@nfq/eslint-config 1.2.8 → 2.0.0

package/CHANGELOG.md

@@ -0,0 +1,28 @@
+# Changelog
+
+All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
+
+## 2.0.0 (2022-02-24)
+
+
+### ⚠ BREAKING CHANGES
+
+* **Babel:** New peer dependency
+
+### Features
+
+* **@nfq/no-magic-numbers:** Add also arrays for ignore ([#5](https://github.com/nfqde/eslint-config-nfq/issues/5)) ([10a8c6e](https://github.com/nfqde/eslint-config-nfq/commit/10a8c6ece0841e85f4bcbfb3451c259cc0cf016b))
+* **Babel:** Changed babel-eslint parser to @babel/eslint-parser ([#9](https://github.com/nfqde/eslint-config-nfq/issues/9)) ([66eb90f](https://github.com/nfqde/eslint-config-nfq/commit/66eb90f95b8e0ee7ad7352d3760b962f13e6f375))
+* **import/order:** Add new imports ([#4](https://github.com/nfqde/eslint-config-nfq/issues/4)) ([10b708c](https://github.com/nfqde/eslint-config-nfq/commit/10b708cf228772328094607ca3c5a8ca97d16063))
+* **no-param-reassign:** Add key and value to ignore list for objects ([#6](https://github.com/nfqde/eslint-config-nfq/issues/6)) ([6adf418](https://github.com/nfqde/eslint-config-nfq/commit/6adf41817d439c27046f7ab68585c96e504ff5df))
+* **Plugins:** Changed peerdependency to scooped nfq package ([#1](https://github.com/nfqde/eslint-config-nfq/issues/1)) ([eba532b](https://github.com/nfqde/eslint-config-nfq/commit/eba532be70748c55b83878c0ed9b85ba07da0679))
+* **React:** Change react in scope rule for react 17 ([#10](https://github.com/nfqde/eslint-config-nfq/issues/10)) ([3a163bc](https://github.com/nfqde/eslint-config-nfq/commit/3a163bcfdfeac65ff319634f3305c2d5cf834f35))
+* **ReDOS:** Add redos checker ([#11](https://github.com/nfqde/eslint-config-nfq/issues/11)) ([ede6dce](https://github.com/nfqde/eslint-config-nfq/commit/ede6dcea975f4ebd01933f093f3a842a0de24140))
+
+
+### Bug Fixes
+
+* **Import/extensions:** Add font extensions. ([#2](https://github.com/nfqde/eslint-config-nfq/issues/2)) ([c2971a1](https://github.com/nfqde/eslint-config-nfq/commit/c2971a1de1406348ac340cd012b22417bf267674))
+* **import/order:** Fix image import ([#7](https://github.com/nfqde/eslint-config-nfq/issues/7)) ([37df73c](https://github.com/nfqde/eslint-config-nfq/commit/37df73c6f1d39fbe265fb591d89b839430ee5667))
+* **no-empty-func:** fixed async methods ([#3](https://github.com/nfqde/eslint-config-nfq/issues/3)) ([441fa2a](https://github.com/nfqde/eslint-config-nfq/commit/441fa2a6d890e4cec5f224951990a552be9cc644))
+* **Snyk:** upgrade confusing-browser-globals from 1.0.9 to 1.0.10 ([#8](https://github.com/nfqde/eslint-config-nfq/issues/8)) ([d3a23d0](https://github.com/nfqde/eslint-config-nfq/commit/d3a23d01dc449ea870e8ba36d83920d0f56e7159))

package/config/plugins.js

@@ -11,6 +11,7 @@ module.exports = [
     'react',
     'react-hooks',
     'react-hooks-ssr',
+    'redos',
     'security',
     'sort-destructure-keys'
 ];

package/package.json

@@ -1,12 +1,13 @@
 {
   "name": "@nfq/eslint-config",
-  "version": "1.2.8",
+  "version": "2.0.0",
   "engines": {
     "node": ">= 12.0.0"
   },
   "description": "Eslint configuration for all nfq projects",
   "main": "index.js",
   "scripts": {
+    "deploy": "standard-version && git push --follow-tags origin master",
     "test": "echo \"Error: no test specified\" && exit 1"
   },
   "keywords": [
@@ -31,6 +32,7 @@
     "eslint-plugin-react": ">= 7",
     "eslint-plugin-react-hooks": ">= 4",
     "eslint-plugin-react-hooks-ssr": ">= 0.1.5",
+    "eslint-plugin-redos": ">= 4",
     "eslint-plugin-security": ">= 1",
     "eslint-plugin-sort-destructure-keys": ">= 1"
   },
@@ -54,6 +56,7 @@
     "eslint-plugin-react": "^7.26.1",
     "eslint-plugin-react-hooks": "^4.2.0",
     "eslint-plugin-react-hooks-ssr": "^0.1.5",
+    "eslint-plugin-redos": "^4.3.0",
     "eslint-plugin-security": "^1.4.0",
     "eslint-plugin-sort-destructure-keys": "^1.3.5"
   },

package/pnpm-lock.yaml

@@ -18,6 +18,7 @@ specifiers:
   eslint-plugin-react: ^7.26.1
   eslint-plugin-react-hooks: ^4.2.0
   eslint-plugin-react-hooks-ssr: ^0.1.5
+  eslint-plugin-redos: ^4.3.0
   eslint-plugin-security: ^1.4.0
   eslint-plugin-sort-destructure-keys: ^1.3.5
 
@@ -41,6 +42,7 @@ devDependencies:
   eslint-plugin-react: 7.26.1_eslint@8.0.0
   eslint-plugin-react-hooks: 4.2.0_eslint@8.0.0
   eslint-plugin-react-hooks-ssr: 0.1.5_eslint@8.0.0
+  eslint-plugin-redos: 4.3.0_eslint@8.0.0
   eslint-plugin-security: 1.4.0
   eslint-plugin-sort-destructure-keys: 1.3.5_eslint@8.0.0
 
@@ -869,6 +871,15 @@ packages:
       string.prototype.matchall: 4.0.5
     dev: true
 
+  /eslint-plugin-redos/4.3.0_eslint@8.0.0:
+    resolution: {integrity: sha512-m8wNdabRK/KNt8pcVmxy2mOzTGodIV8xIIyx25/ub/Nbip2CIMCbmQfeO3OBwsgOhefblRoULAYCqYPm/aLvaA==}
+    peerDependencies:
+      eslint: '>= 3'
+    dependencies:
+      eslint: 8.0.0
+      recheck: 4.3.0
+    dev: true
+
   /eslint-plugin-security/1.4.0:
     resolution: {integrity: sha512-xlS7P2PLMXeqfhyf3NpqbvbnW04kN8M9NtmhpR3XGyOvt/vNKS7XPXT5EDbwKW9vCjWH4PpfQvgD/+JgN0VJKA==}
     dependencies:
@@ -1605,6 +1616,45 @@ packages:
     resolution: {integrity: sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==}
     dev: true
 
+  /recheck-jar/4.3.0:
+    resolution: {integrity: sha512-Z1ValtlVKZXoM71gMKRi+RH7vaVn7YvDKxC+1V2BVdKHsei/F9jcaZGp47q6rep9YPFhHYZ2tOKuqzfar+L1dw==}
+    requiresBuild: true
+    dev: true
+    optional: true
+
+  /recheck-linux-x64/4.3.0:
+    resolution: {integrity: sha512-W4vBHzrflvx1y6aU6iLDme0grp+pHGSYXgOhtNMl0YkrzYBQ5TeF/eaM5o9f3ZZuVfjxr73CRWAm9B2Qx4XpYw==}
+    cpu: [x64]
+    os: [linux]
+    requiresBuild: true
+    dev: true
+    optional: true
+
+  /recheck-macos-x64/4.3.0:
+    resolution: {integrity: sha512-ikmmDRRk6w+wunwNVSwKMwxJnXYWv7DlHkDxij5dw6bauJ9YqpfxHCa603G+K6zcRfB5OiMWz6EI7x2mNnSDeA==}
+    cpu: [x64]
+    os: [darwin]
+    requiresBuild: true
+    dev: true
+    optional: true
+
+  /recheck-windows-x64/4.3.0:
+    resolution: {integrity: sha512-6ut79YbjkXxbpouu1PyzIhyOEkmMyYDBzstihxa62XTrwiyRl0A6BDGvy3o2mHzQ355T5UmsbcTYIsoav3UEyA==}
+    cpu: [x64]
+    os: [win32]
+    requiresBuild: true
+    dev: true
+    optional: true
+
+  /recheck/4.3.0:
+    resolution: {integrity: sha512-Tja4wYd3Vk929QkmwvIyAowtg7RbUvM1mAIVhZo8idUq4nzit6FiMyIH2Tp5+8qaAl3Akem/GJDE4+Q2oVYLUA==}
+    optionalDependencies:
+      recheck-jar: 4.3.0
+      recheck-linux-x64: 4.3.0
+      recheck-macos-x64: 4.3.0
+      recheck-windows-x64: 4.3.0
+    dev: true
+
   /regenerator-runtime/0.13.9:
     resolution: {integrity: sha512-p3VT+cOEgxFsRRA9X4lkI1E+k2/CtnKtU4gcxyaCUreilL/vqI6CdZ3wxVUx3UOUg+gnUOQQcRI7BmSI656MYA==}
     dev: true

package/rules/security.js

@@ -2,6 +2,15 @@
 
 module.exports = {
     rules: {
+        'redos/no-vulnerable': [
+            'error',
+            {
+                checker: 'auto',
+                ignoreErrors: true,
+                permittableComplexities: ['polynomial', 'exponential'],
+                timeout: 10000
+            }
+        ], // Detects regexes vulnerable to ReDOS attacks https://makenowjust-labs.github.io/recheck/docs/usage/as-eslint-plugin/
         'security/detect-buffer-noassert': 'error', // Detects calls to buffer with noAssert flag set https://github.com/nodesecurity/eslint-plugin-security
         'security/detect-child-process': 'error', // Detects instances of child_process & non-literal exec() https://github.com/nodesecurity/eslint-plugin-security/blob/master/docs/avoid-command-injection-node.md
         'security/detect-disable-mustache-escape': 'error', // Detects object.escapeMarkup = false, which can be used with some template engines to disable escaping of HTML entities. This can lead to Cross-Site Scripting (XSS) vulnerabilities. https://github.com/nodesecurity/eslint-plugin-security