@sun-asterisk/sunlint 1.0.6 → 1.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.sunlint.json +35 -0
- package/CHANGELOG.md +135 -169
- package/CONTRIBUTING.md +235 -0
- package/PROJECT_STRUCTURE.md +60 -0
- package/README.md +77 -50
- package/cli.js +1 -0
- package/config/README.md +88 -0
- package/config/defaults/ai-rules-context.json +231 -0
- package/config/engines/engines.json +49 -0
- package/config/engines/eslint-rule-mapping.json +74 -0
- package/config/eslint-rule-mapping.json +126 -0
- package/config/{typescript/eslint.config.js → integrations/eslint/typescript.config.js} +4 -0
- package/config/presets/beginner.json +1 -1
- package/config/presets/ci.json +3 -2
- package/config/presets/recommended.json +1 -1
- package/config/presets/strict.json +2 -2
- package/config/rule-analysis-strategies.js +74 -0
- package/config/{rules-registry.json → rules/rules-registry.json} +82 -0
- package/core/analysis-orchestrator.js +383 -591
- package/core/ast-modules/README.md +103 -0
- package/core/ast-modules/base-parser.js +90 -0
- package/core/ast-modules/index.js +97 -0
- package/core/ast-modules/package.json +37 -0
- package/core/ast-modules/parsers/eslint-js-parser.js +147 -0
- package/core/ast-modules/parsers/eslint-ts-parser.js +106 -0
- package/core/ast-modules/parsers/javascript-parser.js +187 -0
- package/core/ast-modules/parsers/typescript-parser.js +187 -0
- package/core/cli-action-handler.js +271 -255
- package/core/cli-program.js +18 -4
- package/core/config-manager.js +18 -11
- package/core/config-merger.js +52 -1
- package/core/config-validator.js +2 -2
- package/core/enhanced-rules-registry.js +331 -0
- package/core/file-targeting-service.js +93 -29
- package/core/interfaces/analysis-engine.interface.js +100 -0
- package/core/multi-rule-runner.js +0 -221
- package/core/output-service.js +1 -1
- package/core/rule-mapping-service.js +9 -1
- package/core/rule-selection-service.js +10 -2
- package/docs/CONFIGURATION.md +414 -0
- package/docs/DEPLOYMENT-STRATEGIES.md +270 -0
- package/engines/eslint-engine.js +601 -0
- package/engines/heuristic-engine.js +860 -0
- package/engines/openai-engine.js +374 -0
- package/integrations/eslint/README.md +99 -0
- package/{eslint-integration → integrations/eslint/configs}/.eslintrc.js +1 -1
- package/integrations/eslint/configs/eslint.config.js +133 -0
- package/integrations/eslint/configs/eslint.config.simple.js +24 -0
- package/integrations/eslint/plugin/index.js +164 -0
- package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c006-function-name-verb-noun.js +11 -2
- package/integrations/eslint/plugin/rules/common/c013-no-dead-code.js +78 -0
- package/integrations/eslint/plugin/rules/common/c017-limit-constructor-logic.js +146 -0
- package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c029-catch-block-logging.js +35 -0
- package/integrations/eslint/plugin/rules/common/c035-no-empty-catch.js +162 -0
- package/integrations/eslint/plugin/rules/common/c041-no-config-inline.js +122 -0
- package/integrations/eslint/plugin/rules/common/c072-one-assert-per-test.js +184 -0
- package/integrations/eslint/plugin/rules/common/c075-explicit-function-return-types.js +168 -0
- package/integrations/eslint/plugin/rules/common/c076-single-behavior-per-test.js +254 -0
- package/integrations/eslint/plugin/rules/security/s001-fail-securely.js +381 -0
- package/integrations/eslint/plugin/rules/security/s002-idor-check.js +945 -0
- package/integrations/eslint/plugin/rules/security/s007-no-plaintext-otp.js +74 -0
- package/integrations/eslint/plugin/rules/security/s013-verify-tls-connection.js +47 -0
- package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/typescript}/t003-ts-ignore-reason.js +3 -3
- package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/typescript}/t007-no-fn-in-constructor.js +1 -1
- package/integrations/eslint/plugin/rules/typescript/t019-no-this-assign.js +81 -0
- package/integrations/eslint/plugin/rules/typescript/t020-no-default-multi-export.js +127 -0
- package/integrations/eslint/plugin/rules/typescript/t021-limit-nested-generics.js +150 -0
- package/integrations/eslint/test-c041-rule.js +87 -0
- package/package.json +29 -19
- package/rules/README.md +252 -0
- package/rules/common/C002_no_duplicate_code/analyzer.js +65 -0
- package/rules/common/C002_no_duplicate_code/config.json +23 -0
- package/rules/common/C003_no_vague_abbreviations/analyzer.js +418 -0
- package/rules/common/C003_no_vague_abbreviations/config.json +35 -0
- package/rules/{C006_function_naming → common/C006_function_naming}/analyzer.js +13 -2
- package/rules/common/C010_limit_block_nesting/analyzer.js +389 -0
- package/rules/common/C013_no_dead_code/analyzer.js +206 -0
- package/rules/common/C014_dependency_injection/analyzer.js +338 -0
- package/rules/common/C017_constructor_logic/analyzer.js +314 -0
- package/rules/{C019_log_level_usage → common/C019_log_level_usage}/analyzer.js +5 -2
- package/rules/{C029_catch_block_logging → common/C029_catch_block_logging}/analyzer.js +49 -15
- package/rules/common/C041_no_sensitive_hardcode/analyzer.js +292 -0
- package/rules/common/C042_boolean_name_prefix/analyzer.js +300 -0
- package/rules/common/C043_no_console_or_print/analyzer.js +304 -0
- package/rules/common/C047_no_duplicate_retry_logic/analyzer.js +351 -0
- package/rules/common/C075_explicit_return_types/analyzer.js +103 -0
- package/rules/common/C076_single_test_behavior/analyzer.js +121 -0
- package/rules/docs/C002_no_duplicate_code.md +57 -0
- package/rules/index.js +149 -0
- package/rules/migration/converter.js +385 -0
- package/rules/migration/mapping.json +164 -0
- package/rules/security/S026_json_schema_validation/analyzer.js +251 -0
- package/rules/security/S026_json_schema_validation/config.json +27 -0
- package/rules/security/S027_no_hardcoded_secrets/analyzer.js +263 -0
- package/rules/security/S027_no_hardcoded_secrets/config.json +29 -0
- package/rules/security/S029_csrf_protection/analyzer.js +264 -0
- package/rules/tests/C002_no_duplicate_code.test.js +50 -0
- package/rules/utils/ast-utils.js +191 -0
- package/rules/utils/base-analyzer.js +98 -0
- package/rules/utils/pattern-matchers.js +239 -0
- package/rules/utils/rule-helpers.js +264 -0
- package/rules/utils/severity-constants.js +93 -0
- package/scripts/build-release.sh +117 -0
- package/scripts/ci-report.js +179 -0
- package/scripts/install.sh +196 -0
- package/scripts/manual-release.sh +338 -0
- package/scripts/merge-reports.js +424 -0
- package/scripts/pre-release-test.sh +175 -0
- package/scripts/prepare-release.sh +202 -0
- package/scripts/setup-github-registry.sh +42 -0
- package/scripts/test-scripts/README.md +22 -0
- package/scripts/test-scripts/test-c041-comparison.js +114 -0
- package/scripts/test-scripts/test-c041-eslint.js +67 -0
- package/scripts/test-scripts/test-eslint-rules.js +146 -0
- package/scripts/test-scripts/test-real-world.js +44 -0
- package/scripts/test-scripts/test-rules-on-real-projects.js +86 -0
- package/scripts/trigger-release.sh +285 -0
- package/scripts/validate-rule-structure.js +148 -0
- package/scripts/verify-install.sh +82 -0
- package/cli-legacy.js +0 -355
- package/config/sunlint-schema.json +0 -166
- package/config/typescript/custom-rules-new.js +0 -0
- package/config/typescript/custom-rules.js +0 -9
- package/config/typescript/package-lock.json +0 -1585
- package/config/typescript/package.json +0 -13
- package/config/typescript/security-rules/index.js +0 -90
- package/config/typescript/security-rules/s005-no-origin-auth.js +0 -95
- package/config/typescript/security-rules/s006-activation-recovery-secret-not-plaintext.js +0 -69
- package/config/typescript/security-rules/s008-crypto-agility.js +0 -62
- package/config/typescript/security-rules/s009-no-insecure-crypto.js +0 -103
- package/config/typescript/security-rules/s010-no-insecure-random-in-sensitive-context.js +0 -123
- package/config/typescript/security-rules/s011-no-insecure-uuid.js +0 -66
- package/config/typescript/security-rules/s012-hardcode-secret.js +0 -71
- package/config/typescript/security-rules/s014-insecure-tls-version.js +0 -50
- package/config/typescript/security-rules/s015-insecure-tls-certificate.js +0 -43
- package/config/typescript/security-rules/s016-sensitive-query-parameter.js +0 -59
- package/config/typescript/security-rules/s017-no-sql-injection.js +0 -193
- package/config/typescript/security-rules/s018-positive-input-validation.js +0 -56
- package/config/typescript/security-rules/s019-no-raw-user-input-in-email.js +0 -113
- package/config/typescript/security-rules/s020-no-eval-dynamic-execution.js +0 -89
- package/config/typescript/security-rules/s022-output-encoding.js +0 -78
- package/config/typescript/security-rules/s023-no-json-injection.js +0 -300
- package/config/typescript/security-rules/s025-server-side-input-validation.js +0 -217
- package/config/typescript/security-rules/s026-json-schema-validation.js +0 -68
- package/config/typescript/security-rules/s027-no-hardcoded-secrets.js +0 -80
- package/config/typescript/security-rules/s029-require-csrf-protection.js +0 -79
- package/config/typescript/security-rules/s030-no-directory-browsing.js +0 -78
- package/config/typescript/security-rules/s033-require-samesite-cookie.js +0 -80
- package/config/typescript/security-rules/s034-require-host-cookie-prefix.js +0 -77
- package/config/typescript/security-rules/s035-cookie-specific-path.js +0 -74
- package/config/typescript/security-rules/s036-no-unsafe-file-include.js +0 -68
- package/config/typescript/security-rules/s037-require-anti-cache-headers.js +0 -70
- package/config/typescript/security-rules/s038-no-version-disclosure.js +0 -74
- package/config/typescript/security-rules/s039-no-session-token-in-url.js +0 -63
- package/config/typescript/security-rules/s041-require-session-invalidate-on-logout.js +0 -211
- package/config/typescript/security-rules/s042-require-periodic-reauthentication.js +0 -294
- package/config/typescript/security-rules/s043-terminate-sessions-on-password-change.js +0 -254
- package/config/typescript/security-rules/s044-require-full-session-for-sensitive-operations.js +0 -292
- package/config/typescript/security-rules/s045-anti-automation-controls.js +0 -46
- package/config/typescript/security-rules/s046-secure-notification-on-auth-change.js +0 -44
- package/config/typescript/security-rules/s048-password-credential-recovery.js +0 -54
- package/config/typescript/security-rules/s050-session-token-weak-hash.js +0 -94
- package/config/typescript/security-rules/s052-secure-random-authentication-code.js +0 -66
- package/config/typescript/security-rules/s054-verification-default-account.js +0 -109
- package/config/typescript/security-rules/s057-utc-logging.js +0 -54
- package/config/typescript/security-rules/s058-no-ssrf.js +0 -73
- package/config/typescript/tsconfig.json +0 -29
- package/core/ai-analyzer.js +0 -169
- package/core/eslint-engine-service.js +0 -312
- package/core/eslint-instance-manager.js +0 -104
- package/core/eslint-integration-service.js +0 -363
- package/core/sunlint-engine-service.js +0 -23
- package/core/typescript-analyzer.js +0 -262
- package/core/typescript-engine.js +0 -313
- package/docs/ENHANCED_FILE_TARGETING.md +0 -0
- package/docs/FILE_TARGETING_COMPARISON.md +0 -0
- package/docs/RULE-RESPONSIBILITY-MATRIX.md +0 -204
- package/eslint-integration/cli.js +0 -35
- package/eslint-integration/eslint-plugin-custom/c013-no-dead-code.js +0 -43
- package/eslint-integration/eslint-plugin-custom/c017-limit-constructor-logic.js +0 -39
- package/eslint-integration/eslint-plugin-custom/c027-limit-function-nesting.js +0 -50
- package/eslint-integration/eslint-plugin-custom/c034-no-implicit-return.js +0 -34
- package/eslint-integration/eslint-plugin-custom/c035-no-empty-catch.js +0 -32
- package/eslint-integration/eslint-plugin-custom/c041-no-config-inline.js +0 -64
- package/eslint-integration/eslint-plugin-custom/c048-no-var-declaration.js +0 -31
- package/eslint-integration/eslint-plugin-custom/index.js +0 -155
- package/eslint-integration/eslint-plugin-custom/package.json.bak +0 -9
- package/eslint-integration/eslint-plugin-custom/t004-interface-public-only.js +0 -160
- package/eslint-integration/eslint-plugin-custom/t011-no-real-time-dependency.js +0 -175
- package/eslint-integration/eslint-plugin-custom/t026-limit-nested-generics.js +0 -377
- package/eslint-integration/sample.ts +0 -53
- package/eslint-integration/test-s003.js +0 -5
- package/examples/.github/workflows/code-quality.yml +0 -111
- package/examples/README.md +0 -69
- package/examples/basic-typescript-demo/.eslintrc.json +0 -18
- package/examples/basic-typescript-demo/.next/cache/eslint/.cache_1othrmo +0 -1
- package/examples/basic-typescript-demo/.sunlint.json +0 -29
- package/examples/basic-typescript-demo/eslint.config.mjs +0 -37
- package/examples/basic-typescript-demo/next-env.d.ts +0 -5
- package/examples/basic-typescript-demo/next.config.mjs +0 -4
- package/examples/basic-typescript-demo/package-lock.json +0 -5656
- package/examples/basic-typescript-demo/package.json +0 -34
- package/examples/basic-typescript-demo/src/app/layout.tsx +0 -18
- package/examples/basic-typescript-demo/src/app/page.tsx +0 -48
- package/examples/basic-typescript-demo/src/config.ts +0 -14
- package/examples/basic-typescript-demo/src/good-practices.ts +0 -58
- package/examples/basic-typescript-demo/src/types.generated.ts +0 -13
- package/examples/basic-typescript-demo/src/user.test.ts +0 -19
- package/examples/basic-typescript-demo/src/violations.ts +0 -61
- package/examples/basic-typescript-demo/tsconfig.json +0 -27
- package/examples/eslint-integration-demo/.eslintrc.js +0 -38
- package/examples/eslint-integration-demo/.sunlint.json +0 -42
- package/examples/eslint-integration-demo/next-env.d.ts +0 -5
- package/examples/eslint-integration-demo/next.config.js +0 -8
- package/examples/eslint-integration-demo/package-lock.json +0 -5740
- package/examples/eslint-integration-demo/package.json +0 -37
- package/examples/eslint-integration-demo/src/api.test.ts +0 -20
- package/examples/eslint-integration-demo/src/conflict-test.tsx +0 -44
- package/examples/eslint-integration-demo/src/naming-conflicts.ts +0 -50
- package/examples/eslint-integration-demo/tsconfig.json +0 -26
- package/examples/file-targeting-demo/global.d.ts +0 -11
- package/examples/file-targeting-demo/jest.config.js +0 -8
- package/examples/file-targeting-demo/sample.ts +0 -53
- package/examples/file-targeting-demo/src/server.js +0 -11
- package/examples/file-targeting-demo/src/server.test.js +0 -11
- package/examples/file-targeting-demo/src/types.d.ts +0 -4
- package/examples/file-targeting-demo/src/types.generated.ts +0 -10
- package/examples/file-targeting-demo/user-service.test.ts +0 -15
- package/examples/file-targeting-demo/user-service.ts +0 -13
- package/examples/file-targeting-demo/utils.js +0 -15
- package/examples/multi-language-project/.eslintrc.json +0 -38
- package/examples/multi-language-project/package.json +0 -37
- package/examples/multi-language-project/src/sample.ts +0 -39
- package/examples/rule-test-fixtures/README.md +0 -67
- package/examples/rule-test-fixtures/rules/C006_function_naming/clean/typescript-clean.ts +0 -64
- package/examples/rule-test-fixtures/rules/C006_function_naming/violations/dart-violations.dart +0 -56
- package/examples/rule-test-fixtures/rules/C006_function_naming/violations/typescript-violations.ts +0 -47
- package/examples/rule-test-fixtures/rules/C019_log_level_usage/clean/typescript-clean.ts +0 -93
- package/examples/rule-test-fixtures/rules/C019_log_level_usage/violations/dart-violations.dart +0 -75
- package/examples/rule-test-fixtures/rules/C019_log_level_usage/violations/typescript-violations.ts +0 -84
- package/examples/rule-test-fixtures/rules/C029_catch_block_logging/violations/typescript-violations.ts +0 -37
- /package/config/{default.json → defaults/default.json} +0 -0
- /package/{eslint-integration/eslint.config.js → config/integrations/eslint/base.config.js} +0 -0
- /package/{eslint-integration/eslint.config.simple.js → config/integrations/eslint/simple.config.js} +0 -0
- /package/{examples/rule-test-fixtures/rules/C029_catch_block_logging/clean/typescript-clean.ts → config/schemas/sunlint-schema.json} +0 -0
- /package/config/{typescript → testing}/test-s005-working.ts +0 -0
- /package/{examples/eslint-integration-demo/test-file-targeting.sh → engines/tree-sitter-parser.js} +0 -0
- /package/{examples/enhanced-config.json → engines/universal-ast-engine.js} +0 -0
- /package/{eslint-integration → integrations/eslint}/package.json +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin}/package.json +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c002-no-duplicate-code.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c003-no-vague-abbreviations.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c010-limit-block-nesting.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c014-abstract-dependency-preferred.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c018-no-generic-throw.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c023-no-duplicate-variable-name-in-scope.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c030-use-custom-error-classes.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c042-boolean-name-prefix.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c043-no-console-or-print.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c047-no-duplicate-retry-logic.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s003-no-unvalidated-redirect.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s005-no-origin-auth.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s006-activation-recovery-secret-not-plaintext.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s008-crypto-agility.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s009-no-insecure-crypto.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s010-no-insecure-random-in-sensitive-context.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s011-no-insecure-uuid.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s012-hardcode-secret.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s014-insecure-tls-version.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s015-insecure-tls-certificate.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s016-sensitive-query-parameter.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s017-no-sql-injection.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s018-positive-input-validation.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s019-no-raw-user-input-in-email.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s020-no-eval-dynamic-execution.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s022-output-encoding.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s023-no-json-injection.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s025-server-side-input-validation.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s026-json-schema-validation.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s027-no-hardcoded-secrets.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s029-require-csrf-protection.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s030-no-directory-browsing.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s033-require-samesite-cookie.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s034-require-host-cookie-prefix.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s035-cookie-specific-path.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s036-no-unsafe-file-include.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s037-require-anti-cache-headers.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s038-no-version-disclosure.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s039-no-session-token-in-url.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s041-require-session-invalidate-on-logout.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s042-require-periodic-reauthentication.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s043-terminate-sessions-on-password-change.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s044-require-full-session-for-sensitive-operations.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s045-anti-automation-controls.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s046-secure-notification-on-auth-change.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s047-secure-random-passwords.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s048-password-credential-recovery.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s050-session-token-weak-hash.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s052-secure-random-authentication-code.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s054-verification-default-account.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s055-verification-rest-check-the-incoming-content-type.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s057-utc-logging.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s058-no-ssrf.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/typescript}/t002-interface-prefix-i.js +0 -0
- /package/{eslint-integration/eslint-plugin-custom/t019-no-empty-type.js → integrations/eslint/plugin/rules/typescript/t004-no-empty-type.js} +0 -0
- /package/{eslint-integration/eslint-plugin-custom/t025-no-nested-union-tuple.js → integrations/eslint/plugin/rules/typescript/t010-no-nested-union-tuple.js} +0 -0
- /package/{eslint-integration → integrations/eslint}/tsconfig.json +0 -0
- /package/rules/{C006_function_naming → common/C006_function_naming}/config.json +0 -0
- /package/rules/{C019_log_level_usage → common/C019_log_level_usage}/config.json +0 -0
- /package/rules/{C029_catch_block_logging → common/C029_catch_block_logging}/config.json +0 -0
- /package/rules/{C031_validation_separation → common/C031_validation_separation}/analyzer.js +0 -0
- /package/rules/{C031_validation_separation/README.md → docs/C031_validation_separation.md} +0 -0
- /package/{examples/basic-typescript-demo/test-file-targeting.sh → rules/universal/C010/generic.js} +0 -0
- /package/{examples/basic-typescript-demo/test-config-priority.sh → rules/universal/C010/tree-sitter-analyzer.js} +0 -0
|
@@ -0,0 +1,126 @@
|
|
|
1
|
+
{
|
|
2
|
+
"comment": "SunLint to ESLint Rule Mapping - Full Implementation Status",
|
|
3
|
+
"version": "1.0.0",
|
|
4
|
+
"stats": {
|
|
5
|
+
"commonRulesTotal": 76,
|
|
6
|
+
"commonRulesImplemented": 19,
|
|
7
|
+
"commonRulesMissing": 57,
|
|
8
|
+
"securityRulesTotal": 59,
|
|
9
|
+
"securityRulesImplemented": 43,
|
|
10
|
+
"securityRulesMissing": 16,
|
|
11
|
+
"reactRulesImplemented": 9,
|
|
12
|
+
"typescriptRulesImplemented": 8
|
|
13
|
+
},
|
|
14
|
+
"missingCommonRules": [
|
|
15
|
+
"C001", "C004", "C005", "C007", "C008", "C009", "C011", "C012", "C015", "C016",
|
|
16
|
+
"C019", "C020", "C021", "C022", "C024", "C025", "C026", "C027", "C028", "C031",
|
|
17
|
+
"C032", "C033", "C034", "C036", "C037", "C038", "C039", "C040", "C044", "C045",
|
|
18
|
+
"C046", "C048", "C049", "C050", "C051", "C052", "C053", "C054", "C055", "C056",
|
|
19
|
+
"C057", "C058", "C059", "C060", "C061", "C062", "C063", "C064", "C065", "C066",
|
|
20
|
+
"C067", "C068", "C069", "C070", "C071", "C073", "C074"
|
|
21
|
+
],
|
|
22
|
+
"missingSecurityRules": [
|
|
23
|
+
"S004", "S021", "S024", "S028", "S031", "S032", "S040", "S049", "S051", "S053",
|
|
24
|
+
"S056", "S059", "S060", "S061", "S062", "S063"
|
|
25
|
+
],
|
|
26
|
+
"mappings": {
|
|
27
|
+
"C002": ["custom/no-duplicate-code"],
|
|
28
|
+
"C003": ["custom/no-vague-abbreviations"],
|
|
29
|
+
"C006": ["custom/function-name-verb-noun"],
|
|
30
|
+
"C010": ["custom/limit-block-nesting"],
|
|
31
|
+
"C013": ["custom/no-dead-code"],
|
|
32
|
+
"C014": ["custom/abstract-dependency-preferred"],
|
|
33
|
+
"C017": ["custom/limit-constructor-logic"],
|
|
34
|
+
"C018": ["custom/no-generic-throw"],
|
|
35
|
+
"C023": ["custom/no-duplicate-variable-name-in-scope"],
|
|
36
|
+
"C029": ["custom/catch-block-logging"],
|
|
37
|
+
"C030": ["custom/use-custom-error-classes"],
|
|
38
|
+
"C035": ["custom/no-empty-catch"],
|
|
39
|
+
"C041": ["custom/no-config-inline"],
|
|
40
|
+
"C042": ["custom/boolean-name-prefix"],
|
|
41
|
+
"C043": ["custom/no-console-or-print"],
|
|
42
|
+
"C047": ["custom/no-duplicate-retry-logic"],
|
|
43
|
+
"C072": ["custom/one-assert-per-test"],
|
|
44
|
+
"C075": ["custom/explicit-function-return-types"],
|
|
45
|
+
"C076": ["custom/single-behavior-per-test"],
|
|
46
|
+
|
|
47
|
+
"T002": ["custom/interface-prefix-i"],
|
|
48
|
+
"T003": ["custom/ts-ignore-reason"],
|
|
49
|
+
"T004": ["custom/no-empty-type"],
|
|
50
|
+
"T007": ["custom/no-fn-in-constructor"],
|
|
51
|
+
"T010": ["custom/no-nested-union-tuple"],
|
|
52
|
+
"T019": ["custom/no-this-assign"],
|
|
53
|
+
"T020": ["custom/no-default-multi-export"],
|
|
54
|
+
"T021": ["custom/limit-nested-generics"],
|
|
55
|
+
|
|
56
|
+
"S001": ["custom/s001-fail-securely"],
|
|
57
|
+
"S002": ["custom/s002-idor-check"],
|
|
58
|
+
"S003": ["custom/s003-no-unvalidated-redirect"],
|
|
59
|
+
"S005": ["custom/s005-no-origin-auth"],
|
|
60
|
+
"S006": ["custom/s006-activation-recovery-secret-not-plaintext"],
|
|
61
|
+
"S007": ["custom/s007-no-plaintext-otp"],
|
|
62
|
+
"S008": ["custom/s008-crypto-agility"],
|
|
63
|
+
"S009": ["custom/s009-no-insecure-crypto"],
|
|
64
|
+
"S010": ["custom/s010-no-insecure-random-in-sensitive-context"],
|
|
65
|
+
"S011": ["custom/s011-no-insecure-uuid"],
|
|
66
|
+
"S012": ["custom/s012-hardcode-secret"],
|
|
67
|
+
"S013": ["custom/s013-verify-tls-connection"],
|
|
68
|
+
"S014": ["custom/s014-insecure-tls-version"],
|
|
69
|
+
"S015": ["custom/s015-insecure-tls-certificate"],
|
|
70
|
+
"S016": ["custom/s016-sensitive-query-parameter"],
|
|
71
|
+
"S017": ["custom/s017-no-sql-injection"],
|
|
72
|
+
"S018": ["custom/s018-positive-input-validation"],
|
|
73
|
+
"S019": ["custom/s019-no-raw-user-input-in-email"],
|
|
74
|
+
"S020": ["custom/s020-no-eval-dynamic-execution"],
|
|
75
|
+
"S022": ["custom/s022-output-encoding"],
|
|
76
|
+
"S023": ["custom/s023-no-json-injection"],
|
|
77
|
+
"S025": ["custom/s025-server-side-input-validation"],
|
|
78
|
+
"S026": ["custom/s026-json-schema-validation"],
|
|
79
|
+
"S027": ["custom/s027-no-hardcoded-secrets"],
|
|
80
|
+
"S029": ["custom/s029-require-csrf-protection"],
|
|
81
|
+
"S030": ["custom/s030-no-directory-browsing"],
|
|
82
|
+
"S033": ["custom/s033-require-samesite-cookie"],
|
|
83
|
+
"S034": ["custom/s034-require-host-cookie-prefix"],
|
|
84
|
+
"S035": ["custom/s035-cookie-specific-path"],
|
|
85
|
+
"S036": ["custom/s036-no-unsafe-file-include"],
|
|
86
|
+
"S037": ["custom/s037-require-anti-cache-headers"],
|
|
87
|
+
"S038": ["custom/s038-no-version-disclosure"],
|
|
88
|
+
"S039": ["custom/s039-no-session-token-in-url"],
|
|
89
|
+
"S041": ["custom/s041-require-session-invalidate-on-logout"],
|
|
90
|
+
"S042": ["custom/s042-require-periodic-reauthentication"],
|
|
91
|
+
"S043": ["custom/s043-terminate-sessions-on-password-change"],
|
|
92
|
+
"S044": ["custom/s044-require-full-session-for-sensitive-operations"],
|
|
93
|
+
"S045": ["custom/s045-anti-automation-controls"],
|
|
94
|
+
"S046": ["custom/s046-secure-notification-on-auth-change"],
|
|
95
|
+
"S047": ["custom/s047-secure-random-passwords"],
|
|
96
|
+
"S048": ["custom/s048-password-credential-recovery"],
|
|
97
|
+
"S050": ["custom/s050-session-token-weak-hash"],
|
|
98
|
+
"S052": ["custom/s052-secure-random-authentication-code"],
|
|
99
|
+
"S054": ["custom/s054-verification-default-account"],
|
|
100
|
+
"S055": ["custom/s055-verification-rest-check-the-incoming-content-type"],
|
|
101
|
+
"S057": ["custom/s057-utc-logging"],
|
|
102
|
+
"S058": ["custom/s058-no-ssrf"],
|
|
103
|
+
|
|
104
|
+
"R001": ["react/no-this-in-sfc", "no-param-reassign", "react/function-component-definition", "react/forbid-component-props"],
|
|
105
|
+
"R002": ["react-hooks/rules-of-hooks", "react-hooks/exhaustive-deps", "react/no-did-mount-set-state", "react/no-did-update-set-state"],
|
|
106
|
+
"R003": ["react/no-direct-mutation-state", "react/jsx-no-constructed-context-values", "react/forbid-dom-props"],
|
|
107
|
+
"R004": ["@typescript-eslint/prefer-readonly", "react/forbid-foreign-prop-types"],
|
|
108
|
+
"R005": ["react/jsx-no-bind"],
|
|
109
|
+
"R006": ["react/jsx-pascal-case", "react/jsx-uses-react", "react/jsx-uses-vars"],
|
|
110
|
+
"R007": ["react-hooks/rules-of-hooks"],
|
|
111
|
+
"R008": ["react-hooks/rules-of-hooks"],
|
|
112
|
+
"R009": ["react-hooks/rules-of-hooks"]
|
|
113
|
+
},
|
|
114
|
+
|
|
115
|
+
"implementationTodo": {
|
|
116
|
+
"commonRules": {
|
|
117
|
+
"priority1": ["C001", "C004", "C005", "C007", "C008", "C009", "C011", "C012"],
|
|
118
|
+
"priority2": ["C015", "C016", "C019", "C020", "C021", "C022", "C024", "C025"],
|
|
119
|
+
"priority3": ["C026", "C027", "C028", "C031", "C032", "C033", "C034", "C036"]
|
|
120
|
+
},
|
|
121
|
+
"securityRules": {
|
|
122
|
+
"needImplementation": ["S004", "S021", "S024", "S028", "S031", "S032", "S040"],
|
|
123
|
+
"needMapping": ["All implemented S001-S058 except missing ones above"]
|
|
124
|
+
}
|
|
125
|
+
}
|
|
126
|
+
}
|
|
@@ -62,14 +62,18 @@ module.exports = [
|
|
|
62
62
|
'custom/t026': 'warn',
|
|
63
63
|
|
|
64
64
|
// Enable all security rules as warnings by default
|
|
65
|
+
'custom/typescript_s001': 'warn',
|
|
66
|
+
'custom/typescript_s002': 'warn',
|
|
65
67
|
'custom/typescript_s003': 'warn',
|
|
66
68
|
'custom/typescript_s005': 'warn',
|
|
67
69
|
'custom/typescript_s006': 'warn',
|
|
70
|
+
'custom/typescript_s007': 'warn',
|
|
68
71
|
'custom/typescript_s008': 'warn',
|
|
69
72
|
'custom/typescript_s009': 'warn',
|
|
70
73
|
'custom/typescript_s010': 'warn',
|
|
71
74
|
'custom/typescript_s011': 'warn',
|
|
72
75
|
'custom/typescript_s012': 'warn',
|
|
76
|
+
'custom/typescript_s013': 'warn',
|
|
73
77
|
'custom/typescript_s014': 'warn',
|
|
74
78
|
'custom/typescript_s015': 'warn',
|
|
75
79
|
'custom/typescript_s016': 'warn',
|
package/config/presets/ci.json
CHANGED
|
@@ -13,8 +13,8 @@
|
|
|
13
13
|
"naming": "warning",
|
|
14
14
|
"validation": "error"
|
|
15
15
|
},
|
|
16
|
-
"languages": ["typescript", "dart", "
|
|
17
|
-
"
|
|
16
|
+
"languages": ["typescript", "dart", "kotlin"],
|
|
17
|
+
"exclude": [
|
|
18
18
|
"**/node_modules/**",
|
|
19
19
|
"**/build/**",
|
|
20
20
|
"**/dist/**",
|
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Rule Analysis Strategy Configuration
|
|
3
|
+
* Defines optimal analysis methods for each rule type
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
module.exports = {
|
|
7
|
+
// Rules that benefit significantly from AST analysis
|
|
8
|
+
astPreferred: {
|
|
9
|
+
'C010': {
|
|
10
|
+
reason: 'Block nesting requires precise scope tracking',
|
|
11
|
+
methods: ['ast', 'regex'],
|
|
12
|
+
accuracy: { ast: 95, regex: 75 }
|
|
13
|
+
},
|
|
14
|
+
'C012': {
|
|
15
|
+
reason: 'Cyclomatic complexity needs control flow analysis',
|
|
16
|
+
methods: ['ast', 'regex'],
|
|
17
|
+
accuracy: { ast: 90, regex: 60 }
|
|
18
|
+
},
|
|
19
|
+
'C015': {
|
|
20
|
+
reason: 'Function parameter counting benefits from AST',
|
|
21
|
+
methods: ['ast', 'regex'],
|
|
22
|
+
accuracy: { ast: 95, regex: 85 }
|
|
23
|
+
},
|
|
24
|
+
'C017': {
|
|
25
|
+
reason: 'Constructor logic analysis needs AST context',
|
|
26
|
+
methods: ['ast', 'regex'],
|
|
27
|
+
accuracy: { ast: 90, regex: 70 }
|
|
28
|
+
}
|
|
29
|
+
},
|
|
30
|
+
|
|
31
|
+
// Rules where regex is sufficient and efficient
|
|
32
|
+
regexOptimal: {
|
|
33
|
+
'C001': {
|
|
34
|
+
reason: 'Naming patterns are string-based',
|
|
35
|
+
methods: ['regex'],
|
|
36
|
+
accuracy: { regex: 95 }
|
|
37
|
+
},
|
|
38
|
+
'C043': {
|
|
39
|
+
reason: 'Console/print detection via simple patterns',
|
|
40
|
+
methods: ['regex'],
|
|
41
|
+
accuracy: { regex: 90 }
|
|
42
|
+
},
|
|
43
|
+
'S001': {
|
|
44
|
+
reason: 'Security patterns are often string-based',
|
|
45
|
+
methods: ['regex', 'ast'],
|
|
46
|
+
accuracy: { regex: 85, ast: 90 }
|
|
47
|
+
}
|
|
48
|
+
},
|
|
49
|
+
|
|
50
|
+
// Rules that require hybrid approach
|
|
51
|
+
hybridOptimal: {
|
|
52
|
+
'C029': {
|
|
53
|
+
reason: 'Catch block analysis needs context + patterns',
|
|
54
|
+
methods: ['ast', 'regex', 'semantic'],
|
|
55
|
+
strategy: 'ast-primary-regex-fallback',
|
|
56
|
+
accuracy: { ast: 90, regex: 75, combined: 95 }
|
|
57
|
+
},
|
|
58
|
+
'C047': {
|
|
59
|
+
reason: 'Retry logic detection needs pattern + structure',
|
|
60
|
+
methods: ['regex', 'ast'],
|
|
61
|
+
strategy: 'regex-primary-ast-enhancement',
|
|
62
|
+
accuracy: { regex: 80, ast: 85, combined: 92 }
|
|
63
|
+
}
|
|
64
|
+
},
|
|
65
|
+
|
|
66
|
+
// Rules that may need future enhancement
|
|
67
|
+
experimental: {
|
|
68
|
+
'C072': {
|
|
69
|
+
reason: 'Test assertion counting - exploring AI enhancement',
|
|
70
|
+
methods: ['regex', 'ast', 'ai'],
|
|
71
|
+
strategy: 'progressive-enhancement'
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
};
|
|
@@ -24,6 +24,17 @@
|
|
|
24
24
|
"status": "activated",
|
|
25
25
|
"tags": ["naming", "convention", "readability"]
|
|
26
26
|
},
|
|
27
|
+
"C010": {
|
|
28
|
+
"name": "Limit Block Nesting",
|
|
29
|
+
"description": "Limit nested blocks (if/for/while/switch) to maximum 3 levels for readability",
|
|
30
|
+
"category": "complexity",
|
|
31
|
+
"severity": "warning",
|
|
32
|
+
"languages": ["typescript", "javascript", "dart", "kotlin"],
|
|
33
|
+
"analyzer": "./rules/common/C010_limit_block_nesting/analyzer.js",
|
|
34
|
+
"version": "1.0.0",
|
|
35
|
+
"status": "stable",
|
|
36
|
+
"tags": ["complexity", "readability", "nesting", "maintainability"]
|
|
37
|
+
},
|
|
27
38
|
"C029": {
|
|
28
39
|
"name": "Catch Block Error Logging",
|
|
29
40
|
"description": "Mọi catch block phải log nguyên nhân lỗi đầy đủ",
|
|
@@ -48,6 +59,53 @@
|
|
|
48
59
|
"status": "experimental",
|
|
49
60
|
"tags": ["validation", "separation", "architecture"]
|
|
50
61
|
},
|
|
62
|
+
"C043": {
|
|
63
|
+
"name": "No Console Or Print",
|
|
64
|
+
"description": "Do not use console.log or print in production code",
|
|
65
|
+
"category": "logging",
|
|
66
|
+
"severity": "warning",
|
|
67
|
+
"languages": ["typescript", "javascript", "dart"],
|
|
68
|
+
"analyzer": "./rules/common/C043_no_console_or_print/analyzer.js",
|
|
69
|
+
"version": "1.0.0",
|
|
70
|
+
"status": "stable",
|
|
71
|
+
"tags": ["logging", "production", "debugging", "console"]
|
|
72
|
+
},
|
|
73
|
+
"C076": {
|
|
74
|
+
"name": "One Assert Per Test",
|
|
75
|
+
"description": "Each test should assert only one behavior (Single Assert Rule)",
|
|
76
|
+
"category": "testing",
|
|
77
|
+
"severity": "warning",
|
|
78
|
+
"languages": ["typescript", "javascript"],
|
|
79
|
+
"analyzer": "eslint",
|
|
80
|
+
"eslintRule": "custom/c076",
|
|
81
|
+
"version": "1.0.0",
|
|
82
|
+
"status": "stable",
|
|
83
|
+
"tags": ["testing", "unit-test", "assertion"]
|
|
84
|
+
},
|
|
85
|
+
"S001": {
|
|
86
|
+
"name": "Fail Securely",
|
|
87
|
+
"description": "Verify that if there is an error in access control, the system fails securely",
|
|
88
|
+
"category": "security",
|
|
89
|
+
"severity": "error",
|
|
90
|
+
"languages": ["typescript", "javascript"],
|
|
91
|
+
"analyzer": "eslint",
|
|
92
|
+
"eslintRule": "custom/typescript_s001",
|
|
93
|
+
"version": "1.0.0",
|
|
94
|
+
"status": "stable",
|
|
95
|
+
"tags": ["security", "access-control", "fail-safe"]
|
|
96
|
+
},
|
|
97
|
+
"S002": {
|
|
98
|
+
"name": "IDOR Check",
|
|
99
|
+
"description": "Insecure Direct Object Reference prevention",
|
|
100
|
+
"category": "security",
|
|
101
|
+
"severity": "error",
|
|
102
|
+
"languages": ["typescript", "javascript"],
|
|
103
|
+
"analyzer": "eslint",
|
|
104
|
+
"eslintRule": "custom/typescript_s002",
|
|
105
|
+
"version": "1.0.0",
|
|
106
|
+
"status": "stable",
|
|
107
|
+
"tags": ["security", "idor", "access-control"]
|
|
108
|
+
},
|
|
51
109
|
"S003": {
|
|
52
110
|
"name": "No Unvalidated Redirect",
|
|
53
111
|
"description": "Prevent unvalidated redirects and forwards",
|
|
@@ -84,6 +142,18 @@
|
|
|
84
142
|
"status": "stable",
|
|
85
143
|
"tags": ["security", "secrets", "encryption"]
|
|
86
144
|
},
|
|
145
|
+
"S007": {
|
|
146
|
+
"name": "No Plaintext OTP",
|
|
147
|
+
"description": "One-Time Passwords must not be stored in plaintext",
|
|
148
|
+
"category": "security",
|
|
149
|
+
"severity": "error",
|
|
150
|
+
"languages": ["typescript", "javascript"],
|
|
151
|
+
"analyzer": "eslint",
|
|
152
|
+
"eslintRule": "custom/typescript_s007",
|
|
153
|
+
"version": "1.0.0",
|
|
154
|
+
"status": "stable",
|
|
155
|
+
"tags": ["security", "otp", "encryption"]
|
|
156
|
+
},
|
|
87
157
|
"S008": {
|
|
88
158
|
"name": "Crypto Agility",
|
|
89
159
|
"description": "Ensure cryptographic agility and algorithm flexibility",
|
|
@@ -144,6 +214,18 @@
|
|
|
144
214
|
"status": "stable",
|
|
145
215
|
"tags": ["security", "secrets", "hardcoded"]
|
|
146
216
|
},
|
|
217
|
+
"S013": {
|
|
218
|
+
"name": "Verify TLS Connection",
|
|
219
|
+
"description": "Verify that TLS connections are properly established and validated",
|
|
220
|
+
"category": "security",
|
|
221
|
+
"severity": "error",
|
|
222
|
+
"languages": ["typescript", "javascript"],
|
|
223
|
+
"analyzer": "eslint",
|
|
224
|
+
"eslintRule": "custom/typescript_s013",
|
|
225
|
+
"version": "1.0.0",
|
|
226
|
+
"status": "stable",
|
|
227
|
+
"tags": ["security", "tls", "connection"]
|
|
228
|
+
},
|
|
147
229
|
"S014": {
|
|
148
230
|
"name": "Insecure TLS Version",
|
|
149
231
|
"description": "Prevent usage of insecure TLS versions",
|