microsoft · mkacmar · Oct 3, 2024 · Oct 1, 2024
@@ -50,7 +50,6 @@ You can also used the below Shareable Config files using flat config model as gu
 Plugin is shipped with following [Shareable Configs](http://eslint.org/docs/developer-guide/shareable-configs):
 
 - [angular](config/angular.js) - Set of rules for modern [Angular](https://angular.io) applications
-- [angularjs](config/angularjs.js) - Set of rules for legacy [AngularJS](https://docs.angularjs.org) applications
 - [common](config/common.js) - Set of rules for common JavaScript applications
 - [electron](config/electron.js) - Set of rules for Electron applications
 - [node](config/node.js) - Set of rules for Node.js applications
@@ -74,9 +73,6 @@ We also implemented several [custom rules](./lib/rules) where we did not find su
 | [no-new-func](https://eslint.org/docs/rules/no-new-func)                                                                                                      | Bans calling `new Function()` as it's similar to `eval()` and prone to code execution.                                                                                                                                                                                                                                                                                                      |
 | [node/no-deprecated-api](https://github.com/mysticatea/eslint-plugin-node/blob/master/docs/rules/no-deprecated-api.md)                                        | Bans usage of deprecated APIs in Node.                                                                                                                                                                                                                                                                                                                                                      |
 | [@microsoft/sdl/no-angular-bypass-sanitizer](./docs/rules/no-angular-bypass-sanitizer.md)                                                                     | Calls to bypassSecurityTrustHtml, bypassSecurityTrustScript and similar methods bypass [DomSanitizer](https://angular.io/api/platform-browser/DomSanitizer#security-risk) in Angular and need to be reviewed.                                                                                                                                                                               |
-| [@microsoft/sdl/no-angularjs-bypass-sce](./docs/rules/no-angularjs-bypass-sce.md)                                                                             | Calls to `$sceProvider.enabled(false)`, `$sceDelegate.trustAs()`, `$sce.trustAs()` and relevant shorthand methods (e.g. `trustAsHtml` or `trustAsJs`) bypass [Strict Contextual Escaping (SCE)](https://docs.angularjs.org/api/ng/service/$sce#strict-contextual-escaping) in AngularJS and need to be reviewed.                                                                            |
-| [@microsoft/sdl/no-angularjs-enable-svg](./docs/rules/no-angularjs-enable-svg.md)                                                                             | Calls to [`$sanitizeProvider.enableSvg(true)`](https://docs.angularjs.org/api/ngSanitize/provider/$sanitizeProvider#enableSvg) increase attack surface of the application by enabling SVG support in AngularJS sanitizer and need to be reviewed.                                                                                                                                           |
-| [@microsoft/sdl/no-angularjs-sanitization-whitelist](./docs/rules/no-angularjs-sanitization-whitelist.md)                                                     | Calls to [`$compileProvider.aHrefSanitizationWhitelist`](https://docs.angularjs.org/api/ng/provider/$compileProvider#aHrefSanitizationWhitelist) or [`$compileProvider.imgSrcSanitizationWhitelist`](https://docs.angularjs.org/api/ng/provider/$compileProvider#imgSrcSanitizationWhitelist) configure whitelists in AngularJS sanitizer and need to be reviewed.                          |
 | [@microsoft/sdl/no-cookies](./docs/rules/no-cookies.md)                                                                                                       | HTTP cookies are an old client-side storage mechanism with inherent risks and limitations. Use Web Storage, IndexedDB or other modern methods instead.                                                                                                                                                                                                                                      |
 | [@microsoft/sdl/no-document-domain](./docs/rules/no-document-domain.md)                                                                                       | Writes to [`document.domain`](https://developer.mozilla.org/en-US/docs/Web/API/Document/domain) property must be reviewed to avoid bypass of [same-origin checks](https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy#Changing_origin). Usage of top level domains such as `azurewebsites.net` is strictly prohibited.                                                 |
 | [@microsoft/sdl/no-document-write](./docs/rules/no-document-write.md)                                                                                         | Calls to document.write or document.writeln manipulate DOM directly without any sanitization and should be avoided. Use document.createElement() or similar methods instead.                                                                                                                                                                                                                |

@@ -16,9 +16,6 @@ const plugin = {
   rules: {
     "no-angular-bypass-sanitizer": require("./rules/no-angular-bypass-sanitizer"),
     "no-angular-sanitization-trusted-urls": require("./rules/no-angular-sanitization-trusted-urls"),
-    "no-angularjs-bypass-sce": require("./rules/no-angularjs-bypass-sce"),
-    "no-angularjs-enable-svg": require("./rules/no-angularjs-enable-svg"),
-    "no-angularjs-sanitization-whitelist": require("./rules/no-angularjs-sanitization-whitelist"),
     "no-cookies": require("./rules/no-cookies"),
     "no-document-domain": require("./rules/no-document-domain"),
     "no-document-write": require("./rules/no-document-write"),
@@ -38,7 +35,6 @@ const plugin = {
 };
 
 plugin.configs["angular"] = require("../config/angular")(plugin);
-plugin.configs["angularjs"] = require("../config/angularjs")(plugin);
 plugin.configs["common"] = require("../config/common")(plugin);
 plugin.configs["electron"] = require("../config/electron")(plugin);
 plugin.configs["node"] = require("../config/node")(plugin);
@@ -47,7 +43,6 @@ plugin.configs["typescript"] = require("../config/react")(plugin);
 
 plugin.configs["required"] = [
   ...plugin.configs["angular"],
-  ...plugin.configs["angularjs"],
   ...plugin.configs["common"],
   ...plugin.configs["electron"],
   ...plugin.configs["node"],