Showing 85 of 85 total issues
debug
Regular Expression Denial of Service Open
"debug": {
"version": "2.2.0",
"dependencies": {
"ms": {
"version": "0.7.1"
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Regular Expression Denial of Service
Overview:
The debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the o
formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue.
Recommendation:
Upgrade to version 2.6.9 or greater if you are on the 2.6.x series or 3.1.0 or greater.
Do not use 'new' for side effects. Open
(new $.CrazySquirrel.Tiles($(this), options));
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Disallow new For Side Effects (no-new)
The goal of using new
with a constructor is typically to create an object of a particular type and store that object in a variable, such as:
var person = new Person();
It's less common to use new
and not store the result, such as:
new Person();
In this case, the created object is thrown away because its reference isn't stored anywhere, and in many cases, this means that the constructor should be replaced with a function that doesn't require new
to be used.
Rule Details
This rule is aimed at maintaining consistency and convention by disallowing constructor calls using the new
keyword that do not assign the resulting object to a variable.
Examples of incorrect code for this rule:
/*eslint no-new: "error"*/
new Thing();
Examples of correct code for this rule:
/*eslint no-new: "error"*/
var thing = new Thing();
Thing();
Source: http://eslint.org/docs/rules/
Move the invocation into the parens that contain the function. Open
;(function ( $ ) {
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Require IIFEs to be Wrapped (wrap-iife)
You can immediately invoke function expressions, but not function declarations. A common technique to create an immediately-invoked function expression (IIFE) is to wrap a function declaration in parentheses. The opening parentheses causes the contained function to be parsed as an expression, rather than a declaration.
// function expression could be unwrapped
var x = function () { return { y: 1 };}();
// function declaration must be wrapped
function () { /* side effects */ }(); // SyntaxError
Rule Details
This rule requires all immediately-invoked function expressions to be wrapped in parentheses.
Options
This rule has two options, a string option and an object option.
String option:
-
"outside"
enforces always wrapping the call expression. The default is"outside"
. -
"inside"
enforces always wrapping the function expression. -
"any"
enforces always wrapping, but allows either style.
Object option:
-
"functionPrototypeMethods": true
additionally enforces wrapping function expressions invoked using.call
and.apply
. The default isfalse
.
outside
Examples of incorrect code for the default "outside"
option:
/*eslint wrap-iife: ["error", "outside"]*/
var x = function () { return { y: 1 };}(); // unwrapped
var x = (function () { return { y: 1 };})(); // wrapped function expression
Examples of correct code for the default "outside"
option:
/*eslint wrap-iife: ["error", "outside"]*/
var x = (function () { return { y: 1 };}()); // wrapped call expression
inside
Examples of incorrect code for the "inside"
option:
/*eslint wrap-iife: ["error", "inside"]*/
var x = function () { return { y: 1 };}(); // unwrapped
var x = (function () { return { y: 1 };}()); // wrapped call expression
Examples of correct code for the "inside"
option:
/*eslint wrap-iife: ["error", "inside"]*/
var x = (function () { return { y: 1 };})(); // wrapped function expression
any
Examples of incorrect code for the "any"
option:
/*eslint wrap-iife: ["error", "any"]*/
var x = function () { return { y: 1 };}(); // unwrapped
Examples of correct code for the "any"
option:
/*eslint wrap-iife: ["error", "any"]*/
var x = (function () { return { y: 1 };}()); // wrapped call expression
var x = (function () { return { y: 1 };})(); // wrapped function expression
functionPrototypeMethods
Examples of incorrect code for this rule with the "inside", { "functionPrototypeMethods": true }
options:
/* eslint wrap-iife: [2, "inside", { functionPrototypeMethods: true }] */
var x = function(){ foo(); }()
var x = (function(){ foo(); }())
var x = function(){ foo(); }.call(bar)
var x = (function(){ foo(); }.call(bar))
Examples of correct code for this rule with the "inside", { "functionPrototypeMethods": true }
options:
/* eslint wrap-iife: [2, "inside", { functionPrototypeMethods: true }] */
var x = (function(){ foo(); })()
var x = (function(){ foo(); }).call(bar)
Source: http://eslint.org/docs/rules/
Unnecessary semicolon. Open
;(function ( $ ) {
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
disallow unnecessary semicolons (no-extra-semi)
Typing mistakes and misunderstandings about where semicolons are required can lead to semicolons that are unnecessary. While not technically an error, extra semicolons can cause confusion when reading code.
Rule Details
This rule disallows unnecessary semicolons.
Examples of incorrect code for this rule:
/*eslint no-extra-semi: "error"*/
var x = 5;;
function foo() {
// code
};
Examples of correct code for this rule:
/*eslint no-extra-semi: "error"*/
var x = 5;
var foo = function() {
// code
};
When Not To Use It
If you intentionally use extra semicolons then you can disable this rule.
Related Rules
- [semi](semi.md)
- [semi-spacing](semi-spacing.md) Source: http://eslint.org/docs/rules/
Do not use 'new' for side effects. Open
(new $.CrazySquirrel.Share($(this), options));
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Disallow new For Side Effects (no-new)
The goal of using new
with a constructor is typically to create an object of a particular type and store that object in a variable, such as:
var person = new Person();
It's less common to use new
and not store the result, such as:
new Person();
In this case, the created object is thrown away because its reference isn't stored anywhere, and in many cases, this means that the constructor should be replaced with a function that doesn't require new
to be used.
Rule Details
This rule is aimed at maintaining consistency and convention by disallowing constructor calls using the new
keyword that do not assign the resulting object to a variable.
Examples of incorrect code for this rule:
/*eslint no-new: "error"*/
new Thing();
Examples of correct code for this rule:
/*eslint no-new: "error"*/
var thing = new Thing();
Thing();
Source: http://eslint.org/docs/rules/
Hard tabs Open
May include the following values.
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
MD010 - Hard tabs
Tags: whitespace, hard_tab
Aliases: no-hard-tabs
This rule is triggered by any lines that contain hard tab characters instead of using spaces for indentation. To fix this, replace any hard tab characters with spaces instead.
Example:
Some text
* hard tab character used to indent the list item
Corrected example:
Some text
* Spaces used to indent the list item instead
Missing radix parameter. Open
if(!isNaN(parseFloat(y[j])) && isFinite(y[j])){y[j] = parseInt(y[j]);}
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Require Radix Parameter (radix)
When using the parseInt()
function it is common to omit the second argument, the radix, and let the function try to determine from the first argument what type of number it is. By default, parseInt()
will autodetect decimal and hexadecimal (via 0x
prefix). Prior to ECMAScript 5, parseInt()
also autodetected octal literals, which caused problems because many developers assumed a leading 0
would be ignored.
This confusion led to the suggestion that you always use the radix parameter to parseInt()
to eliminate unintended consequences. So instead of doing this:
var num = parseInt("071"); // 57
Do this:
var num = parseInt("071", 10); // 71
ECMAScript 5 changed the behavior of parseInt()
so that it no longer autodetects octal literals and instead treats them as decimal literals. However, the differences between hexadecimal and decimal interpretation of the first parameter causes many developers to continue using the radix parameter to ensure the string is interpreted in the intended way.
On the other hand, if the code is targeting only ES5-compliant environments passing the radix 10
may be redundant. In such a case you might want to disallow using such a radix.
Rule Details
This rule is aimed at preventing the unintended conversion of a string to a number of a different base than intended or at preventing the redundant 10
radix if targeting modern environments only.
Options
There are two options for this rule:
-
"always"
enforces providing a radix (default) -
"as-needed"
disallows providing the10
radix
always
Examples of incorrect code for the default "always"
option:
/*eslint radix: "error"*/
var num = parseInt("071");
var num = parseInt(someValue);
var num = parseInt("071", "abc");
var num = parseInt();
Examples of correct code for the default "always"
option:
/*eslint radix: "error"*/
var num = parseInt("071", 10);
var num = parseInt("071", 8);
var num = parseFloat(someValue);
as-needed
Examples of incorrect code for the "as-needed"
option:
/*eslint radix: ["error", "as-needed"]*/
var num = parseInt("071", 10);
var num = parseInt("071", "abc");
var num = parseInt();
Examples of correct code for the "as-needed"
option:
/*eslint radix: ["error", "as-needed"]*/
var num = parseInt("071");
var num = parseInt("071", 8);
var num = parseFloat(someValue);
When Not To Use It
If you don't want to enforce either presence or omission of the 10
radix value you can turn this rule off.
Further Reading
Hard tabs Open
*/
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
MD010 - Hard tabs
Tags: whitespace, hard_tab
Aliases: no-hard-tabs
This rule is triggered by any lines that contain hard tab characters instead of using spaces for indentation. To fix this, replace any hard tab characters with spaces instead.
Example:
Some text
* hard tab character used to indent the list item
Corrected example:
Some text
* Spaces used to indent the list item instead
Line length Open
<div class="cstiles__item" data-cstiles-size="2,1" data-cstiles-order="2" data-cstiles-order-tablet="2" data-cstiles-image_position="left,bottom">
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
MD013 - Line length
Tags: line_length
Aliases: line-length Parameters: linelength, codeblocks, tables (number; default 80, boolean; default true)
This rule is triggered when there are lines that are longer than the configured line length (default: 80 characters). To fix this, split the line up into multiple lines.
This rule has an exception where there is no whitespace beyond the configured line length. This allows you to still include items such as long URLs without being forced to break them in the middle.
You also have the option to exclude this rule for code blocks and tables. To
do this, set the code_blocks
and/or tables
parameters to false.
Code blocks are included in this rule by default since it is often a requirement for document readability, and tentatively compatible with code rules. Still, some languages do not lend themselves to short lines.
Line length Open
The options for share buttons can be specified when invoking the plugin or via data - attributes.
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
MD013 - Line length
Tags: line_length
Aliases: line-length Parameters: linelength, codeblocks, tables (number; default 80, boolean; default true)
This rule is triggered when there are lines that are longer than the configured line length (default: 80 characters). To fix this, split the line up into multiple lines.
This rule has an exception where there is no whitespace beyond the configured line length. This allows you to still include items such as long URLs without being forced to break them in the middle.
You also have the option to exclude this rule for code blocks and tables. To
do this, set the code_blocks
and/or tables
parameters to false.
Code blocks are included in this rule by default since it is often a requirement for document readability, and tentatively compatible with code rules. Still, some languages do not lend themselves to short lines.
Unnecessary semicolon. Open
;(function ( $ ) {
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
disallow unnecessary semicolons (no-extra-semi)
Typing mistakes and misunderstandings about where semicolons are required can lead to semicolons that are unnecessary. While not technically an error, extra semicolons can cause confusion when reading code.
Rule Details
This rule disallows unnecessary semicolons.
Examples of incorrect code for this rule:
/*eslint no-extra-semi: "error"*/
var x = 5;;
function foo() {
// code
};
Examples of correct code for this rule:
/*eslint no-extra-semi: "error"*/
var x = 5;
var foo = function() {
// code
};
When Not To Use It
If you intentionally use extra semicolons then you can disable this rule.
Related Rules
- [semi](semi.md)
- [semi-spacing](semi-spacing.md) Source: http://eslint.org/docs/rules/
Hard tabs Open
["facebook","twitter","vkontakte","odnoklassniki","google","yahoo","misterwong","moimir","friendfeed","yandex","webmoney","vkrugu","juick","pinterest","myspace","googlebookmark","stumbleupon","instapaper","email","springpad","print","linkedin","readability","pinme","surfingbird","webdiscover","memori","livejournal","blogger","liveinternet","evernote","bobrdobr","moemesto","formspring","yazakladki","moikrug","bookmark","digg","tumblr","delicious"]
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
MD010 - Hard tabs
Tags: whitespace, hard_tab
Aliases: no-hard-tabs
This rule is triggered by any lines that contain hard tab characters instead of using spaces for indentation. To fix this, replace any hard tab characters with spaces instead.
Example:
Some text
* hard tab character used to indent the list item
Corrected example:
Some text
* Spaces used to indent the list item instead
Hard tabs Open
$(".cstiles__item-content").CSShare({
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
MD010 - Hard tabs
Tags: whitespace, hard_tab
Aliases: no-hard-tabs
This rule is triggered by any lines that contain hard tab characters instead of using spaces for indentation. To fix this, replace any hard tab characters with spaces instead.
Example:
Some text
* hard tab character used to indent the list item
Corrected example:
Some text
* Spaces used to indent the list item instead
Trailing spaces Open
shareTypes: ["facebook","vkontakte","email","print"]
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
MD009 - Trailing spaces
Tags: whitespace
Aliases: no-trailing-spaces
Parameters: br_spaces (number; default: 0)
This rule is triggered on any lines that end with whitespace. To fix this, find the line that is triggered and remove any trailing spaces from the end.
The brspaces parameter allows an exception to this rule for a specific amount of trailing spaces used to insert an explicit line break/br element. For example, set brspaces to 2 to allow exactly 2 spaces at the end of a line.
Note: you have to set brspaces to 2 or higher for this exception to take effect - you can't insert a br element with just a single trailing space, so if you set brspaces to 1, the exception will be disabled, just as if it was set to the default of 0.
Missing radix parameter. Open
if(!isNaN(parseFloat(y[j])) && isFinite(y[j])){y[j] = parseInt(y[j]);}
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Require Radix Parameter (radix)
When using the parseInt()
function it is common to omit the second argument, the radix, and let the function try to determine from the first argument what type of number it is. By default, parseInt()
will autodetect decimal and hexadecimal (via 0x
prefix). Prior to ECMAScript 5, parseInt()
also autodetected octal literals, which caused problems because many developers assumed a leading 0
would be ignored.
This confusion led to the suggestion that you always use the radix parameter to parseInt()
to eliminate unintended consequences. So instead of doing this:
var num = parseInt("071"); // 57
Do this:
var num = parseInt("071", 10); // 71
ECMAScript 5 changed the behavior of parseInt()
so that it no longer autodetects octal literals and instead treats them as decimal literals. However, the differences between hexadecimal and decimal interpretation of the first parameter causes many developers to continue using the radix parameter to ensure the string is interpreted in the intended way.
On the other hand, if the code is targeting only ES5-compliant environments passing the radix 10
may be redundant. In such a case you might want to disallow using such a radix.
Rule Details
This rule is aimed at preventing the unintended conversion of a string to a number of a different base than intended or at preventing the redundant 10
radix if targeting modern environments only.
Options
There are two options for this rule:
-
"always"
enforces providing a radix (default) -
"as-needed"
disallows providing the10
radix
always
Examples of incorrect code for the default "always"
option:
/*eslint radix: "error"*/
var num = parseInt("071");
var num = parseInt(someValue);
var num = parseInt("071", "abc");
var num = parseInt();
Examples of correct code for the default "always"
option:
/*eslint radix: "error"*/
var num = parseInt("071", 10);
var num = parseInt("071", 8);
var num = parseFloat(someValue);
as-needed
Examples of incorrect code for the "as-needed"
option:
/*eslint radix: ["error", "as-needed"]*/
var num = parseInt("071", 10);
var num = parseInt("071", "abc");
var num = parseInt();
Examples of correct code for the "as-needed"
option:
/*eslint radix: ["error", "as-needed"]*/
var num = parseInt("071");
var num = parseInt("071", 8);
var num = parseFloat(someValue);
When Not To Use It
If you don't want to enforce either presence or omission of the 10
radix value you can turn this rule off.
Further Reading
Hard tabs Open
types: ["facebook","vkontakte","email","print"]
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
MD010 - Hard tabs
Tags: whitespace, hard_tab
Aliases: no-hard-tabs
This rule is triggered by any lines that contain hard tab characters instead of using spaces for indentation. To fix this, replace any hard tab characters with spaces instead.
Example:
Some text
* hard tab character used to indent the list item
Corrected example:
Some text
* Spaces used to indent the list item instead
Hard tabs Open
shareTypes: ["facebook","vkontakte","email","print"]
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
MD010 - Hard tabs
Tags: whitespace, hard_tab
Aliases: no-hard-tabs
This rule is triggered by any lines that contain hard tab characters instead of using spaces for indentation. To fix this, replace any hard tab characters with spaces instead.
Example:
Some text
* hard tab character used to indent the list item
Corrected example:
Some text
* Spaces used to indent the list item instead
Line length Open
<iframe class="cstiles__item-video" width="500" height="500" src="https://www.youtube.com/embed/w1I-HWAP6N8?controls=0&showinfo=0" frameborder="0" allowfullscreen></iframe>
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
MD013 - Line length
Tags: line_length
Aliases: line-length Parameters: linelength, codeblocks, tables (number; default 80, boolean; default true)
This rule is triggered when there are lines that are longer than the configured line length (default: 80 characters). To fix this, split the line up into multiple lines.
This rule has an exception where there is no whitespace beyond the configured line length. This allows you to still include items such as long URLs without being forced to break them in the middle.
You also have the option to exclude this rule for code blocks and tables. To
do this, set the code_blocks
and/or tables
parameters to false.
Code blocks are included in this rule by default since it is often a requirement for document readability, and tentatively compatible with code rules. Still, some languages do not lend themselves to short lines.
Hard tabs Open
});
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
MD010 - Hard tabs
Tags: whitespace, hard_tab
Aliases: no-hard-tabs
This rule is triggered by any lines that contain hard tab characters instead of using spaces for indentation. To fix this, replace any hard tab characters with spaces instead.
Example:
Some text
* hard tab character used to indent the list item
Corrected example:
Some text
* Spaces used to indent the list item instead
Lists should be surrounded by blank lines Open
* data-csshare-types - Sets types where value separet by ,
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
MD032 - Lists should be surrounded by blank lines
Tags: bullet, ul, ol, blank_lines
Aliases: blanks-around-lists
This rule is triggered when lists (of any kind) are either not preceded or not followed by a blank line:
Some text
* Some
* List
1. Some
2. List
Some text
To fix this, ensure that all lists have a blank line both before and after (except where the block is at the beginning or end of the document):
Some text
* Some
* List
1. Some
2. List
Some text
Rationale: Aside from aesthetic reasons, some parsers, including kramdown, will not parse lists that don't have blank lines before and after them.
Note: List items without hanging indents are a violation of this rule; list items with hanging indents are okay:
* This is
not okay
* This is
okay