No vulnerable libraries (`no-vulnerable-javascript-libraries`)

no-vulnerable-javascript-libraries checks for known vulnerabilities
within client-side JavaScript libraries and frameworks detected on a
web site.

webhint uses Snyk’s [Vulnerability DB][snykdb] to lookup known
vulnerabilities.

Why is this important?

Making sure your website dependencies are free of known
vulnerabilities is important in preventing malicious attacks such as
[cross-site scripting][XSS] attacks that can be used to compromise web
site information.

What does the hint check?

This hint uses Snyk’s [Vulnerability DB][snykdb] and
[js-library-detector][js-library-detector] to check if the
website is running a vulnerable version of a client-side JavaScript
library or framework.

The vulnerability database is updated automatically from [Snyk][snykdb]
if the cached content is older than 24h.

Can the hint be configured?

You can configure the minimum severity to report in the
[.hintrc][hintrc] file:

``json { "connector": {...}, "formatters": [...], "hints": { "no-vulnerable-javascript-libraries": ["error", { "severity": "low|medium|high" }], ... }, ... }`

The severity possible values are: low (default), medium, andhigh.

If you configure this hint to high, and webhintonly findslow or medium vulnerabilities, no issues will be raised.

`How to use this hint?`

This package is installed automatically by webhint:

`bash npm install hint --save-dev`

To use it, activate it via the [.hintrc][hintrc] configuration file:

`json { "connector": {...}, "formatters": [...], "hints": { "no-vulnerable-javascript-libraries": "error", ... }, "parsers": [...], ... }`

Note: The recommended way of running webhint is as a devDependency` of
your project.

No vulnerable libraries (`no-vulnerable-javascript-libraries`)

no-vulnerable-javascript-libraries checks for known vulnerabilities
within client-side JavaScript libraries and frameworks detected on a
web site.

webhint uses Snyk’s [Vulnerability DB][snykdb] to lookup known
vulnerabilities.

Why is this important?

What does the hint check?

The vulnerability database is updated automatically from [Snyk][snykdb]
if the cached content is older than 24h.

Can the hint be configured?

You can configure the minimum severity to report in the
[.hintrc][hintrc] file:

``json { "connector": {...}, "formatters": [...], "hints": { "no-vulnerable-javascript-libraries": ["error", { "severity": "low|medium|high" }], ... }, ... }`

The severity possible values are: low (default), medium, andhigh.

If you configure this hint to high, and webhintonly findslow or medium vulnerabilities, no issues will be raised.

`How to use this hint?`

This package is installed automatically by webhint:

`bash npm install hint --save-dev`

To use it, activate it via the [.hintrc][hintrc] configuration file:

`json { "connector": {...}, "formatters": [...], "hints": { "no-vulnerable-javascript-libraries": "error", ... }, "parsers": [...], ... }`

Note: The recommended way of running webhint is as a devDependency` of
your project.

@hint/hint-no-vulnerable-javascript-libraries

No vulnerable libraries (`no-vulnerable-javascript-libraries`)

Why is this important?

What does the hint check?

Can the hint be configured?

`How to use this hint?`

Further Reading

@hint/hint-no-vulnerable-javascript-libraries

No vulnerable libraries (`no-vulnerable-javascript-libraries`)

Why is this important?

What does the hint check?

Can the hint be configured?

`How to use this hint?`

Further Reading

@hint/hint-no-vulnerable-javascript-libraries

No vulnerable libraries (no-vulnerable-javascript-libraries)

Why is this important?

What does the hint check?

Can the hint be configured?

How to use this hint?

Further Reading

@hint/hint-no-vulnerable-javascript-libraries

No vulnerable libraries (no-vulnerable-javascript-libraries)

Why is this important?

What does the hint check?

Can the hint be configured?

How to use this hint?

Further Reading

No vulnerable libraries (`no-vulnerable-javascript-libraries`)

`How to use this hint?`

No vulnerable libraries (`no-vulnerable-javascript-libraries`)

`How to use this hint?`