{"id":26415,"library":"solium-plugin-security","title":"Solium Security Plugin","description":"Official security lint plugin for Solium (Solidity linter). Version 0.1.1, last updated in 2018. Provides ~20 security-focused rules derived from Consensys Smart Contract Best Practices and community wishlist. Key differentiators: pre-installed with Solium v1.0.1+, includes rules like no-throw, no-tx-origin, enforce-explicit-visibility, and no-inline-assembly. Rule severities adjustable, some disabled by default (e.g., no-var, enforce-loop-bounds in 0.1.1). Automatic fixing available for no-throw and enforce-explicit-visibility. Designed for Solium v1.0.x ecosystem only.","status":"maintenance","version":"0.1.1","language":"javascript","source_language":"en","source_url":"https://github.com/duaraghav8/solium-plugin-security","tags":["javascript","solium","soliumplugin","solidity","ethereum","blockchain","dapp","lint","static-analysis"],"install":[{"cmd":"npm install solium-plugin-security","lang":"bash","label":"npm"},{"cmd":"yarn add solium-plugin-security","lang":"bash","label":"yarn"},{"cmd":"pnpm add solium-plugin-security","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Peer dependency; plugin only works with Solium v1.0.x linter","package":"solium","optional":false}],"imports":[{"note":"This is an npm package, not a JavaScript module. It extends Solium's .soliumrc.json config.","symbol":"soliumPluginSecurity (npm package)","correct":"Install as global dependency: npm install -g solium-plugin-security"},{"note":"Add 'security' to plugins array in soliumrc.json. No ESM/CJS import.","wrong":"\"plugin\": \"security\" (singular, not array)","symbol":"soliumrc.json configuration","correct":"\"plugins\": [\"security\"]"},{"note":"Rules must be prefixed with 'security/' to avoid conflicts with core Solium rules.","wrong":"\"rules\": { \"no-throw\": \"warning\" } (missing plugin prefix)","symbol":"Enable specific rule","correct":"\"rules\": { \"security/no-throw\": \"warning\" }"}],"quickstart":{"code":"{\n    \"extends\": \"solium:all\",\n    \"plugins\": [\"security\"],\n    \"rules\": {\n        \"security/no-throw\": \"warning\",\n        \"security/no-tx-origin\": \"error\",\n        \"security/enforce-explicit-visibility\": \"error\",\n        \"security/no-block-members\": [\"warning\", [\"blockhash\", \"timestamp\"]],\n        \"security/no-call-value\": \"warning\",\n        \"security/no-assign-params\": \"error\",\n        \"security/no-fixed\": \"error\",\n        \"security/no-inline-assembly\": \"warning\",\n        \"security/no-low-level-calls\": [\"warning\", [\"call\", \"callcode\", \"delegatecall\"]],\n        \"security/no-modify-for-iter-var\": \"warning\",\n        \"security/enforce-loop-bounds\": \"off\",\n        \"security/no-var\": \"off\"\n    }\n}","lang":"json","description":"Example soliumrc.json configuration enabling 10 security rules with recommended severities, disabling two disruptive rules."},"warnings":[{"fix":"Use Solium v1.0.0 to v1.0.9. For newer Solium versions, use a different security plugin.","message":"Plugin requires Solium v1.0.x and is incompatible with Solium v0.x or v2.x","severity":"breaking","affected_versions":">=0.1.0"},{"fix":"Migrate to solhint or slither for Solidity linting and security analysis.","message":"Solium project itself is deprecated since 2020; no further updates expected","severity":"deprecated","affected_versions":">=0.1.0"},{"fix":"Always prefix plugin rules with 'security/' (e.g., 'security/no-throw').","message":"Rules without explicit prefix 'security/' are shared with core Solium rules, causing potential conflicts","severity":"gotcha","affected_versions":">=0.1.0"},{"fix":"Explicitly enable them in .soliumrc.json if needed: 'security/no-var': 'warning'","message":"In v0.1.1, rules 'no-var' and 'enforce-loop-bounds' are disabled by default due to disruption","severity":"breaking","affected_versions":">=0.1.1"},{"fix":"Install with `npm install -g solium-plugin-security`","message":"Plugin must be installed globally with -g flag; local install fails silently","severity":"gotcha","affected_versions":">=0.1.0"}],"env_vars":null,"last_verified":"2026-05-01T00:00:00.000Z","next_check":"2026-07-30T00:00:00.000Z","problems":[{"fix":"Run `npm install -g solium-plugin-security` and ensure Solium is also installed globally.","cause":"Plugin not installed or installed locally instead of globally.","error":"Plugin 'security' not found. Make sure solium-plugin-security is installed."},{"fix":"Add \"plugins\": [\"security\"] to soliumrc.json.","cause":"Missing 'security' plugin in soliumrc.json plugins array.","error":"Rule 'security/no-throw' is not defined in any plugin."},{"fix":"Global install: `npm install -g solium-plugin-security`. For local project, use `npm install --save-dev solium-plugin-security` (but prefer global).","cause":"Plugin is not installed or Node cannot resolve it.","error":"Cannot find module 'solium-plugin-security'"}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}