Categories
Latest version
v2.0.11
Updated on
Nov 22, 2022
Issues
662
Autofix
97
Sample configuration
version = 1
[[analyzers]]
name = "javascript"
enabled = true
[analyzers.meta]
module_system = "commonjs"
environment = [
"nodejs",
"browser",
"jest",
]
plugins = ["react"]
style_guide = "airbnb"
dialect = "flow"
Stats
Anti-pattern
304
Bug risk
269
Documentation
2
Performance
35
Security
33
Style
9
Type check
10
Audit: Insecure cookie JS-D015
Configuring the server to set insecure cookies configurations can lead to attacks like cookie hijacking, information leaks, and session hijacking.
Prefer using kebab-case for custom event names JS-0605
Prefer kebab-case when naming events in Vue templates. Other cases can become less readable in the resulting markup.
Misconfigured CORS in express JS-D002
Cross-Origin Resource Sharing(CORS) is a mechanism that enables web browsers to perform cross-domain requests using the XMLHttpRequest API in a controlled manner. It defines the protocol to use between a web browser and a server to determine whether a cross-origin request is allowed. Using *, null or google.com is not a reliable way to ensure security of the application or software.
Unnecessary catch clauses found JS-0112
A catch clause that only rethrows the original error is redundant, and has no effect on the runtime behavior of the program. These redundant clauses can be a source of confusion and code bloat, so it's better to disallow these unnecessary catch clauses.
Bad collection size comparison JS-W1031
Avoid using >= 0 and < 0 when comparing container sizes.