@sun-asterisk/sunlint 1.0.7 → 1.1.4

package/config/typescript/package.json

@@ -1,13 +0,0 @@
-{
-  "name": "sunlint-eslint-typescript",
-  "version": "1.0.0",
-  "description": "ESLint integration for SunLint TypeScript analysis",
-  "dependencies": {
-    "eslint": "^9.16.0",
-    "@typescript-eslint/parser": "^8.15.0",
-    "@typescript-eslint/eslint-plugin": "^8.15.0"
-  },
-  "devDependencies": {
-    "typescript": "^5.7.2"
-  }
-}

package/config/typescript/security-rules/index.js

@@ -1,90 +0,0 @@
-/**
- * Custom ESLint plugin: custom rules index
- * Export toàn bộ rule tự định nghĩa dùng cho plugin "custom"
- */
-
-const s005 = require("./s005-no-origin-auth.js");
-const s006 = require("./s006-activation-recovery-secret-not-plaintext.js");
-const s008 = require("./s008-crypto-agility.js");
-const s009 = require("./s009-no-insecure-crypto.js");
-const s010 = require("./s010-no-insecure-random-in-sensitive-context.js");
-const s011 = require("./s011-no-insecure-uuid.js");
-const s012 = require("./s012-hardcode-secret.js");
-const s014 = require("./s014-insecure-tls-version.js");
-const s015 = require("./s015-insecure-tls-certificate.js");
-const s016 = require("./s016-sensitive-query-parameter.js");
-const s017 = require("./s017-no-sql-injection.js");
-const s018 = require("./s018-positive-input-validation.js");
-const s019 = require("./s019-no-raw-user-input-in-email.js");
-const s020 = require("./s020-no-eval-dynamic-execution.js");
-const s022 = require("./s022-output-encoding.js");
-const s023 = require("./s023-no-json-injection.js");
-const s025 = require("./s025-server-side-input-validation.js");
-const s026 = require("./s026-json-schema-validation.js");
-const s027 = require("./s027-no-hardcoded-secrets.js");
-const s029 = require("./s029-require-csrf-protection.js");
-const s030 = require("./s030-no-directory-browsing.js");
-const s033 = require("./s033-require-samesite-cookie.js");
-const s034 = require("./s034-require-host-cookie-prefix.js");
-const s035 = require("./s035-cookie-specific-path.js");
-const s036 = require("./s036-no-unsafe-file-include.js");
-const s037 = require("./s037-require-anti-cache-headers.js");
-const s038 = require("./s038-no-version-disclosure.js");
-const s039 = require("./s039-no-session-token-in-url.js");
-const s041 = require("./s041-require-session-invalidate-on-logout.js");
-const s042 = require("./s042-require-periodic-reauthentication.js");
-const s043 = require("./s043-terminate-sessions-on-password-change.js");
-const s044 = require("./s044-require-full-session-for-sensitive-operations.js");
-const s045 = require("./s045-anti-automation-controls.js");
-const s046 = require("./s046-secure-notification-on-auth-change.js");
-const s048 = require("./s048-password-credential-recovery.js");
-const s050 = require("./s050-session-token-weak-hash.js");
-const s052 = require("./s052-secure-random-authentication-code.js");
-const s054 = require("./s054-verification-default-account.js");
-const s057 = require("./s057-utc-logging.js");
-const s058 = require("./s058-no-ssrf.js");
-
-module.exports = {
-  rules: {
-    typescript_s005: s005,
-    typescript_s006: s006,
-    typescript_s008: s008,
-    typescript_s009: s009,
-    typescript_s010: s010,
-    typescript_s011: s011,
-    typescript_s012: s012,
-    typescript_s014: s014,
-    typescript_s015: s015,
-    typescript_s016: s016,
-    typescript_s017: s017,
-    typescript_s018: s018,
-    typescript_s019: s019,
-    typescript_s020: s020,
-    typescript_s022: s022,
-    typescript_s023: s023,
-    typescript_s025: s025,
-    typescript_s026: s026,
-    typescript_s027: s027,
-    typescript_s029: s029,
-    typescript_s030: s030,
-    typescript_s033: s033,
-    typescript_s034: s034,
-    typescript_s035: s035,
-    typescript_s036: s036,
-    typescript_s037: s037,
-    typescript_s038: s038,
-    typescript_s039: s039,
-    typescript_s041: s041,
-    typescript_s042: s042,
-    typescript_s043: s043,
-    typescript_s044: s044,
-    typescript_s045: s045,
-    typescript_s046: s046,
-    typescript_s048: s048,
-    typescript_s050: s050,
-    typescript_s052: s052,
-    typescript_s054: s054,
-    typescript_s057: s057,
-    typescript_s058: s058,
-  },
-};

package/config/typescript/tsconfig.json

@@ -1,29 +0,0 @@
-{
-  "compilerOptions": {
-    "target": "ES2020",
-    "module": "commonjs",
-    "lib": ["ES2020"],
-    "allowJs": true,
-    "outDir": "./dist",
-    "rootDir": "./",
-    "strict": true,
-    "esModuleInterop": true,
-    "skipLibCheck": true,
-    "forceConsistentCasingInFileNames": true,
-    "declaration": true,
-    "declarationMap": true,
-    "sourceMap": true,
-    "resolveJsonModule": true,
-    "moduleResolution": "node"
-  },
-  "include": [
-    "**/*.ts",
-    "**/*.tsx",
-    "**/*.js",
-    "**/*.jsx"
-  ],
-  "exclude": [
-    "node_modules",
-    "dist"
-  ]
-}

package/core/ai-analyzer.js

@@ -1,169 +0,0 @@
-const fs = require('fs');
-const path = require('path');
-
-class AIAnalyzer {
-  constructor(config = {}) {
-    this.config = config;
-    this.apiKey = process.env.OPENAI_API_KEY || config.apiKey;
-    this.model = config.model || 'gpt-4o-mini';
-    this.provider = config.provider || 'openai';
-  }
-
-  async analyzeWithAI(filePath, content, ruleConfig) {
-    if (!this.apiKey) {
-      console.warn('⚠️  AI API key not found, falling back to pattern analysis');
-      return null;
-    }
-
-    try {
-      const prompt = this.buildPrompt(content, ruleConfig);
-      const response = await this.callAI(prompt);
-      return this.parseAIResponse(response, filePath);
-    } catch (error) {
-      console.error('AI Analysis failed:', error.message);
-      return null;
-    }
-  }
-
-  buildPrompt(content, ruleConfig) {
-    return `You are a code quality expert analyzing code ONLY for logging best practices.
-
-RULE: ${ruleConfig.ruleId} - ${ruleConfig.name}
-DESCRIPTION: ${ruleConfig.description}
-
-IMPORTANT: You are ONLY checking for LOG LEVEL VIOLATIONS. Do NOT analyze function naming, variable naming, or other code quality issues.
-
-ANALYZE THIS CODE FOR LOG LEVEL VIOLATIONS ONLY:
-\`\`\`
-${content}
-\`\`\`
-
-SPECIFIC CRITERIA FOR LOG LEVELS ONLY:
-1. Don't use console.error() or logger.error() for non-critical issues (should use console.warn() or console.log())
-2. Avoid generic error messages without context
-3. Error logs should be reserved for actual errors/exceptions that need immediate attention
-4. Info/debug logs should use appropriate levels
-5. Validation errors should typically use warn level, not error level
-
-FOCUS ONLY ON:
-- console.error() usage
-- logger.error() usage
-- this.logger.error() usage
-- Other error-level logging calls
-
-DO NOT CHECK:
-- Function names
-- Variable names  
-- Code structure
-- Other code quality issues
-
-RESPOND WITH JSON FORMAT:
-{
-  "violations": [
-    {
-      "line": <line_number>,
-      "column": <column_number>, 
-      "message": "<specific_logging_violation_description>",
-      "severity": "warning|error|info",
-      "code": "<code_snippet>",
-      "suggestion": "<how_to_fix_logging>"
-    }
-  ],
-  "summary": "<overall_logging_assessment>"
-}
-
-Be precise about line numbers and provide actionable suggestions for LOG LEVEL issues only.`;
-  }
-
-  async callAI(prompt) {
-    if (this.provider === 'openai') {
-      return await this.callOpenAI(prompt);
-    } else if (this.provider === 'copilot') {
-      return await this.callCopilot(prompt);
-    }
-    throw new Error(`Unsupported AI provider: ${this.provider}`);
-  }
-
-  async callOpenAI(prompt) {
-    const fetch = (await import('node-fetch')).default;
-    
-    const response = await fetch('https://api.openai.com/v1/chat/completions', {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-        'Authorization': `Bearer ${this.apiKey}`
-      },
-      body: JSON.stringify({
-        model: this.model,
-        messages: [
-          {
-            role: 'system',
-            content: 'You are an expert code analyzer specializing in logging best practices. Provide precise, actionable feedback.'
-          },
-          {
-            role: 'user', 
-            content: prompt
-          }
-        ],
-        temperature: 0.1,
-        max_tokens: 2000
-      })
-    });
-
-    if (!response.ok) {
-      throw new Error(`OpenAI API error: ${response.status} ${response.statusText}`);
-    }
-
-    const data = await response.json();
-    return data.choices[0].message.content;
-  }
-
-  async callCopilot(prompt) {
-    // TODO: Implement GitHub Copilot API integration
-    // This would require GitHub Copilot API access
-    throw new Error('GitHub Copilot API integration not yet implemented');
-  }
-
-  parseAIResponse(aiResponse, filePath) {
-    try {
-      // Extract JSON from AI response
-      const jsonMatch = aiResponse.match(/\{[\s\S]*\}/);
-      if (!jsonMatch) {
-        throw new Error('No JSON found in AI response');
-      }
-
-      const parsed = JSON.parse(jsonMatch[0]);
-      
-      return parsed.violations.map(violation => ({
-        line: violation.line,
-        column: violation.column || 1,
-        message: violation.message,
-        severity: violation.severity || 'warning',
-        ruleId: 'C019',
-        code: violation.code,
-        suggestion: violation.suggestion,
-        file: filePath,
-        source: 'ai'
-      }));
-    } catch (error) {
-      console.error('Failed to parse AI response:', error.message);
-      return [];
-    }
-  }
-
-  async testConnection() {
-    if (!this.apiKey) {
-      return { success: false, error: 'API key not configured' };
-    }
-
-    try {
-      const testPrompt = 'Respond with: {"status": "ok"}';
-      await this.callAI(testPrompt);
-      return { success: true, provider: this.provider, model: this.model };
-    } catch (error) {
-      return { success: false, error: error.message };
-    }
-  }
-}
-
-module.exports = AIAnalyzer;

package/core/eslint-engine-service.js

@@ -1,312 +0,0 @@
-/**
- * ESLint Engine Service
- * Handles ESLint integration for TypeScript analysis
- * Following Rule C005: Single responsibility - only handle ESLint execution
- * Following Rule C014: Dependency injection for configuration
- */
-
-const { execSync } = require('child_process');
-const path = require('path');
-const fs = require('fs');
-const chalk = require('chalk');
-
-class ESLintEngineService {
-  constructor() {
-    this.eslintConfigPath = path.join(__dirname, '../config/typescript/eslint.config.js');
-    this.eslintPackagePath = path.join(__dirname, '../config/typescript');
-  }
-
-  /**
-   * Query: Check if ESLint is available
-   */
-  isAvailable() {
-    try {
-      // Check if config exists
-      if (!fs.existsSync(this.eslintConfigPath)) {
-        return false;
-      }
-
-      // Check if ESLint is available
-      execSync('npx eslint --version', { 
-        stdio: 'ignore',
-        cwd: this.eslintPackagePath
-      });
-      return true;
-    } catch (error) {
-      return false;
-    }
-  }
-
-  /**
-   * Command: Ensure ESLint dependencies are installed
-   */
-  async ensureDependencies() {
-    try {
-      console.log(chalk.blue('🔧 Ensuring ESLint dependencies...'));
-      
-      const packageJsonPath = path.join(this.eslintPackagePath, 'package.json');
-      if (fs.existsSync(packageJsonPath)) {
-        execSync('npm install', { 
-          cwd: this.eslintPackagePath,
-          stdio: 'inherit'
-        });
-      }
-      
-      console.log(chalk.green('✅ ESLint dependencies ready'));
-    } catch (error) {
-      throw new Error(`Failed to ensure ESLint dependencies: ${error.message}`);
-    }
-  }
-
-  /**
-   * Command: Run ESLint analysis
-   */
-  async runAnalysis(rulesToRun, options) {
-    try {
-      // Map SunLint rules to ESLint rules
-      const eslintRules = this.mapSunLintRulesToESLint(rulesToRun);
-      
-      // Build ESLint command
-      const command = this.buildESLintCommand(eslintRules, options);
-      
-      if (options.debug) {
-        console.log(chalk.yellow('ESLint command:'), command);
-      }
-
-      // Execute ESLint
-      const output = execSync(command, { 
-        cwd: this.eslintPackagePath,
-        encoding: 'utf-8'
-      });
-
-      // Parse results
-      return this.parseESLintOutput(output, options);
-
-    } catch (error) {
-      // ESLint might exit with non-zero code when violations are found
-      if (error.stdout) {
-        return this.parseESLintOutput(error.stdout, options);
-      }
-      throw new Error(`ESLint execution failed: ${error.message}`);
-    }
-  }
-
-  /**
-   * Query: Map SunLint rule IDs to ESLint rule IDs
-   */
-  mapSunLintRulesToESLint(rules) {
-    const ruleMapping = {
-      // Quality rules (C-rules)
-      'C002': 'custom/c002',
-      'C003': 'custom/c003',
-      'C006': 'custom/c006',
-      'C010': 'custom/c010',
-      'C013': 'custom/c013',
-      'C014': 'custom/c014',
-      'C017': 'custom/c017',
-      'C018': 'custom/c018',
-      'C023': 'custom/c023',
-      'C027': 'custom/c027',
-      'C029': 'custom/c029',
-      'C030': 'custom/c030',
-      'C034': 'custom/c034',
-      'C035': 'custom/c035',
-      'C041': 'custom/c041',
-      'C042': 'custom/c042',
-      'C043': 'custom/c043',
-      'C047': 'custom/c047',
-      'C048': 'custom/c048',
-      
-      // Security rules (S-rules)
-      'S005': 'custom/typescript_s005',
-      'S006': 'custom/typescript_s006',
-      'S008': 'custom/typescript_s008',
-      'S009': 'custom/typescript_s009',
-      'S010': 'custom/typescript_s010',
-      'S011': 'custom/typescript_s011',
-      'S012': 'custom/typescript_s012',
-      'S014': 'custom/typescript_s014',
-      'S015': 'custom/typescript_s015',
-      'S016': 'custom/typescript_s016',
-      'S017': 'custom/typescript_s017',
-      'S018': 'custom/typescript_s018',
-      'S019': 'custom/typescript_s019',
-      'S020': 'custom/typescript_s020',
-      'S022': 'custom/typescript_s022',
-      'S023': 'custom/typescript_s023',
-      'S025': 'custom/typescript_s025',
-      'S026': 'custom/typescript_s026',
-      'S027': 'custom/typescript_s027',
-      'S029': 'custom/typescript_s029',
-      'S030': 'custom/typescript_s030',
-      'S033': 'custom/typescript_s033',
-      'S034': 'custom/typescript_s034',
-      'S035': 'custom/typescript_s035',
-      'S036': 'custom/typescript_s036',
-      'S037': 'custom/typescript_s037',
-      'S038': 'custom/typescript_s038',
-      'S039': 'custom/typescript_s039',
-      'S041': 'custom/typescript_s041',
-      'S042': 'custom/typescript_s042',
-      'S043': 'custom/typescript_s043',
-      'S044': 'custom/typescript_s044',
-      'S045': 'custom/typescript_s045',
-      'S046': 'custom/typescript_s046',
-      'S048': 'custom/typescript_s048',
-      'S050': 'custom/typescript_s050',
-      'S052': 'custom/typescript_s052',
-      'S054': 'custom/typescript_s054',
-      'S057': 'custom/typescript_s057',
-      'S058': 'custom/typescript_s058'
-    };
-
-    return rules
-      .filter(rule => ruleMapping[rule.id])
-      .map(rule => ruleMapping[rule.id]);
-  }
-
-  /**
-   * Command: Build ESLint command
-   */
-  buildESLintCommand(eslintRules, options) {
-    const parts = [
-      'npx eslint',
-      `--config ${this.eslintConfigPath}`,
-      '--format json',
-      `"${options.input}"`
-    ];
-
-    // Add specific rules if provided
-    if (eslintRules.length > 0) {
-      const rulesFlag = eslintRules.map(rule => `${rule}:error`).join(' ');
-      parts.push(`--rule "${rulesFlag}"`);
-    }
-
-    // Add file extensions
-    parts.push('--ext .ts,.tsx,.js,.jsx');
-
-    return parts.join(' ');
-  }
-
-  /**
-   * Query: Parse ESLint JSON output to SunLint format
-   */
-  parseESLintOutput(output, options) {
-    try {
-      const eslintResults = JSON.parse(output);
-      
-      const results = {
-        results: [],
-        filesAnalyzed: eslintResults.length,
-        engine: 'eslint'
-      };
-
-      eslintResults.forEach(file => {
-        if (file.messages.length > 0) {
-          const violations = file.messages.map(msg => ({
-            ruleId: this.mapESLintRuleToSunLint(msg.ruleId),
-            severity: this.mapESLintSeverity(msg.severity),
-            message: msg.message,
-            line: msg.line,
-            column: msg.column,
-            file: file.filePath
-          }));
-
-          results.results.push({
-            file: file.filePath,
-            violations: violations
-          });
-        }
-      });
-
-      return results;
-    } catch (error) {
-      throw new Error(`Failed to parse ESLint output: ${error.message}`);
-    }
-  }
-
-  /**
-   * Query: Map ESLint rule ID back to SunLint rule ID
-   */
-  mapESLintRuleToSunLint(eslintRuleId) {
-    const reverseMapping = {
-      // Quality rules (C-rules)
-      'custom/c002': 'C002',
-      'custom/c003': 'C003',
-      'custom/c006': 'C006',
-      'custom/c010': 'C010',
-      'custom/c013': 'C013',
-      'custom/c014': 'C014',
-      'custom/c017': 'C017',
-      'custom/c018': 'C018',
-      'custom/c023': 'C023',
-      'custom/c027': 'C027',
-      'custom/c029': 'C029',
-      'custom/c030': 'C030',
-      'custom/c034': 'C034',
-      'custom/c035': 'C035',
-      'custom/c041': 'C041',
-      'custom/c042': 'C042',
-      'custom/c043': 'C043',
-      'custom/c047': 'C047',
-      'custom/c048': 'C048',
-      
-      // Security rules (S-rules)
-      'custom/typescript_s005': 'S005',
-      'custom/typescript_s006': 'S006',
-      'custom/typescript_s008': 'S008',
-      'custom/typescript_s009': 'S009',
-      'custom/typescript_s010': 'S010',
-      'custom/typescript_s011': 'S011',
-      'custom/typescript_s012': 'S012',
-      'custom/typescript_s014': 'S014',
-      'custom/typescript_s015': 'S015',
-      'custom/typescript_s016': 'S016',
-      'custom/typescript_s017': 'S017',
-      'custom/typescript_s018': 'S018',
-      'custom/typescript_s019': 'S019',
-      'custom/typescript_s020': 'S020',
-      'custom/typescript_s022': 'S022',
-      'custom/typescript_s023': 'S023',
-      'custom/typescript_s025': 'S025',
-      'custom/typescript_s026': 'S026',
-      'custom/typescript_s027': 'S027',
-      'custom/typescript_s029': 'S029',
-      'custom/typescript_s030': 'S030',
-      'custom/typescript_s033': 'S033',
-      'custom/typescript_s034': 'S034',
-      'custom/typescript_s035': 'S035',
-      'custom/typescript_s036': 'S036',
-      'custom/typescript_s037': 'S037',
-      'custom/typescript_s038': 'S038',
-      'custom/typescript_s039': 'S039',
-      'custom/typescript_s041': 'S041',
-      'custom/typescript_s042': 'S042',
-      'custom/typescript_s043': 'S043',
-      'custom/typescript_s044': 'S044',
-      'custom/typescript_s045': 'S045',
-      'custom/typescript_s046': 'S046',
-      'custom/typescript_s048': 'S048',
-      'custom/typescript_s050': 'S050',
-      'custom/typescript_s052': 'S052',
-      'custom/typescript_s054': 'S054',
-      'custom/typescript_s057': 'S057',
-      'custom/typescript_s058': 'S058'
-    };
-
-    return reverseMapping[eslintRuleId] || eslintRuleId;
-  }
-
-  /**
-   * Query: Map ESLint severity to SunLint severity
-   */
-  mapESLintSeverity(eslintSeverity) {
-    switch (eslintSeverity) {
-      case 1: return 'warning';
-      case 2: return 'error';
-      default: return 'info';
-    }
-  }
-}
-
-module.exports = ESLintEngineService;