Skip to content

Commit

Permalink
Merge pull request #61 from microsoft/dev/martinkamar/retire-eol-rules
Browse files Browse the repository at this point in the history
Drop support for AngularJS
  • Loading branch information
mkacmar authored Oct 3, 2024
2 parents 30572dd + 26eaf2a commit 8f5c28d
Show file tree
Hide file tree
Showing 12 changed files with 0 additions and 340 deletions.
4 changes: 0 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,6 @@ You can also used the below Shareable Config files using flat config model as gu
Plugin is shipped with following [Shareable Configs](http://eslint.org/docs/developer-guide/shareable-configs):

- [angular](config/angular.js) - Set of rules for modern [Angular](https://angular.io) applications
- [angularjs](config/angularjs.js) - Set of rules for legacy [AngularJS](https://docs.angularjs.org) applications
- [common](config/common.js) - Set of rules for common JavaScript applications
- [electron](config/electron.js) - Set of rules for Electron applications
- [node](config/node.js) - Set of rules for Node.js applications
Expand All @@ -74,9 +73,6 @@ We also implemented several [custom rules](./lib/rules) where we did not find su
| [no-new-func](https://eslint.org/docs/rules/no-new-func) | Bans calling `new Function()` as it's similar to `eval()` and prone to code execution. |
| [node/no-deprecated-api](https://github.com/mysticatea/eslint-plugin-node/blob/master/docs/rules/no-deprecated-api.md) | Bans usage of deprecated APIs in Node. |
| [@microsoft/sdl/no-angular-bypass-sanitizer](./docs/rules/no-angular-bypass-sanitizer.md) | Calls to bypassSecurityTrustHtml, bypassSecurityTrustScript and similar methods bypass [DomSanitizer](https://angular.io/api/platform-browser/DomSanitizer#security-risk) in Angular and need to be reviewed. |
| [@microsoft/sdl/no-angularjs-bypass-sce](./docs/rules/no-angularjs-bypass-sce.md) | Calls to `$sceProvider.enabled(false)`, `$sceDelegate.trustAs()`, `$sce.trustAs()` and relevant shorthand methods (e.g. `trustAsHtml` or `trustAsJs`) bypass [Strict Contextual Escaping (SCE)](https://docs.angularjs.org/api/ng/service/$sce#strict-contextual-escaping) in AngularJS and need to be reviewed. |
| [@microsoft/sdl/no-angularjs-enable-svg](./docs/rules/no-angularjs-enable-svg.md) | Calls to [`$sanitizeProvider.enableSvg(true)`](https://docs.angularjs.org/api/ngSanitize/provider/$sanitizeProvider#enableSvg) increase attack surface of the application by enabling SVG support in AngularJS sanitizer and need to be reviewed. |
| [@microsoft/sdl/no-angularjs-sanitization-whitelist](./docs/rules/no-angularjs-sanitization-whitelist.md) | Calls to [`$compileProvider.aHrefSanitizationWhitelist`](https://docs.angularjs.org/api/ng/provider/$compileProvider#aHrefSanitizationWhitelist) or [`$compileProvider.imgSrcSanitizationWhitelist`](https://docs.angularjs.org/api/ng/provider/$compileProvider#imgSrcSanitizationWhitelist) configure whitelists in AngularJS sanitizer and need to be reviewed. |
| [@microsoft/sdl/no-cookies](./docs/rules/no-cookies.md) | HTTP cookies are an old client-side storage mechanism with inherent risks and limitations. Use Web Storage, IndexedDB or other modern methods instead. |
| [@microsoft/sdl/no-document-domain](./docs/rules/no-document-domain.md) | Writes to [`document.domain`](https://developer.mozilla.org/en-US/docs/Web/API/Document/domain) property must be reviewed to avoid bypass of [same-origin checks](https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy#Changing_origin). Usage of top level domains such as `azurewebsites.net` is strictly prohibited. |
| [@microsoft/sdl/no-document-write](./docs/rules/no-document-write.md) | Calls to document.write or document.writeln manipulate DOM directly without any sanitization and should be avoided. Use document.createElement() or similar methods instead. |
Expand Down
20 changes: 0 additions & 20 deletions config/angularjs.js

This file was deleted.

7 changes: 0 additions & 7 deletions docs/rules/no-angularjs-bypass-sce.md

This file was deleted.

7 changes: 0 additions & 7 deletions docs/rules/no-angularjs-enable-svg.md

This file was deleted.

7 changes: 0 additions & 7 deletions docs/rules/no-angularjs-sanitization-whitelist.md

This file was deleted.

5 changes: 0 additions & 5 deletions lib/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,6 @@ const plugin = {
rules: {
"no-angular-bypass-sanitizer": require("./rules/no-angular-bypass-sanitizer"),
"no-angular-sanitization-trusted-urls": require("./rules/no-angular-sanitization-trusted-urls"),
"no-angularjs-bypass-sce": require("./rules/no-angularjs-bypass-sce"),
"no-angularjs-enable-svg": require("./rules/no-angularjs-enable-svg"),
"no-angularjs-sanitization-whitelist": require("./rules/no-angularjs-sanitization-whitelist"),
"no-cookies": require("./rules/no-cookies"),
"no-document-domain": require("./rules/no-document-domain"),
"no-document-write": require("./rules/no-document-write"),
Expand All @@ -38,7 +35,6 @@ const plugin = {
};

plugin.configs["angular"] = require("../config/angular")(plugin);
plugin.configs["angularjs"] = require("../config/angularjs")(plugin);
plugin.configs["common"] = require("../config/common")(plugin);
plugin.configs["electron"] = require("../config/electron")(plugin);
plugin.configs["node"] = require("../config/node")(plugin);
Expand All @@ -47,7 +43,6 @@ plugin.configs["typescript"] = require("../config/react")(plugin);

plugin.configs["required"] = [
...plugin.configs["angular"],
...plugin.configs["angularjs"],
...plugin.configs["common"],
...plugin.configs["electron"],
...plugin.configs["node"],
Expand Down
69 changes: 0 additions & 69 deletions lib/rules/no-angularjs-bypass-sce.js

This file was deleted.

48 changes: 0 additions & 48 deletions lib/rules/no-angularjs-enable-svg.js

This file was deleted.

38 changes: 0 additions & 38 deletions lib/rules/no-angularjs-sanitization-whitelist.js

This file was deleted.

63 changes: 0 additions & 63 deletions tests/lib/rules/no-angularjs-bypass-sce.js

This file was deleted.

29 changes: 0 additions & 29 deletions tests/lib/rules/no-angularjs-enable-svg.js

This file was deleted.

43 changes: 0 additions & 43 deletions tests/lib/rules/no-angularjs-sanitization-whitelist.js

This file was deleted.

0 comments on commit 8f5c28d

Please sign in to comment.