1  import security from "eslint-plugin-security";
 2  
 3  export default [
 4    {
 5      plugins: {
 6        security,
 7      },
 8      languageOptions: {
 9        ecmaVersion: 2022,
10        sourceType: "module",
11        globals: {
12          console: "readonly",
13          process: "readonly",
14          __dirname: "readonly",
15          __filename: "readonly",
16          Buffer: "readonly",
17          setInterval: "readonly",
18          setTimeout: "readonly",
19          clearInterval: "readonly",
20          clearTimeout: "readonly",
21        },
22      },
23      rules: {
24        "semi": ["error", "always"],
25        "quotes": ["error", "double"],
26        "indent": ["error", 2],
27        "comma-dangle": ["error", "always-multiline"],
28        "no-unused-vars": ["warn", { "argsIgnorePattern": "^_" }],
29        "no-console": "off",
30        "curly": ["error", "all"],
31        "brace-style": ["error", "1tbs"],
32        "no-eval": ["error"],
33        "no-implied-eval": ["error"],
34        "no-new-func": ["error"],
35        "no-script-url": ["error"],
36        "no-unsafe-negation": ["error"],
37        "no-unsafe-optional-chaining": ["error"],
38        "no-prototype-builtins": ["error"],
39        "no-global-assign": ["error"],
40        "no-implicit-globals": ["error"],
41        "no-extend-native": ["error"],
42        "no-new-wrappers": ["error"],
43        "no-void": ["error"],
44        "prefer-const": ["error"],
45        "no-var": ["error"],
46        "no-delete-var": ["error"],
47        "no-label-var": ["error"],
48        "no-restricted-globals": ["error", "event", "name"],
49        "no-restricted-properties": ["error", {
50          "object": "process",
51          "property": "env",
52          "message": "Use config.js instead of process.env",
53        }],
54        "no-restricted-syntax": ["error", {
55          "selector": "CallExpression[callee.name='eval']",
56          "message": "eval() is not allowed",
57        }, {
58          "selector": "CallExpression[callee.name='Function']",
59          "message": "Function() constructor is not allowed",
60        }],
61        "security/detect-object-injection": ["off"],
62        "security/detect-non-literal-regexp": ["warn"],
63        "security/detect-unsafe-regex": ["error"],
64        "security/detect-buffer-noassert": ["error"],
65        "security/detect-child-process": ["error"],
66        "security/detect-disable-mustache-escape": ["error"],
67        "security/detect-eval-with-expression": ["error"],
68        "security/detect-new-buffer": ["error"],
69        "security/detect-no-csrf-before-method-override": ["error"],
70        "security/detect-non-literal-fs-filename": ["warn"],
71        "security/detect-non-literal-require": ["warn"],
72        "security/detect-possible-timing-attacks": ["warn"],
73        "security/detect-pseudoRandomBytes": ["error"],
74      },
75    },
76  ];