DEV Community

The Hardened Stack Series' Articles

Back to Ofri Peretz's Series
A Hardcoded sk_live_ Key Passes Code Review. It Won't Pass These 27 ESLint Rules.
Cover image for A Hardcoded sk_live_ Key Passes Code Review. It Won't Pass These 27 ESLint Rules.
ofri-peretz profile

A Hardcoded sk_live_ Key Passes Code Review. It Won't Pass These 27 ESLint Rules.

#eslint #security #javascript #ai
Comments
10 min read
MD5, exec(), and Zip Slip: 34 ESLint Rules That Fail Your Node.js CI Before They Ship.
Cover image for MD5, exec(), and Zip Slip: 34 ESLint Rules That Fail Your Node.js CI Before They Ship.
ofri-peretz profile

MD5, exec(), and Zip Slip: 34 ESLint Rules That Fail Your Node.js CI Before They Ship.

#security #node #ai #eslint
Comments
8 min read
jsonwebtoken Will Verify a Token Signed With algorithm: none. These 13 ESLint Rules Stop It.
Cover image for jsonwebtoken Will Verify a Token Signed With algorithm: none. These 13 ESLint Rules Stop It.
ofri-peretz profile

jsonwebtoken Will Verify a Token Signed With algorithm: none. These 13 ESLint Rules Stop It.

#security #ai #node #geminichallenge
Comments
11 min read
Your Frontend Stores JWTs in localStorage and Posts to '*'. 45 ESLint Rules Catch What the Backend Audit Misses.
Cover image for Your Frontend Stores JWTs in localStorage and Posts to '*'. 45 ESLint Rules Catch What the Backend Audit Misses.
ofri-peretz profile

Your Frontend Stores JWTs in localStorage and Posts to '*'. 45 ESLint Rules Catch What the Backend Audit Misses.

#eslint #javascript #security #ai
Comments
9 min read
An SSRF in Your Lambda Steals the Execution Role. Action: '*' Hands Over the Account. 14 ESLint Rules Break the Chain.
Cover image for An SSRF in Your Lambda Steals the Execution Role. Action: '*' Hands Over the Account. 14 ESLint Rules Break the Chain.
ofri-peretz profile

An SSRF in Your Lambda Steals the Execution Role. Action: '*' Hands Over the Account. 14 ESLint Rules Break the Chain.

#eslint #security #aws #ai
Comments
9 min read
NestJS Hands You Guards, Pipes, and Throttlers. You — and Your AI — Ship Controllers Without Them. 6 ESLint Rules Catch It.
Cover image for NestJS Hands You Guards, Pipes, and Throttlers. You — and Your AI — Ship Controllers Without Them. 6 ESLint Rules Catch It.
ofri-peretz profile

NestJS Hands You Guards, Pipes, and Throttlers. You — and Your AI — Ship Controllers Without Them. 6 ESLint Rules Catch It.

#eslint #nestjs #security #ai
Comments
8 min read
I Inherited a NestJS Codebase. 12 Seconds of ESLint Found 47 Violations Across 6 Vulnerability Classes.
Cover image for I Inherited a NestJS Codebase. 12 Seconds of ESLint Found 47 Violations Across 6 Vulnerability Classes.
ofri-peretz profile

I Inherited a NestJS Codebase. 12 Seconds of ESLint Found 47 Violations Across 6 Vulnerability Classes.

#security #node #ai #devsecops
1
Comments 2
8 min read