tslint-microsoft-contrib
Advanced tools
A set of TSLint rules used on some Microsoft projects.
This software is not yet released with a 1.0 version. All release blockers are listed in the issues page.
npm install tslint-microsoft-contrib
Add the new rulesDirectory to your tslint task:
grunt.initConfig({
tslint: {
options: {
rulesDirectory: 'node_modules/tslint-microsoft-contrib',
configuration: grunt.file.readJSON("tslint-contrib.json")
},
files: {
src: ['src/file1.ts', 'src/file2.ts']
}
}
})
The tslint-contrib.json file follows the same conventions as other tslint rules.
A sample configuration file with all options is available under tslint-microsoft-contrig/tslint.json
export-name The name of the exported module must match the filename of the source file. This is case-sensitive but ignores file extension.missing-optional-annotation A parameter that follows one or more parameters marked as optional is not itself marked optionalno-banned-terms Do not use banned terms: caller, callee, eval, arguments. These terms refer to functions or properties that should not be used, so it is best practice to simply avoid them.no-cookies Do not use cookiesno-delete-expression Do not delete expressions. Only properties should be deletedno-disable-auto-sanitization Do not disable auto-sanitization of HTML because this opens up your page to an XSS attack. Specifically, do not use the execUnsafeLocalFunction or setInnerHTMLUnsafe functions.no-document-write Do not use document.writeno-duplicate-parameter-names Do not write functions or methods with duplicate parameter namesno-exec-script Do not use the execScript functionsno-function-constructor-with-string-args Do not use the version of the Function constructor that accepts a string argument to define the body of the functionno-http-string Do not use strings that start with 'http:'. URL strings should start with 'https:'. Http strings can be a security problem and indicator that your software may suffer from cookie-stealing attacks.no-increment-decrement Avoid use of increment and decrement operators particularly as part of complicated expressionsno-multiline-string Do not declare multiline stringsno-unnecessary-semicolons Remove unnecessary semicolonsno-octal-literal Do not use octal literals or escaped octal sequencesno-reserved-keywords Do not use reserved keywords as names of local variables, fields, functions, or other identifiers.no-string-based-set-immediate Do not use the version of setImmediate that accepts code as a string argument. However, it is acceptable to use the version of setImmediate where a direct reference to a function is provided as the callback argumentno-string-based-set-interval Do not use the version of setInterval that accepts code as a string argument. However, it is acceptable to use the version of setInterval where a direct reference to a function is provided as the callback argumentno-string-based-set-timeout Do not use the version of setTimeout that accepts code as a string argument. However, it is acceptable to use the version of setTimeout where a direct reference to a function is provided as the callback argumentno-unused-imports Remove unused importsno-with-statement Do not use with statements. Assign the item to a new variable insteadreact-no-dangerous-html Do not use React's dangerouslySetInnerHTML API. This rule finds usages of the dangerouslySetInnerHTML API (but not any JSX references). For more info see the react-no-dangerous-html Rule wiki page.use-named-parameter Do not reference the arguments object by numerical index; instead, use a named parameter. This rule is similar to JSLint's Use a named parameter rule.To develop tslint-microsoft-contrib simply clone the repository, install dependencies and run grunt:
git config --global core.autocrlf input
git config --global core.eol lf
git clone git@github.com:Microsoft/tslint-microsoft-contrib.git
cd tslint-microsoft-contrib
npm install
grunt all
If command fails because of file access permissions, prefix it with sudo.
npm install -g node-inspector
node-inspector
In another terminal window run:
# on *nix machines:
node --debug-brk /usr/local/bin/grunt mochaTest
# on Windows machines:
node --debug-brk /c/Users/[your alias]/AppData/Roaming/npm/node_modules/grunt-cli/bin/grunt
Open in browser:
http://127.0.0.1:8080/?ws=127.0.0.1:8080&port=5858
Set a breakpoint somewhere in your code and resume execution. Your breakpoint should be hit.
Refer to the Releases Wiki Page
FAQs
TSLint Rules for Microsoft
The npm package tslint-microsoft-contrib receives a total of 54,185 weekly downloads. As such, tslint-microsoft-contrib popularity was classified as popular.
We found that tslint-microsoft-contrib demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.