should not be used with primitive types | ✅ | | | 💭 | |
inconsistent-function-call | Functions should be called consistently with or without "new" | ✅ | | | | |
index-of-compare-to-positive-number | "indexOf" checks should not be for positive numbers | ✅ | | | 💭 | |
insecure-cookie | Creating cookies without the "secure" flag is security-sensitive | ✅ | | | | |
insecure-jwt-token | JWT should be signed and verified with strong cipher algorithms | ✅ | | | | |
inverted-assertion-arguments | Assertion arguments should be passed in the correct order | ✅ | | 💡 | | |
jsx-key | JSX list components should have a key property | ✅ | | | | |
jsx-no-constructed-context-values | React Context Provider values should have stable identities | ✅ | | | | |
jsx-no-useless-fragment | Redundant React fragments should be removed | ✅ | 🔧 | 💡 | | |
label-has-associated-control | Label elements should have a text label and an associated control | ✅ | | | | |
label-position | Only "while", "do", "for" and "switch" statements should be labelled | ✅ | | | | |
link-with-target-blank | Authorizing an opened window to access back to the originating window is security-sensitive | ✅ | | | | |
max-switch-cases | "switch" statements should not have too many "case" clauses | ✅ | | | | |
max-union-size | Union types should not have too many elements | | | | | |
media-has-caption | Media elements should have captions | ✅ | | | | |
misplaced-loop-counter | "for" loop increment clauses should modify the loops' counters | ✅ | | | | |
mouse-events-a11y | Mouse events should have corresponding keyboard events | ✅ | | 💡 | | |
nested-control-flow | Control flow statements "if", "for", "while", "switch" and "try" should not be nested too deeply | | | | | |
new-cap | Constructor names should start with an upper case letter | ✅ | | | | |
new-operator-misuse | "new" should only be used with functions and classes | ✅ | | | 💭 | |
no-accessor-field-mismatch | Getters and setters should access the expected fields | ✅ | | | | |
no-all-duplicated-branches | All branches in a conditional structure should not have exactly the same implementation | ✅ | | | | |
no-alphabetical-sort | "Array.prototype.sort()" and "Array.prototype.toSorted()" should use a compare function | ✅ | | 💡 | 💭 | |
no-angular-bypass-sanitization | Disabling Angular built-in sanitization is security-sensitive | ✅ | | | | |
no-array-delete | "delete" should not be used on arrays | ✅ | | | 💭 | |
no-array-index-key | JSX list components should not use array indexes as key | ✅ | | | | |
no-associative-arrays | Array indexes should be numeric | ✅ | | | 💭 | |
no-async-constructor | Constructors should not contain asynchronous operations | ✅ | | | | |
no-base-to-string | Objects and classes converted or coerced to strings should define a "toString()" method | ✅ | | | 💭 | |
no-built-in-override | Built-in objects should not be overridden | | | | | |
no-case-label-in-switch | "switch" statements should not contain non-case labels | ✅ | | | | |
no-clear-text-protocols | Using clear-text protocols is security-sensitive | ✅ | | | | |
no-code-after-done | Tests should not execute any code after "done()" is called | ✅ | | | | |
no-collapsible-if | Mergeable "if" statements should be combined | | | | | |
no-collection-size-mischeck | Collection size and array length comparisons should make sense | ✅ | | 💡 | 💭 | |
no-commented-code | Sections of code should not be commented out | ✅ | | 💡 | | |
no-dead-store | Unused assignments should be removed | ✅ | | | | |
no-delete-var | "delete" should be used only with object properties | ✅ | | | | |
no-deprecated-react | Deprecated React APIs should not be used | ✅ | | | | |
no-duplicate-in-composite | Union and intersection types should not include duplicated constituents | ✅ | | 💡 | | |
no-duplicate-string | String literals should not be duplicated | | | | | |
no-duplicated-branches | Two branches in a conditional structure should not have exactly the same implementation | ✅ | | | | |
no-element-overwrite | Collection elements should not be replaced unconditionally | ✅ | | | | |
no-empty-after-reluctant | Reluctant quantifiers in regular expressions should be followed by an expression that can't match the empty string | ✅ | | | 💭 | |
no-empty-alternatives | Alternation in regular expressions should not contain empty alternatives | ✅ | | | 💭 | |
no-empty-collection | Empty collections should not be accessed or iterated | ✅ | | | | |
no-empty-function | Functions should not be empty | ✅ | | 💡 | | |
no-empty-group | Regular expressions should not contain empty groups | ✅ | | | 💭 | |
no-empty-interface | Interfaces should not be empty | | 🔧 | 💡 | | |
no-empty-test-file | Test files should contain at least one test case | ✅ | | | | |
no-equals-in-for-termination | Equality operators should not be used in "for" loop termination conditions | ✅ | | | | |
no-exclusive-tests | Exclusive tests should not be commited to version control | ✅ | | 💡 | | |
no-extend-native | Prototypes of builtin objects should not be modified | ✅ | | | | |
no-extra-arguments | Function calls should not pass extra arguments | ✅ | | | | |
no-extra-semi | Extra semicolons should be removed | | 🔧 | | | ❌ |
no-find-dom-node | React's "findDOMNode" should not be used | ✅ | | | | |
no-for-in-iterable | "for in" should not be used with iterables | | | | 💭 | |
no-function-declaration-in-block | Function declarations should not be made within blocks | | | | | |
no-global-this | The global "this" object should not be used | ✅ | | 💡 | | |
no-globals-shadowing | Special identifiers should not be bound or assigned | ✅ | | | | |
no-gratuitous-expressions | Boolean expressions should not be gratuitous | ✅ | | | | |
no-hardcoded-credentials | Hard-coded credentials are security-sensitive | ✅ | | | | |
no-hardcoded-ip | Using hardcoded IP addresses is security-sensitive | ✅ | | | | |
no-hook-setter-in-body | React's useState hook should not be used directly in the render function or body of a component | ✅ | | | | |
no-identical-conditions | "if/else if" chains and "switch" cases should not have the same condition | ✅ | | | | |
no-identical-expressions | Identical expressions should not be used on both sides of a binary operator | ✅ | | | | |
no-identical-functions | Functions should not have identical implementations | ✅ | | | | |
no-ignored-exceptions | Exceptions should not be ignored | ✅ | | | | |
no-ignored-return | Return values from functions without side effects should not be ignored | ✅ | | | 💭 | |
no-implicit-dependencies | Dependencies should be explicit | | | | | |
no-implicit-global | Variables should be declared explicitly | ✅ | | | | |
no-in-misuse | "in" should not be used on arrays | ✅ | | 💡 | 💭 | |
no-incomplete-assertions | Assertions should be complete | ✅ | | | | |
no-inconsistent-returns | Functions should use "return" consistently | | | | | |
no-incorrect-string-concat | Strings and non-strings should not be added | | | | 💭 | |
no-infinite-loop | Loops should not be infinite | ✅ | | | | |
no-internal-api-use | Users should not use internal APIs | ✅ | | | | |
no-intrusive-permissions | Using intrusive permissions is security-sensitive | ✅ | | | | |
no-invalid-await | "await" should only be used with promises | ✅ | | | 💭 | |
no-invariant-returns | Function returns should not be invariant | ✅ | | | | |
no-inverted-boolean-check | Boolean checks should not be inverted | ✅ | 🔧 | 💡 | | |
no-ip-forward | Forwarding client IP address is security-sensitive | ✅ | | | | |
no-labels | Labels should not be used | ✅ | | | | |
no-literal-call | Literals should not be used as functions | ✅ | | | | |
no-lonely-if | If statements should not be the only statement in else blocks | ✅ | 🔧 | | | |
no-mime-sniff | Allowing browsers to sniff MIME types is security-sensitive | ✅ | | | | |
no-misleading-array-reverse | Array-mutating methods should not be used misleadingly | ✅ | | 💡 | 💭 | |
no-misused-promises | Promises should not be misused | ✅ | | 💡 | 💭 | |
no-mixed-content | Allowing mixed-content is security-sensitive | ✅ | | | | |
no-nested-assignment | Assignments should not be made from within sub-expressions | ✅ | | | | |
no-nested-conditional | Ternary operators should not be nested | ✅ | | | | |
no-nested-functions | Functions should not be nested too deeply | ✅ | | | | |
no-nested-incdec | Increment (++) and decrement (--) operators should not be used in a method call or mixed with other operators in an expression | | | | | |
no-nested-switch | "switch" statements should not be nested | | | | | |
no-nested-template-literals | Template literals should not be nested | ✅ | | | | |
no-one-iteration-loop | Loops with at most one iteration should be refactored | ✅ | | | | |
no-os-command-from-path | Searching OS commands in PATH is security-sensitive | ✅ | | | | |
no-parameter-reassignment | Initial values of parameters, caught exceptions, and loop variables should not be ignored | ✅ | | | | |
no-primitive-wrappers | Wrapper objects should not be used for primitive types | ✅ | | 💡 | | |
no-redeclare | Variables and functions should not be redeclared | ✅ | | | | |
no-redundant-assignments | Assignments should not be redundant | ✅ | | | | |
no-redundant-boolean | Boolean literals should not be used in comparisons | ✅ | | | | |
no-redundant-jump | Jump statements should not be redundant | ✅ | | 💡 | | |
no-redundant-optional | Optional property declarations should not use both '?' and 'undefined' syntax | ✅ | | 💡 | 💭 | |
no-redundant-parentheses | Redundant pairs of parentheses should be removed | | | 💡 | | ❌ |
no-redundant-type-constituents | Type constituents of unions and intersections should not be redundant | ✅ | | | 💭 | |
no-reference-error | Variables should be defined before being used | | | | | |
no-referrer-policy | Disabling strict HTTP no-referrer policy is security-sensitive | ✅ | | | | |
no-require-or-define | "import" should be used to include external code | | | | 💭 | |
no-return-type-any | Primitive return types should be used | | | | 💭 | |
no-same-argument-assert | Assertions should not be given twice the same argument | ✅ | | | | |
no-same-line-conditional | Conditionals should start on new lines | ✅ | | 💡 | | |
no-selector-parameter | Methods should not contain selector parameters | ✅ | | | 💭 | |
no-self-compare | "Number.isNaN()" should be used to check for "NaN" value | ✅ | | 💡 | | |
no-self-import | Module should not import itself | ✅ | | 💡 | | |
no-skipped-test | Tests should not be skipped without providing a reason | ✅ | | | | |
no-small-switch | "if" statements should be preferred over "switch" when simpler | ✅ | | | | |
no-tab | Tabulation characters should not be used | | | | | ❌ |
no-table-as-layout | HTML "<table>" should not be used for layout purposes | ✅ | | | | |
no-this-alias | "this" should not be assigned to variables | | | | | |
no-throw-literal | Literals should not be thrown | ✅ | | 💡 | 💭 | |
no-try-promise | Promise rejections should not be caught by "try" blocks | ✅ | | | 💭 | |
no-undefined-argument | "undefined" should not be passed as the value of optional parameters | ✅ | | 💡 | 💭 | |
no-undefined-assignment | "undefined" should not be assigned | | | | | |
no-unenclosed-multiline-block | Multiline blocks should be enclosed in curly braces | ✅ | | | | |
no-uniq-key | JSX list components keys should match up between renders | ✅ | | | | |
no-unknown-property | JSX elements should not use unknown properties and attributes | ✅ | | 💡 | | |
no-unreachable | All code should be reachable | ✅ | | 💡 | | |
no-unsafe | React legacy lifecycle methods should not be used | ✅ | | | | |
no-unsafe-unzip | Expanding archive files without controlling resource consumption is security-sensitive | ✅ | | | | |
no-unstable-nested-components | React components should not be nested | ✅ | | | | |
no-unthrown-error | Errors should not be created without being thrown | ✅ | | 💡 | | |
no-unused-collection | Collection contents should be used | ✅ | | | | |
no-unused-expressions | Non-empty statements should change control flow or have at least one side-effect | ✅ | | | | |
no-unused-function-argument | Unused function parameters should be removed | | | 💡 | | |
no-unused-private-class-members | Unused private class members should be removed | ✅ | | 💡 | | |
no-use-of-empty-return-value | The return value of void functions should not be used | ✅ | | | | |
no-useless-call | Calls to ".call()" and ".apply()" methods should not be redundant | ✅ | | 💡 | | |
no-useless-catch | "catch" clauses should do more than rethrow | ✅ | | | | |
no-useless-constructor | Unnecessary constructors should be removed | ✅ | | 💡 | | |
no-useless-increment | Values should not be uselessly incremented | ✅ | | | | |
no-useless-intersection | Type intersections should use meaningful types | ✅ | | | 💭 | |
no-useless-react-setstate | React state setter function should not be called with its matching state variable | ✅ | | | | |
no-var | Variables should be declared with "let" or "const" | ✅ | 🔧 | | | |
no-variable-usage-before-declaration | Variables declared with "var" should be declared before they are used | | | | | |
no-vue-bypass-sanitization | Disabling Vue.js built-in escaping is security-sensitive | ✅ | | | | |
no-weak-cipher | Cipher algorithms should be robust | ✅ | | | | |
no-weak-keys | Cryptographic keys should be robust | ✅ | | | | |
no-wildcard-import | Wildcard imports should not be used | | | | | |
non-existent-operator | Non-existent operators '=+', '=-' and '=!' should not be used | ✅ | | 💡 | | |
non-number-in-arithmetic-expression | Arithmetic operators should only have numbers as operands | | | | 💭 | |
null-dereference | Properties of variables with "null" or "undefined" values should not be accessed | ✅ | | | 💭 | |
object-alt-content | "" tags should provide an alternative content | ✅ | | | | |
object-shorthand | Object literal shorthand syntax should be used | | 🔧 | | | |
operation-returning-nan | Arithmetic operations should not result in "NaN" | | | | 💭 | |
os-command | Using shell interpreter when executing OS commands is security-sensitive | ✅ | | | | |
post-message | Origins should be verified during cross-origin communications | ✅ | | | 💭 | |
prefer-default-last | "default" clauses should be last | ✅ | | | | |
prefer-enum-initializers | Enum member values should be either all initialized or none | ✅ | | 💡 | | |
prefer-for-of | "for of" should be used with Iterables | ✅ | | 💡 | | |
prefer-function-type | Function types should be preferred | ✅ | 🔧 | | | |
prefer-immediate-return | Local variables should not be declared and then immediately returned or thrown | | 🔧 | | | |
prefer-namespace-keyword | "module" should not be used | ✅ | 🔧 | | | |
prefer-nullish-coalescing | Nullish coalescing should be preferred | ✅ | | 💡 | 💭 | |
prefer-object-literal | Object literal syntax should be used | | | | | |
prefer-object-spread | Object spread syntax should be used instead of "Object.assign" | ✅ | 🔧 | | | |
prefer-promise-shorthand | Shorthand promises should be used | ✅ | | 💡 | | |
prefer-single-boolean-return | Return of boolean expressions should not be wrapped into an "if-then-else" statement | ✅ | | 💡 | | |
prefer-spread | Spread syntax should be used instead of "apply()" | ✅ | | 💡 | | |
prefer-string-starts-ends-with | Ends of strings should be checked with "startsWith()" and "endsWith()" | ✅ | 🔧 | 💡 | 💭 | |
prefer-template | Template strings should be used instead of concatenation | | 🔧 | | | |
prefer-type-guard | Type predicates should be used | ✅ | | 💡 | | |
prefer-while | A "while" loop should be used instead of a "for" loop | ✅ | 🔧 | | | |
process-argv | Using command line arguments is security-sensitive | | | | | ❌ |
production-debug | Delivering code in production with debug features activated is security-sensitive | ✅ | | | | |
pseudo-random | Using pseudorandom number generators (PRNGs) is security-sensitive | ✅ | | | | |
public-static-readonly | Public "static" fields should be read-only | ✅ | | 💡 | | |
publicly-writable-directories | Using publicly writable directories is security-sensitive | ✅ | | | | |
reduce-initial-value | "Array.reduce()" calls should include an initial value | ✅ | | | 💭 | |
redundant-type-aliases | Redundant type aliases should not be used | ✅ | | | | |
regex-complexity | Regular expressions should not be too complicated | ✅ | | | 💭 | |
regular-expr | Using regular expressions is security-sensitive | | | | | ❌ |
rules-of-hooks | React Hooks should be properly called | ✅ | | | | |
semi | Statements should end with semicolons | | 🔧 | | | ❌ |
session-regeneration | A new session should be created during user authentication | ✅ | | | | |
shorthand-property-grouping | Shorthand object properties should be grouped at the beginning or end of an object declaration | | | | | |
single-char-in-character-classes | Character classes in regular expressions should not contain only one character | ✅ | | | 💭 | |
single-character-alternation | Single-character alternations in regular expressions should be replaced with character classes | ✅ | | | 💭 | |
slow-regex | Using slow regular expressions is security-sensitive | ✅ | | | 💭 | |
sockets | Using Sockets is security-sensitive | | | | | ❌ |
sonar-block-scoped-var | Variables should be used in the blocks where they are declared | ✅ | | | | |
sonar-jsx-no-leaked-render | React components should not render non-boolean condition values | ✅ | | 💡 | 💭 | |
sonar-max-lines | Files should not have too many lines of code | | | | | |
sonar-max-lines-per-function | Functions should not have too many lines of code | | | | | |
sonar-max-params | Functions should not have too many parameters | ✅ | | | | |
sonar-no-control-regex | Regular expressions should not contain control characters | ✅ | | | 💭 | |
sonar-no-dupe-keys | Member names should not be duplicated within a class or object literal | ✅ | | 💡 | | |
sonar-no-empty-character-class | Empty character classes should not be used | ✅ | | | 💭 | |
sonar-no-fallthrough | Switch cases should end with an unconditional "break" statement | ✅ | | | | |
sonar-no-invalid-regexp | Regular expressions should be syntactically valid | ✅ | | | 💭 | |
sonar-no-magic-numbers | Magic numbers should not be used | | | | | |
sonar-no-misleading-character-class | Unicode Grapheme Clusters should be avoided inside regex character classes | ✅ | | 💡 | 💭 | |
sonar-no-regex-spaces | Regular expressions should not contain multiple spaces | ✅ | | 💡 | 💭 | |
sonar-no-unused-class-component-methods | Unused methods of React components should be removed | ✅ | | | | |
sonar-no-unused-vars | Unused local variables and functions should be removed | ✅ | | | | |
sonar-prefer-optional-chain | Optional chaining should be preferred | ✅ | 🔧 | 💡 | | |
sonar-prefer-read-only-props | React props should be read-only | ✅ | | 💡 | 💭 | |
sonar-prefer-regexp-exec | "RegExp.exec()" should be preferred over "String.match()" | ✅ | | 💡 | 💭 | |
sql-queries | Formatting SQL queries is security-sensitive | ✅ | | | | |
stable-tests | Tests should be stable | ✅ | | | | |
standard-input | Reading the Standard Input is security-sensitive | | | | | ❌ |
stateful-regex | Regular expressions with the global flag should be used with caution | ✅ | | | | |
strict-transport-security | Disabling Strict-Transport-Security policy is security-sensitive | ✅ | | | | |
strings-comparison | Comparison operators should not be used with strings | | | | 💭 | |
super-invocation | "super()" should be invoked appropriately | ✅ | | | | |
switch-without-default | "switch" statements should have "default" clauses | | | 💡 | 💭 | |
table-header | Tables should have headers | ✅ | | | | |
table-header-reference | Table cells should reference their headers | ✅ | | | | |
test-check-exception | Tests should check which exception is thrown | ✅ | | | | |
todo-tag | Track uses of "TODO" tags | ✅ | | | | |
too-many-break-or-continue-in-loop | Loops should not contain more than a single "break" or "continue" statement | | | | | |
unicode-aware-regex | Regular expressions using Unicode character classes or property escapes should enable the unicode flag | | | | 💭 | |
unnecessary-character-escapes | Unnecessary character escapes should be removed | ✅ | | 💡 | | |
unused-import | Unnecessary imports should be removed | ✅ | | 💡 | 💭 | |
unused-named-groups | Names of regular expressions named groups should be used | ✅ | | | 💭 | |
unverified-certificate | Server certificates should be verified during SSL/TLS connections | ✅ | | | | |
unverified-hostname | Server hostnames should be verified during SSL/TLS connections | ✅ | | | | |
updated-const-var | "const" variables should not be reassigned | ✅ | | | | |
updated-loop-counter | Loop counters should not be assigned within the loop body | ✅ | | | | |
use-isnan | "NaN" should not be used in comparisons | ✅ | | 💡 | | |
use-type-alias | Type aliases should be used | ✅ | | | | |
useless-string-operation | Results of operations on strings should not be ignored | | | | 💭 | ❌ |
values-not-convertible-to-numbers | Values not convertible to numbers should not be used in numeric comparisons | | | | 💭 | |
variable-name | Variable, property and parameter names should comply with a naming convention | | | | | |
void-use | "void" should not be used | ✅ | | | 💭 | |
weak-ssl | Weak SSL/TLS protocols should not be used | ✅ | | | | |
web-sql-database | Web SQL databases should not be used | | | | 💭 | ❌ |
x-powered-by | Disclosing fingerprints from web application technologies is security-sensitive | ✅ | | | | |
xml-parser-xxe | XML parsers should not be vulnerable to XXE attacks | ✅ | | | | |
xpath | Executing XPath expressions is security-sensitive | | | | | ❌ |