Skip to main content

Home Articles npm Scorecard

Build Securely.

Engineering Leader & Open Source Creator. Architect of the Interlace ESLint Ecosystem.

GitHub
Dev.to
LinkedIn
X

© 2026 Ofri Peretz. All rights reserved.

Articles

Engineering writing on static analysis, ESLint, security, and AI-native developer tooling.

Filtered by tag #browser · clear filter

Jan 2, 2026
Your Frontend Stores JWTs in localStorage and Posts to '*'. 45 ESLint Rules Catch What the Backend Audit Misses.
JWT-in-localStorage, innerHTML XSS, postMessage('*'), mixed content, permissive CORS — browser-side bugs a backend pentest and a type-checker never see. 45 CWE-mapped ESLint rules that catch them in CI.
#eslint#javascript#security+1
10 min