ESLint Rules for Security
Not all lint rules are just for style
- CWE-95 (Do not use
eval) - CWE-398 (Indicator of Poor Code Quality)
- CWE-407 (Algorithmic Complexity)
- CWE-456 (Missing Initialization of a Variable)
- CWE-457 (Use of Uninitialized Variable)
- CWE-478 (Missing Default Case in Switch Statement)
- CWE-483 (Incorrect Block Delimitation)
- CWE-484 (Omitted Break Statement in Switch)
- CWE-489 (Leftover Debug Code)
- CWE-561 (Dead Code)
- CWE-570 (Expression is Always False)
- CWE-571 (Expression is Always True)
- CWE-704 (Incorrect Type Conversion or Cast)
================================================
CWE-95 Eval is bad
CWE-398 Indicator of Poor Code Quality
complexityno-unused-varsmax-depthmax-nested-callbacksmax-paramsno-emptyno-unused-varsstrictno-unreachable