⚡️ Supercharge your Firebase development! Automatically generate, lint, and validate secure Firestore rules by scanning your codebase directly within VS Code.
Tired of manually writing firestore.rules? Worried about silent security vulnerabilities in your database? FireRule Guard is the essential VS Code extension for modern Firebase and Firestore developers. It bridges the critical gap between your application code and your database security, ensuring your rules are robust and scalable.
This powerful tool scans your project for Firestore collection usage (e.g., .collection('users')) and generates a complete, secure-by-default firestore.rules file for you, saving hours of tedious work and reducing the risk of human error.
This project is an official open-source initiative by the SEO and development experts at SEOSiri and is proudly maintained by Momenul Ahmad to help developers build more secure and efficient applications.
- 🤖 Automated Rules Generation: Intelligently scans your JavaScript/TypeScript codebase for
.collection('...')usage and generates correspondingmatchblocks instantly. - 🛡️ Secure By Default: Creates rules that start with
allow read, write: if false;, forcing you to explicitly enable access and preventing accidental open databases. - 🚀 Boosts Productivity: Go from a new collection in your code to a fully protected endpoint in seconds. Eliminates the need to manually sync your application logic with your security rules.
- 💡 Linter & Validator: Built-in linter to identify common Firestore security anti-patterns like
allow read: if true. - 🎯 Best Practices Built-In: Embeds security best practices directly into your workflow.
Getting started is incredibly simple. Follow these steps to generate your first ruleset in under a minute.
- Install the "FireRule Guard" extension directly from the VS Code Marketplace.
- Open Your Project: Open a Firebase project folder in VS Code.
- Run the Generator:
- Open the Command Palette (
Ctrl+Shift+Pon Windows/Linux orCmd+Shift+Pon Mac). - Type and select the command: "FireRule Guard: Generate Rules from Codebase".
- Open the Command Palette (
- Review & Save: A new
firestore.rulesfile will be created or updated with the generated rules. Review the generated match blocks and implement your specific security logic.
Currently, FireRule Guard does not have any specific settings. Future versions may include configurable paths for scanning.
- The extension currently only scans for simple string literals in
.collection()calls. Dynamic or variable-based collection paths are not yet supported.
Please report any other issues on our GitHub Issues page.
- Initial release of FireRule Guard.
- Feature: Automated rules generation from codebase scan.
- Feature: Live security linter for insecure rules.
- Secure-by-default
firestore.rulesfile creation.
This project is open source! We welcome contributions. Please feel free to fork the repository, make changes, and submit a pull request.
- Contribute: Check out our official repository on GitHub.
- More Tools: Discover our other extensions on the VS Code Marketplace Publisher Page.
Distributed under the MIT License. See LICENSE for more information.