Open morgan-zylotech opened 3 years ago
I've imported this ruleset into my application in my package.json file
"eslint-plugin-react-security": "git+ssh://git@github.com:snyk-labs/eslint-plugin-react-security.git",
I've declared the rule in my .eslintrc.js file like:
plugins: [ 'react', 'cypress', 'html', 'no-unsanitized', 'react-security', 'security', ], rules: { // # https://github.com/yannickcr/eslint-plugin-react/tree/master/docs/rules 'react/no-danger': 'warn', 'react/no-find-dom-node': 'warn', 'react/jsx-no-script-url': 'warn', 'react/jsx-no-target-blank': 'warn', 'react/jsx-props-no-spreading': 'warn', // https://github.com/snyk-labs/eslint-plugin-react-security 'no-refs': 'warn', // https://github.com/mozilla/eslint-plugin-no-unsanitized 'no-unsanitized/method': 'error', 'no-unsanitized/property': 'error', }
as per the file - https://github.com/snyk-labs/eslint-config-react-security/blob/master/index.js
Which leads me to this error when running eslint in the application directory.
eslint
1:1 error Definition for rule 'no-refs' was not found
Only when I
change 'no-refs': 'warn', to 'react-security/no-refs': 'warn', does the error go away and the rule properly resolve.
'no-refs': 'warn',
'react-security/no-refs': 'warn',
I think this could easily be solved with some documentation.
The reason my this might get some attention is that someone at Synk blogged about it recently - https://snyk.io/blog/10-react-security-best-practices/
@morgan-zylotech thanks for coming by and proposing the solution here. Would you like to send over the Pull Request with the fix?
I've imported this ruleset into my application in my package.json file
"eslint-plugin-react-security": "git+ssh://git@github.com:snyk-labs/eslint-plugin-react-security.git",
I've declared the rule in my .eslintrc.js file like:
as per the file - https://github.com/snyk-labs/eslint-config-react-security/blob/master/index.js
Which leads me to this error when running
eslint
in the application directory.1:1 error Definition for rule 'no-refs' was not found
Only when I
change
'no-refs': 'warn',
to'react-security/no-refs': 'warn',
does the error go away and the rule properly resolve.I think this could easily be solved with some documentation.
The reason my this might get some attention is that someone at Synk blogged about it recently - https://snyk.io/blog/10-react-security-best-practices/