@sun-asterisk/sunlint 1.3.16 → 1.3.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (50) hide show
  1. package/config/rule-analysis-strategies.js +3 -3
  2. package/config/rules/enhanced-rules-registry.json +40 -20
  3. package/core/cli-action-handler.js +2 -2
  4. package/core/config-merger.js +28 -6
  5. package/core/constants/defaults.js +1 -1
  6. package/core/file-targeting-service.js +72 -4
  7. package/core/output-service.js +21 -4
  8. package/engines/heuristic-engine.js +5 -0
  9. package/package.json +1 -1
  10. package/rules/common/C002_no_duplicate_code/README.md +115 -0
  11. package/rules/common/C002_no_duplicate_code/analyzer.js +615 -219
  12. package/rules/common/C002_no_duplicate_code/test-cases/api-handlers.ts +64 -0
  13. package/rules/common/C002_no_duplicate_code/test-cases/data-processor.ts +46 -0
  14. package/rules/common/C002_no_duplicate_code/test-cases/good-example.tsx +40 -0
  15. package/rules/common/C002_no_duplicate_code/test-cases/product-service.ts +57 -0
  16. package/rules/common/C002_no_duplicate_code/test-cases/user-service.ts +49 -0
  17. package/rules/common/C008/analyzer.js +40 -0
  18. package/rules/common/C008/config.json +20 -0
  19. package/rules/common/C008/ts-morph-analyzer.js +1067 -0
  20. package/rules/common/C018_no_throw_generic_error/analyzer.js +1 -1
  21. package/rules/common/C018_no_throw_generic_error/symbol-based-analyzer.js +27 -3
  22. package/rules/common/C024_no_scatter_hardcoded_constants/symbol-based-analyzer.js +504 -162
  23. package/rules/common/C029_catch_block_logging/analyzer.js +499 -89
  24. package/rules/common/C033_separate_service_repository/README.md +131 -20
  25. package/rules/common/C033_separate_service_repository/analyzer.js +1 -1
  26. package/rules/common/C033_separate_service_repository/symbol-based-analyzer.js +417 -274
  27. package/rules/common/C041_no_sensitive_hardcode/analyzer.js +144 -254
  28. package/rules/common/C041_no_sensitive_hardcode/config.json +50 -0
  29. package/rules/common/C041_no_sensitive_hardcode/symbol-based-analyzer.js +575 -0
  30. package/rules/common/C067_no_hardcoded_config/analyzer.js +17 -16
  31. package/rules/common/C067_no_hardcoded_config/symbol-based-analyzer.js +3477 -659
  32. package/rules/docs/C002_no_duplicate_code.md +276 -11
  33. package/rules/index.js +5 -1
  34. package/rules/security/S006_no_plaintext_recovery_codes/analyzer.js +266 -88
  35. package/rules/security/S006_no_plaintext_recovery_codes/symbol-based-analyzer.js +805 -0
  36. package/rules/security/S010_no_insecure_encryption/README.md +78 -0
  37. package/rules/security/S010_no_insecure_encryption/analyzer.js +463 -398
  38. package/rules/security/S013_tls_enforcement/README.md +51 -0
  39. package/rules/security/S013_tls_enforcement/analyzer.js +99 -0
  40. package/rules/security/S013_tls_enforcement/config.json +41 -0
  41. package/rules/security/S013_tls_enforcement/symbol-based-analyzer.js +339 -0
  42. package/rules/security/S014_tls_version_enforcement/README.md +354 -0
  43. package/rules/security/S014_tls_version_enforcement/analyzer.js +118 -0
  44. package/rules/security/S014_tls_version_enforcement/config.json +56 -0
  45. package/rules/security/S014_tls_version_enforcement/symbol-based-analyzer.js +194 -0
  46. package/rules/security/S055_content_type_validation/analyzer.js +121 -279
  47. package/rules/security/S055_content_type_validation/symbol-based-analyzer.js +346 -0
  48. package/rules/tests/C002_no_duplicate_code.test.js +111 -22
  49. package/rules/common/C029_catch_block_logging/analyzer-smart-pipeline.js +0 -755
  50. package/rules/common/C041_no_sensitive_hardcode/ast-analyzer.js +0 -296
package/rules/common/C018_no_throw_generic_error/analyzer.js CHANGED
@@ -23,7 +23,7 @@ class C018Analyzer {
23
23
  // Configuration
24
24
  this.config = {
25
25
  useSymbolBased: true, // Primary approach
26
- fallbackToRegex: true, // Only when symbol fails completely
26
+ fallbackToRegex: false, // Only when symbol fails completely
27
27
  symbolBasedOnly: false // Can be set to true for pure mode
28
28
  };
29
29
 
package/rules/common/C018_no_throw_generic_error/symbol-based-analyzer.js CHANGED
@@ -149,13 +149,37 @@ class C018SymbolBasedAnalyzer {
149
149
  const lineNumber = throwStatement.getStartLineNumber();
150
150
  const columnNumber = throwStatement.getStart() - throwStatement.getStartLinePos();
151
151
  const exp = throwStatement.getExpression();
152
+ if (!exp) return violations;
153
+
154
+ // ---------------------------
155
+ // Case: throw e (Identifier)
156
+ // ---------------------------
157
+ let current = throwStatement.getParent();
158
+ let insideInstanceofCheck = false;
159
+
160
+ // Walk up AST tree to detect if inside an if-statement using instanceof
161
+ while (current) {
162
+ if (current.getKind() === SyntaxKind.IfStatement) {
163
+ const condition = current.getExpression();
164
+ if (condition && condition.getText().includes('instanceof')) {
165
+ insideInstanceofCheck = true;
166
+ break;
167
+ }
168
+ }
169
+ current = current.getParent();
170
+ }
152
171
 
153
- if (!exp) {
154
- return violations; // No arguments to analyze;
172
+ if (insideInstanceofCheck) {
173
+ if (verbose) {
174
+ console.log(
175
+ `[C018] Skipping throw at line ${lineNumber} due to instanceof guard`
176
+ );
177
+ }
178
+ return violations; // ✅ Skip violation
155
179
  }
156
180
 
157
- // Case: throw e (identifier)
158
181
  if (exp.getKind() === SyntaxKind.Identifier) {
182
+ // Direct rethrow: throw error;
159
183
  violations.push({
160
184
  ruleId: this.ruleId,
161
185
  severity: 'error',