Skip to main content

Home Articles npm Scorecard

Build Securely.

Engineering Leader & Open Source Creator. Architect of the Interlace ESLint Ecosystem.

GitHub
Dev.to
LinkedIn
X

© 2026 Ofri Peretz. All rights reserved.

Articles

Engineering writing on static analysis, ESLint, security, and AI-native developer tooling.

Filtered by tag #nestjs · clear filter

May 28, 2026
I Inherited a NestJS Codebase. The First Lint Run Found 6 Vulnerabilities.
The codebase had 2 years of feature PRs and zero security audits. In 30 minutes, a fresh ESLint run surfaced 6 distinct vulnerability classes — auth bypass, sensitive field leaks, brute-force exposure, and three more. Here's what each one looks like and why it survived code review.
#nestjs#security#node+1
008 min0
Jan 2, 2026
NestJS Hands You Guards, Pipes, and Throttlers. Your Controllers Ship Without Them. 6 ESLint Rules Catch What You Forgot.
A NestJS controller with no @UseGuards is wide open; a handler with no ValidationPipe takes raw input; an entity returned directly leaks the password hash. 6 CWE-mapped ESLint rules that catch the decorators you forgot, in CI.
#eslint#nestjs#security+1
9 min