Skip to content

Releases: eslint-community/eslint-plugin-security

eslint-plugin-security v3.0.1

14 Jun 11:35
aa33cf5
Compare
Choose a tag to compare

Bug Fixes

eslint-plugin-security v3.0.0

10 Apr 17:47
be3a03b
Compare
Choose a tag to compare

⚠ BREAKING CHANGES

  • requires node ^18.18.0 || ^20.9.0 || >=21.1.0 (#146)

Features

  • requires node ^18.18.0 || ^20.9.0 || >=21.1.0 (#146) (df1b606)

Bug Fixes

  • Ensure everything works with ESLint v9 (#145) (ac50ab4)

eslint-plugin-security v2.1.1

14 Feb 18:44
779da2b
Compare
Choose a tag to compare

Bug Fixes

  • Ensure empty eval() doesn't crash detect-eval-with-expression (#139) (8a7c7db)

eslint-plugin-security v2.1.0

15 Dec 16:55
c73effd
Compare
Choose a tag to compare

Features

eslint-plugin-security v2.0.0

13 Dec 16:12
27cd160
Compare
Choose a tag to compare

⚠ BREAKING CHANGES

  • switch the recommended config to flat (#118)

Features

  • switch the recommended config to flat (#118) (e20a366)

eslint-plugin-security v1.7.1

02 Feb 18:44
0c9c1de
Compare
Choose a tag to compare

Bug Fixes

  • false positives for static expressions in detect-non-literal-fs-filename, detect-child-process, detect-non-literal-regexp, and detect-non-literal-require (#109) (56102b5)

eslint-plugin-security v1.7.0

26 Jan 21:39
75e1e9d
Compare
Choose a tag to compare

Features

eslint-plugin-security v1.6.0

11 Jan 21:48
c54e618
Compare
Choose a tag to compare

Features

  • Add meta object documentation for all rules (#79) (fb1d9ef)
  • detect-bidi-characters rule (#95) (4294d29)
  • detect-non-literal-fs-filename: change to track non-top-level require() as well (#105) (d3b1543)
  • extend detect non literal fs filename (#92) (08ba476)
  • non-literal-require: support template literals (#81) (208019b)

Bug Fixes

  • Avoid crash when exec() is passed no arguments (7f97815), closes #82 #23
  • Avoid TypeError when exec stub is used with no arguments (#97) (9c18f16)
  • detect-child-process: false positive for destructuring with exec (#102) (657921a)
  • detect-child-process: false positives for destructuring spawn (#103) (fdfe37d)
  • Incorrect method name in detect-buffer-noassert. (313c0c6), closes #63 #80