@sap/eslint-plugin-cds 3.1.2 → 4.0.2

package/lib/rules/js/CdsHandlerRule.js

@@ -0,0 +1,265 @@
+// TODO:
+// - class extends require('@sap/cds').ApplicationService
+// - class extends await import('@sap/cds').ApplicationService
+/** @typedef {import('@sap/eslint-plugin-cds/lib/rules/js/types').CdsContextTracker.Scope} Scope */
+/** @typedef {import('@sap/eslint-plugin-cds/lib/rules/js/types').CdsContextTracker.Variable} Variable */
+/** @typedef {import('@sap/eslint-plugin-cds/lib/rules/js/types').CdsContextTracker.VariableType} VariableType */
+
+'use strict'
+
+/**
+ * @param {string} name - name of the scope
+ * @returns {Scope}
+ */
+const produceScope = name => ({ name, variables: [] })
+
+const produceHandlerRegistration = ({call, handler}) => ({ call, handler })
+
+// matches: @sap/cds, "@sap/cds", '@sap/cds', `@sap/cds`, but not @sap/cds-compiler etc
+const isSapCds = name => Boolean(name?.match(/^\W*@sap\/cds\W*$/))
+
+/**
+ * @param {VariableType} type - type of the variable
+ */
+const produceVariable = ({name, type, isCdsVariable, original}) => ({ name, type, original, isCdsVariable })
+
+// like: require('@sap/cds')
+const isCdsRequire = node => Boolean(node?.type === 'CallExpression'
+        && node.callee.type === 'Identifier'
+        && node.callee.name === 'require'
+        && node.arguments.length === 1
+        && node.arguments[0].type === 'Literal'
+        && isSapCds(node.arguments[0].value))
+
+// like: import ... from '@sap/cds'
+const isCdsImport = node => isSapCds(node?.source?.value)
+
+const isFunctionBody = node => ['FunctionExpression', 'FunctionDeclaration', 'ArrowFunctionExpression']
+  .includes(node.parent.type)
+
+class CdsHandlerRule {
+  get isInsideCapService() { return this.capServiceStack.length > 0 }
+  get isInsideCapHandlerRegistration() {  return this.capHandlerRegistrationStack.length > 0 }
+
+  constructor (context) {
+    this.context = context
+    /** @type {Scope[]} */
+    this.functionScopes = [ produceScope('<global>') ]
+    this.capServiceStack = []  // stack of class bodies. Should probably never be more than one...
+    this.capHandlerRegistrationStack = [] // stack of handler registration calls. Should probably never be more than one...
+  }
+
+  /**
+     * @param {string} varName - name of the variable
+     */
+  findDefinitionScope (varName) {
+    const scopes = this.functionScopes
+    for (let i = scopes.length - 1; i >= 0; i--) {
+      const scope = scopes[i]
+      const variable = scope.variables.find(variable => variable.name === varName)
+      if (variable) return {
+        scope,
+        variable,
+        isLocal: i === scopes.length - 1,
+        isGlobal: i === 0
+      }
+    }
+    return undefined
+  }
+
+  // ClassExpression or ClassDeclaration
+  isCdsServiceClass (node) {
+    const superClass = node.superClass
+    if (!superClass) return false  // no extends clause
+    let name
+    switch (superClass.type) {
+    case 'MemberExpression': {
+      // like: class X extends cds.ApplicationService
+      name = superClass.object.name
+      // TODO: && is *Service?
+      break
+    }
+    case 'Identifier': {
+      // like: class X extends ApplicationService
+      name = superClass.name
+      break
+    }
+    }
+    const info = this.findDefinitionScope(name)
+    return info?.variable.isCdsVariable
+  }
+
+  /**
+     * @param {Variable} variable
+     */
+  addScopeVariable (variable) {
+    this.functionScopes.at(-1).variables.push(variable)
+  }
+
+  /**
+     * @abstract
+     */
+  // eslint-disable-next-line no-unused-vars
+  CAPHandlerRegistration (node) { /* abstract */ }
+
+  ClassBody (node) {
+    // by hooking into ClassBody and ascending to .parent, we capture declarations and expressions:
+    // like: module.exports = class X extends cds.ApplicationService (ClassExpression)
+    // like: class X extends cds.ApplicationService (ClassDeclaration)
+    if (this.isCdsServiceClass(node.parent)) {
+      this.capServiceStack.push(node)
+    }
+  }
+
+  'ClassBody:exit'(node) {
+    if (this.capServiceStack.at(-1) === node) {
+      this.capServiceStack.pop()
+    }
+  }
+
+  CallExpression(node) {
+    if (!this.isInsideCapService) return
+    const { type, object, property } = node.callee
+    if (type === 'MemberExpression' && object.type === 'ThisExpression') {
+      // like: this.on('submitOrder', bar)
+      if (['before', 'on', 'after'].some(method => method === property.name)) {
+        const handler = node.arguments.at(-1)
+        this.capHandlerRegistrationStack.push(produceHandlerRegistration({
+          call: node,
+          handler
+        }))
+        // TODO: named references
+        this.CAPHandlerRegistration(handler)
+      }
+    }
+  }
+
+  'CallExpression:exit'(node) {
+    if (this.capHandlerRegistrationStack.at(-1)?.call === node) {
+      this.capHandlerRegistrationStack.pop()
+    }
+  }
+
+  BlockStatement(node) {
+    if(isFunctionBody(node)) {
+      this.functionScopes.push(produceScope(
+        node.parent?.key?.name
+                ?? node.parent?.id?.name
+                ?? node.parent?.parent?.key?.name
+                ?? '<anonymous>'))
+    }
+  }
+
+  'BlockStatement:exit'(node) {
+    if(isFunctionBody(node)) {
+      this.functionScopes.pop()
+    }
+  }
+
+  // the following visitors handle arrow functions, which can have a BlockStatement as body,
+  // OR just any single expression, like an Assignment, etc. This makes it very hard to
+  // determine when we are inside the body ArrowFunctionExpression from looking at the body,
+  // as we'd have to add a visitor for every expression type and check if it's a child of an ArrowFunctionExpression.
+  'ArrowFunctionExpression > :not(BlockStatement)'() {
+    this.functionScopes.push(produceScope('<anonymous>'))
+  }
+  'ArrowFunctionExpression > :not(BlockStatement):exit'() {
+    this.functionScopes.pop()
+  }
+
+  ImportDeclaration(node) {
+    const { specifiers } = node
+    const isCdsVariable = isCdsImport(node)
+    for (const specifier of specifiers) {
+      switch (specifier.type) {
+      case 'ImportNamespaceSpecifier':
+        // like: import * as x from y
+        // fallthrough
+      case 'ImportDefaultSpecifier':
+        // like: import x from y
+        this.addScopeVariable(produceVariable({
+          original: specifier.local.name,
+          name: specifier.local.name,
+          type: 'import',
+          isCdsVariable
+        }))
+        break
+      case 'ImportSpecifier':
+        // like: import { x, y as foo } from z
+        this.addScopeVariable(produceVariable({
+          original: specifier.imported.name,
+          name: specifier.local.name,
+          type: 'import',
+          isCdsVariable
+        }))
+        break
+      default:
+        throw new Error(`Unexpected specifier type: ${specifier.type}`)
+      }
+    }
+
+  }
+
+  VariableDeclarator({id, init, parent}) {
+    // like: const ... = require('@sap/cds')
+    const isCdsVariable = isCdsRequire(init)
+    switch (id.type) {
+    case 'Identifier':
+      // like: const x = y
+      this.addScopeVariable(produceVariable({
+        original: id.name,
+        name: id.name,
+        type: parent.kind,
+        isCdsVariable
+      }))
+      break
+    case 'ObjectPattern':
+      // like: const { x, y } = z
+      for (const { key, type, value } of id.properties) {
+        if (type === 'Property' && key.type === 'Identifier') {
+          this.addScopeVariable(produceVariable({
+            original: key.name,
+            type: parent.kind,
+            isCdsVariable,
+            name: value?.name
+          }))
+        }
+      }
+      break
+    }
+  }
+
+  /**
+     * ESLint expects an object literal with functions members when registering
+     * the visitor in create(context).
+     * This method transforms the class instance into such an object, retaining
+     * the base methods, as well as all methods defined in subclasses.
+     * Visitors are distinguished by their name starting with an uppercase letter.
+     * So you should only ever
+     * ```js
+     * return new MyCdsRule(context).asESLintVisitor()
+     * ```
+     * and not
+     * ```js
+     * return new MyCdsRule(context)
+     * ```
+     * in your rule definition, or else the visitor methods will not be called by ESL.
+     */
+  asESLintVisitor () {
+    let proto = Object.getPrototypeOf(this)
+    const visitors = {}
+    while (proto && proto !== Object.prototype) {
+      Object.getOwnPropertyNames(proto)
+        .filter(key => typeof this[key] === 'function' && /^[A-Z]/.test(key))
+        .forEach(key => {
+          visitors[key] = this[key].bind(this)
+        })
+      proto = Object.getPrototypeOf(proto) // Move up the prototype chain
+    }
+    return visitors
+  }
+}
+
+module.exports = {
+  CdsHandlerRule
+}

package/lib/rules/js/no-cross-service-import.js

@@ -0,0 +1,69 @@
+'use strict'
+
+const { RULE_CATEGORIES } = require('../../constants')
+
+// used as a pre-check to ensure the checks using RegExps
+// with greedy matchers are not susceptible to ReDoS attacks
+const MAX_INPUT_STRING_LENGTH = 1_000
+
+/**
+ * @param {string} importPath
+ * @param {RuleContext} context
+ * @param {Node} node
+ */
+function compareImportAndFilename (importPath, context, node) {
+  const currentFile = context.getFilename()
+  // ignore stdin
+  if (currentFile === '<input>') return
+  // ignore excessively long strings
+  if (importPath.length > MAX_INPUT_STRING_LENGTH || currentFile.length > MAX_INPUT_STRING_LENGTH) return
+  const [, typerModuleFq, typerModule] = /^#cds-models\/.*?((\w+)Service)$/.exec(importPath) ?? []
+  const [, fileNameFq, fileName] = /((\w+)-?[sS]ervice\.m?[jt]s)$/.exec(currentFile)
+  // typerModule === undefined -> not a service import (probably db-level-entity import)
+  if (typerModule && fileName && typerModule !== fileName) {
+    context.report({
+      node,
+      messageId: 'noCrossServiceImport',
+      data: {
+        from: typerModuleFq,
+        target: fileNameFq
+      }
+    })
+  }
+}
+
+module.exports = {
+  meta: {
+    type: 'problem',
+    docs: {
+      recommended: true,
+      category: RULE_CATEGORIES.javascript,
+      description: 'Warn about imports from another service.'
+    },
+    schema: [],
+    messages: {
+      noCrossServiceImport: 'You are importing service-level entities from another service "{{from}}" inside the definition of service "{{target}}". This is likely an accidental cross-service import.',
+    },
+    hasSuggestions: false
+  },
+  create: context => ({
+    CallExpression(node) {
+      // look for: require('#cds-models/...')
+      if (node.callee.type !== 'Identifier') return
+      if (node.callee.name !== 'require') return
+      if (node.arguments.length !== 1) return
+      if (node.arguments[0].type !== 'Literal') return
+      compareImportAndFilename(node.arguments[0].value, context, node)
+    },
+
+    ImportDeclaration(node) {
+      // import ... from '#cds-models/...'
+      compareImportAndFilename(node.source.value, context, node)
+    },
+
+    ImportExpression(node) {
+      // await import('#cds-models/...')
+      compareImportAndFilename(node.source.value, context, node)
+    }
+  })
+}

package/lib/rules/js/no-deep-sap-cds-import.js

@@ -0,0 +1,56 @@
+'use strict'
+const allowList = new Set([
+  // exception: not part of the facade and should be available to users this way
+  '@sap/cds/eslint.config.mjs'
+])
+
+/**
+ * @param {string} importPath
+ * @param {RuleContext} context
+ * @param {Node} node
+ */
+function checkImport (importPath, context, node) {
+  if (!importPath.startsWith('@sap/cds/')) return
+  if (allowList.has(importPath)) return
+  context.report({
+    node,
+    messageId: 'noDeepSapCdsImports',
+    data: { import: importPath }
+  })
+}
+
+module.exports = {
+  meta: {
+    type: 'problem',
+    docs: {
+      recommended: true,
+      category: 'JavaScript Validation',
+      description: 'Warn about deep imports from @sap/cds.'
+    },
+    schema: [],
+    messages: {
+      noDeepSapCdsImports: `"{{import}}" is a deep import. The API of @sap/cds is available only from its facade via 'require("@sap/cds")' or 'import ... from "@sap/cds"'.`,
+    },
+    hasSuggestions: false
+  },
+  create: context => ({
+    CallExpression(node) {
+      // look for: require('@sap/cds/...')
+      if (node.callee.type !== 'Identifier') return
+      if (node.callee.name !== 'require') return
+      if (node.arguments.length !== 1) return
+      if (node.arguments[0].type !== 'Literal') return
+      checkImport(node.arguments[0].value, context, node)
+    },
+
+    ImportDeclaration(node) {
+      // import ... from '@sap/cds/...'
+      checkImport(node.source.value, context, node)
+    },
+
+    ImportExpression(node) {
+      // await import('@sap/cds/...')
+      checkImport(node.source.value, context, node)
+    }
+  })
+}

package/lib/rules/js/no-shared-handler-variable.js

@@ -0,0 +1,73 @@
+/*
+Use cases not yet covered:
+
+//---------
+INLINE EXTENSION
+class FooService extends require('@sap/cds').ApplicationService { ... }
+
+//---------
+REFERENCED FUNCTION
+function bad() { ... }
+
+class ... {
+    this.on('', bad)
+}
+
+//---------
+METHOD
+class ... {
+    bad () {}
+
+    this.on('', this.bad)
+}
+
+//---------
+IMPORTED FUNCTION
+const { bad } = require('./bad')
+
+class ... {
+    this.on('', bad)
+}
+
+//---------
+NON-CLASS-BASED CDS SERVICE
+cds.services['myService'].on('READ', 'Books', () => {})
+*/
+
+'use strict'
+
+const { RULE_CATEGORIES } = require('../../constants')
+const { CdsHandlerRule } = require('./CdsHandlerRule')
+
+class NoSharedVariable extends CdsHandlerRule {
+  AssignmentExpression(node) {
+    if (!this.isInsideCapHandlerRegistration) return
+    const declaringScope = this.findDefinitionScope(node.left.name)
+    if (declaringScope?.isLocal === false) {
+      this.context.report({
+        node,
+        messageId: 'noSharedHandlerVariable',
+        data: {
+          definitionScope: declaringScope.scope.name
+        }
+      })
+    }
+  }
+}
+
+module.exports = {
+  meta: {
+    type: 'problem',
+    docs: {
+      recommended: true,
+      category: RULE_CATEGORIES.javascript,
+      description: 'Enforce that variables can not be used to share state between handlers.'
+    },
+    schema: [],
+    messages: {
+      noSharedHandlerVariable: 'Assignment to a non-local variable inside a CDS event handler (was declared in scope "{{definitionScope}}").'
+    },
+    hasSuggestions: true
+  },
+  create: context => new NoSharedVariable(context).asESLintVisitor()
+}

package/lib/rules/js/types.d.ts

@@ -0,0 +1,15 @@
+export declare namespace CdsContextTracker {
+    type VariableType = 'let' | 'const' | 'var' | 'import'
+
+    type Variable = {
+        name: string, 
+        original: string
+        type: VariableType,
+        isCdsVariable: boolean
+    }
+
+    type Scope = {
+        name: string,
+        variables: Variable[]
+    }
+}

package/lib/rules/js/use-cql-select-template-strings.js

@@ -0,0 +1,35 @@
+'use strict'
+
+const { RULE_CATEGORIES } = require('../../constants')
+const { CdsHandlerRule } = require('./CdsHandlerRule')
+
+class CqlSelectUseTemplateStrings extends CdsHandlerRule {
+  CallExpression(node) {
+    super.CallExpression(node)
+    if (node.callee?.name === 'SELECT' && node.arguments[0].type === 'TemplateLiteral') {
+      this.context.report({
+        node,
+        message: 'Do not use SELECT(`...`), which is prone to SQL injections.',
+        suggest: [{
+          desc: 'Use SELECT`...` instead',
+          fix: fixer => fixer.replaceText(node, `SELECT${this.context.getSourceCode().getText(node.arguments[0])}`)
+        }]
+      })
+    }
+  }
+}
+
+module.exports = {
+  meta: {
+    type: 'problem',
+    docs: {
+      recommended: true,
+      category: RULE_CATEGORIES.javascript,
+      description: 'Discourage use of SELECT(...), which allows SQL injections, in favour of SELECT`...`.'
+    },
+    fixable: 'code',
+    schema: [],
+    hasSuggestions: true
+  },
+  create: context => new CqlSelectUseTemplateStrings(context).asESLintVisitor()
+}

package/lib/rules/latest-cds-version.js

@@ -2,11 +2,13 @@
 
 const cp = require('child_process')
 const semver = require('semver')
+const { RULE_CATEGORIES } = require('../constants')
 
 module.exports = {
   meta: {
     schema: [{/* to avoid deprecation warning for ESLint 9 */}],
     docs: {
+      category: RULE_CATEGORIES.environment,
       description: 'Checks whether the latest `@sap/cds` version is being used.',
     },
     type: 'suggestion',

package/lib/rules/no-db-keywords.js

@@ -1,6 +1,7 @@
 'use strict'
 
 const cds = require('@sap/cds')
+const { RULE_CATEGORIES } = require('../constants')
 
 // REVISIT: Replace by compiler-provided check
 const RESERVED = cds.compile.to.sql.sqlite
@@ -11,9 +12,9 @@ module.exports = {
   meta: {
     schema: [{/* to avoid deprecation warning for ESLint 9 */}],
     docs: {
+      category: RULE_CATEGORIES.model,
       description: 'Avoid using reserved SQL keywords.',
-      recommended: true,
-      url: 'https://cap.cloud.sap/docs/tools/cds-lint/meta/no-db-keywords',
+      url: 'https://cap.cloud.sap/docs/tools/cds-lint/rules/no-db-keywords',
     },
     messages: {
       reservedKeyword: `'{{name}}' is a reserved keyword in SQLite`,

package/lib/rules/no-dollar-prefixed-names.js

@@ -1,29 +1,87 @@
 'use strict'
 
+const { RULE_CATEGORIES } = require('../constants')
+
+/**
+ * Util to check if an entity is part of an external service.
+ */
+class ExternalServices {
+  hasExternalServices = false
+  externalServices = Object.create(null)
+
+  static create(model) {
+    return new ExternalServices(model)
+  }
+
+  constructor(model) {
+    for (const defName in model.definitions) {
+      const def = model.definitions[defName]
+      if (def?.kind === 'service' && def['@cds.external']) {
+        this.externalServices[defName] = true
+        this.hasExternalServices = true
+      }
+    }
+  }
+
+  isInExternalService(defName) {
+    if (!this.hasExternalServices)
+      return false // shortcut
+    const segments = defName.split('.')
+    for (let i = segments.length - 1; i >= 0; i--)
+      if (this.externalServices[segments.slice(0, i).join('.')])
+        return true
+    return false
+  }
+
+}
+
 module.exports = {
   meta: {
     schema: [{/* to avoid deprecation warning for ESLint 9 */}],
     docs: {
+      category: RULE_CATEGORIES.model,
       description: 'Names must not start with $ to avoid possible shadowing of reserved variables.',
       recommended: true,
-      url: 'https://cap.cloud.sap/docs/tools/cds-lint/meta/no-dollar-prefixed-names',
+      url: 'https://cap.cloud.sap/docs/tools/cds-lint/rules/no-dollar-prefixed-names',
     },
     messages: {
       dollarPrefix: `'{{name}}' is prefixed with a dollar sign ($)`,
     },
     type: 'problem'
   },
-  create (context) {
-    return { element: _check }
 
-    function _check (d) {
-      const srv = d._service || (d.parent && d.parent._service)
-      if (srv && srv['@cds.external']) return
-      if (d.name.startsWith('$')) {
+  create(context) {
+    const model = context.getModel()
+    if (!model?.definitions)
+      return
+
+    const externals = ExternalServices.create(model)
+
+    return function checkAllElementsForDollarPrefix() {
+      for (const defName in model.definitions) {
+        if (!externals.isInExternalService(defName))
+          checkElements(defName, model.definitions[defName])
+      }
+    }
+
+    function checkElements(defName, def) {
+      if (!Object.hasOwn(def,'elements') || !def.elements || typeof def.elements !== 'object')
+        return
+
+      for (const elementName in def.elements) {
+        const element = def.elements[elementName]
+        check(elementName, element)
+        if (element.elements)
+          checkElements(elementName, element)
+      }
+    }
+
+    function check(name, def) {
+      if (name.startsWith('$')) {
         context.report({
           messageId: 'dollarPrefix',
-          data: { name: d.name },
-          node: context.getNode(d)
+          data: { name },
+          loc: context.getLocation(name, def, model),
         })
       }
     }

package/lib/rules/no-java-keywords.js

@@ -1,5 +1,6 @@
 'use strict'
 
+const { RULE_CATEGORIES } = require('../constants')
 // Check that Java keywords are not used as identifiers unless they have
 // a Java-specific annotation that renames/ignores them.  This avoids issues
 // later on in code-generation of CAP Java classes.
@@ -26,8 +27,9 @@ module.exports = {
   meta: {
     schema: [{/* to avoid deprecation warning for ESLint 9 */}],
     docs: {
+      category: RULE_CATEGORIES.model,
       description: 'Reject reserved Java keywords as CDS identifiers.',
-      recommended: true
+      url: 'https://cap.cloud.sap/docs/tools/cds-lint/rules/no-java-keywords',
     },
     type: 'problem',
     model: 'inferred',

package/lib/rules/no-join-on-draft.js

@@ -1,12 +1,15 @@
 'use strict'
 
+const { RULE_CATEGORIES } = require('../constants')
+
 module.exports = {
   meta: {
     schema: [{/* to avoid deprecation warning for ESLint 9 */}],
     docs: {
+      category: RULE_CATEGORIES.model,
       description: 'Draft-enabled entities shall not be used in views that make use of `JOIN`.',
       recommended: true,
-      url: 'https://cap.cloud.sap/docs/tools/cds-lint/meta/no-join-on-draft',
+      url: 'https://cap.cloud.sap/docs/tools/cds-lint/rules/no-join-on-draft',
     },
     messages: {
       draftJoin:  'Do not use draft-enabled entities in views that make use of `JOIN`.',