{"library":"eslint-plugin-security","type":"library","category":null,"description":"ESLint plugin providing security-focused lint rules for Node.js applications, maintained by eslint-community. Current stable version is 4.0.0 (released 2026-02-19), with a slower release cadence of major versions every ~2 years. Key differentiators: it identifies potential security hotspots like eval() with expressions, unsafe Buffer usage, and child_process exec() calls; integrates as a recommended flat config for ESLint 9+; replaced the legacy eslintrc config with flat config (breaking change), and has dropped support for older Node versions. Currently in active development.","language":"javascript","status":"active","version":"4.0.0","tags":["javascript","eslint","security","nodesecurity"],"last_verified":"Wed May 27","install":[{"cmd":"npm install eslint-plugin-security","imports":["const pluginSecurity = require('eslint-plugin-security');","module.exports = [...pluginSecurity.configs.recommended];","const { rules } = require('eslint-plugin-security');"]},{"cmd":"yarn add eslint-plugin-security","imports":[]},{"cmd":"pnpm add eslint-plugin-security","imports":[]}],"homepage":null,"github":"https://github.com/eslint-community/eslint-plugin-security","docs":null,"changelog":null,"pypi":null,"npm":"https://www.npmjs.com/package/eslint-plugin-security","openapi_spec":null,"status_page":null,"smithery":null,"compatibility":{"summary":{"python_range":"18–22","success_rate":0,"avg_install_s":null,"avg_import_s":null,"wheel_type":null},"url":"https://checklist.day/v1/registry/eslint-plugin-security/compatibility"}}