@atom8n/eslint-plugin-community-nodes 0.7.0

package/.turbo/turbo-build.log

@@ -0,0 +1,4 @@
+
+> @n8n/eslint-plugin-community-nodes@0.7.0 build /Users/Shared/Project/20250718_n8n_atom/n8n-solution/n8n/packages/@n8n/eslint-plugin-community-nodes
+> tsc --project tsconfig.build.json
+

package/README.md

@@ -0,0 +1,60 @@
+# @n8n/eslint-plugin-community-nodes
+
+ESLint plugin for linting n8n community node packages to ensure consistency and best practices.
+
+## Install
+
+```sh
+npm install --save-dev eslint @n8n/eslint-plugin-community-nodes
+```
+
+**Requires ESLint `>=9` and [flat config](https://eslint.org/docs/latest/use/configure/configuration-files)
+
+## Usage
+
+See the [ESLint docs](https://eslint.org/docs/latest/use/configure/configuration-files) for more information about extending config files.
+
+### Recommended config
+
+This plugin exports a `recommended` config that enforces good practices.
+
+```js
+import { n8nCommunityNodesPlugin } from '@n8n/eslint-plugin-community-nodes';
+
+export default [
+		// …
+		n8nCommunityNodesPlugin.configs.recommended,
+		{
+			rules: {
+				'@n8n/community-nodes/node-usable-as-tool': 'warn',
+			},
+		},
+];
+```
+
+## Rules
+
+<!-- begin auto-generated rules list -->
+
+💼 Configurations enabled in.\
+⚠️ Configurations set to warn in.\
+✅ Set in the `recommended` configuration.\
+☑️ Set in the `recommendedWithoutN8nCloudSupport` configuration.\
+🔧 Automatically fixable by the [`--fix` CLI option](https://eslint.org/docs/user-guide/command-line-interface#--fix).\
+💡 Manually fixable by [editor suggestions](https://eslint.org/docs/latest/use/core-concepts#rule-suggestions).
+
+| Name                                                                               | Description                                                                                                  | 💼   | ⚠️   | 🔧 | 💡 |
+| :--------------------------------------------------------------------------------- | :----------------------------------------------------------------------------------------------------------- | :--- | :--- | :- | :- |
+| [credential-documentation-url](docs/rules/credential-documentation-url.md)         | Enforce valid credential documentationUrl format (URL or camelCase slug)                                     | ✅ ☑️ |      |    |    |
+| [credential-password-field](docs/rules/credential-password-field.md)               | Ensure credential fields with sensitive names have typeOptions.password = true                               | ✅ ☑️ |      | 🔧 |    |
+| [credential-test-required](docs/rules/credential-test-required.md)                 | Ensure credentials have a credential test                                                                    | ✅ ☑️ |      |    | 💡 |
+| [icon-validation](docs/rules/icon-validation.md)                                   | Validate node and credential icon files exist, are SVG format, and light/dark icons are different            | ✅ ☑️ |      |    | 💡 |
+| [no-credential-reuse](docs/rules/no-credential-reuse.md)                           | Prevent credential re-use security issues by ensuring nodes only reference credentials from the same package | ✅ ☑️ |      |    | 💡 |
+| [no-deprecated-workflow-functions](docs/rules/no-deprecated-workflow-functions.md) | Disallow usage of deprecated functions and types from n8n-workflow package                                   | ✅ ☑️ |      |    | 💡 |
+| [no-restricted-globals](docs/rules/no-restricted-globals.md)                       | Disallow usage of restricted global variables in community nodes.                                            | ✅    |      |    |    |
+| [no-restricted-imports](docs/rules/no-restricted-imports.md)                       | Disallow usage of restricted imports in community nodes.                                                     | ✅    |      |    |    |
+| [node-usable-as-tool](docs/rules/node-usable-as-tool.md)                           | Ensure node classes have usableAsTool property                                                               | ✅ ☑️ |      | 🔧 |    |
+| [package-name-convention](docs/rules/package-name-convention.md)                   | Enforce correct package naming convention for n8n community nodes                                            | ✅ ☑️ |      |    | 💡 |
+| [resource-operation-pattern](docs/rules/resource-operation-pattern.md)             | Enforce proper resource/operation pattern for better UX in n8n nodes                                         |      | ✅ ☑️ |    |    |
+
+<!-- end auto-generated rules list -->

package/dist/plugin.d.ts

@@ -0,0 +1,177 @@
+import type { ESLint } from 'eslint';
+import { rules } from './rules/index.js';
+declare const configs: {
+    recommended: {
+        ignores: string[];
+        plugins: {
+            '@n8n/community-nodes': {
+                meta: {
+                    name: string;
+                    version: string;
+                    namespace: string;
+                };
+                rules: ESLint.Plugin["rules"];
+            };
+        };
+        rules: {
+            '@n8n/community-nodes/no-restricted-globals': "error";
+            '@n8n/community-nodes/no-restricted-imports': "error";
+            '@n8n/community-nodes/credential-password-field': "error";
+            '@n8n/community-nodes/no-deprecated-workflow-functions': "error";
+            '@n8n/community-nodes/node-usable-as-tool': "error";
+            '@n8n/community-nodes/package-name-convention': "error";
+            '@n8n/community-nodes/credential-test-required': "error";
+            '@n8n/community-nodes/no-credential-reuse': "error";
+            '@n8n/community-nodes/icon-validation': "error";
+            '@n8n/community-nodes/resource-operation-pattern': "warn";
+            '@n8n/community-nodes/credential-documentation-url': "error";
+        };
+    };
+    recommendedWithoutN8nCloudSupport: {
+        ignores: string[];
+        plugins: {
+            '@n8n/community-nodes': {
+                meta: {
+                    name: string;
+                    version: string;
+                    namespace: string;
+                };
+                rules: ESLint.Plugin["rules"];
+            };
+        };
+        rules: {
+            '@n8n/community-nodes/credential-password-field': "error";
+            '@n8n/community-nodes/no-deprecated-workflow-functions': "error";
+            '@n8n/community-nodes/node-usable-as-tool': "error";
+            '@n8n/community-nodes/package-name-convention': "error";
+            '@n8n/community-nodes/credential-test-required': "error";
+            '@n8n/community-nodes/no-credential-reuse': "error";
+            '@n8n/community-nodes/icon-validation': "error";
+            '@n8n/community-nodes/credential-documentation-url': "error";
+            '@n8n/community-nodes/resource-operation-pattern': "warn";
+        };
+    };
+};
+declare const pluginWithConfigs: {
+    configs: {
+        recommended: {
+            ignores: string[];
+            plugins: {
+                '@n8n/community-nodes': {
+                    meta: {
+                        name: string;
+                        version: string;
+                        namespace: string;
+                    };
+                    rules: ESLint.Plugin["rules"];
+                };
+            };
+            rules: {
+                '@n8n/community-nodes/no-restricted-globals': "error";
+                '@n8n/community-nodes/no-restricted-imports': "error";
+                '@n8n/community-nodes/credential-password-field': "error";
+                '@n8n/community-nodes/no-deprecated-workflow-functions': "error";
+                '@n8n/community-nodes/node-usable-as-tool': "error";
+                '@n8n/community-nodes/package-name-convention': "error";
+                '@n8n/community-nodes/credential-test-required': "error";
+                '@n8n/community-nodes/no-credential-reuse': "error";
+                '@n8n/community-nodes/icon-validation': "error";
+                '@n8n/community-nodes/resource-operation-pattern': "warn";
+                '@n8n/community-nodes/credential-documentation-url': "error";
+            };
+        };
+        recommendedWithoutN8nCloudSupport: {
+            ignores: string[];
+            plugins: {
+                '@n8n/community-nodes': {
+                    meta: {
+                        name: string;
+                        version: string;
+                        namespace: string;
+                    };
+                    rules: ESLint.Plugin["rules"];
+                };
+            };
+            rules: {
+                '@n8n/community-nodes/credential-password-field': "error";
+                '@n8n/community-nodes/no-deprecated-workflow-functions': "error";
+                '@n8n/community-nodes/node-usable-as-tool': "error";
+                '@n8n/community-nodes/package-name-convention': "error";
+                '@n8n/community-nodes/credential-test-required': "error";
+                '@n8n/community-nodes/no-credential-reuse': "error";
+                '@n8n/community-nodes/icon-validation': "error";
+                '@n8n/community-nodes/credential-documentation-url': "error";
+                '@n8n/community-nodes/resource-operation-pattern': "warn";
+            };
+        };
+    };
+    meta: {
+        name: string;
+        version: string;
+        namespace: string;
+    };
+    rules: ESLint.Plugin["rules"];
+};
+declare const n8nCommunityNodesPlugin: {
+    configs: {
+        recommended: {
+            ignores: string[];
+            plugins: {
+                '@n8n/community-nodes': {
+                    meta: {
+                        name: string;
+                        version: string;
+                        namespace: string;
+                    };
+                    rules: ESLint.Plugin["rules"];
+                };
+            };
+            rules: {
+                '@n8n/community-nodes/no-restricted-globals': "error";
+                '@n8n/community-nodes/no-restricted-imports': "error";
+                '@n8n/community-nodes/credential-password-field': "error";
+                '@n8n/community-nodes/no-deprecated-workflow-functions': "error";
+                '@n8n/community-nodes/node-usable-as-tool': "error";
+                '@n8n/community-nodes/package-name-convention': "error";
+                '@n8n/community-nodes/credential-test-required': "error";
+                '@n8n/community-nodes/no-credential-reuse': "error";
+                '@n8n/community-nodes/icon-validation': "error";
+                '@n8n/community-nodes/resource-operation-pattern': "warn";
+                '@n8n/community-nodes/credential-documentation-url': "error";
+            };
+        };
+        recommendedWithoutN8nCloudSupport: {
+            ignores: string[];
+            plugins: {
+                '@n8n/community-nodes': {
+                    meta: {
+                        name: string;
+                        version: string;
+                        namespace: string;
+                    };
+                    rules: ESLint.Plugin["rules"];
+                };
+            };
+            rules: {
+                '@n8n/community-nodes/credential-password-field': "error";
+                '@n8n/community-nodes/no-deprecated-workflow-functions': "error";
+                '@n8n/community-nodes/node-usable-as-tool': "error";
+                '@n8n/community-nodes/package-name-convention': "error";
+                '@n8n/community-nodes/credential-test-required': "error";
+                '@n8n/community-nodes/no-credential-reuse': "error";
+                '@n8n/community-nodes/icon-validation': "error";
+                '@n8n/community-nodes/credential-documentation-url': "error";
+                '@n8n/community-nodes/resource-operation-pattern': "warn";
+            };
+        };
+    };
+    meta: {
+        name: string;
+        version: string;
+        namespace: string;
+    };
+    rules: ESLint.Plugin["rules"];
+};
+export default pluginWithConfigs;
+export { rules, configs, n8nCommunityNodesPlugin };
+//# sourceMappingURL=plugin.d.ts.map

package/dist/plugin.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"plugin.d.ts","sourceRoot":"","sources":["../src/plugin.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAU,MAAM,QAAQ,CAAC;AAG7C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAYzC,QAAA,MAAM,OAAO;;;;;;;;;;uBAHI,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;uBAAtB,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;;;;;;;;;;;;;;;CAwCE,CAAC;AAE1C,QAAA,MAAM,iBAAiB;;;;;;;;;;;2BA1CN,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;2BAAtB,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;;;;;;;;;;;;;;;;;;;;;WAAtB,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;CA0CiC,CAAC;AAEzE,QAAA,MAAM,uBAAuB;;;;;;;;;;;2BA5CZ,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;2BAAtB,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;;;;;;;;;;;;;;;;;;;;;WAAtB,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;CA4CU,CAAC;AAClD,eAAe,iBAAiB,CAAC;AACjC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,uBAAuB,EAAE,CAAC"}

package/dist/plugin.js

@@ -0,0 +1,54 @@
+import pkg from '../package.json' with { type: 'json' };
+import { rules } from './rules/index.js';
+const plugin = {
+    meta: {
+        name: pkg.name,
+        version: pkg.version,
+        namespace: '@n8n/community-nodes',
+    },
+    // @ts-expect-error Rules type does not match for typescript-eslint and eslint
+    rules: rules,
+};
+const configs = {
+    recommended: {
+        ignores: ['eslint.config.{js,mjs,ts,mts}'],
+        plugins: {
+            '@n8n/community-nodes': plugin,
+        },
+        rules: {
+            '@n8n/community-nodes/no-restricted-globals': 'error',
+            '@n8n/community-nodes/no-restricted-imports': 'error',
+            '@n8n/community-nodes/credential-password-field': 'error',
+            '@n8n/community-nodes/no-deprecated-workflow-functions': 'error',
+            '@n8n/community-nodes/node-usable-as-tool': 'error',
+            '@n8n/community-nodes/package-name-convention': 'error',
+            '@n8n/community-nodes/credential-test-required': 'error',
+            '@n8n/community-nodes/no-credential-reuse': 'error',
+            '@n8n/community-nodes/icon-validation': 'error',
+            '@n8n/community-nodes/resource-operation-pattern': 'warn',
+            '@n8n/community-nodes/credential-documentation-url': 'error',
+        },
+    },
+    recommendedWithoutN8nCloudSupport: {
+        ignores: ['eslint.config.{js,mjs,ts,mts}'],
+        plugins: {
+            '@n8n/community-nodes': plugin,
+        },
+        rules: {
+            '@n8n/community-nodes/credential-password-field': 'error',
+            '@n8n/community-nodes/no-deprecated-workflow-functions': 'error',
+            '@n8n/community-nodes/node-usable-as-tool': 'error',
+            '@n8n/community-nodes/package-name-convention': 'error',
+            '@n8n/community-nodes/credential-test-required': 'error',
+            '@n8n/community-nodes/no-credential-reuse': 'error',
+            '@n8n/community-nodes/icon-validation': 'error',
+            '@n8n/community-nodes/credential-documentation-url': 'error',
+            '@n8n/community-nodes/resource-operation-pattern': 'warn',
+        },
+    },
+};
+const pluginWithConfigs = { ...plugin, configs };
+const n8nCommunityNodesPlugin = pluginWithConfigs;
+export default pluginWithConfigs;
+export { rules, configs, n8nCommunityNodesPlugin };
+//# sourceMappingURL=plugin.js.map

package/dist/plugin.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"plugin.js","sourceRoot":"","sources":["../src/plugin.ts"],"names":[],"mappings":"AAEA,OAAO,GAAG,MAAM,iBAAiB,CAAC,OAAO,IAAI,EAAE,MAAM,EAAE,CAAC;AACxD,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEzC,MAAM,MAAM,GAAG;IACd,IAAI,EAAE;QACL,IAAI,EAAE,GAAG,CAAC,IAAI;QACd,OAAO,EAAE,GAAG,CAAC,OAAO;QACpB,SAAS,EAAE,sBAAsB;KACjC;IACD,8EAA8E;IAC9E,KAAK,EAAE,KAA+B;CACd,CAAC;AAE1B,MAAM,OAAO,GAAG;IACf,WAAW,EAAE;QACZ,OAAO,EAAE,CAAC,+BAA+B,CAAC;QAC1C,OAAO,EAAE;YACR,sBAAsB,EAAE,MAAM;SAC9B;QACD,KAAK,EAAE;YACN,4CAA4C,EAAE,OAAO;YACrD,4CAA4C,EAAE,OAAO;YACrD,gDAAgD,EAAE,OAAO;YACzD,uDAAuD,EAAE,OAAO;YAChE,0CAA0C,EAAE,OAAO;YACnD,8CAA8C,EAAE,OAAO;YACvD,+CAA+C,EAAE,OAAO;YACxD,0CAA0C,EAAE,OAAO;YACnD,sCAAsC,EAAE,OAAO;YAC/C,iDAAiD,EAAE,MAAM;YACzD,mDAAmD,EAAE,OAAO;SAC5D;KACD;IACD,iCAAiC,EAAE;QAClC,OAAO,EAAE,CAAC,+BAA+B,CAAC;QAC1C,OAAO,EAAE;YACR,sBAAsB,EAAE,MAAM;SAC9B;QACD,KAAK,EAAE;YACN,gDAAgD,EAAE,OAAO;YACzD,uDAAuD,EAAE,OAAO;YAChE,0CAA0C,EAAE,OAAO;YACnD,8CAA8C,EAAE,OAAO;YACvD,+CAA+C,EAAE,OAAO;YACxD,0CAA0C,EAAE,OAAO;YACnD,sCAAsC,EAAE,OAAO;YAC/C,mDAAmD,EAAE,OAAO;YAC5D,iDAAiD,EAAE,MAAM;SACzD;KACD;CACuC,CAAC;AAE1C,MAAM,iBAAiB,GAAG,EAAE,GAAG,MAAM,EAAE,OAAO,EAA0B,CAAC;AAEzE,MAAM,uBAAuB,GAAG,iBAAiB,CAAC;AAClD,eAAe,iBAAiB,CAAC;AACjC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,uBAAuB,EAAE,CAAC"}

package/dist/rules/credential-documentation-url.d.ts

@@ -0,0 +1,7 @@
+type RuleOptions = {
+    allowUrls?: boolean;
+    allowSlugs?: boolean;
+};
+export declare const CredentialDocumentationUrlRule: import("@typescript-eslint/utils/ts-eslint").RuleModule<"invalidDocumentationUrl", [RuleOptions], unknown, import("@typescript-eslint/utils/ts-eslint").RuleListener>;
+export {};
+//# sourceMappingURL=credential-documentation-url.d.ts.map

package/dist/rules/credential-documentation-url.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-documentation-url.d.ts","sourceRoot":"","sources":["../../src/rules/credential-documentation-url.ts"],"names":[],"mappings":"AAOA,KAAK,WAAW,GAAG;IAClB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;CACrB,CAAC;AA+CF,eAAO,MAAM,8BAA8B,uKAuEzC,CAAC"}

package/dist/rules/credential-documentation-url.js

@@ -0,0 +1,100 @@
+import { isCredentialTypeClass, findClassProperty, getStringLiteralValue, createRule, } from '../utils/index.js';
+const DEFAULT_OPTIONS = {
+    allowUrls: true,
+    allowSlugs: false,
+};
+function isValidUrl(value) {
+    try {
+        new URL(value);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+function isValidSlug(value) {
+    // TODO: Remove this special case once these slugs are updated
+    if (['google/service-account', 'google/oauth-single-service', 'google/oauth-generic'].includes(value))
+        return true;
+    return value.split('/').every((segment) => /^[a-z][a-z0-9]*$/.test(segment));
+}
+function hasOnlyCaseIssues(value) {
+    return value.split('/').every((segment) => /^[a-zA-Z][a-zA-Z0-9]*$/.test(segment));
+}
+function validateDocumentationUrl(value, options) {
+    return (!!options.allowUrls && isValidUrl(value)) || (!!options.allowSlugs && isValidSlug(value));
+}
+function getExpectedFormatsMessage(options) {
+    const formats = [
+        ...(options.allowUrls ? ['a valid URL'] : []),
+        ...(options.allowSlugs ? ['a lowercase alphanumeric slug (can contain slashes)'] : []),
+    ];
+    if (formats.length === 0)
+        return 'a valid format (none configured)';
+    if (formats.length === 1)
+        return formats[0];
+    return formats.slice(0, -1).join(', ') + ' or ' + formats[formats.length - 1];
+}
+export const CredentialDocumentationUrlRule = createRule({
+    name: 'credential-documentation-url',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Enforce valid credential documentationUrl format (URL or lowercase alphanumeric slug)',
+        },
+        messages: {
+            invalidDocumentationUrl: "documentationUrl '{{ value }}' must be {{ expectedFormats }}",
+        },
+        fixable: 'code',
+        schema: [
+            {
+                type: 'object',
+                properties: {
+                    allowUrls: {
+                        type: 'boolean',
+                        description: 'Whether to allow valid URLs',
+                    },
+                    allowSlugs: {
+                        type: 'boolean',
+                        description: 'Whether to allow lowercase alphanumeric slugs with slashes',
+                    },
+                },
+                additionalProperties: false,
+            },
+        ],
+    },
+    defaultOptions: [DEFAULT_OPTIONS],
+    create(context, [options = {}]) {
+        const mergedOptions = { ...DEFAULT_OPTIONS, ...options };
+        return {
+            ClassDeclaration(node) {
+                if (!isCredentialTypeClass(node)) {
+                    return;
+                }
+                const documentationUrlProperty = findClassProperty(node, 'documentationUrl');
+                if (!documentationUrlProperty?.value) {
+                    return;
+                }
+                const documentationUrl = getStringLiteralValue(documentationUrlProperty.value);
+                if (documentationUrl === null) {
+                    return;
+                }
+                if (!validateDocumentationUrl(documentationUrl, mergedOptions)) {
+                    const canAutofix = !!mergedOptions.allowSlugs && hasOnlyCaseIssues(documentationUrl);
+                    context.report({
+                        node: documentationUrlProperty.value,
+                        messageId: 'invalidDocumentationUrl',
+                        data: {
+                            value: documentationUrl,
+                            expectedFormats: getExpectedFormatsMessage(mergedOptions),
+                        },
+                        fix: canAutofix
+                            ? (fixer) => fixer.replaceText(documentationUrlProperty.value, `'${documentationUrl.toLowerCase()}'`)
+                            : undefined,
+                    });
+                }
+            },
+        };
+    },
+});
+//# sourceMappingURL=credential-documentation-url.js.map

package/dist/rules/credential-documentation-url.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-documentation-url.js","sourceRoot":"","sources":["../../src/rules/credential-documentation-url.ts"],"names":[],"mappings":"AAAA,OAAO,EACN,qBAAqB,EACrB,iBAAiB,EACjB,qBAAqB,EACrB,UAAU,GACV,MAAM,mBAAmB,CAAC;AAO3B,MAAM,eAAe,GAAgB;IACpC,SAAS,EAAE,IAAI;IACf,UAAU,EAAE,KAAK;CACjB,CAAC;AAEF,SAAS,UAAU,CAAC,KAAa;IAChC,IAAI,CAAC;QACJ,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;QACf,OAAO,IAAI,CAAC;IACb,CAAC;IAAC,MAAM,CAAC;QACR,OAAO,KAAK,CAAC;IACd,CAAC;AACF,CAAC;AAED,SAAS,WAAW,CAAC,KAAa;IACjC,8DAA8D;IAC9D,IACC,CAAC,wBAAwB,EAAE,6BAA6B,EAAE,sBAAsB,CAAC,CAAC,QAAQ,CACzF,KAAK,CACL;QAED,OAAO,IAAI,CAAC;IAEb,OAAO,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AAC9E,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAa;IACvC,OAAO,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,wBAAwB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACpF,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAa,EAAE,OAAoB;IACpE,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC;AACnG,CAAC;AAED,SAAS,yBAAyB,CAAC,OAAoB;IACtD,MAAM,OAAO,GAAG;QACf,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7C,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,qDAAqD,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KACtF,CAAC;IAEF,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,kCAAkC,CAAC;IACpE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC,CAAC,CAAE,CAAC;IAC7C,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AAC/E,CAAC;AAED,MAAM,CAAC,MAAM,8BAA8B,GAAG,UAAU,CAAC;IACxD,IAAI,EAAE,8BAA8B;IACpC,IAAI,EAAE;QACL,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACL,WAAW,EACV,uFAAuF;SACxF;QACD,QAAQ,EAAE;YACT,uBAAuB,EAAE,8DAA8D;SACvF;QACD,OAAO,EAAE,MAAM;QACf,MAAM,EAAE;YACP;gBACC,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACX,SAAS,EAAE;wBACV,IAAI,EAAE,SAAS;wBACf,WAAW,EAAE,6BAA6B;qBAC1C;oBACD,UAAU,EAAE;wBACX,IAAI,EAAE,SAAS;wBACf,WAAW,EAAE,4DAA4D;qBACzE;iBACD;gBACD,oBAAoB,EAAE,KAAK;aAC3B;SACD;KACD;IACD,cAAc,EAAE,CAAC,eAAe,CAAC;IACjC,MAAM,CAAC,OAAO,EAAE,CAAC,OAAO,GAAG,EAAE,CAAC;QAC7B,MAAM,aAAa,GAAG,EAAE,GAAG,eAAe,EAAE,GAAG,OAAO,EAAE,CAAC;QAEzD,OAAO;YACN,gBAAgB,CAAC,IAAI;gBACpB,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAClC,OAAO;gBACR,CAAC;gBAED,MAAM,wBAAwB,GAAG,iBAAiB,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;gBAC7E,IAAI,CAAC,wBAAwB,EAAE,KAAK,EAAE,CAAC;oBACtC,OAAO;gBACR,CAAC;gBAED,MAAM,gBAAgB,GAAG,qBAAqB,CAAC,wBAAwB,CAAC,KAAK,CAAC,CAAC;gBAC/E,IAAI,gBAAgB,KAAK,IAAI,EAAE,CAAC;oBAC/B,OAAO;gBACR,CAAC;gBAED,IAAI,CAAC,wBAAwB,CAAC,gBAAgB,EAAE,aAAa,CAAC,EAAE,CAAC;oBAChE,MAAM,UAAU,GAAG,CAAC,CAAC,aAAa,CAAC,UAAU,IAAI,iBAAiB,CAAC,gBAAgB,CAAC,CAAC;oBAErF,OAAO,CAAC,MAAM,CAAC;wBACd,IAAI,EAAE,wBAAwB,CAAC,KAAK;wBACpC,SAAS,EAAE,yBAAyB;wBACpC,IAAI,EAAE;4BACL,KAAK,EAAE,gBAAgB;4BACvB,eAAe,EAAE,yBAAyB,CAAC,aAAa,CAAC;yBACzD;wBACD,GAAG,EAAE,UAAU;4BACd,CAAC,CAAC,CAAC,KAAK,EAAE,EAAE,CACV,KAAK,CAAC,WAAW,CAChB,wBAAwB,CAAC,KAAM,EAC/B,IAAI,gBAAgB,CAAC,WAAW,EAAE,GAAG,CACrC;4BACH,CAAC,CAAC,SAAS;qBACZ,CAAC,CAAC;gBACJ,CAAC;YACF,CAAC;SACD,CAAC;IACH,CAAC;CACD,CAAC,CAAC"}

package/dist/rules/credential-password-field.d.ts

@@ -0,0 +1,2 @@
+export declare const CredentialPasswordFieldRule: import("@typescript-eslint/utils/ts-eslint").RuleModule<"missingPasswordOption", [], unknown, import("@typescript-eslint/utils/ts-eslint").RuleListener>;
+//# sourceMappingURL=credential-password-field.d.ts.map

package/dist/rules/credential-password-field.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-password-field.d.ts","sourceRoot":"","sources":["../../src/rules/credential-password-field.ts"],"names":[],"mappings":"AAoFA,eAAO,MAAM,2BAA2B,0JAwDtC,CAAC"}

package/dist/rules/credential-password-field.js

@@ -0,0 +1,108 @@
+import { TSESTree } from '@typescript-eslint/types';
+import { isCredentialTypeClass, findClassProperty, findObjectProperty, getStringLiteralValue, getBooleanLiteralValue, createRule, } from '../utils/index.js';
+const SENSITIVE_PATTERNS = [
+    'password',
+    'secret',
+    'token',
+    'cert',
+    'passphrase',
+    'apikey',
+    'secretkey',
+    'privatekey',
+    'authkey',
+];
+const NON_SENSITIVE_PATTERNS = ['url', 'pub', 'id'];
+function isSensitiveFieldName(name) {
+    const lowerName = name.toLowerCase();
+    if (NON_SENSITIVE_PATTERNS.some((pattern) => lowerName.includes(pattern))) {
+        return false;
+    }
+    return SENSITIVE_PATTERNS.some((pattern) => lowerName.includes(pattern));
+}
+function hasPasswordTypeOption(element) {
+    const typeOptionsProperty = findObjectProperty(element, 'typeOptions');
+    if (typeOptionsProperty?.value.type !== TSESTree.AST_NODE_TYPES.ObjectExpression) {
+        return false;
+    }
+    const passwordProperty = findObjectProperty(typeOptionsProperty.value, 'password');
+    const passwordValue = passwordProperty ? getBooleanLiteralValue(passwordProperty.value) : null;
+    return passwordValue === true;
+}
+function createPasswordFix(element, typeOptionsProperty) {
+    return (fixer) => {
+        if (typeOptionsProperty?.value.type === TSESTree.AST_NODE_TYPES.ObjectExpression) {
+            const passwordProperty = findObjectProperty(typeOptionsProperty.value, 'password');
+            if (passwordProperty) {
+                return fixer.replaceText(passwordProperty.value, 'true');
+            }
+            const objectValue = typeOptionsProperty.value;
+            if (objectValue.properties.length > 0) {
+                const lastProperty = objectValue.properties[objectValue.properties.length - 1];
+                if (lastProperty) {
+                    return fixer.insertTextAfter(lastProperty, ', password: true');
+                }
+            }
+            else {
+                const range = objectValue.range;
+                if (range) {
+                    const openBrace = range[0] + 1;
+                    return fixer.insertTextAfterRange([openBrace, openBrace], ' password: true ');
+                }
+            }
+        }
+        const lastProperty = element.properties[element.properties.length - 1];
+        if (lastProperty) {
+            return fixer.insertTextAfter(lastProperty, ',\n\t\t\ttypeOptions: { password: true }');
+        }
+        return null;
+    };
+}
+export const CredentialPasswordFieldRule = createRule({
+    name: 'credential-password-field',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Ensure credential fields with sensitive names have typeOptions.password = true',
+        },
+        messages: {
+            missingPasswordOption: "Field '{{ fieldName }}' appears to be a sensitive field but is missing 'typeOptions: { password: true }'",
+        },
+        fixable: 'code',
+        schema: [],
+    },
+    defaultOptions: [],
+    create(context) {
+        return {
+            ClassDeclaration(node) {
+                if (!isCredentialTypeClass(node)) {
+                    return;
+                }
+                const propertiesProperty = findClassProperty(node, 'properties');
+                if (!propertiesProperty?.value ||
+                    propertiesProperty.value.type !== TSESTree.AST_NODE_TYPES.ArrayExpression) {
+                    return;
+                }
+                for (const element of propertiesProperty.value.elements) {
+                    if (element?.type !== TSESTree.AST_NODE_TYPES.ObjectExpression) {
+                        continue;
+                    }
+                    const nameProperty = findObjectProperty(element, 'name');
+                    const fieldName = nameProperty ? getStringLiteralValue(nameProperty.value) : null;
+                    if (!fieldName || !isSensitiveFieldName(fieldName)) {
+                        continue;
+                    }
+                    if (!hasPasswordTypeOption(element)) {
+                        const typeOptionsProperty = findObjectProperty(element, 'typeOptions');
+                        context.report({
+                            node: element,
+                            messageId: 'missingPasswordOption',
+                            data: { fieldName },
+                            fix: createPasswordFix(element, typeOptionsProperty),
+                        });
+                    }
+                }
+            },
+        };
+    },
+});
+//# sourceMappingURL=credential-password-field.js.map

package/dist/rules/credential-password-field.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-password-field.js","sourceRoot":"","sources":["../../src/rules/credential-password-field.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAGpD,OAAO,EACN,qBAAqB,EACrB,iBAAiB,EACjB,kBAAkB,EAClB,qBAAqB,EACrB,sBAAsB,EACtB,UAAU,GACV,MAAM,mBAAmB,CAAC;AAE3B,MAAM,kBAAkB,GAAG;IAC1B,UAAU;IACV,QAAQ;IACR,OAAO;IACP,MAAM;IACN,YAAY;IACZ,QAAQ;IACR,WAAW;IACX,YAAY;IACZ,SAAS;CACT,CAAC;AAEF,MAAM,sBAAsB,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;AAEpD,SAAS,oBAAoB,CAAC,IAAY;IACzC,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAErC,IAAI,sBAAsB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QAC3E,OAAO,KAAK,CAAC;IACd,CAAC;IAED,OAAO,kBAAkB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,qBAAqB,CAAC,OAAkC;IAChE,MAAM,mBAAmB,GAAG,kBAAkB,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IAEvE,IAAI,mBAAmB,EAAE,KAAK,CAAC,IAAI,KAAK,QAAQ,CAAC,cAAc,CAAC,gBAAgB,EAAE,CAAC;QAClF,OAAO,KAAK,CAAC;IACd,CAAC;IAED,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,mBAAmB,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;IACnF,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC,sBAAsB,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAE/F,OAAO,aAAa,KAAK,IAAI,CAAC;AAC/B,CAAC;AAED,SAAS,iBAAiB,CACzB,OAAkC,EAClC,mBAA6C;IAE7C,OAAO,CAAC,KAAK,EAAE,EAAE;QAChB,IAAI,mBAAmB,EAAE,KAAK,CAAC,IAAI,KAAK,QAAQ,CAAC,cAAc,CAAC,gBAAgB,EAAE,CAAC;YAClF,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,mBAAmB,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;YAEnF,IAAI,gBAAgB,EAAE,CAAC;gBACtB,OAAO,KAAK,CAAC,WAAW,CAAC,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAC1D,CAAC;YAED,MAAM,WAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC;YAC9C,IAAI,WAAW,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACvC,MAAM,YAAY,GAAG,WAAW,CAAC,UAAU,CAAC,WAAW,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;gBAC/E,IAAI,YAAY,EAAE,CAAC;oBAClB,OAAO,KAAK,CAAC,eAAe,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAC;gBAChE,CAAC;YACF,CAAC;iBAAM,CAAC;gBACP,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC;gBAChC,IAAI,KAAK,EAAE,CAAC;oBACX,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;oBAC/B,OAAO,KAAK,CAAC,oBAAoB,CAAC,CAAC,SAAS,EAAE,SAAS,CAAC,EAAE,kBAAkB,CAAC,CAAC;gBAC/E,CAAC;YACF,CAAC;QACF,CAAC;QAED,MAAM,YAAY,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACvE,IAAI,YAAY,EAAE,CAAC;YAClB,OAAO,KAAK,CAAC,eAAe,CAAC,YAAY,EAAE,0CAA0C,CAAC,CAAC;QACxF,CAAC;QACD,OAAO,IAAI,CAAC;IACb,CAAC,CAAC;AACH,CAAC;AAED,MAAM,CAAC,MAAM,2BAA2B,GAAG,UAAU,CAAC;IACrD,IAAI,EAAE,2BAA2B;IACjC,IAAI,EAAE;QACL,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACL,WAAW,EAAE,gFAAgF;SAC7F;QACD,QAAQ,EAAE;YACT,qBAAqB,EACpB,0GAA0G;SAC3G;QACD,OAAO,EAAE,MAAM;QACf,MAAM,EAAE,EAAE;KACV;IACD,cAAc,EAAE,EAAE;IAClB,MAAM,CAAC,OAAO;QACb,OAAO;YACN,gBAAgB,CAAC,IAAI;gBACpB,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAClC,OAAO;gBACR,CAAC;gBAED,MAAM,kBAAkB,GAAG,iBAAiB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;gBACjE,IACC,CAAC,kBAAkB,EAAE,KAAK;oBAC1B,kBAAkB,CAAC,KAAK,CAAC,IAAI,KAAK,QAAQ,CAAC,cAAc,CAAC,eAAe,EACxE,CAAC;oBACF,OAAO;gBACR,CAAC;gBAED,KAAK,MAAM,OAAO,IAAI,kBAAkB,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;oBACzD,IAAI,OAAO,EAAE,IAAI,KAAK,QAAQ,CAAC,cAAc,CAAC,gBAAgB,EAAE,CAAC;wBAChE,SAAS;oBACV,CAAC;oBAED,MAAM,YAAY,GAAG,kBAAkB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;oBACzD,MAAM,SAAS,GAAG,YAAY,CAAC,CAAC,CAAC,qBAAqB,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;oBAElF,IAAI,CAAC,SAAS,IAAI,CAAC,oBAAoB,CAAC,SAAS,CAAC,EAAE,CAAC;wBACpD,SAAS;oBACV,CAAC;oBAED,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,EAAE,CAAC;wBACrC,MAAM,mBAAmB,GAAG,kBAAkB,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;wBAEvE,OAAO,CAAC,MAAM,CAAC;4BACd,IAAI,EAAE,OAAO;4BACb,SAAS,EAAE,uBAAuB;4BAClC,IAAI,EAAE,EAAE,SAAS,EAAE;4BACnB,GAAG,EAAE,iBAAiB,CAAC,OAAO,EAAE,mBAAmB,CAAC;yBACpD,CAAC,CAAC;oBACJ,CAAC;gBACF,CAAC;YACF,CAAC;SACD,CAAC;IACH,CAAC;CACD,CAAC,CAAC"}

package/dist/rules/credential-test-required.d.ts

@@ -0,0 +1,2 @@
+export declare const CredentialTestRequiredRule: import("@typescript-eslint/utils/ts-eslint").RuleModule<"addTemplate" | "missingCredentialTest", [], unknown, import("@typescript-eslint/utils/ts-eslint").RuleListener>;
+//# sourceMappingURL=credential-test-required.d.ts.map

package/dist/rules/credential-test-required.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-test-required.d.ts","sourceRoot":"","sources":["../../src/rules/credential-test-required.ts"],"names":[],"mappings":"AAcA,eAAO,MAAM,0BAA0B,0KAyHrC,CAAC"}