@critiq/rules 0.2.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (907) hide show
  1. package/CHANGELOG.md +468 -0
  2. package/README.md +13 -232
  3. package/catalog-metadata.json +47 -0
  4. package/catalog.yaml +4459 -1008
  5. package/package.json +1 -1
  6. package/rules/cfn/cfn.correctness.attributedefinitions-keyschemas-mismatch.rule.yaml +49 -0
  7. package/rules/cfn/cfn.correctness.base64-validation-of-parameters.rule.yaml +49 -0
  8. package/rules/cfn/cfn.correctness.basic-cloudformation-resource-check.rule.yaml +49 -0
  9. package/rules/cfn/cfn.correctness.basic-cloudformation-template-configuration.rule.yaml +49 -0
  10. package/rules/cfn/cfn.correctness.cannot-reference-resources-in-the-conditions-block-of-the-template.rule.yaml +49 -0
  11. package/rules/cfn/cfn.correctness.check-at-least-one-essential-container-is-specified.rule.yaml +49 -0
  12. package/rules/cfn/cfn.correctness.check-deletionpolicy-values-for-resources.rule.yaml +49 -0
  13. package/rules/cfn/cfn.correctness.check-dependson-values-for-resources.rule.yaml +49 -0
  14. package/rules/cfn/cfn.correctness.check-ec2-ebs-properties.rule.yaml +49 -0
  15. package/rules/cfn/cfn.correctness.check-elastic-cache-redis-cluster-settings.rule.yaml +49 -0
  16. package/rules/cfn/cfn.correctness.check-events-rule-targets-are-less-than-or-equal-to-5.rule.yaml +49 -0
  17. package/rules/cfn/cfn.correctness.check-fargate-service-scheduling-strategy.rule.yaml +49 -0
  18. package/rules/cfn/cfn.correctness.check-fn-and-structure-for-validity.rule.yaml +49 -0
  19. package/rules/cfn/cfn.correctness.check-fn-equals-structure-for-validity.rule.yaml +49 -0
  20. package/rules/cfn/cfn.correctness.check-fn-if-structure-for-validity.rule.yaml +49 -0
  21. package/rules/cfn/cfn.correctness.check-fn-not-structure-for-validity.rule.yaml +49 -0
  22. package/rules/cfn/cfn.correctness.check-fn-or-structure-for-validity.rule.yaml +49 -0
  23. package/rules/cfn/cfn.correctness.check-for-subscriptionfilters-have-beyond-2-attachments-to-a-cloudwatch-log-group.rule.yaml +49 -0
  24. package/rules/cfn/cfn.correctness.check-if-a-json-object-is-within-size-limits.rule.yaml +49 -0
  25. package/rules/cfn/cfn.correctness.check-if-a-list-has-between-min-and-max-number-of-values-specified.rule.yaml +49 -0
  26. package/rules/cfn/cfn.correctness.check-if-a-list-has-duplicate-values.rule.yaml +49 -0
  27. package/rules/cfn/cfn.correctness.check-if-a-number-is-between-min-and-max.rule.yaml +49 -0
  28. package/rules/cfn/cfn.correctness.check-if-a-string-has-between-min-and-max-number-of-values-specified.rule.yaml +49 -0
  29. package/rules/cfn/cfn.correctness.check-if-eol-lambda-function-runtimes-are-used.rule.yaml +49 -0
  30. package/rules/cfn/cfn.correctness.check-if-properties-have-a-valid-value.rule.yaml +49 -0
  31. package/rules/cfn/cfn.correctness.check-if-property-values-adhere-to-a-specific-pattern.rule.yaml +49 -0
  32. package/rules/cfn/cfn.correctness.check-if-refing-to-a-iam-resource-with-path-set.rule.yaml +49 -0
  33. package/rules/cfn/cfn.correctness.check-if-refs-exist.rule.yaml +49 -0
  34. package/rules/cfn/cfn.correctness.check-if-serverless-resources-have-serverless-transform.rule.yaml +49 -0
  35. package/rules/cfn/cfn.correctness.check-if-the-referenced-conditions-are-defined.rule.yaml +49 -0
  36. package/rules/cfn/cfn.correctness.check-minimum-90-period-is-met-between-backupplan-cold-and-delete.rule.yaml +49 -0
  37. package/rules/cfn/cfn.correctness.check-properties-that-are-mutually-exclusive.rule.yaml +49 -0
  38. package/rules/cfn/cfn.correctness.check-properties-that-are-required-together.rule.yaml +49 -0
  39. package/rules/cfn/cfn.correctness.check-properties-that-need-at-least-one-of-a-list-of-properties.rule.yaml +49 -0
  40. package/rules/cfn/cfn.correctness.check-properties-that-need-only-one-of-a-list-of-properties.rule.yaml +49 -0
  41. package/rules/cfn/cfn.correctness.check-resource-properties-values.rule.yaml +49 -0
  42. package/rules/cfn/cfn.correctness.check-state-machine-definition-for-proper-syntax.rule.yaml +49 -0
  43. package/rules/cfn/cfn.correctness.check-that-modules-resources-are-valid.rule.yaml +49 -0
  44. package/rules/cfn/cfn.correctness.check-the-configuration-of-a-resources-updatepolicy.rule.yaml +49 -0
  45. package/rules/cfn/cfn.correctness.check-updatereplacepolicy-values-for-resources.rule.yaml +49 -0
  46. package/rules/cfn/cfn.correctness.check-values-of-properties-for-valid-refs-and-getatts.rule.yaml +49 -0
  47. package/rules/cfn/cfn.correctness.cidr-validation-of-parameters.rule.yaml +49 -0
  48. package/rules/cfn/cfn.correctness.cloudfront-aliases.rule.yaml +49 -0
  49. package/rules/cfn/cfn.correctness.codepipeline-stage-actions.rule.yaml +49 -0
  50. package/rules/cfn/cfn.correctness.codepipeline-stages.rule.yaml +49 -0
  51. package/rules/cfn/cfn.correctness.conditions-have-appropriate-properties.rule.yaml +49 -0
  52. package/rules/cfn/cfn.correctness.default-value-cannot-use-refs.rule.yaml +49 -0
  53. package/rules/cfn/cfn.correctness.default-value-is-within-parameter-constraints.rule.yaml +49 -0
  54. package/rules/cfn/cfn.correctness.error-processing-rule-on-the-template.rule.yaml +49 -0
  55. package/rules/cfn/cfn.correctness.findinmap-validation-of-configuration.rule.yaml +49 -0
  56. package/rules/cfn/cfn.correctness.getatt-validation-of-parameters.rule.yaml +49 -0
  57. package/rules/cfn/cfn.correctness.getaz-validation-of-parameters.rule.yaml +49 -0
  58. package/rules/cfn/cfn.correctness.importvalue-validation-of-parameters.rule.yaml +49 -0
  59. package/rules/cfn/cfn.correctness.join-validation-of-parameters.rule.yaml +49 -0
  60. package/rules/cfn/cfn.correctness.length-validation-of-parameters.rule.yaml +49 -0
  61. package/rules/cfn/cfn.correctness.mapping-attribute-limit-not-exceeded.rule.yaml +49 -0
  62. package/rules/cfn/cfn.correctness.mapping-keys-are-strings-and-alphanumeric.rule.yaml +49 -0
  63. package/rules/cfn/cfn.correctness.mapping-limit-not-exceeded.rule.yaml +49 -0
  64. package/rules/cfn/cfn.correctness.mapping-name-limit-not-exceeded.rule.yaml +49 -0
  65. package/rules/cfn/cfn.correctness.mappings-are-appropriately-configured.rule.yaml +49 -0
  66. package/rules/cfn/cfn.correctness.mappings-have-appropriate-names.rule.yaml +49 -0
  67. package/rules/cfn/cfn.correctness.metadata-interface-have-appropriate-properties.rule.yaml +49 -0
  68. package/rules/cfn/cfn.correctness.output-description-limit-not-exceeded.rule.yaml +49 -0
  69. package/rules/cfn/cfn.correctness.output-limit-not-exceeded.rule.yaml +49 -0
  70. package/rules/cfn/cfn.correctness.output-name-limit-not-exceeded.rule.yaml +49 -0
  71. package/rules/cfn/cfn.correctness.outputs-descriptions-can-only-be-strings.rule.yaml +49 -0
  72. package/rules/cfn/cfn.correctness.outputs-have-appropriate-names.rule.yaml +49 -0
  73. package/rules/cfn/cfn.correctness.outputs-have-appropriate-properties.rule.yaml +49 -0
  74. package/rules/cfn/cfn.correctness.outputs-have-required-properties.rule.yaml +49 -0
  75. package/rules/cfn/cfn.correctness.outputs-have-values-of-strings.rule.yaml +49 -0
  76. package/rules/cfn/cfn.correctness.parameter-limit-not-exceeded.rule.yaml +49 -0
  77. package/rules/cfn/cfn.correctness.parameter-name-limit-not-exceeded.rule.yaml +49 -0
  78. package/rules/cfn/cfn.correctness.parameter-value-limit-not-exceeded.rule.yaml +49 -0
  79. package/rules/cfn/cfn.correctness.parameters-have-appropriate-names.rule.yaml +49 -0
  80. package/rules/cfn/cfn.correctness.parameters-have-appropriate-properties.rule.yaml +49 -0
  81. package/rules/cfn/cfn.correctness.parameters-have-appropriate-type.rule.yaml +49 -0
  82. package/rules/cfn/cfn.correctness.property-is-required-based-on-another-properties-value.rule.yaml +49 -0
  83. package/rules/cfn/cfn.correctness.property-is-unwanted-based-on-another-properties-value.rule.yaml +49 -0
  84. package/rules/cfn/cfn.correctness.rds-instance-type-is-compatible-with-the-rds-type.rule.yaml +49 -0
  85. package/rules/cfn/cfn.correctness.recordset-hostedzonename-is-a-superdomain-of-name.rule.yaml +49 -0
  86. package/rules/cfn/cfn.correctness.ref-validation-of-value.rule.yaml +49 -0
  87. package/rules/cfn/cfn.correctness.required-resource-properties-are-missing.rule.yaml +49 -0
  88. package/rules/cfn/cfn.correctness.resource-dependencies-are-not-circular.rule.yaml +49 -0
  89. package/rules/cfn/cfn.correctness.resource-ec2-security-group-ingress-properties.rule.yaml +49 -0
  90. package/rules/cfn/cfn.correctness.resource-elb-properties.rule.yaml +49 -0
  91. package/rules/cfn/cfn.correctness.resource-limit-not-exceeded.rule.yaml +49 -0
  92. package/rules/cfn/cfn.correctness.resource-name-limit-not-exceeded.rule.yaml +49 -0
  93. package/rules/cfn/cfn.correctness.resource-properties-are-invalid.rule.yaml +49 -0
  94. package/rules/cfn/cfn.correctness.resource-schema.rule.yaml +49 -0
  95. package/rules/cfn/cfn.correctness.resource-subnetroutetableassociation-properties.rule.yaml +49 -0
  96. package/rules/cfn/cfn.correctness.resources-have-appropriate-names.rule.yaml +49 -0
  97. package/rules/cfn/cfn.correctness.select-validation-of-parameters.rule.yaml +49 -0
  98. package/rules/cfn/cfn.correctness.snapstart-supports-the-configured-runtime.rule.yaml +49 -0
  99. package/rules/cfn/cfn.correctness.split-validation-of-parameters.rule.yaml +49 -0
  100. package/rules/cfn/cfn.correctness.sub-is-required-if-a-variable-is-used-in-a-string.rule.yaml +49 -0
  101. package/rules/cfn/cfn.correctness.sub-validation-of-parameters.rule.yaml +49 -0
  102. package/rules/cfn/cfn.correctness.template-description-can-only-be-a-string.rule.yaml +49 -0
  103. package/rules/cfn/cfn.correctness.template-description-limit.rule.yaml +49 -0
  104. package/rules/cfn/cfn.correctness.template-size-limit.rule.yaml +49 -0
  105. package/rules/cfn/cfn.correctness.tojsonstring-validation-of-parameters.rule.yaml +49 -0
  106. package/rules/cfn/cfn.correctness.unique-resource-and-parameter-names.rule.yaml +49 -0
  107. package/rules/cfn/cfn.correctness.validate-accesscontrol-are-set-with-ownershipcontrols.rule.yaml +49 -0
  108. package/rules/cfn/cfn.correctness.validate-aws-event-scheduleexpression-format.rule.yaml +49 -0
  109. package/rules/cfn/cfn.correctness.validate-parameters-for-in-a-nested-stack.rule.yaml +49 -0
  110. package/rules/cfn/cfn.correctness.validate-route53-recordsets.rule.yaml +49 -0
  111. package/rules/cfn/cfn.correctness.validate-the-configuration-of-the-metadata-section.rule.yaml +49 -0
  112. package/rules/cfn/cfn.correctness.validates-foreach-functions.rule.yaml +49 -0
  113. package/rules/cfn/cfn.correctness.validation-not-function-configuration.rule.yaml +49 -0
  114. package/rules/cfn/cfn.correctness.validationdomain-is-superdomain-of-domainname.rule.yaml +49 -0
  115. package/rules/cfn/cfn.maintainability.arns-should-use-correctly-placed-pseudo-parameters.rule.yaml +49 -0
  116. package/rules/cfn/cfn.maintainability.availability-zone-parameters-should-not-be-hardcoded.rule.yaml +49 -0
  117. package/rules/cfn/cfn.maintainability.check-iam-resource-policies-syntax.rule.yaml +49 -0
  118. package/rules/cfn/cfn.maintainability.check-if-a-list-that-allows-duplicates-has-any-duplicates.rule.yaml +49 -0
  119. package/rules/cfn/cfn.maintainability.check-if-conditions-are-used.rule.yaml +49 -0
  120. package/rules/cfn/cfn.maintainability.check-if-eol-lambda-function-runtimes-are-used-w2531.rule.yaml +49 -0
  121. package/rules/cfn/cfn.maintainability.check-if-imageid-parameters-have-the-correct-type.rule.yaml +49 -0
  122. package/rules/cfn/cfn.maintainability.check-if-mappings-are-used.rule.yaml +49 -0
  123. package/rules/cfn/cfn.maintainability.check-if-parameters-are-used.rule.yaml +49 -0
  124. package/rules/cfn/cfn.maintainability.check-if-parameters-have-a-valid-value-based-on-an-allowed-pattern.rule.yaml +49 -0
  125. package/rules/cfn/cfn.maintainability.check-if-parameters-have-a-valid-value.rule.yaml +49 -0
  126. package/rules/cfn/cfn.maintainability.check-obsolete-dependson-configuration-for-resources.rule.yaml +49 -0
  127. package/rules/cfn/cfn.maintainability.check-outputs-using-importvalue.rule.yaml +49 -0
  128. package/rules/cfn/cfn.maintainability.check-required-properties-for-lambda-if-the-deployment-package-is-a-zip-file.rule.yaml +49 -0
  129. package/rules/cfn/cfn.maintainability.check-resources-with-auto-expiring-content-have-explicit-retention-period.rule.yaml +49 -0
  130. package/rules/cfn/cfn.maintainability.check-resources-with-updatereplacepolicy-deletionpolicy-have-both.rule.yaml +49 -0
  131. package/rules/cfn/cfn.maintainability.check-stateful-resources-have-a-set-updatereplacepolicy-deletionpolicy.rule.yaml +49 -0
  132. package/rules/cfn/cfn.maintainability.checks-for-legacy-instance-type-generations.rule.yaml +49 -0
  133. package/rules/cfn/cfn.maintainability.findinmap-keys-exist-in-the-map.rule.yaml +49 -0
  134. package/rules/cfn/cfn.maintainability.fn-equals-will-always-return-true-or-false.rule.yaml +49 -0
  135. package/rules/cfn/cfn.maintainability.mapping-attribute-limit.rule.yaml +49 -0
  136. package/rules/cfn/cfn.maintainability.mapping-limit.rule.yaml +49 -0
  137. package/rules/cfn/cfn.maintainability.mapping-name-limit.rule.yaml +49 -0
  138. package/rules/cfn/cfn.maintainability.metadata-interface-parameters-exist.rule.yaml +49 -0
  139. package/rules/cfn/cfn.maintainability.output-description-limit.rule.yaml +49 -0
  140. package/rules/cfn/cfn.maintainability.output-limit.rule.yaml +49 -0
  141. package/rules/cfn/cfn.maintainability.output-name-limit.rule.yaml +49 -0
  142. package/rules/cfn/cfn.maintainability.parameter-limit.rule.yaml +49 -0
  143. package/rules/cfn/cfn.maintainability.parameter-memory-size-attributes-should-have-max-and-min.rule.yaml +49 -0
  144. package/rules/cfn/cfn.maintainability.parameter-name-limit.rule.yaml +49 -0
  145. package/rules/cfn/cfn.maintainability.parameter-value-limit.rule.yaml +49 -0
  146. package/rules/cfn/cfn.maintainability.ref-getatt-to-resource-that-is-available-when-conditions-are-applied.rule.yaml +49 -0
  147. package/rules/cfn/cfn.maintainability.resource-limit.rule.yaml +49 -0
  148. package/rules/cfn/cfn.maintainability.resource-name-limit.rule.yaml +49 -0
  149. package/rules/cfn/cfn.maintainability.sub-isn-t-needed-if-it-doesn-t-have-a-variable-defined.rule.yaml +49 -0
  150. package/rules/cfn/cfn.maintainability.sub-validation-of-parameters-w1019.rule.yaml +49 -0
  151. package/rules/cfn/cfn.maintainability.template-description-limit-i1003.rule.yaml +49 -0
  152. package/rules/cfn/cfn.maintainability.template-size-limit-i1002.rule.yaml +49 -0
  153. package/rules/cfn/cfn.maintainability.use-sub-instead-of-join.rule.yaml +49 -0
  154. package/rules/cfn/cfn.maintainability.validate-that-snapstart-is-configured-for-java11-runtimes.rule.yaml +49 -0
  155. package/rules/cfn/cfn.maintainability.validate-that-snapstart-is-properly-configured.rule.yaml +49 -0
  156. package/rules/cfn/cfn.maintainability.warn-when-properties-are-configured-to-only-work-with-the-package-command.rule.yaml +49 -0
  157. package/rules/cfn/cfn.security.check-dynamic-references-secure-strings-are-in-supported-locations.rule.yaml +53 -0
  158. package/rules/cfn/cfn.security.check-for-noecho-references.rule.yaml +53 -0
  159. package/rules/cfn/cfn.security.check-iam-permission-configuration.rule.yaml +53 -0
  160. package/rules/cfn/cfn.security.check-if-iam-policies-are-properly-configured.rule.yaml +53 -0
  161. package/rules/cfn/cfn.security.check-if-password-properties-are-correctly-configured.rule.yaml +53 -0
  162. package/rules/cfn/cfn.security.controlling-access-to-an-s3-bucket-should-be-done-with-bucket-policies.rule.yaml +53 -0
  163. package/rules/go/go.bug-risk.compound-assignment-misuse.rule.yaml +53 -0
  164. package/rules/go/go.bug-risk.deprecated-redis-methods.rule.yaml +57 -0
  165. package/rules/go/go.bug-risk.etcd-getlogger-misuse.rule.yaml +59 -0
  166. package/rules/go/go.bug-risk.etcd-invalid-compare-operator.rule.yaml +53 -0
  167. package/rules/go/go.bug-risk.gin-loadhtmlglob-ill-formed.rule.yaml +53 -0
  168. package/rules/go/go.bug-risk.gorm-dry-run-enabled.rule.yaml +58 -0
  169. package/rules/go/go.bug-risk.gorm-skip-default-transaction.rule.yaml +57 -0
  170. package/rules/go/go.bug-risk.gorm-updates-zero-values.rule.yaml +55 -0
  171. package/rules/go/go.bug-risk.gorm-where-zero-values.rule.yaml +53 -0
  172. package/rules/go/go.bug-risk.poorly-formed-nilness-guards.rule.yaml +57 -0
  173. package/rules/go/go.bug-risk.redis-incorrect-arg-count.rule.yaml +54 -0
  174. package/rules/go/go.bug-risk.redis-unimplemented-method.rule.yaml +53 -0
  175. package/rules/go/go.bug-risk.reflect-makefunc-usage.rule.yaml +55 -0
  176. package/rules/go/go.correctness.bare-return.rule.yaml +52 -0
  177. package/rules/go/go.correctness.boolean-literal-in-expression.rule.yaml +52 -0
  178. package/rules/go/go.correctness.boolean-simplification.rule.yaml +49 -0
  179. package/rules/go/go.correctness.deferred-func-literal.rule.yaml +52 -0
  180. package/rules/go/go.correctness.duplicate-branch-body.rule.yaml +49 -0
  181. package/rules/go/go.correctness.duplicate-function-arguments.rule.yaml +49 -0
  182. package/rules/go/go.correctness.duplicate-if-else-condition.rule.yaml +54 -0
  183. package/rules/go/go.correctness.duplicate-switch-cases.rule.yaml +48 -0
  184. package/rules/go/go.correctness.flag-pointer-immediate-deref.rule.yaml +49 -0
  185. package/rules/go/go.correctness.hidden-goroutine.rule.yaml +55 -0
  186. package/rules/go/go.correctness.http-nobody-nil.rule.yaml +52 -0
  187. package/rules/go/go.correctness.identical-binary-operands.rule.yaml +48 -0
  188. package/rules/go/go.correctness.impossible-interface-nil-check.rule.yaml +56 -0
  189. package/rules/go/go.correctness.incomplete-nil-check.rule.yaml +49 -0
  190. package/rules/go/go.correctness.integer-truncation.rule.yaml +51 -0
  191. package/rules/go/go.correctness.interface-any-preferred.rule.yaml +50 -0
  192. package/rules/go/go.correctness.nil-error-returned.rule.yaml +49 -0
  193. package/rules/go/go.correctness.off-by-one-index.rule.yaml +48 -0
  194. package/rules/go/go.correctness.redundant-type-declaration.rule.yaml +51 -0
  195. package/rules/go/go.correctness.signedness-casting.rule.yaml +56 -0
  196. package/rules/go/go.correctness.string-concat-simplify.rule.yaml +52 -0
  197. package/rules/go/go.correctness.suspicious-regex-pattern.rule.yaml +49 -0
  198. package/rules/go/go.correctness.terminal-call-with-defer.rule.yaml +50 -0
  199. package/rules/go/go.correctness.unexported-capital-name.rule.yaml +52 -0
  200. package/rules/go/go.correctness.unnecessary-dereference.rule.yaml +53 -0
  201. package/rules/go/go.correctness.unnecessary-else-return.rule.yaml +52 -0
  202. package/rules/go/go.correctness.unreachable-switch-case.rule.yaml +50 -0
  203. package/rules/go/go.doc.malformed-deprecated-comment.rule.yaml +59 -0
  204. package/rules/go/go.performance.avoid-large-loop-copy.rule.yaml +38 -0
  205. package/rules/go/go.performance.avoid-large-param-copy.rule.yaml +38 -0
  206. package/rules/go/go.performance.avoid-large-range-copy.rule.yaml +37 -0
  207. package/rules/go/go.performance.avoid-string-index-alloc.rule.yaml +38 -0
  208. package/rules/go/go.performance.combine-append-calls.rule.yaml +38 -0
  209. package/rules/go/go.performance.fmt-fprint.rule.yaml +44 -0
  210. package/rules/go/go.performance.iowriter-write-string.rule.yaml +45 -0
  211. package/rules/go/go.performance.non-idiomatic-slice-zeroing.rule.yaml +44 -0
  212. package/rules/go/go.performance.reorder-operands.rule.yaml +44 -0
  213. package/rules/go/go.performance.utf8-decode-rune.rule.yaml +44 -0
  214. package/rules/go/go.security.decompression-bomb.rule.yaml +55 -0
  215. package/rules/go/go.security.http-dir-path-traversal.rule.yaml +55 -0
  216. package/rules/go/go.security.incomplete-hostname-regex.rule.yaml +64 -0
  217. package/rules/go/go.security.insecure-ssl-protocol.rule.yaml +2 -0
  218. package/rules/go/go.security.jwt-without-verification.rule.yaml +2 -0
  219. package/rules/go/go.security.net-http-missing-timeouts.rule.yaml +3 -0
  220. package/rules/go/go.security.pprof-exposed.rule.yaml +2 -0
  221. package/rules/go/go.security.squirrel-unsafe-quoting.rule.yaml +64 -0
  222. package/rules/go/go.security.tainted-value-sink.rule.yaml +59 -0
  223. package/rules/go/go.security.tls-missing-min-version.rule.yaml +2 -0
  224. package/rules/go/go.security.unsafe-defer-close.rule.yaml +55 -0
  225. package/rules/go/go.security.weak-crypto-import.rule.yaml +3 -0
  226. package/rules/go/go.security.weak-file-permission.rule.yaml +56 -0
  227. package/rules/java/java.correctness.annotation-check-always-false.rule.yaml +42 -0
  228. package/rules/java/java.correctness.array-compared-to-non-array.rule.yaml +45 -0
  229. package/rules/java/java.correctness.array-index-bounds.rule.yaml +42 -0
  230. package/rules/java/java.correctness.assert-self-comparison.rule.yaml +46 -0
  231. package/rules/java/java.correctness.assertion-in-production.rule.yaml +49 -0
  232. package/rules/java/java.correctness.bad-short-circuit-null-check.rule.yaml +45 -0
  233. package/rules/java/java.correctness.bitwise-or-never-equal.rule.yaml +42 -0
  234. package/rules/java/java.correctness.boxed-boolean-conditional.rule.yaml +42 -0
  235. package/rules/java/java.correctness.cacheloader-null-return.rule.yaml +42 -0
  236. package/rules/java/java.correctness.case-insensitive-regex-lacks-unicode.rule.yaml +46 -0
  237. package/rules/java/java.correctness.catch-null-pointer.rule.yaml +5 -1
  238. package/rules/java/java.correctness.class-isinstance-on-class.rule.yaml +42 -0
  239. package/rules/java/java.correctness.class-name-collision.rule.yaml +45 -0
  240. package/rules/java/java.correctness.clone-without-super.rule.yaml +45 -0
  241. package/rules/java/java.correctness.closeable-provides-injection.rule.yaml +43 -0
  242. package/rules/java/java.correctness.collection-adds-self.rule.yaml +42 -0
  243. package/rules/java/java.correctness.collection-contains-self.rule.yaml +42 -0
  244. package/rules/java/java.correctness.collection-remove-type-mismatch.rule.yaml +42 -0
  245. package/rules/java/java.correctness.comparator-downcast-sign-flip.rule.yaml +42 -0
  246. package/rules/java/java.correctness.compareto-min-value.rule.yaml +44 -0
  247. package/rules/java/java.correctness.constructor-starts-thread.rule.yaml +45 -0
  248. package/rules/java/java.correctness.default-package-spring-scan.rule.yaml +46 -0
  249. package/rules/java/java.correctness.deprecated-thread-methods.rule.yaml +42 -0
  250. package/rules/java/java.correctness.double-assignment.rule.yaml +42 -0
  251. package/rules/java/java.correctness.double-checked-locking.rule.yaml +42 -0
  252. package/rules/java/java.correctness.duplicate-binary-argument.rule.yaml +45 -0
  253. package/rules/java/java.correctness.duration-with-nanos-misuse.rule.yaml +42 -0
  254. package/rules/java/java.correctness.enum-equals-method.rule.yaml +45 -0
  255. package/rules/java/java.correctness.enum-get-class.rule.yaml +42 -0
  256. package/rules/java/java.correctness.equals-inherits-parent.rule.yaml +45 -0
  257. package/rules/java/java.correctness.equals-null-check.rule.yaml +45 -0
  258. package/rules/java/java.correctness.equals-null.rule.yaml +45 -0
  259. package/rules/java/java.correctness.equals-on-array.rule.yaml +4 -0
  260. package/rules/java/java.correctness.explicit-finalizer-invocation.rule.yaml +45 -0
  261. package/rules/java/java.correctness.for-loop-mismatched-increment.rule.yaml +45 -0
  262. package/rules/java/java.correctness.getter-setter-sync-mismatch.rule.yaml +42 -0
  263. package/rules/java/java.correctness.hashcode-on-array.rule.yaml +42 -0
  264. package/rules/java/java.correctness.hashtable-contains-value.rule.yaml +42 -0
  265. package/rules/java/java.correctness.hasnext-invokes-next.rule.yaml +45 -0
  266. package/rules/java/java.correctness.ignored-inputstream-read.rule.yaml +45 -0
  267. package/rules/java/java.correctness.ignored-inputstream-skip.rule.yaml +45 -0
  268. package/rules/java/java.correctness.illegal-monitor-state-caught.rule.yaml +45 -0
  269. package/rules/java/java.correctness.impossible-toarray-downcast.rule.yaml +45 -0
  270. package/rules/java/java.correctness.incorrect-main-signature.rule.yaml +42 -0
  271. package/rules/java/java.correctness.indexof-reversed-arguments.rule.yaml +42 -0
  272. package/rules/java/java.correctness.instant-unsupported-temporal-unit.rule.yaml +42 -0
  273. package/rules/java/java.correctness.invalid-regex-literal.rule.yaml +45 -0
  274. package/rules/java/java.correctness.invalid-serial-version-uid.rule.yaml +42 -0
  275. package/rules/java/java.correctness.invalid-time-constants.rule.yaml +42 -0
  276. package/rules/java/java.correctness.invalidated-iterator.rule.yaml +42 -0
  277. package/rules/java/java.correctness.iterable-iterator-returns-this.rule.yaml +44 -0
  278. package/rules/java/java.correctness.iterable-path-type.rule.yaml +42 -0
  279. package/rules/java/java.correctness.jump-in-finally.rule.yaml +44 -0
  280. package/rules/java/java.correctness.loop-condition-never-true.rule.yaml +42 -0
  281. package/rules/java/java.correctness.lost-increment-in-assignment.rule.yaml +45 -0
  282. package/rules/java/java.correctness.math-max-min-swapped.rule.yaml +45 -0
  283. package/rules/java/java.correctness.missing-enum-switch-elements.rule.yaml +43 -0
  284. package/rules/java/java.correctness.modulus-multiplication-precedence.rule.yaml +42 -0
  285. package/rules/java/java.correctness.mutable-data-exposed.rule.yaml +42 -0
  286. package/rules/java/java.correctness.mutable-enum-fields.rule.yaml +44 -0
  287. package/rules/java/java.correctness.nan-comparison.rule.yaml +42 -0
  288. package/rules/java/java.correctness.ncopies-argument-order.rule.yaml +42 -0
  289. package/rules/java/java.correctness.noallocation-method-creates-object.rule.yaml +45 -0
  290. package/rules/java/java.correctness.non-final-immutable-fields.rule.yaml +45 -0
  291. package/rules/java/java.correctness.non-null-method-returns-null.rule.yaml +43 -0
  292. package/rules/java/java.correctness.non-terminating-loop.rule.yaml +42 -0
  293. package/rules/java/java.correctness.oddness-check-fails-negative.rule.yaml +45 -0
  294. package/rules/java/java.correctness.optional-get-without-present-check.rule.yaml +44 -0
  295. package/rules/java/java.correctness.optional-null.rule.yaml +42 -0
  296. package/rules/java/java.correctness.overloaded-equals.rule.yaml +45 -0
  297. package/rules/java/java.correctness.parameter-reassignment.rule.yaml +46 -0
  298. package/rules/java/java.correctness.possible-null-access-exception.rule.yaml +42 -0
  299. package/rules/java/java.correctness.possible-null-access.rule.yaml +42 -0
  300. package/rules/java/java.correctness.prepared-statement-in-loop.rule.yaml +52 -0
  301. package/rules/java/java.correctness.prepared-statement-index-zero.rule.yaml +44 -0
  302. package/rules/java/java.correctness.random-coerced-to-zero.rule.yaml +44 -0
  303. package/rules/java/java.correctness.read-resolve-return-type.rule.yaml +42 -0
  304. package/rules/java/java.correctness.readline-without-null-check.rule.yaml +45 -0
  305. package/rules/java/java.correctness.result-set-index-zero.rule.yaml +44 -0
  306. package/rules/java/java.correctness.runfinalizers-on-exit.rule.yaml +45 -0
  307. package/rules/java/java.correctness.runnable-run-direct.rule.yaml +45 -0
  308. package/rules/java/java.correctness.self-assignment.rule.yaml +45 -0
  309. package/rules/java/java.correctness.serializable-superclass.rule.yaml +42 -0
  310. package/rules/java/java.correctness.serialization-method-signature.rule.yaml +42 -0
  311. package/rules/java/java.correctness.servlet-mutable-fields.rule.yaml +45 -0
  312. package/rules/java/java.correctness.shift-out-of-range.rule.yaml +44 -0
  313. package/rules/java/java.correctness.static-date-field.rule.yaml +42 -0
  314. package/rules/java/java.correctness.stream-reuse.rule.yaml +42 -0
  315. package/rules/java/java.correctness.string-format-arg-mismatch.rule.yaml +45 -0
  316. package/rules/java/java.correctness.stringbuilder-char-ctor.rule.yaml +42 -0
  317. package/rules/java/java.correctness.switch-statement-labels.rule.yaml +44 -0
  318. package/rules/java/java.correctness.sync-boxed-primitive.rule.yaml +45 -0
  319. package/rules/java/java.correctness.sync-on-get-class.rule.yaml +42 -0
  320. package/rules/java/java.correctness.sync-on-lock-primitive.rule.yaml +45 -0
  321. package/rules/java/java.correctness.sync-on-mutable-ref.rule.yaml +42 -0
  322. package/rules/java/java.correctness.sync-on-nullable-field.rule.yaml +42 -0
  323. package/rules/java/java.correctness.sync-on-public-field.rule.yaml +42 -0
  324. package/rules/java/java.correctness.sync-on-string-literal.rule.yaml +2 -0
  325. package/rules/java/java.correctness.system-exit.rule.yaml +43 -0
  326. package/rules/java/java.correctness.thread-sleep-with-lock.rule.yaml +45 -0
  327. package/rules/java/java.correctness.thread-static-misuse.rule.yaml +42 -0
  328. package/rules/java/java.correctness.threadgroup-deprecated-methods.rule.yaml +43 -0
  329. package/rules/java/java.correctness.throw-null.rule.yaml +42 -0
  330. package/rules/java/java.correctness.timezone-invalid-id.rule.yaml +42 -0
  331. package/rules/java/java.correctness.two-lock-wait.rule.yaml +45 -0
  332. package/rules/java/java.correctness.unconditional-recursion.rule.yaml +42 -0
  333. package/rules/java/java.correctness.unescaped-whitespace.rule.yaml +42 -0
  334. package/rules/java/java.correctness.unimplementable-interface.rule.yaml +42 -0
  335. package/rules/java/java.correctness.unsafe-collection-downcast.rule.yaml +42 -0
  336. package/rules/java/java.correctness.unsafe-getresource.rule.yaml +45 -0
  337. package/rules/java/java.correctness.unsupported-jdk-api.rule.yaml +46 -0
  338. package/rules/java/java.correctness.unsupported-method-call.rule.yaml +42 -0
  339. package/rules/java/java.correctness.unsync-static-lazy-init.rule.yaml +42 -0
  340. package/rules/java/java.correctness.unsynchronized-wait-notify.rule.yaml +45 -0
  341. package/rules/java/java.correctness.unterminated-assertion-chain.rule.yaml +39 -0
  342. package/rules/java/java.correctness.volatile-array-elements.rule.yaml +45 -0
  343. package/rules/java/java.correctness.volatile-increment-non-atomic.rule.yaml +45 -0
  344. package/rules/java/java.correctness.wait-notify-on-thread.rule.yaml +45 -0
  345. package/rules/java/java.correctness.wait-on-condition.rule.yaml +45 -0
  346. package/rules/java/java.correctness.week-year-in-date-pattern.rule.yaml +44 -0
  347. package/rules/java/java.correctness.zoneid-invalid-timezone.rule.yaml +42 -0
  348. package/rules/java/java.doc.empty-javadoc-tag.rule.yaml +41 -0
  349. package/rules/java/java.doc.malformed-javadoc-comment.rule.yaml +41 -0
  350. package/rules/java/java.doc.parameter-tag-no-description.rule.yaml +41 -0
  351. package/rules/java/java.doc.unmatched-parameter-tag.rule.yaml +41 -0
  352. package/rules/java/java.performance.boxed-boolean-constructor.rule.yaml +43 -0
  353. package/rules/java/java.performance.boxed-double-constructor.rule.yaml +43 -0
  354. package/rules/java/java.performance.boxed-integer-constructor.rule.yaml +43 -0
  355. package/rules/java/java.performance.empty-string-constructor.rule.yaml +44 -0
  356. package/rules/java/java.performance.expensive-method-on-ui-thread.rule.yaml +50 -0
  357. package/rules/java/java.performance.explicit-gc.rule.yaml +43 -0
  358. package/rules/java/java.performance.inefficient-string-constructor.rule.yaml +44 -0
  359. package/rules/java/java.performance.keyset-instead-of-entryset.rule.yaml +49 -0
  360. package/rules/java/java.performance.non-zero-to-array.rule.yaml +49 -0
  361. package/rules/java/java.performance.pattern-compile-in-loop.rule.yaml +49 -0
  362. package/rules/java/java.performance.removeall-to-clear.rule.yaml +49 -0
  363. package/rules/java/java.performance.replaceall-instead-of-replace.rule.yaml +49 -0
  364. package/rules/java/java.performance.single-char-string-indexof.rule.yaml +49 -0
  365. package/rules/java/java.performance.string-concat-in-loop.rule.yaml +49 -0
  366. package/rules/java/java.performance.string-to-string.rule.yaml +43 -0
  367. package/rules/java/java.performance.thread-as-runnable.rule.yaml +44 -0
  368. package/rules/java/java.performance.url-in-collection.rule.yaml +44 -0
  369. package/rules/java/java.quality.c-style-array-declaration.rule.yaml +41 -0
  370. package/rules/java/java.quality.multiple-variables-same-line.rule.yaml +41 -0
  371. package/rules/java/java.quality.type-name-uppercase.rule.yaml +41 -0
  372. package/rules/java/java.testing.setup-teardown-annotation.rule.yaml +36 -0
  373. package/rules/java/java.testing.setup-without-super.rule.yaml +43 -0
  374. package/rules/java/java.testing.teardown-without-super.rule.yaml +43 -0
  375. package/rules/java/java.testing.wrong-assertion-argument-order.rule.yaml +43 -0
  376. package/rules/php/php.correctness.abstract-method-outside-abstract-class.rule.yaml +39 -0
  377. package/rules/php/php.correctness.abstract-method-with-body.rule.yaml +38 -0
  378. package/rules/php/php.correctness.assign-to-non-lvalue.rule.yaml +38 -0
  379. package/rules/php/php.correctness.attribute-on-class-constant.rule.yaml +38 -0
  380. package/rules/php/php.correctness.attribute-on-closure.rule.yaml +38 -0
  381. package/rules/php/php.correctness.attribute-on-function.rule.yaml +38 -0
  382. package/rules/php/php.correctness.attribute-on-property.rule.yaml +40 -0
  383. package/rules/php/php.correctness.break-continue-outside-loop.rule.yaml +38 -0
  384. package/rules/php/php.correctness.case-insensitive-define.rule.yaml +38 -0
  385. package/rules/php/php.correctness.class-implements-non-interface.rule.yaml +38 -0
  386. package/rules/php/php.correctness.default-parameter-not-last.rule.yaml +38 -0
  387. package/rules/php/php.correctness.deprecated-filter-constant.rule.yaml +38 -0
  388. package/rules/php/php.correctness.deprecated-libxml-entity-loader.rule.yaml +38 -0
  389. package/rules/php/php.correctness.deprecated-unset-cast.rule.yaml +38 -0
  390. package/rules/php/php.correctness.duplicate-array-key.rule.yaml +2 -0
  391. package/rules/php/php.correctness.duplicate-declaration.rule.yaml +38 -0
  392. package/rules/php/php.correctness.duplicate-union-type.rule.yaml +38 -0
  393. package/rules/php/php.correctness.echo-invalid-value.rule.yaml +38 -0
  394. package/rules/php/php.correctness.empty-array-literal-slot.rule.yaml +38 -0
  395. package/rules/php/php.correctness.empty-bracket-array-access.rule.yaml +38 -0
  396. package/rules/php/php.correctness.empty-code-block.rule.yaml +38 -0
  397. package/rules/php/php.correctness.empty-function-body.rule.yaml +38 -0
  398. package/rules/php/php.correctness.error-suppression-operator.rule.yaml +2 -0
  399. package/rules/php/php.correctness.function-comparison.rule.yaml +38 -0
  400. package/rules/php/php.correctness.inaccessible-property.rule.yaml +49 -0
  401. package/rules/php/php.correctness.incomplete-arrow-function.rule.yaml +38 -0
  402. package/rules/php/php.correctness.inconsistent-printf-params.rule.yaml +50 -0
  403. package/rules/php/php.correctness.instanceof-invalid-type.rule.yaml +40 -0
  404. package/rules/php/php.correctness.instantiate-abstract-class.rule.yaml +38 -0
  405. package/rules/php/php.correctness.interface-extends-non-interface.rule.yaml +38 -0
  406. package/rules/php/php.correctness.interface-implements-keyword.rule.yaml +38 -0
  407. package/rules/php/php.correctness.invalid-arrow-function-typehint.rule.yaml +38 -0
  408. package/rules/php/php.correctness.invalid-attribute-class.rule.yaml +49 -0
  409. package/rules/php/php.correctness.invalid-closure-return-typehint.rule.yaml +38 -0
  410. package/rules/php/php.correctness.invalid-constructor-promotion.rule.yaml +38 -0
  411. package/rules/php/php.correctness.invalid-cookie-options.rule.yaml +38 -0
  412. package/rules/php/php.correctness.invalid-dynamic-constant-fetch.rule.yaml +38 -0
  413. package/rules/php/php.correctness.invalid-extends-target.rule.yaml +38 -0
  414. package/rules/php/php.correctness.invalid-increment-operand.rule.yaml +38 -0
  415. package/rules/php/php.correctness.invalid-isset-argument.rule.yaml +38 -0
  416. package/rules/php/php.correctness.invalid-regex-literal.rule.yaml +36 -0
  417. package/rules/php/php.correctness.invalid-return-typehint.rule.yaml +38 -0
  418. package/rules/php/php.correctness.invalid-static-method.rule.yaml +40 -0
  419. package/rules/php/php.correctness.invalid-string-interpolation-type.rule.yaml +38 -0
  420. package/rules/php/php.correctness.invalid-type-cast.rule.yaml +38 -0
  421. package/rules/php/php.correctness.invalid-use-keyword.rule.yaml +48 -0
  422. package/rules/php/php.correctness.missing-member-visibility.rule.yaml +38 -0
  423. package/rules/php/php.correctness.missing-return-statement.rule.yaml +38 -0
  424. package/rules/php/php.correctness.named-arg-before-positional.rule.yaml +38 -0
  425. package/rules/php/php.correctness.nested-function-declaration.rule.yaml +38 -0
  426. package/rules/php/php.correctness.nested-switch.rule.yaml +38 -0
  427. package/rules/php/php.correctness.nullable-mixed-type.rule.yaml +38 -0
  428. package/rules/php/php.correctness.nullsafe-returned-by-reference.rule.yaml +3 -0
  429. package/rules/php/php.correctness.print-invalid-value.rule.yaml +38 -0
  430. package/rules/php/php.correctness.psr-class-constant-naming.rule.yaml +38 -0
  431. package/rules/php/php.correctness.psr-method-camel-case.rule.yaml +38 -0
  432. package/rules/php/php.correctness.redundant-final-method.rule.yaml +38 -0
  433. package/rules/php/php.correctness.redundant-string-cast-concat.rule.yaml +38 -0
  434. package/rules/php/php.correctness.self-assignment.rule.yaml +38 -0
  435. package/rules/php/php.correctness.switch-multiple-default.rule.yaml +2 -0
  436. package/rules/php/php.correctness.throw-as-expression.rule.yaml +38 -0
  437. package/rules/php/php.correctness.throw-non-exception.rule.yaml +38 -0
  438. package/rules/php/php.correctness.todo-fixme-marker.rule.yaml +36 -0
  439. package/rules/php/php.correctness.trait-as-attribute.rule.yaml +38 -0
  440. package/rules/php/php.correctness.trait-class-constant.rule.yaml +38 -0
  441. package/rules/php/php.correctness.undefined-constant-reference.rule.yaml +38 -0
  442. package/rules/php/php.correctness.undefined-function.rule.yaml +40 -0
  443. package/rules/php/php.correctness.undefined-method.rule.yaml +40 -0
  444. package/rules/php/php.correctness.undefined-property.rule.yaml +51 -0
  445. package/rules/php/php.correctness.undefined-static-property.rule.yaml +41 -0
  446. package/rules/php/php.correctness.undefined-variable.rule.yaml +48 -0
  447. package/rules/php/php.correctness.uninitialized-typed-property.rule.yaml +38 -0
  448. package/rules/php/php.correctness.unknown-magic-method.rule.yaml +38 -0
  449. package/rules/php/php.correctness.unreachable-after-return.rule.yaml +2 -0
  450. package/rules/php/php.correctness.unused-closure-use-variable.rule.yaml +38 -0
  451. package/rules/php/php.correctness.unused-constructor-parameter.rule.yaml +38 -0
  452. package/rules/php/php.correctness.unused-import.rule.yaml +38 -0
  453. package/rules/php/php.correctness.useless-post-increment.rule.yaml +38 -0
  454. package/rules/php/php.correctness.useless-unset.rule.yaml +38 -0
  455. package/rules/php/php.correctness.void-match-arm.rule.yaml +38 -0
  456. package/rules/php/php.performance.expensive-loop-condition.rule.yaml +38 -0
  457. package/rules/php/php.security.debug-function-exposure.rule.yaml +2 -0
  458. package/rules/php/php.security.insecure-session-id-generation.rule.yaml +2 -0
  459. package/rules/php/php.security.insecure-session-or-cookie-config.rule.yaml +3 -0
  460. package/rules/php/php.security.no-dynamic-eval.rule.yaml +2 -0
  461. package/rules/php/php.security.unsafe-include-with-user-input.rule.yaml +2 -0
  462. package/rules/php/php.security.unsafe-new-static.rule.yaml +44 -0
  463. package/rules/php/php.security.weak-cipher.rule.yaml +2 -0
  464. package/rules/php/php.security.xml-external-entity.rule.yaml +2 -0
  465. package/rules/python/py.correctness.assert-outside-test.rule.yaml +49 -0
  466. package/rules/python/py.correctness.global-statement.rule.yaml +51 -0
  467. package/rules/python/py.correctness.redefined-builtin.rule.yaml +51 -0
  468. package/rules/python/py.correctness.super-with-arguments.rule.yaml +51 -0
  469. package/rules/python/py.correctness.unnecessary-comprehension.rule.yaml +51 -0
  470. package/rules/python/py.correctness.useless-return.rule.yaml +51 -0
  471. package/rules/python/py.security.command-execution-with-request-input.rule.yaml +56 -0
  472. package/rules/python/py.security.ftp-usage.rule.yaml +51 -0
  473. package/rules/python/py.security.hardcoded-credentials.rule.yaml +51 -0
  474. package/rules/python/py.security.hardcoded-temp-directory.rule.yaml +51 -0
  475. package/rules/python/py.security.insecure-cipher-mode.rule.yaml +51 -0
  476. package/rules/python/py.security.insecure-cipher.rule.yaml +51 -0
  477. package/rules/python/py.security.insecure-crypto-import.rule.yaml +51 -0
  478. package/rules/python/py.security.insecure-http-transport.rule.yaml +56 -0
  479. package/rules/python/py.security.insecure-ssl-version.rule.yaml +53 -0
  480. package/rules/python/py.security.insecure-urllib-method.rule.yaml +51 -0
  481. package/rules/python/py.security.insecure-xml-parser.rule.yaml +53 -0
  482. package/rules/python/py.security.mako-insecure-templates.rule.yaml +53 -0
  483. package/rules/python/py.security.path-traversal-user-input.rule.yaml +51 -0
  484. package/rules/python/py.security.request-path-file-read.rule.yaml +56 -0
  485. package/rules/python/py.security.sensitive-logging.rule.yaml +51 -0
  486. package/rules/python/py.security.sql-interpolation.rule.yaml +56 -0
  487. package/rules/python/py.security.ssh-host-key-validation.rule.yaml +53 -0
  488. package/rules/python/py.security.telnet-usage.rule.yaml +51 -0
  489. package/rules/python/py.security.tls-verification-disabled.rule.yaml +56 -0
  490. package/rules/python/py.security.unsafe-deserialization.rule.yaml +56 -0
  491. package/rules/python/py.security.weak-crypto-key.rule.yaml +51 -0
  492. package/rules/python/py.security.weak-hash-algorithm.rule.yaml +57 -0
  493. package/rules/python/py.security.wildcard-subprocess-injection.rule.yaml +53 -0
  494. package/rules/python/py.security.xmlrpc-import.rule.yaml +53 -0
  495. package/rules/ruby/ruby.bug-risk.action-mailer-base-subclass.rule.yaml +53 -0
  496. package/rules/ruby/ruby.bug-risk.active-job-base-subclass.rule.yaml +53 -0
  497. package/rules/ruby/ruby.bug-risk.active-record-alias.rule.yaml +53 -0
  498. package/rules/ruby/ruby.bug-risk.active-record-base-subclass.rule.yaml +53 -0
  499. package/rules/ruby/ruby.bug-risk.active-record-method-override.rule.yaml +55 -0
  500. package/rules/ruby/ruby.bug-risk.active-support-alias.rule.yaml +52 -0
  501. package/rules/ruby/ruby.bug-risk.all-each-to-find-each.rule.yaml +55 -0
  502. package/rules/ruby/ruby.bug-risk.allow-blank-with-delegate.rule.yaml +52 -0
  503. package/rules/ruby/ruby.bug-risk.alter-queries-combine.rule.yaml +54 -0
  504. package/rules/ruby/ruby.bug-risk.ambiguous-block-association.rule.yaml +49 -0
  505. package/rules/ruby/ruby.bug-risk.ambiguous-operator-argument.rule.yaml +48 -0
  506. package/rules/ruby/ruby.bug-risk.ambiguous-regexp-literal.rule.yaml +49 -0
  507. package/rules/ruby/ruby.bug-risk.argument-overwritten-before-use.rule.yaml +51 -0
  508. package/rules/ruby/ruby.bug-risk.assert-not-usage.rule.yaml +51 -0
  509. package/rules/ruby/ruby.bug-risk.assignment-in-condition.rule.yaml +42 -0
  510. package/rules/ruby/ruby.bug-risk.bad-date-usage.rule.yaml +55 -0
  511. package/rules/ruby/ruby.bug-risk.bad-magic-comment-order.rule.yaml +50 -0
  512. package/rules/ruby/ruby.bug-risk.bad-operand-order.rule.yaml +46 -0
  513. package/rules/ruby/ruby.bug-risk.bad-rescue-ordering.rule.yaml +50 -0
  514. package/rules/ruby/ruby.bug-risk.branches-without-body.rule.yaml +49 -0
  515. package/rules/ruby/ruby.bug-risk.callback-order.rule.yaml +52 -0
  516. package/rules/ruby/ruby.bug-risk.callback-override.rule.yaml +53 -0
  517. package/rules/ruby/ruby.bug-risk.circular-argument-reference.rule.yaml +44 -0
  518. package/rules/ruby/ruby.bug-risk.class-name-should-be-string.rule.yaml +52 -0
  519. package/rules/ruby/ruby.bug-risk.console-output-instead-of-logger.rule.yaml +53 -0
  520. package/rules/ruby/ruby.bug-risk.constant-in-block.rule.yaml +52 -0
  521. package/rules/ruby/ruby.bug-risk.controller-base-subclass.rule.yaml +54 -0
  522. package/rules/ruby/ruby.bug-risk.dependent-option-cascade.rule.yaml +53 -0
  523. package/rules/ruby/ruby.bug-risk.deprecated-belongs-to-required.rule.yaml +54 -0
  524. package/rules/ruby/ruby.bug-risk.deprecated-big-decimal-new.rule.yaml +44 -0
  525. package/rules/ruby/ruby.bug-risk.deprecated-class-methods.rule.yaml +45 -0
  526. package/rules/ruby/ruby.bug-risk.deprecated-filter-methods.rule.yaml +54 -0
  527. package/rules/ruby/ruby.bug-risk.deprecated-find-by-dynamic.rule.yaml +55 -0
  528. package/rules/ruby/ruby.bug-risk.deprecated-http-status-symbols.rule.yaml +52 -0
  529. package/rules/ruby/ruby.bug-risk.deprecated-openssl-api.rule.yaml +42 -0
  530. package/rules/ruby/ruby.bug-risk.deprecated-uri-escape.rule.yaml +42 -0
  531. package/rules/ruby/ruby.bug-risk.deprecated-uri-regexp.rule.yaml +42 -0
  532. package/rules/ruby/ruby.bug-risk.disjunctive-assignment-in-constructor.rule.yaml +46 -0
  533. package/rules/ruby/ruby.bug-risk.division-by-zero.rule.yaml +42 -0
  534. package/rules/ruby/ruby.bug-risk.duplicate-case-conditions.rule.yaml +49 -0
  535. package/rules/ruby/ruby.bug-risk.duplicate-constant-assignment.rule.yaml +47 -0
  536. package/rules/ruby/ruby.bug-risk.duplicate-elsif-block.rule.yaml +51 -0
  537. package/rules/ruby/ruby.bug-risk.duplicate-hash-keys.rule.yaml +42 -0
  538. package/rules/ruby/ruby.bug-risk.duplicate-method-definitions.rule.yaml +49 -0
  539. package/rules/ruby/ruby.bug-risk.each-with-object-immutable-arg.rule.yaml +51 -0
  540. package/rules/ruby/ruby.bug-risk.else-followed-by-expression.rule.yaml +50 -0
  541. package/rules/ruby/ruby.bug-risk.else-without-rescue.rule.yaml +51 -0
  542. package/rules/ruby/ruby.bug-risk.empty-ensure-block.rule.yaml +49 -0
  543. package/rules/ruby/ruby.bug-risk.empty-expression.rule.yaml +48 -0
  544. package/rules/ruby/ruby.bug-risk.empty-interpolation.rule.yaml +49 -0
  545. package/rules/ruby/ruby.bug-risk.end-in-method.rule.yaml +49 -0
  546. package/rules/ruby/ruby.bug-risk.enum-array-syntax.rule.yaml +54 -0
  547. package/rules/ruby/ruby.bug-risk.enum-duplicate-values.rule.yaml +53 -0
  548. package/rules/ruby/ruby.bug-risk.equal-instead-of-equal.rule.yaml +50 -0
  549. package/rules/ruby/ruby.bug-risk.error-inherits-exception.rule.yaml +42 -0
  550. package/rules/ruby/ruby.bug-risk.exception-class-overwritten.rule.yaml +42 -0
  551. package/rules/ruby/ruby.bug-risk.exit-in-app-code.rule.yaml +53 -0
  552. package/rules/ruby/ruby.bug-risk.flip-flop-operator.rule.yaml +49 -0
  553. package/rules/ruby/ruby.bug-risk.git-in-gemspec.rule.yaml +48 -0
  554. package/rules/ruby/ruby.bug-risk.grouped-parentheses-in-call.rule.yaml +51 -0
  555. package/rules/ruby/ruby.bug-risk.has-and-belongs-to-many.rule.yaml +52 -0
  556. package/rules/ruby/ruby.bug-risk.helper-instance-variables.rule.yaml +52 -0
  557. package/rules/ruby/ruby.bug-risk.heredoc-method-order.rule.yaml +51 -0
  558. package/rules/ruby/ruby.bug-risk.http-methods-without-params.rule.yaml +54 -0
  559. package/rules/ruby/ruby.bug-risk.identical-binary-operands.rule.yaml +53 -0
  560. package/rules/ruby/ruby.bug-risk.ignored-column-accessed.rule.yaml +50 -0
  561. package/rules/ruby/ruby.bug-risk.inconsistent-request-referrer.rule.yaml +50 -0
  562. package/rules/ruby/ruby.bug-risk.inconsistent-safe-navigation-try.rule.yaml +51 -0
  563. package/rules/ruby/ruby.bug-risk.inconsistent-safe-navigation.rule.yaml +51 -0
  564. package/rules/ruby/ruby.bug-risk.incorrect-pluralization.rule.yaml +51 -0
  565. package/rules/ruby/ruby.bug-risk.ineffective-access-modifier.rule.yaml +50 -0
  566. package/rules/ruby/ruby.bug-risk.interpolation-in-single-quote.rule.yaml +50 -0
  567. package/rules/ruby/ruby.bug-risk.invalid-integer-times.rule.yaml +52 -0
  568. package/rules/ruby/ruby.bug-risk.invalid-percent-string-literal.rule.yaml +51 -0
  569. package/rules/ruby/ruby.bug-risk.invalid-percent-symbol-array.rule.yaml +51 -0
  570. package/rules/ruby/ruby.bug-risk.invalid-rails-env-predicate.rule.yaml +51 -0
  571. package/rules/ruby/ruby.bug-risk.invalid-rescue-type.rule.yaml +51 -0
  572. package/rules/ruby/ruby.bug-risk.io-select-single-arg.rule.yaml +48 -0
  573. package/rules/ruby/ruby.bug-risk.irreversible-migration.rule.yaml +57 -0
  574. package/rules/ruby/ruby.bug-risk.missing-inverse-of.rule.yaml +53 -0
  575. package/rules/ruby/ruby.bug-risk.mixed-regex-captures.rule.yaml +51 -0
  576. package/rules/ruby/ruby.bug-risk.multiple-rescues-for-same-exception.rule.yaml +49 -0
  577. package/rules/ruby/ruby.bug-risk.non-local-exit-from-iterator.rule.yaml +51 -0
  578. package/rules/ruby/ruby.bug-risk.non-null-column-without-default.rule.yaml +51 -0
  579. package/rules/ruby/ruby.bug-risk.non-preferred-assert-falseness.rule.yaml +50 -0
  580. package/rules/ruby/ruby.bug-risk.old-style-validation-macro.rule.yaml +49 -0
  581. package/rules/ruby/ruby.bug-risk.outer-variable-shadowed.rule.yaml +47 -0
  582. package/rules/ruby/ruby.bug-risk.plain-method-instead-of-proc.rule.yaml +48 -0
  583. package/rules/ruby/ruby.bug-risk.predicate-method-without-parentheses.rule.yaml +51 -0
  584. package/rules/ruby/ruby.bug-risk.rails-env-equality.rule.yaml +53 -0
  585. package/rules/ruby/ruby.bug-risk.rails-root-join.rule.yaml +53 -0
  586. package/rules/ruby/ruby.bug-risk.rake-task-missing-environment.rule.yaml +46 -0
  587. package/rules/ruby/ruby.bug-risk.raw-sql-without-squish.rule.yaml +42 -0
  588. package/rules/ruby/ruby.bug-risk.redundant-allow-nil.rule.yaml +52 -0
  589. package/rules/ruby/ruby.bug-risk.redundant-foreign-key.rule.yaml +50 -0
  590. package/rules/ruby/ruby.bug-risk.redundant-with-options-receiver.rule.yaml +52 -0
  591. package/rules/ruby/ruby.bug-risk.regex-literal-in-condition.rule.yaml +51 -0
  592. package/rules/ruby/ruby.bug-risk.relative-date-as-constant.rule.yaml +51 -0
  593. package/rules/ruby/ruby.bug-risk.renamed-column-accessed.rule.yaml +50 -0
  594. package/rules/ruby/ruby.bug-risk.rescue-exception.rule.yaml +42 -0
  595. package/rules/ruby/ruby.bug-risk.return-in-ensure.rule.yaml +49 -0
  596. package/rules/ruby/ruby.bug-risk.routes-match-single-verb.rule.yaml +51 -0
  597. package/rules/ruby/ruby.bug-risk.safe-navigation-with-blank.rule.yaml +50 -0
  598. package/rules/ruby/ruby.bug-risk.safe-navigation-with-empty.rule.yaml +52 -0
  599. package/rules/ruby/ruby.bug-risk.self-assignment.rule.yaml +52 -0
  600. package/rules/ruby/ruby.bug-risk.skip-filter-conditional.rule.yaml +55 -0
  601. package/rules/ruby/ruby.bug-risk.suppressed-exceptions.rule.yaml +49 -0
  602. package/rules/ruby/ruby.bug-risk.symbol-boolean-name.rule.yaml +44 -0
  603. package/rules/ruby/ruby.bug-risk.table-without-timestamps.rule.yaml +53 -0
  604. package/rules/ruby/ruby.bug-risk.time-without-zone.rule.yaml +51 -0
  605. package/rules/ruby/ruby.bug-risk.to-json-without-argument.rule.yaml +51 -0
  606. package/rules/ruby/ruby.bug-risk.trailing-comma-attribute.rule.yaml +50 -0
  607. package/rules/ruby/ruby.bug-risk.undefined-action-filter.rule.yaml +53 -0
  608. package/rules/ruby/ruby.bug-risk.unintended-string-concatenation.rule.yaml +51 -0
  609. package/rules/ruby/ruby.bug-risk.unnecessary-require.rule.yaml +51 -0
  610. package/rules/ruby/ruby.bug-risk.unnecessary-splat.rule.yaml +50 -0
  611. package/rules/ruby/ruby.bug-risk.unqualified-constant.rule.yaml +51 -0
  612. package/rules/ruby/ruby.bug-risk.unreachable-code.rule.yaml +49 -0
  613. package/rules/ruby/ruby.bug-risk.unreachable-loop.rule.yaml +51 -0
  614. package/rules/ruby/ruby.bug-risk.unsafe-number-conversion.rule.yaml +51 -0
  615. package/rules/ruby/ruby.bug-risk.unsafe-safe-navigation-chain.rule.yaml +50 -0
  616. package/rules/ruby/ruby.bug-risk.unused-method-arguments.rule.yaml +51 -0
  617. package/rules/ruby/ruby.bug-risk.use-blank-simplify.rule.yaml +49 -0
  618. package/rules/ruby/ruby.bug-risk.use-delegate.rule.yaml +50 -0
  619. package/rules/ruby/ruby.bug-risk.use-presence-over-explicit-check.rule.yaml +49 -0
  620. package/rules/ruby/ruby.bug-risk.use-present-to-simplify-conditional.rule.yaml +48 -0
  621. package/rules/ruby/ruby.bug-risk.use-square-brackets-for-attributes.rule.yaml +50 -0
  622. package/rules/ruby/ruby.bug-risk.useless-access-modifier.rule.yaml +49 -0
  623. package/rules/ruby/ruby.bug-risk.useless-comparison.rule.yaml +50 -0
  624. package/rules/ruby/ruby.bug-risk.useless-setter-call.rule.yaml +49 -0
  625. package/rules/ruby/ruby.bug-risk.when-branch-without-body.rule.yaml +49 -0
  626. package/rules/ruby/ruby.bug-risk.where-first-over-find-by.rule.yaml +54 -0
  627. package/rules/ruby/ruby.bug-risk.with-index-value-unused.rule.yaml +50 -0
  628. package/rules/ruby/ruby.bug-risk.with-object-value-unused.rule.yaml +50 -0
  629. package/rules/ruby/ruby.performance.efficient-hash-search.rule.yaml +42 -0
  630. package/rules/ruby/ruby.performance.enumerable-index-by.rule.yaml +51 -0
  631. package/rules/ruby/ruby.performance.enumerable-index-with.rule.yaml +52 -0
  632. package/rules/ruby/ruby.performance.merge-single-key.rule.yaml +42 -0
  633. package/rules/ruby/ruby.performance.no-static-size-computation.rule.yaml +43 -0
  634. package/rules/ruby/ruby.performance.prefer-delete-prefix.rule.yaml +53 -0
  635. package/rules/ruby/ruby.performance.prefer-delete-suffix.rule.yaml +53 -0
  636. package/rules/ruby/ruby.performance.prefer-flat-map.rule.yaml +41 -0
  637. package/rules/ruby/ruby.performance.prefer-struct-over-openstruct.rule.yaml +42 -0
  638. package/rules/ruby/ruby.performance.range-cover-over-include.rule.yaml +43 -0
  639. package/rules/ruby/ruby.performance.regex-match-over-match.rule.yaml +42 -0
  640. package/rules/ruby/ruby.performance.yield-over-block-call.rule.yaml +41 -0
  641. package/rules/ruby/ruby.security.debugger-call.rule.yaml +53 -0
  642. package/rules/ruby/ruby.security.dynamic-code-execution.rule.yaml +54 -0
  643. package/rules/ruby/ruby.security.insecure-json-load.rule.yaml +53 -0
  644. package/rules/ruby/ruby.security.io-shell-command.rule.yaml +50 -0
  645. package/rules/ruby/ruby.security.kernel-open.rule.yaml +53 -0
  646. package/rules/ruby/ruby.security.plaintext-password-in-callback.rule.yaml +46 -0
  647. package/rules/ruby/ruby.security.rails-http-digest-auth.rule.yaml +51 -0
  648. package/rules/ruby/ruby.security.rails-link-to-blank-without-noopener.rule.yaml +48 -0
  649. package/rules/ruby/ruby.security.rails-output-unsafe.rule.yaml +47 -0
  650. package/rules/ruby/ruby.security.rails-render-inline.rule.yaml +55 -0
  651. package/rules/ruby/ruby.security.rails-skip-validation.rule.yaml +51 -0
  652. package/rules/rust/rust.correctness.empty-range-expression.rule.yaml +49 -0
  653. package/rules/rust/rust.correctness.erasing-operation.rule.yaml +49 -0
  654. package/rules/rust/rust.correctness.forget-drop-on-copy-type.rule.yaml +50 -0
  655. package/rules/rust/rust.correctness.forget-drop-on-non-drop-type.rule.yaml +50 -0
  656. package/rules/rust/rust.correctness.forget-drop-on-reference.rule.yaml +49 -0
  657. package/rules/rust/rust.correctness.hash-unit-value.rule.yaml +49 -0
  658. package/rules/rust/rust.correctness.identical-binary-operands.rule.yaml +49 -0
  659. package/rules/rust/rust.correctness.ignored-future-value.rule.yaml +53 -0
  660. package/rules/rust/rust.correctness.invalid-regex-literal.rule.yaml +49 -0
  661. package/rules/rust/rust.correctness.iter-next-in-for-loop.rule.yaml +49 -0
  662. package/rules/rust/rust.correctness.mistyped-suffix.rule.yaml +50 -0
  663. package/rules/rust/rust.correctness.nan-comparison.rule.yaml +49 -0
  664. package/rules/rust/rust.correctness.non-binding-let-on-lock.rule.yaml +50 -0
  665. package/rules/rust/rust.correctness.non-octal-permissions.rule.yaml +60 -0
  666. package/rules/rust/rust.correctness.print-in-display-impl.rule.yaml +48 -0
  667. package/rules/rust/rust.correctness.self-not-self-type.rule.yaml +49 -0
  668. package/rules/rust/rust.correctness.step-by-zero.rule.yaml +48 -0
  669. package/rules/rust/rust.correctness.syntax-error.rule.yaml +49 -0
  670. package/rules/rust/rust.correctness.transmute-float-char-to-ref-or-ptr.rule.yaml +48 -0
  671. package/rules/rust/rust.correctness.transmute-int-lit-to-raw-ptr.rule.yaml +48 -0
  672. package/rules/rust/rust.correctness.transmute-int-to-fn-ptr.rule.yaml +48 -0
  673. package/rules/rust/rust.correctness.transmute-integer-to-bool.rule.yaml +49 -0
  674. package/rules/rust/rust.correctness.transmute-integer-to-char.rule.yaml +48 -0
  675. package/rules/rust/rust.correctness.transmute-integer-to-nonzero.rule.yaml +48 -0
  676. package/rules/rust/rust.correctness.transmute-number-to-slice-or-array.rule.yaml +48 -0
  677. package/rules/rust/rust.correctness.transmute-ptr-to-ptr.rule.yaml +49 -0
  678. package/rules/rust/rust.correctness.transmute-ptr-to-ref.rule.yaml +49 -0
  679. package/rules/rust/rust.correctness.transmute-ref-to-ptr.rule.yaml +49 -0
  680. package/rules/rust/rust.correctness.transmute-t-to-ptr-ref.rule.yaml +49 -0
  681. package/rules/rust/rust.correctness.transmute-tuple-to-slice-or-array.rule.yaml +48 -0
  682. package/rules/rust/rust.correctness.unhandled-io-result.rule.yaml +49 -0
  683. package/rules/rust/rust.correctness.unit-argument.rule.yaml +50 -0
  684. package/rules/rust/rust.correctness.unit-comparison.rule.yaml +49 -0
  685. package/rules/rust/rust.performance.single-char-string-literal-pattern.rule.yaml +51 -0
  686. package/rules/rust/rust.quality.approximate-floating-constant.rule.yaml +51 -0
  687. package/rules/rust/rust.quality.builtin-type-shadow.rule.yaml +49 -0
  688. package/rules/rust/rust.quality.clone-on-double-reference.rule.yaml +50 -0
  689. package/rules/rust/rust.quality.crate-in-macro-definition.rule.yaml +50 -0
  690. package/rules/rust/rust.quality.deprecated-function-use.rule.yaml +52 -0
  691. package/rules/rust/rust.quality.env-string-literal.rule.yaml +50 -0
  692. package/rules/rust/rust.quality.explicit-self-assignment.rule.yaml +49 -0
  693. package/rules/rust/rust.quality.fn-ptr-null-comparison.rule.yaml +49 -0
  694. package/rules/rust/rust.quality.fn-ptr-to-non-pointer-cast.rule.yaml +50 -0
  695. package/rules/rust/rust.quality.inaccurate-duration-calculation.rule.yaml +50 -0
  696. package/rules/rust/rust.quality.isize-usize-overflow.rule.yaml +50 -0
  697. package/rules/rust/rust.quality.iter-count-instead-of-len.rule.yaml +49 -0
  698. package/rules/rust/rust.quality.iter-nth-instead-of-get.rule.yaml +50 -0
  699. package/rules/rust/rust.quality.map-followed-by-count.rule.yaml +50 -0
  700. package/rules/rust/rust.quality.non-owned-rc-pointer-into-vec.rule.yaml +50 -0
  701. package/rules/rust/rust.quality.non-utf8-literal-in-from-utf8-unchecked.rule.yaml +54 -0
  702. package/rules/rust/rust.quality.option-env-unwrap.rule.yaml +50 -0
  703. package/rules/rust/rust.quality.ordered-iteration-on-unordered.rule.yaml +52 -0
  704. package/rules/rust/rust.quality.possible-missing-comma-in-array.rule.yaml +49 -0
  705. package/rules/rust/rust.quality.potentially-incomplete-ascii-range.rule.yaml +49 -0
  706. package/rules/rust/rust.quality.redundant-mem-replace-with-default.rule.yaml +48 -0
  707. package/rules/rust/rust.quality.redundant-mem-replace-with-none.rule.yaml +48 -0
  708. package/rules/rust/rust.quality.redundant-mem-replace-with-zero.rule.yaml +48 -0
  709. package/rules/rust/rust.quality.replace-same-pattern-and-replacement.rule.yaml +49 -0
  710. package/rules/rust/rust.quality.size-of-val-on-reference.rule.yaml +49 -0
  711. package/rules/rust/rust.quality.unused-enumerate-or-zip-items.rule.yaml +50 -0
  712. package/rules/rust/rust.security.actix-namedfile-path-traversal.rule.yaml +61 -0
  713. package/rules/rust/rust.security.bind-all-interfaces.rule.yaml +2 -0
  714. package/rules/rust/rust.security.const-to-mut-ptr.rule.yaml +61 -0
  715. package/rules/rust/rust.security.differently-sized-slice-conversion.rule.yaml +61 -0
  716. package/rules/rust/rust.security.global-write-permission.rule.yaml +61 -0
  717. package/rules/rust/rust.security.insecure-temp-file.rule.yaml +2 -0
  718. package/rules/rust/rust.security.invisible-unicode.rule.yaml +60 -0
  719. package/rules/rust/rust.security.manual-error-type-id.rule.yaml +59 -0
  720. package/rules/rust/rust.security.missing-regex-anchor.rule.yaml +61 -0
  721. package/rules/rust/rust.security.misused-bitwise-xor.rule.yaml +54 -0
  722. package/rules/rust/rust.security.open-redirect.rule.yaml +64 -0
  723. package/rules/rust/rust.security.potentially-vulnerable-regex.rule.yaml +61 -0
  724. package/rules/rust/rust.security.raw-slice-to-ptr.rule.yaml +60 -0
  725. package/rules/rust/rust.security.unsafe-remove-dir-all.rule.yaml +62 -0
  726. package/rules/rust/rust.security.weak-crypto-import.rule.yaml +2 -0
  727. package/rules/rust/rust.security.weak-rsa-key-size.rule.yaml +2 -0
  728. package/rules/rust/rust.testing.ignore-without-ticket-reference.rule.yaml +13 -7
  729. package/rules/rust/rust.testing.thread-sleep-in-unit-test.rule.yaml +6 -6
  730. package/rules/shared/security.no-command-execution-with-request-input.rule.yaml +3 -0
  731. package/rules/shared/security.no-sensitive-data-in-logs-and-telemetry.rule.yaml +2 -0
  732. package/rules/shared/security.no-sql-interpolation.rule.yaml +2 -0
  733. package/rules/shared/security.permissive-file-permissions.rule.yaml +2 -0
  734. package/rules/shared/security.weak-hash-algorithm.rule.yaml +2 -0
  735. package/rules/sql/sql.correctness.undefined-reference.rule.yaml +37 -0
  736. package/rules/sql/sql.style.ambiguous-distinct.rule.yaml +37 -0
  737. package/rules/sql/sql.style.column-expression-without-alias.rule.yaml +37 -0
  738. package/rules/sql/sql.style.distinct-with-parenthesis.rule.yaml +37 -0
  739. package/rules/sql/sql.style.duplicate-table-aliases.rule.yaml +37 -0
  740. package/rules/sql/sql.style.implicit-column-alias.rule.yaml +37 -0
  741. package/rules/sql/sql.style.implicit-table-alias.rule.yaml +37 -0
  742. package/rules/sql/sql.style.inconsistent-capitalization.rule.yaml +37 -0
  743. package/rules/sql/sql.style.inconsistent-keyword-case.rule.yaml +37 -0
  744. package/rules/sql/sql.style.keyword-as-identifier.rule.yaml +37 -0
  745. package/rules/sql/sql.style.trailing-select-comma.rule.yaml +37 -0
  746. package/rules/sql/sql.style.unqualified-references.rule.yaml +37 -0
  747. package/rules/sql/sql.style.unused-table-alias.rule.yaml +37 -0
  748. package/rules/typescript/ts.angularjs.inject-function-assignments-only.rule.yaml +36 -0
  749. package/rules/typescript/ts.angularjs.no-controller.rule.yaml +36 -0
  750. package/rules/typescript/ts.angularjs.no-deprecated-cookie-store.rule.yaml +36 -0
  751. package/rules/typescript/ts.angularjs.no-deprecated-directive-replace.rule.yaml +36 -0
  752. package/rules/typescript/ts.angularjs.no-deprecated-http-success-error.rule.yaml +36 -0
  753. package/rules/typescript/ts.angularjs.no-jquery-wrapping-angular-element.rule.yaml +36 -0
  754. package/rules/typescript/ts.angularjs.prefer-angular-for-each.rule.yaml +36 -0
  755. package/rules/typescript/ts.angularjs.prefer-angular-is-string.rule.yaml +36 -0
  756. package/rules/typescript/ts.correctness.array-callback-missing-return.rule.yaml +2 -0
  757. package/rules/typescript/ts.correctness.array-sort-without-compare.rule.yaml +5 -3
  758. package/rules/typescript/ts.correctness.assignment-in-condition.rule.yaml +4 -2
  759. package/rules/typescript/ts.correctness.assignment-to-exports.rule.yaml +38 -0
  760. package/rules/typescript/ts.correctness.assignment-to-import-binding.rule.yaml +2 -0
  761. package/rules/typescript/ts.correctness.async-promise-executor.rule.yaml +2 -0
  762. package/rules/typescript/ts.correctness.blocking-call-in-async-flow.rule.yaml +14 -3
  763. package/rules/typescript/ts.correctness.callback-missing-error-handling.rule.yaml +38 -0
  764. package/rules/typescript/ts.correctness.callback-not-error-first.rule.yaml +38 -0
  765. package/rules/typescript/ts.correctness.compound-assignment-with-await.rule.yaml +37 -0
  766. package/rules/typescript/ts.correctness.confusing-multiline-expression.rule.yaml +37 -0
  767. package/rules/typescript/ts.correctness.constructor-return-value.rule.yaml +37 -0
  768. package/rules/typescript/ts.correctness.control-flow-in-finally.rule.yaml +2 -0
  769. package/rules/typescript/ts.correctness.declaration-in-nested-block.rule.yaml +39 -0
  770. package/rules/typescript/ts.correctness.delete-on-variable.rule.yaml +37 -0
  771. package/rules/typescript/ts.correctness.deprecated-api-usage.rule.yaml +39 -0
  772. package/rules/typescript/ts.correctness.duplicate-class-member.rule.yaml +37 -0
  773. package/rules/typescript/ts.correctness.duplicate-export.rule.yaml +37 -0
  774. package/rules/typescript/ts.correctness.duplicate-function-parameter.rule.yaml +2 -0
  775. package/rules/typescript/ts.correctness.duplicate-if-else-condition.rule.yaml +2 -0
  776. package/rules/typescript/ts.correctness.duplicate-import-source.rule.yaml +2 -0
  777. package/rules/typescript/ts.correctness.duplicate-object-key.rule.yaml +2 -0
  778. package/rules/typescript/ts.correctness.duplicate-switch-case.rule.yaml +2 -0
  779. package/rules/typescript/ts.correctness.empty-block-statement.rule.yaml +2 -0
  780. package/rules/typescript/ts.correctness.empty-destructuring-pattern.rule.yaml +37 -0
  781. package/rules/typescript/ts.correctness.extraneous-import.rule.yaml +38 -0
  782. package/rules/typescript/ts.correctness.flawed-string-comparison.rule.yaml +38 -0
  783. package/rules/typescript/ts.correctness.global-object-called-as-function.rule.yaml +38 -0
  784. package/rules/typescript/ts.correctness.identical-comparison-operands.rule.yaml +2 -0
  785. package/rules/typescript/ts.correctness.implicit-undefined-return.rule.yaml +2 -0
  786. package/rules/typescript/ts.correctness.infinite-loop.rule.yaml +16 -7
  787. package/rules/typescript/ts.correctness.invalid-async-await-call.rule.yaml +37 -0
  788. package/rules/typescript/ts.correctness.invalid-shebang.rule.yaml +37 -0
  789. package/rules/typescript/ts.correctness.invalid-typeof-comparison.rule.yaml +2 -0
  790. package/rules/typescript/ts.correctness.invalid-variable-usage.rule.yaml +37 -0
  791. package/rules/typescript/ts.correctness.missing-async-on-promise-method.rule.yaml +2 -0
  792. package/rules/typescript/ts.correctness.missing-super-call.rule.yaml +2 -0
  793. package/rules/typescript/ts.correctness.missing-timeout-on-external-call.rule.yaml +13 -6
  794. package/rules/typescript/ts.correctness.missing-type-annotation.rule.yaml +37 -0
  795. package/rules/typescript/ts.correctness.namespace-import-unexported-name.rule.yaml +37 -0
  796. package/rules/typescript/ts.correctness.negative-zero-comparison.rule.yaml +37 -0
  797. package/rules/typescript/ts.correctness.new-expression-with-require.rule.yaml +39 -0
  798. package/rules/typescript/ts.correctness.new-symbol-instance.rule.yaml +38 -0
  799. package/rules/typescript/ts.correctness.no-confusing-label-in-switch.rule.yaml +39 -0
  800. package/rules/typescript/ts.correctness.no-href-with-nuxt-link.rule.yaml +39 -0
  801. package/rules/typescript/ts.correctness.no-ts-suppress-directive.rule.yaml +36 -0
  802. package/rules/typescript/ts.correctness.non-existent-assignment-operators.rule.yaml +38 -0
  803. package/rules/typescript/ts.correctness.off-by-one-loop-boundary.rule.yaml +2 -0
  804. package/rules/typescript/ts.correctness.parse-int-on-number-literal.rule.yaml +38 -0
  805. package/rules/typescript/ts.correctness.prefer-as-const-over-literal-type.rule.yaml +37 -0
  806. package/rules/typescript/ts.correctness.prefer-includes-over-indexof.rule.yaml +37 -0
  807. package/rules/typescript/ts.correctness.prefer-nullish-coalescing.rule.yaml +37 -0
  808. package/rules/typescript/ts.correctness.private-member-should-be-readonly.rule.yaml +37 -0
  809. package/rules/typescript/ts.correctness.promise-reject-non-error.rule.yaml +2 -0
  810. package/rules/typescript/ts.correctness.prototype-builtin-called-directly.rule.yaml +38 -0
  811. package/rules/typescript/ts.correctness.reassign-catch-binding.rule.yaml +2 -0
  812. package/rules/typescript/ts.correctness.reassign-class-member.rule.yaml +37 -0
  813. package/rules/typescript/ts.correctness.reassign-const-binding.rule.yaml +37 -0
  814. package/rules/typescript/ts.correctness.reassign-function-declaration.rule.yaml +38 -0
  815. package/rules/typescript/ts.correctness.regexp-constructor-invalid-pattern.rule.yaml +38 -0
  816. package/rules/typescript/ts.correctness.regexp-empty-character-class.rule.yaml +38 -0
  817. package/rules/typescript/ts.correctness.regexp-multicodepoint-character-class.rule.yaml +37 -0
  818. package/rules/typescript/ts.correctness.regexp-pattern-unusual-control-character.rule.yaml +2 -0
  819. package/rules/typescript/ts.correctness.regexp-useless-backreference.rule.yaml +37 -0
  820. package/rules/typescript/ts.correctness.require-outside-import.rule.yaml +37 -0
  821. package/rules/typescript/ts.correctness.restricted-global-variable.rule.yaml +37 -0
  822. package/rules/typescript/ts.correctness.restricted-object-property.rule.yaml +37 -0
  823. package/rules/typescript/ts.correctness.self-assignment.rule.yaml +2 -0
  824. package/rules/typescript/ts.correctness.setter-return-value.rule.yaml +37 -0
  825. package/rules/typescript/ts.correctness.simplify-boolean-return.rule.yaml +38 -0
  826. package/rules/typescript/ts.correctness.sparse-array-literal.rule.yaml +38 -0
  827. package/rules/typescript/ts.correctness.switch-case-fallthrough.rule.yaml +37 -0
  828. package/rules/typescript/ts.correctness.template-placeholder-in-string.rule.yaml +37 -0
  829. package/rules/typescript/ts.correctness.this-before-super.rule.yaml +3 -0
  830. package/rules/typescript/ts.correctness.this-outside-class.rule.yaml +37 -0
  831. package/rules/typescript/ts.correctness.undeclared-variable.rule.yaml +38 -0
  832. package/rules/typescript/ts.correctness.unhandled-async-error.rule.yaml +7 -1
  833. package/rules/typescript/ts.correctness.unnecessary-return-await.rule.yaml +2 -0
  834. package/rules/typescript/ts.correctness.unresolved-import.rule.yaml +37 -0
  835. package/rules/typescript/ts.correctness.unsafe-negation-in-relational.rule.yaml +38 -0
  836. package/rules/typescript/ts.correctness.unused-expression.rule.yaml +37 -0
  837. package/rules/typescript/ts.correctness.unused-variable.rule.yaml +37 -0
  838. package/rules/typescript/ts.correctness.use-number-is-nan.rule.yaml +2 -0
  839. package/rules/typescript/ts.correctness.used-before-definition.rule.yaml +38 -0
  840. package/rules/typescript/ts.correctness.var-declaration.rule.yaml +38 -0
  841. package/rules/typescript/ts.next.no-document-import-outside-custom-document.rule.yaml +39 -0
  842. package/rules/typescript/ts.next.no-head-import-in-custom-document.rule.yaml +39 -0
  843. package/rules/typescript/ts.performance.no-await-in-loop.rule.yaml +6 -6
  844. package/rules/typescript/ts.performance.no-json-parse-stringify-clone.rule.yaml +8 -0
  845. package/rules/typescript/ts.performance.sequential-async-calls.rule.yaml +16 -7
  846. package/rules/typescript/ts.quality.no-banned-type.rule.yaml +36 -0
  847. package/rules/typescript/ts.quality.no-empty-function.rule.yaml +1 -1
  848. package/rules/typescript/ts.quality.no-side-effect-in-pure-callback.rule.yaml +36 -0
  849. package/rules/typescript/ts.quality.swallowed-error.rule.yaml +6 -3
  850. package/rules/typescript/ts.react.no-deprecated-is-mounted.rule.yaml +36 -0
  851. package/rules/typescript/ts.react.no-deprecated-react-dom-root-api.rule.yaml +24 -2
  852. package/rules/typescript/ts.react.no-direct-state-mutation.rule.yaml +2 -0
  853. package/rules/typescript/ts.react.no-duplicate-jsx-attributes.rule.yaml +2 -0
  854. package/rules/typescript/ts.react.no-hooks-rule-violation.rule.yaml +38 -0
  855. package/rules/typescript/ts.react.no-invalid-markup-characters.rule.yaml +36 -0
  856. package/rules/typescript/ts.react.no-lifecycle-method-typo.rule.yaml +36 -0
  857. package/rules/typescript/ts.react.no-render-invalid-return-type.rule.yaml +36 -0
  858. package/rules/typescript/ts.react.no-set-state-in-component-did-mount.rule.yaml +2 -0
  859. package/rules/typescript/ts.react.no-set-state-in-component-did-update.rule.yaml +2 -0
  860. package/rules/typescript/ts.react.no-set-state-in-component-will-update.rule.yaml +36 -0
  861. package/rules/typescript/ts.react.no-should-component-update.rule.yaml +36 -0
  862. package/rules/typescript/ts.react.no-target-blank-without-rel.rule.yaml +2 -0
  863. package/rules/typescript/ts.react.no-this-state-in-set-state.rule.yaml +38 -0
  864. package/rules/typescript/ts.react.no-unnecessary-fragment.rule.yaml +36 -0
  865. package/rules/typescript/ts.runtime.no-process-exit.rule.yaml +3 -0
  866. package/rules/typescript/ts.runtime.process-exit-control-flow.rule.yaml +46 -0
  867. package/rules/typescript/ts.security.dangerous-insert-html.rule.yaml +5 -0
  868. package/rules/typescript/ts.security.express-insecure-listen.rule.yaml +52 -0
  869. package/rules/typescript/ts.security.express-nosql-injection.rule.yaml +16 -11
  870. package/rules/typescript/ts.security.express-static-dotfiles-allow.rule.yaml +5 -0
  871. package/rules/typescript/ts.security.iframe-missing-sandbox-attribute.rule.yaml +18 -6
  872. package/rules/typescript/ts.security.import-using-user-input.rule.yaml +62 -10
  873. package/rules/typescript/ts.security.insecure-auth-cookie-flags.rule.yaml +12 -4
  874. package/rules/typescript/ts.security.missing-request-timeout-or-retry.rule.yaml +8 -6
  875. package/rules/typescript/ts.security.no-assign-mutable-export.rule.yaml +2 -0
  876. package/rules/typescript/ts.security.no-dynamic-execution.rule.yaml +3 -3
  877. package/rules/typescript/ts.security.no-javascript-url.rule.yaml +42 -8
  878. package/rules/typescript/ts.security.no-native-prototype-extension.rule.yaml +13 -1
  879. package/rules/typescript/ts.security.non-literal-fs-filename.rule.yaml +13 -1
  880. package/rules/typescript/ts.security.observable-timing-discrepancy.rule.yaml +3 -3
  881. package/rules/typescript/ts.security.open-redirect.rule.yaml +6 -0
  882. package/rules/typescript/ts.security.path-join-user-input.rule.yaml +50 -0
  883. package/rules/typescript/ts.security.sensitive-data-written-to-file.rule.yaml +16 -6
  884. package/rules/typescript/ts.security.ssrf.rule.yaml +1 -0
  885. package/rules/typescript/ts.security.unsafe-dirname-path-concat.rule.yaml +3 -0
  886. package/rules/typescript/ts.security.unsanitized-http-response.rule.yaml +14 -3
  887. package/rules/typescript/ts.security.user-controlled-regexp.rule.yaml +52 -0
  888. package/rules/typescript/ts.testing.no-flaky-timer-test.rule.yaml +7 -7
  889. package/rules/typescript/ts.testing.no-legacy-test-waiter.rule.yaml +36 -0
  890. package/rules/typescript/ts.testing.no-network-call-in-unit-test.rule.yaml +7 -1
  891. package/rules/typescript/ts.testing.no-skipped-test-without-ticket.rule.yaml +3 -3
  892. package/rules/typescript/ts.testing.useless-assertion.rule.yaml +37 -0
  893. package/rules/typescript/ts.vue.emits-validator-return-boolean.rule.yaml +36 -0
  894. package/rules/typescript/ts.vue.no-browser-globals-in-created.rule.yaml +39 -0
  895. package/rules/typescript/ts.vue.no-computed-missing-dependency.rule.yaml +36 -0
  896. package/rules/typescript/ts.vue.no-computed-mutation.rule.yaml +36 -0
  897. package/rules/typescript/ts.vue.no-data-object-declaration.rule.yaml +36 -0
  898. package/rules/typescript/ts.vue.no-deprecated-keycodes-config.rule.yaml +36 -0
  899. package/rules/typescript/ts.vue.no-deprecated-listeners.rule.yaml +36 -0
  900. package/rules/typescript/ts.vue.no-deprecated-model-option.rule.yaml +36 -0
  901. package/rules/typescript/ts.vue.no-deprecated-scoped-slots.rule.yaml +36 -0
  902. package/rules/typescript/ts.vue.no-keycode-modifiers.rule.yaml +36 -0
  903. package/rules/typescript/ts.vue.no-reserved-key-overwrite.rule.yaml +36 -0
  904. package/rules/typescript/ts.vue.no-server-env-in-client-hooks.rule.yaml +39 -0
  905. package/rules/typescript/ts.vue.no-slot-property-access.rule.yaml +36 -0
  906. package/rules/typescript/ts.vue.prefer-prop-type-constructor.rule.yaml +36 -0
  907. package/rules/typescript/ts.vue.require-transition-conditional.rule.yaml +36 -0
package/rules/typescript/ts.correctness.reassign-function-declaration.rule.yaml ADDED
@@ -0,0 +1,38 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.reassign-function-declaration
5
+ title: Reassignment of function declaration
6
+ summary: A declared function name is later reassigned, which breaks hoisting expectations.
7
+ rationale: Rebinding function declarations obscures call targets and often hides logic errors during refactors.
8
+ aliases:
9
+ - JS-0015
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - crq-cor-039
15
+ - public-directory-parity
16
+ stability: stable
17
+ appliesTo: file
18
+ scope:
19
+ languages:
20
+ - typescript
21
+ - javascript
22
+ match:
23
+ fact:
24
+ kind: language.reassign-function-declaration
25
+ bind: issue
26
+ emit:
27
+ finding:
28
+ category: correctness.language
29
+ severity: low
30
+ confidence: 0.55
31
+ tags:
32
+ - correctness
33
+ - language
34
+ message:
35
+ title: Do not reassign function declarations
36
+ summary: "`${captures.issue.text}` reassigns a function declaration binding."
37
+ remediation:
38
+ summary: Use a separate variable for the new function value or convert the declaration to a `const` arrow function.
package/rules/typescript/ts.correctness.regexp-constructor-invalid-pattern.rule.yaml ADDED
@@ -0,0 +1,38 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.regexp-constructor-invalid-pattern
5
+ title: Invalid pattern string in RegExp constructor
6
+ summary: A string literal passed to `RegExp` or `new RegExp` is not a valid regular expression.
7
+ rationale: Invalid constructor patterns throw at runtime and are easy to miss when the pattern is built from a static string.
8
+ aliases:
9
+ - JS-0017
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - crq-cor-041
15
+ - public-directory-parity
16
+ stability: stable
17
+ appliesTo: file
18
+ scope:
19
+ languages:
20
+ - typescript
21
+ - javascript
22
+ match:
23
+ fact:
24
+ kind: language.regexp-constructor-invalid-pattern
25
+ bind: issue
26
+ emit:
27
+ finding:
28
+ category: correctness.language
29
+ severity: medium
30
+ confidence: 0.95
31
+ tags:
32
+ - correctness
33
+ - language
34
+ message:
35
+ title: Fix the RegExp constructor pattern
36
+ summary: "The RegExp constructor is called with an invalid pattern literal near `${captures.issue.text}`."
37
+ remediation:
38
+ summary: Correct the pattern syntax or build the expression with a validated helper before constructing the RegExp.
package/rules/typescript/ts.correctness.regexp-empty-character-class.rule.yaml ADDED
@@ -0,0 +1,38 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.regexp-empty-character-class
5
+ title: Empty character class in regular expression
6
+ summary: The regular expression pattern contains an empty character class that never matches.
7
+ rationale: Empty `[]` classes are almost always accidental and make patterns silently fail to match.
8
+ aliases:
9
+ - JS-0010
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - crq-cor-038
15
+ - public-directory-parity
16
+ stability: stable
17
+ appliesTo: file
18
+ scope:
19
+ languages:
20
+ - typescript
21
+ - javascript
22
+ match:
23
+ fact:
24
+ kind: language.regexp-empty-character-class
25
+ bind: issue
26
+ emit:
27
+ finding:
28
+ category: correctness.language
29
+ severity: medium
30
+ confidence: 0.9
31
+ tags:
32
+ - correctness
33
+ - language
34
+ message:
35
+ title: Remove or fix empty regex character classes
36
+ summary: "The pattern `${captures.issue.text}` includes `[]`, which matches nothing."
37
+ remediation:
38
+ summary: Add intended characters inside the class or remove the empty class from the pattern.
package/rules/typescript/ts.correctness.regexp-multicodepoint-character-class.rule.yaml ADDED
@@ -0,0 +1,37 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.regexp-multicodepoint-character-class
5
+ title: Multi-code-point character in regex class
6
+ summary: Detects multi-code-point character in regex class issues in JavaScript and TypeScript source.
7
+ rationale: Multi-code-point character in regex class patterns are a common source of bugs and confusing runtime behavior.
8
+ aliases:
9
+ - JS-0036
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - public-directory-parity
15
+ stability: stable
16
+ appliesTo: file
17
+ scope:
18
+ languages:
19
+ - typescript
20
+ - javascript
21
+ match:
22
+ fact:
23
+ kind: language.regexp-multicodepoint-character-class
24
+ bind: issue
25
+ emit:
26
+ finding:
27
+ category: correctness.language
28
+ severity: medium
29
+ confidence: 0.85
30
+ tags:
31
+ - correctness
32
+ - language
33
+ message:
34
+ title: Fix multi-code-point character in regex class
35
+ summary: "`${captures.issue.text}` matches ts.correctness.regexp-multicodepoint-character-class."
36
+ remediation:
37
+ summary: Refactor the code to remove the multi-code-point character in regex class pattern.
package/rules/typescript/ts.correctness.regexp-pattern-unusual-control-character.rule.yaml CHANGED
@@ -5,6 +5,8 @@ metadata:
5
5
  title: Unusual ASCII control characters in regexp pattern
6
6
  summary: The regular expression pattern embeds low ASCII control characters outside common whitespace.
7
7
  rationale: Literal control characters in patterns are hard to read, easy to corrupt in editors, and often indicate copy-paste or encoding mistakes.
8
+ aliases:
9
+ - JS-0004
8
10
  tags:
9
11
  - correctness
10
12
  - language
package/rules/typescript/ts.correctness.regexp-useless-backreference.rule.yaml ADDED
@@ -0,0 +1,37 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.regexp-useless-backreference
5
+ title: Useless regex backreference
6
+ summary: Detects useless regex backreference issues in JavaScript and TypeScript source.
7
+ rationale: Useless regex backreference patterns are a common source of bugs and confusing runtime behavior.
8
+ aliases:
9
+ - JS-0039
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - public-directory-parity
15
+ stability: stable
16
+ appliesTo: file
17
+ scope:
18
+ languages:
19
+ - typescript
20
+ - javascript
21
+ match:
22
+ fact:
23
+ kind: language.regexp-useless-backreference
24
+ bind: issue
25
+ emit:
26
+ finding:
27
+ category: correctness.language
28
+ severity: medium
29
+ confidence: 0.85
30
+ tags:
31
+ - correctness
32
+ - language
33
+ message:
34
+ title: Fix useless regex backreference
35
+ summary: "`${captures.issue.text}` matches ts.correctness.regexp-useless-backreference."
36
+ remediation:
37
+ summary: Refactor the code to remove the useless regex backreference pattern.
package/rules/typescript/ts.correctness.require-outside-import.rule.yaml ADDED
@@ -0,0 +1,37 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.require-outside-import
5
+ title: Require outside import statement
6
+ summary: Use ES module `import` syntax instead of `require()` calls.
7
+ rationale: Prefer ES module `import` syntax over CommonJS `require()` in JavaScript and TypeScript files.
8
+ aliases:
9
+ - JS-0359
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - public-directory-parity
15
+ stability: stable
16
+ appliesTo: file
17
+ scope:
18
+ languages:
19
+ - typescript
20
+ - javascript
21
+ match:
22
+ fact:
23
+ kind: language.require-outside-import
24
+ bind: issue
25
+ emit:
26
+ finding:
27
+ category: correctness.language
28
+ severity: high
29
+ confidence: 0.85
30
+ tags:
31
+ - correctness
32
+ - language
33
+ message:
34
+ title: Replace require() with ES module import
35
+ summary: "`${captures.issue.text}` uses require() instead of import."
36
+ remediation:
37
+ summary: Replace the `require()` call with an ES module `import` statement.
package/rules/typescript/ts.correctness.restricted-global-variable.rule.yaml ADDED
@@ -0,0 +1,37 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.restricted-global-variable
5
+ title: Restricted global variable
6
+ summary: Detects restricted global variable issues in JavaScript and TypeScript source.
7
+ rationale: Restricted global variable patterns are a common source of bugs and confusing runtime behavior.
8
+ aliases:
9
+ - JS-0122
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - public-directory-parity
15
+ stability: stable
16
+ appliesTo: file
17
+ scope:
18
+ languages:
19
+ - typescript
20
+ - javascript
21
+ match:
22
+ fact:
23
+ kind: language.restricted-global-variable
24
+ bind: issue
25
+ emit:
26
+ finding:
27
+ category: correctness.language
28
+ severity: medium
29
+ confidence: 0.85
30
+ tags:
31
+ - correctness
32
+ - language
33
+ message:
34
+ title: Fix restricted global variable
35
+ summary: "`${captures.issue.text}` matches ts.correctness.restricted-global-variable."
36
+ remediation:
37
+ summary: Refactor the code to remove the restricted global variable pattern.
package/rules/typescript/ts.correctness.restricted-object-property.rule.yaml ADDED
@@ -0,0 +1,37 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.restricted-object-property
5
+ title: Restricted object property access
6
+ summary: Detects restricted object property access issues in JavaScript and TypeScript source.
7
+ rationale: Restricted object property access is a style and safety concern, not a security issue; most flagged properties are deliberate surface reductions.
8
+ aliases:
9
+ - JS-0110
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - public-directory-parity
15
+ stability: stable
16
+ appliesTo: file
17
+ scope:
18
+ languages:
19
+ - typescript
20
+ - javascript
21
+ match:
22
+ fact:
23
+ kind: language.restricted-object-property
24
+ bind: issue
25
+ emit:
26
+ finding:
27
+ category: correctness.language
28
+ severity: low
29
+ confidence: 0.50
30
+ tags:
31
+ - correctness
32
+ - language
33
+ message:
34
+ title: Remove assignment to restricted property on built-in prototype
35
+ summary: "`${captures.issue.text}` assigns to a restricted property on a built-in prototype. Mutating built-in prototypes affects all instances globally and can cause unpredictable behavior across the entire application."
36
+ remediation:
37
+ summary: Refactor the code to remove the restricted object property access pattern.
package/rules/typescript/ts.correctness.self-assignment.rule.yaml CHANGED
@@ -4,6 +4,8 @@ metadata:
4
4
  id: ts.correctness.self-assignment
5
5
  title: Self assignment
6
6
  summary: An assignment uses the same expression on the left and right side.
7
+ aliases:
8
+ - JS-0088
7
9
  rationale: Self-assignments are almost always dead code or a typo where a different value was intended.
8
10
  tags:
9
11
  - correctness
package/rules/typescript/ts.correctness.setter-return-value.rule.yaml ADDED
@@ -0,0 +1,37 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.setter-return-value
5
+ title: Return value from setter
6
+ summary: Detects return value from setter issues in JavaScript and TypeScript source.
7
+ rationale: Return value from setter patterns are a common source of bugs and confusing runtime behavior.
8
+ aliases:
9
+ - JS-0037
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - public-directory-parity
15
+ stability: stable
16
+ appliesTo: file
17
+ scope:
18
+ languages:
19
+ - typescript
20
+ - javascript
21
+ match:
22
+ fact:
23
+ kind: language.setter-return-value
24
+ bind: issue
25
+ emit:
26
+ finding:
27
+ category: correctness.language
28
+ severity: medium
29
+ confidence: 0.85
30
+ tags:
31
+ - correctness
32
+ - language
33
+ message:
34
+ title: Fix return value from setter
35
+ summary: "`${captures.issue.text}` matches ts.correctness.setter-return-value."
36
+ remediation:
37
+ summary: Refactor the code to remove the return value from setter pattern.
package/rules/typescript/ts.correctness.simplify-boolean-return.rule.yaml ADDED
@@ -0,0 +1,38 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.simplify-boolean-return
5
+ title: Complex boolean return
6
+ summary: Return statements that explicitly return true/false based on a condition can be simplified.
7
+ rationale: "`if (x) return true; else return false;` is equivalent to `return x;`. The complex form adds noise and makes the code harder to read."
8
+ aliases:
9
+ - JS-W1041
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - simplification
14
+ - rules-catalog
15
+ - public-directory-parity
16
+ stability: stable
17
+ appliesTo: block
18
+ scope:
19
+ languages:
20
+ - typescript
21
+ - javascript
22
+ match:
23
+ fact:
24
+ kind: language.complex-boolean-return
25
+ bind: issue
26
+ emit:
27
+ finding:
28
+ category: correctness.language
29
+ severity: high
30
+ confidence: 0.95
31
+ tags:
32
+ - correctness
33
+ - language
34
+ message:
35
+ title: Simplify boolean return
36
+ summary: "`${captures.issue.text}` can be simplified to a direct boolean return."
37
+ remediation:
38
+ summary: Replace the if/else or ternary with `return <condition>;`.
package/rules/typescript/ts.correctness.sparse-array-literal.rule.yaml ADDED
@@ -0,0 +1,38 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.sparse-array-literal
5
+ title: Sparse array literal
6
+ summary: An array literal contains empty slots that create a sparse array.
7
+ rationale: Sparse arrays have surprising iteration semantics and often indicate typos or incomplete edits.
8
+ aliases:
9
+ - JS-0023
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - crq-cor-045
15
+ - public-directory-parity
16
+ stability: stable
17
+ appliesTo: file
18
+ scope:
19
+ languages:
20
+ - typescript
21
+ - javascript
22
+ match:
23
+ fact:
24
+ kind: language.sparse-array-literal
25
+ bind: issue
26
+ emit:
27
+ finding:
28
+ category: correctness.language
29
+ severity: low
30
+ confidence: 0.50
31
+ tags:
32
+ - correctness
33
+ - language
34
+ message:
35
+ title: Avoid sparse array literals
36
+ summary: "`${captures.issue.text}` creates an array with empty slots."
37
+ remediation:
38
+ summary: Fill missing entries explicitly or use a dense data structure when holes are not intentional.
package/rules/typescript/ts.correctness.switch-case-fallthrough.rule.yaml ADDED
@@ -0,0 +1,37 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.switch-case-fallthrough
5
+ title: Switch case fallthrough
6
+ summary: Detects switch case fallthrough issues in JavaScript and TypeScript source.
7
+ rationale: Switch case fallthrough patterns are a common source of bugs and confusing runtime behavior.
8
+ aliases:
9
+ - JS-0064
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - public-directory-parity
15
+ stability: stable
16
+ appliesTo: file
17
+ scope:
18
+ languages:
19
+ - typescript
20
+ - javascript
21
+ match:
22
+ fact:
23
+ kind: language.switch-case-fallthrough
24
+ bind: issue
25
+ emit:
26
+ finding:
27
+ category: correctness.language
28
+ severity: medium
29
+ confidence: 0.85
30
+ tags:
31
+ - correctness
32
+ - language
33
+ message:
34
+ title: Fix switch case fallthrough
35
+ summary: "`${captures.issue.text}` matches ts.correctness.switch-case-fallthrough."
36
+ remediation:
37
+ summary: Refactor the code to remove the switch case fallthrough pattern.
package/rules/typescript/ts.correctness.template-placeholder-in-string.rule.yaml ADDED
@@ -0,0 +1,37 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.template-placeholder-in-string
5
+ title: Template placeholder in regular string
6
+ summary: Detects template placeholder in regular string issues in JavaScript and TypeScript source.
7
+ rationale: Template placeholder in regular string patterns are a common source of bugs and confusing runtime behavior.
8
+ aliases:
9
+ - JS-0038
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - public-directory-parity
15
+ stability: stable
16
+ appliesTo: file
17
+ scope:
18
+ languages:
19
+ - typescript
20
+ - javascript
21
+ match:
22
+ fact:
23
+ kind: language.template-placeholder-in-string
24
+ bind: issue
25
+ emit:
26
+ finding:
27
+ category: correctness.language
28
+ severity: medium
29
+ confidence: 0.85
30
+ tags:
31
+ - correctness
32
+ - language
33
+ message:
34
+ title: Fix template placeholder in regular string
35
+ summary: "`${captures.issue.text}` matches ts.correctness.template-placeholder-in-string."
36
+ remediation:
37
+ summary: Refactor the code to remove the template placeholder in regular string pattern.
package/rules/typescript/ts.correctness.this-before-super.rule.yaml CHANGED
@@ -5,11 +5,14 @@ metadata:
5
5
  title: this used before super()
6
6
  summary: Do not use this or super members before calling super() in a subclass constructor.
7
7
  rationale: Accessing this before super() in a derived constructor throws at runtime.
8
+ aliases:
9
+ - JS-0235
8
10
  tags:
9
11
  - correctness
10
12
  - language
11
13
  - rules-catalog
12
14
  - crq-cor-035
15
+ - public-directory-parity
13
16
  stability: stable
14
17
  appliesTo: file
15
18
  scope:
package/rules/typescript/ts.correctness.this-outside-class.rule.yaml ADDED
@@ -0,0 +1,37 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.this-outside-class
5
+ title: Found `this` keyword outside of classes
6
+ summary: Do not use the `this` keyword outside of a class body.
7
+ rationale: Using `this` outside of a class typically refers to the global object (undefined in strict mode), which is rarely the intended behavior and can lead to subtle bugs.
8
+ aliases:
9
+ - JS-B002
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - public-directory-parity
15
+ stability: experimental
16
+ appliesTo: file
17
+ scope:
18
+ languages:
19
+ - typescript
20
+ - javascript
21
+ match:
22
+ fact:
23
+ kind: language.this-outside-class
24
+ bind: issue
25
+ emit:
26
+ finding:
27
+ category: correctness.language
28
+ severity: high
29
+ confidence: 0.95
30
+ tags:
31
+ - correctness
32
+ - language
33
+ message:
34
+ title: Remove `this` usage outside of class
35
+ summary: "`${captures.issue.text}` uses `this` outside of a class body."
36
+ remediation:
37
+ summary: Refactor the code to avoid using `this` outside of a class. Replace `this` with the intended reference or use a local variable instead.
package/rules/typescript/ts.correctness.undeclared-variable.rule.yaml ADDED
@@ -0,0 +1,38 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.undeclared-variable
5
+ title: Undeclared variable reference
6
+ summary: Detects undeclared variable reference issues in JavaScript and TypeScript source.
7
+ rationale: Undeclared variable reference patterns are scope-analysis hints that rarely represent runtime bugs; most are parser artifacts or dynamic-pattern noise.
8
+ aliases:
9
+ - JS-0125
10
+ - JS-0423
11
+ tags:
12
+ - correctness
13
+ - language
14
+ - rules-catalog
15
+ - public-directory-parity
16
+ stability: stable
17
+ appliesTo: file
18
+ scope:
19
+ languages:
20
+ - typescript
21
+ - javascript
22
+ match:
23
+ fact:
24
+ kind: language.undeclared-variable
25
+ bind: issue
26
+ emit:
27
+ finding:
28
+ category: correctness.language
29
+ severity: low
30
+ confidence: 0.50
31
+ tags:
32
+ - correctness
33
+ - language
34
+ message:
35
+ title: Fix undeclared variable reference
36
+ summary: "`${captures.issue.text}` matches ts.correctness.undeclared-variable."
37
+ remediation:
38
+ summary: Refactor the code to remove the undeclared variable reference pattern.
package/rules/typescript/ts.correctness.unhandled-async-error.rule.yaml CHANGED
@@ -16,6 +16,12 @@ scope:
16
16
  languages:
17
17
  - typescript
18
18
  - javascript
19
+ paths:
20
+ exclude:
21
+ - "**/*.test.*"
22
+ - "**/*.spec.*"
23
+ - "**/__tests__/**"
24
+ - "**/tests/**"
19
25
  match:
20
26
  fact:
21
27
  kind: async.unhandled-async-error
@@ -23,7 +29,7 @@ match:
23
29
  emit:
24
30
  finding:
25
31
  category: correctness.async
26
- severity: high
32
+ severity: medium
27
33
  confidence: 0.85
28
34
  tags:
29
35
  - correctness
package/rules/typescript/ts.correctness.unnecessary-return-await.rule.yaml CHANGED
@@ -5,6 +5,8 @@ metadata:
5
5
  title: Unnecessary Return Await
6
6
  summary: Remove redundant return await
7
7
  rationale: Remove redundant return await:return await in async functions outside try/catch adds stack overhead without changing behavior.
8
+ aliases:
9
+ - JS-0111
8
10
  tags:
9
11
  - correctness
10
12
  - rules-catalog
package/rules/typescript/ts.correctness.unresolved-import.rule.yaml ADDED
@@ -0,0 +1,37 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: ts.correctness.unresolved-import
5
+ title: Avoid unresolved module imports
6
+ summary: Import declarations should reference modules that exist on disk or in node_modules.
7
+ rationale: Importing a module that cannot be resolved will cause a build or runtime error. This typically happens after refactoring, file renames, or incorrect module paths.
8
+ aliases:
9
+ - JS-E1010
10
+ tags:
11
+ - correctness
12
+ - language
13
+ - rules-catalog
14
+ - public-directory-parity
15
+ stability: experimental
16
+ appliesTo: file
17
+ scope:
18
+ languages:
19
+ - typescript
20
+ - javascript
21
+ match:
22
+ fact:
23
+ kind: language.unresolved-import
24
+ bind: issue
25
+ emit:
26
+ finding:
27
+ category: correctness.language
28
+ severity: high
29
+ confidence: 0.85
30
+ tags:
31
+ - correctness
32
+ - language
33
+ message:
34
+ title: Import path does not resolve to a file or package
35
+ summary: "`${captures.issue.text}` could not be resolved to an existing module."
36
+ remediation:
37
+ summary: Update the import path or install the missing dependency.