Import NextRules
require-import-approval
Enforce explicit approval for high-risk package imports
š¼ This rule is enabled in the following configs: recommended, typescript.
š” This rule is automatically fixable by the --fix CLI option.
Enforce explicit approval for high-risk package imports
Rule Details
This rule aims to prevent issues related to require-import-approval.
Options
[
{
"type": "object",
"properties": {
"packages": {
"type": "array",
"items": {
"type": "object",
"properties": {
"package": {
"type": "string"
},
"status": {
"type": "string",
"enum": [
"approved",
"pending",
"blocked"
]
},
"reason": {
"type": "string"
},
"alternative": {
"type": "string"
},
"approvedBy": {
"type": "string"
},
"approvedDate": {
"type": "string"
}
},
"required": [
"package",
"status"
]
}
},
"defaultPolicy": {
"type": "string",
"enum": [
"allow",
"deny"
],
"default": "allow"
},
"ignorePatterns": {
"type": "array",
"items": {
"type": "string"
},
"default": []
}
},
"required": [
"packages"
],
"additionalProperties": false
}
]Implementation
OWASP Foundation
- Category: A00:2021 - General Security