Categories
Latest version
v1.7.1
Updated on
Aug 12, 2022
Issues
661
Autofix
97
Sample configuration
version = 1
[[analyzers]]
name = "javascript"
enabled = true
[analyzers.meta]
module_system = "commonjs"
environment = [
"nodejs",
"browser",
"jest",
]
plugins = ["react"]
style_guide = "airbnb"
dialect = "flow"
Stats
Anti-pattern
305
Bug risk
269
Documentation
2
Performance
35
Security
30
Style
10
Type check
10
Audit: Insecure cookie JS-D015
Configuring the server to set insecure cookies configurations can lead to various types of attacks like cookie hijacking, information leakage, session hijacking and many others.
Prefer using kebab-case for custom event names JS-0605
Prefer kebab-case when naming events in Vue templates. Other cases can become less readable in the resulting markup.
Misconfigured CORS in express JS-D002
Cross-Origin Resource Sharing(CORS) is a mechanism that enables web browsers to perform cross-domain requests using the XMLHttpRequest API in a controlled manner. It defines the protocol to use between a web browser and a server to determine whether a cross-origin request is allowed. Using *, null or google.com is not a reliable way to ensure security of the application or software.
Unnecessary catch clauses found JS-0112
A catch clause that only rethrows the original error is redundant, and has no effect on the runtime behavior of the program. These redundant clauses can be a source of confusion and code bloat, so it's better to disallow these unnecessary catch clauses.
Bad collection size comparison JS-W1031
Avoid using >= 0 and < 0 when comparing container sizes.