@fourteensystems/shipguard 0.2.6 → 0.2.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +11 -2
- package/dist/engine/config.d.ts.map +1 -1
- package/dist/engine/config.js +2 -0
- package/dist/engine/config.js.map +1 -1
- package/dist/engine/report.d.ts.map +1 -1
- package/dist/engine/report.js +3 -0
- package/dist/engine/report.js.map +1 -1
- package/dist/engine/version.d.ts +1 -1
- package/dist/engine/version.js +1 -1
- package/dist/next/deps.js +1 -1
- package/dist/next/deps.js.map +1 -1
- package/dist/next/routes.d.ts.map +1 -1
- package/dist/next/routes.js +27 -3
- package/dist/next/routes.js.map +1 -1
- package/dist/next/routes.test.js +27 -0
- package/dist/next/routes.test.js.map +1 -1
- package/dist/next/wrappers.js +46 -3
- package/dist/next/wrappers.js.map +1 -1
- package/dist/rules/auth-boundary-missing.d.ts.map +1 -1
- package/dist/rules/auth-boundary-missing.js +71 -41
- package/dist/rules/auth-boundary-missing.js.map +1 -1
- package/dist/rules/index.d.ts.map +1 -1
- package/dist/rules/index.js +11 -0
- package/dist/rules/index.js.map +1 -1
- package/dist/rules/input-validation-missing.d.ts +5 -0
- package/dist/rules/input-validation-missing.d.ts.map +1 -0
- package/dist/rules/input-validation-missing.js +242 -0
- package/dist/rules/input-validation-missing.js.map +1 -0
- package/dist/rules/input-validation-missing.test.d.ts +2 -0
- package/dist/rules/input-validation-missing.test.d.ts.map +1 -0
- package/dist/rules/input-validation-missing.test.js +404 -0
- package/dist/rules/input-validation-missing.test.js.map +1 -0
- package/dist/rules/rate-limit-missing.d.ts.map +1 -1
- package/dist/rules/rate-limit-missing.js +46 -4
- package/dist/rules/rate-limit-missing.js.map +1 -1
- package/dist/rules/wrapper-unrecognized.d.ts.map +1 -1
- package/dist/rules/wrapper-unrecognized.js +6 -1
- package/dist/rules/wrapper-unrecognized.js.map +1 -1
- package/package.json +1 -1
|
@@ -24,43 +24,32 @@ export function run(index, config) {
|
|
|
24
24
|
if (result) {
|
|
25
25
|
const pathname = route.pathname ?? route.file;
|
|
26
26
|
const isWebhook = /webhook/i.test(pathname);
|
|
27
|
-
const isCallback = isCallbackPath(pathname);
|
|
28
27
|
findings.push({
|
|
29
28
|
ruleId: RULE_ID,
|
|
30
29
|
severity: severityFromConfidence(result.confidence, maxSeverity),
|
|
31
30
|
confidence: result.confidence,
|
|
32
|
-
message:
|
|
33
|
-
? `
|
|
34
|
-
:
|
|
35
|
-
? `Webhook endpoint processes payloads without signature verification`
|
|
36
|
-
: `Route handler performs mutations without a recognized auth boundary`,
|
|
31
|
+
message: isWebhook
|
|
32
|
+
? `Webhook endpoint processes payloads without signature verification`
|
|
33
|
+
: `Route handler performs mutations without a recognized auth boundary`,
|
|
37
34
|
file: route.file,
|
|
38
35
|
line: result.line,
|
|
39
36
|
snippet: result.snippet,
|
|
40
37
|
evidence: result.evidence,
|
|
41
38
|
confidenceRationale: result.confidenceRationale,
|
|
42
|
-
remediation:
|
|
39
|
+
remediation: isWebhook
|
|
43
40
|
? [
|
|
44
|
-
"
|
|
45
|
-
"
|
|
46
|
-
"
|
|
41
|
+
"Verify the provider's webhook signature before processing the payload",
|
|
42
|
+
"Examples: Stripe `constructEvent()`, GitHub HMAC, Google Pub/Sub JWT, Slack `verifyRequest()`",
|
|
43
|
+
"Use `crypto.timingSafeEqual()` for HMAC comparisons to prevent timing attacks",
|
|
47
44
|
]
|
|
48
|
-
:
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
"Ensure middleware.ts protects this route segment",
|
|
57
|
-
"If using a custom auth wrapper, add it to hints.auth.functions in shipguard.config.json",
|
|
58
|
-
],
|
|
59
|
-
tags: isCallback
|
|
60
|
-
? ["auth", "callback", "server"]
|
|
61
|
-
: isWebhook
|
|
62
|
-
? ["auth", "webhook", "server"]
|
|
63
|
-
: ["auth", "server"],
|
|
45
|
+
: [
|
|
46
|
+
"Add an auth check at the top of the handler (e.g., `const session = await auth()`)",
|
|
47
|
+
"Ensure middleware.ts protects this route segment",
|
|
48
|
+
"If using a custom auth wrapper, add it to hints.auth.functions in shipguard.config.json",
|
|
49
|
+
],
|
|
50
|
+
tags: isWebhook
|
|
51
|
+
? ["auth", "webhook", "server"]
|
|
52
|
+
: ["auth", "server"],
|
|
64
53
|
});
|
|
65
54
|
}
|
|
66
55
|
}
|
|
@@ -148,12 +137,11 @@ function checkRoute(route, index, config) {
|
|
|
148
137
|
confidenceRationale = "Medium: mutation evidence present but possible custom auth wrapper detected (not in hints)";
|
|
149
138
|
evidence.push("possible custom auth wrapper detected (not in hints)");
|
|
150
139
|
}
|
|
151
|
-
//
|
|
140
|
+
// Exempt callback/OAuth/OIDC/SSO/SCIM paths — public by protocol design.
|
|
141
|
+
// The OAuth flow itself (state/PKCE/nonce) IS the auth boundary.
|
|
152
142
|
const pathname = route.pathname ?? route.file;
|
|
153
143
|
if (isCallbackPath(pathname)) {
|
|
154
|
-
|
|
155
|
-
confidenceRationale = "Medium: callback/OAuth/OIDC endpoint — typically public by protocol design";
|
|
156
|
-
evidence.push("callback/OAuth/OIDC path — typically relies on framework state/PKCE validation");
|
|
144
|
+
return null;
|
|
157
145
|
}
|
|
158
146
|
// Find the line of the first mutation evidence for precise reporting
|
|
159
147
|
const line = findFirstMutationLine(src, route.signals);
|
|
@@ -195,6 +183,9 @@ function hasBuiltInAuthPattern(src) {
|
|
|
195
183
|
// Stripe webhook signature verification
|
|
196
184
|
if (/stripe\.webhooks\.constructEvent\s*\(/m.test(src))
|
|
197
185
|
return true;
|
|
186
|
+
// WorkOS webhook signature verification
|
|
187
|
+
if (/workos\.webhooks\.constructEvent\s*\(/m.test(src))
|
|
188
|
+
return true;
|
|
198
189
|
// Vercel/QStash cron signature verification
|
|
199
190
|
if (/verifyVercelSignature\s*\(/m.test(src))
|
|
200
191
|
return true;
|
|
@@ -245,6 +236,9 @@ function hasBuiltInAuthPattern(src) {
|
|
|
245
236
|
// --- Auth-guard return: header/token/secret check → early 401/403 before mutation ---
|
|
246
237
|
if (hasAuthGuardReturn(src))
|
|
247
238
|
return true;
|
|
239
|
+
// --- Inline auth guard: common auth function name + null check + early return/throw ---
|
|
240
|
+
if (hasInlineAuthGuard(src))
|
|
241
|
+
return true;
|
|
248
242
|
return false;
|
|
249
243
|
}
|
|
250
244
|
/**
|
|
@@ -284,26 +278,28 @@ function hasWebhookTokenVerification(src) {
|
|
|
284
278
|
|| /req\.json\s*\(/.test(src);
|
|
285
279
|
if (!readsRequest)
|
|
286
280
|
return false;
|
|
287
|
-
|
|
281
|
+
// Accept explicit 401/403 or any throw (many apps throw custom errors)
|
|
282
|
+
return /status:\s*40[13]\b/.test(src) || /\(\s*40[13]\s*\)/.test(src) || /\bthrow\s+new\b/.test(src);
|
|
288
283
|
}
|
|
289
284
|
/**
|
|
290
|
-
* Detect DB-backed
|
|
285
|
+
* Detect DB-backed token lookup with early deny.
|
|
291
286
|
*
|
|
292
|
-
* Pattern: reads token from header → looks it up in DB → returns 401/403 if missing.
|
|
293
|
-
* Common in B2B SaaS for API key authentication.
|
|
287
|
+
* Pattern: reads token from request (header, body, params) → looks it up in DB → returns 401/403 if missing.
|
|
288
|
+
* Common in B2B SaaS for API key authentication, password reset flows, etc.
|
|
294
289
|
*
|
|
295
290
|
* Requires all three:
|
|
296
|
-
* 1. Reads from request headers
|
|
291
|
+
* 1. Reads from request (headers, searchParams, body, or route params)
|
|
297
292
|
* 2. DB lookup on a token/key-like table (prisma.apiToken, prisma.apiKey, etc.)
|
|
298
293
|
* 3. Returns 401 or 403
|
|
299
294
|
*/
|
|
300
295
|
function hasDbTokenLookup(src) {
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
const hasTokenLookup = /\.(apiToken|apiKey|token|accessToken|api_key|access_token)\.(findUnique|findFirst|findMany)\s*\(/i.test(src);
|
|
296
|
+
// DB lookup on a token/key-like table
|
|
297
|
+
const hasTokenLookup = /\.(apiToken|apiKey|token|accessToken|api_key|access_token|passwordResetToken|verificationToken|resetToken)\.(findUnique|findFirst|findMany)\s*\(/i.test(src);
|
|
304
298
|
if (!hasTokenLookup)
|
|
305
299
|
return false;
|
|
306
|
-
|
|
300
|
+
// Accept explicit 401/403, or any throw (custom error classes like DubApiError)
|
|
301
|
+
// Route handlers always read from the request, so token lookup + deny is sufficient
|
|
302
|
+
return /status:\s*40[13]\b/.test(src) || /\(\s*40[13]\s*\)/.test(src) || /\bthrow\s+new\b/.test(src);
|
|
307
303
|
}
|
|
308
304
|
/**
|
|
309
305
|
* Detect auth-guard return patterns: an early 401/403 return whose guarding
|
|
@@ -350,6 +346,40 @@ function hasAuthGuardReturn(src) {
|
|
|
350
346
|
}
|
|
351
347
|
return false;
|
|
352
348
|
}
|
|
349
|
+
/**
|
|
350
|
+
* Detect inline auth guards using common auth function name patterns + null check.
|
|
351
|
+
*
|
|
352
|
+
* Matches function calls like getCurrentUser(), getUser(), requireSession(), checkAuth(), etc.
|
|
353
|
+
* followed by a null/falsy check within 15 lines, with an early return/throw in the guard body.
|
|
354
|
+
*
|
|
355
|
+
* This catches auth patterns that aren't in hints (custom function names).
|
|
356
|
+
*/
|
|
357
|
+
const AUTH_FN_PATTERN = /\b(?:get|require|check|validate|verify|ensure|load|fetch)\w*(?:User|Session|Auth|Account|Identity|Token)\s*\(/i;
|
|
358
|
+
function hasInlineAuthGuard(src) {
|
|
359
|
+
if (!AUTH_FN_PATTERN.test(src))
|
|
360
|
+
return false;
|
|
361
|
+
const lines = src.split("\n");
|
|
362
|
+
// Find lines with auth function calls
|
|
363
|
+
for (let i = 0; i < lines.length; i++) {
|
|
364
|
+
if (!AUTH_FN_PATTERN.test(lines[i]))
|
|
365
|
+
continue;
|
|
366
|
+
// Look for a null/falsy check within 15 lines after the call
|
|
367
|
+
const searchEnd = Math.min(lines.length, i + 15);
|
|
368
|
+
for (let j = i; j < searchEnd; j++) {
|
|
369
|
+
const line = lines[j];
|
|
370
|
+
// Check for if (!variable) or if (variable == null) patterns
|
|
371
|
+
if (!/if\s*\(\s*!|\s*==\s*null|\s*===\s*null/.test(line))
|
|
372
|
+
continue;
|
|
373
|
+
// Check subsequent lines (the guard body) for throw/return/redirect
|
|
374
|
+
const guardEnd = Math.min(lines.length, j + 5);
|
|
375
|
+
const guardBody = lines.slice(j, guardEnd).join("\n");
|
|
376
|
+
if (/\bthrow\b|\breturn\b|\bredirect\b|NextResponse\.redirect|NextResponse\.json/.test(guardBody)) {
|
|
377
|
+
return true;
|
|
378
|
+
}
|
|
379
|
+
}
|
|
380
|
+
}
|
|
381
|
+
return false;
|
|
382
|
+
}
|
|
353
383
|
/** Find the 0-based line index of the first mutation evidence in source lines. */
|
|
354
384
|
function findFirstMutationLineIndex(lines) {
|
|
355
385
|
for (let i = 0; i < lines.length; i++) {
|
|
@@ -394,10 +424,10 @@ function hasAuthSignalInContext(context) {
|
|
|
394
424
|
* framework validation (state/PKCE) but are not auth-boundary issues.
|
|
395
425
|
*/
|
|
396
426
|
function isCallbackPath(pathname) {
|
|
397
|
-
return /\/(callback|oauth|oidc)(\/|$)/i.test(pathname);
|
|
427
|
+
return /\/(callback|oauth|oidc|sso|scim)(\/|$)/i.test(pathname);
|
|
398
428
|
}
|
|
399
429
|
function hasPossibleCustomAuth(src) {
|
|
400
|
-
if (/\b(verify|check|require|validate|ensure|guard|protect)\w*(Token|Auth|Session|User|Access|Secret|Signature|Permission)\s*\(/i.test(src)) {
|
|
430
|
+
if (/\b(verify|check|require|validate|ensure|guard|protect|get|fetch|load)\w*(Token|Auth|Session|User|Access|Secret|Signature|Permission)\s*\(/i.test(src)) {
|
|
401
431
|
return true;
|
|
402
432
|
}
|
|
403
433
|
if (/headers?\S*\.get\s*\(\s*["']authorization["']\s*\)/i.test(src)) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-boundary-missing.js","sourceRoot":"","sources":["../../src/rules/auth-boundary-missing.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,IAAI,MAAM,WAAW,CAAC;AAI7B,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,MAAM,CAAC,MAAM,OAAO,GAAG,uBAAuB,CAAC;AAE/C,MAAM,aAAa,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;AAEvF,SAAS,sBAAsB,CAAC,UAAsB,EAAE,WAAmB;IACzE,MAAM,GAAG,GAAG,WAAuB,CAAC;IACpC,MAAM,OAAO,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACxC,0DAA0D;IAC1D,+BAA+B;IAC/B,MAAM,QAAQ,GAAa,UAAU,KAAK,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC;IAChE,MAAM,YAAY,GAAG,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAClD,OAAO,YAAY,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,GAAG,CAAC,KAAgB,EAAE,MAAuB;IAC3D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,QAAQ,IAAI,UAAU,CAAC;IAElE,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC;IAEvD,gCAAgC;IAChC,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;QAChD,IAAI,aAAa,CAAC,KAAK,CAAC,IAAI,EAAE,aAAa,CAAC;YAAE,SAAS;QACvD,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QAChD,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,IAAI,CAAC;YAC9C,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC5C,MAAM,UAAU,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;YAC5C,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,sBAAsB,CAAC,MAAM,CAAC,UAAU,EAAE,WAAW,CAAC;gBAChE,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,OAAO,EAAE,UAAU;oBACjB,CAAC,CAAC,4EAA4E;oBAC9E,CAAC,CAAC,SAAS;wBACT,CAAC,CAAC,oEAAoE;wBACtE,CAAC,CAAC,qEAAqE;gBAC3E,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;gBAC/C,WAAW,EAAE,UAAU;oBACrB,CAAC,CAAC;wBACE,8FAA8F;wBAC9F,2GAA2G;wBAC3G,iEAAiE;qBAClE;oBACH,CAAC,CAAC,SAAS;wBACT,CAAC,CAAC;4BACE,uEAAuE;4BACvE,+FAA+F;4BAC/F,+EAA+E;yBAChF;wBACH,CAAC,CAAC;4BACE,oFAAoF;4BACpF,kDAAkD;4BAClD,yFAAyF;yBAC1F;gBACP,IAAI,EAAE,UAAU;oBACd,CAAC,CAAC,CAAC,MAAM,EAAE,UAAU,EAAE,QAAQ,CAAC;oBAChC,CAAC,CAAC,SAAS;wBACT,CAAC,CAAC,CAAC,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;wBAC/B,CAAC,CAAC,CAAC,MAAM,EAAE,QAAQ,CAAC;aACzB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,qFAAqF;IACrF,MAAM,eAAe,GAAG,IAAI,GAAG,EAAU,CAAC;IAC1C,KAAK,MAAM,MAAM,IAAI,KAAK,CAAC,aAAa,CAAC,eAAe,EAAE,CAAC;QACzD,IAAI,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;YAAE,SAAS;QAC/C,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACjC,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,aAAa,CAAC;YAAE,SAAS;QACxD,MAAM,MAAM,GAAG,iBAAiB,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QACxD,IAAI,MAAM,EAAE,CAAC;YACX,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,sBAAsB,CAAC,MAAM,CAAC,UAAU,EAAE,WAAW,CAAC;gBAChE,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,OAAO,EAAE,qEAAqE;gBAC9E,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;gBAC/C,WAAW,EAAE;oBACX,mDAAmD;oBACnD,yFAAyF;iBAC1F;gBACD,IAAI,EAAE,CAAC,MAAM,EAAE,eAAe,CAAC;aAChC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,iCAAiC;IACjC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACjD,IAAI,IAAI,CAAC,aAAa,KAAK,WAAW;YAAE,SAAS;QACjD,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,EAAE,aAAa,CAAC;YAAE,SAAS;QAEtD,MAAM,UAAU,GAAe,IAAI,CAAC,aAAa,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;QAChF,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,OAAO;YACf,QAAQ,EAAE,sBAAsB,CAAC,UAAU,EAAE,WAAW,CAAC;YACzD,UAAU;YACV,OAAO,EAAE,kBAAkB,IAAI,CAAC,IAAI,UAAU,IAAI,CAAC,aAAa,iCAAiC;YACjG,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,CAAC,GAAG,IAAI,CAAC,aAAa,sBAAsB,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC;YACxF,mBAAmB,EAAE,IAAI,CAAC,aAAa,KAAK,QAAQ;gBAClD,CAAC,CAAC,kDAAkD;gBACpD,CAAC,CAAC,gEAAgE;YACpE,WAAW,EAAE;gBACX,iEAAiE;gBACjE,+FAA+F;gBAC/F,oEAAoE;aACrE;YACD,IAAI,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC;SACvB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAUD,SAAS,UAAU,CACjB,KAAgB,EAChB,KAAgB,EAChB,MAAuB;IAEvB,sEAAsE;IACtE,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;QACrB,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS;YAAE,OAAO,IAAI,CAAC;QAEjD,+FAA+F;QAC/F,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;IACvE,CAAC;IAED,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;IAClD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IAEtB,yEAAyE;IACzE,2DAA2D;IAC3D,IAAI,qBAAqB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5C,uCAAuC;IACvC,MAAM,QAAQ,GAAa,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IAC9D,QAAQ,CAAC,IAAI,CAAC,mCAAmC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC3F,QAAQ,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;IACxD,IAAI,UAAU,GAAe,MAAM,CAAC;IACpC,IAAI,mBAAmB,GAAG,kEAAkE,CAAC;IAE7F,mEAAmE;IACnE,IAAI,qBAAqB,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/B,UAAU,GAAG,KAAK,CAAC;QACnB,mBAAmB,GAAG,4FAA4F,CAAC;QACnH,QAAQ,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;IACxE,CAAC;IAED,uFAAuF;IACvF,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,IAAI,CAAC;IAC9C,IAAI,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,UAAU,GAAG,KAAK,CAAC;QACnB,mBAAmB,GAAG,4EAA4E,CAAC;QACnG,QAAQ,CAAC,IAAI,CAAC,gFAAgF,CAAC,CAAC;IAClG,CAAC;IAED,qEAAqE;IACrE,MAAM,IAAI,GAAG,qBAAqB,CAAC,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IAEvD,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAC7D,CAAC;AAED,SAAS,iBAAiB,CACxB,MAAwB,EACxB,KAAgB,EAChB,MAAuB;IAEvB,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;IACnD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IAEtB,IAAI,WAAW,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAC/D,IAAI,qBAAqB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5C,MAAM,QAAQ,GAAa,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IAC/D,QAAQ,CAAC,IAAI,CAAC,mCAAmC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC3F,IAAI,UAAU,GAAe,MAAM,CAAC;IACpC,IAAI,mBAAmB,GAAG,4DAA4D,CAAC;IAEvF,IAAI,qBAAqB,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/B,UAAU,GAAG,KAAK,CAAC;QACnB,mBAAmB,GAAG,4FAA4F,CAAC;QACnH,QAAQ,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;IACxE,CAAC;IAED,MAAM,IAAI,GAAG,qBAAqB,CAAC,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAExD,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAC7D,CAAC;AAED,SAAS,WAAW,CAAC,GAAW,EAAE,aAAuB;IACvD,KAAK,MAAM,EAAE,IAAI,aAAa,EAAE,CAAC;QAC/B,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,MAAM,WAAW,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAChE,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;IACrC,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,qBAAqB,CAAC,GAAW;IACxC,wCAAwC;IACxC,IAAI,wCAAwC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEpE,4CAA4C;IAC5C,IAAI,6BAA6B,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACzD,IAAI,6BAA6B,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzD,uEAAuE;IACvE,IAAI,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEvE,sCAAsC;IACtC,IAAI,wCAAwC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEpE,6DAA6D;IAC7D,IAAI,2BAA2B,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzF,yDAAyD;IACzD,IAAI,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAClD,IAAI,yBAAyB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAErD,2DAA2D;IAE3D,uEAAuE;IACvE,IAAI,iBAAiB,CAAC,GAAG,EAAE,mBAAmB,CAAC;QAAE,OAAO,IAAI,CAAC;IAE7D,8DAA8D;IAC9D,IAAI,iBAAiB,CAAC,GAAG,EAAE,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAEnD,yDAAyD;IAEzD,kDAAkD;IAClD,IAAI,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,eAAe,CAAC;QAAE,OAAO,IAAI,CAAC;IAEhE,sCAAsC;IACtC,IAAI,gBAAgB,CAAC,GAAG,EAAE,mBAAmB,EAAE,eAAe,CAAC;QAAE,OAAO,IAAI,CAAC;IAE7E,2CAA2C;IAE3C,iEAAiE;IACjE,IAAI,2BAA2B,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAElD,iDAAiD;IAEjD,iEAAiE;IACjE,IAAI,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,gBAAgB,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjE,wEAAwE;IACxE,IAAI,gBAAgB,CAAC,GAAG,EAAE,cAAc,EAAE,eAAe,CAAC;QAAE,OAAO,IAAI,CAAC;IAExE,kDAAkD;IAClD,IAAI,gBAAgB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEvC,uFAAuF;IACvF,IAAI,kBAAkB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzC,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,iBAAiB,CAAC,GAAW,EAAE,aAAqB;IAC3D,MAAM,aAAa,GAAG,IAAI,MAAM,CAAC,eAAe,WAAW,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;IACxF,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3C,OAAO,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,GAAW,EAAE,WAAmB,EAAE,WAAmB;IAC7E,MAAM,aAAa,GAAG,IAAI,MAAM,CAAC,eAAe,WAAW,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IACtF,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3C,OAAO,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/B,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,2BAA2B,CAAC,GAAW;IAC9C,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IACpD,MAAM,YAAY,GAAG,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC;WAC7C,wBAAwB,CAAC,IAAI,CAAC,GAAG,CAAC;WAClC,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC;WAC9B,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAChC,IAAI,CAAC,YAAY;QAAE,OAAO,KAAK,CAAC;IAChC,OAAO,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACxE,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAS,gBAAgB,CAAC,GAAW;IACnC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IACjD,MAAM,cAAc,GAAG,mGAAmG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACrI,IAAI,CAAC,cAAc;QAAE,OAAO,KAAK,CAAC;IAClC,OAAO,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACxE,CAAC;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,SAAS,kBAAkB,CAAC,GAAW;IACrC,0CAA0C;IAC1C,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAEnF,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAE9B,wCAAwC;IACxC,MAAM,iBAAiB,GAAG,0BAA0B,CAAC,KAAK,CAAC,CAAC;IAE5D,4EAA4E;IAC5E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,SAAS;QACnC,IAAI,CAAC,4CAA4C,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,SAAS;QAEvE,iFAAiF;QACjF,IAAI,iBAAiB,KAAK,SAAS,IAAI,CAAC,IAAI,iBAAiB;YAAE,SAAS;QAExE,sEAAsE;QACtE,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;QACzC,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE5D,IAAI,sBAAsB,CAAC,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC;IACnD,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,kFAAkF;AAClF,SAAS,0BAA0B,CAAC,KAAe;IACjD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,uEAAuE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3F,OAAO,CAAC,CAAC;QACX,CAAC;QACD,IAAI,uCAAuC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3D,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAM,oBAAoB,GAAa;IACrC,uCAAuC;IACvC,mGAAmG;IACnG,uDAAuD;IACvD,wEAAwE;IACxE,yCAAyC;IACzC,sGAAsG;IACtG,iDAAiD;IACjD,2DAA2D;IAC3D,wCAAwC;IACxC,oBAAoB;IACpB,aAAa;IACb,qDAAqD;IACrD,yEAAyE;CAC1E,CAAC;AAEF;;;;GAIG;AACH,SAAS,sBAAsB,CAAC,OAAe;IAC7C,OAAO,oBAAoB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACvE,CAAC;AAED;;;;GAIG;AACH,SAAS,cAAc,CAAC,QAAgB;IACtC,OAAO,gCAAgC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACzD,CAAC;AAED,SAAS,qBAAqB,CAAC,GAAW;IACxC,IAAI,6HAA6H,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC5I,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,qDAAqD,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACpE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,qBAAqB,CAAC,GAAW,EAAE,OAAsC;IAChF,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,uEAAuE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3F,OAAO,CAAC,GAAG,CAAC,CAAC;QACf,CAAC;QACD,IAAI,uCAAuC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3D,OAAO,CAAC,GAAG,CAAC,CAAC;QACf,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,UAAU,CAAC,OAAe,EAAE,IAAY;IAC/C,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,GAAW;IAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;AACpD,CAAC"}
|
|
1
|
+
{"version":3,"file":"auth-boundary-missing.js","sourceRoot":"","sources":["../../src/rules/auth-boundary-missing.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,IAAI,MAAM,WAAW,CAAC;AAI7B,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,MAAM,CAAC,MAAM,OAAO,GAAG,uBAAuB,CAAC;AAE/C,MAAM,aAAa,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;AAEvF,SAAS,sBAAsB,CAAC,UAAsB,EAAE,WAAmB;IACzE,MAAM,GAAG,GAAG,WAAuB,CAAC;IACpC,MAAM,OAAO,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACxC,0DAA0D;IAC1D,+BAA+B;IAC/B,MAAM,QAAQ,GAAa,UAAU,KAAK,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC;IAChE,MAAM,YAAY,GAAG,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAClD,OAAO,YAAY,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,GAAG,CAAC,KAAgB,EAAE,MAAuB;IAC3D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,QAAQ,IAAI,UAAU,CAAC;IAElE,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC;IAEvD,gCAAgC;IAChC,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;QAChD,IAAI,aAAa,CAAC,KAAK,CAAC,IAAI,EAAE,aAAa,CAAC;YAAE,SAAS;QACvD,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QAChD,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,IAAI,CAAC;YAC9C,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC5C,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,sBAAsB,CAAC,MAAM,CAAC,UAAU,EAAE,WAAW,CAAC;gBAChE,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,OAAO,EAAE,SAAS;oBAChB,CAAC,CAAC,oEAAoE;oBACtE,CAAC,CAAC,qEAAqE;gBACzE,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;gBAC/C,WAAW,EAAE,SAAS;oBACpB,CAAC,CAAC;wBACE,uEAAuE;wBACvE,+FAA+F;wBAC/F,+EAA+E;qBAChF;oBACH,CAAC,CAAC;wBACE,oFAAoF;wBACpF,kDAAkD;wBAClD,yFAAyF;qBAC1F;gBACL,IAAI,EAAE,SAAS;oBACb,CAAC,CAAC,CAAC,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;oBAC/B,CAAC,CAAC,CAAC,MAAM,EAAE,QAAQ,CAAC;aACvB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,qFAAqF;IACrF,MAAM,eAAe,GAAG,IAAI,GAAG,EAAU,CAAC;IAC1C,KAAK,MAAM,MAAM,IAAI,KAAK,CAAC,aAAa,CAAC,eAAe,EAAE,CAAC;QACzD,IAAI,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;YAAE,SAAS;QAC/C,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACjC,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,aAAa,CAAC;YAAE,SAAS;QACxD,MAAM,MAAM,GAAG,iBAAiB,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QACxD,IAAI,MAAM,EAAE,CAAC;YACX,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,sBAAsB,CAAC,MAAM,CAAC,UAAU,EAAE,WAAW,CAAC;gBAChE,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,OAAO,EAAE,qEAAqE;gBAC9E,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;gBAC/C,WAAW,EAAE;oBACX,mDAAmD;oBACnD,yFAAyF;iBAC1F;gBACD,IAAI,EAAE,CAAC,MAAM,EAAE,eAAe,CAAC;aAChC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,iCAAiC;IACjC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACjD,IAAI,IAAI,CAAC,aAAa,KAAK,WAAW;YAAE,SAAS;QACjD,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,EAAE,aAAa,CAAC;YAAE,SAAS;QAEtD,MAAM,UAAU,GAAe,IAAI,CAAC,aAAa,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;QAChF,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,OAAO;YACf,QAAQ,EAAE,sBAAsB,CAAC,UAAU,EAAE,WAAW,CAAC;YACzD,UAAU;YACV,OAAO,EAAE,kBAAkB,IAAI,CAAC,IAAI,UAAU,IAAI,CAAC,aAAa,iCAAiC;YACjG,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,CAAC,GAAG,IAAI,CAAC,aAAa,sBAAsB,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC;YACxF,mBAAmB,EAAE,IAAI,CAAC,aAAa,KAAK,QAAQ;gBAClD,CAAC,CAAC,kDAAkD;gBACpD,CAAC,CAAC,gEAAgE;YACpE,WAAW,EAAE;gBACX,iEAAiE;gBACjE,+FAA+F;gBAC/F,oEAAoE;aACrE;YACD,IAAI,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC;SACvB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAUD,SAAS,UAAU,CACjB,KAAgB,EAChB,KAAgB,EAChB,MAAuB;IAEvB,sEAAsE;IACtE,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;QACrB,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS;YAAE,OAAO,IAAI,CAAC;QAEjD,+FAA+F;QAC/F,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;IACvE,CAAC;IAED,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;IAClD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IAEtB,yEAAyE;IACzE,2DAA2D;IAC3D,IAAI,qBAAqB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5C,uCAAuC;IACvC,MAAM,QAAQ,GAAa,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IAC9D,QAAQ,CAAC,IAAI,CAAC,mCAAmC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC3F,QAAQ,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;IACxD,IAAI,UAAU,GAAe,MAAM,CAAC;IACpC,IAAI,mBAAmB,GAAG,kEAAkE,CAAC;IAE7F,mEAAmE;IACnE,IAAI,qBAAqB,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/B,UAAU,GAAG,KAAK,CAAC;QACnB,mBAAmB,GAAG,4FAA4F,CAAC;QACnH,QAAQ,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;IACxE,CAAC;IAED,yEAAyE;IACzE,iEAAiE;IACjE,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,IAAI,CAAC;IAC9C,IAAI,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,qEAAqE;IACrE,MAAM,IAAI,GAAG,qBAAqB,CAAC,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IAEvD,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAC7D,CAAC;AAED,SAAS,iBAAiB,CACxB,MAAwB,EACxB,KAAgB,EAChB,MAAuB;IAEvB,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;IACnD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IAEtB,IAAI,WAAW,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAC/D,IAAI,qBAAqB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5C,MAAM,QAAQ,GAAa,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IAC/D,QAAQ,CAAC,IAAI,CAAC,mCAAmC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC3F,IAAI,UAAU,GAAe,MAAM,CAAC;IACpC,IAAI,mBAAmB,GAAG,4DAA4D,CAAC;IAEvF,IAAI,qBAAqB,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/B,UAAU,GAAG,KAAK,CAAC;QACnB,mBAAmB,GAAG,4FAA4F,CAAC;QACnH,QAAQ,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;IACxE,CAAC;IAED,MAAM,IAAI,GAAG,qBAAqB,CAAC,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAExD,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAC7D,CAAC;AAED,SAAS,WAAW,CAAC,GAAW,EAAE,aAAuB;IACvD,KAAK,MAAM,EAAE,IAAI,aAAa,EAAE,CAAC;QAC/B,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,MAAM,WAAW,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAChE,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;IACrC,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,qBAAqB,CAAC,GAAW;IACxC,wCAAwC;IACxC,IAAI,wCAAwC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEpE,wCAAwC;IACxC,IAAI,wCAAwC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEpE,4CAA4C;IAC5C,IAAI,6BAA6B,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACzD,IAAI,6BAA6B,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzD,uEAAuE;IACvE,IAAI,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEvE,sCAAsC;IACtC,IAAI,wCAAwC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEpE,6DAA6D;IAC7D,IAAI,2BAA2B,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzF,yDAAyD;IACzD,IAAI,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAClD,IAAI,yBAAyB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAErD,2DAA2D;IAE3D,uEAAuE;IACvE,IAAI,iBAAiB,CAAC,GAAG,EAAE,mBAAmB,CAAC;QAAE,OAAO,IAAI,CAAC;IAE7D,8DAA8D;IAC9D,IAAI,iBAAiB,CAAC,GAAG,EAAE,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAEnD,yDAAyD;IAEzD,kDAAkD;IAClD,IAAI,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,eAAe,CAAC;QAAE,OAAO,IAAI,CAAC;IAEhE,sCAAsC;IACtC,IAAI,gBAAgB,CAAC,GAAG,EAAE,mBAAmB,EAAE,eAAe,CAAC;QAAE,OAAO,IAAI,CAAC;IAE7E,2CAA2C;IAE3C,iEAAiE;IACjE,IAAI,2BAA2B,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAElD,iDAAiD;IAEjD,iEAAiE;IACjE,IAAI,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,gBAAgB,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjE,wEAAwE;IACxE,IAAI,gBAAgB,CAAC,GAAG,EAAE,cAAc,EAAE,eAAe,CAAC;QAAE,OAAO,IAAI,CAAC;IAExE,kDAAkD;IAClD,IAAI,gBAAgB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEvC,uFAAuF;IACvF,IAAI,kBAAkB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzC,yFAAyF;IACzF,IAAI,kBAAkB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzC,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,iBAAiB,CAAC,GAAW,EAAE,aAAqB;IAC3D,MAAM,aAAa,GAAG,IAAI,MAAM,CAAC,eAAe,WAAW,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;IACxF,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3C,OAAO,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,GAAW,EAAE,WAAmB,EAAE,WAAmB;IAC7E,MAAM,aAAa,GAAG,IAAI,MAAM,CAAC,eAAe,WAAW,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IACtF,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3C,OAAO,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/B,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,2BAA2B,CAAC,GAAW;IAC9C,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IACpD,MAAM,YAAY,GAAG,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC;WAC7C,wBAAwB,CAAC,IAAI,CAAC,GAAG,CAAC;WAClC,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC;WAC9B,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAChC,IAAI,CAAC,YAAY;QAAE,OAAO,KAAK,CAAC;IAChC,uEAAuE;IACvE,OAAO,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACvG,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAS,gBAAgB,CAAC,GAAW;IACnC,sCAAsC;IACtC,MAAM,cAAc,GAAG,mJAAmJ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACrL,IAAI,CAAC,cAAc;QAAE,OAAO,KAAK,CAAC;IAClC,gFAAgF;IAChF,oFAAoF;IACpF,OAAO,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACvG,CAAC;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,SAAS,kBAAkB,CAAC,GAAW;IACrC,0CAA0C;IAC1C,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAEnF,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAE9B,wCAAwC;IACxC,MAAM,iBAAiB,GAAG,0BAA0B,CAAC,KAAK,CAAC,CAAC;IAE5D,4EAA4E;IAC5E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,SAAS;QACnC,IAAI,CAAC,4CAA4C,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,SAAS;QAEvE,iFAAiF;QACjF,IAAI,iBAAiB,KAAK,SAAS,IAAI,CAAC,IAAI,iBAAiB;YAAE,SAAS;QAExE,sEAAsE;QACtE,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;QACzC,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE5D,IAAI,sBAAsB,CAAC,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC;IACnD,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,eAAe,GAAG,gHAAgH,CAAC;AAEzI,SAAS,kBAAkB,CAAC,GAAW;IACrC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAE7C,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAE9B,sCAAsC;IACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAAE,SAAS;QAE9C,6DAA6D;QAC7D,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;QACjD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,6DAA6D;YAC7D,IAAI,CAAC,wCAAwC,CAAC,IAAI,CAAC,IAAI,CAAC;gBAAE,SAAS;YAEnE,oEAAoE;YACpE,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YAC/C,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACtD,IAAI,6EAA6E,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;gBAClG,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,kFAAkF;AAClF,SAAS,0BAA0B,CAAC,KAAe;IACjD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,uEAAuE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3F,OAAO,CAAC,CAAC;QACX,CAAC;QACD,IAAI,uCAAuC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3D,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAM,oBAAoB,GAAa;IACrC,uCAAuC;IACvC,mGAAmG;IACnG,uDAAuD;IACvD,wEAAwE;IACxE,yCAAyC;IACzC,sGAAsG;IACtG,iDAAiD;IACjD,2DAA2D;IAC3D,wCAAwC;IACxC,oBAAoB;IACpB,aAAa;IACb,qDAAqD;IACrD,yEAAyE;CAC1E,CAAC;AAEF;;;;GAIG;AACH,SAAS,sBAAsB,CAAC,OAAe;IAC7C,OAAO,oBAAoB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACvE,CAAC;AAED;;;;GAIG;AACH,SAAS,cAAc,CAAC,QAAgB;IACtC,OAAO,yCAAyC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AAClE,CAAC;AAED,SAAS,qBAAqB,CAAC,GAAW;IACxC,IAAI,4IAA4I,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3J,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,qDAAqD,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACpE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,qBAAqB,CAAC,GAAW,EAAE,OAAsC;IAChF,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,uEAAuE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3F,OAAO,CAAC,GAAG,CAAC,CAAC;QACf,CAAC;QACD,IAAI,uCAAuC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3D,OAAO,CAAC,GAAG,CAAC,CAAC;QACf,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,UAAU,CAAC,OAAe,EAAE,IAAY;IAC/C,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,GAAW;IAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;AACpD,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/rules/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,KAAK,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/rules/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,KAAK,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAOnE,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,eAAO,MAAM,aAAa,EAAE,QAAQ,EAoCnC,CAAC;AAEF,wBAAgB,WAAW,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,eAAe,GAAG,OAAO,EAAE,CAsBhF"}
|
package/dist/rules/index.js
CHANGED
|
@@ -2,6 +2,7 @@ import * as authBoundary from "./auth-boundary-missing.js";
|
|
|
2
2
|
import * as rateLimit from "./rate-limit-missing.js";
|
|
3
3
|
import * as tenancyScope from "./tenancy-scope-missing.js";
|
|
4
4
|
import * as wrapperUnrecognized from "./wrapper-unrecognized.js";
|
|
5
|
+
import * as inputValidation from "./input-validation-missing.js";
|
|
5
6
|
export const RULE_REGISTRY = [
|
|
6
7
|
{
|
|
7
8
|
id: "AUTH-BOUNDARY-MISSING",
|
|
@@ -24,6 +25,13 @@ export const RULE_REGISTRY = [
|
|
|
24
25
|
defaultSeverity: "critical",
|
|
25
26
|
docs: "Shipguard checks that Prisma queries include a tenant scoping field (orgId, tenantId, workspaceId) in their where clause. Only runs when Prisma is detected and the schema contains tenant fields. Configure field names in hints.tenancy.orgFieldNames.",
|
|
26
27
|
},
|
|
28
|
+
{
|
|
29
|
+
id: "INPUT-VALIDATION-MISSING",
|
|
30
|
+
name: "Input Validation Missing",
|
|
31
|
+
description: "Flags endpoints that read user input and perform writes without schema validation.",
|
|
32
|
+
defaultSeverity: "high",
|
|
33
|
+
docs: "Shipguard checks that endpoints reading request.json(), formData(), or req.body validate input through a schema library (zod, valibot, yup, joi) before passing data to database writes or payment operations. Only flags when both body reading and writes are detected without validation.",
|
|
34
|
+
},
|
|
27
35
|
{
|
|
28
36
|
id: "WRAPPER-UNRECOGNIZED",
|
|
29
37
|
name: "Wrapper Unrecognized",
|
|
@@ -44,6 +52,9 @@ export function runAllRules(index, config) {
|
|
|
44
52
|
if (config.rules["TENANCY-SCOPE-MISSING"]) {
|
|
45
53
|
findings.push(...tenancyScope.run(index, config));
|
|
46
54
|
}
|
|
55
|
+
if (config.rules["INPUT-VALIDATION-MISSING"]) {
|
|
56
|
+
findings.push(...inputValidation.run(index, config));
|
|
57
|
+
}
|
|
47
58
|
// WRAPPER-UNRECOGNIZED is always enabled unless explicitly configured out
|
|
48
59
|
if (config.rules["WRAPPER-UNRECOGNIZED"] !== undefined ? config.rules["WRAPPER-UNRECOGNIZED"] : true) {
|
|
49
60
|
findings.push(...wrapperUnrecognized.run(index, config));
|
package/dist/rules/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/rules/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,YAAY,MAAM,4BAA4B,CAAC;AAC3D,OAAO,KAAK,SAAS,MAAM,yBAAyB,CAAC;AACrD,OAAO,KAAK,YAAY,MAAM,4BAA4B,CAAC;AAC3D,OAAO,KAAK,mBAAmB,MAAM,2BAA2B,CAAC;AAUjE,MAAM,CAAC,MAAM,aAAa,GAAe;IACvC;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,sFAAsF;QACnG,eAAe,EAAE,UAAU;QAC3B,IAAI,EAAE,gQAAgQ;KACvQ;IACD;QACE,EAAE,EAAE,oBAAoB;QACxB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2DAA2D;QACxE,eAAe,EAAE,UAAU;QAC3B,IAAI,EAAE,4QAA4Q;KACnR;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,yFAAyF;QACtG,eAAe,EAAE,UAAU;QAC3B,IAAI,EAAE,0PAA0P;KACjQ;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,mFAAmF;QAChG,eAAe,EAAE,MAAM;QACvB,IAAI,EAAE,iTAAiT;KACxT;CACF,CAAC;AAEF,MAAM,UAAU,WAAW,CAAC,KAAgB,EAAE,MAAuB;IACnE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAE/B,+DAA+D;IAC/D,IAAI,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,EAAE,CAAC;QAC1C,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IACpD,CAAC;IACD,IAAI,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;QACvC,QAAQ,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IACjD,CAAC;IACD,IAAI,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,EAAE,CAAC;QAC1C,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IACpD,CAAC;IACD,0EAA0E;IAC1E,IAAI,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACrG,QAAQ,CAAC,IAAI,CAAC,GAAG,mBAAmB,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/rules/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,YAAY,MAAM,4BAA4B,CAAC;AAC3D,OAAO,KAAK,SAAS,MAAM,yBAAyB,CAAC;AACrD,OAAO,KAAK,YAAY,MAAM,4BAA4B,CAAC;AAC3D,OAAO,KAAK,mBAAmB,MAAM,2BAA2B,CAAC;AACjE,OAAO,KAAK,eAAe,MAAM,+BAA+B,CAAC;AAUjE,MAAM,CAAC,MAAM,aAAa,GAAe;IACvC;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,sFAAsF;QACnG,eAAe,EAAE,UAAU;QAC3B,IAAI,EAAE,gQAAgQ;KACvQ;IACD;QACE,EAAE,EAAE,oBAAoB;QACxB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2DAA2D;QACxE,eAAe,EAAE,UAAU;QAC3B,IAAI,EAAE,4QAA4Q;KACnR;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,yFAAyF;QACtG,eAAe,EAAE,UAAU;QAC3B,IAAI,EAAE,0PAA0P;KACjQ;IACD;QACE,EAAE,EAAE,0BAA0B;QAC9B,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,oFAAoF;QACjG,eAAe,EAAE,MAAM;QACvB,IAAI,EAAE,8RAA8R;KACrS;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,mFAAmF;QAChG,eAAe,EAAE,MAAM;QACvB,IAAI,EAAE,iTAAiT;KACxT;CACF,CAAC;AAEF,MAAM,UAAU,WAAW,CAAC,KAAgB,EAAE,MAAuB;IACnE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAE/B,+DAA+D;IAC/D,IAAI,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,EAAE,CAAC;QAC1C,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IACpD,CAAC;IACD,IAAI,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;QACvC,QAAQ,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IACjD,CAAC;IACD,IAAI,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,EAAE,CAAC;QAC1C,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IACpD,CAAC;IACD,IAAI,MAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,EAAE,CAAC;QAC7C,QAAQ,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IACvD,CAAC;IACD,0EAA0E;IAC1E,IAAI,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACrG,QAAQ,CAAC,IAAI,CAAC,GAAG,mBAAmB,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
import type { NextIndex } from "../next/types.js";
|
|
2
|
+
import type { Finding, ShipguardConfig } from "../engine/types.js";
|
|
3
|
+
export declare const RULE_ID = "INPUT-VALIDATION-MISSING";
|
|
4
|
+
export declare function run(index: NextIndex, config: ShipguardConfig): Finding[];
|
|
5
|
+
//# sourceMappingURL=input-validation-missing.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"input-validation-missing.d.ts","sourceRoot":"","sources":["../../src/rules/input-validation-missing.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAA+B,MAAM,kBAAkB,CAAC;AAC/E,OAAO,KAAK,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAGnE,eAAO,MAAM,OAAO,6BAA6B,CAAC;AAclD,wBAAgB,GAAG,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,eAAe,GAAG,OAAO,EAAE,CAqDxE"}
|
|
@@ -0,0 +1,242 @@
|
|
|
1
|
+
import { readFileSync } from "node:fs";
|
|
2
|
+
import path from "node:path";
|
|
3
|
+
export const RULE_ID = "INPUT-VALIDATION-MISSING";
|
|
4
|
+
const SEVERITY_RANK = { critical: 4, high: 3, med: 2, low: 1 };
|
|
5
|
+
function severityFromConfidence(confidence, maxSeverity) {
|
|
6
|
+
const max = maxSeverity;
|
|
7
|
+
const maxRank = SEVERITY_RANK[max] ?? 3;
|
|
8
|
+
// high confidence → use max severity (typically high)
|
|
9
|
+
// med confidence → cap at med
|
|
10
|
+
const computed = confidence === "high" ? max : "med";
|
|
11
|
+
const computedRank = SEVERITY_RANK[computed] ?? 2;
|
|
12
|
+
return computedRank > maxRank ? max : computed;
|
|
13
|
+
}
|
|
14
|
+
export function run(index, config) {
|
|
15
|
+
const findings = [];
|
|
16
|
+
const maxSeverity = config.rules[RULE_ID]?.severity ?? "high";
|
|
17
|
+
// Check mutation route handlers
|
|
18
|
+
for (const route of index.routes.mutationRoutes) {
|
|
19
|
+
const result = checkEndpoint(route, index);
|
|
20
|
+
if (result) {
|
|
21
|
+
findings.push({
|
|
22
|
+
ruleId: RULE_ID,
|
|
23
|
+
severity: severityFromConfidence(result.confidence, maxSeverity),
|
|
24
|
+
confidence: result.confidence,
|
|
25
|
+
message: "Endpoint reads user input and performs writes without schema validation",
|
|
26
|
+
file: route.file,
|
|
27
|
+
line: result.line,
|
|
28
|
+
snippet: result.snippet,
|
|
29
|
+
evidence: result.evidence,
|
|
30
|
+
confidenceRationale: result.confidenceRationale,
|
|
31
|
+
remediation: [
|
|
32
|
+
"Validate request body with a schema library before passing to DB/API calls",
|
|
33
|
+
"Example: `const data = schema.parse(await request.json())`",
|
|
34
|
+
"Recommended: zod, valibot, yup, or joi",
|
|
35
|
+
],
|
|
36
|
+
tags: ["input-validation", "data-integrity"],
|
|
37
|
+
});
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
// Check mutation server actions
|
|
41
|
+
for (const action of index.serverActions.mutationActions) {
|
|
42
|
+
const result = checkEndpoint(action, index);
|
|
43
|
+
if (result) {
|
|
44
|
+
findings.push({
|
|
45
|
+
ruleId: RULE_ID,
|
|
46
|
+
severity: severityFromConfidence(result.confidence, maxSeverity),
|
|
47
|
+
confidence: result.confidence,
|
|
48
|
+
message: "Server action performs writes without schema validation on input",
|
|
49
|
+
file: action.file,
|
|
50
|
+
line: result.line,
|
|
51
|
+
snippet: result.snippet,
|
|
52
|
+
evidence: result.evidence,
|
|
53
|
+
confidenceRationale: result.confidenceRationale,
|
|
54
|
+
remediation: [
|
|
55
|
+
"Validate action input with a schema library before passing to DB/API calls",
|
|
56
|
+
"Example: `const data = schema.parse(formData)`",
|
|
57
|
+
"Recommended: zod, valibot, yup, or joi",
|
|
58
|
+
],
|
|
59
|
+
tags: ["input-validation", "data-integrity"],
|
|
60
|
+
});
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
return findings;
|
|
64
|
+
}
|
|
65
|
+
function checkEndpoint(endpoint, index) {
|
|
66
|
+
let src;
|
|
67
|
+
try {
|
|
68
|
+
src = readFileSync(path.resolve(index.rootDir, endpoint.file), "utf-8");
|
|
69
|
+
}
|
|
70
|
+
catch {
|
|
71
|
+
return null;
|
|
72
|
+
}
|
|
73
|
+
// Must read user input
|
|
74
|
+
if (!readsUserInput(src))
|
|
75
|
+
return null;
|
|
76
|
+
// Must have a write (DB or Stripe)
|
|
77
|
+
if (!endpoint.signals.hasDbWriteEvidence && !endpoint.signals.hasStripeWriteEvidence)
|
|
78
|
+
return null;
|
|
79
|
+
// Check for validation patterns — if present, no finding
|
|
80
|
+
// Strip comment lines to avoid false negatives from commented-out validation
|
|
81
|
+
if (hasSchemaValidation(stripCommentLines(src)))
|
|
82
|
+
return null;
|
|
83
|
+
// Build evidence
|
|
84
|
+
const evidence = [];
|
|
85
|
+
if (readsJson(src))
|
|
86
|
+
evidence.push("Reads request.json() / req.json()");
|
|
87
|
+
if (readsFormData(src))
|
|
88
|
+
evidence.push("Reads request.formData()");
|
|
89
|
+
if (/req\.body/.test(src))
|
|
90
|
+
evidence.push("Reads req.body");
|
|
91
|
+
for (const detail of endpoint.signals.mutationDetails) {
|
|
92
|
+
if (detail !== "reads request body") {
|
|
93
|
+
evidence.push(detail);
|
|
94
|
+
}
|
|
95
|
+
}
|
|
96
|
+
evidence.push("No schema validation detected (z.parse, safeParse, validate, etc.)");
|
|
97
|
+
// Confidence: high if clear DB write + body read + no validation
|
|
98
|
+
// med if only general mutation evidence
|
|
99
|
+
let confidence = endpoint.signals.hasDbWriteEvidence ? "high" : "med";
|
|
100
|
+
let rationale = confidence === "high"
|
|
101
|
+
? "Direct DB write with unvalidated user input — no schema parsing detected"
|
|
102
|
+
: "Mutation endpoint with unvalidated input — no schema parsing detected";
|
|
103
|
+
// Webhook-verified routes: signature verification provides some payload integrity
|
|
104
|
+
// Downgrade — still flag because signatures don't validate schema structure
|
|
105
|
+
if (hasWebhookSignature(src)) {
|
|
106
|
+
confidence = "med";
|
|
107
|
+
rationale = "Webhook signature verified but no schema validation — payload structure not enforced";
|
|
108
|
+
evidence.push("webhook signature verification present (provides integrity, not schema validation)");
|
|
109
|
+
}
|
|
110
|
+
// Find the line of the first body read
|
|
111
|
+
const line = findInputReadLine(src);
|
|
112
|
+
return { confidence, line, evidence, confidenceRationale: rationale };
|
|
113
|
+
}
|
|
114
|
+
// --- Detection patterns ---
|
|
115
|
+
function readsUserInput(src) {
|
|
116
|
+
return readsJson(src) || readsFormData(src) || /req\.body\b/.test(src);
|
|
117
|
+
}
|
|
118
|
+
function readsJson(src) {
|
|
119
|
+
return /(?:request|req)\.json\s*\(/.test(src);
|
|
120
|
+
}
|
|
121
|
+
function readsFormData(src) {
|
|
122
|
+
return /(?:request|req)\.formData\s*\(/.test(src);
|
|
123
|
+
}
|
|
124
|
+
/**
|
|
125
|
+
* Detect schema validation patterns.
|
|
126
|
+
* Starts with Zod (.parse, .safeParse, z.object) and expands to common libs.
|
|
127
|
+
*/
|
|
128
|
+
function hasSchemaValidation(src) {
|
|
129
|
+
// Zod: z.object(), schema.parse(), schema.safeParse()
|
|
130
|
+
if (/\bz\.\s*(?:object|string|number|array|enum|union|tuple|record|literal|nativeEnum|coerce)\s*\(/.test(src))
|
|
131
|
+
return true;
|
|
132
|
+
// .parse() but NOT JSON.parse, URL.parse, path.parse, Date.parse, parseInt
|
|
133
|
+
if (/\.parse\s*\(/.test(src) && !isOnlyBuiltinParse(src))
|
|
134
|
+
return true;
|
|
135
|
+
if (/\.safeParse\s*\(/.test(src))
|
|
136
|
+
return true;
|
|
137
|
+
// Valibot: v.parse(), v.safeParse(), parse(schema, ...)
|
|
138
|
+
if (/\bv\.\s*(?:parse|safeParse)\s*\(/.test(src))
|
|
139
|
+
return true;
|
|
140
|
+
// Yup: schema.validate(), schema.validateSync()
|
|
141
|
+
if (/\.validate\s*\(/.test(src) && !isOnlyBuiltinValidate(src))
|
|
142
|
+
return true;
|
|
143
|
+
if (/\.validateSync\s*\(/.test(src))
|
|
144
|
+
return true;
|
|
145
|
+
// Joi: schema.validate()
|
|
146
|
+
// (already covered by .validate above)
|
|
147
|
+
// ArkType: type(...), already uses .parse
|
|
148
|
+
// (covered by .parse above)
|
|
149
|
+
// TypeBox + Ajv: Value.Check, ajv.validate — both use .validate
|
|
150
|
+
// (covered above)
|
|
151
|
+
// Next.js server action pattern: zod + useFormState
|
|
152
|
+
// createSafeActionClient (next-safe-action)
|
|
153
|
+
if (/createSafeActionClient|actionClient/.test(src))
|
|
154
|
+
return true;
|
|
155
|
+
// tRPC input validation (z.object in .input())
|
|
156
|
+
if (/\.input\s*\(\s*z\./.test(src))
|
|
157
|
+
return true;
|
|
158
|
+
return false;
|
|
159
|
+
}
|
|
160
|
+
/**
|
|
161
|
+
* Returns true if ALL .parse() calls in the source are from built-in objects
|
|
162
|
+
* (JSON.parse, URL.parse, path.parse, Date.parse, etc.) — not schema validation.
|
|
163
|
+
*/
|
|
164
|
+
function isOnlyBuiltinParse(src) {
|
|
165
|
+
const allParseMatches = [...src.matchAll(/(\w+)\.parse\s*\(/g)];
|
|
166
|
+
// No named callers found but .parse() exists → likely chained (e.g. getSchema().parse())
|
|
167
|
+
// Treat as schema validation (safe default)
|
|
168
|
+
if (allParseMatches.length === 0)
|
|
169
|
+
return false;
|
|
170
|
+
return allParseMatches.every((m) => BUILTIN_PARSE_CALLERS.has(m[1]));
|
|
171
|
+
}
|
|
172
|
+
const BUILTIN_PARSE_CALLERS = new Set([
|
|
173
|
+
"JSON", "URL", "path", "Date", "Number", "BigInt",
|
|
174
|
+
"Buffer", "querystring", "qs", "cookie", "cookieStore",
|
|
175
|
+
]);
|
|
176
|
+
/**
|
|
177
|
+
* Returns true if ALL .validate() calls are from built-in/non-schema objects.
|
|
178
|
+
*/
|
|
179
|
+
function isOnlyBuiltinValidate(src) {
|
|
180
|
+
const allMatches = [...src.matchAll(/(\w+)\.validate\s*\(/g)];
|
|
181
|
+
if (allMatches.length === 0)
|
|
182
|
+
return true;
|
|
183
|
+
return allMatches.every((m) => BUILTIN_VALIDATE_CALLERS.has(m[1]));
|
|
184
|
+
}
|
|
185
|
+
const BUILTIN_VALIDATE_CALLERS = new Set([
|
|
186
|
+
"document", "form", "email", "url",
|
|
187
|
+
]);
|
|
188
|
+
/**
|
|
189
|
+
* Remove full-line comments to avoid false negatives.
|
|
190
|
+
* Only strips lines where first non-whitespace is // or lines inside block comments.
|
|
191
|
+
* Deliberately simple — doesn't handle inline comments to avoid breaking strings.
|
|
192
|
+
*/
|
|
193
|
+
function stripCommentLines(src) {
|
|
194
|
+
let inBlock = false;
|
|
195
|
+
return src.split("\n").filter((line) => {
|
|
196
|
+
const trimmed = line.trimStart();
|
|
197
|
+
if (inBlock) {
|
|
198
|
+
if (trimmed.includes("*/"))
|
|
199
|
+
inBlock = false;
|
|
200
|
+
return false;
|
|
201
|
+
}
|
|
202
|
+
if (trimmed.startsWith("/*")) {
|
|
203
|
+
if (!trimmed.includes("*/"))
|
|
204
|
+
inBlock = true;
|
|
205
|
+
return false;
|
|
206
|
+
}
|
|
207
|
+
if (trimmed.startsWith("//"))
|
|
208
|
+
return false;
|
|
209
|
+
return true;
|
|
210
|
+
}).join("\n");
|
|
211
|
+
}
|
|
212
|
+
/**
|
|
213
|
+
* Detect webhook signature verification patterns.
|
|
214
|
+
* Presence indicates payload integrity is verified (but not schema structure).
|
|
215
|
+
*/
|
|
216
|
+
function hasWebhookSignature(src) {
|
|
217
|
+
if (/constructEvent\s*\(/.test(src))
|
|
218
|
+
return true;
|
|
219
|
+
if (/createHmac\s*\(/.test(src) && /signature/i.test(src))
|
|
220
|
+
return true;
|
|
221
|
+
if (/timingSafeEqual\s*\(/.test(src))
|
|
222
|
+
return true;
|
|
223
|
+
if (/verifySignature\s*\(/.test(src))
|
|
224
|
+
return true;
|
|
225
|
+
if (/verifyWebhook\s*\(/i.test(src))
|
|
226
|
+
return true;
|
|
227
|
+
if (/\.verify\s*\(/.test(src) && /webhook/i.test(src))
|
|
228
|
+
return true;
|
|
229
|
+
return false;
|
|
230
|
+
}
|
|
231
|
+
function findInputReadLine(src) {
|
|
232
|
+
const lines = src.split("\n");
|
|
233
|
+
for (let i = 0; i < lines.length; i++) {
|
|
234
|
+
if (/(?:request|req)\.json\s*\(/.test(lines[i]) ||
|
|
235
|
+
/(?:request|req)\.formData\s*\(/.test(lines[i]) ||
|
|
236
|
+
/req\.body\b/.test(lines[i])) {
|
|
237
|
+
return i + 1;
|
|
238
|
+
}
|
|
239
|
+
}
|
|
240
|
+
return undefined;
|
|
241
|
+
}
|
|
242
|
+
//# sourceMappingURL=input-validation-missing.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"input-validation-missing.js","sourceRoot":"","sources":["../../src/rules/input-validation-missing.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,IAAI,MAAM,WAAW,CAAC;AAK7B,MAAM,CAAC,MAAM,OAAO,GAAG,0BAA0B,CAAC;AAElD,MAAM,aAAa,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;AAEvF,SAAS,sBAAsB,CAAC,UAAsB,EAAE,WAAmB;IACzE,MAAM,GAAG,GAAG,WAAuB,CAAC;IACpC,MAAM,OAAO,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACxC,sDAAsD;IACtD,8BAA8B;IAC9B,MAAM,QAAQ,GAAa,UAAU,KAAK,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC;IAC/D,MAAM,YAAY,GAAG,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAClD,OAAO,YAAY,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,GAAG,CAAC,KAAgB,EAAE,MAAuB;IAC3D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,QAAQ,IAAI,MAAM,CAAC;IAE9D,gCAAgC;IAChC,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;QAChD,MAAM,MAAM,GAAG,aAAa,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAC3C,IAAI,MAAM,EAAE,CAAC;YACX,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,sBAAsB,CAAC,MAAM,CAAC,UAAU,EAAE,WAAW,CAAC;gBAChE,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,OAAO,EAAE,yEAAyE;gBAClF,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;gBAC/C,WAAW,EAAE;oBACX,4EAA4E;oBAC5E,4DAA4D;oBAC5D,wCAAwC;iBACzC;gBACD,IAAI,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,CAAC;aAC7C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,gCAAgC;IAChC,KAAK,MAAM,MAAM,IAAI,KAAK,CAAC,aAAa,CAAC,eAAe,EAAE,CAAC;QACzD,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAC5C,IAAI,MAAM,EAAE,CAAC;YACX,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,sBAAsB,CAAC,MAAM,CAAC,UAAU,EAAE,WAAW,CAAC;gBAChE,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,OAAO,EAAE,kEAAkE;gBAC3E,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;gBAC/C,WAAW,EAAE;oBACX,4EAA4E;oBAC5E,gDAAgD;oBAChD,wCAAwC;iBACzC;gBACD,IAAI,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,CAAC;aAC7C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAUD,SAAS,aAAa,CACpB,QAAsC,EACtC,KAAgB;IAEhB,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC,CAAC;IAC1E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,uBAAuB;IACvB,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,mCAAmC;IACnC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,kBAAkB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,sBAAsB;QAAE,OAAO,IAAI,CAAC;IAElG,yDAAyD;IACzD,6EAA6E;IAC7E,IAAI,mBAAmB,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAE7D,iBAAiB;IACjB,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,IAAI,SAAS,CAAC,GAAG,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;IACvE,IAAI,aAAa,CAAC,GAAG,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAClE,IAAI,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;IAE3D,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,CAAC,eAAe,EAAE,CAAC;QACtD,IAAI,MAAM,KAAK,oBAAoB,EAAE,CAAC;YACpC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;IAED,QAAQ,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;IAEpF,iEAAiE;IACjE,wCAAwC;IACxC,IAAI,UAAU,GAAe,QAAQ,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;IAElF,IAAI,SAAS,GAAG,UAAU,KAAK,MAAM;QACnC,CAAC,CAAC,0EAA0E;QAC5E,CAAC,CAAC,uEAAuE,CAAC;IAE5E,kFAAkF;IAClF,4EAA4E;IAC5E,IAAI,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7B,UAAU,GAAG,KAAK,CAAC;QACnB,SAAS,GAAG,sFAAsF,CAAC;QACnG,QAAQ,CAAC,IAAI,CAAC,oFAAoF,CAAC,CAAC;IACtG,CAAC;IAED,uCAAuC;IACvC,MAAM,IAAI,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAEpC,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC;AACxE,CAAC;AAED,6BAA6B;AAE7B,SAAS,cAAc,CAAC,GAAW;IACjC,OAAO,SAAS,CAAC,GAAG,CAAC,IAAI,aAAa,CAAC,GAAG,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,SAAS,CAAC,GAAW;IAC5B,OAAO,4BAA4B,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAChD,CAAC;AAED,SAAS,aAAa,CAAC,GAAW;IAChC,OAAO,gCAAgC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACpD,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,GAAW;IACtC,sDAAsD;IACtD,IAAI,+FAA+F,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC3H,2EAA2E;IAC3E,IAAI,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACtE,IAAI,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE9C,wDAAwD;IACxD,IAAI,kCAAkC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE9D,gDAAgD;IAChD,IAAI,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC5E,IAAI,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjD,yBAAyB;IACzB,uCAAuC;IAEvC,0CAA0C;IAC1C,4BAA4B;IAE5B,gEAAgE;IAChE,kBAAkB;IAElB,oDAAoD;IACpD,4CAA4C;IAC5C,IAAI,qCAAqC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjE,+CAA+C;IAC/C,IAAI,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEhD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,kBAAkB,CAAC,GAAW;IACrC,MAAM,eAAe,GAAG,CAAC,GAAG,GAAG,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC,CAAC;IAChE,yFAAyF;IACzF,4CAA4C;IAC5C,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAC/C,OAAO,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACvE,CAAC;AAED,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC;IACpC,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ;IACjD,QAAQ,EAAE,aAAa,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa;CACvD,CAAC,CAAC;AAEH;;GAEG;AACH,SAAS,qBAAqB,CAAC,GAAW;IACxC,MAAM,UAAU,GAAG,CAAC,GAAG,GAAG,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC,CAAC;IAC9D,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACzC,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,wBAAwB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACrE,CAAC;AAED,MAAM,wBAAwB,GAAG,IAAI,GAAG,CAAC;IACvC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK;CACnC,CAAC,CAAC;AAEH;;;;GAIG;AACH,SAAS,iBAAiB,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,OAAO,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QACjC,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAAE,OAAO,GAAG,KAAK,CAAC;YAC5C,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7B,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAAE,OAAO,GAAG,IAAI,CAAC;YAC5C,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO,KAAK,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,GAAW;IACtC,IAAI,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACjD,IAAI,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACvE,IAAI,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAClD,IAAI,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAClD,IAAI,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACjD,IAAI,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACnE,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW;IACpC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,4BAA4B,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC3C,gCAAgC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC/C,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjC,OAAO,CAAC,GAAG,CAAC,CAAC;QACf,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"input-validation-missing.test.d.ts","sourceRoot":"","sources":["../../src/rules/input-validation-missing.test.ts"],"names":[],"mappings":""}
|