Getting Started
Enterprise-grade security & quality linting for JavaScript
What is ESLint Interlace?
ESLint Interlace is a comprehensive ecosystem of security and quality ESLint plugins designed to protect your JavaScript and TypeScript applications from vulnerabilities while enforcing best practices.
Multiple Plugins, One Ecosystem
ESLint Interlace provides 18+ specialized plugins that work independently or together. Install only what you need—each plugin is published separately on npm.
Why Interlace?
🛡️ Security First
11+ security plugins protecting against XSS, SQL injection, insecure tokens, weak cryptography, and more.
📐 Quality Enforced
7+ quality plugins ensuring code conventions, modularity, reliability, and modern patterns.
🤖 AI-Native
Structured metadata (CWE, OWASP, CVSS) enables AI agents to fix vulnerabilities accurately—no hallucinations.
The Plugin Ecosystem
Interlace lets you choose your own coverage—install only the plugins you need:
| Approach | Example | Best For |
|---|---|---|
| Start Small | eslint-plugin-browser-security | Single focus area |
| Mix & Match | Security + Quality plugins | Customized coverage |
| Full Coverage | All security + quality plugins | Maximum protection |
Quick Setup Guide
Install the plugins you need
Pick the plugins for your use case:
# Core security plugins
npm install --save-dev \
eslint-plugin-browser-security \
eslint-plugin-secure-coding \
eslint-plugin-jwt
# Quality plugins
npm install --save-dev \
eslint-plugin-conventions \
eslint-plugin-reliabilityConfigure ESLint
Create eslint.config.js in your project root:
import browserSecurity from 'eslint-plugin-browser-security';
import secureCoding from 'eslint-plugin-secure-coding';
import jwt from 'eslint-plugin-jwt';
import conventions from 'eslint-plugin-conventions';
export default [
// Security
browserSecurity.configs.recommended,
secureCoding.configs.recommended,
jwt.configs.recommended,
// Quality
conventions.configs.recommended,
];Run the linter
npx eslint .Explore the Documentation
Installation
Detailed setup for npm, yarn, pnpm, and monorepos
Configuration
Presets, custom rules, and TypeScript integration
Flat Config
Migrate from legacy .eslintrc to ESLint 9.x
Editor Integration
VS Code, Cursor AI, WebStorm, and Neovim setup
Available Plugins
Security Plugins
Protect your application from common vulnerabilities:
| Plugin | Focus Area | Rules |
|---|---|---|
| browser-security | XSS prevention, DOM security | 50+ |
| jwt | Token security, algorithm confusion | 13 |
| express-security | Express.js hardening | 14 |
| node-security | Server-side security patterns (includes crypto) | 31 |
| mongodb-security | NoSQL injection prevention | 19 |
| pg | PostgreSQL security | 15 |
| secure-coding | General injection prevention | 26 |
| vercel-ai-security | AI SDK safety | 22 |
| lambda-security | AWS Lambda security | 16 |
| nestjs-security | NestJS security patterns | 10 |
| crypto | (Deprecated) Merged into node-security | — |
Quality & Architecture Plugins
Enforce best practices and maintainability:
| Plugin | Focus Area | Rules |
|---|---|---|
| import-next | Import organization (100x faster no-cycle) | 61 |
| conventions | Team coding standards | 9 |
| maintainability | Code readability | 8 |
| reliability | Error handling patterns | 8 |
| modularity | Clean architecture | 7 |
| operability | Logging and metrics | 6 |
| modernization | ES2022+ patterns | 5 |
Start Secure
Ready to protect your codebase? Head to the Installation Guide to get started.