@sun-asterisk/sunlint 1.0.6 → 1.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (314) hide show
  1. package/.sunlint.json +35 -0
  2. package/CHANGELOG.md +135 -169
  3. package/CONTRIBUTING.md +235 -0
  4. package/PROJECT_STRUCTURE.md +60 -0
  5. package/README.md +77 -50
  6. package/cli.js +1 -0
  7. package/config/README.md +88 -0
  8. package/config/defaults/ai-rules-context.json +231 -0
  9. package/config/engines/engines.json +49 -0
  10. package/config/engines/eslint-rule-mapping.json +74 -0
  11. package/config/eslint-rule-mapping.json +126 -0
  12. package/config/{typescript/eslint.config.js → integrations/eslint/typescript.config.js} +4 -0
  13. package/config/presets/beginner.json +1 -1
  14. package/config/presets/ci.json +3 -2
  15. package/config/presets/recommended.json +1 -1
  16. package/config/presets/strict.json +2 -2
  17. package/config/rule-analysis-strategies.js +74 -0
  18. package/config/{rules-registry.json → rules/rules-registry.json} +82 -0
  19. package/core/analysis-orchestrator.js +383 -591
  20. package/core/ast-modules/README.md +103 -0
  21. package/core/ast-modules/base-parser.js +90 -0
  22. package/core/ast-modules/index.js +97 -0
  23. package/core/ast-modules/package.json +37 -0
  24. package/core/ast-modules/parsers/eslint-js-parser.js +147 -0
  25. package/core/ast-modules/parsers/eslint-ts-parser.js +106 -0
  26. package/core/ast-modules/parsers/javascript-parser.js +187 -0
  27. package/core/ast-modules/parsers/typescript-parser.js +187 -0
  28. package/core/cli-action-handler.js +271 -255
  29. package/core/cli-program.js +18 -4
  30. package/core/config-manager.js +18 -11
  31. package/core/config-merger.js +52 -1
  32. package/core/config-validator.js +2 -2
  33. package/core/enhanced-rules-registry.js +331 -0
  34. package/core/file-targeting-service.js +93 -29
  35. package/core/interfaces/analysis-engine.interface.js +100 -0
  36. package/core/multi-rule-runner.js +0 -221
  37. package/core/output-service.js +1 -1
  38. package/core/rule-mapping-service.js +9 -1
  39. package/core/rule-selection-service.js +10 -2
  40. package/docs/CONFIGURATION.md +414 -0
  41. package/docs/DEPLOYMENT-STRATEGIES.md +270 -0
  42. package/engines/eslint-engine.js +601 -0
  43. package/engines/heuristic-engine.js +860 -0
  44. package/engines/openai-engine.js +374 -0
  45. package/integrations/eslint/README.md +99 -0
  46. package/{eslint-integration → integrations/eslint/configs}/.eslintrc.js +1 -1
  47. package/integrations/eslint/configs/eslint.config.js +133 -0
  48. package/integrations/eslint/configs/eslint.config.simple.js +24 -0
  49. package/integrations/eslint/plugin/index.js +164 -0
  50. package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c006-function-name-verb-noun.js +11 -2
  51. package/integrations/eslint/plugin/rules/common/c013-no-dead-code.js +78 -0
  52. package/integrations/eslint/plugin/rules/common/c017-limit-constructor-logic.js +146 -0
  53. package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c029-catch-block-logging.js +35 -0
  54. package/integrations/eslint/plugin/rules/common/c035-no-empty-catch.js +162 -0
  55. package/integrations/eslint/plugin/rules/common/c041-no-config-inline.js +122 -0
  56. package/integrations/eslint/plugin/rules/common/c072-one-assert-per-test.js +184 -0
  57. package/integrations/eslint/plugin/rules/common/c075-explicit-function-return-types.js +168 -0
  58. package/integrations/eslint/plugin/rules/common/c076-single-behavior-per-test.js +254 -0
  59. package/integrations/eslint/plugin/rules/security/s001-fail-securely.js +381 -0
  60. package/integrations/eslint/plugin/rules/security/s002-idor-check.js +945 -0
  61. package/integrations/eslint/plugin/rules/security/s007-no-plaintext-otp.js +74 -0
  62. package/integrations/eslint/plugin/rules/security/s013-verify-tls-connection.js +47 -0
  63. package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/typescript}/t003-ts-ignore-reason.js +3 -3
  64. package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/typescript}/t007-no-fn-in-constructor.js +1 -1
  65. package/integrations/eslint/plugin/rules/typescript/t019-no-this-assign.js +81 -0
  66. package/integrations/eslint/plugin/rules/typescript/t020-no-default-multi-export.js +127 -0
  67. package/integrations/eslint/plugin/rules/typescript/t021-limit-nested-generics.js +150 -0
  68. package/integrations/eslint/test-c041-rule.js +87 -0
  69. package/package.json +29 -19
  70. package/rules/README.md +252 -0
  71. package/rules/common/C002_no_duplicate_code/analyzer.js +65 -0
  72. package/rules/common/C002_no_duplicate_code/config.json +23 -0
  73. package/rules/common/C003_no_vague_abbreviations/analyzer.js +418 -0
  74. package/rules/common/C003_no_vague_abbreviations/config.json +35 -0
  75. package/rules/{C006_function_naming → common/C006_function_naming}/analyzer.js +13 -2
  76. package/rules/common/C010_limit_block_nesting/analyzer.js +389 -0
  77. package/rules/common/C013_no_dead_code/analyzer.js +206 -0
  78. package/rules/common/C014_dependency_injection/analyzer.js +338 -0
  79. package/rules/common/C017_constructor_logic/analyzer.js +314 -0
  80. package/rules/{C019_log_level_usage → common/C019_log_level_usage}/analyzer.js +5 -2
  81. package/rules/{C029_catch_block_logging → common/C029_catch_block_logging}/analyzer.js +49 -15
  82. package/rules/common/C041_no_sensitive_hardcode/analyzer.js +292 -0
  83. package/rules/common/C042_boolean_name_prefix/analyzer.js +300 -0
  84. package/rules/common/C043_no_console_or_print/analyzer.js +304 -0
  85. package/rules/common/C047_no_duplicate_retry_logic/analyzer.js +351 -0
  86. package/rules/common/C075_explicit_return_types/analyzer.js +103 -0
  87. package/rules/common/C076_single_test_behavior/analyzer.js +121 -0
  88. package/rules/docs/C002_no_duplicate_code.md +57 -0
  89. package/rules/index.js +149 -0
  90. package/rules/migration/converter.js +385 -0
  91. package/rules/migration/mapping.json +164 -0
  92. package/rules/security/S026_json_schema_validation/analyzer.js +251 -0
  93. package/rules/security/S026_json_schema_validation/config.json +27 -0
  94. package/rules/security/S027_no_hardcoded_secrets/analyzer.js +263 -0
  95. package/rules/security/S027_no_hardcoded_secrets/config.json +29 -0
  96. package/rules/security/S029_csrf_protection/analyzer.js +264 -0
  97. package/rules/tests/C002_no_duplicate_code.test.js +50 -0
  98. package/rules/utils/ast-utils.js +191 -0
  99. package/rules/utils/base-analyzer.js +98 -0
  100. package/rules/utils/pattern-matchers.js +239 -0
  101. package/rules/utils/rule-helpers.js +264 -0
  102. package/rules/utils/severity-constants.js +93 -0
  103. package/scripts/build-release.sh +117 -0
  104. package/scripts/ci-report.js +179 -0
  105. package/scripts/install.sh +196 -0
  106. package/scripts/manual-release.sh +338 -0
  107. package/scripts/merge-reports.js +424 -0
  108. package/scripts/pre-release-test.sh +175 -0
  109. package/scripts/prepare-release.sh +202 -0
  110. package/scripts/setup-github-registry.sh +42 -0
  111. package/scripts/test-scripts/README.md +22 -0
  112. package/scripts/test-scripts/test-c041-comparison.js +114 -0
  113. package/scripts/test-scripts/test-c041-eslint.js +67 -0
  114. package/scripts/test-scripts/test-eslint-rules.js +146 -0
  115. package/scripts/test-scripts/test-real-world.js +44 -0
  116. package/scripts/test-scripts/test-rules-on-real-projects.js +86 -0
  117. package/scripts/trigger-release.sh +285 -0
  118. package/scripts/validate-rule-structure.js +148 -0
  119. package/scripts/verify-install.sh +82 -0
  120. package/cli-legacy.js +0 -355
  121. package/config/sunlint-schema.json +0 -166
  122. package/config/typescript/custom-rules-new.js +0 -0
  123. package/config/typescript/custom-rules.js +0 -9
  124. package/config/typescript/package-lock.json +0 -1585
  125. package/config/typescript/package.json +0 -13
  126. package/config/typescript/security-rules/index.js +0 -90
  127. package/config/typescript/security-rules/s005-no-origin-auth.js +0 -95
  128. package/config/typescript/security-rules/s006-activation-recovery-secret-not-plaintext.js +0 -69
  129. package/config/typescript/security-rules/s008-crypto-agility.js +0 -62
  130. package/config/typescript/security-rules/s009-no-insecure-crypto.js +0 -103
  131. package/config/typescript/security-rules/s010-no-insecure-random-in-sensitive-context.js +0 -123
  132. package/config/typescript/security-rules/s011-no-insecure-uuid.js +0 -66
  133. package/config/typescript/security-rules/s012-hardcode-secret.js +0 -71
  134. package/config/typescript/security-rules/s014-insecure-tls-version.js +0 -50
  135. package/config/typescript/security-rules/s015-insecure-tls-certificate.js +0 -43
  136. package/config/typescript/security-rules/s016-sensitive-query-parameter.js +0 -59
  137. package/config/typescript/security-rules/s017-no-sql-injection.js +0 -193
  138. package/config/typescript/security-rules/s018-positive-input-validation.js +0 -56
  139. package/config/typescript/security-rules/s019-no-raw-user-input-in-email.js +0 -113
  140. package/config/typescript/security-rules/s020-no-eval-dynamic-execution.js +0 -89
  141. package/config/typescript/security-rules/s022-output-encoding.js +0 -78
  142. package/config/typescript/security-rules/s023-no-json-injection.js +0 -300
  143. package/config/typescript/security-rules/s025-server-side-input-validation.js +0 -217
  144. package/config/typescript/security-rules/s026-json-schema-validation.js +0 -68
  145. package/config/typescript/security-rules/s027-no-hardcoded-secrets.js +0 -80
  146. package/config/typescript/security-rules/s029-require-csrf-protection.js +0 -79
  147. package/config/typescript/security-rules/s030-no-directory-browsing.js +0 -78
  148. package/config/typescript/security-rules/s033-require-samesite-cookie.js +0 -80
  149. package/config/typescript/security-rules/s034-require-host-cookie-prefix.js +0 -77
  150. package/config/typescript/security-rules/s035-cookie-specific-path.js +0 -74
  151. package/config/typescript/security-rules/s036-no-unsafe-file-include.js +0 -68
  152. package/config/typescript/security-rules/s037-require-anti-cache-headers.js +0 -70
  153. package/config/typescript/security-rules/s038-no-version-disclosure.js +0 -74
  154. package/config/typescript/security-rules/s039-no-session-token-in-url.js +0 -63
  155. package/config/typescript/security-rules/s041-require-session-invalidate-on-logout.js +0 -211
  156. package/config/typescript/security-rules/s042-require-periodic-reauthentication.js +0 -294
  157. package/config/typescript/security-rules/s043-terminate-sessions-on-password-change.js +0 -254
  158. package/config/typescript/security-rules/s044-require-full-session-for-sensitive-operations.js +0 -292
  159. package/config/typescript/security-rules/s045-anti-automation-controls.js +0 -46
  160. package/config/typescript/security-rules/s046-secure-notification-on-auth-change.js +0 -44
  161. package/config/typescript/security-rules/s048-password-credential-recovery.js +0 -54
  162. package/config/typescript/security-rules/s050-session-token-weak-hash.js +0 -94
  163. package/config/typescript/security-rules/s052-secure-random-authentication-code.js +0 -66
  164. package/config/typescript/security-rules/s054-verification-default-account.js +0 -109
  165. package/config/typescript/security-rules/s057-utc-logging.js +0 -54
  166. package/config/typescript/security-rules/s058-no-ssrf.js +0 -73
  167. package/config/typescript/tsconfig.json +0 -29
  168. package/core/ai-analyzer.js +0 -169
  169. package/core/eslint-engine-service.js +0 -312
  170. package/core/eslint-instance-manager.js +0 -104
  171. package/core/eslint-integration-service.js +0 -363
  172. package/core/sunlint-engine-service.js +0 -23
  173. package/core/typescript-analyzer.js +0 -262
  174. package/core/typescript-engine.js +0 -313
  175. package/docs/ENHANCED_FILE_TARGETING.md +0 -0
  176. package/docs/FILE_TARGETING_COMPARISON.md +0 -0
  177. package/docs/RULE-RESPONSIBILITY-MATRIX.md +0 -204
  178. package/eslint-integration/cli.js +0 -35
  179. package/eslint-integration/eslint-plugin-custom/c013-no-dead-code.js +0 -43
  180. package/eslint-integration/eslint-plugin-custom/c017-limit-constructor-logic.js +0 -39
  181. package/eslint-integration/eslint-plugin-custom/c027-limit-function-nesting.js +0 -50
  182. package/eslint-integration/eslint-plugin-custom/c034-no-implicit-return.js +0 -34
  183. package/eslint-integration/eslint-plugin-custom/c035-no-empty-catch.js +0 -32
  184. package/eslint-integration/eslint-plugin-custom/c041-no-config-inline.js +0 -64
  185. package/eslint-integration/eslint-plugin-custom/c048-no-var-declaration.js +0 -31
  186. package/eslint-integration/eslint-plugin-custom/index.js +0 -155
  187. package/eslint-integration/eslint-plugin-custom/package.json.bak +0 -9
  188. package/eslint-integration/eslint-plugin-custom/t004-interface-public-only.js +0 -160
  189. package/eslint-integration/eslint-plugin-custom/t011-no-real-time-dependency.js +0 -175
  190. package/eslint-integration/eslint-plugin-custom/t026-limit-nested-generics.js +0 -377
  191. package/eslint-integration/sample.ts +0 -53
  192. package/eslint-integration/test-s003.js +0 -5
  193. package/examples/.github/workflows/code-quality.yml +0 -111
  194. package/examples/README.md +0 -69
  195. package/examples/basic-typescript-demo/.eslintrc.json +0 -18
  196. package/examples/basic-typescript-demo/.next/cache/eslint/.cache_1othrmo +0 -1
  197. package/examples/basic-typescript-demo/.sunlint.json +0 -29
  198. package/examples/basic-typescript-demo/eslint.config.mjs +0 -37
  199. package/examples/basic-typescript-demo/next-env.d.ts +0 -5
  200. package/examples/basic-typescript-demo/next.config.mjs +0 -4
  201. package/examples/basic-typescript-demo/package-lock.json +0 -5656
  202. package/examples/basic-typescript-demo/package.json +0 -34
  203. package/examples/basic-typescript-demo/src/app/layout.tsx +0 -18
  204. package/examples/basic-typescript-demo/src/app/page.tsx +0 -48
  205. package/examples/basic-typescript-demo/src/config.ts +0 -14
  206. package/examples/basic-typescript-demo/src/good-practices.ts +0 -58
  207. package/examples/basic-typescript-demo/src/types.generated.ts +0 -13
  208. package/examples/basic-typescript-demo/src/user.test.ts +0 -19
  209. package/examples/basic-typescript-demo/src/violations.ts +0 -61
  210. package/examples/basic-typescript-demo/tsconfig.json +0 -27
  211. package/examples/eslint-integration-demo/.eslintrc.js +0 -38
  212. package/examples/eslint-integration-demo/.sunlint.json +0 -42
  213. package/examples/eslint-integration-demo/next-env.d.ts +0 -5
  214. package/examples/eslint-integration-demo/next.config.js +0 -8
  215. package/examples/eslint-integration-demo/package-lock.json +0 -5740
  216. package/examples/eslint-integration-demo/package.json +0 -37
  217. package/examples/eslint-integration-demo/src/api.test.ts +0 -20
  218. package/examples/eslint-integration-demo/src/conflict-test.tsx +0 -44
  219. package/examples/eslint-integration-demo/src/naming-conflicts.ts +0 -50
  220. package/examples/eslint-integration-demo/tsconfig.json +0 -26
  221. package/examples/file-targeting-demo/global.d.ts +0 -11
  222. package/examples/file-targeting-demo/jest.config.js +0 -8
  223. package/examples/file-targeting-demo/sample.ts +0 -53
  224. package/examples/file-targeting-demo/src/server.js +0 -11
  225. package/examples/file-targeting-demo/src/server.test.js +0 -11
  226. package/examples/file-targeting-demo/src/types.d.ts +0 -4
  227. package/examples/file-targeting-demo/src/types.generated.ts +0 -10
  228. package/examples/file-targeting-demo/user-service.test.ts +0 -15
  229. package/examples/file-targeting-demo/user-service.ts +0 -13
  230. package/examples/file-targeting-demo/utils.js +0 -15
  231. package/examples/multi-language-project/.eslintrc.json +0 -38
  232. package/examples/multi-language-project/package.json +0 -37
  233. package/examples/multi-language-project/src/sample.ts +0 -39
  234. package/examples/rule-test-fixtures/README.md +0 -67
  235. package/examples/rule-test-fixtures/rules/C006_function_naming/clean/typescript-clean.ts +0 -64
  236. package/examples/rule-test-fixtures/rules/C006_function_naming/violations/dart-violations.dart +0 -56
  237. package/examples/rule-test-fixtures/rules/C006_function_naming/violations/typescript-violations.ts +0 -47
  238. package/examples/rule-test-fixtures/rules/C019_log_level_usage/clean/typescript-clean.ts +0 -93
  239. package/examples/rule-test-fixtures/rules/C019_log_level_usage/violations/dart-violations.dart +0 -75
  240. package/examples/rule-test-fixtures/rules/C019_log_level_usage/violations/typescript-violations.ts +0 -84
  241. package/examples/rule-test-fixtures/rules/C029_catch_block_logging/violations/typescript-violations.ts +0 -37
  242. /package/config/{default.json → defaults/default.json} +0 -0
  243. /package/{eslint-integration/eslint.config.js → config/integrations/eslint/base.config.js} +0 -0
  244. /package/{eslint-integration/eslint.config.simple.js → config/integrations/eslint/simple.config.js} +0 -0
  245. /package/{examples/rule-test-fixtures/rules/C029_catch_block_logging/clean/typescript-clean.ts → config/schemas/sunlint-schema.json} +0 -0
  246. /package/config/{typescript → testing}/test-s005-working.ts +0 -0
  247. /package/{examples/eslint-integration-demo/test-file-targeting.sh → engines/tree-sitter-parser.js} +0 -0
  248. /package/{examples/enhanced-config.json → engines/universal-ast-engine.js} +0 -0
  249. /package/{eslint-integration → integrations/eslint}/package.json +0 -0
  250. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin}/package.json +0 -0
  251. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c002-no-duplicate-code.js +0 -0
  252. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c003-no-vague-abbreviations.js +0 -0
  253. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c010-limit-block-nesting.js +0 -0
  254. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c014-abstract-dependency-preferred.js +0 -0
  255. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c018-no-generic-throw.js +0 -0
  256. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c023-no-duplicate-variable-name-in-scope.js +0 -0
  257. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c030-use-custom-error-classes.js +0 -0
  258. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c042-boolean-name-prefix.js +0 -0
  259. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c043-no-console-or-print.js +0 -0
  260. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/common}/c047-no-duplicate-retry-logic.js +0 -0
  261. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s003-no-unvalidated-redirect.js +0 -0
  262. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s005-no-origin-auth.js +0 -0
  263. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s006-activation-recovery-secret-not-plaintext.js +0 -0
  264. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s008-crypto-agility.js +0 -0
  265. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s009-no-insecure-crypto.js +0 -0
  266. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s010-no-insecure-random-in-sensitive-context.js +0 -0
  267. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s011-no-insecure-uuid.js +0 -0
  268. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s012-hardcode-secret.js +0 -0
  269. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s014-insecure-tls-version.js +0 -0
  270. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s015-insecure-tls-certificate.js +0 -0
  271. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s016-sensitive-query-parameter.js +0 -0
  272. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s017-no-sql-injection.js +0 -0
  273. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s018-positive-input-validation.js +0 -0
  274. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s019-no-raw-user-input-in-email.js +0 -0
  275. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s020-no-eval-dynamic-execution.js +0 -0
  276. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s022-output-encoding.js +0 -0
  277. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s023-no-json-injection.js +0 -0
  278. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s025-server-side-input-validation.js +0 -0
  279. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s026-json-schema-validation.js +0 -0
  280. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s027-no-hardcoded-secrets.js +0 -0
  281. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s029-require-csrf-protection.js +0 -0
  282. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s030-no-directory-browsing.js +0 -0
  283. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s033-require-samesite-cookie.js +0 -0
  284. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s034-require-host-cookie-prefix.js +0 -0
  285. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s035-cookie-specific-path.js +0 -0
  286. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s036-no-unsafe-file-include.js +0 -0
  287. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s037-require-anti-cache-headers.js +0 -0
  288. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s038-no-version-disclosure.js +0 -0
  289. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s039-no-session-token-in-url.js +0 -0
  290. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s041-require-session-invalidate-on-logout.js +0 -0
  291. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s042-require-periodic-reauthentication.js +0 -0
  292. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s043-terminate-sessions-on-password-change.js +0 -0
  293. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s044-require-full-session-for-sensitive-operations.js +0 -0
  294. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s045-anti-automation-controls.js +0 -0
  295. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s046-secure-notification-on-auth-change.js +0 -0
  296. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s047-secure-random-passwords.js +0 -0
  297. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s048-password-credential-recovery.js +0 -0
  298. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s050-session-token-weak-hash.js +0 -0
  299. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s052-secure-random-authentication-code.js +0 -0
  300. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s054-verification-default-account.js +0 -0
  301. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s055-verification-rest-check-the-incoming-content-type.js +0 -0
  302. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s057-utc-logging.js +0 -0
  303. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/security}/s058-no-ssrf.js +0 -0
  304. /package/{eslint-integration/eslint-plugin-custom → integrations/eslint/plugin/rules/typescript}/t002-interface-prefix-i.js +0 -0
  305. /package/{eslint-integration/eslint-plugin-custom/t019-no-empty-type.js → integrations/eslint/plugin/rules/typescript/t004-no-empty-type.js} +0 -0
  306. /package/{eslint-integration/eslint-plugin-custom/t025-no-nested-union-tuple.js → integrations/eslint/plugin/rules/typescript/t010-no-nested-union-tuple.js} +0 -0
  307. /package/{eslint-integration → integrations/eslint}/tsconfig.json +0 -0
  308. /package/rules/{C006_function_naming → common/C006_function_naming}/config.json +0 -0
  309. /package/rules/{C019_log_level_usage → common/C019_log_level_usage}/config.json +0 -0
  310. /package/rules/{C029_catch_block_logging → common/C029_catch_block_logging}/config.json +0 -0
  311. /package/rules/{C031_validation_separation → common/C031_validation_separation}/analyzer.js +0 -0
  312. /package/rules/{C031_validation_separation/README.md → docs/C031_validation_separation.md} +0 -0
  313. /package/{examples/basic-typescript-demo/test-file-targeting.sh → rules/universal/C010/generic.js} +0 -0
  314. /package/{examples/basic-typescript-demo/test-config-priority.sh → rules/universal/C010/tree-sitter-analyzer.js} +0 -0
@@ -1,312 +0,0 @@
1
- /**
2
- * ESLint Engine Service
3
- * Handles ESLint integration for TypeScript analysis
4
- * Following Rule C005: Single responsibility - only handle ESLint execution
5
- * Following Rule C014: Dependency injection for configuration
6
- */
7
-
8
- const { execSync } = require('child_process');
9
- const path = require('path');
10
- const fs = require('fs');
11
- const chalk = require('chalk');
12
-
13
- class ESLintEngineService {
14
- constructor() {
15
- this.eslintConfigPath = path.join(__dirname, '../config/typescript/eslint.config.js');
16
- this.eslintPackagePath = path.join(__dirname, '../config/typescript');
17
- }
18
-
19
- /**
20
- * Query: Check if ESLint is available
21
- */
22
- isAvailable() {
23
- try {
24
- // Check if config exists
25
- if (!fs.existsSync(this.eslintConfigPath)) {
26
- return false;
27
- }
28
-
29
- // Check if ESLint is available
30
- execSync('npx eslint --version', {
31
- stdio: 'ignore',
32
- cwd: this.eslintPackagePath
33
- });
34
- return true;
35
- } catch (error) {
36
- return false;
37
- }
38
- }
39
-
40
- /**
41
- * Command: Ensure ESLint dependencies are installed
42
- */
43
- async ensureDependencies() {
44
- try {
45
- console.log(chalk.blue('🔧 Ensuring ESLint dependencies...'));
46
-
47
- const packageJsonPath = path.join(this.eslintPackagePath, 'package.json');
48
- if (fs.existsSync(packageJsonPath)) {
49
- execSync('npm install', {
50
- cwd: this.eslintPackagePath,
51
- stdio: 'inherit'
52
- });
53
- }
54
-
55
- console.log(chalk.green('✅ ESLint dependencies ready'));
56
- } catch (error) {
57
- throw new Error(`Failed to ensure ESLint dependencies: ${error.message}`);
58
- }
59
- }
60
-
61
- /**
62
- * Command: Run ESLint analysis
63
- */
64
- async runAnalysis(rulesToRun, options) {
65
- try {
66
- // Map SunLint rules to ESLint rules
67
- const eslintRules = this.mapSunLintRulesToESLint(rulesToRun);
68
-
69
- // Build ESLint command
70
- const command = this.buildESLintCommand(eslintRules, options);
71
-
72
- if (options.debug) {
73
- console.log(chalk.yellow('ESLint command:'), command);
74
- }
75
-
76
- // Execute ESLint
77
- const output = execSync(command, {
78
- cwd: this.eslintPackagePath,
79
- encoding: 'utf-8'
80
- });
81
-
82
- // Parse results
83
- return this.parseESLintOutput(output, options);
84
-
85
- } catch (error) {
86
- // ESLint might exit with non-zero code when violations are found
87
- if (error.stdout) {
88
- return this.parseESLintOutput(error.stdout, options);
89
- }
90
- throw new Error(`ESLint execution failed: ${error.message}`);
91
- }
92
- }
93
-
94
- /**
95
- * Query: Map SunLint rule IDs to ESLint rule IDs
96
- */
97
- mapSunLintRulesToESLint(rules) {
98
- const ruleMapping = {
99
- // Quality rules (C-rules)
100
- 'C002': 'custom/c002',
101
- 'C003': 'custom/c003',
102
- 'C006': 'custom/c006',
103
- 'C010': 'custom/c010',
104
- 'C013': 'custom/c013',
105
- 'C014': 'custom/c014',
106
- 'C017': 'custom/c017',
107
- 'C018': 'custom/c018',
108
- 'C023': 'custom/c023',
109
- 'C027': 'custom/c027',
110
- 'C029': 'custom/c029',
111
- 'C030': 'custom/c030',
112
- 'C034': 'custom/c034',
113
- 'C035': 'custom/c035',
114
- 'C041': 'custom/c041',
115
- 'C042': 'custom/c042',
116
- 'C043': 'custom/c043',
117
- 'C047': 'custom/c047',
118
- 'C048': 'custom/c048',
119
-
120
- // Security rules (S-rules)
121
- 'S005': 'custom/typescript_s005',
122
- 'S006': 'custom/typescript_s006',
123
- 'S008': 'custom/typescript_s008',
124
- 'S009': 'custom/typescript_s009',
125
- 'S010': 'custom/typescript_s010',
126
- 'S011': 'custom/typescript_s011',
127
- 'S012': 'custom/typescript_s012',
128
- 'S014': 'custom/typescript_s014',
129
- 'S015': 'custom/typescript_s015',
130
- 'S016': 'custom/typescript_s016',
131
- 'S017': 'custom/typescript_s017',
132
- 'S018': 'custom/typescript_s018',
133
- 'S019': 'custom/typescript_s019',
134
- 'S020': 'custom/typescript_s020',
135
- 'S022': 'custom/typescript_s022',
136
- 'S023': 'custom/typescript_s023',
137
- 'S025': 'custom/typescript_s025',
138
- 'S026': 'custom/typescript_s026',
139
- 'S027': 'custom/typescript_s027',
140
- 'S029': 'custom/typescript_s029',
141
- 'S030': 'custom/typescript_s030',
142
- 'S033': 'custom/typescript_s033',
143
- 'S034': 'custom/typescript_s034',
144
- 'S035': 'custom/typescript_s035',
145
- 'S036': 'custom/typescript_s036',
146
- 'S037': 'custom/typescript_s037',
147
- 'S038': 'custom/typescript_s038',
148
- 'S039': 'custom/typescript_s039',
149
- 'S041': 'custom/typescript_s041',
150
- 'S042': 'custom/typescript_s042',
151
- 'S043': 'custom/typescript_s043',
152
- 'S044': 'custom/typescript_s044',
153
- 'S045': 'custom/typescript_s045',
154
- 'S046': 'custom/typescript_s046',
155
- 'S048': 'custom/typescript_s048',
156
- 'S050': 'custom/typescript_s050',
157
- 'S052': 'custom/typescript_s052',
158
- 'S054': 'custom/typescript_s054',
159
- 'S057': 'custom/typescript_s057',
160
- 'S058': 'custom/typescript_s058'
161
- };
162
-
163
- return rules
164
- .filter(rule => ruleMapping[rule.id])
165
- .map(rule => ruleMapping[rule.id]);
166
- }
167
-
168
- /**
169
- * Command: Build ESLint command
170
- */
171
- buildESLintCommand(eslintRules, options) {
172
- const parts = [
173
- 'npx eslint',
174
- `--config ${this.eslintConfigPath}`,
175
- '--format json',
176
- `"${options.input}"`
177
- ];
178
-
179
- // Add specific rules if provided
180
- if (eslintRules.length > 0) {
181
- const rulesFlag = eslintRules.map(rule => `${rule}:error`).join(' ');
182
- parts.push(`--rule "${rulesFlag}"`);
183
- }
184
-
185
- // Add file extensions
186
- parts.push('--ext .ts,.tsx,.js,.jsx');
187
-
188
- return parts.join(' ');
189
- }
190
-
191
- /**
192
- * Query: Parse ESLint JSON output to SunLint format
193
- */
194
- parseESLintOutput(output, options) {
195
- try {
196
- const eslintResults = JSON.parse(output);
197
-
198
- const results = {
199
- results: [],
200
- filesAnalyzed: eslintResults.length,
201
- engine: 'eslint'
202
- };
203
-
204
- eslintResults.forEach(file => {
205
- if (file.messages.length > 0) {
206
- const violations = file.messages.map(msg => ({
207
- ruleId: this.mapESLintRuleToSunLint(msg.ruleId),
208
- severity: this.mapESLintSeverity(msg.severity),
209
- message: msg.message,
210
- line: msg.line,
211
- column: msg.column,
212
- file: file.filePath
213
- }));
214
-
215
- results.results.push({
216
- file: file.filePath,
217
- violations: violations
218
- });
219
- }
220
- });
221
-
222
- return results;
223
- } catch (error) {
224
- throw new Error(`Failed to parse ESLint output: ${error.message}`);
225
- }
226
- }
227
-
228
- /**
229
- * Query: Map ESLint rule ID back to SunLint rule ID
230
- */
231
- mapESLintRuleToSunLint(eslintRuleId) {
232
- const reverseMapping = {
233
- // Quality rules (C-rules)
234
- 'custom/c002': 'C002',
235
- 'custom/c003': 'C003',
236
- 'custom/c006': 'C006',
237
- 'custom/c010': 'C010',
238
- 'custom/c013': 'C013',
239
- 'custom/c014': 'C014',
240
- 'custom/c017': 'C017',
241
- 'custom/c018': 'C018',
242
- 'custom/c023': 'C023',
243
- 'custom/c027': 'C027',
244
- 'custom/c029': 'C029',
245
- 'custom/c030': 'C030',
246
- 'custom/c034': 'C034',
247
- 'custom/c035': 'C035',
248
- 'custom/c041': 'C041',
249
- 'custom/c042': 'C042',
250
- 'custom/c043': 'C043',
251
- 'custom/c047': 'C047',
252
- 'custom/c048': 'C048',
253
-
254
- // Security rules (S-rules)
255
- 'custom/typescript_s005': 'S005',
256
- 'custom/typescript_s006': 'S006',
257
- 'custom/typescript_s008': 'S008',
258
- 'custom/typescript_s009': 'S009',
259
- 'custom/typescript_s010': 'S010',
260
- 'custom/typescript_s011': 'S011',
261
- 'custom/typescript_s012': 'S012',
262
- 'custom/typescript_s014': 'S014',
263
- 'custom/typescript_s015': 'S015',
264
- 'custom/typescript_s016': 'S016',
265
- 'custom/typescript_s017': 'S017',
266
- 'custom/typescript_s018': 'S018',
267
- 'custom/typescript_s019': 'S019',
268
- 'custom/typescript_s020': 'S020',
269
- 'custom/typescript_s022': 'S022',
270
- 'custom/typescript_s023': 'S023',
271
- 'custom/typescript_s025': 'S025',
272
- 'custom/typescript_s026': 'S026',
273
- 'custom/typescript_s027': 'S027',
274
- 'custom/typescript_s029': 'S029',
275
- 'custom/typescript_s030': 'S030',
276
- 'custom/typescript_s033': 'S033',
277
- 'custom/typescript_s034': 'S034',
278
- 'custom/typescript_s035': 'S035',
279
- 'custom/typescript_s036': 'S036',
280
- 'custom/typescript_s037': 'S037',
281
- 'custom/typescript_s038': 'S038',
282
- 'custom/typescript_s039': 'S039',
283
- 'custom/typescript_s041': 'S041',
284
- 'custom/typescript_s042': 'S042',
285
- 'custom/typescript_s043': 'S043',
286
- 'custom/typescript_s044': 'S044',
287
- 'custom/typescript_s045': 'S045',
288
- 'custom/typescript_s046': 'S046',
289
- 'custom/typescript_s048': 'S048',
290
- 'custom/typescript_s050': 'S050',
291
- 'custom/typescript_s052': 'S052',
292
- 'custom/typescript_s054': 'S054',
293
- 'custom/typescript_s057': 'S057',
294
- 'custom/typescript_s058': 'S058'
295
- };
296
-
297
- return reverseMapping[eslintRuleId] || eslintRuleId;
298
- }
299
-
300
- /**
301
- * Query: Map ESLint severity to SunLint severity
302
- */
303
- mapESLintSeverity(eslintSeverity) {
304
- switch (eslintSeverity) {
305
- case 1: return 'warning';
306
- case 2: return 'error';
307
- default: return 'info';
308
- }
309
- }
310
- }
311
-
312
- module.exports = ESLintEngineService;
@@ -1,104 +0,0 @@
1
- const path = require('path');
2
- const fs = require('fs');
3
- const chalk = require('chalk');
4
-
5
- /**
6
- * Handles ESLint instance initialization and configuration detection
7
- * Rule C005: Single responsibility - only ESLint initialization
8
- * Rule C015: Domain language - EslintInstanceManager
9
- */
10
- class EslintInstanceManager {
11
- constructor() {
12
- this.eslintInstance = null;
13
- this.isInitialized = false;
14
- this.eslintModulePath = null;
15
- }
16
-
17
- /**
18
- * Rule C006: initializeEslintInstance - verb-noun naming
19
- * Rule C032: No external API calls in constructor - initialization method
20
- */
21
- async initializeEslintInstance(eslintModulePath = null) {
22
- if (this.isInitialized) {
23
- return this.eslintInstance;
24
- }
25
-
26
- try {
27
- // Rule C014: Dependency injection from main package
28
- const { ESLint } = require('eslint');
29
-
30
- const configPath = this.resolveConfigPath(eslintModulePath);
31
-
32
- this.eslintInstance = new ESLint({
33
- overrideConfigFile: path.join(configPath, 'eslint.config.js'),
34
- cache: false,
35
- fix: false,
36
- overrideConfig: {
37
- linterOptions: {
38
- reportUnusedDisableDirectives: 'error'
39
- }
40
- }
41
- });
42
-
43
- this.isInitialized = true;
44
- this.eslintModulePath = configPath;
45
-
46
- return this.eslintInstance;
47
- } catch (error) {
48
- throw new Error(`Failed to initialize ESLint: ${error.message}`);
49
- }
50
- }
51
-
52
- /**
53
- * Rule C006: resolveConfigPath - verb-noun naming
54
- * Rule C005: Single responsibility - config path resolution
55
- */
56
- resolveConfigPath(eslintModulePath) {
57
- if (eslintModulePath) {
58
- return eslintModulePath;
59
- }
60
-
61
- // Try primary config path, fallback to eslint-integration
62
- const primaryPath = path.join(__dirname, '..', 'config', 'typescript');
63
- const fallbackPath = path.join(__dirname, '..', 'eslint-integration');
64
- const configFile = 'eslint.config.js';
65
-
66
- // Check if primary config exists
67
- if (fs.existsSync(path.join(primaryPath, configFile))) {
68
- return primaryPath;
69
- } else {
70
- // Fallback to eslint-integration
71
- console.log(chalk.yellow('⚠️ Using fallback ESLint config from eslint-integration'));
72
- return fallbackPath;
73
- }
74
- }
75
-
76
- /**
77
- * Rule C006: getEslintInstance - verb-noun naming
78
- * Rule C012: Query method - returns instance without side effects
79
- */
80
- getEslintInstance() {
81
- if (!this.isInitialized) {
82
- throw new Error('ESLint instance not initialized. Call initializeEslintInstance() first.');
83
- }
84
- return this.eslintInstance;
85
- }
86
-
87
- /**
88
- * Rule C006: getConfigPath - verb-noun naming
89
- * Rule C012: Query method
90
- */
91
- getConfigPath() {
92
- return this.eslintModulePath;
93
- }
94
-
95
- /**
96
- * Rule C006: checkInstanceReady - verb-noun naming
97
- * Rule C012: Query method
98
- */
99
- checkInstanceReady() {
100
- return this.isInitialized && this.eslintInstance !== null;
101
- }
102
- }
103
-
104
- module.exports = EslintInstanceManager;