-
look at existing eslint rules. they can also identify things like window'setTimeout', which is pretty neat.
-
remove rules that are in an upstream rule. this saves us maintenance work. hopefully.
-
eval: *** eslint's no-eval: Only checks for calls, not identifier use (see below). *** eslint no-implied-eval, same for setTimeout/setInterval/execScript *** neither of those rules look at the function constructor or generateCRFMReequest
-
Q: What do we want to do about "dangerous" functions? ** Just disallow the call, i.e. "eval()" or everything, i.e. foo=eval The latter will shore more things, but may contain false positives. Currently: mostly just checking for someone calling them. The other way is can be seen in identifier_… rules.
-
Differentiate between warnings and errors
This repository has been archived by the owner on Jun 9, 2021. It is now read-only.