Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / eslint-community/eslint-plugin-security issues and pull requests
#167 - detect-jquery-globalEval.js
Issue -
State: closed - Opened by guoyutian1111222333 about 1 month ago
- 3 comments
#166 - New Config: Avoiding intrusive and dangerous dependencies
Issue -
State: closed - Opened by brettz9 3 months ago
- 2 comments
#165 - chore(deps-dev): bump braces from 3.0.2 to 3.0.3
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies
#164 - chore: release 3.0.1
Pull Request -
State: closed - Opened by github-actions[bot] 4 months ago
Labels: autorelease: pending
#160 - chore(deps): bump tunnel-agent and changelog
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies
#159 - docs: add TypeScript support section
Pull Request -
State: closed - Opened by rhysd 5 months ago
- 2 comments
#158 - chore: add pkg.funding
Pull Request -
State: closed - Opened by aladdin-add 5 months ago
#157 - Bug: no type definitions for eslint flat config
Issue -
State: closed - Opened by TheElegantCoding 5 months ago
- 3 comments
Labels: bug
#156 - Two new rules from: eslint-plugin-xss
Issue -
State: closed - Opened by darkgreentree 5 months ago
- 2 comments
#155 - Does This Plugin Support TypeScript?
Issue -
State: closed - Opened by Barzi-Ahmed 6 months ago
- 5 comments
Labels: enhancement
#154 - Bug: (fill in)
Issue -
State: closed - Opened by nowaysgit 6 months ago
- 1 comment
Labels: bug
#153 - chore(deps-dev): bump npm from 8.7.0 to 8.19.4
Pull Request -
State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies
#152 - chore(deps-dev): bump qs from 6.3.2 to 6.3.3
Pull Request -
State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies
#151 - chore(deps): bump jsonpointer and is-my-json-valid
Pull Request -
State: closed - Opened by dependabot[bot] 6 months ago
- 2 comments
Labels: dependencies
#150 - chore(deps): bump json-schema and jsprim
Pull Request -
State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies
#149 - chore(deps-dev): bump semantic-release from 19.0.2 to 19.0.3
Pull Request -
State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies
#148 - chore: release 3.0.0
Pull Request -
State: closed - Opened by github-actions[bot] 6 months ago
- 1 comment
Labels: autorelease: tagged
#147 - chore: upgrade eslint-doc-generator v1.7.0
Pull Request -
State: closed - Opened by aladdin-add 6 months ago
#146 - feat!: requires node ^18.18.0 || ^20.9.0 || >=21.1.0
Pull Request -
State: closed - Opened by aladdin-add 6 months ago
- 1 comment
Labels: breaking
#145 - fix: Ensure everything works with ESLint v9
Pull Request -
State: closed - Opened by nzakas 6 months ago
- 1 comment
#144 - ESLint v9 compatibility (TypeError: context.getScope is not a function)
Issue -
State: closed - Opened by rivajunior 6 months ago
- 8 comments
Labels: bug
#143 - docs: fix typos in regular expression docs
Pull Request -
State: closed - Opened by mvolz 6 months ago
#142 - Add support for flat config and types
Issue -
State: closed - Opened by TheElegantCoding 6 months ago
- 1 comment
#141 - Typo fix in bypass-connect-csrf-protection-by-abusing.md
Pull Request -
State: closed - Opened by nikelborm 7 months ago
#140 - chore: release 2.1.1
Pull Request -
State: closed - Opened by github-actions[bot] 8 months ago
- 1 comment
Labels: autorelease: tagged
#139 - fix: Ensure empty eval() doesn't crash detect-eval-with-expression
Pull Request -
State: closed - Opened by nzakas 8 months ago
#138 - Bug: security/detect-eval-with-expression - "TypeError: Cannot read properties of undefined (reading: 'type')
Issue -
State: closed - Opened by bestickley 8 months ago
- 6 comments
Labels: bug
#137 - Bug: Configuration using JSON eslintrc file
Issue -
State: closed - Opened by armfazh 8 months ago
- 2 comments
Labels: bug
#136 - Bug: false positive for security/detect-object-injection
Issue -
State: closed - Opened by AnnAngela 9 months ago
- 2 comments
Labels: bug
#135 - Upgrade causes obscure error
Issue -
State: closed - Opened by bibble235 10 months ago
- 4 comments
Labels: bug
#134 - Bug: Converting circular structure to JSON when running eslint
Issue -
State: closed - Opened by cthacker-udel 10 months ago
- 2 comments
Labels: bug
#133 - chore: release 2.1.0
Pull Request -
State: closed - Opened by github-actions[bot] 10 months ago
- 1 comment
Labels: autorelease: tagged
#132 - feat: add config recommended-legacy
Pull Request -
State: closed - Opened by aladdin-add 10 months ago
#131 - Bug: Crashes ESLint due to circular reference in config
Issue -
State: closed - Opened by maxmilton 10 months ago
- 4 comments
Labels: bug
#130 - Fix grammar and inconsistent formatting
Pull Request -
State: closed - Opened by GrantGryczan 10 months ago
- 2 comments
#129 - chore: release 2.0.0
Pull Request -
State: closed - Opened by github-actions[bot] 12 months ago
- 3 comments
Labels: autorelease: tagged
#128 - chore: switch .eslintrc to flat config
Pull Request -
State: closed - Opened by aladdin-add 12 months ago
Labels: hacktoberfest-accepted
#127 - Rule Change: (fill in)
Issue -
State: closed - Opened by mathieulb about 1 year ago
- 2 comments
Labels: enhancement
#126 - `security/detect-object-injection` false alarm on type safe key
Issue -
State: closed - Opened by loynoir about 1 year ago
- 5 comments
Labels: bug
#124 - Bug: `security/detect-object-injection` should be ignored when property is switch case discriminant.
Issue -
State: closed - Opened by loynoir over 1 year ago
- 2 comments
Labels: bug
#123 - Bug: `security/detect-non-literal-regexp` should ignore `escapeStringRegexp()`
Issue -
State: closed - Opened by loynoir over 1 year ago
- 1 comment
Labels: bug
#122 - chore: add metadata in the exported object
Pull Request -
State: closed - Opened by aladdin-add over 1 year ago
#121 - docs(the-dangers-of-square-bracket-notation): fix broken link
Pull Request -
State: closed - Opened by continentaldivide over 1 year ago
#120 - chore: add `format` workflow
Pull Request -
State: closed - Opened by MichaelDeBoey over 1 year ago
- 3 comments
#119 - chore: add tests for Node 20
Pull Request -
State: closed - Opened by MichaelDeBoey over 1 year ago
#118 - feat!: switch the recommended config to flat
Pull Request -
State: closed - Opened by aladdin-add over 1 year ago
- 2 comments
#117 - New Rule: disallow unicode confusable identifiers
Issue -
State: open - Opened by mhofman over 1 year ago
- 4 comments
#116 - New Rule: Detect invisible characters
Issue -
State: open - Opened by nzakas over 1 year ago
#115 - A Suggestion for the Docs
Issue -
State: closed - Opened by MahdiAljazairi over 1 year ago
- 2 comments
#114 - chore: release 1.7.1
Pull Request -
State: closed - Opened by github-actions[bot] over 1 year ago
- 1 comment
Labels: autorelease: tagged
#113 - chore: release 1.7.0
Pull Request -
State: closed - Opened by github-actions[bot] over 1 year ago
- 1 comment
Labels: autorelease: tagged
#112 - Bug: object injection not detected
Issue -
State: closed - Opened by FizzBuzz791 over 1 year ago
- 2 comments
Labels: bug
#111 - chore: fix repo url
Pull Request -
State: closed - Opened by ota-meshi over 1 year ago
#110 - docs: maybe an error in the-dangers-of-square-bracket-notation
Issue -
State: closed - Opened by helicese over 1 year ago
- 1 comment
#109 - fix: false positives for static expressions in detect-non-literal-fs-filename, detect-child-process, detect-non-literal-regexp, and detect-non-literal-require
Pull Request -
State: closed - Opened by ota-meshi over 1 year ago
- 2 comments
#108 - feat: improve detect-child-process rule
Pull Request -
State: closed - Opened by ota-meshi over 1 year ago
#107 - chore: release 1.6.0
Pull Request -
State: closed - Opened by github-actions[bot] over 1 year ago
- 1 comment
Labels: autorelease: tagged
#106 - chore: npm run format
Pull Request -
State: closed - Opened by ota-meshi over 1 year ago
#105 - feat(detect-non-literal-fs-filename): change to track non-top-level `require()` as well
Pull Request -
State: closed - Opened by ota-meshi almost 2 years ago
- 3 comments
#104 - Improve detect-child-process rule
Issue -
State: closed - Opened by ota-meshi almost 2 years ago
#103 - fix(detect-child-process): false positives for destructuring `spawn`
Pull Request -
State: closed - Opened by ota-meshi almost 2 years ago
#102 - fix(detect-child-process): false positive for destructuring with `exec`
Pull Request -
State: closed - Opened by ota-meshi almost 2 years ago
#101 - docs: automate docs with `eslint-doc-generator`
Pull Request -
State: closed - Opened by bmish almost 2 years ago
#100 - docs: add npm version badge
Pull Request -
State: closed - Opened by bmish almost 2 years ago
- 1 comment
#99 - docs: use `eslint-doc-generator`
Issue -
State: closed - Opened by MichaelDeBoey almost 2 years ago
#98 - Update wording
Pull Request -
State: closed - Opened by nicolapalavecino almost 2 years ago
#97 - fix: Avoid TypeError when exec stub is used with no arguments
Pull Request -
State: closed - Opened by lingo almost 2 years ago
#96 - ci: add node 18 to test matrix, remove node 17
Pull Request -
State: closed - Opened by Fdawgs almost 2 years ago
#95 - feat: detect trojan source attack
Pull Request -
State: closed - Opened by simone-sanfratello almost 2 years ago
- 13 comments
#94 - ci: update workflows
Pull Request -
State: closed - Opened by Fdawgs almost 2 years ago
#93 - Invitation to move to official `eslint-community` org
Issue -
State: closed - Opened by MichaelDeBoey about 2 years ago
- 7 comments
#92 - feat: extend detect non literal fs filename
Pull Request -
State: closed - Opened by BuZZ-T about 2 years ago
- 13 comments
#91 - chore: add `eslint-plugin-eslint-plugin`
Pull Request -
State: closed - Opened by bmish about 2 years ago
#90 - Java generator always adds @Json annotations for enums
Issue -
State: closed - Opened by micro-jumbo about 2 years ago
#89 - detect-non-literal-fs-filename - add a check is it fs method at the first place
Pull Request -
State: closed - Opened by revelt about 2 years ago
- 3 comments
#88 - `detect-non-literal-fs-filename` matches inconsistently
Issue -
State: closed - Opened by TikiTDO over 2 years ago
- 2 comments
#87 - fix: TypeError: Cannot read property 'type' of undefined in detect-child-process rule (#69)
Pull Request -
State: closed - Opened by XERXES-MOUSAVI over 2 years ago
- 1 comment
#86 - Changelog for v1.5.0
Pull Request -
State: closed - Opened by anjannair over 2 years ago
#85 - ci: bump github actions
Pull Request -
State: closed - Opened by Fdawgs over 2 years ago
#84 - Add missing 1.5.0 changelog
Issue -
State: closed - Opened by sampsakuronen over 2 years ago
#83 - Deprecate detect-buffer-noassert
Issue -
State: open - Opened by nzakas over 2 years ago
#82 - fix(detect-child-process): Empty array case handled
Pull Request -
State: closed - Opened by MarkKragerup over 2 years ago
- 7 comments
#81 - feat(non-literal-require): support template literals
Pull Request -
State: closed - Opened by MarkKragerup over 2 years ago
- 1 comment
#80 - Fix: Corrected Typo. Replaces #63
Pull Request -
State: closed - Opened by MarkKragerup over 2 years ago
- 6 comments
#79 - Add meta object documentation for all rules. Closes #48
Pull Request -
State: closed - Opened by MarkKragerup over 2 years ago
- 4 comments
#78 - feat: Implement standardized formatting. Closes #4
Pull Request -
State: closed - Opened by MarkKragerup over 2 years ago
- 9 comments
#76 - Help wanted: Issue and PR Review
Issue -
State: open - Opened by nzakas over 2 years ago
- 2 comments
Labels: help wanted
#75 - Package Modernization
Issue -
State: closed - Opened by nzakas over 2 years ago
- 10 comments
#74 - Fix typos in documentation
Pull Request -
State: closed - Opened by myersg86 over 2 years ago
#73 - add yarn installation
Pull Request -
State: closed - Opened by Hashen110 over 2 years ago
#72 - Including "unicode bidi attacks" defense
Issue -
State: closed - Opened by fritx almost 3 years ago
- 2 comments
#71 - I would like to take over as maintainer
Issue -
State: closed - Opened by nzakas almost 3 years ago
- 24 comments
#70 - Is this a timing attack?
Issue -
State: open - Opened by jimisaacs almost 3 years ago
- 3 comments
#69 - TypeError: Cannot read property 'type' of undefined in detect-child-process rule
Issue -
State: closed - Opened by XERXES-MOUSAVI about 3 years ago
- 4 comments
#68 - Better link to time attack explanation
Pull Request -
State: closed - Opened by PaulAnnekov over 3 years ago
- 3 comments
#67 - Heuristics for detect-object-injection
Issue -
State: closed - Opened by adrianhelvik almost 4 years ago
- 3 comments
#66 - Is this still maintained ?
Issue -
State: closed - Opened by Tjerk-Haaye-Henricus about 4 years ago
- 4 comments
#65 - False alarm for “Found fs.readFile with non literal argument at index 0”?
Issue -
State: closed - Opened by Hongbo-Miao about 4 years ago
- 5 comments
#64 - detect-child-process false-positive with exec
Issue -
State: closed - Opened by modestfake about 4 years ago
- 1 comment
#63 - Update detect-buffer-noassert.js
Pull Request -
State: closed - Opened by sabrinabrogren about 4 years ago
- 1 comment