Medium level issue – Code Quality Docs

May 27, 2019

Rule	Description	KPI	URL
no-console	In general, console methods aren’t appropriate for production code.	Resource Utilization	https://palantir.github.io/tslint/rules/cyclomatic-complexity
no-magic-numbers	Magic numbers should be avoided as they often lack documentation, forcing them to be stored in variables gives them implicit documentation.When no list of allowed values is specified, -1, 0 and 1 are allowed by default.	Maintainability	https://palantir.github.io/tslint/rules/encoding
no-var-keyword	Disallows usage of the var keyword. Use let or const instead.	Maintainability	https://palantir.github.io/tslint/rules/no-inferred-empty-object-type
typeof-compare	Makes sure result of typeof is compared to correct string values	Maintainability	https://palantir.github.io/tslint/rules/use-isnan
no-switch-case-fall-through	Fall though in switch statements is often unintentional and a bug.	Accuracy	https://palantir.github.io/tslint/rules/no-invalid-template-strings
no-arg	Using arguments.callee makes various performance optimizations impossible. See MDN for more details on why to avoid arguments.callee.	Efficiency	https://palantir.github.io/tslint/rules/unified-signatures
arrow-return-shorthand	Suggests to convert () => { return x; } to () => x.	Understandability	https://palantir.github.io/tslint/rules/no-floating-promises
no-var-requires	Disallows the use of require statements except in import statements.In other words, the use of forms such as var module = require(“module”) are banned. Instead use ES6 style imports or import foo = require(‘foo’) imports.	Maintainability	https://palantir.github.io/tslint/rules/no-object-literal-type-assertion
no-submodule-imports	Submodules of some packages are treated as private APIs and the import paths may change without deprecation periods. It’s best to stick with top-level package exports.	Maintainability	https://palantir.github.io/tslint/rules/no-debugger
no-inferrable-types	Explicit types where they can be easily inferred by the compiler make code more verbose.	Robustness	https://palantir.github.io/tslint/rules/no-unnecessary-initializer
no-redundant-jsdoc	Forbids JSDoc which duplicates TypeScript functionality.	Maintainability	https://palantir.github.io/tslint/rules/adjacent-overload-signatures
use-default-type-parameter	Warns if an explicitly specified type argument is the default for that type parameter.	Maintainability	https://palantir.github.io/tslint/rules/no-return-await
no-shadowed-variable	Shadowing a variable masks access to it and obscures to what value an identifier actually refers.	Robustness	https://palantir.github.io/tslint/rules/interface-over-type-literal
no-string-throw	Flags throwing plain strings or concatenations of strings because only Errors produce proper stack traces.	Maintainability	https://palantir.github.io/tslint/rules/no-non-null-assertion
no-string-literal	If –noImplicitAny is turned off, property access via a string literal will be ‘any’ if the property does not exist.	Robustness	https://palantir.github.io/tslint/rules/no-duplicate-switch-case
forin	for (let key in someObject) { if (someObject.hasOwnProperty(key)) { // code here } } Prevents accidental iteration over properties inherited from an object’s prototype. See MDN’s for…in documentation for more information about for…in loops.	Maintainability
no-parameter-properties	Parameter properties can be confusing to those new to TS as they are less explicit than other ways of declaring and initializing class members.	Understandability
variable-name	Checks variable names for various errors.	Understandability
match-default-export-name	Requires that a default import have the same name as the declaration it imports. Does nothing for anonymous default exports.	Understandability	https://palantir.github.io/tslint/rules/max-line-length
no-any	Using any as a type declaration nullifies the compile-time benefits of the type system.	Robustness	https://palantir.github.io/tslint/rules/arrow-parens
prefer-switch	Prefer a switch statement to an if statement with simple === comparisons.	Maintainability	https://palantir.github.io/tslint/rules/new-parens
switch-final-break	Checks whether the final clause of a switch statement ends in break;	Robustness	https://palantir.github.io/tslint/rules/one-variable-per-declaration
no-sparse-arrays	Missing elements are probably an accidentally duplicated comma.	Robustness	https://palantir.github.io/tslint/rules/semicolon
ban-comma-operator	Using the comma operator can create a potential for many non-obvious bugs or lead to misunderstanding of code.	Understandability	https://palantir.github.io/tslint/rules/no-consecutive-blank-lines
no-unnecessary-type-assertion	Warns if a type assertion does not change the type of an expression.	Understandability	https://palantir.github.io/tslint/rules/prefer-function-over-method
no-conditional-assignment	Assignments in conditionals are often typos: for example if (var1 = var2) instead of if (var1 == var2). They also can be an indicator of overly clever code which decreases maintainability.	Accuracy	https://palantir.github.io/tslint/rules/completed-docs
prefer-for-of	A for(… of …) loop is easier to implement and read when the index is not needed.	Understandability	https://palantir.github.io/tslint/rules/linebreak-style
binary-expression-operand-order	In a binary expression, a literal should always be on the right-hand side if possible. For example, prefer “x + 1” over “1 + x”.	Understandability	https://palantir.github.io/tslint/rules/no-default-export
promise-function-async	Ensures that each function is only capable of 1) returning a rejected promise, or 2) throwing an Error object. In contrast, non-async Promise-returning functions are technically capable of either. This practice removes a requirement for consuming code to handle both cases.	Maintainability	https://palantir.github.io/tslint/rules/whitespace
no-implicit-dependencies	Disallows importing transient dependencies and modules installed above your package’s root directory.	Maintainability	https://palantir.github.io/tslint/rules/ordered-imports
no-unnecessary-qualifier	Warns when a namespace qualifier (A.x) is unnecessary.	Accuracy	https://palantir.github.io/tslint/rules/strict-boolean-expressions
no-for-in-array	Disallows iterating over an array with a for-in loop. A for-in loop (for (var k in o)) iterates over the properties of an Object. While it is legal to use for-in loops with array types, it is not common. for-in will iterate over the indices of the array as strings, omitting any “holes” in the array. More common is to use for-of, which iterates over the values of an array. If you want to iterate over the indices, alternatives include: array.forEach((value, index) => { … }); for (const [index, value] of array.entries()) { … } for (let i = 0; i < array.length; i++) { … }	Accuracy	https://palantir.github.io/tslint/rules/no-empty
prefer-const	If a variable is only assigned to once when it is declared, it should be declared using ‘const’.	Understandability	https://palantir.github.io/tslint/rules/object-literal-sort-keys
object-literal-key-quotes	Object literal property names can be defined in two ways: using literals or using strings. For example, these two objects are equivalent: var object1 = { property: true }; var object2 = { ‘property’ : true }; In many cases, it doesn’t matter if you choose to use an identifier instead of a string or vice-versa. Even so, you might decide to enforce a consistent style in your code. This rules lets you enforce consistent quoting of property names. Either they should always be quoted (default behavior) or quoted only as needed (‘as-needed’).	Understandability	https://palantir.github.io/tslint/rules/comment-format
typedef	Requires type definitions to exist.	Understandability
class-name	Makes it easy to differentiate classes from regular variables at a glance.	Understandability
prefer-readonly	Marking never-modified variables as readonly helps enforce the code’s intent of keeping them as never-modified. It can also help prevent accidental changes of members not meant to be changed.	Accuracy
no-null-keyword	Instead of having the dual concepts of null andundefined in a codebase, this rule ensures that only undefined is used.	Understandability
no-namespace	ES6-style external modules are the standard way to modularize code. Using module {} and namespace {} are outdated ways to organize TypeScript code.	Maintainability
prefer-template	Prefer a template expression over string literal concatenation.	Understandability
member-access	Explicit visibility declarations can make code more readable and accessible for those new to TS.	Understandability
no-construct	There is little reason to use String, Number, or Boolean as constructors. In almost all cases, the regular function-call version is more appropriate. More details are available on StackOverflow.	Understandability
return-undefined	Prefer return; in void functions and return undefined; in value-returning functions.	Accuracy
no-reference-import	Don’t if you import foo anyway.	Maintainability
import-blacklist	Some libraries allow importing their submodules instead of the entire module. This is good practise as it avoids loading unused modules.	Efficiency
no-bitwise	Bitwise operators are often typos – for example bool1 & bool2 instead of bool1 && bool2. They also can be an indicator of overly clever code which decreases maintainability.	Accuracy
prefer-object-spread	Object spread allows for better type checking and inference.	Maintainability
restrict-plus-operands	When adding two variables, operands must both be of type number or of type string.	Accuracy
no-invalid-this	See the rule’s author;s rationale here.	Maintainability	https://palantir.github.io/tslint/rules/typeof-compare
no-misused-new	Warns on apparent attempts to define constructors for interfaces or new for classes.	Accuracy	https://palantir.github.io/tslint/rules/no-var-requires
newline-per-chained-call	This style helps to keep code “vertical”, avoiding the need for side-scrolling in IDEs or text editors.	Understandability	https://palantir.github.io/tslint/rules/no-inferrable-types
no-unused-variable	In addition to avoiding compilation errors, this rule may still be useful if you wish to have tslint automatically remove unused imports, variables, functions, and private class members, when using TSLint’s –fix option.	Maintainability	https://palantir.github.io/tslint/rules/no-redundant-jsdoc
no-dynamic-delete	Deleting dynamically computed keys is dangerous and not well optimized.	Accuracy	https://palantir.github.io/tslint/rules/use-default-type-parameter
quotemark	Requires single or double quotes for string literals.	Accuracy	https://palantir.github.io/tslint/rules/no-string-literal
no-unused-expression	Detects potential errors where an assignment or function call was intended.	Maintainability	https://palantir.github.io/tslint/rules/forin
label-position	Labels in JavaScript only can be used in conjunction with break or continue, constructs meant to be used for loop flow control. While you can theoretically use labels on any block statement in JS, it is considered poor code structure to do so.	Maintainability	https://palantir.github.io/tslint/rules/match-default-export-name
no-empty-interface	An empty interface is equivalent to its supertype (or {}).	Maintainability	https://palantir.github.io/tslint/rules/no-any
only-arrow-functions	Traditional functions don’t bind lexical scope, which can lead to unexpected behavior when accessing “this”.	Accuracy	https://palantir.github.io/tslint/rules/prefer-switch
no-require-imports	Prefer the newer ES6-style imports over require().	Maintainability	Checks whether the final clause of a switch statement ends in break;
no-unnecessary-callback-wrapper	Replaces x => f(x) with just f. To catch more cases, enable only-arrow-functions and arrow-return-shorthand too.	Accuracy	https://palantir.github.io/tslint/rules/ban-comma-operator
no-void-expression	Requires expressions of type void to appear in statement position.	Maintainability	https://palantir.github.io/tslint/rules/no-conditional-assignment
array-type	Requires using either “T[]” or “Array” for arrays.	Maintainability	https://palantir.github.io/tslint/rules/prefer-for-of
Prefer-method-signature	Prefer foo(): void over foo: () => void in interfaces and types.	Maintainability	https://palantir.github.io/tslint/rules/promise-function-async
chai-prefer-contains-to-index-of	Avoid Chai assertions that invoke indexOf and compare for a -1 result. It is better to use the chai .contain() assertion API instead because the failure message will be more clearer if the test fails.	Efficiency	https://palantir.github.io/tslint/rules/no-implicit-dependencies
chai-vague-errors	Avoid Chai assertions that result in vague errors. For example, asserting expect(something).to.be.true will result in the failure message “Expected true received false”. This is a vague error message that does not reveal the underlying problem. It is especially vague in TypeScript because stack trace line numbers often do not match the source code. A better pattern to follow is the xUnit Patterns Assertion Message pattern. The previous code sample could be better written as expect(something).to.equal(true, ‘expected something to have occurred’);	Maintainability	https://palantir.github.io/tslint/rules/no-unnecessary-qualifier
export-name	The name of the exported module must match the filename of the source file. This is case-sensitive but ignores file extension. Since version 1.0, this rule takes a list of regular expressions as a parameter. Any export name matching that regular expression will be ignored. For example, to allow an exported name like myChartOptions, then configure the rule like this: “export-name”: [true, “myChartOptionsg”]	Maintainability	https://palantir.github.io/tslint/rules/no-for-in-array
function-name	Applies a naming convention to function names and method names. You can configure the naming convention by passing parameters. Please note, the private-method-regex does take precedence over the static-method-regex, so a private static method must match the private-method-regex. The default values are: [ true, { “method-regex”: “^[a-z][wd]+$”, “private-method-regex”: “^[a-z][wd]+$”, “protected-method-regex”: “^[a-z][wd]+$”, “static-method-regex”: “^[A-Z_d]+$”, “function-regex”: “^[a-z][wd]+$” } This rule has some overlap with the tslint variable-name rule; however, the rule here is more configurable.]	Maintainability	https://palantir.github.io/tslint/rules/prefer-const
import-name	The name of the imported module must match the name of the thing being imported. For example, it is valid to name imported modules the same as the module name: import Service = require(‘x/y/z/Service’) and import Service from ‘x/y/z/Service’. But it is invalid to change the name being imported, such as: import MyCoolService = require(‘x/y/z/Service’) and import MyCoolService from ‘x/y/z/Service’. Since version 2.0.9 it is possible to configure this rule with a list of exceptions. For example, to allow underscore to be imported as _, add this configuration: ‘import-name’: [ true, { ‘underscore’: ‘_’ }]	Maintainability	https://palantir.github.io/tslint/rules/object-literal-key-quotes
insecure-random	Do not use insecure sources for random bytes. Use a secure random number generator instead. Bans all uses of Math.random and crypto.pseudoRandomBytes. Better alternatives are crypto.randomBytes and window.crypto.getRandomValues. References: * CWE 330 * MDN Math.random * Node.js crypto.randomBytes() * window.crypto.getRandomValues()	Accuracy	https://palantir.github.io/tslint/rules/typedef
jquery-deferred-must-complete	When a JQuery Deferred instance is created, then either reject() or resolve() must be called on it within all code branches in the scope.	Maintainability	https://palantir.github.io/tslint/rules/class-name
max-func-body-length	Avoid long functions. The line count of a function body must not exceed the value configured within this rule’s options. You can setup a general max function body length applied for every function/method/arrow function e.g. [true, 30] or set different maximum length for every type e.g. [true, { “func-body-length”: 10 , “func-expression-body-length”: 10 , “arrow-body-length”: 5, “method-body length”: 15, “ctor-body-length”: 5 }]. To specify a function name whose parameters you can ignore for this rule, pass a regular expression as a string(this can be useful for Mocha users to ignore the describe() function). Since version 2.0.9, you can also ignore single- and multi-line comments from the total function length, eg. [true, { “ignore-comments”: true }]	Maintainability	https://palantir.github.io/tslint/rules/prefer-readonly
mocha-no-side-effect-code	All test logic in a Mocha test case should be within Mocha lifecycle method and not defined statically to execute when the module loads. Put all assignments and initialization statements in a before(), beforeEach(), beforeAll(), after(), afterEach(), afterAll(), or it() function. Code executed outside of these lifecycle methods can throw exceptions before the test runner is initialized and can result in errors or even test runner crashes. This rule can be configured with a regex to ignore certain initializations. For example, to ignore any calls to RestDataFactory configure the rule with: [true, { ignore: ‘^RestDataFactory..*’ }]	Accuracy	https://palantir.github.io/tslint/rules/member-access
no-backbone-get-set-outside-model	Avoid using model.get(‘x’) and model.set(‘x’, value) Backbone accessors outside of the owning model. This breaks type safety and you should define getters and setters for your attributes instead.	Maintainability	https://palantir.github.io/tslint/rules/return-undefined
no-banned-terms	Do not use banned terms: caller, callee, eval, arguments. These terms refer to functions or properties that should not be used, so it is best practice to simply avoid them.	Understandability	https://palantir.github.io/tslint/rules/no-reference-import
no-document-domain	Do not write to document.domain. Scripts setting document.domain to any value should be validated to ensure that the value is on a list of allowed sites. Also, if your site deals with PII in any way then document.domain must not be set to a top-level domain (for example, live.com) but only to an appropriate subdomain (for example, billing.live.com). If you are absolutely sure that you want to set document.domain then add a tslint suppression comment for the line. For more information see the Phase 4 Verification page of the Microsoft SDL	Security	https://palantir.github.io/tslint/rules/no-misused-new
no-duplicate-case	This rule can be replaced with TSLint’s no-duplicate-switch-case. Do not use duplicate case labels in switch statements. Similar to the ESLint no-duplicate-caserule	Maintainability	https://palantir.github.io/tslint/rules/no-unused-variable
no-empty-interfaces	Do not use empty interfaces. They are compile-time only artifacts and they serve no useful purpose	Maintainability	https://palantir.github.io/tslint/rules/quotemark
no-exec-script	Do not use the execScript functions. window.execScript is not crossing browsers, only IE supports it.	Robustness	https://palantir.github.io/tslint/rules/label-position
no-inner-html	Do not write values to innerHTML, outerHTML, or set HTML using the JQuery html() function. Writing values to innerHTML can expose your website to XSS injection attacks. All strings must be escaped before being rendered to the page.	Security	https://palantir.github.io/tslint/rules/array-type
no-invalid-regexp	Do not use invalid regular expression strings in the RegExp constructor. Similar to the ESLint no-invalid-regexp rule	Maintainability	https://palantir.github.io/tslint/rules/prefer-method-signature
no-missing-visibility-modifiers	This rule is in the TSLint product as member-access. Class members (both fields and methods) should have visibility modifiers specified. THe Principle of Least Visibility guides us to prefer private methods and fields when possible. If a developer forgets to add a modifier then TypeScript assumes the element should be public, which is the wrong default choice.	Maintainability
no-multiple-var-decl	Deprecated – This rule is now part of the base TSLint product as the rule named ‘one-variable-per-declaration’. Do not use comma separated variable declarations	Maintainability
no-regex-spaces	Do not use multiple spaces in a regular expression literal. Similar to the ESLint no-regex-spaces rule	Maintainability
no-relative-imports	Do not use relative paths when importing external modules or ES6 import declarations. The advantages of removing all relative paths from imports is that 1) the import name will be consistent across all files and subdirectories so searching for usages is much easier. 2) Moving source files to different folders will not require you to edit your import statements. 3) It will be possible to copy and paste import lines between files regardless of the file location. And 4) version control diffs will be simplified by having overall fewer edits to the import lines.	Maintainability
no-reserved-keywords	Do not use reserved keywords as names of local variables, fields, functions, or other identifiers. Since version 2.0.9 this rule accepts a parameter called allow-quoted-properties. If true, interface properties in quotes will be ignored. This can be a useful way to avoid verbose suppress-warning comments for generated d.ts files. This rule has some overlap with the tslint variable-name rule, however, the rule here finds more keywords and more usages.	Maintainability
no-stateless-class	Deprecated – This rule can be replaced with TSLint’s no-unnecessary-class. A stateless class represents a failure in the object oriented design of the system. A class without state is better modeled as a module or given some state. A stateless class is defined as a class with only static members and no parent class.	Maintainability
no-suspicious-comment	Do not use suspicious comments, such as BUG, HACK, FIXME, LATER, LATER2, TODO. We recommend that you run this rule before each release as a quality checkpoint. Reference: CWE-546 Suspicious Comment	Robustness
no-typeof-undefined	Do not use the idiom typeof x === ‘undefined’. You can safely use the simpler x === undefined or perhaps x == null if you want to check for either null or undefined.	Accuracy
no-unnecessary-bind	Do not bind ‘this’ as the context for a function literal or lambda expression. If you bind ‘this’ as the context to a function literal, then you should just use a lambda without the bind. If you bind ‘this’ as the context to a lambda, then you can remove the bind call because ‘this’ is already the context for lambdas. Works for Underscore methods as well.	Accuracy
no-unnecessary-field-initialization	Do not unnecessarily initialize the fields of a class to values they already have. For example, there is no need to explicitly set a field to undefined in the field’s initialization or in the class’ constructor. Also, if a field is initialized to a constant value (null, a string, a boolean, or some number) then there is no need to reassign the field to this value within the class constructor.	Resource Utilization
no-unnecessary-override	Do not write a method that only calls super() on the parent method with the same arguments. You can safely remove methods like this and Javascript will correctly dispatch the method to the parent object.	Resource Utilization
no-unsupported-browser-code	Avoid writing browser-specific code for unsupported browser versions. Browser versions are specified in the rule configuration options, eg: [true, [ “IE 11”, “Firefox > 40”, “Chrome >= 45” ] ]. Browser-specific blocks of code can then be designated with a single-line comment, like so: // Browser specific: IE 10, or with a jsdoc like this: @browserspecific chrome 40.	Understandability
no-useless-files	Avoid keeping files around that only contain commented out code, are completely empty, or only contain whitespace characters	Resource Utilization
no-var-self	Deprecated – This rule can be replaced with TSLint’s no-this-assignment. Do not use var self = this; instead, manage scope with arrow functions/lambdas. Self variables are a common practice in JavaScript but can be avoided in TypeScript. By default the rule bans any assignments of the this reference. If you want to enforce a naming convention or allow some usages then configure the rule with a regex. By default the rule is configured with (?!) which matches nothing. You can pass ^self$ to allow variables named self or pass ^(?!self$) to allow anything other than self, for example	Maintainability
prefer-array-literal	Use array literal syntax when declaring or instantiating array types. For example, prefer the Javascript form of string[] to the TypeScript form Array. Prefer ‘[]’ to ‘new Array()’. Prefer ‘[4, 5]’ to ‘new Array(4, 5)’. Prefer ‘[undefined, undefined]’ to ‘new Array(4)’. Since 2.0.10, this rule can be configured to allow Array type parameters. To ignore type parameters, configure the rule with the values: [ true, { ‘allow-type-parameters’: true } ] This rule has some overlap with the TSLint array-type rule, however, the version here catches more instances.	Maintainability
promise-must-complete	When a Promise instance is created, then either the reject() or resolve() parameter must be called on it within all code branches in the scope. For more examples see the feature request. This rule has some overlap with the tslint no-floating-promises rule, but they are substantially different.	Maintainability
react-a11y-aria-unsupported-elements	For accessibility of your website, enforce that elements that do not support ARIA roles, states, and properties do not have those attributes.	Maintainability
react-a11y-event-has-role	For accessibility of your website, Elements with event handlers must have explicit role or implicit role.	Maintainability
react-a11y-image-button-has-alt	For accessibility of your website, enforce that inputs element with type=”image” must have non-empty alt attribute.	Maintainability
react-a11y-img-has-alt	Enforce that an img element contains the alt attribute or role=’presentation’ for a decorative image. All images must have alt text to convey their purpose and meaning to screen reader users. Besides, the alt attribute specifies an alternate text for an image, if the image cannot be displayed. This rule accepts as a parameter a string array for tag names other than img to also check. For example, if you use a custom tag named ‘Image’ then configure the rule with: [true, [‘Image’]]	Maintainability
react-a11y-lang	For accessibility of your website, HTML elements must have a lang attribute and the attribute must be a valid language code.	Maintainability
react-a11y-meta	For accessibility of your website, HTML meta elements must not have http-equiv=”refresh”.	Maintainability
react-a11y-props	For accessibility of your website, enforce all aria-* attributes are valid. Elements cannot use an invalid aria-* attribute. This rule will fail if it finds an aria-* attribute that is not listed in WAI-ARIA states and properties.	Maintainability
react-a11y-proptypes	For accessibility of your website, enforce the type of aria state and property values are correct.	Maintainability
react-a11y-role-has-required-aria-props	For accessibility of your website, elements with aria roles must have all required attributes according to the role.	Maintainability
react-a11y-role-supports-aria-props	For accessibility of your website, enforce that elements with explicit or implicit roles defined contain only aria-* properties supported by that role. Many aria attributes (states and properties) can only be used on elements with particular roles. Some elements have implicit roles, such as , which will be resolved to role=’link’. A reference for the implicit roles can be found at Default Implicit ARIA Semantics.	Maintainability
react-a11y-role	For accessibility of your website, elements with aria roles must use a valid, non-abstractaria role. A reference to role defintions can be found at WAI-ARIA roles.	Maintainability
react-a11y-tabindex-no-positive	For accessibility of your website, enforce tabindex value is not greater than zero. Avoid positive tabindex attribute values to synchronize the flow of the page with keyboard tab order.	Maintainability
react-a11y-titles	For accessibility of your website, HTML title elements must not be empty, must be more than one word, and must not be more than 60 characters long.	Maintainability
react-anchor-blank-noopener	For security reasons, anchor tags with target=”_blank” should also include rel=”noopener noreferrer”. In order to restrict the behavior window.opener access, the original page needs to add a rel=”noopener” attribute to any link that has target=”_blank”. However, Firefox does not support that tag, so you should actually use rel=”noopener noreferrer” for full coverage. For more info see: The target=”_blank” vulnerability by example	Maintainability
react-iframe-missing-sandbox	React iframes must specify a sandbox attribute. If specified as an empty string, this attribute enables extra restrictions on the content that can appear in the inline frame. The value of the attribute can either be an empty string (all the restrictions are applied), or a space-separated list of tokens that lift particular restrictions. You many not use both allow-scripts and allow-same-origin at the same time, as that allows the embedded document to programmatically remove the sandbox attribute in some scenarios.	Maintainability
react-no-dangerous-html	Do not use React’s dangerouslySetInnerHTML API. This rule finds usages of the dangerouslySetInnerHTML API (but not any JSX references). For more info see the react-no-dangerous-html Rule wiki page.	Security
react-this-binding-issue	Several errors can occur when using React and React.Component subclasses. When using React components you must be careful to correctly bind the ‘this’ reference on any methods that you pass off to child components as callbacks. For example, it is common to define a private method called ‘onClick’ and then specify onClick={this.onClick} as a JSX attribute. If you do this then the ‘this’ reference will be undefined when your private method is invoked. The React documentation suggests that you bind the ‘this’ reference on all of your methods within the constructor: this.onClick = this.onClick.bind(this);. This rule will create a violation if 1) a method reference is passed to a JSX attribute without being bound in the constructor. And 2) a method is bound multiple times in the constructor. Another issue that can occur is binding the ‘this’ reference to a function within the render() method. For example, many people will create an anonymous lambda within the JSX attribute to avoid the ‘this’ binding issue: onClick={() => { this.onClick(); }}. The problem with this is that a new instance of an anonymous function is created every time render() is invoked. When React compares virutal DOM properties within shouldComponentUpdate() then the onClick property will look like a new property and force a re-render. You should avoid this pattern because creating function instances within render methods breaks any logic within shouldComponentUpdate() methods. This rule creates violations if 1) an anonymous function is passed as a JSX attribute. And 2) if a function instantiated in local scope is passed as a JSX attribute. This rule can be configured via the “allow-anonymous-listeners” parameter. If you want to suppress violations for the anonymous listener scenarios then configure that rule like this: “react-this-binding-issue”: [ true, { ‘allow-anonymous-listeners’: true } ]	Maintainability
underscore-consistent-invocation	Enforce a consistent usage of the _ functions. By default, invoking underscore functions should begin with wrapping a variable in an underscore instance: _(list).map(…). An alternative is to prefer using the static methods on the _ variable: _.map(list, …). The rule accepts single parameter called ‘style’ which can be the value ‘static’ or ‘instance’: [true, { “style”: “static” }]	Maintainability
use-named-parameter	Do not reference the arguments object by numerical index; instead, use a named parameter. This rule is similar to JSLint’s Use a named parameter rule.	Maintainability
valid-typeof	Deprecated – This rule is now enforced by the TypeScript compiler. Ensures that the results of typeof are compared against a valid string. This rule aims to prevent errors from likely typos by ensuring that when the result of a typeof operation is compared against a string, that the string is a valid value. Similar to the valid-typeof ESLint rule.	Accuracy

TypeScript (TSLint)