no-insecure-tls-agent-options

Disallow TLS and HTTPS option objects that disable certificate verification.

Targeted pattern scope

TLS/HTTPS options objects that disable certificate verification.

What this rule reports

rejectUnauthorized: false in option objects.

Why this rule exists

Disabling certificate verification removes core TLS trust guarantees.

❌ Incorrect

new https.Agent({ rejectUnauthorized: false });

✅ Correct

new https.Agent({ rejectUnauthorized: true });

ESLint flat config example

import sdl from "eslint-plugin-sdl-2";

export default [
 {
  plugins: { sdl },

  rules: {
   "sdl/no-insecure-tls-agent-options": "error",
  },
 },
];

When not to use it

Disable only in tightly scoped debugging or local interception scenarios that cannot affect production traffic.

Package documentation

Rule source

Targeted pattern scope​

What this rule reports​

Why this rule exists​

❌ Incorrect​

✅ Correct​

ESLint flat config example​

When not to use it​

Package documentation​

Further reading​