@shipsecure/eslint-plugin-next is a custom ESLint plugin designed to enhance the security of Next.js applications by identifying potentially insecure patterns in code. This plugin offers a set of rules specifically tailored to prevent common security pitfalls in Next.js, encouraging best practices and securing your app's frontend and backend code.
- Rules for Secure Code: Detects usage of unsecure URLs, inline scripts, eval, and other potential security vulnerabilities.
- Recommended Configurations: Provides a recommended set of rules for immediate security improvements.
- Easy to Integrate: Seamlessly integrates with any Next.js project with simple installation and configuration.
npm install @shipsecure/eslint-plugin-next --save-devAdd the following to your eslint.config.js file:
const shipsecureNext = require("@shipsecure/eslint-plugin-next");
module.exports = [shipsecureNext.configs.recommended];Add the following to your .eslintrc file:
module.exports = {
extends: ["plugin:@shipsecure/next/recommended-legacy"],
};Contributions are welcome! If you'd like to add new rules, suggest enhancements, or report issues, please open a pull request or issue on our GitHub repository.
- Fork the repository.
- Create a new branch for your feature (git checkout -b feature-name).
- Make your changes and add tests.
- Run tests to ensure everything works (npm test).
- Push your branch and submit a pull request.
This project is licensed under the MIT License - see the LICENSE file for details.