Open iranreyes opened 5 years ago
@iranreyes I was thinking of a rule that checked that there is only one h1
per page.
Lighthouse[in-progress]: https://github.com/Jam3/adviser-plugin-lighthouse
Create a plugin called adviser-plugin-privacy and create a rule that scans looking for hardcoded credentials. Before creating this rule I would like to test what GitHub detects out of the box and use the tools to detect the rest.
Name: secrets
https://github.com/awslabs/git-secrets https://github.com/Yelp/detect-secrets https://www.npmjs.com/package/detect-secrets https://geekflare.com/github-credentials-scanner/ https://securitytrails.com/blog/github-dorks https://github.blog/2018-10-17-behind-the-scenes-of-github-token-scanning/
Create documentation for the rule within /docs/rules Add metadata to the rule Update the Plugin general README and add the new rule
Avoid pushing .env
files
SEO Combo:
Ideas: h1 sitemap.xml robots.txt img alts broken links etc
Security combo:
Headers, CSP Extra checkings HTTPS implementation External anchors should use noopnener, noreferrer Run Owasp-zap, wp-scan, skipfish and others
Dependencies:
Config files: Which config files the project should have (.eslintrc, .stylelintrc, etc)
Package.json: Required package.json props (private, browserlist, husky, lint-staged, engines, license) Not allowed (license)
What is not covered by LightHouse or WebHint but it's in one of the frontend checklists:
https://github.com/thedaviddias/Front-End-Checklist https://github.com/thedaviddias/Front-End-Design-Checklist#front-end-design-checklist\ https://codeburst.io/the-front-end-performance-checklist-speeds-up-your-web-developments-b68e1c7a0276
List of rules to add: