AWS CloudFormation Linter

Found no `super()` in constructorJS-0226 Found reassigning class membersJS-0228 Detected usage of the `any` typeJS-0323 Avoid specifying `children` when using `dangerouslySetInnerHTML`JS-0439 Debugger activation detectedJS-0005 Found the usage of undeclared variablesJS-0125 Avoid insecure HTTP header configuration for nosniffing headerJS-S1001 Avoid insecure HTTP strict transport securityJS-S1002 Avoid insecure dns prefetch control configuration for helmetJS-S1003 Found potentially unsafe deserializationJS-S1000 Usage of an insecure TLS protocol versionJS-S1009 Vulnerable VM code executionJS-S0011 JSON Web Token (JWT) not signed with a cipher algorithmJS-S1008 Potential shell argument injection vulnerabilityJS-S0010 Insecure web security preferences found in ElectronJS-S1015 Certificate validation is disabled in TLS connectionJS-S1017 Insecure express middleware pathJS-S1018 Insecure node integration preferences found in ElectronJS-S1019 Audit: Regex range is too permissiveJS-A1002 Audit: insecure assignment to `innerHTML` propertyJS-S1012 Audit: Unsanitized external input passed to a templating engine is prone to vulnerabilitiesJS-A1005 Detected Unsafe referrer policyJS-S1011 Audit: Avoid exposing server-side errors to clientJS-A1006 `ajv` configuration is vulnerable to DoS attacksJS-S1013 Array index possibly out of boundsJS-S1016 Audit: Unsanitized external input used with Electron's shell module is prone to vulnerabilitiesJS-A1007 Missing target origin in cross-origin communicationJS-S1014 Audit: Found insecure randomness in initialization of sensitive dataJS-A1000 Audit: Storing or accessing files from a publicly accessible directory is vulnerable to information disclosureJS-A1001 Audit: Unsanitized user input supplied to `cat` command is prone to command injectionJS-A1003 Audit: Unsanitized user input passed to server logsJS-A1004 Found code vulnerable to shell command injectionJS-S1010 Found hardcoded credentials in source codeJS-S1021 Strict Contextual Escaping (SCE) is disabled in AngularJSJS-S1022 Audit: Query is potentially vulnerable to SQL injectionJS-A1009 Audit: cookie in HTTP response is vulnerable to session-fixationJS-A1008 Context isolation is disabled in ElectronJS-S1020 Detected insecure whitelisting of URLs in AngularJSJS-S1023 Avoid using promises in places not designed to handle themJS-0336 Found unreachable codeJS-0025 Avoid `target='_blank'` attribute without `rel='noopener noreferrer'`JS-0422 `function` or var declarations in nested blocks is not preferredJS-0016 Detected the assignment to exportsJS-0256 Found undeclared variables in JSXJS-0423 Detected unsupported Node.js built-in APIs on the specified versionJS-0269 Found confusing multiline expressionsJS-0024 Suggest correct usage of shebangJS-0271 Prefer ES5 or ES6 class for returning value in render functionJS-0467 Reassigning function declarationsJS-0015 Global object properties should not be called as functionsJS-0020 Found `for-in` loop iterating over an arrayJS-0329 Avoid using control flow statements in `finally` blocksJS-0026 Detected the use of an `eval()`-like methodJS-0330 Found non-null assertionsJS-0339 Found constant expressions in conditionsJS-0003 Found duplicate keys in object literalsJS-0007 Found empty character classes in regular expressionsJS-0010 Left operand of relational operators should not have negationJS-0019 Avoid using sparse arrays unless necessaryJS-0023 Use `isNaN()` to check for `NaN`JS-0027 `typeof` expressions should be compared against valid stringsJS-0028 `For` loop update clause should move the counter in the correct directionJS-0029 Prefer not using an async function as a Promise executorJS-0031 Found usage of comparison with negative-zero(`-0`)JS-0033 Duplicate conditions in `if-else-if` chainsJS-0034 Unsupported ECMAScript syntaxJS-0268 Assignment to imported bindingsJS-0035 Found empty destructuring patternsJS-0058 Found duplicate class membersJS-0231 Found new operators with the `Symbol` objectJS-0233 Found `this`/`super` before calling `super()` in constructorsJS-0235 Invalid `async`/`await` callJS-0294 Use of a banned type detectedJS-0296 Found `// @ts-<directive>` commentsJS-0295 Unnecessary type assertion of an expressionJS-0349 Prefer usage of `as const` over literal typeJS-0360 Prefer that unbound methods are called with their expected scopeJS-0387 Found assignment of exceptions in catch clausesJS-0011 `Object.prototype` builtins should not be used directlyJS-0021 Found characters which are made with multiple code points in character class syntaxJS-0036 Detected import declarations which import extraneous modulesJS-0257 Found explicit type declarationsJS-0331 Missing key for the propertyJS-0414 Avoid usage of deprecated React methodsJS-0441 Avoid usage of `findDOMNode`JS-0445 Avoid usage of deprecated method `isMounted`JS-0446 Found invalid characters in markupJS-0454 Detected bin files that npm ignoresJS-0264 Detected unsupported ECMAScript built-ins on the specified versionJS-0267 Make process.exit() expressions the same code path as throwJS-0270 Should not have unused variablesJS-0128 Missing `return` statementJS-0030 Detected require() expressions which import extraneous modulesJS-0258 Detected deprecated APIsJS-0272 Duplicate case labels found in switch caseJS-0008 Returning values from settersJS-0037 Fallthrough of `case` statements foundJS-0064 `delete` operator should not be used on variablesJS-0120 Found `require()` expressions which import non-existent modulesJS-0260 Detected aliasing thisJS-0342 Detected the use of require statements except in import statementsJS-0359 Duplicate JSX properties detectedJS-0419 Marked Flow type identifiers as definedJS-0479 Found invalid file annotationJS-0501 Detected using a non-null assertion after an optional chain expressionJS-0338 Avoid weak typesJS-0491 Invalid lifecycle method in classJS-0571 Avoid `target='_blank'` attribute without `rel='noopener noreferrer'`JS-0712 Found assignment operators in conditional expressionsJS-0001 Elements cannot use an invalid ARIA attributeJS-0741 Bad usage of `RegExp#exec` and `String#match`JS-D007 Invalid lifecycle parameter nameJS-D012 Misconfigured CORS in expressJS-D002 Unused return value from `Array`/`Object` prototype methodJS-D008 Audit: Forwarding IP while setting proxies in the HTTP serverJS-D018 Disallows use of posix in regexJS-D014 Found bad matching patternJS-D006 Found weak hashing functionsJS-D003 Audit: Insecure cookieJS-D015 Unsafe permissions set on a fileJS-D017 Audit: Insecure clear text protocolJS-D019 Audit: Allowing dotfiles during static file serving can be sensitiveJS-D020 XML parsing may be vulnerable to XXE attacksJS-D022 Detected the violation of rules of hooksJS-0820 Avoid importing of test support files into non-test codeJS-W1000 Consider using `passhref` attribute with `Link` componentJS-W1020 Found non-existent assignment operatorsJS-W1033 Found usage of href with NuxtLink componentJS-W1034 Found complex boolean returnJS-W1041 Found flawed string comparisonJS-W1040 Found confusing labels inside switchJS-W1036 Found error handling middleware in productionJS-S1024 Found useless assertions in testJS-W1039 Found unhandled promiseJS-0328 Found control characters in regular expressionsJS-0004 Invalid regular expression strings present in RegExp constructorsJS-0017 Found reassigning const variablesJS-0230 Avoid direct mutation of `this.state`JS-0444 Found duplicate arguments in function definitionsJS-0006 Prevent usage of wrong DOM propertyJS-0455 Found redeclared variablesJS-0085 Unnecessary non-null assertionJS-0324 Use ES6 class for React ComponentsJS-0460 Found empty block statementsJS-0009 Detected the declaration of empty interfacesJS-0322 Found multiple spaces in RegexJS-0022 Avoid use of `==` and `!=`JS-0050 `with` statements foundJS-0100 Found Yoda conditionsJS-0104 Prevent shadowing of restricted global objects and identifiersJS-0124 Consider grouping overloaded members togetherJS-0292 Possible insertion of comments as text nodesJS-0418 Detected the use of custom TypeScript modules and namespacesJS-0337 Unused labels foundJS-0094 Use `RegExp#exec` instead of `String#match`JS-0370 Found template literal expression having a non-string typeJS-0378 Operands must both be `number`s or `string`s in addition expressionsJS-0377 Found unnecessary boolean castsJS-0012 Avoid using the return value of `ReactDOM.render`JS-0449 React must be present in scope when using JSXJS-0464 Avoid passing children as propsJS-0438 Prevent using string referencesJS-0451 Require generator functions to contain yieldJS-0247 IIFEs should be wrappedJS-0103 Avoid square-bracket notation when accessing propertiesJS-0049 Invalid definition of `new` and `constructor`JS-0335 Bad usage of triple slash directivesJS-0384 Found octal literalsJS-0081 `render` function should return valueJS-0622 Syntax errorJS-0833 Use `// @ts-expect-error` over `// @ts-ignore`JS-0372 Avoid using lexical declarations in case clausesJS-0054 Avoid `mixed` type annotationsJS-0486 Prefer type annotations in all function parametersJS-0497 Avoid having types in files where annotation is missingJS-0489 Prefer using return type annotations for functionsJS-0499 Prefer explicit role property in HTML tagsJS-0764 Element with aria-activedescendant must be tabbableJS-0740 Invalid ARIA state and/or property valuesJS-0742 Elements with ARIA roles must use a valid, non-abstract ARIA roleJS-0743 Non-visible DOM elements should not contain the `role` and/or `aria-*` propsJS-0744 The autocomplete should be correctJS-0745 Prefer to accompany `onClick` with some elementsJS-0746 Prefer to have content in heading elementsJS-0747 Prefer to have lang prop in elementsJS-0748 Prefer to have a unique title in `<iframe>`JS-0749 Prefer not to use words image, photo in image alt contentJS-0750 Interactive elements should be focusableJS-0751 Missing `<track>` in`<audio>` / `<video>` elementJS-0754 Consider using `onFocus/onBlur` with `onMouseOver/onMouseOut` eventJS-0755 Prefer that no distracting elements are usedJS-0758 Non-interactive elements assigned mouse/keyboard event listenersJS-0760 `tabIndex` declared on a non-interactive elementJS-0762 Prefer that non-interactive, visible elements (such as <div>) that have click handlers use the role attributeJS-0765 Elements with ARIA roles must have all required attributes for that roleJS-0766 Prefer that elements with explicit or implicit roles defined contain only aria-* properties supported by that roleJS-0767 Prefer `tabIndex` value is not greater than zeroJS-0769 Prefer meaningful alternative textJS-0737 Prefer that `autoFocus` prop is not used on elementsJS-0757 `label` tags should have a text label and an associated controlJS-0752 `accessKey` property usedJS-0756 Interactive elements should not be assigned non-interactive rolesJS-0759 Non-interactive elements should not be assigned interactive rolesJS-0761 Prefer `readonly` React propsJS-0498 Prefer that anchors have content and the content is accessible to screen readersJS-0738 Use valid anchorsJS-0739 The `scope` scope should be used only on `<th>` elementsJS-0768 Invalid suffix in `@Directive`JS-0598 Invalid naming of directive outputsJS-0574 Missing Banana-in-a-box template syntaxJS-0577 Missing `PipeTransform` interfaceJS-0595 `@Input` is renamedJS-0585 Missing `sandbox` in iframeJS-D010 Invalid async pipeJS-0578 Invalid `.charAt` comparisonJS-D013 Detected calls to `buffer` with `noAssert` flag setJS-0822 Found duplicate assignmentsJS-W1032 Found unused objectsJS-R1002 Call to Function objectJS-R1003 Invalid custom TypeScript modules declarationJS-0364 Logical operator can be refactored to optional chainJS-W1044 Found redundant literal in a logical expressionJS-W1043 Found trailing undefined in function callJS-W1042 Found redundant return statementJS-W1045 Found control characters in regular expressionJS-W1035 Found control characters in regular expressionJS-W1037 Useless template literal foundJS-R1004 Too many arguments passed to function callJS-W1038 Prefer a consistent naming pattern for type aliasesJS-0509 Invalid variable usageJS-0043 Accessed object properties are restrictedJS-0110 Avoid using `this.state` inside `this.setState()`JS-0435 Deprecation of number (keycode) modifiersJS-0656 Found deprecated `*` existential typeJS-0484 Avoid having unused expressionsJS-0490 Unsafe content security policyJS-D024 Found `key` attribute on `<template v-for>`JS-V001 Invalid lifecycle hooksJS-V006 Found empty lifecycle methodsJS-0604 Avoid the use of `Buffer()` and `Buffer#allocUnsafe()`JS-D025 Found `this` in props default functionsJS-V003 Invalid destructuring of `props`JS-V005 Unsafe argument to `child_process`JS-D023 Avoid using the `Buffer()` constructorJS-D026 Found usage of deprecated `javascript:` URLsJS-0421 Race condition in compound assignmentJS-0040 Avoid using dangerous JSX propertiesJS-0440 Typo in class properties and lifecycle methodsJS-0453 Avoid using an element's index as the `key` propJS-0437 Avoid using `console` in code that runs on browserJS-0002 Missing default values for non-required propertiesJS-0391 Avoid `.bind()` or local functions in JSX propertiesJS-0417 Avoid using `setState` in `componentDidMount`JS-0442 Missing `async` on `Promise` methodsJS-0373 Detected the use of variables before they are definedJS-0357 Restricted global variables being usedJS-0122 Found no return statements in callbacks of array methodsJS-0042 Found unsafe function declarationsJS-0073 Assignment found where both sides are exactly the sameJS-0088 Infinite loop conditionsJS-0092 Detected duplicate class membersJS-0319 Error objects should be used as Promise rejection reasonsJS-0114 Variable used before definitionJS-0129 Found duplicate module importsJS-0232 Detected the use of classes as namespacesJS-0327 Found `parseInt()` and `Number.parseInt()` for number literalsJS-0253 Detected new operators with calls to requireJS-0261 Detected string concatenation with __dirname and __filenameJS-0262 Detected the use of process.exit()JS-0263 Default parameters should be placed after non-default onesJS-0302 Prevent conditionals where the type is always truthy or always falsyJS-0346 Prefer that type arguments will not be used if not requiredJS-0348 Found unused variables in TypeScript codeJS-0356 Use `includes` method over `indexOf` methodJS-0363 Use nullish coalescing operator `??`JS-0365 `Array#sort` must have a compare functionJS-0375 Type annotations should existJS-0386 Avoid using `setState` in `componentWillUpdate`JS-0459 Detected Forbidden elementsJS-0396 Found unnecessary fragmentsJS-0424 Avoid usage of `setState` in `componentDidUpdate`JS-0443 Avoid usage of `shouldComponentUpdate`JS-0448 Avoid using unsafe lifecycle methodsJS-0456 `eval()` should not be usedJS-0060 Value should not be returned in constructorJS-0109 Found useless backreferences in regular expressionsJS-0039 Require error handling in callbacksJS-0254 Ensure Node.js-style error-first callback pattern is followedJS-0255 Detected unused variables and argumentsJS-0355 Found template literal placeholder syntax in regular stringsJS-0038 Unnecessary `return await` function foundJS-0111 Consider using `let` or `const` instead of `var`JS-0239 Non-existent module importedJS-0259 Private members should be marked as `readonly`JS-0368 Detected Forbidden foreign propTypesJS-0397 Prefer to forbid certain propTypesJS-0398 Prevent usage of string literals in JSXJS-0420 Prevent void DOM elements from receiving childrenJS-0474 Found invalid `v-cloak` directivesJS-0630 Deprecation of `.native` modifiersJS-0655 `emits` validator does not always return a boolean valueJS-0660 Should have valid `.sync` modifier on `v-bind` directivesJS-0665 Use `$Exact` to make type spreading safeJS-0508 Computed property should have property dependenciesJS-0813 Prefer having a valid `v-for` directiveJS-0633 Custom modifiers on `v-model` should not used on the componentJS-0662 Should not use JQueryJS-0793 Found invalid `v-model` directivesJS-0636 Deprecation of functional templateJS-0648 Avoid usage of deprecated `$on`, `$off`, `$once` in events apiJS-0646 Avoid using deprecated lifecycle hooksJS-0643 Should not use legacy test waitersJS-0794 Disallow unnecessary `<template>`JS-0691 Avoid overwriting reserved keysJS-0613 Found invalid `v-once` directivesJS-0638 Duplicate conditions in `v-if` / `v-else-if`JS-0609 Found invalid `v-if` directivesJS-0635 Avoid mutation of component propsJS-0611 Parsing errors detected in `<template>`JS-0612 Avoid mutating variables inside computed propertiesJS-0615 Disallow unsupported Vue.js syntax on the specified versionJS-0714 Prefer prop type to be a constructorJS-0621 Always use `key` with `v-for`JS-0623 Deprecation of Object Declaration on `data`JS-0629 Avoid usage of deprecated `$listeners` on `v-on`JS-0644 Found invalid `v-html` directivesJS-0634 Found invalid `v-on` directivesJS-0637 Found invalid `v-pre` directivesJS-0639 Found invalid `v-show` directivesJS-0640 Found invalid `v-slot` directivesJS-0641 Deprecation of `destroyed` and `beforeDestroy` lifecycle hooksJS-0647 Found invalid `v-text` directivesJS-0642 Avoid usage of deprecated `$scopedSlots`JS-0645 Disallow adding an argument to `v-model` used in custom componentJS-0664 Deprecation of `slot-scope` attributeJS-0653 Deprecation of `.sync` modifier on `v-bind` directiveJS-0654 Deprecation of `Vue.config.keyCodes`JS-0657 Should not use `this._super`JS-0782 Found Ember's debug functions in wrong orderJS-0790 Should not use side effectsJS-0804 Use interpolation expressions instead of the `v-html` attributeJS-0693 Detected non-null assertion in locations that may be confusingJS-0318 Avoid having duplicate attributesJS-0610 Deprecation of `is` attribute on HTML elementsJS-0649 Deprecation of inline-template attributeJS-0650 Require control the display of the content inside `<transition>`JS-0659 Found duplicate properties in `Object` annotationsJS-0483 Avoid typos when naming methods defined on the scope objectJS-0513 Prefer to use `$window` instead of `window`JS-0569 Found `this` keyword outside of classesJS-B002 Prevent assigning modules to variablesJS-0515 Use of controllers is discouragedJS-0525 Avoid usage of deprecated `$http` methods `success()` and `error()`JS-0532 Avoid using angular properties prefixed with `$$`JS-0516 Found empty controllersJS-0524 Found impure pipesJS-0575 Use one component per fileJS-0517 Deprecated directive replace propertyJS-0531 Unittest `inject` functions should only consist of assignments from injected values to describe block variablesJS-0546 Use `angular.forEach` instead of native `Array.prototype.forEach`JS-0556 Prefer to use `angular.isString` instead of `typeof` comparisonsJS-0568 Check for common misspellings of `$on(‘destroy’, …)` for angularJS-0570 Prefer `Session.equals` in conditionsJS-0732 Found `key` of `<template v-for>` on childJS-V002 Unused expressions foundJS-B003 Invalid `ref` as operandJS-V004 Invalid `watch` functionJS-V007 Invalid calls after `await`JS-V014 Detected wrapping of angular.element objects with jQuery or $JS-0561 Avoid direct use of `this` in controllersJS-0519 `<a>` tag used without a `Link` componentJS-W1014 Avoid using `process.server`, `process.client` and `process.browser` in client side hooksJS-E1000 Avoid using `window/document` in `created/beforeCreate` hooksJS-E1001 `next/document` import detected outside of `pages/_document.js`JS-E1002 `next/head` import detected in `pages/_document.js`JS-E1003 Avoid using `this` in `asyncData` and `fetch` hooksJS-W1011 Avoid using `setTimeout/setInterval` in `asyncData/fetch`JS-W1012 Avoid using deprecated or outdated librariesJS-S1005 Use of deprecated `context` methods detectedJS-W1008 Disable `X-POWERED-BY` HTTP headerJS-S1004 Found import declaration with no export nameJS-E1007 Found mutable exportsJS-E1009 Found unresolved module being referenced in import statementsJS-E1010 Use of comma or logical OR operators in switch casesJS-W1030 Use `head` property in component as a functionJS-W1013 Properties of `$slots` should be used as a functionJS-0658 Use of deprecated `$cookieStore`JS-0530 Comparisons found where both the sides are exactly the sameJS-0089 Forbid certain props on DOM NodesJS-0395 Found `$FlowFixMe` commentsJS-0485 Avoid having repeated named exports or default exportsJS-E1004 Void operators foundJS-0098 Found short variable nameJS-C1002 Prefer not to declare variables in global scopeJS-0067 Prefer not to extend native typesJS-0061 Validation of JSX maximum depthJS-0415 Found unused expressionsJS-0093 Use `for-of` loop for arrayJS-0361 Local variable name shadows variable in outer scopeJS-0123 Usage of comma operators should be avoidedJS-0090 Consider using arrow functions for callbacksJS-0241 Detected the `delete` operator with computed key expressionsJS-0320 Getter without a setter pair in objectsJS-0041 Use shorthand property syntax for object literalsJS-0240 Prefer the usage of regular expression literals over the `RegExp` constructorJS-0115 Detected the use of `alert`, `confirm` and `prompt`JS-0052 `arguments.caller` or `arguments.callee` should not be usedJS-0053 Unnecessary calls to `.bind()`JS-0062 Found leading or trailing decimal points in numeric literalsJS-0065 The use of the `__iterator__` property is not preferredJS-0070 Found labeled statementsJS-0071 Found some unnecessary nested blocksJS-0072 Found `new` operators with the `String`, `Number` and `Boolean` ObjectsJS-0080 Usage of octal escape sequences in string literals is not preferredJS-0082 Assignment operators should not be used in return statementsJS-0086 Inconsistent use of the radix argument when using `parseInt()`JS-0101 Prefer var declarations be placed at the top of their scopeJS-0102 Class methods should utilize `this`JS-0105 Prefer grouped accessor pairs in object literals and classesJS-0107 `async function` should have `await` expressionJS-0116 Prefer adding `u` flag in regular expressionsJS-0117 Found `undefined` as an IdentifierJS-0127 Module imported is not necessaryJS-0234 Found unnecessary computed property keys in object literalsJS-0236 Found unnecessary constructorsJS-0237 Found redundant naming for modulesJS-0238 Require rest parameters instead of argumentsJS-0244 Require template literals instead of string concatenationJS-0246 Use sorted import declarations within modulesJS-0249 Require symbol descriptionJS-0250 Detected usage of void type outside of generic or return typesJS-0333 Detected throwing literals as exceptionsJS-0343 Detected a namespace qualifier is unnecessaryJS-0347 Found interfaces with call signaturesJS-0362 Use type parameter when calling `Array#reduce`JS-0369 Exhaustiveness checking in switch with union typeJS-0383 Unnecessary calls to `.call()` and `.apply()` foundJS-0095 Unnecessary `catch` clauses foundJS-0112 Use `const` declarations for variables that are never reassignedJS-0242 Detected generic Array constructorsJS-0316 `.toString()` is only called on objects which provide useful information when stringifiedJS-0317 Found unused expressions in TypeScript codeJS-0354 Prefer using self closing instead of closing tag for components having no childrenJS-0468 Avoid using `this` in stateless functional componentsJS-0452 Definitions for unused `propTypes` detectedJS-0457 Definitions for unused states detectedJS-0458 Prefer state initialization styleJS-0471 Ensure `style` attribute is an `Object`JS-0473 Either all code paths should have explicit returns, or none of themJS-0045 Found shorthand type coercionsJS-0066 Unnecessary concatenation of literals or template literals foundJS-0096 `eval()`-like methods should not be usedJS-0068 Use `String#startsWith` and `String#endsWith`JS-0371 Invalid `async` keywordJS-0376 Detected unnecessary constructorsJS-0358 Found magic numbersJS-0074 Prefer consistent naming for boolean propsJS-0389 No default cases in switch statementsJS-0047 Prefer that `for-in` loops should include an `if` statementJS-0051 Found unnecessary `else` blocksJS-0056 Found empty functionsJS-0057 Unnecessary labelsJS-0063 The usage of `javascript:` urls is not recommendedJS-0087 Found warning comments in codeJS-0099 Usage of `strict` mode against recommended approachJS-0118 Initialization in variable declarations against recommended approachJS-0119 Variables should not be initialized to `undefined`JS-0126 Require spread operators instead of .apply()JS-0245 Consider using dot notationJS-0303 Detected unnecessary equality comparisons against boolean literalsJS-0345 Bad function overloadingJS-0388 Prefer boolean attributes notation in JSXJS-0400 Prefer shorthand form for react fragmentsJS-0410 Consider Using `PascalCase` for user-defined JSX componentsJS-0426 Avoid using spreading operator for JSX propsJS-0428 Found invalid `v-bind` directiveJS-0628 Prefer having synchronous computed propertiesJS-0607 Found invalid `v-else-if` directivesJS-0631 Should have valid `v-is` directivesJS-0661 Should have order of component top-level elementsJS-0690 Should have inheritAttrs to be set to false when using v-bind=`$attrs`JS-0703 Disallow the `<template>` `<script>` `<style>` block to be emptyJS-0704 Disallow using components that are not registered inside templatesJS-0713 The usage of `__proto__` property is not recommendedJS-0084 Disallow to pass multiple arguments to scoped slotsJS-0692 Should not use Arrow functionsJS-0774 Should not use `.on()`JS-0800 Migrate `ember-data` to `@ember-data`JS-0818 Incorrect computed macrosJS-0789 Avoid using `this.attrs` to denote propertiesJS-0776 Deprecation of `scope` attributeJS-0651 Use valid `lang` value on `html` attributeJS-0753 Duplication of field names is not allowedJS-0608 Should not use ObserversJS-0798 Don't use constructs or configuration that use the restricted resolver in testsJS-0803 Don't use Ember's `function` prototypeJS-0784 Disallow variable declarations from shadowing variables declared in the outer scopeJS-0679 Should not use `pauseTest()` in testsJS-0801 Found usage of deprecated `get/getProperties` on Ember ObjectsJS-0786 Disallow specific attributeJS-0709 Require emits option with name triggered by `$emit()`JS-0688 Should not use `getWithDefault`JS-0785 Missing `_super` in `init` lifecycle hooksJS-0815 Don't use import paths from `ember-cli-shims`JS-0799 Throwing literals as exceptions is not recommendedJS-0091 Default parameters should be defined at the lastJS-0106 Prefer Ember test helpersJS-0811 Props are not `read-only`JS-0461 Prefer having type alias for all union and intersection typesJS-0493 Avoid the usage of primitive constructor typesJS-0488 Prefer using exact object typesJS-0494 Require inexact object typesJS-0496 Use `v-bind:is` in `<component>` elementsJS-0620 Prefer using `kebab-case` for custom event namesJS-0605 Prefer function as component's `data` propertyJS-0614 Found mustaches in `<textarea>`JS-0617 Found unused registered components in templatesJS-0618 Avoid using `v-if` on the same element as `v-for`JS-0619 Found invalid `v-else` directivesJS-0632 Disallow unnecessary route `path` optionJS-0809 Invalid use of test waitersJS-0792 Prefer each component to be in its own fileJS-0680 Require type definitions in propsJS-0683 Prefer default value for propsJS-0682 Disallow specific component optionJS-0708 Should not use `component#sendAction`JS-0771 Don’t use jQuery without the Ember Run LoopJS-0772 Should not use assignment on untracked propertyJS-0775 Should not use `attrs` in ember hooksJS-0777 Should not use controller in routesJS-0779 Avoid using `@each` in deeply nested computed propertyJS-0780 `Ember.testing` not allowed in modules scopeJS-0783 Incorrect calls with inline anonymous functionsJS-0788 Invalid Dependent KeysJS-0791 Should not use mixinsJS-0795 Do not use global `$` or `jQuery`JS-0787 Should not use `setupOnerror` in `before`/`beforeEach`JS-0797 Should use `async/await`JS-0805 No importing of test filesJS-0806 Use `module` instead of `moduleFor`JS-0807 Should not use Volatile Computed PropertiesJS-0810 Should use computed macrosJS-0812 Always return a value from a computed property functionJS-0814 Use `render`/`clearRender` instead of `this.render`/`this.clearRender`JS-0808 Should use snake case for dynamic route segmentsJS-0816 Indexers must be declared with key nameJS-0495 Avoid using arrow functions to define watcherJS-0606 Deprecation of `slot` attributeJS-0652 Disallow specific argument in `v-bind`JS-0710 Should not use arrays and Objects as default propertiesJS-0819 Prefer having a consistent component name patternJS-0538 Require and specify a prefix for all controller namesJS-0535 Require and specify a prefix for all value namesJS-0543 Specify a consistent function style for componentsJS-0547 Inconsistent order of module dependenciesJS-0548 Use `angular.isDefined` and `angular.isUndefined` instead of other undefined checksJS-0554 Found `ViewEncapsulation.None`JS-0593 Missing component selectorJS-0592 Require DI parameters to be sorted alphabeticallyJS-0544 Prefer using the `$log` service instead of the console methodsJS-0559 Found unused dependency injection parametersJS-0522 Avoid using deprecated template lifecycle callback assignmentsJS-0728 Found DI of specified servicesJS-0528 Invalid restrict option for directiveJS-0523 Prefer using `angular.isNumber` instead of `typeof` comparisonsJS-0566 Prefer the use of `===` and `!==` over `==` and `!=`JS-V009 Use reference modules with the getter syntaxJS-0514 Use `angular.element` instead of `$` or `jQuery`JS-0553 Use `$document` instead of `document`JS-0555 Specify consistent use of `$scope.digest()` or `$scope.apply()`JS-0552 Cyclomatic complexity is more than allowed for the templateJS-0590 Ensure `controllerAs` syntax in routes or statesJS-0518 Avoid assignments to `$scope` in controllersJS-0520 Found complex run functionsJS-0527 Prefer having a prefix for all component namesJS-0533 Specify a prefix for all constant namesJS-0534 Prefer having a prefix for all directive namesJS-0536 Prefer having a prefix for all factory namesJS-0537 Prefer having a prefix for all filter namesJS-0539 Prefer having a prefix for all module namesJS-0540 Require and specify a prefix for all provider namesJS-0541 Require and specify a prefix for all service namesJS-0542 use `factory()` instead of `service()`JS-0549 Require all DI parameters to be located in their own lineJS-0550 Specify one of '$http', '$resource', 'Restangular'JS-0551 Use `$interval` instead of `setInterval`JS-0557 Consider using `ofangular.fromJson` and `angular.toJson`JS-0558 `angular.mock` method can be used directlyJS-0560 Prefer using `$timeout` instead of `setTimeout`JS-0562 Prefer to use `angular.isArray` instead of `typeof` comparisonsJS-0563 Prefer to use `angular.isFunction` instead of `typeof` comparisonsJS-0565 Prefer to use `angular.isObject` instead of `typeof` comparisonsJS-0567 `@Attribute` decorator should not be usedJS-0572 Prevent explicit calls to lifecycle methodsJS-0573 Missing `ChangeDetectionStrategy.OnPush` for angular codebaseJS-0576 Missing `providedIn` propertyJS-0579 Disallows usage of forwardRefJS-0583 Disallowed prefix for input namesJS-0584 Missing `@Pipe` decoratorJS-0594 Prefer using `Meteor.defer` over `Meteor.setTimeout`JS-0729 Should have check on all arguments of methods and publish functionsJS-0726 Should not use global `$()` JqueryJS-0734 Prevent DOM lookup in template `onCreated` callbackJS-0735 Require template literals instead of string concatenationJS-V011 Require a consistent DI syntaxJS-0545 Prefer to use `angular.isDate` instead of `typeof` comparisonsJS-0564 Prefer to use dot notation whenever possibleJS-V008 Avoid use of inline HTML templatesJS-0526 Missing `readonly` for `@Output`JS-0588 Should not use template `parentData()`JS-0736 Should not use global `Session`JS-0727 Found anonymous functionsJS-D004 Avoid using multiline stringsJS-C1000 Documentation comments not found for functions and classesJS-D1001 Avoid using on commonjs in `nuxt.config.js`JS-W1007 Duplicate `polyfills` from `Polyfill.io`JS-P1002 Found disabled `EXPECT-CT` HeaderJS-S1006 Found invalid css selector in test helpersJS-W1004 Consider using `preconnect` with Google FontsJS-W1010 Avoid using the `<img>` tagJS-W1015 Synchronous script loading detectedJS-W1017 Avoid using `<title>` with `Head` from `next/document`JS-W1018 Avoid adding stylesheet manuallyJS-W1021 Multiple `<Head>` detected in `pages/document.js`JS-W1023 Bad collection size comparisonJS-W1031 Avoid using `settled()` after `ember-test-helpers`JS-P1000 Found empty glimmer component classesJS-P1001 Found deprecated function `tryInvoke()`JS-W1001 Found duplicate routing pathsJS-W1002 Found deprecated Ember string prototype extensive methodsJS-W1003 Avoid using `currentRouteName()` test helperJS-W1005 Using `fetch()` without importing moduleJS-W1006 Found unsafe method `htmlSafe()`JS-S1007 Found unnecessarily complex import statementJS-C1001 Use shorthand promise methodsJS-C1004 Found multiple import of the same pathJS-R1000 Intersection or union definition have duplicate typesJS-T1000 Use default imports for only default exportsJS-W1028 Found usage of deprecated nameJS-W1029 Avoid using wildcard importsJS-C1003 Found usage of exported name as property of default importJS-P1003 Self import detectedJS-R1001 Optional property in interface has an 'undefined' typeJS-T1001 Function with cyclomatic complexity higher than thresholdJS-R1005 Require a name property in Vue componentsJS-0720 Disallow the use of reserved names in component definitionsJS-0707 Disallow unused propertiesJS-0715 Disallow unnecessary `v-bind` directivesJS-0717 Prefer not to use labels that share a name with a variableJS-0121 Should not use `needs` to load other controllersJS-0770 Detected empty functionsJS-0321 Prefer event handler naming conventions in JSXJS-0411 Prefer the use of `$ReadOnlyArray` instead of `Array`JS-0487 Found unnecessary escape charactersJS-0097 Inconsistent font-display for Google FontsJS-W1009 Found division operators explicitly at the beginning of regular expressionsJS-0055 Require `$on` and `$watch` deregistration callbacks to be saved in a variableJS-0529 Disallow unnecessary mustache interpolationsJS-0716 Assignments to native objects or read-only global variables is not preferredJS-0077

JS-D002

Misconfigured CORS in expressJS-D002

Major

Security

a05, cwe-346, cwe-942, 2021, sans-top-25, owasp-top-10

Cross-Origin Resource Sharing(CORS) is a mechanism that enables web browsers to perform cross-domain requests using the XMLHttpRequest API in a controlled manner. It defines the protocol to use between a web browser and a server to determine whether a cross-origin request is allowed.

Using *, null or google.com is not a reliable way to ensure security of the application or software.

Bad Practice

const express = require('express');
const app = express();
app.get('/', function (req, res) {
    res.writeHead(200, { 'Access-Control-Allow-Origin': '*' });
});

Recommended

const express = require('express');
const app = express();
app.get('/', function (req, res) {
    res.set('access-control-allow-origin', 'xyz.com');
});

References