@sun-asterisk/sunlint 1.3.33 → 1.3.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (535) hide show
  1. package/config/released-rules.json +62 -0
  2. package/config/rules/enhanced-rules-registry.json +2315 -1354
  3. package/core/adapters/dart-analyzer.js +658 -0
  4. package/core/adapters/index.js +102 -0
  5. package/core/adapters/sunlint-rule-adapter.js +0 -2
  6. package/core/adapters/typescript-analyzer.js +277 -0
  7. package/core/analysis-orchestrator.js +168 -40
  8. package/core/architecture-integration.js +16 -7
  9. package/core/auto-performance-manager.js +1 -1
  10. package/core/cli-action-handler.js +98 -21
  11. package/core/cli-program.js +96 -138
  12. package/core/config-merger.js +24 -14
  13. package/core/constants/defaults.js +1 -2
  14. package/core/file-targeting-service.js +62 -4
  15. package/core/git-utils.js +19 -12
  16. package/core/github-annotate-service.js +456 -89
  17. package/core/github-step-summary-generator.js +8 -8
  18. package/core/html-report-generator.js +326 -731
  19. package/core/impact-integration.js +433 -0
  20. package/core/interfaces/language-analyzer.interface.js +393 -0
  21. package/core/output-service.js +308 -35
  22. package/core/rule-selection-service.js +77 -27
  23. package/core/scoring-service.js +3 -2
  24. package/core/semantic-engine-manager.js +375 -0
  25. package/core/semantic-engine.js +4 -57
  26. package/core/unified-rule-registry.js +52 -11
  27. package/docs/DART_RULE_EXECUTION_FLOW.md +745 -0
  28. package/docs/DART_SUPPORT_IMPLEMENTATION.md +245 -0
  29. package/docs/SUNLINT_ARCHITECTURE.md +692 -0
  30. package/docs/skills/CREATE_DART_RULE.md +909 -0
  31. package/engines/arch-detect/core/analyzer.js +413 -0
  32. package/engines/arch-detect/core/index.js +22 -0
  33. package/engines/arch-detect/engine/hybrid-detector.js +176 -0
  34. package/engines/arch-detect/engine/index.js +24 -0
  35. package/engines/arch-detect/engine/rule-executor.js +228 -0
  36. package/engines/arch-detect/engine/score-calculator.js +214 -0
  37. package/engines/arch-detect/engine/violation-detector.js +616 -0
  38. package/engines/arch-detect/index.js +50 -0
  39. package/engines/arch-detect/rules/base-rule.js +187 -0
  40. package/engines/arch-detect/rules/index.js +35 -0
  41. package/engines/arch-detect/rules/layered/index.js +28 -0
  42. package/engines/arch-detect/rules/layered/l001-presentation-layer.js +237 -0
  43. package/engines/arch-detect/rules/layered/l002-business-layer.js +215 -0
  44. package/engines/arch-detect/rules/layered/l003-data-layer.js +229 -0
  45. package/engines/arch-detect/rules/layered/l004-model-layer.js +204 -0
  46. package/engines/arch-detect/rules/layered/l005-layer-separation.js +215 -0
  47. package/engines/arch-detect/rules/layered/l006-dependency-direction.js +221 -0
  48. package/engines/arch-detect/rules/layered/layered-rules-collection.js +445 -0
  49. package/engines/arch-detect/rules/modular/index.js +27 -0
  50. package/engines/arch-detect/rules/modular/m001-feature-modules.js +238 -0
  51. package/engines/arch-detect/rules/modular/m002-core-module.js +169 -0
  52. package/engines/arch-detect/rules/modular/m003-module-declaration.js +186 -0
  53. package/engines/arch-detect/rules/modular/m004-public-api.js +171 -0
  54. package/engines/arch-detect/rules/modular/m005-no-deep-imports.js +220 -0
  55. package/engines/arch-detect/rules/modular/modular-rules-collection.js +357 -0
  56. package/engines/arch-detect/rules/presentation/index.js +27 -0
  57. package/engines/arch-detect/rules/presentation/pr001-view-layer.js +221 -0
  58. package/engines/arch-detect/rules/presentation/pr002-presentation-logic.js +192 -0
  59. package/engines/arch-detect/rules/presentation/pr004-data-binding.js +187 -0
  60. package/engines/arch-detect/rules/presentation/pr006-router-layer.js +185 -0
  61. package/engines/arch-detect/rules/presentation/pr007-interactor-layer.js +181 -0
  62. package/engines/arch-detect/rules/presentation/presentation-rules-collection.js +507 -0
  63. package/engines/arch-detect/rules/project-scanner/index.js +31 -0
  64. package/engines/arch-detect/rules/project-scanner/ps001-project-root.js +213 -0
  65. package/engines/arch-detect/rules/project-scanner/ps002-language-detection.js +192 -0
  66. package/engines/arch-detect/rules/project-scanner/ps003-framework-detection.js +339 -0
  67. package/engines/arch-detect/rules/project-scanner/ps004-build-system.js +171 -0
  68. package/engines/arch-detect/rules/project-scanner/ps005-source-directory.js +163 -0
  69. package/engines/arch-detect/rules/project-scanner/ps006-test-directory.js +184 -0
  70. package/engines/arch-detect/rules/project-scanner/ps007-documentation.js +149 -0
  71. package/engines/arch-detect/rules/project-scanner/ps008-cicd-detection.js +163 -0
  72. package/engines/arch-detect/rules/project-scanner/ps009-code-quality.js +152 -0
  73. package/engines/arch-detect/rules/project-scanner/ps010-statistics.js +180 -0
  74. package/engines/arch-detect/rules/rule-registry.js +111 -0
  75. package/engines/arch-detect/types/context.types.js +60 -0
  76. package/engines/arch-detect/types/enums.js +161 -0
  77. package/engines/arch-detect/types/index.js +25 -0
  78. package/engines/arch-detect/types/result.types.js +7 -0
  79. package/engines/arch-detect/types/rule.types.js +7 -0
  80. package/engines/arch-detect/utils/file-scanner.js +411 -0
  81. package/engines/arch-detect/utils/index.js +23 -0
  82. package/engines/arch-detect/utils/pattern-matcher.js +328 -0
  83. package/engines/eslint-engine.js +2 -8
  84. package/engines/heuristic-engine.js +234 -38
  85. package/engines/impact/cli.js +106 -0
  86. package/engines/impact/config/default-config.js +54 -0
  87. package/engines/impact/core/change-detector.js +258 -0
  88. package/engines/impact/core/detectors/database-detector.js +1317 -0
  89. package/engines/impact/core/detectors/endpoint-detector.js +55 -0
  90. package/engines/impact/core/impact-analyzer.js +124 -0
  91. package/engines/impact/core/report-generator.js +462 -0
  92. package/engines/impact/core/utils/ast-parser.js +241 -0
  93. package/engines/impact/core/utils/dependency-graph.js +159 -0
  94. package/engines/impact/core/utils/file-utils.js +116 -0
  95. package/engines/impact/core/utils/git-utils.js +203 -0
  96. package/engines/impact/core/utils/logger.js +13 -0
  97. package/engines/impact/core/utils/method-call-graph.js +1192 -0
  98. package/engines/impact/index.js +135 -0
  99. package/engines/impact/package.json +29 -0
  100. package/package.json +18 -43
  101. package/rules/common/C002_no_duplicate_code/config.json +12 -20
  102. package/rules/common/C002_no_duplicate_code/dart/analyzer.js +53 -0
  103. package/rules/common/C002_no_duplicate_code/index.js +93 -0
  104. package/rules/common/C003_no_vague_abbreviations/config.json +1 -1
  105. package/rules/common/C003_no_vague_abbreviations/dart/analyzer.js +54 -0
  106. package/rules/common/C003_no_vague_abbreviations/index.js +93 -0
  107. package/rules/common/C006_function_naming/dart/analyzer.js +40 -0
  108. package/rules/common/C006_function_naming/index.js +86 -0
  109. package/rules/common/C008_variable_declaration_locality/dart/analyzer.js +32 -0
  110. package/rules/common/C008_variable_declaration_locality/index.js +86 -0
  111. package/rules/common/C010_limit_block_nesting/dart/analyzer.js +32 -0
  112. package/rules/common/C010_limit_block_nesting/index.js +86 -0
  113. package/rules/common/C012_command_query_separation/config.json +61 -0
  114. package/rules/common/C012_command_query_separation/dart/analyzer.js +32 -0
  115. package/rules/common/C012_command_query_separation/index.js +86 -0
  116. package/rules/common/C013_no_dead_code/dart/analyzer.js +32 -0
  117. package/rules/common/C013_no_dead_code/index.js +86 -0
  118. package/rules/common/C014_dependency_injection/dart/analyzer.js +32 -0
  119. package/rules/common/C014_dependency_injection/index.js +86 -0
  120. package/rules/common/C017_constructor_logic/dart/analyzer.js +32 -0
  121. package/rules/common/C017_constructor_logic/index.js +86 -0
  122. package/rules/common/C018_no_throw_generic_error/dart/analyzer.js +32 -0
  123. package/rules/common/C018_no_throw_generic_error/index.js +86 -0
  124. package/rules/common/C019_log_level_usage/dart/analyzer.js +32 -0
  125. package/rules/common/C019_log_level_usage/index.js +86 -0
  126. package/rules/common/C019_log_level_usage/{ts-morph-analyzer.js → typescript/ts-morph-analyzer.js} +0 -1
  127. package/rules/common/C020_unused_imports/dart/analyzer.js +32 -0
  128. package/rules/common/C020_unused_imports/index.js +86 -0
  129. package/rules/common/C020_unused_imports/{ts-morph-analyzer.js → typescript/ts-morph-analyzer.js} +0 -1
  130. package/rules/common/C021_import_organization/config.json +29 -9
  131. package/rules/common/C021_import_organization/dart/analyzer.js +40 -0
  132. package/rules/common/C021_import_organization/index.js +83 -0
  133. package/rules/common/C021_import_organization/{ts-morph-analyzer.js → typescript/ts-morph-analyzer.js} +0 -1
  134. package/rules/common/C023_no_duplicate_variable/config.json +7 -2
  135. package/rules/common/C023_no_duplicate_variable/dart/analyzer.js +40 -0
  136. package/rules/common/C023_no_duplicate_variable/index.js +83 -0
  137. package/rules/common/C024_no_scatter_hardcoded_constants/config.json +7 -2
  138. package/rules/common/C024_no_scatter_hardcoded_constants/dart/analyzer.js +40 -0
  139. package/rules/common/C024_no_scatter_hardcoded_constants/index.js +83 -0
  140. package/rules/common/C024_no_scatter_hardcoded_constants/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -1
  141. package/rules/common/C029_catch_block_logging/config.json +15 -5
  142. package/rules/common/C029_catch_block_logging/dart/analyzer.js +40 -0
  143. package/rules/common/C029_catch_block_logging/index.js +83 -0
  144. package/rules/common/C030_use_custom_error_classes/config.json +28 -0
  145. package/rules/common/C030_use_custom_error_classes/dart/analyzer.js +40 -0
  146. package/rules/common/C030_use_custom_error_classes/index.js +83 -0
  147. package/rules/common/C031_validation_separation/config.json +28 -0
  148. package/rules/common/C031_validation_separation/dart/analyzer.js +40 -0
  149. package/rules/common/C031_validation_separation/index.js +83 -0
  150. package/rules/common/C033_separate_service_repository/config.json +8 -3
  151. package/rules/common/C033_separate_service_repository/dart/analyzer.js +40 -0
  152. package/rules/common/C033_separate_service_repository/index.js +83 -0
  153. package/rules/common/C035_error_logging_context/config.json +34 -12
  154. package/rules/common/C035_error_logging_context/dart/analyzer.js +40 -0
  155. package/rules/common/C035_error_logging_context/index.js +83 -0
  156. package/rules/common/C040_centralized_validation/config.json +37 -8
  157. package/rules/common/C040_centralized_validation/dart/analyzer.js +40 -0
  158. package/rules/common/C040_centralized_validation/index.js +83 -0
  159. package/rules/common/C041_no_sensitive_hardcode/config.json +7 -2
  160. package/rules/common/C041_no_sensitive_hardcode/dart/analyzer.js +40 -0
  161. package/rules/common/C041_no_sensitive_hardcode/index.js +83 -0
  162. package/rules/common/C042_boolean_name_prefix/config.json +28 -0
  163. package/rules/common/C042_boolean_name_prefix/dart/analyzer.js +40 -0
  164. package/rules/common/C042_boolean_name_prefix/index.js +83 -0
  165. package/rules/common/C043_no_console_or_print/config.json +28 -0
  166. package/rules/common/C043_no_console_or_print/dart/analyzer.js +40 -0
  167. package/rules/common/C043_no_console_or_print/index.js +83 -0
  168. package/rules/common/C047_no_duplicate_retry_logic/config.json +28 -0
  169. package/rules/common/C047_no_duplicate_retry_logic/dart/analyzer.js +40 -0
  170. package/rules/common/C047_no_duplicate_retry_logic/index.js +83 -0
  171. package/rules/common/C048_no_bypass_architectural_layers/config.json +7 -2
  172. package/rules/common/C048_no_bypass_architectural_layers/dart/analyzer.js +40 -0
  173. package/rules/common/C048_no_bypass_architectural_layers/index.js +83 -0
  174. package/rules/common/C052_parsing_or_data_transformation/config.json +7 -2
  175. package/rules/common/C052_parsing_or_data_transformation/dart/analyzer.js +40 -0
  176. package/rules/common/C052_parsing_or_data_transformation/index.js +83 -0
  177. package/rules/common/C060_no_override_superclass/config.json +7 -2
  178. package/rules/common/C060_no_override_superclass/dart/analyzer.js +40 -0
  179. package/rules/common/C060_no_override_superclass/index.js +83 -0
  180. package/rules/common/C065_one_behavior_per_test/config.json +187 -28
  181. package/rules/common/C065_one_behavior_per_test/dart/analyzer.js +40 -0
  182. package/rules/common/C065_one_behavior_per_test/index.js +83 -0
  183. package/rules/common/C067_no_hardcoded_config/config.json +18 -4
  184. package/rules/common/C067_no_hardcoded_config/dart/analyzer.js +40 -0
  185. package/rules/common/C067_no_hardcoded_config/index.js +83 -0
  186. package/rules/common/C070_no_real_time_tests/config.json +41 -12
  187. package/rules/common/C070_no_real_time_tests/dart/analyzer.js +40 -0
  188. package/rules/common/C070_no_real_time_tests/index.js +83 -0
  189. package/rules/common/C072_single_test_behavior/config.json +28 -0
  190. package/rules/common/C072_single_test_behavior/dart/analyzer.js +40 -0
  191. package/rules/common/C072_single_test_behavior/index.js +83 -0
  192. package/rules/common/C073_validate_required_config_on_startup/config.json +93 -18
  193. package/rules/common/C073_validate_required_config_on_startup/dart/analyzer.js +40 -0
  194. package/rules/common/C073_validate_required_config_on_startup/index.js +83 -0
  195. package/rules/common/C073_validate_required_config_on_startup/{analyzer.js → typescript/analyzer.js} +0 -1
  196. package/rules/common/C075_explicit_return_types/config.json +28 -0
  197. package/rules/common/C075_explicit_return_types/dart/analyzer.js +40 -0
  198. package/rules/common/C075_explicit_return_types/index.js +83 -0
  199. package/rules/common/C076_explicit_function_types/config.json +18 -4
  200. package/rules/common/C076_explicit_function_types/dart/analyzer.js +40 -0
  201. package/rules/common/C076_explicit_function_types/index.js +83 -0
  202. package/rules/index.js +26 -6
  203. package/rules/security/S003_open_redirect_protection/config.json +11 -53
  204. package/rules/security/S003_open_redirect_protection/dart/analyzer.js +43 -0
  205. package/rules/security/S003_open_redirect_protection/index.js +94 -0
  206. package/rules/security/S003_open_redirect_protection/typescript/analyzer.js +105 -0
  207. package/rules/security/S003_open_redirect_protection/{symbol-based-analyzer.js → typescript/semantic-analyzer.js} +1 -1
  208. package/rules/security/S004_sensitive_data_logging/config.json +1 -1
  209. package/rules/security/S004_sensitive_data_logging/dart/analyzer.js +58 -0
  210. package/rules/security/S004_sensitive_data_logging/index.js +93 -0
  211. package/rules/security/S005_no_origin_auth/dart/analyzer.js +30 -0
  212. package/rules/security/S005_no_origin_auth/index.js +83 -0
  213. package/rules/security/S005_no_origin_auth/{analyzer.js → typescript/analyzer.js} +1 -0
  214. package/rules/security/S006_no_plaintext_recovery_codes/dart/analyzer.js +30 -0
  215. package/rules/security/S006_no_plaintext_recovery_codes/index.js +83 -0
  216. package/rules/security/S007_no_plaintext_otp/dart/analyzer.js +30 -0
  217. package/rules/security/S007_no_plaintext_otp/index.js +83 -0
  218. package/rules/security/S009_no_insecure_encryption/dart/analyzer.js +30 -0
  219. package/rules/security/S009_no_insecure_encryption/index.js +83 -0
  220. package/rules/security/S010_no_insecure_encryption/dart/analyzer.js +30 -0
  221. package/rules/security/S010_no_insecure_encryption/index.js +83 -0
  222. package/rules/security/S011_secure_guid_generation/dart/analyzer.js +30 -0
  223. package/rules/security/S011_secure_guid_generation/index.js +83 -0
  224. package/rules/security/S012_hardcoded_secrets/dart/analyzer.js +30 -0
  225. package/rules/security/S012_hardcoded_secrets/index.js +83 -0
  226. package/rules/security/S012_hardcoded_secrets/typescript/config.json +75 -0
  227. package/rules/security/S013_tls_enforcement/dart/analyzer.js +30 -0
  228. package/rules/security/S013_tls_enforcement/index.js +83 -0
  229. package/rules/security/S014_tls_version_enforcement/dart/analyzer.js +30 -0
  230. package/rules/security/S014_tls_version_enforcement/index.js +83 -0
  231. package/rules/security/S015_insecure_tls_certificate/config.json +41 -0
  232. package/rules/security/S015_insecure_tls_certificate/dart/analyzer.js +19 -0
  233. package/rules/security/S015_insecure_tls_certificate/index.js +83 -0
  234. package/rules/security/S016_no_sensitive_querystring/dart/analyzer.js +30 -0
  235. package/rules/security/S016_no_sensitive_querystring/index.js +83 -0
  236. package/rules/security/S017_use_parameterized_queries/dart/analyzer.js +30 -0
  237. package/rules/security/S017_use_parameterized_queries/index.js +83 -0
  238. package/rules/security/S019_smtp_injection_protection/dart/analyzer.js +30 -0
  239. package/rules/security/S019_smtp_injection_protection/index.js +83 -0
  240. package/rules/security/S020_no_eval_dynamic_code/dart/analyzer.js +30 -0
  241. package/rules/security/S020_no_eval_dynamic_code/index.js +83 -0
  242. package/rules/security/S022_escape_output_context/dart/analyzer.js +30 -0
  243. package/rules/security/S022_escape_output_context/index.js +83 -0
  244. package/rules/security/S023_no_json_injection/dart/analyzer.js +30 -0
  245. package/rules/security/S023_no_json_injection/index.js +83 -0
  246. package/rules/security/S024_xpath_xxe_protection/dart/analyzer.js +30 -0
  247. package/rules/security/S024_xpath_xxe_protection/index.js +83 -0
  248. package/rules/security/S025_server_side_validation/dart/analyzer.js +30 -0
  249. package/rules/security/S025_server_side_validation/index.js +83 -0
  250. package/rules/security/S026_json_schema_validation/dart/analyzer.js +30 -0
  251. package/rules/security/S026_json_schema_validation/index.js +83 -0
  252. package/rules/security/S027_no_hardcoded_secrets/dart/analyzer.js +30 -0
  253. package/rules/security/S027_no_hardcoded_secrets/index.js +83 -0
  254. package/rules/security/S028_file_upload_size_limits/dart/analyzer.js +30 -0
  255. package/rules/security/S028_file_upload_size_limits/index.js +83 -0
  256. package/rules/security/S029_csrf_protection/dart/analyzer.js +30 -0
  257. package/rules/security/S029_csrf_protection/index.js +83 -0
  258. package/rules/security/S030_directory_browsing_protection/dart/analyzer.js +30 -0
  259. package/rules/security/S030_directory_browsing_protection/index.js +83 -0
  260. package/rules/security/S031_secure_session_cookies/dart/analyzer.js +30 -0
  261. package/rules/security/S031_secure_session_cookies/index.js +83 -0
  262. package/rules/security/S032_httponly_session_cookies/dart/analyzer.js +30 -0
  263. package/rules/security/S032_httponly_session_cookies/index.js +83 -0
  264. package/rules/security/S033_samesite_session_cookies/dart/analyzer.js +30 -0
  265. package/rules/security/S033_samesite_session_cookies/index.js +83 -0
  266. package/rules/security/S034_host_prefix_session_cookies/dart/analyzer.js +30 -0
  267. package/rules/security/S034_host_prefix_session_cookies/index.js +83 -0
  268. package/rules/security/S035_path_session_cookies/dart/analyzer.js +30 -0
  269. package/rules/security/S035_path_session_cookies/index.js +83 -0
  270. package/rules/security/S036_lfi_rfi_protection/dart/analyzer.js +30 -0
  271. package/rules/security/S036_lfi_rfi_protection/index.js +83 -0
  272. package/rules/security/S037_cache_headers/dart/analyzer.js +30 -0
  273. package/rules/security/S037_cache_headers/index.js +83 -0
  274. package/rules/security/S038_no_version_headers/dart/analyzer.js +30 -0
  275. package/rules/security/S038_no_version_headers/index.js +83 -0
  276. package/rules/security/S039_no_session_tokens_in_url/dart/analyzer.js +30 -0
  277. package/rules/security/S039_no_session_tokens_in_url/index.js +83 -0
  278. package/rules/security/S040_session_fixation_protection/dart/analyzer.js +30 -0
  279. package/rules/security/S040_session_fixation_protection/index.js +83 -0
  280. package/rules/security/S041_session_token_invalidation/dart/analyzer.js +30 -0
  281. package/rules/security/S041_session_token_invalidation/index.js +83 -0
  282. package/rules/security/S042_require_re_authentication_for_long_lived/dart/analyzer.js +30 -0
  283. package/rules/security/S042_require_re_authentication_for_long_lived/index.js +83 -0
  284. package/rules/security/S043_password_changes_invalidate_all_sessions/dart/analyzer.js +30 -0
  285. package/rules/security/S043_password_changes_invalidate_all_sessions/index.js +83 -0
  286. package/rules/security/S044_re_authentication_required/dart/analyzer.js +30 -0
  287. package/rules/security/S044_re_authentication_required/index.js +83 -0
  288. package/rules/security/S045_brute_force_protection/dart/analyzer.js +30 -0
  289. package/rules/security/S045_brute_force_protection/index.js +83 -0
  290. package/rules/security/S048_no_current_password_in_reset/dart/analyzer.js +30 -0
  291. package/rules/security/S048_no_current_password_in_reset/index.js +83 -0
  292. package/rules/security/S049_short_validity_tokens/dart/analyzer.js +30 -0
  293. package/rules/security/S049_short_validity_tokens/index.js +83 -0
  294. package/rules/security/S049_short_validity_tokens/typescript/config.json +124 -0
  295. package/rules/security/S051_password_length_policy/dart/analyzer.js +30 -0
  296. package/rules/security/S051_password_length_policy/index.js +83 -0
  297. package/rules/security/S051_password_length_policy/typescript/config.json +83 -0
  298. package/rules/security/S052_weak_otp_entropy/dart/analyzer.js +30 -0
  299. package/rules/security/S052_weak_otp_entropy/index.js +83 -0
  300. package/rules/security/S052_weak_otp_entropy/typescript/config.json +57 -0
  301. package/rules/security/S054_no_default_accounts/dart/analyzer.js +30 -0
  302. package/rules/security/S054_no_default_accounts/index.js +83 -0
  303. package/rules/security/S054_no_default_accounts/typescript/config.json +101 -0
  304. package/rules/security/S055_content_type_validation/dart/analyzer.js +30 -0
  305. package/rules/security/S055_content_type_validation/index.js +83 -0
  306. package/rules/security/S056_log_injection_protection/dart/analyzer.js +30 -0
  307. package/rules/security/S056_log_injection_protection/index.js +83 -0
  308. package/rules/security/S057_utc_logging/dart/analyzer.js +30 -0
  309. package/rules/security/S057_utc_logging/index.js +83 -0
  310. package/rules/security/S057_utc_logging/typescript/config.json +105 -0
  311. package/rules/security/S058_no_ssrf/dart/analyzer.js +30 -0
  312. package/rules/security/S058_no_ssrf/index.js +83 -0
  313. package/rules/security/S058_no_ssrf/{analyzer.js → typescript/analyzer.js} +0 -1
  314. package/rules/security/S058_no_ssrf/typescript/config.json +125 -0
  315. package/scripts/build-release.sh +12 -0
  316. package/scripts/copy-impact-analyzer.js +135 -0
  317. package/scripts/install.sh +0 -0
  318. package/scripts/manual-release.sh +0 -0
  319. package/scripts/pre-release-test.sh +0 -0
  320. package/scripts/prepare-release.sh +0 -0
  321. package/scripts/quick-performance-test.js +0 -0
  322. package/scripts/setup-github-registry.sh +0 -0
  323. package/scripts/trigger-release.sh +0 -0
  324. package/scripts/verify-install.sh +0 -0
  325. package/templates/combined-report.html +1418 -0
  326. package/rules/common/C002_no_duplicate_code/test-cases/api-handlers.ts +0 -64
  327. package/rules/common/C002_no_duplicate_code/test-cases/data-processor.ts +0 -46
  328. package/rules/common/C002_no_duplicate_code/test-cases/good-example.tsx +0 -40
  329. package/rules/common/C002_no_duplicate_code/test-cases/product-service.ts +0 -57
  330. package/rules/common/C002_no_duplicate_code/test-cases/user-service.ts +0 -49
  331. package/rules/common/C067_no_hardcoded_config/symbol-based-analyzer.js.backup +0 -3853
  332. package/rules/security/S003_open_redirect_protection/analyzer.js +0 -135
  333. /package/rules/common/C002_no_duplicate_code/{analyzer.js → typescript/analyzer.js} +0 -0
  334. /package/rules/common/C003_no_vague_abbreviations/{analyzer.js → typescript/analyzer.js} +0 -0
  335. /package/rules/common/C006_function_naming/{analyzer.js → typescript/analyzer.js} +0 -0
  336. /package/rules/common/{C008 → C008_variable_declaration_locality}/config.json +0 -0
  337. /package/rules/common/{C008 → C008_variable_declaration_locality/typescript}/analyzer.js +0 -0
  338. /package/rules/common/{C008 → C008_variable_declaration_locality/typescript}/ts-morph-analyzer.js +0 -0
  339. /package/rules/common/C010_limit_block_nesting/{analyzer.js → typescript/analyzer.js} +0 -0
  340. /package/rules/common/C010_limit_block_nesting/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  341. /package/rules/common/C010_limit_block_nesting/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  342. /package/rules/common/C012_command_query_separation/{analyzer.js → typescript/analyzer.js} +0 -0
  343. /package/rules/common/C012_command_query_separation/{ast-analyzer.js → typescript/ast-analyzer.js} +0 -0
  344. /package/rules/common/C013_no_dead_code/{analyzer.js → typescript/analyzer.js} +0 -0
  345. /package/rules/common/C013_no_dead_code/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  346. /package/rules/common/C013_no_dead_code/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  347. /package/rules/common/C014_dependency_injection/{analyzer.js → typescript/analyzer.js} +0 -0
  348. /package/rules/common/C014_dependency_injection/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  349. /package/rules/common/C017_constructor_logic/{analyzer.js → typescript/analyzer.js} +0 -0
  350. /package/rules/common/C017_constructor_logic/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  351. /package/rules/common/C018_no_throw_generic_error/{analyzer.js → typescript/analyzer.js} +0 -0
  352. /package/rules/common/C018_no_throw_generic_error/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  353. /package/rules/common/C018_no_throw_generic_error/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  354. /package/rules/common/C019_log_level_usage/{analyzer.js → typescript/analyzer.js} +0 -0
  355. /package/rules/common/C019_log_level_usage/{pattern-analyzer.js → typescript/pattern-analyzer.js} +0 -0
  356. /package/rules/common/C019_log_level_usage/{system-log-analyzer.js → typescript/system-log-analyzer.js} +0 -0
  357. /package/rules/common/C020_unused_imports/{analyzer.js → typescript/analyzer.js} +0 -0
  358. /package/rules/common/C021_import_organization/{analyzer.js → typescript/analyzer.js} +0 -0
  359. /package/rules/common/C023_no_duplicate_variable/{analyzer.js → typescript/analyzer.js} +0 -0
  360. /package/rules/common/C023_no_duplicate_variable/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  361. /package/rules/common/C024_no_scatter_hardcoded_constants/{analyzer.js → typescript/analyzer.js} +0 -0
  362. /package/rules/common/C029_catch_block_logging/{analyzer.js → typescript/analyzer.js} +0 -0
  363. /package/rules/common/C030_use_custom_error_classes/{analyzer.js → typescript/analyzer.js} +0 -0
  364. /package/rules/common/C031_validation_separation/{analyzer.js → typescript/analyzer.js} +0 -0
  365. /package/rules/common/C033_separate_service_repository/{README.md → typescript/README.md} +0 -0
  366. /package/rules/common/C033_separate_service_repository/{analyzer.js → typescript/analyzer.js} +0 -0
  367. /package/rules/common/C033_separate_service_repository/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  368. /package/rules/common/C033_separate_service_repository/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  369. /package/rules/common/C035_error_logging_context/{STRATEGY.md → typescript/STRATEGY.md} +0 -0
  370. /package/rules/common/C035_error_logging_context/{analyzer.js → typescript/analyzer.js} +0 -0
  371. /package/rules/common/C035_error_logging_context/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  372. /package/rules/common/C035_error_logging_context/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  373. /package/rules/common/C040_centralized_validation/{analyzer.js → typescript/analyzer.js} +0 -0
  374. /package/rules/common/C040_centralized_validation/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  375. /package/rules/common/C040_centralized_validation/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  376. /package/rules/common/C041_no_sensitive_hardcode/{analyzer.js → typescript/analyzer.js} +0 -0
  377. /package/rules/common/C041_no_sensitive_hardcode/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  378. /package/rules/common/C042_boolean_name_prefix/{analyzer.js → typescript/analyzer.js} +0 -0
  379. /package/rules/common/C043_no_console_or_print/{analyzer.js → typescript/analyzer.js} +0 -0
  380. /package/rules/common/C047_no_duplicate_retry_logic/{analyzer.js → typescript/analyzer.js} +0 -0
  381. /package/rules/common/C047_no_duplicate_retry_logic/{c047-semantic-rule.js → typescript/c047-semantic-rule.js} +0 -0
  382. /package/rules/common/C047_no_duplicate_retry_logic/{symbol-analyzer-enhanced.js → typescript/symbol-analyzer-enhanced.js} +0 -0
  383. /package/rules/common/C047_no_duplicate_retry_logic/{symbol-config.json → typescript/symbol-config.json} +0 -0
  384. /package/rules/common/C048_no_bypass_architectural_layers/{analyzer.js → typescript/analyzer.js} +0 -0
  385. /package/rules/common/C048_no_bypass_architectural_layers/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  386. /package/rules/common/C052_parsing_or_data_transformation/{analyzer.js → typescript/analyzer.js} +0 -0
  387. /package/rules/common/C052_parsing_or_data_transformation/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  388. /package/rules/common/C060_no_override_superclass/{analyzer.js → typescript/analyzer.js} +0 -0
  389. /package/rules/common/C060_no_override_superclass/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  390. /package/rules/common/C065_one_behavior_per_test/{analyzer.js → typescript/analyzer.js} +0 -0
  391. /package/rules/common/C067_no_hardcoded_config/{analyzer.js → typescript/analyzer.js} +0 -0
  392. /package/rules/common/C067_no_hardcoded_config/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  393. /package/rules/common/C070_no_real_time_tests/{analyzer.js → typescript/analyzer.js} +0 -0
  394. /package/rules/common/C070_no_real_time_tests/{regex-analyzer.js → typescript/regex-analyzer.js} +0 -0
  395. /package/rules/common/C072_single_test_behavior/{analyzer.js → typescript/analyzer.js} +0 -0
  396. /package/rules/common/C073_validate_required_config_on_startup/{README.md → typescript/README.md} +0 -0
  397. /package/rules/common/C073_validate_required_config_on_startup/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  398. /package/rules/common/C075_explicit_return_types/{analyzer.js → typescript/analyzer.js} +0 -0
  399. /package/rules/common/C076_explicit_function_types/{README.md → typescript/README.md} +0 -0
  400. /package/rules/common/C076_explicit_function_types/{analyzer.js → typescript/analyzer.js} +0 -0
  401. /package/rules/common/C076_explicit_function_types/{semantic-analyzer.js → typescript/semantic-analyzer.js} +0 -0
  402. /package/rules/security/S003_open_redirect_protection/{README.md → typescript/README.md} +0 -0
  403. /package/rules/security/S004_sensitive_data_logging/{analyzer.js → typescript/analyzer.js} +0 -0
  404. /package/rules/security/S004_sensitive_data_logging/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  405. /package/rules/security/S005_no_origin_auth/{README.md → typescript/README.md} +0 -0
  406. /package/rules/security/S005_no_origin_auth/{ast-analyzer.js → typescript/ast-analyzer.js} +0 -0
  407. /package/rules/security/S005_no_origin_auth/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  408. /package/rules/security/S006_no_plaintext_recovery_codes/{README.md → typescript/README.md} +0 -0
  409. /package/rules/security/S006_no_plaintext_recovery_codes/{analyzer.js → typescript/analyzer.js} +0 -0
  410. /package/rules/security/S006_no_plaintext_recovery_codes/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  411. /package/rules/security/S007_no_plaintext_otp/{README.md → typescript/README.md} +0 -0
  412. /package/rules/security/S007_no_plaintext_otp/{analyzer.js → typescript/analyzer.js} +0 -0
  413. /package/rules/security/S007_no_plaintext_otp/{semantic-analyzer.js → typescript/semantic-analyzer.js} +0 -0
  414. /package/rules/security/S007_no_plaintext_otp/{semantic-config.json → typescript/semantic-config.json} +0 -0
  415. /package/rules/security/S007_no_plaintext_otp/{semantic-wrapper.js → typescript/semantic-wrapper.js} +0 -0
  416. /package/rules/security/S009_no_insecure_encryption/{README.md → typescript/README.md} +0 -0
  417. /package/rules/security/S009_no_insecure_encryption/{analyzer.js → typescript/analyzer.js} +0 -0
  418. /package/rules/security/S010_no_insecure_encryption/{README.md → typescript/README.md} +0 -0
  419. /package/rules/security/S010_no_insecure_encryption/{analyzer.js → typescript/analyzer.js} +0 -0
  420. /package/rules/security/S011_secure_guid_generation/{README.md → typescript/README.md} +0 -0
  421. /package/rules/security/S011_secure_guid_generation/{analyzer.js → typescript/analyzer.js} +0 -0
  422. /package/rules/security/S011_secure_guid_generation/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  423. /package/rules/security/S012_hardcoded_secrets/{analyzer.js → typescript/analyzer.js} +0 -0
  424. /package/rules/security/S012_hardcoded_secrets/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  425. /package/rules/security/S013_tls_enforcement/{README.md → typescript/README.md} +0 -0
  426. /package/rules/security/S013_tls_enforcement/{analyzer.js → typescript/analyzer.js} +0 -0
  427. /package/rules/security/S013_tls_enforcement/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  428. /package/rules/security/S014_tls_version_enforcement/{README.md → typescript/README.md} +0 -0
  429. /package/rules/security/S014_tls_version_enforcement/{analyzer.js → typescript/analyzer.js} +0 -0
  430. /package/rules/security/S014_tls_version_enforcement/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  431. /package/rules/security/S015_insecure_tls_certificate/{analyzer.js → typescript/analyzer.js} +0 -0
  432. /package/rules/security/S015_insecure_tls_certificate/{ast-analyzer.js → typescript/ast-analyzer.js} +0 -0
  433. /package/rules/security/S016_no_sensitive_querystring/{analyzer.js → typescript/analyzer.js} +0 -0
  434. /package/rules/security/S016_no_sensitive_querystring/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  435. /package/rules/security/S016_no_sensitive_querystring/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  436. /package/rules/security/S017_use_parameterized_queries/{README.md → typescript/README.md} +0 -0
  437. /package/rules/security/S017_use_parameterized_queries/{analyzer.js → typescript/analyzer.js} +0 -0
  438. /package/rules/security/S017_use_parameterized_queries/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  439. /package/rules/security/S019_smtp_injection_protection/{analyzer.js → typescript/analyzer.js} +0 -0
  440. /package/rules/security/S019_smtp_injection_protection/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  441. /package/rules/security/S020_no_eval_dynamic_code/{README.md → typescript/README.md} +0 -0
  442. /package/rules/security/S020_no_eval_dynamic_code/{analyzer.js → typescript/analyzer.js} +0 -0
  443. /package/rules/security/S020_no_eval_dynamic_code/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  444. /package/rules/security/S022_escape_output_context/{README.md → typescript/README.md} +0 -0
  445. /package/rules/security/S022_escape_output_context/{analyzer.js → typescript/analyzer.js} +0 -0
  446. /package/rules/security/S023_no_json_injection/{analyzer.js → typescript/analyzer.js} +0 -0
  447. /package/rules/security/S023_no_json_injection/{ast-analyzer.js → typescript/ast-analyzer.js} +0 -0
  448. /package/rules/security/S024_xpath_xxe_protection/{analyzer.js → typescript/analyzer.js} +0 -0
  449. /package/rules/security/S024_xpath_xxe_protection/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  450. /package/rules/security/S024_xpath_xxe_protection/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  451. /package/rules/security/S025_server_side_validation/{README.md → typescript/README.md} +0 -0
  452. /package/rules/security/S025_server_side_validation/{analyzer.js → typescript/analyzer.js} +0 -0
  453. /package/rules/security/S025_server_side_validation/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  454. /package/rules/security/S025_server_side_validation/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  455. /package/rules/security/S026_json_schema_validation/{analyzer.js → typescript/analyzer.js} +0 -0
  456. /package/rules/security/S027_no_hardcoded_secrets/{analyzer.js → typescript/analyzer.js} +0 -0
  457. /package/rules/security/S027_no_hardcoded_secrets/{categories.json → typescript/categories.json} +0 -0
  458. /package/rules/security/S027_no_hardcoded_secrets/{categorized-analyzer.js → typescript/categorized-analyzer.js} +0 -0
  459. /package/rules/security/S028_file_upload_size_limits/{README.md → typescript/README.md} +0 -0
  460. /package/rules/security/S028_file_upload_size_limits/{analyzer.js → typescript/analyzer.js} +0 -0
  461. /package/rules/security/S028_file_upload_size_limits/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  462. /package/rules/security/S029_csrf_protection/{analyzer.js → typescript/analyzer.js} +0 -0
  463. /package/rules/security/S030_directory_browsing_protection/{README.md → typescript/README.md} +0 -0
  464. /package/rules/security/S030_directory_browsing_protection/{analyzer.js → typescript/analyzer.js} +0 -0
  465. /package/rules/security/S030_directory_browsing_protection/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  466. /package/rules/security/S030_directory_browsing_protection/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  467. /package/rules/security/S031_secure_session_cookies/{README.md → typescript/README.md} +0 -0
  468. /package/rules/security/S031_secure_session_cookies/{analyzer.js → typescript/analyzer.js} +0 -0
  469. /package/rules/security/S031_secure_session_cookies/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  470. /package/rules/security/S032_httponly_session_cookies/{FRAMEWORK_SUPPORT.md → typescript/FRAMEWORK_SUPPORT.md} +0 -0
  471. /package/rules/security/S032_httponly_session_cookies/{README.md → typescript/README.md} +0 -0
  472. /package/rules/security/S032_httponly_session_cookies/{analyzer.js → typescript/analyzer.js} +0 -0
  473. /package/rules/security/S032_httponly_session_cookies/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  474. /package/rules/security/S032_httponly_session_cookies/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  475. /package/rules/security/S033_samesite_session_cookies/{README.md → typescript/README.md} +0 -0
  476. /package/rules/security/S033_samesite_session_cookies/{analyzer.js → typescript/analyzer.js} +0 -0
  477. /package/rules/security/S033_samesite_session_cookies/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  478. /package/rules/security/S033_samesite_session_cookies/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  479. /package/rules/security/S034_host_prefix_session_cookies/{README.md → typescript/README.md} +0 -0
  480. /package/rules/security/S034_host_prefix_session_cookies/{analyzer.js → typescript/analyzer.js} +0 -0
  481. /package/rules/security/S034_host_prefix_session_cookies/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  482. /package/rules/security/S034_host_prefix_session_cookies/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  483. /package/rules/security/S035_path_session_cookies/{README.md → typescript/README.md} +0 -0
  484. /package/rules/security/S035_path_session_cookies/{analyzer.js → typescript/analyzer.js} +0 -0
  485. /package/rules/security/S035_path_session_cookies/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  486. /package/rules/security/S035_path_session_cookies/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  487. /package/rules/security/S036_lfi_rfi_protection/{analyzer.js → typescript/analyzer.js} +0 -0
  488. /package/rules/security/S037_cache_headers/{README.md → typescript/README.md} +0 -0
  489. /package/rules/security/S037_cache_headers/{analyzer.js → typescript/analyzer.js} +0 -0
  490. /package/rules/security/S037_cache_headers/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  491. /package/rules/security/S037_cache_headers/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  492. /package/rules/security/S038_no_version_headers/{README.md → typescript/README.md} +0 -0
  493. /package/rules/security/S038_no_version_headers/{analyzer.js → typescript/analyzer.js} +0 -0
  494. /package/rules/security/S038_no_version_headers/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  495. /package/rules/security/S038_no_version_headers/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  496. /package/rules/security/S039_no_session_tokens_in_url/{README.md → typescript/README.md} +0 -0
  497. /package/rules/security/S039_no_session_tokens_in_url/{analyzer.js → typescript/analyzer.js} +0 -0
  498. /package/rules/security/S039_no_session_tokens_in_url/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  499. /package/rules/security/S039_no_session_tokens_in_url/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  500. /package/rules/security/S040_session_fixation_protection/{analyzer.js → typescript/analyzer.js} +0 -0
  501. /package/rules/security/S041_session_token_invalidation/{README.md → typescript/README.md} +0 -0
  502. /package/rules/security/S041_session_token_invalidation/{analyzer.js → typescript/analyzer.js} +0 -0
  503. /package/rules/security/S041_session_token_invalidation/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  504. /package/rules/security/S041_session_token_invalidation/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  505. /package/rules/security/S042_require_re_authentication_for_long_lived/{README.md → typescript/README.md} +0 -0
  506. /package/rules/security/S042_require_re_authentication_for_long_lived/{analyzer.js → typescript/analyzer.js} +0 -0
  507. /package/rules/security/S042_require_re_authentication_for_long_lived/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  508. /package/rules/security/S043_password_changes_invalidate_all_sessions/{README.md → typescript/README.md} +0 -0
  509. /package/rules/security/S043_password_changes_invalidate_all_sessions/{analyzer.js → typescript/analyzer.js} +0 -0
  510. /package/rules/security/S043_password_changes_invalidate_all_sessions/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  511. /package/rules/security/S044_re_authentication_required/{README.md → typescript/README.md} +0 -0
  512. /package/rules/security/S044_re_authentication_required/{analyzer.js → typescript/analyzer.js} +0 -0
  513. /package/rules/security/S044_re_authentication_required/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  514. /package/rules/security/S044_re_authentication_required/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  515. /package/rules/security/S045_brute_force_protection/{README.md → typescript/README.md} +0 -0
  516. /package/rules/security/S045_brute_force_protection/{analyzer.js → typescript/analyzer.js} +0 -0
  517. /package/rules/security/S045_brute_force_protection/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  518. /package/rules/security/S048_no_current_password_in_reset/{README.md → typescript/README.md} +0 -0
  519. /package/rules/security/S048_no_current_password_in_reset/{analyzer.js → typescript/analyzer.js} +0 -0
  520. /package/rules/security/S049_short_validity_tokens/{analyzer.js → typescript/analyzer.js} +0 -0
  521. /package/rules/security/S049_short_validity_tokens/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  522. /package/rules/security/S049_short_validity_tokens/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  523. /package/rules/security/S051_password_length_policy/{analyzer.js → typescript/analyzer.js} +0 -0
  524. /package/rules/security/S052_weak_otp_entropy/{analyzer.js → typescript/analyzer.js} +0 -0
  525. /package/rules/security/S054_no_default_accounts/{README.md → typescript/README.md} +0 -0
  526. /package/rules/security/S054_no_default_accounts/{analyzer.js → typescript/analyzer.js} +0 -0
  527. /package/rules/security/S055_content_type_validation/{README.md → typescript/README.md} +0 -0
  528. /package/rules/security/S055_content_type_validation/{analyzer.js → typescript/analyzer.js} +0 -0
  529. /package/rules/security/S055_content_type_validation/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  530. /package/rules/security/S056_log_injection_protection/{analyzer.js → typescript/analyzer.js} +0 -0
  531. /package/rules/security/S056_log_injection_protection/{regex-based-analyzer.js → typescript/regex-based-analyzer.js} +0 -0
  532. /package/rules/security/S056_log_injection_protection/{symbol-based-analyzer.js → typescript/symbol-based-analyzer.js} +0 -0
  533. /package/rules/security/S057_utc_logging/{README.md → typescript/README.md} +0 -0
  534. /package/rules/security/S057_utc_logging/{analyzer.js → typescript/analyzer.js} +0 -0
  535. /package/rules/security/S058_no_ssrf/{README.md → typescript/README.md} +0 -0
package/config/released-rules.json ADDED
@@ -0,0 +1,62 @@
1
+ {
2
+ "versions": [
3
+ {
4
+ "version": "1.0",
5
+ "releaseDate": "2025-01-01",
6
+ "description": "Initial release with 187 rules across all categories",
7
+ "rulesByCategory": {
8
+ "Common": [
9
+ "C003", "C006", "C013", "C014", "C017", "C018", "C019", "C023", "C024", "C029",
10
+ "C030", "C031", "C033", "C035", "C040", "C041", "C042", "C043", "C047", "C048",
11
+ "C052", "C056", "C060", "C061", "C065", "C067", "C070", "C072", "C073", "C075", "C076"
12
+ ],
13
+ "Security": [
14
+ "S003", "S004", "S005", "S006", "S007", "S009", "S010", "S011", "S012", "S013",
15
+ "S016", "S017", "S019", "S020", "S022", "S023", "S025", "S026", "S027", "S028",
16
+ "S029", "S030", "S031", "S032", "S033", "S034", "S035", "S036", "S037", "S039",
17
+ "S041", "S042", "S044", "S045", "S047", "S048", "S049", "S050", "S051", "S052",
18
+ "S053", "S054", "S055", "S056", "S057", "S058"
19
+ ],
20
+ "Backend": [],
21
+ "Frontend": [
22
+ "T002", "T003", "T004", "T007", "T010", "T016", "T017", "T018", "T019", "T020", "T021",
23
+ "R001", "R002", "R003", "R004", "R006"
24
+ ],
25
+ "Mobile": [
26
+ "K001", "K002", "K003", "K004", "K005", "K006", "K007", "K008", "K009", "K010",
27
+ "K011", "K012", "K013", "K014", "K015", "K016", "K017", "K018", "K019", "K020",
28
+ "K021", "K022", "K023", "K024", "K025", "K026", "K027", "K028", "K029", "K030",
29
+ "K031", "K032", "K033", "K034",
30
+ "SW001", "SW002", "SW003", "SW004", "SW005", "SW006", "SW007", "SW008", "SW009", "SW010",
31
+ "SW011", "SW012", "SW013", "SW014", "SW015", "SW016", "SW017", "SW018", "SW019", "SW020",
32
+ "SW021", "SW022", "SW023", "SW024", "SW025", "SW026", "SW027", "SW028", "SW029", "SW030",
33
+ "SW031", "SW032", "SW033", "SW034", "SW035",
34
+ "D001", "D002", "D003", "D004", "D005", "D006", "D007", "D008", "D009", "D010",
35
+ "D011", "D012", "D013", "D014", "D015", "D016", "D017", "D018", "D019", "D020",
36
+ "D021", "D022", "D023", "D024", "D025"
37
+ ]
38
+ }
39
+ },
40
+ {
41
+ "version": "2.0",
42
+ "releaseDate": "2025-12-27",
43
+ "description": "Release with 79 rules: 20 Common coding standards and 59 Security rules",
44
+ "rulesByCategory": {
45
+ "Common": [
46
+ "C006", "C013", "C014", "C017", "C018", "C019", "C020", "C022", "C023", "C024",
47
+ "C029", "C030", "C032", "C033", "C035", "C041", "C042", "C052", "C060", "C067"
48
+ ],
49
+ "Security": [
50
+ "S003", "S004", "S005", "S006", "S007", "S009", "S010", "S011", "S012", "S013",
51
+ "S016", "S017", "S019", "S020", "S022", "S023", "S025", "S026", "S027", "S028",
52
+ "S029", "S030", "S031", "S032", "S033", "S034", "S035", "S036", "S037", "S039",
53
+ "S041", "S042", "S044", "S045", "S047", "S048", "S049", "S050", "S051", "S052",
54
+ "S053", "S054", "S055", "S056", "S057", "S058"
55
+ ],
56
+ "Backend": [],
57
+ "Frontend": [],
58
+ "Mobile": []
59
+ }
60
+ }
61
+ ]
62
+ }