Add prodlint — linter for AI-generated JS/TS apps#1744
Open
Anthony-Marcovecchio wants to merge 2 commits intoanalysis-tools-dev:masterfrom
Open
Add prodlint — linter for AI-generated JS/TS apps#1744Anthony-Marcovecchio wants to merge 2 commits intoanalysis-tools-dev:masterfrom
Anthony-Marcovecchio wants to merge 2 commits intoanalysis-tools-dev:masterfrom
Conversation
Member
|
Thanks for your submission. The project has not reached all requirements for addition yet: Each tool on the list needs to be
We can keep this pull request open in the meantime. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Tool Info
Description
prodlint is a static analysis CLI that catches the production bugs AI coding tools (Cursor, v0, Bolt, Copilot) consistently write. 52 rules across security, reliability, performance, and AI quality. Zero config, Babel AST-based analysis with regex fallback.
Catches things ESLint misses: hardcoded secrets, hallucinated imports, missing auth on API routes, server action validation, SQL injection (ORM-aware), insecure cookies, and more.