@critiq/rules 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/catalog.yaml +617 -0
- package/package.json +1 -1
- package/rules/go/go.correctness.defer-close-before-check.rule.yaml +44 -0
- package/rules/go/go.correctness.defer-in-loop.rule.yaml +47 -0
- package/rules/go/go.correctness.nil-context-passed.rule.yaml +43 -0
- package/rules/go/go.correctness.nil-map-assignment.rule.yaml +42 -0
- package/rules/go/go.correctness.time-tick-leak.rule.yaml +44 -0
- package/rules/go/go.correctness.unused-append-result.rule.yaml +43 -0
- package/rules/go/go.correctness.waitgroup-add-in-goroutine.rule.yaml +45 -0
- package/rules/go/go.security.bind-all-interfaces.rule.yaml +57 -0
- package/rules/go/go.security.echo-sensitive-binding-without-validation.rule.yaml +10 -0
- package/rules/go/go.security.echo-unsafe-multipart-upload.rule.yaml +10 -0
- package/rules/go/go.security.fiber-sensitive-binding-without-validation.rule.yaml +10 -0
- package/rules/go/go.security.fiber-unsafe-multipart-upload.rule.yaml +10 -0
- package/rules/go/go.security.gin-sensitive-binding-without-validation.rule.yaml +10 -0
- package/rules/go/go.security.gin-trust-all-proxies.rule.yaml +10 -0
- package/rules/go/go.security.gin-wildcard-cors-with-credentials.rule.yaml +10 -0
- package/rules/go/go.security.insecure-rand-seed.rule.yaml +55 -0
- package/rules/go/go.security.insecure-ssh-host-key.rule.yaml +57 -0
- package/rules/go/go.security.insecure-ssl-protocol.rule.yaml +56 -0
- package/rules/go/go.security.insecure-temp-file.rule.yaml +57 -0
- package/rules/go/go.security.jwt-without-verification.rule.yaml +56 -0
- package/rules/go/go.security.net-http-missing-timeouts.rule.yaml +10 -0
- package/rules/go/go.security.pprof-exposed.rule.yaml +56 -0
- package/rules/go/go.security.sensitive-data-egress.rule.yaml +10 -0
- package/rules/go/go.security.tar-path-traversal.rule.yaml +10 -0
- package/rules/go/go.security.template-unescaped-request-value.rule.yaml +10 -0
- package/rules/go/go.security.tls-missing-min-version.rule.yaml +55 -0
- package/rules/go/go.security.unsafe-package-import.rule.yaml +55 -0
- package/rules/go/go.security.weak-bcrypt-cost.rule.yaml +56 -0
- package/rules/go/go.security.weak-crypto-import.rule.yaml +57 -0
- package/rules/go/go.security.weak-rsa-key-size.rule.yaml +57 -0
- package/rules/go/go.security.weak-tls-cipher.rule.yaml +56 -0
- package/rules/java/java.correctness.catch-null-pointer.rule.yaml +40 -0
- package/rules/java/java.correctness.empty-catch.rule.yaml +40 -0
- package/rules/java/java.correctness.equals-on-array.rule.yaml +40 -0
- package/rules/java/java.correctness.return-in-finally.rule.yaml +40 -0
- package/rules/java/java.correctness.sync-on-string-literal.rule.yaml +40 -0
- package/rules/java/java.correctness.unsafe-optional-get.rule.yaml +40 -0
- package/rules/java/java.security.android-screenshot-exposure.rule.yaml +13 -0
- package/rules/java/java.security.android-world-readable-mode.rule.yaml +13 -0
- package/rules/java/java.security.hibernate-sql-concatenation.rule.yaml +62 -0
- package/rules/java/java.security.insecure-cipher-mode.rule.yaml +52 -0
- package/rules/java/java.security.insecure-network-protocol.rule.yaml +52 -0
- package/rules/java/java.security.insecure-ssl-context.rule.yaml +52 -0
- package/rules/java/java.security.jpa-concatenated-query.rule.yaml +13 -0
- package/rules/java/java.security.jwt-without-verification.rule.yaml +53 -0
- package/rules/java/java.security.null-cipher.rule.yaml +52 -0
- package/rules/java/java.security.permissive-cors.rule.yaml +53 -0
- package/rules/java/java.security.predictable-securerandom.rule.yaml +59 -0
- package/rules/java/java.security.reflected-output-from-request.rule.yaml +10 -0
- package/rules/java/java.security.servlet-insecure-cookie.rule.yaml +13 -0
- package/rules/java/java.security.shell-runtime-exec.rule.yaml +58 -0
- package/rules/java/java.security.spring-actuator-health-details-always.rule.yaml +13 -0
- package/rules/java/java.security.spring-actuator-sensitive-exposure.rule.yaml +13 -0
- package/rules/java/java.security.spring-csrf-globally-disabled.rule.yaml +13 -0
- package/rules/java/java.security.spring-debug-exposure.rule.yaml +13 -0
- package/rules/java/java.security.spring-permit-all-default.rule.yaml +13 -0
- package/rules/java/java.security.spring-webmvc-unrestricted-data-binding.rule.yaml +13 -0
- package/rules/java/java.security.template-unescaped-user-output.rule.yaml +10 -0
- package/rules/java/java.security.trust-all-certificates.rule.yaml +52 -0
- package/rules/java/java.security.unsafe-jackson-deserialization.rule.yaml +59 -0
- package/rules/java/java.security.weak-rsa-key-size.rule.yaml +54 -0
- package/rules/java/java.security.xxe-document-builder.rule.yaml +59 -0
- package/rules/java/java.security.xxe-xml-input-factory.rule.yaml +59 -0
- package/rules/php/php.correctness.duplicate-array-key.rule.yaml +36 -0
- package/rules/php/php.correctness.error-suppression-operator.rule.yaml +36 -0
- package/rules/php/php.correctness.nullsafe-returned-by-reference.rule.yaml +36 -0
- package/rules/php/php.correctness.switch-multiple-default.rule.yaml +36 -0
- package/rules/php/php.correctness.unreachable-after-return.rule.yaml +36 -0
- package/rules/php/php.security.debug-function-exposure.rule.yaml +55 -0
- package/rules/php/php.security.insecure-cors-wildcard-with-credentials.rule.yaml +10 -0
- package/rules/php/php.security.insecure-mail-or-file-transport.rule.yaml +10 -0
- package/rules/php/php.security.insecure-session-id-generation.rule.yaml +51 -0
- package/rules/php/php.security.insecure-session-or-cookie-config.rule.yaml +10 -0
- package/rules/php/php.security.laravel-sensitive-csrf-exclusion.rule.yaml +13 -0
- package/rules/php/php.security.laravel-unsafe-blade-output.rule.yaml +13 -0
- package/rules/php/php.security.laravel-unsafe-mass-assignment.rule.yaml +13 -0
- package/rules/php/php.security.no-dynamic-eval.rule.yaml +52 -0
- package/rules/php/php.security.sensitive-data-egress.rule.yaml +10 -0
- package/rules/php/php.security.symfony-csrf-disabled.rule.yaml +13 -0
- package/rules/php/php.security.symfony-debug-exposure.rule.yaml +13 -0
- package/rules/php/php.security.unsafe-file-upload-handling.rule.yaml +10 -0
- package/rules/php/php.security.unsafe-include-with-user-input.rule.yaml +52 -0
- package/rules/php/php.security.weak-cipher.rule.yaml +51 -0
- package/rules/php/php.security.wordpress-missing-nonce-or-capability.rule.yaml +13 -0
- package/rules/php/php.security.wordpress-unprepared-sql.rule.yaml +13 -0
- package/rules/php/php.security.xml-external-entity.rule.yaml +53 -0
- package/rules/python/py.correctness.assert-on-tuple.rule.yaml +33 -0
- package/rules/python/py.correctness.bare-except.rule.yaml +33 -0
- package/rules/python/py.correctness.broad-exception-handler.rule.yaml +33 -0
- package/rules/python/py.correctness.dangerous-mutable-default.rule.yaml +33 -0
- package/rules/python/py.correctness.duplicate-dict-key.rule.yaml +33 -0
- package/rules/python/py.security.bind-all-interfaces.rule.yaml +55 -0
- package/rules/python/py.security.debugger-import.rule.yaml +55 -0
- package/rules/python/py.security.django-csrf-exempt-state-changing.rule.yaml +13 -0
- package/rules/python/py.security.django-format-html-unsafe.rule.yaml +56 -0
- package/rules/python/py.security.django-mark-safe.rule.yaml +56 -0
- package/rules/python/py.security.django-missing-csrf-middleware.rule.yaml +13 -0
- package/rules/python/py.security.django-security-middleware-missing.rule.yaml +60 -0
- package/rules/python/py.security.django-unsafe-production-settings.rule.yaml +13 -0
- package/rules/python/py.security.drf-allow-any-default.rule.yaml +13 -0
- package/rules/python/py.security.drf-allow-any-unsafe-method.rule.yaml +13 -0
- package/rules/python/py.security.dynamic-code-execution.rule.yaml +55 -0
- package/rules/python/py.security.fastapi-insecure-cors.rule.yaml +13 -0
- package/rules/python/py.security.flask-debug-enabled.rule.yaml +56 -0
- package/rules/python/py.security.flask-missing-upload-body-limit.rule.yaml +13 -0
- package/rules/python/py.security.flask-unsafe-html-output.rule.yaml +13 -0
- package/rules/python/py.security.flask-unsafe-upload-filename.rule.yaml +13 -0
- package/rules/python/py.security.insecure-temp-file.rule.yaml +55 -0
- package/rules/python/py.security.insecure-yaml-load.rule.yaml +55 -0
- package/rules/python/py.security.jinja-autoescape-disabled.rule.yaml +58 -0
- package/rules/python/py.security.subprocess-shell-enabled.rule.yaml +55 -0
- package/rules/ruby/ruby.security.rails-csrf-disabled.rule.yaml +13 -0
- package/rules/ruby/ruby.security.rails-detailed-exceptions-enabled.rule.yaml +13 -0
- package/rules/ruby/ruby.security.rails-open-redirect.rule.yaml +13 -0
- package/rules/ruby/ruby.security.rails-unsafe-html-output.rule.yaml +13 -0
- package/rules/ruby/ruby.security.rails-unsafe-render.rule.yaml +13 -0
- package/rules/ruby/ruby.security.rails-unsafe-session-or-cookie-store.rule.yaml +13 -0
- package/rules/ruby/ruby.security.rails-unsafe-strong-parameters.rule.yaml +13 -0
- package/rules/ruby/ruby.security.sensitive-data-egress.rule.yaml +10 -0
- package/rules/ruby/ruby.security.sidekiq-web-unauthenticated-mount.rule.yaml +10 -0
- package/rules/rust/rust.correctness.block-on-in-async.rule.yaml +48 -0
- package/rules/rust/rust.correctness.forget-join-handle.rule.yaml +48 -0
- package/rules/rust/rust.correctness.mutex-held-across-await.rule.yaml +48 -0
- package/rules/rust/rust.correctness.std-mutex-in-async-fn.rule.yaml +48 -0
- package/rules/rust/rust.correctness.thread-sleep-in-async.rule.yaml +48 -0
- package/rules/rust/rust.correctness.unbounded-channel.rule.yaml +49 -0
- package/rules/rust/rust.correctness.unchecked-index.rule.yaml +46 -0
- package/rules/rust/rust.security.actix-wildcard-cors-with-credentials.rule.yaml +13 -0
- package/rules/rust/rust.security.axum-body-limit-disabled.rule.yaml +13 -0
- package/rules/rust/rust.security.axum-insecure-cors-with-credentials.rule.yaml +13 -0
- package/rules/rust/rust.security.bind-all-interfaces.rule.yaml +57 -0
- package/rules/rust/rust.security.insecure-ssh-host-key.rule.yaml +57 -0
- package/rules/rust/rust.security.insecure-ssl-protocol.rule.yaml +57 -0
- package/rules/rust/rust.security.insecure-temp-file.rule.yaml +57 -0
- package/rules/rust/rust.security.insecure-yaml-load.rule.yaml +57 -0
- package/rules/rust/rust.security.jwt-without-verification.rule.yaml +57 -0
- package/rules/rust/rust.security.panic-in-async-handler.rule.yaml +57 -0
- package/rules/rust/rust.security.rocket-panic-prone-request-handler.rule.yaml +13 -0
- package/rules/rust/rust.security.rocket-unsafe-template-output.rule.yaml +13 -0
- package/rules/rust/rust.security.shell-command-spawn.rule.yaml +57 -0
- package/rules/rust/rust.security.sqlx-diesel-raw-interpolated-query.rule.yaml +13 -0
- package/rules/rust/rust.security.template-unescaped-request-value.rule.yaml +10 -0
- package/rules/rust/rust.security.tls-missing-min-version.rule.yaml +57 -0
- package/rules/rust/rust.security.warp-blocking-or-panic-in-async-handler.rule.yaml +13 -0
- package/rules/rust/rust.security.weak-crypto-import.rule.yaml +55 -0
- package/rules/rust/rust.security.weak-rsa-key-size.rule.yaml +57 -0
- package/rules/rust/rust.security.weak-tls-cipher.rule.yaml +57 -0
- package/rules/shared/security.archive-path-traversal.rule.yaml +10 -0
- package/rules/shared/security.external-file-upload.rule.yaml +10 -0
- package/rules/shared/security.insecure-http-transport.rule.yaml +10 -0
- package/rules/shared/security.no-command-execution-with-request-input.rule.yaml +10 -0
- package/rules/shared/security.no-hardcoded-credentials.rule.yaml +10 -0
- package/rules/shared/security.no-request-path-file-read.rule.yaml +10 -0
- package/rules/shared/security.no-sensitive-data-in-logs-and-telemetry.rule.yaml +10 -0
- package/rules/shared/security.no-sql-interpolation.rule.yaml +10 -0
- package/rules/shared/security.permissive-file-permissions.rule.yaml +10 -0
- package/rules/shared/security.sensitive-data-egress.rule.yaml +10 -0
- package/rules/shared/security.tls-verification-disabled.rule.yaml +10 -0
- package/rules/shared/security.unsafe-deserialization.rule.yaml +10 -0
- package/rules/shared/security.weak-hash-algorithm.rule.yaml +10 -0
- package/rules/typescript/ts.correctness.array-callback-missing-return.rule.yaml +35 -0
- package/rules/typescript/ts.correctness.array-sort-without-compare.rule.yaml +35 -0
- package/rules/typescript/ts.correctness.control-flow-in-finally.rule.yaml +35 -0
- package/rules/typescript/ts.correctness.duplicate-if-else-condition.rule.yaml +35 -0
- package/rules/typescript/ts.correctness.for-in-on-array.rule.yaml +35 -0
- package/rules/typescript/ts.correctness.infinite-loop.rule.yaml +32 -0
- package/rules/typescript/ts.correctness.invalid-await-expression.rule.yaml +32 -0
- package/rules/typescript/ts.correctness.invalid-typeof-comparison.rule.yaml +35 -0
- package/rules/typescript/ts.correctness.missing-async-on-promise-method.rule.yaml +32 -0
- package/rules/typescript/ts.correctness.missing-super-call.rule.yaml +35 -0
- package/rules/typescript/ts.correctness.no-floating-promise-in-function.rule.yaml +32 -0
- package/rules/typescript/ts.correctness.no-misused-promises.rule.yaml +32 -0
- package/rules/typescript/ts.correctness.promise-reject-non-error.rule.yaml +35 -0
- package/rules/typescript/ts.correctness.this-before-super.rule.yaml +35 -0
- package/rules/typescript/ts.correctness.unnecessary-return-await.rule.yaml +32 -0
- package/rules/typescript/ts.correctness.use-number-is-nan.rule.yaml +35 -0
- package/rules/typescript/ts.next.server-action-missing-local-auth.rule.yaml +13 -0
- package/rules/typescript/ts.performance.no-await-in-loop.rule.yaml +32 -0
- package/rules/typescript/ts.quality.no-empty-function.rule.yaml +32 -0
- package/rules/typescript/ts.react.no-bind-in-jsx-props.rule.yaml +36 -0
- package/rules/typescript/ts.react.no-children-prop.rule.yaml +34 -0
- package/rules/typescript/ts.react.no-direct-state-mutation.rule.yaml +34 -0
- package/rules/typescript/ts.react.no-duplicate-jsx-attributes.rule.yaml +34 -0
- package/rules/typescript/ts.react.no-jsx-props-spread.rule.yaml +35 -0
- package/rules/typescript/ts.react.no-set-state-in-component-did-mount.rule.yaml +34 -0
- package/rules/typescript/ts.react.no-set-state-in-component-did-update.rule.yaml +34 -0
- package/rules/typescript/ts.react.no-target-blank-without-rel.rule.yaml +46 -0
- package/rules/typescript/ts.react.no-this-in-function-component.rule.yaml +34 -0
- package/rules/typescript/ts.runtime.no-process-exit.rule.yaml +44 -0
- package/rules/typescript/ts.security.ajv-insecure-configuration.rule.yaml +10 -0
- package/rules/typescript/ts.security.angular-dom-sanitizer-bypass-untrusted-input.rule.yaml +13 -0
- package/rules/typescript/ts.security.apollo-server-csrf-disabled.rule.yaml +16 -0
- package/rules/typescript/ts.security.apollo-server-graphql-dev-tooling-exposure.rule.yaml +16 -0
- package/rules/typescript/ts.security.apollo-server-introspection-exposure.rule.yaml +16 -0
- package/rules/typescript/ts.security.apollo-server-missing-query-limits.rule.yaml +16 -0
- package/rules/typescript/ts.security.astro-vite-public-secret-define.rule.yaml +13 -0
- package/rules/typescript/ts.security.bind-to-all-interfaces.rule.yaml +10 -0
- package/rules/typescript/ts.security.browser-token-storage.rule.yaml +10 -0
- package/rules/typescript/ts.security.dangerous-insert-html.rule.yaml +10 -0
- package/rules/typescript/ts.security.dangerously-set-inner-html.rule.yaml +10 -0
- package/rules/typescript/ts.security.datadog-browser-track-user-interactions.rule.yaml +10 -0
- package/rules/typescript/ts.security.debug-mode-enabled.rule.yaml +10 -0
- package/rules/typescript/ts.security.debug-statement-in-source.rule.yaml +10 -0
- package/rules/typescript/ts.security.dynamodb-query-injection.rule.yaml +10 -0
- package/rules/typescript/ts.security.electron-dangerous-webpreferences.rule.yaml +10 -0
- package/rules/typescript/ts.security.electron-insecure-local-state.rule.yaml +10 -0
- package/rules/typescript/ts.security.electron-missing-ipc-origin-check.rule.yaml +10 -0
- package/rules/typescript/ts.security.electron-shell-open-external-unvalidated.rule.yaml +13 -0
- package/rules/typescript/ts.security.exposed-directory-listing.rule.yaml +10 -0
- package/rules/typescript/ts.security.express-cookie-missing-http-only.rule.yaml +16 -0
- package/rules/typescript/ts.security.express-default-cookie-config.rule.yaml +16 -0
- package/rules/typescript/ts.security.express-default-session-config.rule.yaml +16 -0
- package/rules/typescript/ts.security.express-error-handler-information-disclosure.rule.yaml +16 -0
- package/rules/typescript/ts.security.express-insecure-cookie.rule.yaml +16 -0
- package/rules/typescript/ts.security.express-missing-helmet.rule.yaml +16 -0
- package/rules/typescript/ts.security.express-nosql-injection.rule.yaml +16 -0
- package/rules/typescript/ts.security.express-permissive-cookie-config.rule.yaml +16 -0
- package/rules/typescript/ts.security.express-permissive-cors.rule.yaml +52 -0
- package/rules/typescript/ts.security.express-reduce-fingerprint.rule.yaml +16 -0
- package/rules/typescript/ts.security.express-static-assets-after-session.rule.yaml +16 -0
- package/rules/typescript/ts.security.express-static-dotfiles-allow.rule.yaml +16 -0
- package/rules/typescript/ts.security.express-unbounded-body-parser.rule.yaml +16 -0
- package/rules/typescript/ts.security.express-user-controlled-static-mount.rule.yaml +16 -0
- package/rules/typescript/ts.security.external-file-upload.rule.yaml +10 -0
- package/rules/typescript/ts.security.fastify-excessive-body-limit.rule.yaml +16 -0
- package/rules/typescript/ts.security.fastify-public-bind-without-trust-proxy.rule.yaml +16 -0
- package/rules/typescript/ts.security.file-generation.rule.yaml +10 -0
- package/rules/typescript/ts.security.format-string-using-user-input.rule.yaml +10 -0
- package/rules/typescript/ts.security.frontend-only-authorization.rule.yaml +10 -0
- package/rules/typescript/ts.security.graphql-upload-without-csrf-guard.rule.yaml +16 -0
- package/rules/typescript/ts.security.handlebars-no-escape.rule.yaml +10 -0
- package/rules/typescript/ts.security.hardcoded-auth-secret.rule.yaml +10 -0
- package/rules/typescript/ts.security.iframe-missing-sandbox-attribute.rule.yaml +10 -0
- package/rules/typescript/ts.security.import-using-user-input.rule.yaml +10 -0
- package/rules/typescript/ts.security.information-leakage.rule.yaml +10 -0
- package/rules/typescript/ts.security.insecure-allow-origin.rule.yaml +10 -0
- package/rules/typescript/ts.security.insecure-auth-cookie-flags.rule.yaml +10 -0
- package/rules/typescript/ts.security.insecure-content-security-policy-literal.rule.yaml +10 -0
- package/rules/typescript/ts.security.insecure-helmet-hardening-options.rule.yaml +10 -0
- package/rules/typescript/ts.security.insecure-password-hash-configuration.rule.yaml +10 -0
- package/rules/typescript/ts.security.insecure-websocket-transport.rule.yaml +10 -0
- package/rules/typescript/ts.security.insufficiently-random-values.rule.yaml +10 -0
- package/rules/typescript/ts.security.jwt-insecure-signing-algorithm.rule.yaml +10 -0
- package/rules/typescript/ts.security.jwt-not-revoked.rule.yaml +10 -0
- package/rules/typescript/ts.security.jwt-sensitive-claims.rule.yaml +10 -0
- package/rules/typescript/ts.security.legacy-buffer-constructor.rule.yaml +10 -0
- package/rules/typescript/ts.security.log-injection.rule.yaml +10 -0
- package/rules/typescript/ts.security.manual-html-sanitization.rule.yaml +10 -0
- package/rules/typescript/ts.security.missing-authorization-before-sensitive-action.rule.yaml +10 -0
- package/rules/typescript/ts.security.missing-integrity-check.rule.yaml +10 -0
- package/rules/typescript/ts.security.missing-message-origin-check.rule.yaml +10 -0
- package/rules/typescript/ts.security.missing-ownership-validation.rule.yaml +10 -0
- package/rules/typescript/ts.security.missing-request-timeout-or-retry.rule.yaml +10 -0
- package/rules/typescript/ts.security.nestjs-helmet-after-route-mount.rule.yaml +16 -0
- package/rules/typescript/ts.security.nestjs-missing-global-validation-pipe.rule.yaml +16 -0
- package/rules/typescript/ts.security.nestjs-skip-throttle-sensitive-route.rule.yaml +16 -0
- package/rules/typescript/ts.security.nestjs-validation-pipe-without-whitelist.rule.yaml +16 -0
- package/rules/typescript/ts.security.no-alert-confirm-prompt.rule.yaml +44 -0
- package/rules/typescript/ts.security.no-arguments-callee.rule.yaml +44 -0
- package/rules/typescript/ts.security.no-assign-mutable-export.rule.yaml +45 -0
- package/rules/typescript/ts.security.no-dynamic-execution.rule.yaml +10 -0
- package/rules/typescript/ts.security.no-fs-readfile-sync-in-handler.rule.yaml +46 -0
- package/rules/typescript/ts.security.no-global-native-reassignment.rule.yaml +44 -0
- package/rules/typescript/ts.security.no-innerhtml-assignment.rule.yaml +10 -0
- package/rules/typescript/ts.security.no-javascript-url.rule.yaml +44 -0
- package/rules/typescript/ts.security.no-native-prototype-extension.rule.yaml +44 -0
- package/rules/typescript/ts.security.no-sync-child-process-exec.rule.yaml +45 -0
- package/rules/typescript/ts.security.no-throw-literal.rule.yaml +44 -0
- package/rules/typescript/ts.security.no-with-statement.rule.yaml +44 -0
- package/rules/typescript/ts.security.non-literal-fs-filename.rule.yaml +10 -0
- package/rules/typescript/ts.security.nuxt-public-runtime-secret.rule.yaml +13 -0
- package/rules/typescript/ts.security.observable-timing-discrepancy.rule.yaml +10 -0
- package/rules/typescript/ts.security.open-redirect.rule.yaml +10 -0
- package/rules/typescript/ts.security.permissive-allow-origin.rule.yaml +10 -0
- package/rules/typescript/ts.security.permissive-file-permissions.rule.yaml +10 -0
- package/rules/typescript/ts.security.postmessage-wildcard-origin.rule.yaml +10 -0
- package/rules/typescript/ts.security.predictable-token-generation.rule.yaml +10 -0
- package/rules/typescript/ts.security.raw-html-using-user-input.rule.yaml +10 -0
- package/rules/typescript/ts.security.request-driven-array-index-access.rule.yaml +10 -0
- package/rules/typescript/ts.security.sensitive-data-egress.rule.yaml +10 -0
- package/rules/typescript/ts.security.sensitive-data-in-exception.rule.yaml +10 -0
- package/rules/typescript/ts.security.sensitive-data-written-to-file.rule.yaml +10 -0
- package/rules/typescript/ts.security.ssrf.rule.yaml +10 -0
- package/rules/typescript/ts.security.token-or-session-not-validated.rule.yaml +10 -0
- package/rules/typescript/ts.security.ui-redress.rule.yaml +10 -0
- package/rules/typescript/ts.security.unsafe-dirname-path-concat.rule.yaml +44 -0
- package/rules/typescript/ts.security.unsafe-dompurify-version.rule.yaml +10 -0
- package/rules/typescript/ts.security.unsafe-marked-version.rule.yaml +10 -0
- package/rules/typescript/ts.security.unsanitized-http-response.rule.yaml +10 -0
- package/rules/typescript/ts.security.unvalidated-external-input.rule.yaml +10 -0
- package/rules/typescript/ts.security.user-controlled-sendfile.rule.yaml +10 -0
- package/rules/typescript/ts.security.user-controlled-view-render.rule.yaml +10 -0
- package/rules/typescript/ts.security.weak-cipher-or-mode.rule.yaml +10 -0
- package/rules/typescript/ts.security.weak-key-strength.rule.yaml +10 -0
- package/rules/typescript/ts.security.weak-tls-version.rule.yaml +10 -0
- package/rules/typescript/ts.security.xml-parse-string-with-untrusted-input.rule.yaml +10 -0
package/catalog.yaml
CHANGED
|
@@ -21,6 +21,11 @@ rules:
|
|
|
21
21
|
presets:
|
|
22
22
|
- recommended
|
|
23
23
|
- strict
|
|
24
|
+
- id: ts.correctness.control-flow-in-finally
|
|
25
|
+
rulePath: ./rules/typescript/ts.correctness.control-flow-in-finally.rule.yaml
|
|
26
|
+
presets:
|
|
27
|
+
- recommended
|
|
28
|
+
- strict
|
|
24
29
|
- id: ts.correctness.missing-await-on-async-call
|
|
25
30
|
rulePath: ./rules/typescript/ts.correctness.missing-await-on-async-call.rule.yaml
|
|
26
31
|
presets:
|
|
@@ -42,6 +47,11 @@ rules:
|
|
|
42
47
|
presets:
|
|
43
48
|
- recommended
|
|
44
49
|
- strict
|
|
50
|
+
- id: ts.correctness.invalid-typeof-comparison
|
|
51
|
+
rulePath: ./rules/typescript/ts.correctness.invalid-typeof-comparison.rule.yaml
|
|
52
|
+
presets:
|
|
53
|
+
- recommended
|
|
54
|
+
- strict
|
|
45
55
|
- id: ts.correctness.blocking-call-in-async-flow
|
|
46
56
|
rulePath: ./rules/typescript/ts.correctness.blocking-call-in-async-flow.rule.yaml
|
|
47
57
|
presets:
|
|
@@ -52,6 +62,11 @@ rules:
|
|
|
52
62
|
presets:
|
|
53
63
|
- recommended
|
|
54
64
|
- strict
|
|
65
|
+
- id: ts.correctness.missing-super-call
|
|
66
|
+
rulePath: ./rules/typescript/ts.correctness.missing-super-call.rule.yaml
|
|
67
|
+
presets:
|
|
68
|
+
- recommended
|
|
69
|
+
- strict
|
|
55
70
|
- id: ts.correctness.missing-timeout-on-external-call
|
|
56
71
|
rulePath: ./rules/typescript/ts.correctness.missing-timeout-on-external-call.rule.yaml
|
|
57
72
|
presets:
|
|
@@ -63,6 +78,11 @@ rules:
|
|
|
63
78
|
presets:
|
|
64
79
|
- recommended
|
|
65
80
|
- strict
|
|
81
|
+
- id: ts.correctness.promise-reject-non-error
|
|
82
|
+
rulePath: ./rules/typescript/ts.correctness.promise-reject-non-error.rule.yaml
|
|
83
|
+
presets:
|
|
84
|
+
- recommended
|
|
85
|
+
- strict
|
|
66
86
|
- id: ts.correctness.nested-property-access-without-check
|
|
67
87
|
rulePath: ./rules/typescript/ts.correctness.nested-property-access-without-check.rule.yaml
|
|
68
88
|
presets:
|
|
@@ -87,11 +107,26 @@ rules:
|
|
|
87
107
|
rulePath: ./rules/typescript/ts.correctness.shared-state-race.rule.yaml
|
|
88
108
|
presets:
|
|
89
109
|
- experimental
|
|
110
|
+
- id: ts.correctness.this-before-super
|
|
111
|
+
rulePath: ./rules/typescript/ts.correctness.this-before-super.rule.yaml
|
|
112
|
+
presets:
|
|
113
|
+
- recommended
|
|
114
|
+
- strict
|
|
90
115
|
- id: ts.correctness.unreachable-statement
|
|
91
116
|
rulePath: ./rules/typescript/ts.correctness.unreachable-statement.rule.yaml
|
|
92
117
|
presets:
|
|
93
118
|
- recommended
|
|
94
119
|
- strict
|
|
120
|
+
- id: ts.correctness.array-callback-missing-return
|
|
121
|
+
rulePath: ./rules/typescript/ts.correctness.array-callback-missing-return.rule.yaml
|
|
122
|
+
presets:
|
|
123
|
+
- recommended
|
|
124
|
+
- strict
|
|
125
|
+
- id: ts.correctness.array-sort-without-compare
|
|
126
|
+
rulePath: ./rules/typescript/ts.correctness.array-sort-without-compare.rule.yaml
|
|
127
|
+
presets:
|
|
128
|
+
- recommended
|
|
129
|
+
- strict
|
|
95
130
|
- id: ts.correctness.assignment-in-condition
|
|
96
131
|
rulePath: ./rules/typescript/ts.correctness.assignment-in-condition.rule.yaml
|
|
97
132
|
presets:
|
|
@@ -102,6 +137,11 @@ rules:
|
|
|
102
137
|
presets:
|
|
103
138
|
- recommended
|
|
104
139
|
- strict
|
|
140
|
+
- id: ts.correctness.duplicate-if-else-condition
|
|
141
|
+
rulePath: ./rules/typescript/ts.correctness.duplicate-if-else-condition.rule.yaml
|
|
142
|
+
presets:
|
|
143
|
+
- recommended
|
|
144
|
+
- strict
|
|
105
145
|
- id: ts.correctness.duplicate-object-key
|
|
106
146
|
rulePath: ./rules/typescript/ts.correctness.duplicate-object-key.rule.yaml
|
|
107
147
|
presets:
|
|
@@ -117,6 +157,36 @@ rules:
|
|
|
117
157
|
presets:
|
|
118
158
|
- recommended
|
|
119
159
|
- strict
|
|
160
|
+
- id: ts.correctness.infinite-loop
|
|
161
|
+
rulePath: ./rules/typescript/ts.correctness.infinite-loop.rule.yaml
|
|
162
|
+
presets:
|
|
163
|
+
- recommended
|
|
164
|
+
- strict
|
|
165
|
+
- id: ts.correctness.unnecessary-return-await
|
|
166
|
+
rulePath: ./rules/typescript/ts.correctness.unnecessary-return-await.rule.yaml
|
|
167
|
+
presets:
|
|
168
|
+
- recommended
|
|
169
|
+
- strict
|
|
170
|
+
- id: ts.correctness.invalid-await-expression
|
|
171
|
+
rulePath: ./rules/typescript/ts.correctness.invalid-await-expression.rule.yaml
|
|
172
|
+
presets:
|
|
173
|
+
- recommended
|
|
174
|
+
- strict
|
|
175
|
+
- id: ts.correctness.missing-async-on-promise-method
|
|
176
|
+
rulePath: ./rules/typescript/ts.correctness.missing-async-on-promise-method.rule.yaml
|
|
177
|
+
presets:
|
|
178
|
+
- recommended
|
|
179
|
+
- strict
|
|
180
|
+
- id: ts.correctness.no-floating-promise-in-function
|
|
181
|
+
rulePath: ./rules/typescript/ts.correctness.no-floating-promise-in-function.rule.yaml
|
|
182
|
+
presets:
|
|
183
|
+
- recommended
|
|
184
|
+
- strict
|
|
185
|
+
- id: ts.correctness.no-misused-promises
|
|
186
|
+
rulePath: ./rules/typescript/ts.correctness.no-misused-promises.rule.yaml
|
|
187
|
+
presets:
|
|
188
|
+
- recommended
|
|
189
|
+
- strict
|
|
120
190
|
- id: ts.correctness.assignment-to-import-binding
|
|
121
191
|
rulePath: ./rules/typescript/ts.correctness.assignment-to-import-binding.rule.yaml
|
|
122
192
|
presets:
|
|
@@ -142,6 +212,11 @@ rules:
|
|
|
142
212
|
presets:
|
|
143
213
|
- recommended
|
|
144
214
|
- strict
|
|
215
|
+
- id: ts.correctness.for-in-on-array
|
|
216
|
+
rulePath: ./rules/typescript/ts.correctness.for-in-on-array.rule.yaml
|
|
217
|
+
presets:
|
|
218
|
+
- recommended
|
|
219
|
+
- strict
|
|
145
220
|
- id: ts.correctness.reassign-catch-binding
|
|
146
221
|
rulePath: ./rules/typescript/ts.correctness.reassign-catch-binding.rule.yaml
|
|
147
222
|
presets:
|
|
@@ -152,6 +227,11 @@ rules:
|
|
|
152
227
|
presets:
|
|
153
228
|
- recommended
|
|
154
229
|
- strict
|
|
230
|
+
- id: ts.correctness.use-number-is-nan
|
|
231
|
+
rulePath: ./rules/typescript/ts.correctness.use-number-is-nan.rule.yaml
|
|
232
|
+
presets:
|
|
233
|
+
- recommended
|
|
234
|
+
- strict
|
|
155
235
|
- id: ts.quality.swallowed-error
|
|
156
236
|
rulePath: ./rules/typescript/ts.quality.swallowed-error.rule.yaml
|
|
157
237
|
presets:
|
|
@@ -237,6 +317,11 @@ rules:
|
|
|
237
317
|
rulePath: ./rules/typescript/ts.quality.no-dead-export.rule.yaml
|
|
238
318
|
presets:
|
|
239
319
|
- strict
|
|
320
|
+
- id: ts.quality.no-empty-function
|
|
321
|
+
rulePath: ./rules/typescript/ts.quality.no-empty-function.rule.yaml
|
|
322
|
+
presets:
|
|
323
|
+
- recommended
|
|
324
|
+
- strict
|
|
240
325
|
- id: ts.testing.no-focused-test
|
|
241
326
|
rulePath: ./rules/typescript/ts.testing.no-focused-test.rule.yaml
|
|
242
327
|
presets:
|
|
@@ -369,6 +454,11 @@ rules:
|
|
|
369
454
|
presets:
|
|
370
455
|
- recommended
|
|
371
456
|
- strict
|
|
457
|
+
- id: ts.performance.no-await-in-loop
|
|
458
|
+
rulePath: ./rules/typescript/ts.performance.no-await-in-loop.rule.yaml
|
|
459
|
+
presets:
|
|
460
|
+
- recommended
|
|
461
|
+
- strict
|
|
372
462
|
- id: ts.performance.no-cache-miss-from-unstable-key
|
|
373
463
|
rulePath: ./rules/typescript/ts.performance.no-cache-miss-from-unstable-key.rule.yaml
|
|
374
464
|
presets:
|
|
@@ -398,6 +488,26 @@ rules:
|
|
|
398
488
|
rulePath: ./rules/java/java.performance.no-unbounded-concurrency.rule.yaml
|
|
399
489
|
presets:
|
|
400
490
|
- strict
|
|
491
|
+
- id: php.correctness.duplicate-array-key
|
|
492
|
+
rulePath: ./rules/php/php.correctness.duplicate-array-key.rule.yaml
|
|
493
|
+
presets:
|
|
494
|
+
- strict
|
|
495
|
+
- id: php.correctness.error-suppression-operator
|
|
496
|
+
rulePath: ./rules/php/php.correctness.error-suppression-operator.rule.yaml
|
|
497
|
+
presets:
|
|
498
|
+
- strict
|
|
499
|
+
- id: php.correctness.nullsafe-returned-by-reference
|
|
500
|
+
rulePath: ./rules/php/php.correctness.nullsafe-returned-by-reference.rule.yaml
|
|
501
|
+
presets:
|
|
502
|
+
- strict
|
|
503
|
+
- id: php.correctness.switch-multiple-default
|
|
504
|
+
rulePath: ./rules/php/php.correctness.switch-multiple-default.rule.yaml
|
|
505
|
+
presets:
|
|
506
|
+
- strict
|
|
507
|
+
- id: php.correctness.unreachable-after-return
|
|
508
|
+
rulePath: ./rules/php/php.correctness.unreachable-after-return.rule.yaml
|
|
509
|
+
presets:
|
|
510
|
+
- strict
|
|
401
511
|
- id: php.performance.no-regex-construction-in-loop
|
|
402
512
|
rulePath: ./rules/php/php.performance.no-regex-construction-in-loop.rule.yaml
|
|
403
513
|
presets:
|
|
@@ -422,6 +532,31 @@ rules:
|
|
|
422
532
|
rulePath: ./rules/python/py.performance.no-unbounded-concurrency.rule.yaml
|
|
423
533
|
presets:
|
|
424
534
|
- strict
|
|
535
|
+
- id: py.correctness.assert-on-tuple
|
|
536
|
+
rulePath: ./rules/python/py.correctness.assert-on-tuple.rule.yaml
|
|
537
|
+
presets:
|
|
538
|
+
- recommended
|
|
539
|
+
- strict
|
|
540
|
+
- id: py.correctness.bare-except
|
|
541
|
+
rulePath: ./rules/python/py.correctness.bare-except.rule.yaml
|
|
542
|
+
presets:
|
|
543
|
+
- recommended
|
|
544
|
+
- strict
|
|
545
|
+
- id: py.correctness.broad-exception-handler
|
|
546
|
+
rulePath: ./rules/python/py.correctness.broad-exception-handler.rule.yaml
|
|
547
|
+
presets:
|
|
548
|
+
- recommended
|
|
549
|
+
- strict
|
|
550
|
+
- id: py.correctness.dangerous-mutable-default
|
|
551
|
+
rulePath: ./rules/python/py.correctness.dangerous-mutable-default.rule.yaml
|
|
552
|
+
presets:
|
|
553
|
+
- recommended
|
|
554
|
+
- strict
|
|
555
|
+
- id: py.correctness.duplicate-dict-key
|
|
556
|
+
rulePath: ./rules/python/py.correctness.duplicate-dict-key.rule.yaml
|
|
557
|
+
presets:
|
|
558
|
+
- recommended
|
|
559
|
+
- strict
|
|
425
560
|
- id: ruby.performance.no-regex-construction-in-loop
|
|
426
561
|
rulePath: ./rules/ruby/ruby.performance.no-regex-construction-in-loop.rule.yaml
|
|
427
562
|
presets:
|
|
@@ -434,6 +569,34 @@ rules:
|
|
|
434
569
|
rulePath: ./rules/ruby/ruby.performance.no-unbounded-concurrency.rule.yaml
|
|
435
570
|
presets:
|
|
436
571
|
- strict
|
|
572
|
+
- id: rust.correctness.block-on-in-async
|
|
573
|
+
rulePath: ./rules/rust/rust.correctness.block-on-in-async.rule.yaml
|
|
574
|
+
presets:
|
|
575
|
+
- strict
|
|
576
|
+
- id: rust.correctness.forget-join-handle
|
|
577
|
+
rulePath: ./rules/rust/rust.correctness.forget-join-handle.rule.yaml
|
|
578
|
+
presets:
|
|
579
|
+
- strict
|
|
580
|
+
- id: rust.correctness.mutex-held-across-await
|
|
581
|
+
rulePath: ./rules/rust/rust.correctness.mutex-held-across-await.rule.yaml
|
|
582
|
+
presets:
|
|
583
|
+
- strict
|
|
584
|
+
- id: rust.correctness.std-mutex-in-async-fn
|
|
585
|
+
rulePath: ./rules/rust/rust.correctness.std-mutex-in-async-fn.rule.yaml
|
|
586
|
+
presets:
|
|
587
|
+
- strict
|
|
588
|
+
- id: rust.correctness.thread-sleep-in-async
|
|
589
|
+
rulePath: ./rules/rust/rust.correctness.thread-sleep-in-async.rule.yaml
|
|
590
|
+
presets:
|
|
591
|
+
- strict
|
|
592
|
+
- id: rust.correctness.unbounded-channel
|
|
593
|
+
rulePath: ./rules/rust/rust.correctness.unbounded-channel.rule.yaml
|
|
594
|
+
presets:
|
|
595
|
+
- strict
|
|
596
|
+
- id: rust.correctness.unchecked-index
|
|
597
|
+
rulePath: ./rules/rust/rust.correctness.unchecked-index.rule.yaml
|
|
598
|
+
presets:
|
|
599
|
+
- strict
|
|
437
600
|
- id: rust.performance.no-regex-construction-in-loop
|
|
438
601
|
rulePath: ./rules/rust/rust.performance.no-regex-construction-in-loop.rule.yaml
|
|
439
602
|
presets:
|
|
@@ -540,6 +703,52 @@ rules:
|
|
|
540
703
|
rulePath: ./rules/typescript/ts.react.no-deprecated-create-factory.rule.yaml
|
|
541
704
|
presets:
|
|
542
705
|
- strict
|
|
706
|
+
- id: ts.react.no-bind-in-jsx-props
|
|
707
|
+
rulePath: ./rules/typescript/ts.react.no-bind-in-jsx-props.rule.yaml
|
|
708
|
+
presets:
|
|
709
|
+
- recommended
|
|
710
|
+
- strict
|
|
711
|
+
- id: ts.react.no-jsx-props-spread
|
|
712
|
+
rulePath: ./rules/typescript/ts.react.no-jsx-props-spread.rule.yaml
|
|
713
|
+
presets:
|
|
714
|
+
- recommended
|
|
715
|
+
- strict
|
|
716
|
+
- id: ts.react.no-children-prop
|
|
717
|
+
rulePath: ./rules/typescript/ts.react.no-children-prop.rule.yaml
|
|
718
|
+
presets:
|
|
719
|
+
- recommended
|
|
720
|
+
- strict
|
|
721
|
+
- id: ts.react.no-set-state-in-component-did-mount
|
|
722
|
+
rulePath: ./rules/typescript/ts.react.no-set-state-in-component-did-mount.rule.yaml
|
|
723
|
+
presets:
|
|
724
|
+
- recommended
|
|
725
|
+
- strict
|
|
726
|
+
- id: ts.react.no-set-state-in-component-did-update
|
|
727
|
+
rulePath: ./rules/typescript/ts.react.no-set-state-in-component-did-update.rule.yaml
|
|
728
|
+
presets:
|
|
729
|
+
- recommended
|
|
730
|
+
- strict
|
|
731
|
+
- id: ts.react.no-direct-state-mutation
|
|
732
|
+
rulePath: ./rules/typescript/ts.react.no-direct-state-mutation.rule.yaml
|
|
733
|
+
presets:
|
|
734
|
+
- recommended
|
|
735
|
+
- strict
|
|
736
|
+
- id: ts.react.no-target-blank-without-rel
|
|
737
|
+
rulePath: ./rules/typescript/ts.react.no-target-blank-without-rel.rule.yaml
|
|
738
|
+
presets:
|
|
739
|
+
- recommended
|
|
740
|
+
- strict
|
|
741
|
+
- security
|
|
742
|
+
- id: ts.react.no-duplicate-jsx-attributes
|
|
743
|
+
rulePath: ./rules/typescript/ts.react.no-duplicate-jsx-attributes.rule.yaml
|
|
744
|
+
presets:
|
|
745
|
+
- recommended
|
|
746
|
+
- strict
|
|
747
|
+
- id: ts.react.no-this-in-function-component
|
|
748
|
+
rulePath: ./rules/typescript/ts.react.no-this-in-function-component.rule.yaml
|
|
749
|
+
presets:
|
|
750
|
+
- recommended
|
|
751
|
+
- strict
|
|
543
752
|
- id: security.no-sql-interpolation
|
|
544
753
|
rulePath: ./rules/shared/security.no-sql-interpolation.rule.yaml
|
|
545
754
|
presets:
|
|
@@ -552,6 +761,60 @@ rules:
|
|
|
552
761
|
- recommended
|
|
553
762
|
- strict
|
|
554
763
|
- security
|
|
764
|
+
- id: ts.security.no-with-statement
|
|
765
|
+
rulePath: ./rules/typescript/ts.security.no-with-statement.rule.yaml
|
|
766
|
+
presets:
|
|
767
|
+
- recommended
|
|
768
|
+
- strict
|
|
769
|
+
- security
|
|
770
|
+
- id: ts.security.no-arguments-callee
|
|
771
|
+
rulePath: ./rules/typescript/ts.security.no-arguments-callee.rule.yaml
|
|
772
|
+
presets:
|
|
773
|
+
- recommended
|
|
774
|
+
- strict
|
|
775
|
+
- security
|
|
776
|
+
- id: ts.security.no-javascript-url
|
|
777
|
+
rulePath: ./rules/typescript/ts.security.no-javascript-url.rule.yaml
|
|
778
|
+
presets:
|
|
779
|
+
- recommended
|
|
780
|
+
- strict
|
|
781
|
+
- security
|
|
782
|
+
- id: ts.security.no-native-prototype-extension
|
|
783
|
+
rulePath: ./rules/typescript/ts.security.no-native-prototype-extension.rule.yaml
|
|
784
|
+
presets:
|
|
785
|
+
- recommended
|
|
786
|
+
- strict
|
|
787
|
+
- security
|
|
788
|
+
- id: ts.security.no-global-native-reassignment
|
|
789
|
+
rulePath: ./rules/typescript/ts.security.no-global-native-reassignment.rule.yaml
|
|
790
|
+
presets:
|
|
791
|
+
- recommended
|
|
792
|
+
- strict
|
|
793
|
+
- security
|
|
794
|
+
- id: ts.security.no-throw-literal
|
|
795
|
+
rulePath: ./rules/typescript/ts.security.no-throw-literal.rule.yaml
|
|
796
|
+
presets:
|
|
797
|
+
- recommended
|
|
798
|
+
- strict
|
|
799
|
+
- security
|
|
800
|
+
- id: ts.security.no-alert-confirm-prompt
|
|
801
|
+
rulePath: ./rules/typescript/ts.security.no-alert-confirm-prompt.rule.yaml
|
|
802
|
+
presets:
|
|
803
|
+
- recommended
|
|
804
|
+
- strict
|
|
805
|
+
- security
|
|
806
|
+
- id: ts.runtime.no-process-exit
|
|
807
|
+
rulePath: ./rules/typescript/ts.runtime.no-process-exit.rule.yaml
|
|
808
|
+
presets:
|
|
809
|
+
- recommended
|
|
810
|
+
- strict
|
|
811
|
+
- security
|
|
812
|
+
- id: ts.security.unsafe-dirname-path-concat
|
|
813
|
+
rulePath: ./rules/typescript/ts.security.unsafe-dirname-path-concat.rule.yaml
|
|
814
|
+
presets:
|
|
815
|
+
- recommended
|
|
816
|
+
- strict
|
|
817
|
+
- security
|
|
555
818
|
- id: security.no-request-path-file-read
|
|
556
819
|
rulePath: ./rules/shared/security.no-request-path-file-read.rule.yaml
|
|
557
820
|
presets:
|
|
@@ -1013,6 +1276,28 @@ rules:
|
|
|
1013
1276
|
presets:
|
|
1014
1277
|
- strict
|
|
1015
1278
|
- security
|
|
1279
|
+
- id: ts.security.express-permissive-cors
|
|
1280
|
+
rulePath: ./rules/typescript/ts.security.express-permissive-cors.rule.yaml
|
|
1281
|
+
presets:
|
|
1282
|
+
- strict
|
|
1283
|
+
- security
|
|
1284
|
+
- id: ts.security.no-sync-child-process-exec
|
|
1285
|
+
rulePath: ./rules/typescript/ts.security.no-sync-child-process-exec.rule.yaml
|
|
1286
|
+
presets:
|
|
1287
|
+
- recommended
|
|
1288
|
+
- strict
|
|
1289
|
+
- security
|
|
1290
|
+
- id: ts.security.no-fs-readfile-sync-in-handler
|
|
1291
|
+
rulePath: ./rules/typescript/ts.security.no-fs-readfile-sync-in-handler.rule.yaml
|
|
1292
|
+
presets:
|
|
1293
|
+
- recommended
|
|
1294
|
+
- strict
|
|
1295
|
+
- security
|
|
1296
|
+
- id: ts.security.no-assign-mutable-export
|
|
1297
|
+
rulePath: ./rules/typescript/ts.security.no-assign-mutable-export.rule.yaml
|
|
1298
|
+
presets:
|
|
1299
|
+
- strict
|
|
1300
|
+
- security
|
|
1016
1301
|
- id: ts.security.request-driven-array-index-access
|
|
1017
1302
|
rulePath: ./rules/typescript/ts.security.request-driven-array-index-access.rule.yaml
|
|
1018
1303
|
presets:
|
|
@@ -1195,11 +1480,66 @@ rules:
|
|
|
1195
1480
|
presets:
|
|
1196
1481
|
- strict
|
|
1197
1482
|
- security
|
|
1483
|
+
- id: py.security.flask-debug-enabled
|
|
1484
|
+
rulePath: ./rules/python/py.security.flask-debug-enabled.rule.yaml
|
|
1485
|
+
presets:
|
|
1486
|
+
- strict
|
|
1487
|
+
- security
|
|
1488
|
+
- id: py.security.django-mark-safe
|
|
1489
|
+
rulePath: ./rules/python/py.security.django-mark-safe.rule.yaml
|
|
1490
|
+
presets:
|
|
1491
|
+
- strict
|
|
1492
|
+
- security
|
|
1493
|
+
- id: py.security.django-format-html-unsafe
|
|
1494
|
+
rulePath: ./rules/python/py.security.django-format-html-unsafe.rule.yaml
|
|
1495
|
+
presets:
|
|
1496
|
+
- strict
|
|
1497
|
+
- security
|
|
1498
|
+
- id: py.security.django-security-middleware-missing
|
|
1499
|
+
rulePath: ./rules/python/py.security.django-security-middleware-missing.rule.yaml
|
|
1500
|
+
presets:
|
|
1501
|
+
- strict
|
|
1502
|
+
- security
|
|
1198
1503
|
- id: py.security.fastapi-insecure-cors
|
|
1199
1504
|
rulePath: ./rules/python/py.security.fastapi-insecure-cors.rule.yaml
|
|
1200
1505
|
presets:
|
|
1201
1506
|
- strict
|
|
1202
1507
|
- security
|
|
1508
|
+
- id: py.security.subprocess-shell-enabled
|
|
1509
|
+
rulePath: ./rules/python/py.security.subprocess-shell-enabled.rule.yaml
|
|
1510
|
+
presets:
|
|
1511
|
+
- strict
|
|
1512
|
+
- security
|
|
1513
|
+
- id: py.security.dynamic-code-execution
|
|
1514
|
+
rulePath: ./rules/python/py.security.dynamic-code-execution.rule.yaml
|
|
1515
|
+
presets:
|
|
1516
|
+
- strict
|
|
1517
|
+
- security
|
|
1518
|
+
- id: py.security.insecure-yaml-load
|
|
1519
|
+
rulePath: ./rules/python/py.security.insecure-yaml-load.rule.yaml
|
|
1520
|
+
presets:
|
|
1521
|
+
- strict
|
|
1522
|
+
- security
|
|
1523
|
+
- id: py.security.insecure-temp-file
|
|
1524
|
+
rulePath: ./rules/python/py.security.insecure-temp-file.rule.yaml
|
|
1525
|
+
presets:
|
|
1526
|
+
- strict
|
|
1527
|
+
- security
|
|
1528
|
+
- id: py.security.bind-all-interfaces
|
|
1529
|
+
rulePath: ./rules/python/py.security.bind-all-interfaces.rule.yaml
|
|
1530
|
+
presets:
|
|
1531
|
+
- strict
|
|
1532
|
+
- security
|
|
1533
|
+
- id: py.security.debugger-import
|
|
1534
|
+
rulePath: ./rules/python/py.security.debugger-import.rule.yaml
|
|
1535
|
+
presets:
|
|
1536
|
+
- strict
|
|
1537
|
+
- security
|
|
1538
|
+
- id: py.security.jinja-autoescape-disabled
|
|
1539
|
+
rulePath: ./rules/python/py.security.jinja-autoescape-disabled.rule.yaml
|
|
1540
|
+
presets:
|
|
1541
|
+
- strict
|
|
1542
|
+
- security
|
|
1203
1543
|
- id: java.security.android-screenshot-exposure
|
|
1204
1544
|
rulePath: ./rules/java/java.security.android-screenshot-exposure.rule.yaml
|
|
1205
1545
|
presets:
|
|
@@ -1263,6 +1603,100 @@ rules:
|
|
|
1263
1603
|
presets:
|
|
1264
1604
|
- strict
|
|
1265
1605
|
- security
|
|
1606
|
+
- id: java.security.unsafe-jackson-deserialization
|
|
1607
|
+
rulePath: ./rules/java/java.security.unsafe-jackson-deserialization.rule.yaml
|
|
1608
|
+
presets:
|
|
1609
|
+
- strict
|
|
1610
|
+
- security
|
|
1611
|
+
- id: java.security.xxe-document-builder
|
|
1612
|
+
rulePath: ./rules/java/java.security.xxe-document-builder.rule.yaml
|
|
1613
|
+
presets:
|
|
1614
|
+
- strict
|
|
1615
|
+
- security
|
|
1616
|
+
- id: java.security.xxe-xml-input-factory
|
|
1617
|
+
rulePath: ./rules/java/java.security.xxe-xml-input-factory.rule.yaml
|
|
1618
|
+
presets:
|
|
1619
|
+
- strict
|
|
1620
|
+
- security
|
|
1621
|
+
- id: java.security.hibernate-sql-concatenation
|
|
1622
|
+
rulePath: ./rules/java/java.security.hibernate-sql-concatenation.rule.yaml
|
|
1623
|
+
presets:
|
|
1624
|
+
- strict
|
|
1625
|
+
- security
|
|
1626
|
+
- id: java.security.shell-runtime-exec
|
|
1627
|
+
rulePath: ./rules/java/java.security.shell-runtime-exec.rule.yaml
|
|
1628
|
+
presets:
|
|
1629
|
+
- strict
|
|
1630
|
+
- security
|
|
1631
|
+
- id: java.security.predictable-securerandom
|
|
1632
|
+
rulePath: ./rules/java/java.security.predictable-securerandom.rule.yaml
|
|
1633
|
+
presets:
|
|
1634
|
+
- strict
|
|
1635
|
+
- security
|
|
1636
|
+
- id: java.correctness.empty-catch
|
|
1637
|
+
rulePath: ./rules/java/java.correctness.empty-catch.rule.yaml
|
|
1638
|
+
presets:
|
|
1639
|
+
- strict
|
|
1640
|
+
- id: java.correctness.equals-on-array
|
|
1641
|
+
rulePath: ./rules/java/java.correctness.equals-on-array.rule.yaml
|
|
1642
|
+
presets:
|
|
1643
|
+
- strict
|
|
1644
|
+
- id: java.correctness.sync-on-string-literal
|
|
1645
|
+
rulePath: ./rules/java/java.correctness.sync-on-string-literal.rule.yaml
|
|
1646
|
+
presets:
|
|
1647
|
+
- strict
|
|
1648
|
+
- id: java.correctness.catch-null-pointer
|
|
1649
|
+
rulePath: ./rules/java/java.correctness.catch-null-pointer.rule.yaml
|
|
1650
|
+
presets:
|
|
1651
|
+
- strict
|
|
1652
|
+
- id: java.correctness.unsafe-optional-get
|
|
1653
|
+
rulePath: ./rules/java/java.correctness.unsafe-optional-get.rule.yaml
|
|
1654
|
+
presets:
|
|
1655
|
+
- strict
|
|
1656
|
+
- id: java.correctness.return-in-finally
|
|
1657
|
+
rulePath: ./rules/java/java.correctness.return-in-finally.rule.yaml
|
|
1658
|
+
presets:
|
|
1659
|
+
- strict
|
|
1660
|
+
- id: java.security.insecure-cipher-mode
|
|
1661
|
+
rulePath: ./rules/java/java.security.insecure-cipher-mode.rule.yaml
|
|
1662
|
+
presets:
|
|
1663
|
+
- strict
|
|
1664
|
+
- security
|
|
1665
|
+
- id: java.security.weak-rsa-key-size
|
|
1666
|
+
rulePath: ./rules/java/java.security.weak-rsa-key-size.rule.yaml
|
|
1667
|
+
presets:
|
|
1668
|
+
- strict
|
|
1669
|
+
- security
|
|
1670
|
+
- id: java.security.insecure-ssl-context
|
|
1671
|
+
rulePath: ./rules/java/java.security.insecure-ssl-context.rule.yaml
|
|
1672
|
+
presets:
|
|
1673
|
+
- strict
|
|
1674
|
+
- security
|
|
1675
|
+
- id: java.security.permissive-cors
|
|
1676
|
+
rulePath: ./rules/java/java.security.permissive-cors.rule.yaml
|
|
1677
|
+
presets:
|
|
1678
|
+
- strict
|
|
1679
|
+
- security
|
|
1680
|
+
- id: java.security.trust-all-certificates
|
|
1681
|
+
rulePath: ./rules/java/java.security.trust-all-certificates.rule.yaml
|
|
1682
|
+
presets:
|
|
1683
|
+
- strict
|
|
1684
|
+
- security
|
|
1685
|
+
- id: java.security.insecure-network-protocol
|
|
1686
|
+
rulePath: ./rules/java/java.security.insecure-network-protocol.rule.yaml
|
|
1687
|
+
presets:
|
|
1688
|
+
- strict
|
|
1689
|
+
- security
|
|
1690
|
+
- id: java.security.null-cipher
|
|
1691
|
+
rulePath: ./rules/java/java.security.null-cipher.rule.yaml
|
|
1692
|
+
presets:
|
|
1693
|
+
- strict
|
|
1694
|
+
- security
|
|
1695
|
+
- id: java.security.jwt-without-verification
|
|
1696
|
+
rulePath: ./rules/java/java.security.jwt-without-verification.rule.yaml
|
|
1697
|
+
presets:
|
|
1698
|
+
- strict
|
|
1699
|
+
- security
|
|
1266
1700
|
- id: ruby.security.rails-csrf-disabled
|
|
1267
1701
|
rulePath: ./rules/ruby/ruby.security.rails-csrf-disabled.rule.yaml
|
|
1268
1702
|
presets:
|
|
@@ -1323,6 +1757,41 @@ rules:
|
|
|
1323
1757
|
presets:
|
|
1324
1758
|
- strict
|
|
1325
1759
|
- security
|
|
1760
|
+
- id: rust.security.bind-all-interfaces
|
|
1761
|
+
rulePath: ./rules/rust/rust.security.bind-all-interfaces.rule.yaml
|
|
1762
|
+
presets:
|
|
1763
|
+
- strict
|
|
1764
|
+
- security
|
|
1765
|
+
- id: rust.security.insecure-ssh-host-key
|
|
1766
|
+
rulePath: ./rules/rust/rust.security.insecure-ssh-host-key.rule.yaml
|
|
1767
|
+
presets:
|
|
1768
|
+
- strict
|
|
1769
|
+
- security
|
|
1770
|
+
- id: rust.security.insecure-ssl-protocol
|
|
1771
|
+
rulePath: ./rules/rust/rust.security.insecure-ssl-protocol.rule.yaml
|
|
1772
|
+
presets:
|
|
1773
|
+
- strict
|
|
1774
|
+
- security
|
|
1775
|
+
- id: rust.security.insecure-temp-file
|
|
1776
|
+
rulePath: ./rules/rust/rust.security.insecure-temp-file.rule.yaml
|
|
1777
|
+
presets:
|
|
1778
|
+
- strict
|
|
1779
|
+
- security
|
|
1780
|
+
- id: rust.security.insecure-yaml-load
|
|
1781
|
+
rulePath: ./rules/rust/rust.security.insecure-yaml-load.rule.yaml
|
|
1782
|
+
presets:
|
|
1783
|
+
- strict
|
|
1784
|
+
- security
|
|
1785
|
+
- id: rust.security.jwt-without-verification
|
|
1786
|
+
rulePath: ./rules/rust/rust.security.jwt-without-verification.rule.yaml
|
|
1787
|
+
presets:
|
|
1788
|
+
- strict
|
|
1789
|
+
- security
|
|
1790
|
+
- id: rust.security.panic-in-async-handler
|
|
1791
|
+
rulePath: ./rules/rust/rust.security.panic-in-async-handler.rule.yaml
|
|
1792
|
+
presets:
|
|
1793
|
+
- strict
|
|
1794
|
+
- security
|
|
1326
1795
|
- id: rust.security.rocket-panic-prone-request-handler
|
|
1327
1796
|
rulePath: ./rules/rust/rust.security.rocket-panic-prone-request-handler.rule.yaml
|
|
1328
1797
|
presets:
|
|
@@ -1333,6 +1802,11 @@ rules:
|
|
|
1333
1802
|
presets:
|
|
1334
1803
|
- strict
|
|
1335
1804
|
- security
|
|
1805
|
+
- id: rust.security.shell-command-spawn
|
|
1806
|
+
rulePath: ./rules/rust/rust.security.shell-command-spawn.rule.yaml
|
|
1807
|
+
presets:
|
|
1808
|
+
- strict
|
|
1809
|
+
- security
|
|
1336
1810
|
- id: rust.security.sqlx-diesel-raw-interpolated-query
|
|
1337
1811
|
rulePath: ./rules/rust/rust.security.sqlx-diesel-raw-interpolated-query.rule.yaml
|
|
1338
1812
|
presets:
|
|
@@ -1343,11 +1817,31 @@ rules:
|
|
|
1343
1817
|
presets:
|
|
1344
1818
|
- strict
|
|
1345
1819
|
- security
|
|
1820
|
+
- id: rust.security.tls-missing-min-version
|
|
1821
|
+
rulePath: ./rules/rust/rust.security.tls-missing-min-version.rule.yaml
|
|
1822
|
+
presets:
|
|
1823
|
+
- strict
|
|
1824
|
+
- security
|
|
1346
1825
|
- id: rust.security.warp-blocking-or-panic-in-async-handler
|
|
1347
1826
|
rulePath: ./rules/rust/rust.security.warp-blocking-or-panic-in-async-handler.rule.yaml
|
|
1348
1827
|
presets:
|
|
1349
1828
|
- strict
|
|
1350
1829
|
- security
|
|
1830
|
+
- id: rust.security.weak-crypto-import
|
|
1831
|
+
rulePath: ./rules/rust/rust.security.weak-crypto-import.rule.yaml
|
|
1832
|
+
presets:
|
|
1833
|
+
- strict
|
|
1834
|
+
- security
|
|
1835
|
+
- id: rust.security.weak-rsa-key-size
|
|
1836
|
+
rulePath: ./rules/rust/rust.security.weak-rsa-key-size.rule.yaml
|
|
1837
|
+
presets:
|
|
1838
|
+
- strict
|
|
1839
|
+
- security
|
|
1840
|
+
- id: rust.security.weak-tls-cipher
|
|
1841
|
+
rulePath: ./rules/rust/rust.security.weak-tls-cipher.rule.yaml
|
|
1842
|
+
presets:
|
|
1843
|
+
- strict
|
|
1844
|
+
- security
|
|
1351
1845
|
- id: go.testing.t-skip-without-ticket-reference
|
|
1352
1846
|
rulePath: ./rules/go/go.testing.t-skip-without-ticket-reference.rule.yaml
|
|
1353
1847
|
presets:
|
|
@@ -1483,11 +1977,31 @@ rules:
|
|
|
1483
1977
|
presets:
|
|
1484
1978
|
- strict
|
|
1485
1979
|
- security
|
|
1980
|
+
- id: go.security.insecure-rand-seed
|
|
1981
|
+
rulePath: ./rules/go/go.security.insecure-rand-seed.rule.yaml
|
|
1982
|
+
presets:
|
|
1983
|
+
- strict
|
|
1984
|
+
- security
|
|
1985
|
+
- id: go.security.insecure-ssl-protocol
|
|
1986
|
+
rulePath: ./rules/go/go.security.insecure-ssl-protocol.rule.yaml
|
|
1987
|
+
presets:
|
|
1988
|
+
- strict
|
|
1989
|
+
- security
|
|
1990
|
+
- id: go.security.jwt-without-verification
|
|
1991
|
+
rulePath: ./rules/go/go.security.jwt-without-verification.rule.yaml
|
|
1992
|
+
presets:
|
|
1993
|
+
- strict
|
|
1994
|
+
- security
|
|
1486
1995
|
- id: go.security.net-http-missing-timeouts
|
|
1487
1996
|
rulePath: ./rules/go/go.security.net-http-missing-timeouts.rule.yaml
|
|
1488
1997
|
presets:
|
|
1489
1998
|
- strict
|
|
1490
1999
|
- security
|
|
2000
|
+
- id: go.security.pprof-exposed
|
|
2001
|
+
rulePath: ./rules/go/go.security.pprof-exposed.rule.yaml
|
|
2002
|
+
presets:
|
|
2003
|
+
- strict
|
|
2004
|
+
- security
|
|
1491
2005
|
- id: go.security.sensitive-data-egress
|
|
1492
2006
|
rulePath: ./rules/go/go.security.sensitive-data-egress.rule.yaml
|
|
1493
2007
|
presets:
|
|
@@ -1503,6 +2017,79 @@ rules:
|
|
|
1503
2017
|
presets:
|
|
1504
2018
|
- strict
|
|
1505
2019
|
- security
|
|
2020
|
+
- id: go.security.bind-all-interfaces
|
|
2021
|
+
rulePath: ./rules/go/go.security.bind-all-interfaces.rule.yaml
|
|
2022
|
+
presets:
|
|
2023
|
+
- strict
|
|
2024
|
+
- security
|
|
2025
|
+
- id: go.security.unsafe-package-import
|
|
2026
|
+
rulePath: ./rules/go/go.security.unsafe-package-import.rule.yaml
|
|
2027
|
+
presets:
|
|
2028
|
+
- strict
|
|
2029
|
+
- security
|
|
2030
|
+
- id: go.security.insecure-ssh-host-key
|
|
2031
|
+
rulePath: ./rules/go/go.security.insecure-ssh-host-key.rule.yaml
|
|
2032
|
+
presets:
|
|
2033
|
+
- strict
|
|
2034
|
+
- security
|
|
2035
|
+
- id: go.security.insecure-temp-file
|
|
2036
|
+
rulePath: ./rules/go/go.security.insecure-temp-file.rule.yaml
|
|
2037
|
+
presets:
|
|
2038
|
+
- strict
|
|
2039
|
+
- security
|
|
2040
|
+
- id: go.security.weak-rsa-key-size
|
|
2041
|
+
rulePath: ./rules/go/go.security.weak-rsa-key-size.rule.yaml
|
|
2042
|
+
presets:
|
|
2043
|
+
- strict
|
|
2044
|
+
- security
|
|
2045
|
+
- id: go.security.weak-crypto-import
|
|
2046
|
+
rulePath: ./rules/go/go.security.weak-crypto-import.rule.yaml
|
|
2047
|
+
presets:
|
|
2048
|
+
- strict
|
|
2049
|
+
- security
|
|
2050
|
+
- id: go.security.tls-missing-min-version
|
|
2051
|
+
rulePath: ./rules/go/go.security.tls-missing-min-version.rule.yaml
|
|
2052
|
+
presets:
|
|
2053
|
+
- strict
|
|
2054
|
+
- security
|
|
2055
|
+
- id: go.security.weak-bcrypt-cost
|
|
2056
|
+
rulePath: ./rules/go/go.security.weak-bcrypt-cost.rule.yaml
|
|
2057
|
+
presets:
|
|
2058
|
+
- strict
|
|
2059
|
+
- security
|
|
2060
|
+
- id: go.security.weak-tls-cipher
|
|
2061
|
+
rulePath: ./rules/go/go.security.weak-tls-cipher.rule.yaml
|
|
2062
|
+
presets:
|
|
2063
|
+
- strict
|
|
2064
|
+
- security
|
|
2065
|
+
- id: go.correctness.defer-close-before-check
|
|
2066
|
+
rulePath: ./rules/go/go.correctness.defer-close-before-check.rule.yaml
|
|
2067
|
+
presets:
|
|
2068
|
+
- strict
|
|
2069
|
+
- id: go.correctness.defer-in-loop
|
|
2070
|
+
rulePath: ./rules/go/go.correctness.defer-in-loop.rule.yaml
|
|
2071
|
+
presets:
|
|
2072
|
+
- strict
|
|
2073
|
+
- id: go.correctness.nil-context-passed
|
|
2074
|
+
rulePath: ./rules/go/go.correctness.nil-context-passed.rule.yaml
|
|
2075
|
+
presets:
|
|
2076
|
+
- strict
|
|
2077
|
+
- id: go.correctness.nil-map-assignment
|
|
2078
|
+
rulePath: ./rules/go/go.correctness.nil-map-assignment.rule.yaml
|
|
2079
|
+
presets:
|
|
2080
|
+
- strict
|
|
2081
|
+
- id: go.correctness.time-tick-leak
|
|
2082
|
+
rulePath: ./rules/go/go.correctness.time-tick-leak.rule.yaml
|
|
2083
|
+
presets:
|
|
2084
|
+
- strict
|
|
2085
|
+
- id: go.correctness.unused-append-result
|
|
2086
|
+
rulePath: ./rules/go/go.correctness.unused-append-result.rule.yaml
|
|
2087
|
+
presets:
|
|
2088
|
+
- strict
|
|
2089
|
+
- id: go.correctness.waitgroup-add-in-goroutine
|
|
2090
|
+
rulePath: ./rules/go/go.correctness.waitgroup-add-in-goroutine.rule.yaml
|
|
2091
|
+
presets:
|
|
2092
|
+
- strict
|
|
1506
2093
|
- id: php.security.insecure-cors-wildcard-with-credentials
|
|
1507
2094
|
rulePath: ./rules/php/php.security.insecure-cors-wildcard-with-credentials.rule.yaml
|
|
1508
2095
|
presets:
|
|
@@ -1518,6 +2105,36 @@ rules:
|
|
|
1518
2105
|
presets:
|
|
1519
2106
|
- strict
|
|
1520
2107
|
- security
|
|
2108
|
+
- id: php.security.debug-function-exposure
|
|
2109
|
+
rulePath: ./rules/php/php.security.debug-function-exposure.rule.yaml
|
|
2110
|
+
presets:
|
|
2111
|
+
- strict
|
|
2112
|
+
- security
|
|
2113
|
+
- id: php.security.insecure-session-id-generation
|
|
2114
|
+
rulePath: ./rules/php/php.security.insecure-session-id-generation.rule.yaml
|
|
2115
|
+
presets:
|
|
2116
|
+
- strict
|
|
2117
|
+
- security
|
|
2118
|
+
- id: php.security.no-dynamic-eval
|
|
2119
|
+
rulePath: ./rules/php/php.security.no-dynamic-eval.rule.yaml
|
|
2120
|
+
presets:
|
|
2121
|
+
- strict
|
|
2122
|
+
- security
|
|
2123
|
+
- id: php.security.unsafe-include-with-user-input
|
|
2124
|
+
rulePath: ./rules/php/php.security.unsafe-include-with-user-input.rule.yaml
|
|
2125
|
+
presets:
|
|
2126
|
+
- strict
|
|
2127
|
+
- security
|
|
2128
|
+
- id: php.security.weak-cipher
|
|
2129
|
+
rulePath: ./rules/php/php.security.weak-cipher.rule.yaml
|
|
2130
|
+
presets:
|
|
2131
|
+
- strict
|
|
2132
|
+
- security
|
|
2133
|
+
- id: php.security.xml-external-entity
|
|
2134
|
+
rulePath: ./rules/php/php.security.xml-external-entity.rule.yaml
|
|
2135
|
+
presets:
|
|
2136
|
+
- strict
|
|
2137
|
+
- security
|
|
1521
2138
|
- id: php.security.laravel-sensitive-csrf-exclusion
|
|
1522
2139
|
rulePath: ./rules/php/php.security.laravel-sensitive-csrf-exclusion.rule.yaml
|
|
1523
2140
|
presets:
|