@sun-asterisk/sunlint 1.3.36 → 1.3.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (113) hide show
  1. package/cli.js +34 -0
  2. package/config/rules/enhanced-rules-registry.json +387 -98
  3. package/config/rules/rules-registry-generated.json +202 -174
  4. package/config/rules-summary.json +1 -1
  5. package/core/architecture-integration.js +115 -17
  6. package/core/cli-action-handler.js +103 -28
  7. package/core/cli-program.js +7 -2
  8. package/core/github-annotate-service.js +62 -0
  9. package/core/impact-integration.js +31 -16
  10. package/core/init-command.js +261 -0
  11. package/core/output-service.js +64 -10
  12. package/core/performance-optimizer.js +1 -1
  13. package/core/summary-report-service.js +46 -0
  14. package/core/unified-rule-registry.js +4 -3
  15. package/docs/DART_RULE_EXECUTION_FLOW.md +1 -1
  16. package/docs/REGISTRY_GENERATION_DIAGRAM.md +289 -0
  17. package/docs/REGISTRY_GENERATION_FLOW.md +486 -0
  18. package/docs/skills/CREATE_NEW_DART_RULE.md +932 -0
  19. package/engines/eslint-engine.js +6 -0
  20. package/engines/heuristic-engine.js +23 -10
  21. package/engines/impact/core/detectors/database-detector.js +1 -1
  22. package/engines/impact/core/detectors/endpoint-detector.js +1 -1
  23. package/engines/impact/core/report-generator.js +235 -73
  24. package/origin-rules/dart-en.md +4 -4
  25. package/origin-rules/security-en.md +470 -282
  26. package/package.json +1 -1
  27. package/rules/dart/D001_recommended_lint_rules/config.json +134 -0
  28. package/rules/index.js +6 -4
  29. package/rules/security/S001_backend_auth_communications/dart/analyzer.js +44 -0
  30. package/rules/security/S001_backend_auth_communications/index.js +87 -0
  31. package/rules/security/S001_backend_auth_communications/typescript/analyzer.js +164 -0
  32. package/rules/security/S002_os_command_injection/dart/analyzer.js +44 -0
  33. package/rules/security/S002_os_command_injection/index.js +87 -0
  34. package/rules/security/S002_os_command_injection/typescript/analyzer.js +194 -0
  35. package/rules/security/S008_svg_content_validation/dart/analyzer.js +44 -0
  36. package/rules/security/S008_svg_content_validation/index.js +87 -0
  37. package/rules/security/S008_svg_content_validation/typescript/analyzer.js +216 -0
  38. package/rules/security/S018_no_sensitive_browser_storage/dart/analyzer.js +44 -0
  39. package/rules/security/S018_no_sensitive_browser_storage/index.js +86 -0
  40. package/rules/security/S018_no_sensitive_browser_storage/typescript/analyzer.js +193 -0
  41. package/rules/security/S021_referrer_policy/dart/analyzer.js +44 -0
  42. package/rules/security/S021_referrer_policy/index.js +86 -0
  43. package/rules/security/S021_referrer_policy/typescript/analyzer.js +183 -0
  44. package/rules/security/S023_no_json_injection/config.json +133 -44
  45. package/rules/security/S023_no_json_injection/dart/analyzer.js +7 -6
  46. package/rules/security/S023_no_json_injection/typescript/analyzer.js +402 -126
  47. package/rules/security/S023_no_json_injection/typescript/ast-analyzer.js +571 -154
  48. package/rules/security/S026_tls_all_connections/config.json +30 -0
  49. package/rules/security/S026_tls_all_connections/typescript/analyzer.js +339 -0
  50. package/rules/security/S027_mtls_certificate_validation/config.json +30 -0
  51. package/rules/security/S027_mtls_certificate_validation/typescript/analyzer.js +225 -0
  52. package/rules/security/S035_separate_app_hostnames/config.json +28 -0
  53. package/rules/security/S035_separate_app_hostnames/typescript/analyzer.js +186 -0
  54. package/rules/security/S036_lfi_rfi_protection/config.json +2 -2
  55. package/rules/security/S039_tls_certificate_validation/config.json +29 -0
  56. package/rules/security/S039_tls_certificate_validation/typescript/analyzer.js +229 -0
  57. package/rules/security/S046_jwt_algorithm_allowlist/config.json +28 -0
  58. package/rules/security/S046_jwt_algorithm_allowlist/dart/analyzer.js +44 -0
  59. package/rules/security/S046_jwt_algorithm_allowlist/index.js +87 -0
  60. package/rules/security/S046_jwt_algorithm_allowlist/typescript/analyzer.js +235 -0
  61. package/rules/security/S047_oauth_pkce_protection/config.json +31 -0
  62. package/rules/security/S047_oauth_pkce_protection/dart/analyzer.js +44 -0
  63. package/rules/security/S047_oauth_pkce_protection/index.js +86 -0
  64. package/rules/security/S047_oauth_pkce_protection/typescript/analyzer.js +78 -0
  65. package/rules/security/S048_oauth_redirect_uri_validation/config.json +30 -0
  66. package/rules/security/S048_oauth_redirect_uri_validation/typescript/analyzer.js +278 -0
  67. package/rules/security/S049_short_validity_tokens/typescript/config.json +10 -3
  68. package/rules/security/S050_reference_tokens_entropy/config.json +28 -0
  69. package/rules/security/S050_reference_tokens_entropy/dart/analyzer.js +45 -0
  70. package/rules/security/S050_reference_tokens_entropy/index.js +86 -0
  71. package/rules/security/S050_reference_tokens_entropy/typescript/analyzer.js +74 -0
  72. package/rules/security/S053_generic_error_messages/config.json +28 -0
  73. package/rules/security/S053_generic_error_messages/dart/analyzer.js +45 -0
  74. package/rules/security/S053_generic_error_messages/index.js +86 -0
  75. package/rules/security/S053_generic_error_messages/typescript/analyzer.js +80 -0
  76. package/rules/security/S055_content_type_validation/typescript/symbol-based-analyzer.js +64 -2
  77. package/rules/security/S059_disable_debug_mode/config.json +28 -0
  78. package/rules/security/S059_disable_debug_mode/dart/analyzer.js +45 -0
  79. package/rules/security/S059_disable_debug_mode/index.js +86 -0
  80. package/rules/security/S059_disable_debug_mode/typescript/analyzer.js +85 -0
  81. package/rules/security/S060_password_minimum_length/config.json +28 -0
  82. package/rules/security/S060_password_minimum_length/dart/analyzer.js +45 -0
  83. package/rules/security/S060_password_minimum_length/index.js +86 -0
  84. package/rules/security/S060_password_minimum_length/typescript/analyzer.js +78 -0
  85. package/rules/security/S026_json_schema_validation/config.json +0 -27
  86. package/rules/security/S026_json_schema_validation/typescript/analyzer.js +0 -251
  87. package/rules/security/S027_no_hardcoded_secrets/config.json +0 -29
  88. package/rules/security/S027_no_hardcoded_secrets/typescript/analyzer.js +0 -309
  89. package/rules/security/S027_no_hardcoded_secrets/typescript/categories.json +0 -153
  90. package/rules/security/S035_path_session_cookies/config.json +0 -99
  91. package/rules/security/S035_path_session_cookies/typescript/analyzer.js +0 -316
  92. package/rules/security/S035_path_session_cookies/typescript/regex-based-analyzer.js +0 -724
  93. package/rules/security/S035_path_session_cookies/typescript/symbol-based-analyzer.js +0 -373
  94. package/rules/security/S039_no_session_tokens_in_url/config.json +0 -92
  95. package/rules/security/S039_no_session_tokens_in_url/typescript/analyzer.js +0 -262
  96. package/rules/security/S039_no_session_tokens_in_url/typescript/regex-based-analyzer.js +0 -337
  97. package/rules/security/S039_no_session_tokens_in_url/typescript/symbol-based-analyzer.js +0 -443
  98. package/rules/security/S048_no_current_password_in_reset/config.json +0 -48
  99. package/rules/security/S048_no_current_password_in_reset/typescript/analyzer.js +0 -366
  100. /package/rules/security/{S026_json_schema_validation → S026_tls_all_connections}/dart/analyzer.js +0 -0
  101. /package/rules/security/{S026_json_schema_validation → S026_tls_all_connections}/index.js +0 -0
  102. /package/rules/security/{S027_no_hardcoded_secrets → S027_mtls_certificate_validation}/dart/analyzer.js +0 -0
  103. /package/rules/security/{S027_no_hardcoded_secrets → S027_mtls_certificate_validation}/index.js +0 -0
  104. /package/rules/security/{S027_no_hardcoded_secrets → S027_mtls_certificate_validation}/typescript/categorized-analyzer.js +0 -0
  105. /package/rules/security/{S035_path_session_cookies → S035_separate_app_hostnames}/dart/analyzer.js +0 -0
  106. /package/rules/security/{S035_path_session_cookies → S035_separate_app_hostnames}/index.js +0 -0
  107. /package/rules/security/{S035_path_session_cookies → S035_separate_app_hostnames}/typescript/README.md +0 -0
  108. /package/rules/security/{S039_no_session_tokens_in_url → S039_tls_certificate_validation}/dart/analyzer.js +0 -0
  109. /package/rules/security/{S039_no_session_tokens_in_url → S039_tls_certificate_validation}/index.js +0 -0
  110. /package/rules/security/{S039_no_session_tokens_in_url → S039_tls_certificate_validation}/typescript/README.md +0 -0
  111. /package/rules/security/{S048_no_current_password_in_reset → S048_oauth_redirect_uri_validation}/dart/analyzer.js +0 -0
  112. /package/rules/security/{S048_no_current_password_in_reset → S048_oauth_redirect_uri_validation}/index.js +0 -0
  113. /package/rules/security/{S048_no_current_password_in_reset → S048_oauth_redirect_uri_validation}/typescript/README.md +0 -0
package/docs/REGISTRY_GENERATION_DIAGRAM.md ADDED
@@ -0,0 +1,289 @@
1
+ # Registry Generation - Visual Diagram
2
+
3
+ > Quick visual reference cho registry generation flow
4
+
5
+ ---
6
+
7
+ ## 🔄 High-Level Overview
8
+
9
+ ```
10
+ EDIT HERE AUTO-COPY AUTO-GENERATE USED HERE
11
+ ↓ ↓ ↓ ↓
12
+ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐
13
+ │ Markdown │ → │ origin-rules │ → │ Registry │ → │ SunLint │
14
+ │ Files │ │ (copies) │ │ JSON │ │ CLI/VSCode │
15
+ └──────────────┘ └──────────────┘ └──────────────┘ └──────────────┘
16
+ dart-en.md dart-en.md (copy) rules-registry- Display rule names
17
+ common-en.md common-en.md generated.json Show descriptions
18
+ Run analysis
19
+ ```
20
+
21
+ ---
22
+
23
+ ## 📂 Directory Structure
24
+
25
+ ```
26
+ engineer-excellence/
27
+
28
+ ├── coding-quality/
29
+ │ │
30
+ │ ├── rules/ ← 📝 EDIT HERE (Step 1)
31
+ │ │ ├── dart-en.md ← Source of Truth
32
+ │ │ ├── dart.md ← Vietnamese version
33
+ │ │ ├── common-en.md
34
+ │ │ ├── security-en.md
35
+ │ │ ├── examples/
36
+ │ │ │ ├── en/D001.md ← Create examples
37
+ │ │ │ └── vi/D001.md
38
+ │ │ └── ...
39
+ │ │
40
+ │ └── extensions/sunlint/
41
+ │ │
42
+ │ ├── origin-rules/ ← 📋 AUTO-COPIED (Step 2)
43
+ │ │ ├── dart-en.md ← Copy from ../../../rules/
44
+ │ │ ├── common-en.md
45
+ │ │ └── ...
46
+ │ │
47
+ │ ├── config/
48
+ │ │ └── rules/
49
+ │ │ └── rules-registry-generated.json ← 🤖 AUTO-GENERATED (Step 3)
50
+ │ │
51
+ │ └── scripts/
52
+ │ ├── copy-rules.js ← Run this first
53
+ │ └── generate-rules-registry.js ← Then run this
54
+ ```
55
+
56
+ ---
57
+
58
+ ## 🔄 Step-by-Step Flow
59
+
60
+ ### Step 1: Edit Markdown (SOURCE OF TRUTH)
61
+
62
+ ```
63
+ 📝 Edit: coding-quality/rules/dart-en.md
64
+
65
+ ┌─────────────────────────────────────────────────────────────┐
66
+ │ ### 📘 Rule D001 – Recommended Lint Rules Should Be Enabled │
67
+ │ │
68
+ │ - **Objective**: Ensure code quality... │
69
+ │ - **Details**: The `analysis_options.yaml`... │
70
+ │ - **Applies to**: Flutter/Dart │
71
+ │ - **Tools**: `dart lint` (flutter_lints...) │
72
+ │ - **Principles**: CODE_QUALITY │
73
+ │ - **Version**: 1.0 │
74
+ │ - **Status**: activated │
75
+ │ - **Severity**: major │
76
+ └─────────────────────────────────────────────────────────────┘
77
+
78
+ This is what users
79
+ will see in CLI
80
+ ```
81
+
82
+ ### Step 2: Copy Rules Script
83
+
84
+ ```bash
85
+ $ cd coding-quality/extensions/sunlint
86
+ $ node scripts/copy-rules.js
87
+ ```
88
+
89
+ ```
90
+ 📋 Copy Process:
91
+
92
+ Source Destination
93
+ ↓ ↓
94
+ ../../../rules/ origin-rules/
95
+ ├── dart-en.md → ├── dart-en.md
96
+ ├── common-en.md → ├── common-en.md
97
+ ├── security-en.md → ├── security-en.md
98
+ └── ... → └── ...
99
+
100
+ ✅ Successfully copied 8 rule files
101
+ ```
102
+
103
+ ### Step 3: Generate Registry Script
104
+
105
+ ```bash
106
+ $ node scripts/generate-rules-registry.js
107
+ ```
108
+
109
+ ```
110
+ 🤖 Generation Process:
111
+
112
+ origin-rules/ Parser Logic config/rules/
113
+ ↓ ↓ ↓
114
+ dart-en.md → Extract: rules-registry-generated.json
115
+ common-en.md → - Rule ID (D001) {
116
+ security-en.md → - Name "rules": {
117
+ ... → - Description "D001": {
118
+ - Tools "name": "Recommended...",
119
+ - Severity "description": "...",
120
+ - etc. "severity": "major",
121
+ ...
122
+ }
123
+ }
124
+ }
125
+
126
+ ✅ Generated registry with 257 rules
127
+ ```
128
+
129
+ ### Step 4: Used by SunLint
130
+
131
+ ```
132
+ config/rules/ UnifiedRuleRegistry CLI Output
133
+ ↓ ↓ ↓
134
+ rules-registry- Loads registry $ sunlint --rule=D001
135
+ generated.json → Finds D001 entry →
136
+ { Reads: D001: Recommended Lint
137
+ "D001": { - name Rules Should Be Enabled
138
+ "name": "...", - description ─────────────────────
139
+ "description": "..." - severity analysis_options.yaml
140
+ } 1:1 warning ...
141
+ }
142
+ ```
143
+
144
+ ---
145
+
146
+ ## 🔁 Complete Cycle with Example
147
+
148
+ ### Scenario: Rename Rule D001
149
+
150
+ ```
151
+ ┌─ STEP 1: Edit Markdown ────────────────────────────────────┐
152
+ │ │
153
+ │ $ vim ../../../rules/dart-en.md │
154
+ │ │
155
+ │ BEFORE: │
156
+ │ ### 📘 Rule D001 – Keep parameter names consistent │
157
+ │ │
158
+ │ AFTER: │
159
+ │ ### 📘 Rule D001 – Recommended Lint Rules Should Be Enabled │
160
+ │ │
161
+ └──────────────────────────────────────────────────────────────┘
162
+
163
+ ┌─ STEP 2: Copy Rules ───────────────────────────────────────┐
164
+ │ │
165
+ │ $ node scripts/copy-rules.js │
166
+ │ │
167
+ │ Output: │
168
+ │ ✅ Copied: dart-en.md │
169
+ │ ✅ Successfully copied 8 rule files │
170
+ │ │
171
+ └──────────────────────────────────────────────────────────────┘
172
+
173
+ ┌─ STEP 3: Generate Registry ────────────────────────────────┐
174
+ │ │
175
+ │ $ node scripts/generate-rules-registry.js │
176
+ │ │
177
+ │ Output: │
178
+ │ Parsed rule D001: 0 good examples, 0 bad examples │
179
+ │ ✅ Generated registry with 257 rules │
180
+ │ │
181
+ └──────────────────────────────────────────────────────────────┘
182
+
183
+ ┌─ STEP 4: Verify ───────────────────────────────────────────┐
184
+ │ │
185
+ │ $ grep -A 3 '"D001"' config/rules/rules-registry- │
186
+ │ generated.json │
187
+ │ │
188
+ │ Output: │
189
+ │ "D001": { │
190
+ │ "name": "Recommended Lint Rules Should Be Enabled", │
191
+ │ "description": "Ensure code quality...", │
192
+ │ ... │
193
+ │ } │
194
+ │ │
195
+ └──────────────────────────────────────────────────────────────┘
196
+
197
+ ┌─ STEP 5: Test ─────────────────────────────────────────────┐
198
+ │ │
199
+ │ $ node cli.js --rule=D001 --input=./test --languages=dart │
200
+ │ │
201
+ │ Output shows NEW NAME: │
202
+ │ D001: Recommended Lint Rules Should Be Enabled │
203
+ │ ───────────────────────────────────────────────── │
204
+ │ analysis_options.yaml │
205
+ │ 1:1 warning ... │
206
+ │ │
207
+ └──────────────────────────────────────────────────────────────┘
208
+ ```
209
+
210
+ ---
211
+
212
+ ## ❌ Wrong Way vs ✅ Right Way
213
+
214
+ ### ❌ WRONG: Edit JSON Directly
215
+
216
+ ```
217
+ ┌─ WRONG APPROACH ──────────────────────────────────────────┐
218
+ │ │
219
+ │ $ vim config/rules/rules-registry-generated.json │
220
+ │ │
221
+ │ Change: │
222
+ │ "name": "Old Name" │
223
+ │ To: │
224
+ │ "name": "New Name" │
225
+ │ │
226
+ │ ❌ Problem: Will be overwritten on next generation! │
227
+ │ │
228
+ └─────────────────────────────────────────────────────────────┘
229
+ ```
230
+
231
+ ### ✅ RIGHT: Edit Markdown → Regenerate
232
+
233
+ ```
234
+ ┌─ CORRECT APPROACH ────────────────────────────────────────┐
235
+ │ │
236
+ │ STEP 1: Edit source │
237
+ │ $ vim ../../../rules/dart-en.md │
238
+ │ Change: ### 📘 Rule D001 – Old Name │
239
+ │ To: ### 📘 Rule D001 – New Name │
240
+ │ │
241
+ │ STEP 2 & 3: Regenerate │
242
+ │ $ node scripts/copy-rules.js │
243
+ │ $ node scripts/generate-rules-registry.js │
244
+ │ │
245
+ │ ✅ Result: Changes persist, properly tracked in git │
246
+ │ │
247
+ └─────────────────────────────────────────────────────────────┘
248
+ ```
249
+
250
+ ---
251
+
252
+ ## 🎯 Quick Reference Card
253
+
254
+ ```
255
+ ╔═══════════════════════════════════════════════════════════╗
256
+ ║ REGISTRY GENERATION CHEATSHEET ║
257
+ ╠═══════════════════════════════════════════════════════════╣
258
+ ║ ║
259
+ ║ 📝 To change rule name: ║
260
+ ║ 1. Edit: ../../../rules/dart-en.md ║
261
+ ║ 2. Run: node scripts/copy-rules.js ║
262
+ ║ 3. Run: node scripts/generate-rules-registry.js ║
263
+ ║ ║
264
+ ║ 🔍 To verify changes: ║
265
+ ║ grep '"D001"' config/rules/rules-registry- ║
266
+ ║ generated.json ║
267
+ ║ ║
268
+ ║ ✅ Files you SHOULD edit: ║
269
+ ║ - coding-quality/rules/dart-en.md ║
270
+ ║ - coding-quality/rules/dart.md ║
271
+ ║ - coding-quality/rules/examples/en/D001.md ║
272
+ ║ ║
273
+ ║ ❌ Files you should NEVER edit: ║
274
+ ║ - origin-rules/*.md (auto-copied) ║
275
+ ║ - config/rules/rules-registry-generated.json ║
276
+ ║ ║
277
+ ║ 📖 Read more: ║
278
+ ║ docs/REGISTRY_GENERATION_FLOW.md ║
279
+ ║ ║
280
+ ╚═══════════════════════════════════════════════════════════╝
281
+ ```
282
+
283
+ ---
284
+
285
+ ## 🔗 Related Documents
286
+
287
+ - [REGISTRY_GENERATION_FLOW.md](./REGISTRY_GENERATION_FLOW.md) - Detailed explanation
288
+ - [CREATE_NEW_DART_RULE.md](./skills/CREATE_NEW_DART_RULE.md) - How to create rules
289
+ - [PROJECT_STRUCTURE.md](./PROJECT_STRUCTURE.md) - Overall structure