@echoes-of-order/eslint-config 1.121.0

package/rules/enforce-vite-health-metrics.js

@@ -0,0 +1,240 @@
+const enforceViteHealthMetricsRule = {
+  meta: {
+    type: "problem",
+    docs: {
+      description: "Enforce Vite configuration to include required health and metrics endpoints",
+      category: "Best Practices",
+      recommended: true,
+    },
+    fixable: null,
+    schema: [{
+      type: "object",
+      properties: {
+        requiredEndpoints: {
+          type: "array",
+          items: { type: "string" },
+          default: ["/health", "/health/live", "/health/ready", "/metrics"],
+        },
+        requiredPackages: {
+          type: "array",
+          items: { type: "string" },
+          default: ["@godaddy/terminus", "prom-client"],
+        },
+        requiredServices: {
+          type: "array",
+          items: { type: "string" },
+          default: ["HealthMetricsService", "MetricsService"],
+        },
+      },
+      additionalProperties: false,
+    }],
+    messages: {
+      missingHealthEndpoint: "Missing required health endpoint: {{endpoint}}. Add middleware for {{endpoint}} in Vite config.",
+      missingMetricsEndpoint: "Missing required metrics endpoint: {{endpoint}}. Add middleware for {{endpoint}} in Vite config.",
+      missingPackage: "Missing required package: {{package}}. Install {{package}} for health/metrics functionality.",
+      missingService: "Missing required service: {{service}}. Import and use {{service}} in Vite config.",
+      incorrectContentType: "Health endpoint {{endpoint}} should return 'text/plain' content type for Prometheus metrics.",
+      missingConfigureServer: "Vite config must include configureServer function for health/metrics endpoints.",
+      missingMiddlewares: "Vite config must include server.middlewares.use for health/metrics endpoints.",
+    },
+  },
+
+  create(context) {
+    const options = context.options[0] || {};
+    const requiredEndpoints = options.requiredEndpoints || ["/health", "/health/live", "/health/ready", "/metrics"];
+    const requiredPackages = options.requiredPackages || ["@godaddy/terminus", "prom-client"];
+    const requiredServices = options.requiredServices || ["HealthMetricsService", "MetricsService"];
+
+    let hasViteConfig = false;
+    let hasConfigureServer = false;
+    let hasMiddlewares = false;
+    let foundEndpoints = new Set();
+    let foundServices = new Set();
+    let foundPackages = new Set();
+
+    return {
+      // Check for Vite config file
+      Program() {
+        const filename = context.getFilename();
+        if (filename.includes("vite.config") || filename.includes("vite.config.ts") || filename.includes("vite.config.js")) {
+          hasViteConfig = true;
+        }
+      },
+
+      // Check for import statements
+      ImportDeclaration(node) {
+        const source = node.source.value;
+        if (requiredPackages.includes(source)) {
+          foundPackages.add(source);
+        }
+      },
+
+      // Check for configureServer function
+      FunctionDeclaration(node) {
+        if (node.id && node.id.name === "configureServer") {
+          hasConfigureServer = true;
+        }
+      },
+
+      // Check for ArrowFunctionExpression with configureServer
+      ArrowFunctionExpression(node) {
+        if (node.parent && node.parent.type === "Property" && node.parent.key && node.parent.key.name === "configureServer") {
+          hasConfigureServer = true;
+        }
+      },
+
+      // Check for server.middlewares.use calls and content type headers
+      CallExpression(node) {
+        // Check for server.middlewares.use calls
+        if (node.callee.type === "MemberExpression" &&
+            node.callee.object.type === "MemberExpression" &&
+            node.callee.object.object.name === "server" &&
+            node.callee.object.property.name === "middlewares" &&
+            node.callee.property.name === "use") {
+
+          hasMiddlewares = true;
+
+          // Check for endpoint path
+          const endpointArg = node.arguments[0];
+          if (endpointArg && endpointArg.type === "Literal" && typeof endpointArg.value === "string") {
+            const endpoint = endpointArg.value;
+            if (requiredEndpoints.includes(endpoint)) {
+              foundEndpoints.add(endpoint);
+            }
+          }
+        }
+
+        // Check for content type headers
+        if (node.callee.type === "MemberExpression" &&
+            node.callee.property.name === "setHeader") {
+
+          const headerName = node.arguments[0];
+          const headerValue = node.arguments[1];
+
+          if (headerName && headerName.type === "Literal" && headerName.value === "Content-Type") {
+            if (headerValue && headerValue.type === "Literal" && headerValue.value === "application/json") {
+              // Find the endpoint this belongs to by traversing up
+              let current = node.parent;
+              while (current && current.type !== "CallExpression") {
+                current = current.parent;
+              }
+
+              if (current && current.callee.type === "MemberExpression" &&
+                  current.callee.property.name === "use") {
+                const endpointArg = current.arguments[0];
+                if (endpointArg && endpointArg.type === "Literal" &&
+                    (endpointArg.value === "/health" || endpointArg.value === "/metrics")) {
+                  context.report({
+                    node: headerValue,
+                    messageId: "incorrectContentType",
+                    data: { endpoint: endpointArg.value }
+                  });
+                }
+              }
+            }
+          }
+        }
+      },
+
+      // Check for service imports and usage
+      VariableDeclarator(node) {
+        if (node.init && node.init.type === "CallExpression" &&
+            node.init.callee.type === "Identifier" &&
+            node.init.callee.name === "import") {
+
+          const importArg = node.init.arguments[0];
+          if (importArg && importArg.type === "Literal" && typeof importArg.value === "string") {
+            const importPath = importArg.value;
+            if (importPath.includes("HealthMetricsService") || importPath.includes("MetricsService")) {
+              requiredServices.forEach(service => {
+                if (importPath.includes(service)) {
+                  foundServices.add(service);
+                }
+              });
+            }
+          }
+        }
+      },
+
+      // Check for service instantiation
+      NewExpression(node) {
+        if (node.callee.type === "Identifier") {
+          const serviceName = node.callee.name;
+          if (requiredServices.includes(serviceName)) {
+            foundServices.add(serviceName);
+          }
+        }
+      },
+
+      // Final validation on program end
+      "Program:exit"() {
+        if (!hasViteConfig) {
+          return; // Not a Vite config file
+        }
+
+        // Check for missing packages
+        requiredPackages.forEach(packageName => {
+          if (!foundPackages.has(packageName)) {
+            context.report({
+              node: context.getSourceCode().ast,
+              messageId: "missingPackage",
+              data: { package: packageName }
+            });
+          }
+        });
+
+        // Check for missing services
+        requiredServices.forEach(serviceName => {
+          if (!foundServices.has(serviceName)) {
+            context.report({
+              node: context.getSourceCode().ast,
+              messageId: "missingService",
+              data: { service: serviceName }
+            });
+          }
+        });
+
+        // Check for missing endpoints
+        requiredEndpoints.forEach(endpoint => {
+          if (!foundEndpoints.has(endpoint)) {
+            if (endpoint === "/health" || endpoint === "/metrics") {
+              context.report({
+                node: context.getSourceCode().ast,
+                messageId: "missingMetricsEndpoint",
+                data: { endpoint }
+              });
+            } else {
+              context.report({
+                node: context.getSourceCode().ast,
+                messageId: "missingHealthEndpoint",
+                data: { endpoint }
+              });
+            }
+          }
+        });
+
+        // Check for configureServer function
+        if (!hasConfigureServer) {
+          context.report({
+            node: context.getSourceCode().ast,
+            messageId: "missingConfigureServer"
+          });
+        }
+
+        // Check for middlewares
+        if (!hasMiddlewares) {
+          context.report({
+            node: context.getSourceCode().ast,
+            messageId: "missingMiddlewares"
+          });
+        }
+      }
+    };
+  }
+};
+
+export default {
+  rules: {
+    "enforce-vite-health-metrics": enforceViteHealthMetricsRule,
+  },
+};

package/rules/entity-required-properties.js

@@ -0,0 +1,321 @@
+/**
+ * @fileoverview Stellt sicher, dass alle required Properties einer Entity beim Erstellen einer Instanz gesetzt werden
+ * Diese Regel analysiert Entity-Klassen und prüft, ob bei `new EntityName()` alle nicht-optionalen Properties zugewiesen werden
+ */
+
+import fs from "fs";
+import path from "path";
+
+/** @type {import('eslint').Rule.RuleModule} */
+const entityRequiredPropertiesRule = {
+  meta: {
+    type: "problem",
+    docs: {
+      description: "Stellt sicher, dass alle required Properties einer Entity beim Erstellen einer Instanz gesetzt werden",
+      category: "TypeORM",
+      recommended: true,
+    },
+    hasSuggestions: true,
+    schema: [],
+    messages: {
+      missingRequiredProperties: "Entity '{{entityName}}' Instanz fehlen required Properties: {{missingProps}}. Diese müssen nach 'new {{entityName}}()' gesetzt werden.",
+      optionalPropertyInfo: "Optional properties für '{{entityName}}': {{optionalProps}}",
+    },
+  },
+
+  create(context) {
+    const sourceCode = context.getSourceCode();
+    const filename = context.getFilename();
+
+    // Nur Service-Dateien und Controller prüfen (dort werden meist Entities erstellt)
+    if (!filename.includes("/service/") && !filename.includes("/controller/")) {
+      return {};
+    }
+
+    /**
+     * Analysiert Entity-Klasse und extrahiert required/optional Properties (String-basiert)
+     */
+    function analyzeEntityClass(entityFilePath) {
+      const required = [];
+      const optional = [];
+
+      try {
+        const content = fs.readFileSync(entityFilePath, "utf8");
+
+        // Finde Klassen-Definition
+        const classMatch = content.match(/export\s+class\s+(\w+Entity)/);
+        if (!classMatch) {
+          return { required, optional };
+        }
+
+        const className = classMatch[1];
+
+        // Teile Content in Zeilen und analysiere Properties
+        const lines = content.split('\n');
+        let insideClass = false;
+        let currentDecorators = [];
+
+        for (let i = 0; i < lines.length; i++) {
+          const line = lines[i].trim();
+
+          // Starte bei Klassendefinition
+          if (line.includes(`class ${className}`)) {
+            insideClass = true;
+            continue;
+          }
+
+          if (!insideClass) continue;
+
+          // Ende der Klasse
+          if (line === '}') {
+            break;
+          }
+
+          // Decorator erkennen (kann mehrzeilig sein)
+          if (line.startsWith('@')) {
+            const decoratorMatch = line.match(/@(\w+)/);
+            if (decoratorMatch) {
+              let decoratorContent = line;
+
+              // Wenn Decorator mehrzeilig ist, sammle alle Zeilen bis zur schließenden Klammer
+              let j = i + 1;
+              let openBraces = (line.match(/\{/g) || []).length - (line.match(/\}/g) || []).length;
+              let openParens = (line.match(/\(/g) || []).length - (line.match(/\)/g) || []).length;
+
+              while (j < lines.length && (openBraces > 0 || openParens > 0)) {
+                const nextLine = lines[j].trim();
+                decoratorContent += " " + nextLine;
+
+                openBraces += (nextLine.match(/\{/g) || []).length - (nextLine.match(/\}/g) || []).length;
+                openParens += (nextLine.match(/\(/g) || []).length - (nextLine.match(/\)/g) || []).length;
+
+                j++;
+              }
+
+              currentDecorators.push({
+                name: decoratorMatch[1],
+                full: decoratorContent
+              });
+
+              // Springe über verarbeitete Zeilen
+              i = j - 1;
+            }
+            continue;
+          }
+
+          // Property erkennen - nur echte Klassenmember
+          const propertyMatch = line.match(/^(\w+)(\?)?\s*:\s*([^;{]+);?\s*$/);
+          if (propertyMatch && !line.includes('type:') && !line.includes('length:')) {
+            const propertyName = propertyMatch[1];
+            const isOptional = !!propertyMatch[2]; // hat ?
+            const propertyType = propertyMatch[3];
+
+            const isRequired = analyzePropertyRequirement(propertyName, isOptional, propertyType, currentDecorators);
+
+            if (isRequired) {
+              required.push(propertyName);
+            } else {
+              optional.push(propertyName);
+            }
+
+            // Reset für nächstes Property
+            currentDecorators = [];
+          }
+        }
+
+      } catch (error) {
+        // Bei Fehlern keine Warnungen
+      }
+
+      return { required, optional };
+    }
+
+    /**
+     * Analysiert ob ein Property required ist (String-basiert)
+     */
+    function analyzePropertyRequirement(propertyName, isOptional, propertyType, decorators) {
+      // TypeScript optional marker
+      if (isOptional) {
+        return false;
+      }
+
+      // Nur Properties mit Decorators überwachen
+      if (decorators.length === 0) {
+        return false;
+      }
+
+      // Automatische Properties
+      const autoGeneratedDecorators = ["PrimaryGeneratedColumn", "CreateDateColumn", "UpdateDateColumn"];
+      if (decorators.some(d => autoGeneratedDecorators.includes(d.name))) {
+        return false;
+      }
+
+      // @Column mit nullable oder default
+      const columnDecorator = decorators.find(d => d.name === "Column");
+      if (columnDecorator) {
+        const hasNullable = columnDecorator.full.includes("nullable: true");
+        const hasDefault = columnDecorator.full.includes("default:") || columnDecorator.full.includes("default {");
+
+        if (hasNullable || hasDefault) {
+          return false;
+        }
+        return true; // Column ohne nullable/default ist required
+      }
+
+      // Relationen
+      const relationDecorators = ["ManyToOne", "OneToOne", "OneToMany", "ManyToMany"];
+      const relationDecorator = decorators.find(d => relationDecorators.includes(d.name));
+      if (relationDecorator) {
+        const hasNullable = relationDecorator.full.includes("nullable: true");
+        const hasNullType = propertyType.includes("| null");
+
+        if (hasNullable || hasNullType) {
+          return false;
+        }
+        return true; // Relation ohne nullable ist required
+      }
+
+      // Andere Decorators (JoinColumn, etc.) sind optional
+      return false;
+    }
+
+    /**
+     * Findet Entity-Datei basierend auf Import
+     */
+    function findEntityFile(entityName) {
+      const currentDir = path.dirname(filename);
+      const projectRoot = path.resolve(currentDir, "../../../..");
+
+      // Rekursive Dateisuche ohne externe Dependencies
+      function findFileRecursively(dir, fileName) {
+        try {
+          const files = fs.readdirSync(dir);
+
+          for (const file of files) {
+            const fullPath = path.join(dir, file);
+            const stat = fs.statSync(fullPath);
+
+            if (stat.isFile() && file === fileName) {
+              return fullPath;
+            } else if (stat.isDirectory()) {
+              const found = findFileRecursively(fullPath, fileName);
+              if (found) return found;
+            }
+          }
+        } catch {
+          // Verzeichnis nicht zugänglich, weiter
+        }
+        return null;
+      }
+
+      // Suche in entity-Verzeichnissen
+      const entitySearchDirs = [
+        path.resolve(projectRoot, "src", "entity"),
+        path.resolve(currentDir, "../../../entity"),
+        path.resolve(currentDir, "../../../../entity"),
+      ];
+
+      for (const searchDir of entitySearchDirs) {
+        const found = findFileRecursively(searchDir, `${entityName}.ts`);
+        if (found) {
+          return found;
+        }
+      }
+
+      return null;
+    }
+
+    /**
+     * Sammelt alle Property-Zuweisungen nach einer Entity-Instanziierung
+     */
+    function collectPropertyAssignments(entityVariableName, startNode) {
+      const assignments = new Set();
+      const scope = sourceCode.getScope(startNode);
+
+      // Durchsuche nachfolgende Statements für Property-Zuweisungen
+      let parent = startNode.parent;
+      while (parent && parent.type !== "BlockStatement") {
+        parent = parent.parent;
+      }
+
+      if (parent && parent.body) {
+        const startIndex = parent.body.indexOf(startNode.parent);
+        const followingStatements = parent.body.slice(startIndex + 1);
+
+        followingStatements.forEach(statement => {
+          if (statement.type === "ExpressionStatement" &&
+              statement.expression.type === "AssignmentExpression") {
+            const left = statement.expression.left;
+            if (left.type === "MemberExpression" &&
+                left.object?.name === entityVariableName) {
+              assignments.add(left.property?.name);
+            }
+          }
+        });
+      }
+
+      return assignments;
+    }
+
+    return {
+      VariableDeclarator(node) {
+        // Prüfe auf `new EntityName()` Pattern
+        if (node.init?.type === "NewExpression") {
+          const entityName = node.init.callee?.name;
+
+          // Prüfe ob es eine Entity ist (Name endet mit "Entity")
+          if (entityName && entityName.endsWith("Entity")) {
+            const variableName = node.id?.name;
+
+            if (variableName) {
+              // Finde Entity-Datei und analysiere required Properties
+              const entityFile = findEntityFile(entityName);
+
+              if (entityFile) {
+                const { required, optional } = analyzeEntityClass(entityFile);
+
+                if (required.length > 0) {
+                  // Sammle Property-Zuweisungen nach der Instanziierung
+                  const assignments = collectPropertyAssignments(variableName, node);
+
+                  // Finde fehlende required Properties
+                  const missingProperties = required.filter(prop => !assignments.has(prop));
+
+                  if (missingProperties.length > 0) {
+                    context.report({
+                      node: node.init,
+                      messageId: "missingRequiredProperties",
+                      data: {
+                        entityName,
+                        missingProps: missingProperties.join(", ")
+                      },
+                      suggest: [
+                        {
+                          desc: `Add missing required properties for ${entityName}`,
+                          fix(fixer) {
+                            // Erstelle Vorschlag für fehlende Properties
+                            const suggestions = missingProperties.map(prop =>
+                              `${variableName}.${prop} = /* TODO: set value */;`
+                            ).join("\n");
+
+                            return fixer.insertTextAfter(node.parent, `\n${suggestions}`);
+                          }
+                        }
+                      ]
+                    });
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    };
+  },
+};
+
+export default {
+  rules: {
+    "entity-required-properties": entityRequiredPropertiesRule,
+  },
+};

package/rules/entity-to-dto-test.js

@@ -0,0 +1,73 @@
+export default {
+  meta: {
+    type: "problem",
+    docs: {
+      description: "Verhindert die direkte Verwendung von Entities in Controller-Responses und erzwingt DTOs",
+      category: "Security",
+      recommended: true,
+    },
+    fixable: null,
+    schema: [],
+    messages: {
+      entityInResponse: "Entity-Variable '{{variableName}}' darf nicht direkt in sendSuccess() verwendet werden. Controller müssen Entities zu DTOs konvertieren bevor sie als API-Response zurückgegeben werden.",
+    },
+  },
+
+  create(context) {
+    const filename = context.getFilename();
+
+    // Nur Controller-Dateien prüfen
+    if (!filename.includes("Controller.ts") || filename.includes("test")) {
+      return {};
+    }
+
+    // Entity-Pattern erkennen
+    function isEntityPattern(variableName) {
+      return (
+        variableName.endsWith("Definition") ||
+        variableName.endsWith("Entity") ||
+        variableName.endsWith("Model") ||
+        variableName.endsWith("Record") ||
+        variableName.endsWith("Instance") ||
+        variableName.startsWith("new") ||
+        variableName.includes("Entity") ||
+        variableName.includes("Definition")
+      );
+    }
+
+    return {
+      CallExpression(node) {
+        // Prüfe auf this.sendSuccess() Aufrufe
+        if (node.callee?.type === "MemberExpression" &&
+            node.callee.object?.type === "ThisExpression" &&
+            node.callee.property?.name === "sendSuccess") {
+
+          // Prüfe das zweite Argument (Response-Objekt)
+          if (node.arguments.length >= 2 &&
+              node.arguments[1]?.type === "ObjectExpression") {
+
+            const responseObject = node.arguments[1];
+
+            // Prüfe alle Properties im Response-Objekt
+            responseObject.properties.forEach(property => {
+              if (property.type === "Property" &&
+                  property.value?.type === "Identifier") {
+
+                const variableName = property.value.name;
+
+                // Melde Entity-Patterns
+                if (isEntityPattern(variableName)) {
+                  context.report({
+                    node: property.value,
+                    messageId: "entityInResponse",
+                    data: { variableName }
+                  });
+                }
+              }
+            });
+          }
+        }
+      }
+    };
+  },
+};