@sun-asterisk/sunlint 1.0.7 → 1.1.4

package/integrations/eslint/configs/eslint.config.js

@@ -0,0 +1,133 @@
+// ESLint Flat Configuration for SunLint (ESLint v9+)
+// Following Rule C005: Single responsibility - ESLint configuration
+const typescriptParser = require('@typescript-eslint/parser');
+const typescriptPlugin = require('@typescript-eslint/eslint-plugin');
+const customPlugin = require('../plugin');
+
+module.exports = [
+  {
+    files: ['**/*.{js,ts,tsx,jsx}'],
+    languageOptions: {
+      parser: typescriptParser,
+      parserOptions: {
+        ecmaVersion: 2022,
+        sourceType: 'module',
+        project: './tsconfig.json'
+      },
+      globals: {
+        console: 'readonly',
+        process: 'readonly',
+        eval: 'readonly',
+        Buffer: 'readonly',
+        __dirname: 'readonly',
+        __filename: 'readonly',
+        exports: 'writable',
+        module: 'writable',
+        require: 'readonly',
+        global: 'readonly'
+      }
+    },
+    plugins: {
+      'custom': customPlugin,
+      '@typescript-eslint': typescriptPlugin
+    },
+    rules: {
+      // Rule C019: No console.error for non-critical errors
+      'no-console': ['warn', { allow: ['warn', 'log'] }],
+      
+      // Code quality rules
+      'no-unused-vars': 'warn',
+      'prefer-const': 'warn',
+      'no-var': 'error',
+      'no-undef': 'warn',
+      
+      // Rule C005: Single responsibility principle
+      'max-lines-per-function': ['warn', { max: 50 }],
+      'complexity': ['warn', { max: 10 }],
+      
+      // Rule C014: Avoid direct new instantiation patterns
+      'no-new': 'warn',
+      
+      // Security and best practices
+      'no-eval': 'error',
+      'no-implied-eval': 'error',
+      'no-new-func': 'error',
+      'eqeqeq': 'error',
+      'curly': 'error',
+      
+      // Quality rules (dynamic loading based on category)
+      'custom/c002': 'off',
+      'custom/c003': 'off',
+      'custom/c006': 'off',
+      'custom/c010': 'off',
+      'custom/c013': 'off',
+      'custom/c014': 'off',
+      'custom/c017': 'off',
+      'custom/c018': 'off',
+      'custom/c023': 'off',
+      'custom/c029': 'off',
+      'custom/c030': 'off',
+      'custom/c035': 'off',
+      'custom/c041': 'off',
+      'custom/c042': 'off',
+      'custom/c043': 'off',
+      'custom/c047': 'off',
+      'custom/c072': 'off',
+      
+      // TypeScript rules (T-series)
+      'custom/t002': 'warn',
+      'custom/t003': 'warn',
+      'custom/t004': 'warn',
+      'custom/t007': 'warn',
+      'custom/t010': 'warn',
+      'custom/t019': 'warn',
+      'custom/t020': 'warn',
+      'custom/t021': 'warn',
+      
+      // Security rules (dynamic loading based on category)
+      'custom/typescript_s003': 'off',
+      'custom/typescript_s005': 'off',
+      'custom/typescript_s006': 'off',
+      'custom/typescript_s008': 'off',
+      'custom/typescript_s009': 'off',
+      'custom/typescript_s010': 'off',
+      'custom/typescript_s011': 'off',
+      'custom/typescript_s012': 'off',
+      'custom/typescript_s014': 'off',
+      'custom/typescript_s015': 'off',
+      'custom/typescript_s016': 'off',
+      'custom/typescript_s017': 'off',
+      'custom/typescript_s018': 'off',
+      'custom/typescript_s019': 'off',
+      'custom/typescript_s020': 'off',
+      'custom/typescript_s022': 'off',
+      'custom/typescript_s023': 'off',
+      'custom/typescript_s025': 'off',
+      'custom/typescript_s026': 'off',
+      'custom/typescript_s027': 'off',
+      'custom/typescript_s029': 'off',
+      'custom/typescript_s030': 'off',
+      'custom/typescript_s033': 'off',
+      'custom/typescript_s034': 'off',
+      'custom/typescript_s035': 'off',
+      'custom/typescript_s036': 'off',
+      'custom/typescript_s037': 'off',
+      'custom/typescript_s038': 'off',
+      'custom/typescript_s039': 'off',
+      'custom/typescript_s041': 'off',
+      'custom/typescript_s042': 'off',
+      'custom/typescript_s043': 'off',
+      'custom/typescript_s044': 'off',
+      'custom/typescript_s045': 'off',
+      'custom/typescript_s046': 'off',
+      'custom/typescript_s047': 'off',
+      'custom/typescript_s048': 'off',
+      'custom/typescript_s050': 'off',
+      'custom/typescript_s052': 'off',
+      'custom/typescript_s054': 'off',
+      'custom/typescript_s055': 'off',
+      'custom/typescript_s057': 'off',
+      'custom/typescript_s058': 'off'
+    }
+  }
+];

package/integrations/eslint/configs/eslint.config.simple.js

@@ -0,0 +1,24 @@
+// Simple ESLint Flat Configuration for Testing
+module.exports = [
+  {
+    files: ['**/*.{js,mjs,cjs}'],
+    languageOptions: {
+      ecmaVersion: 2022,
+      sourceType: 'module',
+      globals: {
+        console: 'readonly',
+        process: 'readonly',
+        eval: 'readonly'
+      }
+    },
+    rules: {
+      'no-console': ['warn', { allow: ['warn', 'log'] }],
+      'no-unused-vars': 'warn',
+      'prefer-const': 'warn',
+      'no-var': 'error',
+      'no-undef': 'warn',
+      'no-eval': 'error',
+      'eqeqeq': 'error'
+    }
+  }
+];

package/integrations/eslint/package.json

@@ -0,0 +1,23 @@
+{
+  "name": "typescript",
+  "private": true,
+  "devDependencies": {
+    "@types/bun": "latest",
+    "@typescript-eslint/eslint-plugin": "^8.34.1",
+    "@typescript-eslint/parser": "^8.34.1",
+    "@typescript-eslint/utils": "^8.34.1",
+    "eslint": "^9.29.0",
+    "@eslint/eslintrc": "^3.3.1",
+    "@eslint/js": "^9.28.0",
+    "eslint-plugin-sonarjs": "^3.0.2"
+  },
+  "peerDependencies": {
+    "typescript": "^5"
+  },
+  "scripts": {
+    "lint": "eslint .",
+    "lint:ts": "eslint src/ --ext .ts,.tsx"
+  },
+  "dependencies": {
+  }
+}

package/integrations/eslint/plugin/index.js

@@ -0,0 +1,164 @@
+/**
+ * SunLint ESLint Plugin - Organized Rules Index
+ * 🔹 22 Common Rules | 🔒 49 Security Rules | 📘 13 TypeScript Rules
+ */
+
+// 🔹 Common Rules (C-series) - General coding standards
+const c002 = require("./rules/common/c002-no-duplicate-code.js");
+const c003 = require("./rules/common/c003-no-vague-abbreviations.js");
+const c006 = require("./rules/common/c006-function-name-verb-noun.js");
+const c010 = require("./rules/common/c010-limit-block-nesting.js");
+const c013 = require("./rules/common/c013-no-dead-code.js");
+const c014 = require("./rules/common/c014-abstract-dependency-preferred.js");
+const c017 = require("./rules/common/c017-limit-constructor-logic.js");
+const c018 = require("./rules/common/c018-no-generic-throw.js");
+const c023 = require("./rules/common/c023-no-duplicate-variable-name-in-scope.js");
+const c041 = require("./rules/common/c041-no-config-inline.js");
+const c029 = require("./rules/common/c029-catch-block-logging.js");
+const c030 = require("./rules/common/c030-use-custom-error-classes.js");
+const c035 = require("./rules/common/c035-no-empty-catch.js");
+const c042 = require("./rules/common/c042-boolean-name-prefix.js");
+const c043 = require("./rules/common/c043-no-console-or-print.js");
+const c047 = require("./rules/common/c047-no-duplicate-retry-logic.js");
+const c072 = require("./rules/common/c072-one-assert-per-test.js");
+const c075 = require("./rules/common/c075-explicit-function-return-types.js");
+const c076 = require("./rules/common/c076-single-behavior-per-test.js");
+
+// 📘 TypeScript Rules (T-series)
+const t002 = require("./rules/typescript/t002-interface-prefix-i.js");
+const t003 = require("./rules/typescript/t003-ts-ignore-reason.js");
+const t004 = require("./rules/typescript/t004-no-empty-type.js");
+const t007 = require("./rules/typescript/t007-no-fn-in-constructor.js");
+const t010 = require("./rules/typescript/t010-no-nested-union-tuple.js");
+const t019 = require("./rules/typescript/t019-no-this-assign.js");
+const t020 = require("./rules/typescript/t020-no-default-multi-export.js");
+const t021 = require("./rules/typescript/t021-limit-nested-generics.js");
+
+// 🔒 Security Rules (S-series)  
+const s001 = require("./rules/security/s001-fail-securely.js");
+const s002 = require("./rules/security/s002-idor-check.js");
+const s003 = require("./rules/security/s003-no-unvalidated-redirect.js");
+const s005 = require("./rules/security/s005-no-origin-auth.js");
+const s006 = require("./rules/security/s006-activation-recovery-secret-not-plaintext.js");
+const s007 = require("./rules/security/s007-no-plaintext-otp.js");
+const s008 = require("./rules/security/s008-crypto-agility.js");
+const s009 = require("./rules/security/s009-no-insecure-crypto.js");
+const s010 = require("./rules/security/s010-no-insecure-random-in-sensitive-context.js");
+const s011 = require("./rules/security/s011-no-insecure-uuid.js");
+const s012 = require("./rules/security/s012-hardcode-secret.js");
+const s013 = require("./rules/security/s013-verify-tls-connection.js");
+const s014 = require("./rules/security/s014-insecure-tls-version.js");
+const s015 = require("./rules/security/s015-insecure-tls-certificate.js");
+const s016 = require("./rules/security/s016-sensitive-query-parameter.js");
+const s017 = require("./rules/security/s017-no-sql-injection.js");
+const s018 = require("./rules/security/s018-positive-input-validation.js");
+const s019 = require("./rules/security/s019-no-raw-user-input-in-email.js");
+const s020 = require("./rules/security/s020-no-eval-dynamic-execution.js");
+const s022 = require("./rules/security/s022-output-encoding.js");
+const s023 = require("./rules/security/s023-no-json-injection.js");
+const s025 = require("./rules/security/s025-server-side-input-validation.js");
+const s026 = require("./rules/security/s026-json-schema-validation.js");
+const s027 = require("./rules/security/s027-no-hardcoded-secrets.js");
+const s029 = require("./rules/security/s029-require-csrf-protection.js");
+const s030 = require("./rules/security/s030-no-directory-browsing.js");
+const s033 = require("./rules/security/s033-require-samesite-cookie.js");
+const s034 = require("./rules/security/s034-require-host-cookie-prefix.js");
+const s035 = require("./rules/security/s035-cookie-specific-path.js");
+const s036 = require("./rules/security/s036-no-unsafe-file-include.js");
+const s037 = require("./rules/security/s037-require-anti-cache-headers.js");
+const s038 = require("./rules/security/s038-no-version-disclosure.js");
+const s039 = require("./rules/security/s039-no-session-token-in-url.js");
+const s041 = require("./rules/security/s041-require-session-invalidate-on-logout.js");
+const s042 = require("./rules/security/s042-require-periodic-reauthentication.js");
+const s043 = require("./rules/security/s043-terminate-sessions-on-password-change.js");
+const s044 = require("./rules/security/s044-require-full-session-for-sensitive-operations.js");
+const s045 = require("./rules/security/s045-anti-automation-controls.js");
+const s046 = require("./rules/security/s046-secure-notification-on-auth-change.js");
+const s047 = require("./rules/security/s047-secure-random-passwords.js");
+const s048 = require("./rules/security/s048-password-credential-recovery.js");
+const s050 = require("./rules/security/s050-session-token-weak-hash.js");
+const s052 = require("./rules/security/s052-secure-random-authentication-code.js");
+const s054 = require("./rules/security/s054-verification-default-account.js");
+const s055 = require("./rules/security/s055-verification-rest-check-the-incoming-content-type.js");
+const s057 = require("./rules/security/s057-utc-logging.js");
+const s058 = require("./rules/security/s058-no-ssrf.js");
+
+module.exports = {
+  rules: {
+    "c002": c002,
+    "c003": c003,
+    "c006": c006,
+    "c010": c010,
+    "c013": c013,
+    "c014": c014,
+    "c017": c017,
+    "c018": c018,
+    "c030": c030,
+    "c035": c035,
+    "c023": c023,
+    "c029": c029,
+    "c041": c041,
+    "c042": c042,
+    "c043": c043,
+    "c047": c047,
+    "c072": c072,
+    "c075": c075,
+    "c076": c076,
+    "t002": t002,
+    "t003": t003,
+    "t004": t004,
+    "t007": t007,
+    "t010": t010,
+    "t019": t019,
+    "t020": t020,
+    "t021": t021,
+    // Security rules
+    "typescript_s001": s001,
+    "typescript_s002": s002,
+    "typescript_s003": s003,
+    "typescript_s005": s005,
+    "typescript_s006": s006,
+    "typescript_s007": s007,
+    "typescript_s008": s008,
+    "typescript_s009": s009,
+    "typescript_s010": s010,
+    "typescript_s011": s011,
+    "typescript_s012": s012,
+    "typescript_s013": s013,
+    "typescript_s014": s014,
+    "typescript_s015": s015,
+    "typescript_s016": s016,
+    "typescript_s017": s017,
+    "typescript_s018": s018,
+    "typescript_s019": s019,
+    "typescript_s020": s020,
+    "typescript_s022": s022,
+    "typescript_s023": s023,
+    "typescript_s025": s025,
+    "typescript_s026": s026,
+    "typescript_s027": s027,
+    "typescript_s029": s029,
+    "typescript_s030": s030,
+    "typescript_s033": s033,
+    "typescript_s034": s034,
+    "typescript_s035": s035,
+    "typescript_s036": s036,
+    "typescript_s037": s037,
+    "typescript_s038": s038,
+    "typescript_s039": s039,
+    "typescript_s041": s041,
+    "typescript_s042": s042,
+    "typescript_s043": s043,
+    "typescript_s044": s044,
+    "typescript_s045": s045,
+    "typescript_s046": s046,
+    "typescript_s047": s047,
+    "typescript_s048": s048,
+    "typescript_s050": s050,
+    "typescript_s052": s052,
+    "typescript_s054": s054,
+    "typescript_s055": s055,
+    "typescript_s057": s057,
+    "typescript_s058": s058
+  }
+};

package/integrations/eslint/plugin/package.json

@@ -0,0 +1,13 @@
+{
+  "name": "eslint-plugin-custom",
+  "version": "1.0.0",
+  "description": "Custom ESLint rules for Sun Lint security and quality checks",
+  "main": "index.js",
+  "type": "commonjs",
+  "engines": {
+    "node": ">=14.0.0"
+  },
+  "keywords": ["eslint", "security", "coding-standards"],
+  "author": "Sun* Engineering",
+  "license": "MIT"
+}

package/integrations/eslint/plugin/rules/common/c002-no-duplicate-code.js

@@ -0,0 +1,204 @@
+/**
+ * Custom ESLint rule for: C002 – Không để trùng lặp code > 10 dòng
+ * Rule ID: custom/c002
+ * Purpose: Detect duplicate code blocks longer than 10 lines to maintain DRY principle
+ */
+
+module.exports = {
+  meta: {
+    type: "suggestion",
+    docs: {
+      description: "Detect duplicate code blocks longer than 10 lines",
+      recommended: false
+    },
+    schema: [
+      {
+        type: "object",
+        properties: {
+          minLines: {
+            type: "number",
+            minimum: 1,
+            default: 10
+          },
+          ignoreComments: {
+            type: "boolean",
+            default: true
+          },
+          ignoreWhitespace: {
+            type: "boolean", 
+            default: true
+          }
+        },
+        additionalProperties: false
+      }
+    ],
+    messages: {
+      duplicateCode: "Duplicate code block found ({{lines}} lines). Consider extracting into a shared function or module."
+    }
+  },
+  create(context) {
+    const options = context.options[0] || {};
+    const minLines = options.minLines || 10;
+    const ignoreComments = options.ignoreComments !== false;
+    const ignoreWhitespace = options.ignoreWhitespace !== false;
+    
+    const sourceCode = context.getSourceCode();
+    const codeBlocks = new Map();
+    
+    function normalizeCode(text) {
+      let normalized = text;
+      
+      if (ignoreWhitespace) {
+        // Remove extra whitespace and normalize spacing
+        normalized = normalized
+          .replace(/\s+/g, ' ')
+          .trim();
+      }
+      
+      if (ignoreComments) {
+        // Remove single line comments
+        normalized = normalized.replace(/\/\/.*$/gm, '');
+        // Remove multi-line comments
+        normalized = normalized.replace(/\/\*[\s\S]*?\*\//g, '');
+      }
+      
+      return normalized;
+    }
+    
+    function getCodeLines(node) {
+      const startLine = node.loc.start.line;
+      const endLine = node.loc.end.line;
+      const lines = [];
+      
+      for (let i = startLine; i <= endLine; i++) {
+        const line = sourceCode.lines[i - 1];
+        if (line !== undefined) {
+          lines.push(line);
+        }
+      }
+      
+      return lines;
+    }
+    
+    function analyzeNode(node) {
+      const lines = getCodeLines(node);
+      
+      if (lines.length < minLines) {
+        return;
+      }
+      
+      const codeText = lines.join('\n');
+      const normalizedCode = normalizeCode(codeText);
+      
+      // Skip if normalized code is too short after cleaning
+      if (normalizedCode.length < 20) {
+        return;
+      }
+      
+      const codeHash = normalizedCode;
+      
+      if (codeBlocks.has(codeHash)) {
+        const existingNodes = codeBlocks.get(codeHash);
+        
+        // Report duplicate for current node
+        context.report({
+          node,
+          messageId: "duplicateCode",
+          data: {
+            lines: lines.length
+          }
+        });
+        
+        // Also report the first occurrence if not already reported
+        existingNodes.forEach(existingNode => {
+          if (!existingNode.reported) {
+            context.report({
+              node: existingNode.node,
+              messageId: "duplicateCode", 
+              data: {
+                lines: existingNode.lines
+              }
+            });
+            existingNode.reported = true;
+          }
+        });
+        
+        existingNodes.push({ node, lines: lines.length, reported: true });
+      } else {
+        codeBlocks.set(codeHash, [{ node, lines: lines.length, reported: false }]);
+      }
+    }
+    
+    return {
+      // Check function declarations
+      FunctionDeclaration(node) {
+        if (node.body) {
+          analyzeNode(node.body);
+        }
+      },
+      
+      // Check function expressions  
+      FunctionExpression(node) {
+        if (node.body) {
+          analyzeNode(node.body);
+        }
+      },
+      
+      // Check arrow functions
+      ArrowFunctionExpression(node) {
+        if (node.body && node.body.type === 'BlockStatement') {
+          analyzeNode(node.body);
+        }
+      },
+      
+      // Check method definitions
+      MethodDefinition(node) {
+        if (node.value && node.value.body) {
+          analyzeNode(node.value.body);
+        }
+      },
+      
+      // Check block statements (general code blocks)
+      BlockStatement(node) {
+        // Only analyze block statements that are not function bodies
+        const parent = node.parent;
+        if (parent && 
+            parent.type !== 'FunctionDeclaration' &&
+            parent.type !== 'FunctionExpression' &&
+            parent.type !== 'ArrowFunctionExpression' &&
+            parent.type !== 'MethodDefinition') {
+          analyzeNode(node);
+        }
+      },
+      
+      // Check if/else statements
+      IfStatement(node) {
+        if (node.consequent && node.consequent.type === 'BlockStatement') {
+          analyzeNode(node.consequent);
+        }
+        if (node.alternate && node.alternate.type === 'BlockStatement') {
+          analyzeNode(node.alternate);
+        }
+      },
+      
+      // Check loop bodies
+      ForStatement(node) {
+        if (node.body && node.body.type === 'BlockStatement') {
+          analyzeNode(node.body);
+        }
+      },
+      
+      WhileStatement(node) {
+        if (node.body && node.body.type === 'BlockStatement') {
+          analyzeNode(node.body);
+        }
+      },
+      
+      DoWhileStatement(node) {
+        if (node.body && node.body.type === 'BlockStatement') {
+          analyzeNode(node.body);
+        }
+      }
+    };
+  }
+};