Critiq Docs
Get started
security.transport

Require modern TLS minimum versions

Transport clients should not explicitly allow SSLv3, TLS 1.0, or TLS 1.1.

#Metadata

Rule ID
ts.security.weak-tls-version
Severity
high
Confidence
0.9
Languages
javascript, typescript
Presets
recommended, security, strict
Stability
stable
Applies to
block
Tags
rules-catalog, security, tls, transport

#Why it matters

Legacy TLS protocol floors weaken transport security and keep obsolete downgrade-compatible settings alive in production code.

#Remediation

Set `minVersion` to at least `TLSv1.2` or `TLSv1.3` and remove legacy `secureProtocol` values.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.weak-tls-version.rule.yaml.

Back to registryOpen rule in repository