@sun-asterisk/sunlint 1.0.5

package/config/rules-registry.json

@@ -0,0 +1,681 @@
+{
+  "rules": {
+    "C019": {
+      "name": "Log Level Usage",
+      "description": "Không sử dụng log mức error cho lỗi không nghiêm trọng",
+      "category": "logging",
+      "severity": "warning",
+      "languages": ["typescript", "dart", "kotlin", "javascript"],
+      "analyzer": "./rules/C019_log_level_usage/analyzer.js",
+      "config": "./rules/C019_log_level_usage/config.json",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["logging", "error-handling", "severity"]
+    },
+    "C006": {
+      "name": "Function Naming Convention",
+      "description": "Tên hàm phải là động từ/verb-noun pattern",
+      "category": "naming",
+      "severity": "warning",
+      "languages": ["typescript", "dart", "kotlin", "javascript"],
+      "analyzer": "./rules/C006_function_naming/analyzer.js",
+      "config": "./rules/C006_function_naming/config.json",
+      "version": "1.0.0",
+      "status": "activated",
+      "tags": ["naming", "convention", "readability"]
+    },
+    "C029": {
+      "name": "Catch Block Error Logging",
+      "description": "Mọi catch block phải log nguyên nhân lỗi đầy đủ",
+      "category": "error-handling",
+      "severity": "error",
+      "languages": ["typescript", "dart", "kotlin", "javascript"],
+      "analyzer": "./rules/C029_catch_block_logging/analyzer.js",
+      "config": "./rules/C029_catch_block_logging/config.json",
+      "version": "1.0.0",
+      "status": "activated",
+      "tags": ["error-handling", "logging", "debugging", "monitoring"]
+    },
+    "C031": {
+      "name": "Validation Logic Separation",
+      "description": "Logic kiểm tra dữ liệu (validate) phải nằm riêng biệt",
+      "category": "validation",
+      "severity": "error",
+      "languages": ["typescript", "dart", "kotlin", "javascript"],
+      "analyzer": "./rules/C031_validation_separation/analyzer.js",
+      "config": "./rules/C031_validation_separation/config.json",
+      "version": "1.0.0",
+      "status": "experimental",
+      "tags": ["validation", "separation", "architecture"]
+    },
+    "S003": {
+      "name": "No Unvalidated Redirect",
+      "description": "Prevent unvalidated redirects and forwards",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s003",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "redirect", "validation"]
+    },
+    "S005": {
+      "name": "No Origin Header Authentication",
+      "description": "Do not use Origin header for authentication/access control",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s005",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "authentication", "headers"]
+    },
+    "S006": {
+      "name": "Activation Recovery Secret Not Plaintext",
+      "description": "Activation recovery secret must not be in plaintext",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s006",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "secrets", "encryption"]
+    },
+    "S008": {
+      "name": "Crypto Agility",
+      "description": "Ensure cryptographic agility and algorithm flexibility",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s008",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "cryptography", "agility"]
+    },
+    "S009": {
+      "name": "No Insecure Crypto",
+      "description": "Prevent usage of insecure cryptographic methods",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s009",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "cryptography", "insecure"]
+    },
+    "S010": {
+      "name": "No Insecure Random in Sensitive Context",
+      "description": "Prevent insecure random generator usage in sensitive contexts",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s010",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "random", "sensitive"]
+    },
+    "S011": {
+      "name": "No Insecure UUID",
+      "description": "UUID must be version 4 and use CSPRNG",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s011",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "uuid", "random"]
+    },
+    "S012": {
+      "name": "No Hardcoded Secrets",
+      "description": "Prevent hardcoded secrets in source code",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s012",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "secrets", "hardcoded"]
+    },
+    "S014": {
+      "name": "Insecure TLS Version",
+      "description": "Prevent usage of insecure TLS versions",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s014",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "tls", "encryption"]
+    },
+    "S015": {
+      "name": "Insecure TLS Certificate",
+      "description": "Prevent usage of insecure TLS certificate configurations",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s015",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "tls", "certificates"]
+    },
+    "S016": {
+      "name": "Sensitive Query Parameter",
+      "description": "Prevent sensitive data in URL query parameters",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s016",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "sensitive-data", "url"]
+    },
+    "S017": {
+      "name": "No SQL Injection",
+      "description": "Prevent SQL injection vulnerabilities",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s017",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "sql-injection", "database"]
+    },
+    "S018": {
+      "name": "Positive Input Validation",
+      "description": "Ensure positive input validation patterns",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s018",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "validation", "input"]
+    },
+    "S019": {
+      "name": "No Raw User Input in Email",
+      "description": "Prevent raw user input in email content",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s019",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "email", "injection"]
+    },
+    "S020": {
+      "name": "No Eval Dynamic Execution",
+      "description": "Prevent eval and dynamic code execution",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s020",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "eval", "dynamic-execution"]
+    },
+    "S022": {
+      "name": "Output Encoding Required",
+      "description": "Require output encoding for user input",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s022",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "encoding", "xss"]
+    },
+    "S023": {
+      "name": "No JSON Injection",
+      "description": "Prevent JSON injection vulnerabilities",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s023",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "json", "injection"]
+    },
+    "S025": {
+      "name": "Server Side Input Validation",
+      "description": "Require server-side input validation",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s025",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "validation", "server-side"]
+    },
+    "S026": {
+      "name": "JSON Schema Validation",
+      "description": "Require JSON schema validation",
+      "category": "security",
+      "severity": "warning",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s026",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "validation", "json-schema"]
+    },
+    "S027": {
+      "name": "No Hardcoded Secrets Advanced",
+      "description": "Advanced detection of hardcoded secrets",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s027",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "secrets", "hardcoded"]
+    },
+    "S029": {
+      "name": "Require CSRF Protection",
+      "description": "Require CSRF protection for state-changing operations",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s029",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "csrf", "protection"]
+    },
+    "S030": {
+      "name": "No Directory Browsing",
+      "description": "Prevent directory browsing vulnerabilities",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s030",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "directory-browsing", "information-disclosure"]
+    },
+    "S033": {
+      "name": "Require SameSite Cookie",
+      "description": "Require SameSite attribute for cookies",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s033",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "cookies", "samesite"]
+    },
+    "S034": {
+      "name": "Require Host Cookie Prefix",
+      "description": "Require __Host- prefix for secure cookies",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s034",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "cookies", "host-prefix"]
+    },
+    "S035": {
+      "name": "Cookie Specific Path",
+      "description": "Require specific path for sensitive cookies",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s035",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "cookies", "path"]
+    },
+    "S036": {
+      "name": "No Unsafe File Include",
+      "description": "Prevent unsafe file inclusion vulnerabilities",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s036",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "file-inclusion", "path-traversal"]
+    },
+    "S037": {
+      "name": "Require Anti Cache Headers",
+      "description": "Require anti-cache headers for sensitive content",
+      "category": "security",
+      "severity": "warning",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s037",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "caching", "headers"]
+    },
+    "S038": {
+      "name": "No Version Disclosure",
+      "description": "Prevent version information disclosure",
+      "category": "security",
+      "severity": "warning",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s038",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "information-disclosure", "version"]
+    },
+    "S039": {
+      "name": "No Session Token in URL",
+      "description": "Prevent session tokens in URL parameters",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s039",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "session", "url"]
+    },
+    "S041": {
+      "name": "Require Session Invalidate on Logout",
+      "description": "Require session invalidation on logout",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s041",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "session", "logout"]
+    },
+    "S042": {
+      "name": "Require Periodic Reauthentication",
+      "description": "Require periodic re-authentication for sensitive operations",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s042",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "authentication", "periodic"]
+    },
+    "S043": {
+      "name": "Terminate Sessions on Password Change",
+      "description": "Terminate all sessions when password changes",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s043",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "session", "password"]
+    },
+    "S044": {
+      "name": "Require Full Session for Sensitive Operations",
+      "description": "Require full session validation for sensitive operations",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s044",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "session", "validation"]
+    },
+    "S045": {
+      "name": "Anti Automation Controls",
+      "description": "Implement anti-automation controls",
+      "category": "security",
+      "severity": "warning",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s045",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "automation", "protection"]
+    },
+    "S046": {
+      "name": "Secure Notification on Auth Change",
+      "description": "Require secure notification on authentication changes",
+      "category": "security",
+      "severity": "warning",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s046",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "notification", "authentication"]
+    },
+    "S047": {
+      "name": "Secure Random Password Generation",
+      "description": "Require secure and random initial password generation",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s047",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "password", "random"]
+    },
+    "S048": {
+      "name": "Password Credential Recovery",
+      "description": "Secure password credential recovery process",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s048",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "password", "recovery"]
+    },
+    "S050": {
+      "name": "Session Token Weak Hash",
+      "description": "Prevent weak hashing for session tokens",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s050",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "session", "hashing"]
+    },
+    "S052": {
+      "name": "Secure Random Authentication Code",
+      "description": "Require secure random number generation for authentication codes",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s052",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "random", "authentication"]
+    },
+    "S054": {
+      "name": "Verification Default Account",
+      "description": "Verify and secure default accounts",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s054",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "accounts", "default"]
+    },
+    "S055": {
+      "name": "REST Content-Type Verification",
+      "description": "Verify incoming Content-Type in REST API endpoints",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s055",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "rest", "content-type"]
+    },
+    "S057": {
+      "name": "UTC Logging",
+      "description": "Enforce UTC usage in time formatting and logging",
+      "category": "security",
+      "severity": "warning",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s057",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "logging", "timezone"]
+    },
+    "S058": {
+      "name": "No SSRF",
+      "description": "Detect SSRF vulnerabilities via unvalidated user-controlled URLs",
+      "category": "security",
+      "severity": "error",
+      "languages": ["typescript", "javascript"],
+      "analyzer": "eslint",
+      "eslintRule": "custom/typescript_s058",
+      "version": "1.0.0",
+      "status": "stable",
+      "tags": ["security", "ssrf", "url-validation"]
+    }
+  },
+  "categories": {
+    "quality": {
+      "name": "Code Quality",
+      "description": "Rules for code quality improvement",
+      "rules": ["C002", "C003", "C006", "C010", "C013", "C014", "C017", "C018", "C019", "C023", "C027", "C029", "C030", "C031", "C034", "C035", "C041", "C042", "C043", "C047", "C048", "C076", "T002", "T003", "T004", "T007", "T011", "T019", "T025", "T026"],
+      "severity": "warning"
+    },
+    "security": {
+      "name": "Security",
+      "description": "Rules for security best practices",
+      "rules": ["S003", "S005", "S006", "S008", "S009", "S010", "S011", "S012", "S014", "S015", "S016", "S017", "S018", "S019", "S020", "S022", "S023", "S025", "S026", "S027", "S029", "S030", "S033", "S034", "S035", "S036", "S037", "S038", "S039", "S041", "S042", "S043", "S044", "S045", "S046", "S047", "S048", "S050", "S052", "S054", "S055", "S057", "S058"],
+      "severity": "error"
+    },
+    "logging": {
+      "name": "Logging Standards",
+      "description": "Rules related to logging practices",
+      "rules": ["C019", "S057"],
+      "severity": "warning"
+    },
+    "naming": {
+      "name": "Naming Conventions",
+      "description": "Rules for consistent naming patterns",
+      "rules": ["C006"],
+      "severity": "warning"
+    },
+    "design": {
+      "name": "Design Principles",
+      "description": "Rules for software design best practices",
+      "rules": ["C006"],
+      "severity": "warning"
+    },
+    "validation": {
+      "name": "Data Validation",
+      "description": "Rules for proper data validation practices",
+      "rules": ["C031", "S018", "S025", "S026"],
+      "severity": "error"
+    },
+    "architecture": {
+      "name": "Architecture Guidelines",
+      "description": "Rules for system architecture best practices",
+      "rules": ["C014", "C033"],
+      "severity": "error"
+    }
+  },
+  "presets": {
+    "recommended": {
+      "name": "Recommended Rules",
+      "description": "Essential rules for code quality",
+      "rules": {
+        "C019": "warning",
+        "C006": "warning",
+        "C029": "error",
+        "C031": "error"
+      }
+    },
+    "strict": {
+      "name": "Strict Rules",
+      "description": "All rules with maximum enforcement",
+      "rules": {
+        "C019": "error",
+        "C006": "error",
+        "C029": "error",
+        "C031": "error"
+      }
+    },
+    "beginner": {
+      "name": "Beginner Friendly",
+      "description": "Basic rules for learning",
+      "rules": {
+        "C019": "info",
+        "C006": "warning",
+        "C029": "warning"
+      }
+    }
+  },
+  "languages": {
+    "typescript": {
+      "extensions": [".ts", ".tsx"],
+      "analyzer": "ast",
+      "parser": "@typescript-eslint/parser"
+    },
+    "javascript": {
+      "extensions": [".js", ".jsx"],
+      "analyzer": "ast",
+      "parser": "@typescript-eslint/parser"
+    },
+    "dart": {
+      "extensions": [".dart"],
+      "analyzer": "pattern",
+      "parser": "regex"
+    },
+    "kotlin": {
+      "extensions": [".kt", ".kts"],
+      "analyzer": "ast",
+      "parser": "kotlin-parser"
+    }
+  },
+  "metadata": {
+    "version": "1.0.4",
+    "lastUpdated": "2025-07-08",
+    "totalRules": 44,
+    "qualityRules": 4,
+    "securityRules": 40,
+    "stableRules": 43,
+    "experimentalRules": 1,
+    "supportedLanguages": 4,
+    "features": [
+      "Security rules integration",
+      "Category-based rule filtering",
+      "Dynamic rule configuration",
+      "ESLint integration enhancement"
+    ]
+  }
+}