feat: Disallow unsanitized code

mauriciolauffer · Sep 17, 2023 · 8975f97 · 8975f97
1 parent 23cf9e3
commit 8975f97
Show file tree

Hide file tree

Showing 9 changed files with 335 additions and 198 deletions.
diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
@@ -0,0 +1 @@
+github: mauriciolauffer
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,8 @@
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    allow:
+      - dependency-type: "production"
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -3,13 +3,15 @@ on:
   push:
     branches: [master]
 
-permissions:
-  contents: write
-  pull-requests: write
+
+permissions: read-all
 
 jobs:
   release:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
     steps:
       - uses: google-github-actions/release-please-action@v3
         with:

diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
@@ -17,6 +17,7 @@ jobs:
     permissions:
       # Needed to upload the results to code-scanning dashboard.
       security-events: write
+      id-token: write
 
     steps:
       - name: "Checkout code"
@@ -25,7 +26,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3
+        uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0
         with:
           results_file: results.sarif
           results_format: sarif

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -12,6 +12,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
+      with:
+        persist-credentials: false
     - uses: actions/setup-node@v3
       with:
         node-version: 20

diff --git a/README.md b/README.md
@@ -1 +1,10 @@
-# eslint-config-mlauffer-ui5
+# eslint-config-mlauffer-ui5
+
+[![npm](https://img.shields.io/npm/v/eslint-config-mlauffer-ui5)](https://www.npmjs.com/package/eslint-config-mlauffer-ui5) [![test](https://github.com/mauriciolauffer/eslint-config-mlauffer-ui5/actions/workflows/test.yml/badge.svg)](https://github.com/mauriciolauffer/eslint-config-mlauffer-ui5/actions/workflows/test.yml)
+
+My personal ESLint config for SAP Fiori/UI5 projects.
+
+Using:
+
+- [eslint-config-mlauffer-nodejs](https://www.npmjs.com/package/eslint-config-mlauffer-nodejs)
+- [eslint-plugin-no-unsanitized](https://www.npmjs.com/package/eslint-plugin-no-unsanitized)
diff --git a/lib/index.js b/lib/index.js
@@ -3,18 +3,18 @@
 module.exports = {
   root: false,
   extends: [
-    'eslint-config-mlauffer-nodejs'
+    'mlauffer-nodejs',
+    'plugin:no-unsanitized/DOM'
   ],
   env: {
     node: false,
     es2022: false,
+    es2020: true,
     browser: true,
-    es6: true,
-    jquery: true,
-    qunit: true,
     worker: true,
-    amd: true,
-    serviceworker: true
+    serviceworker: true,
+    jquery: false,
+    qunit: false
   },
   globals: {
     sap: true