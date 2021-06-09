This repository has been archived as read-only
We recommend looking at https://github.com/mozilla/eslint-plugin-no-unsanitized
if you are interested in xss-prevention techniques.
ScanJS Rules through ESLint.
If you want to get something like ScanJS using ESLint. This is the config
file.
Install
npm -g install
* cp -v .eslintrc ~/.scanjs-eslintrc
Running
cd project-to-scan/
eslint --no-eslintrc -c ~/.scanjs-eslintrc .
Usage within IntelliJ IDEs (WebStorm, PyCharm etc.)
- Open the Settings dialog and navigate to Languages & Frameworks → JavaScript → Code Quality Tools → ESLint.
- Enable ESLint and make sure your settings match your installation: Use a globally installed eslint package, the installer will place this in
/usr/lib/node_modules/eslint or
usr/local/lib/node_modules/eslint.
- Supply the config path
~/.scanjs-eslintrc
- Reset the default rules, by providing extra eslint options, so we only use the provided config. This disables the default eslint rules, which check for coding style, not security:
--no-eslintrc -c ~/.scanjs-eslintrc .