From a84a04a2d3e8cde54f11d6f9fd11b46e6eea5fb6 Mon Sep 17 00:00:00 2001
From: Evgeny Orekhov <EvgenyOrekhov@gmail.com>
Date: Fri, 24 Aug 2018 15:12:33 +0300
Subject: [PATCH] Fix #6 - add eslint-plugin-security

---
 README.md         | 17 +++++++++--------
 index.json        | 23 ++++++++++++++++++++---
 package-lock.json | 21 +++++++++++++++++++++
 package.json      |  3 ++-
 4 files changed, 52 insertions(+), 12 deletions(-)

diff --git a/README.md b/README.md
index 6ca84270..ab643ec8 100644
--- a/README.md
+++ b/README.md
@@ -4,17 +4,18 @@
 
 ## About
 
-[Shareable Configs](http://eslint.org/docs/developer-guide/shareable-configs)
+[Shareable Configs](https://eslint.org/docs/developer-guide/shareable-configs)
 are designed to work with the `extends` feature of `.eslintrc` files.
 
 This config is designed to be compatible with Douglas Crockford's
-[JSLint](http://jslint.com/).
+[JSLint](https://jslint.com/).
 
-| Rules                                                                      | Total | Enabled |
-| -------------------------------------------------------------------------- | ----: | ------: |
-| [ESLint](http://eslint.org/docs/rules/)                                    | 255   | **230** |
-| [eslint-plugin-promise](https://github.com/xjamundx/eslint-plugin-promise) | 14    | **11**  |
-| **Total**                                                                  | 269   | **241** |
+| Rules                                                                            | Total | Enabled |
+| -------------------------------------------------------------------------------- | ----: | ------: |
+| [ESLint](https://eslint.org/docs/rules/)                                         | 255   | **230** |
+| [eslint-plugin-promise](https://github.com/xjamundx/eslint-plugin-promise)       | 14    | **11**  |
+| [eslint-plugin-security](https://github.com/nodesecurity/eslint-plugin-security) | 13    | **12**  |
+| **Total**                                                                        | 282   | **253** |
 
 ## Usage
 
@@ -25,7 +26,7 @@ npm install eslint-config-hardcore --save-dev
 ```
 
 Then, add `"extends": "hardcore"` to your .eslintrc file and specify your
-[environments](http://eslint.org/docs/user-guide/configuring#specifying-environments):
+[environments](https://eslint.org/docs/user-guide/configuring#specifying-environments):
 
 ```json
 {
diff --git a/index.json b/index.json
index 36a1b75e..a1fd98d5 100644
--- a/index.json
+++ b/index.json
@@ -1,11 +1,13 @@
 {
     "plugins": [
-        "promise"
+        "promise",
+        "security"
     ],
 
     "extends": [
         "eslint:recommended",
-        "plugin:promise/recommended"
+        "plugin:promise/recommended",
+        "plugin:security/recommended"
     ],
 
     "parserOptions": {
@@ -535,6 +537,21 @@
         "promise/no-callback-in-promise": "error",
         "promise/no-return-in-finally": "error",
         "promise/valid-params": "error",
-        "promise/no-new-statics": "error"
+        "promise/no-new-statics": "error",
+
+        "detect-buffer-noassert": "error",
+        "detect-child-process": "error",
+        "detect-disable-mustache-escape": "error",
+        "detect-eval-with-expression": "error",
+        "detect-new-buffer": "error",
+        "detect-no-csrf-before-method-override": "error",
+        "detect-non-literal-fs-filename": "error",
+        "detect-non-literal-regexp": "error",
+        "detect-non-literal-require": "error",
+        "detect-possible-timing-attacks": "error",
+        "detect-pseudoRandomBytes": "error",
+        "detect-unsafe-regex": "error",
+
+        "detect-object-injection": "off"
     }
 }
diff --git a/package-lock.json b/package-lock.json
index abbda5ca..f3756239 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -8,6 +8,27 @@
             "version": "4.0.0",
             "resolved": "https://registry.npmjs.org/eslint-plugin-promise/-/eslint-plugin-promise-4.0.0.tgz",
             "integrity": "sha512-3on8creJifkmNHvT425jCWSuVK0DG0Quf3H75ENZFqvHl6/s2xme8z6bfxww13XwqfELYWKxc/N3AtBXyV1hdg=="
+        },
+        "eslint-plugin-security": {
+            "version": "1.4.0",
+            "resolved": "https://registry.npmjs.org/eslint-plugin-security/-/eslint-plugin-security-1.4.0.tgz",
+            "integrity": "sha512-xlS7P2PLMXeqfhyf3NpqbvbnW04kN8M9NtmhpR3XGyOvt/vNKS7XPXT5EDbwKW9vCjWH4PpfQvgD/+JgN0VJKA==",
+            "requires": {
+                "safe-regex": "^1.1.0"
+            }
+        },
+        "ret": {
+            "version": "0.1.15",
+            "resolved": "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz",
+            "integrity": "sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg=="
+        },
+        "safe-regex": {
+            "version": "1.1.0",
+            "resolved": "https://registry.npmjs.org/safe-regex/-/safe-regex-1.1.0.tgz",
+            "integrity": "sha1-QKNmnzsHfR6UPURinhV91IAjvy4=",
+            "requires": {
+                "ret": "~0.1.10"
+            }
         }
     }
 }
diff --git a/package.json b/package.json
index e709d464..f778597d 100644
--- a/package.json
+++ b/package.json
@@ -30,7 +30,8 @@
         "eslint": "^5.3.0"
     },
     "dependencies": {
-        "eslint-plugin-promise": "^4.0.0"
+        "eslint-plugin-promise": "^4.0.0",
+        "eslint-plugin-security": "^1.4.0"
     },
     "files": [
         "index.json"