npm - @sun-asterisk/sunlint - Versions diffs - 1.0.6 → 1.1.3 - Mend

@sun-asterisk/sunlint 1.0.6 → 1.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (314) hide show

package/integrations/eslint/plugin/rules/security/s007-no-plaintext-otp.js ADDED Viewed

@@ -0,0 +1,74 @@
+/**
+ * ESLint rule: S007 – Plaintext OTP Check
+ * Rule ID: custom/s007
+ * Description: Verify that OTPs are not stored or transmitted in plaintext form.
+ */
+"use strict";
+module.exports = {
+  meta: {
+    type: 'problem',
+    docs: {
+      description: 'Verify that OTPs are not stored or transmitted in plaintext form.',
+      recommended: true,
+      url: 'https://owasp.org/www-community/vulnerabilities/Insecure_Storage',
+    },
+    messages: {
+      plaintextOtp:
+        'OTP should not be stored or transmitted in plaintext. Consider hashing or encrypting it.',
+    },
+    schema: [],
+  },
+  create(context) {
+    return {
+      Property(node) {
+        if (
+          node.key &&
+          node.key.type === 'Identifier' &&
+          /otp/i.test(node.key.name) &&
+          node.value &&
+          node.value.type === 'Identifier' &&
+          !/hash|encrypt|bcrypt|sha/i.test(node.value.name)
+        ) {
+          context.report({
+            node,
+            messageId: 'plaintextOtp',
+          });
+        }
+      },
+      CallExpression(node) {
+        const calleeName = getCalleeName(node.callee);
+        if (!calleeName) return;
+        if (/(insert|update|save|query|create)/i.test(calleeName)) {
+          for (const arg of node.arguments) {
+            const text = context.getSourceCode().getText(arg);
+            if (/otp/i.test(text) && !/hash|encrypt|bcrypt|sha/i.test(text)) {
+              context.report({
+                node: arg,
+                messageId: 'plaintextOtp',
+              });
+            }
+          }
+        }
+      },
+    };
+  },
+};
+// ===== Helper function =====
+function getCalleeName(callee) {
+  if (callee.type === 'Identifier') {
+    return callee.name;
+  } else if (
+    callee.type === 'MemberExpression' &&
+    callee.property.type === 'Identifier'
+  ) {
+    return callee.property.name;
+  }
+  return null;
+}

package/integrations/eslint/plugin/rules/security/s013-verify-tls-connection.js ADDED Viewed

@@ -0,0 +1,47 @@
+/**
+ * ESLint rule: S013 – Enforce TLS Usage
+ * Rule ID: custom-tls/s013
+ */
+"use strict";
+const HTTP_REGEX = /^http:\/\//i;
+module.exports = {
+  meta: {
+    type: "problem",
+    docs: {
+      description:
+        "Ensure all client connections use TLS (HTTPS) and prevent unencrypted (HTTP) connections.",
+      recommended: true,
+    },
+    messages: {
+      insecureUrl:
+        "Unencrypted connection detected (http://). Always use HTTPS (TLS).",
+    },
+    schema: [],
+  },
+  create(context) {
+    /** Báo lỗi nếu node là string chứa http://  */
+    function reportIfHttp(node, text) {
+      if (HTTP_REGEX.test(text)) {
+        context.report({ node, messageId: "insecureUrl" });
+      }
+    }
+    return {
+      // String literal
+      Literal(node) {
+        if (typeof node.value === "string") reportIfHttp(node, node.value);
+      },
+      // Template “thuần” (không có ${...})
+      TemplateLiteral(node) {
+        if (node.expressions.length === 0) {
+          const raw = node.quasis.map(q => q.value.raw).join("");
+          reportIfHttp(node, raw);
+        }
+      },
+    };
+  },
+};

package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/typescript}/t003-ts-ignore-reason.js RENAMED Viewed

@@ -1,7 +1,7 @@
 /**
- * Custom ESLint rule for: T003 – Avoid using @ts-ignore without a justification
- * Rule ID: custom/t003
- * Purpose: Ensure @ts-ignore comments include a reason to maintain code quality and documentation
+ * Custom ESLint rule for: T003 – Avoid using @ts-ignore without justification
+ * Rule ID: custom/t003
+ * Purpose: Require clear justification when using @ts-ignore comments
  */
 "use strict";

package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/typescript}/t007-no-fn-in-constructor.js RENAMED Viewed

@@ -1,7 +1,7 @@
 /**
  * Custom ESLint rule for: T007 – Avoid declaring functions inside constructors or class bodies
  * Rule ID: custom/t007
- * Purpose: Prevent function declarations inside constructors and class bodies to maintain clean code structure
+ * Purpose: Discourage function declarations within constructors or class methods
  */
 module.exports = {

package/integrations/eslint/plugin/rules/typescript/t019-no-this-assign.js ADDED Viewed

@@ -0,0 +1,81 @@
+/**
+ * @fileoverview Rule T019: Do not assign to this arbitrarily
+ * @description Maintain proper context and avoid this manipulation
+ */
+module.exports = {
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Do not assign to this arbitrarily',
+            category: 'Best Practices',
+            recommended: true
+        },
+        fixable: null,
+        schema: []
+    },
+    create(context) {
+        return {
+            // Detect direct assignment to 'this'
+            AssignmentExpression(node) {
+                if (node.left.type === 'ThisExpression') {
+                    context.report({
+                        node,
+                        message: 'T019: Do not assign to "this" directly. Use proper binding, arrow functions, or explicit parameter passing.'
+                    });
+                }
+            },
+            // Detect patterns like "const that = this" or "var self = this"
+            VariableDeclarator(node) {
+                if (node.init && node.init.type === 'ThisExpression') {
+                    // Common patterns: that, self, _this, me
+                    const variableName = node.id.name;
+                    const suspiciousNames = ['that', 'self', '_this', 'me', '_self'];
+                    if (suspiciousNames.includes(variableName.toLowerCase())) {
+                        context.report({
+                            node,
+                            message: `T019: Avoid storing "this" in variable "${variableName}". Use arrow functions or proper binding instead.`
+                        });
+                    }
+                }
+            },
+            // Detect method calls that bind this arbitrarily
+            CallExpression(node) {
+                // Detect .bind(this) patterns that might be problematic
+                if (node.callee.type === 'MemberExpression' &&
+                    node.callee.property.name === 'bind' &&
+                    node.arguments.length > 0) {
+                    const bindTarget = node.arguments[0];
+                    if (bindTarget.type === 'ThisExpression') {
+                        // Allow legitimate .bind(this) in constructors and specific patterns
+                        const sourceCode = context.sourceCode || context.getSourceCode();
+                        let currentScope = sourceCode.getScope ? sourceCode.getScope(node) : null;
+                        if (!currentScope && context.getScope) {
+                            currentScope = context.getScope();
+                        }
+                        const parent = currentScope ? currentScope.block : null;
+                        const isInConstructor = parent &&
+                                              parent.type === 'FunctionExpression' &&
+                                              parent.parent &&
+                                              parent.parent.key &&
+                                              parent.parent.key.name === 'constructor';
+                        if (!isInConstructor) {
+                            context.report({
+                                node,
+                                message: 'T019: Consider using arrow functions instead of .bind(this) for cleaner context handling.'
+                            });
+                        }
+                    }
+                }
+            }
+        };
+    }
+};

package/integrations/eslint/plugin/rules/typescript/t020-no-default-multi-export.js ADDED Viewed

@@ -0,0 +1,127 @@
+/**
+ * @fileoverview Rule T020: Avoid export default for multi-responsibility modules
+ * @description Improve tree-shaking and module clarity
+ */
+module.exports = {
+    meta: {
+        type: 'suggestion',
+        docs: {
+            description: 'Avoid export default for multi-responsibility modules',
+            category: 'Best Practices',
+            recommended: true
+        },
+        fixable: null,
+        schema: []
+    },
+    create(context) {
+        let hasDefaultExport = false;
+        let namedExports = [];
+        let exportedFunctions = [];
+        let exportedClasses = [];
+        let exportedConstants = [];
+        function analyzeExport(node, exportType) {
+            if (exportType === 'default') {
+                hasDefaultExport = true;
+            } else {
+                namedExports.push(node);
+            }
+        }
+        return {
+            // Track export default statements
+            ExportDefaultDeclaration(node) {
+                hasDefaultExport = true;
+                // Analyze what's being exported as default
+                if (node.declaration) {
+                    if (node.declaration.type === 'FunctionDeclaration') {
+                        exportedFunctions.push(node.declaration);
+                    } else if (node.declaration.type === 'ClassDeclaration') {
+                        exportedClasses.push(node.declaration);
+                    }
+                }
+            },
+            // Track named exports
+            ExportNamedDeclaration(node) {
+                namedExports.push(node);
+                if (node.declaration) {
+                    if (node.declaration.type === 'FunctionDeclaration') {
+                        exportedFunctions.push(node.declaration);
+                    } else if (node.declaration.type === 'ClassDeclaration') {
+                        exportedClasses.push(node.declaration);
+                    } else if (node.declaration.type === 'VariableDeclaration') {
+                        exportedConstants.push(node.declaration);
+                    }
+                }
+                if (node.specifiers) {
+                    node.specifiers.forEach(spec => {
+                        if (spec.type === 'ExportSpecifier') {
+                            namedExports.push(spec);
+                        }
+                    });
+                }
+            },
+            // Check at the end of the program
+            'Program:exit'() {
+                if (!hasDefaultExport) {
+                    return; // No default export, rule doesn't apply
+                }
+                // Count total exports
+                const totalNamedExports = namedExports.length;
+                const totalFunctions = exportedFunctions.length;
+                const totalClasses = exportedClasses.length;
+                const totalConstants = exportedConstants.length;
+                // Multi-responsibility indicators:
+                // 1. Multiple named exports alongside default export
+                // 2. Multiple functions being exported
+                // 3. Multiple classes being exported
+                // 4. Mix of functions, classes, and constants
+                const isMultiResponsibility =
+                    totalNamedExports > 0 || // Has both default and named exports
+                    totalFunctions > 1 ||    // Multiple functions
+                    totalClasses > 1 ||      // Multiple classes
+                    (totalFunctions > 0 && totalClasses > 0) || // Mix of functions and classes
+                    (totalConstants > 2);    // Too many constants
+                if (isMultiResponsibility) {
+                    // Find the default export node to report
+                    const sourceCode = context.getSourceCode();
+                    const defaultExportNode = sourceCode.ast.body.find(
+                        node => node.type === 'ExportDefaultDeclaration'
+                    );
+                    if (defaultExportNode) {
+                        let message = 'T020: Avoid export default for multi-responsibility modules. ';
+                        if (totalNamedExports > 0) {
+                            message += `Found ${totalNamedExports} named exports alongside default export. `;
+                        }
+                        if (totalFunctions > 1) {
+                            message += `Found ${totalFunctions} exported functions. `;
+                        }
+                        if (totalClasses > 1) {
+                            message += `Found ${totalClasses} exported classes. `;
+                        }
+                        message += 'Consider using only named exports for better tree-shaking and clarity.';
+                        context.report({
+                            node: defaultExportNode,
+                            message
+                        });
+                    }
+                }
+            }
+        };
+    }
+};

package/integrations/eslint/plugin/rules/typescript/t021-limit-nested-generics.js ADDED Viewed

@@ -0,0 +1,150 @@
+/**
+ * @fileoverview Rule T021: Limit deeply nested generics
+ * @description Improve code readability and TypeScript performance
+ */
+module.exports = {
+    meta: {
+        type: 'suggestion',
+        docs: {
+            description: 'Limit deeply nested generics',
+            category: 'Best Practices',
+            recommended: true
+        },
+        fixable: null,
+        schema: [
+            {
+                type: 'object',
+                properties: {
+                    maxDepth: {
+                        type: 'integer',
+                        minimum: 1,
+                        default: 3
+                    }
+                },
+                additionalProperties: false
+            }
+        ]
+    },
+    create(context) {
+        const options = context.options[0] || {};
+        const maxDepth = options.maxDepth || 3;
+        function getGenericDepth(typeNode) {
+            if (!typeNode) return 0;
+            switch (typeNode.type) {
+                case 'TSTypeReference':
+                    // Generic types like Array<T>, Promise<U>, etc.
+                    // ESLint uses 'typeArguments' instead of 'typeParameters'
+                    if (typeNode.typeArguments && typeNode.typeArguments.params) {
+                        let maxChildDepth = 0;
+                        for (const param of typeNode.typeArguments.params) {
+                            const childDepth = getGenericDepth(param);
+                            maxChildDepth = Math.max(maxChildDepth, childDepth);
+                        }
+                        return 1 + maxChildDepth;
+                    }
+                    return 0;
+                case 'TSArrayType':
+                    // Array types like T[]
+                    return 1 + getGenericDepth(typeNode.elementType);
+                case 'TSUnionType':
+                case 'TSIntersectionType':
+                    // Union types like A | B or intersection types A & B
+                    let maxDepth = 0;
+                    for (const typeItem of typeNode.types) {
+                        maxDepth = Math.max(maxDepth, getGenericDepth(typeItem));
+                    }
+                    return maxDepth;
+                case 'TSTupleType':
+                    // Tuple types like [A, B, C]
+                    let maxTupleDepth = 0;
+                    for (const elementType of typeNode.elementTypes) {
+                        maxTupleDepth = Math.max(maxTupleDepth, getGenericDepth(elementType));
+                    }
+                    return 1 + maxTupleDepth;
+                case 'TSMappedType':
+                    // Mapped types like { [K in keyof T]: U }
+                    return 1 + getGenericDepth(typeNode.typeAnnotation);
+                case 'TSConditionalType':
+                    // Conditional types like T extends U ? A : B
+                    return 1 + Math.max(
+                        getGenericDepth(typeNode.trueType),
+                        getGenericDepth(typeNode.falseType)
+                    );
+                default:
+                    return 0;
+            }
+        }
+        function checkTypeDepth(node, typeName) {
+            const depth = getGenericDepth(node);
+            if (depth > maxDepth) {
+                context.report({
+                    node,
+                    message: `T021: Generic nesting depth of ${depth} exceeds maximum of ${maxDepth}. Consider breaking down complex types into intermediate type aliases for better readability and TypeScript compiler performance.`
+                });
+            }
+        }
+        return {
+            // Check type aliases - this is the main entry point
+            TSTypeAliasDeclaration(node) {
+                checkTypeDepth(node.typeAnnotation, node.id.name);
+            },
+            // Check interface properties
+            TSPropertySignature(node) {
+                if (node.typeAnnotation && node.typeAnnotation.typeAnnotation) {
+                    checkTypeDepth(node.typeAnnotation.typeAnnotation, 'property');
+                }
+            },
+            // Check function parameters
+            TSParameterProperty(node) {
+                if (node.parameter && node.parameter.typeAnnotation) {
+                    checkTypeDepth(node.parameter.typeAnnotation.typeAnnotation, 'parameter');
+                }
+            },
+            // Check function return types
+            TSFunctionType(node) {
+                if (node.typeAnnotation && node.typeAnnotation.typeAnnotation) {
+                    checkTypeDepth(node.typeAnnotation.typeAnnotation, 'return type');
+                }
+            },
+            // Check variable declarations
+            VariableDeclarator(node) {
+                if (node.id && node.id.typeAnnotation && node.id.typeAnnotation.typeAnnotation) {
+                    checkTypeDepth(node.id.typeAnnotation.typeAnnotation, 'variable');
+                }
+            },
+            // Check generic constraints
+            TSTypeParameter(node) {
+                if (node.constraint) {
+                    checkTypeDepth(node.constraint, 'generic constraint');
+                }
+                if (node.default) {
+                    checkTypeDepth(node.default, 'generic default');
+                }
+            },
+            // Check method signatures
+            TSMethodSignature(node) {
+                if (node.typeAnnotation && node.typeAnnotation.typeAnnotation) {
+                    checkTypeDepth(node.typeAnnotation.typeAnnotation, 'method return type');
+                }
+            }
+        };
+    }
+};

package/integrations/eslint/test-c041-rule.js ADDED Viewed

@@ -0,0 +1,87 @@
+#!/usr/bin/env node
+const rule = require('./plugin/rules/common/c041-no-config-inline.js');
+// Simple test cases
+const testCases = [
+  // Should NOT flag (false positives to avoid)
+  { code: 'const inputType = "password";', shouldError: false, desc: 'InputType definition' },
+  { code: 'const fieldType = "password";', shouldError: false, desc: 'Field type' },
+  { code: 'const usePassword = "password_validation";', shouldError: false, desc: 'Hook usage' },
+  { code: 'const testPassword = "test123";', shouldError: false, desc: 'Test data' },
+  { code: 'const mockSecret = "mock_secret_key";', shouldError: false, desc: 'Mock data' },
+  { code: 'const route = "/reset_password";', shouldError: false, desc: 'Route path' },
+  // SHOULD flag (real sensitive data)
+  { code: 'const dbPassword = "MySecretP@ssw0rd123";', shouldError: true, desc: 'Real hardcoded password' },
+  { code: 'const apiKey = "sk-1234567890abcdef1234567890abcdef";', shouldError: true, desc: 'Real API key' },
+  { code: 'const authToken = "bearer_token_12345678901234567";', shouldError: true, desc: 'Real auth token' }
+];
+console.log('🧪 Testing ESLint C041 rule manually...\n');
+let passed = 0;
+let failed = 0;
+// Mock context for testing
+function createMockContext(code) {
+  return {
+    getSourceCode: () => ({
+      lines: code.split('\n')
+    }),
+    report: ({ node, messageId }) => {
+      return { reported: true, messageId };
+    }
+  };
+}
+testCases.forEach((testCase, index) => {
+  try {
+    let reported = false;
+    // Parse the code to extract literal nodes (simplified)
+    const literalMatch = testCase.code.match(/"([^"]+)"/);
+    if (literalMatch) {
+      const mockNode = {
+        value: literalMatch[1],
+        loc: { start: { line: 1 } }
+      };
+      const mockContext = {
+        getSourceCode: () => ({
+          lines: [testCase.code]
+        }),
+        report: ({ node, messageId }) => {
+          reported = true;
+        }
+      };
+      const ruleImplementation = rule.create(mockContext);
+      ruleImplementation.Literal(mockNode);
+    }
+    const testPassed = reported === testCase.shouldError;
+    if (testPassed) {
+      console.log(`✅ Test ${index + 1}: ${testCase.desc}`);
+      passed++;
+    } else {
+      console.log(`❌ Test ${index + 1}: ${testCase.desc}`);
+      console.log(`   Expected: ${testCase.shouldError ? 'Should flag' : 'Should NOT flag'}`);
+      console.log(`   Actual: ${reported ? 'Flagged' : 'Not flagged'}`);
+      failed++;
+    }
+  } catch (error) {
+    console.log(`💥 Test ${index + 1}: ${testCase.desc} - Error: ${error.message}`);
+    failed++;
+  }
+});
+console.log(`\n📊 Test Results: ${passed} passed, ${failed} failed`);
+console.log(`Success rate: ${Math.round((passed / (passed + failed)) * 100)}%`);
+if (failed === 0) {
+  console.log('\n🎉 All ESLint rule tests passed!');
+} else {
+  console.log('\n⚠️  Some tests failed. Review the rule logic.');
+}