@sun-asterisk/sunlint 1.3.42 → 1.3.43

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/package.json +1 -1
  2. package/rules/security/S024_xpath_xxe_protection/typescript/regex-based-analyzer.js +4 -4
  3. package/rules/security/S024_xpath_xxe_protection/typescript/symbol-based-analyzer.js +1 -1
  4. package/rules/security/S025_server_side_validation/typescript/regex-based-analyzer.js +5 -5
  5. package/rules/security/S025_server_side_validation/typescript/symbol-based-analyzer.js +6 -6
  6. package/rules/security/S032_httponly_session_cookies/typescript/regex-based-analyzer.js +8 -8
  7. package/rules/security/S033_samesite_session_cookies/typescript/regex-based-analyzer.js +12 -12
  8. package/rules/security/S033_samesite_session_cookies/typescript/symbol-based-analyzer.js +1 -1
  9. package/rules/security/S034_host_prefix_session_cookies/typescript/regex-based-analyzer.js +1 -1
  10. package/rules/security/S041_session_token_invalidation/typescript/regex-based-analyzer.js +4 -4
  11. package/rules/security/S041_session_token_invalidation/typescript/symbol-based-analyzer.js +1 -1
  12. package/rules/security/S044_re_authentication_required/typescript/regex-based-analyzer.js +1 -1
  13. package/rules/security/S044_re_authentication_required/typescript/symbol-based-analyzer.js +1 -1
  14. package/rules/security/S045_brute_force_protection/typescript/analyzer.js +1 -1
  15. package/rules/security/S045_brute_force_protection/typescript/symbol-based-analyzer.js +1 -1
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sun-asterisk/sunlint",
3
- "version": "1.3.42",
3
+ "version": "1.3.43",
4
4
  "description": "☀️ SunLint - Multi-language static analysis tool for code quality and security | Sun* Engineering Standards",
5
5
  "main": "cli.js",
6
6
  "bin": {
package/rules/security/S024_xpath_xxe_protection/typescript/regex-based-analyzer.js CHANGED
@@ -211,7 +211,7 @@ class S024RegexBasedAnalyzer {
211
211
  }
212
212
 
213
213
  violations.push({
214
- rule: this.ruleId,
214
+ ruleId: this.ruleId,
215
215
  source: filePath,
216
216
  category: this.category,
217
217
  line: lineNumber,
@@ -250,7 +250,7 @@ class S024RegexBasedAnalyzer {
250
250
  }
251
251
 
252
252
  violations.push({
253
- rule: this.ruleId,
253
+ ruleId: this.ruleId,
254
254
  source: filePath,
255
255
  category: this.category,
256
256
  line: lineNumber,
@@ -281,7 +281,7 @@ class S024RegexBasedAnalyzer {
281
281
  }
282
282
 
283
283
  violations.push({
284
- rule: this.ruleId,
284
+ ruleId: this.ruleId,
285
285
  source: filePath,
286
286
  category: this.category,
287
287
  line: lineNumber,
@@ -315,7 +315,7 @@ class S024RegexBasedAnalyzer {
315
315
  // Check if XXE protection is implemented in the context
316
316
  if (!this.hasXXEProtection(contextContent)) {
317
317
  violations.push({
318
- rule: this.ruleId,
318
+ ruleId: this.ruleId,
319
319
  source: filePath,
320
320
  category: this.category,
321
321
  line: lineNumber,
package/rules/security/S024_xpath_xxe_protection/typescript/symbol-based-analyzer.js CHANGED
@@ -451,7 +451,7 @@ class S024SymbolBasedAnalyzer {
451
451
  const lineAndChar = sourceFile.getLineAndColumnAtPos(start);
452
452
 
453
453
  return {
454
- rule: this.ruleId,
454
+ ruleId: this.ruleId,
455
455
  source: sourceFile.getFilePath(),
456
456
  category: this.category,
457
457
  line: lineAndChar.line,
package/rules/security/S025_server_side_validation/typescript/regex-based-analyzer.js CHANGED
@@ -192,7 +192,7 @@ class S025RegexBasedAnalyzer {
192
192
  if (!hasValidation) {
193
193
  const lineNumber = this.getLineNumber(content, match.index);
194
194
  violations.push({
195
- rule: this.ruleId,
195
+ ruleId: this.ruleId,
196
196
  source: filePath,
197
197
  category: this.category,
198
198
  line: lineNumber,
@@ -222,7 +222,7 @@ class S025RegexBasedAnalyzer {
222
222
  if (!hasValidation) {
223
223
  const lineNumber = this.getLineNumber(content, match.index);
224
224
  violations.push({
225
- rule: this.ruleId,
225
+ ruleId: this.ruleId,
226
226
  source: filePath,
227
227
  category: this.category,
228
228
  line: lineNumber,
@@ -254,7 +254,7 @@ class S025RegexBasedAnalyzer {
254
254
 
255
255
  const lineNumber = this.getLineNumber(content, match.index);
256
256
  violations.push({
257
- rule: this.ruleId,
257
+ ruleId: this.ruleId,
258
258
  source: filePath,
259
259
  category: this.category,
260
260
  line: lineNumber,
@@ -291,7 +291,7 @@ class S025RegexBasedAnalyzer {
291
291
  if (!hasNearbyValidation && !hasSchemaValidation) {
292
292
  const lineNumber = this.getLineNumber(content, match.index);
293
293
  violations.push({
294
- rule: this.ruleId,
294
+ ruleId: this.ruleId,
295
295
  source: filePath,
296
296
  category: this.category,
297
297
  line: lineNumber,
@@ -322,7 +322,7 @@ class S025RegexBasedAnalyzer {
322
322
  if (!hasFileValidation) {
323
323
  const lineNumber = this.getLineNumber(content, match.index);
324
324
  violations.push({
325
- rule: this.ruleId,
325
+ ruleId: this.ruleId,
326
326
  source: filePath,
327
327
  category: this.category,
328
328
  line: lineNumber,
package/rules/security/S025_server_side_validation/typescript/symbol-based-analyzer.js CHANGED
@@ -273,7 +273,7 @@ class S025SymbolBasedAnalyzer {
273
273
  while ((match = pattern.exec(content)) !== null) {
274
274
  const lineNumber = this.getLineNumber(content, match.index);
275
275
  violations.push({
276
- rule: this.ruleId,
276
+ ruleId: this.ruleId,
277
277
  source: sourceFile.getFilePath(),
278
278
  category: this.category,
279
279
  line: lineNumber,
@@ -313,7 +313,7 @@ class S025SymbolBasedAnalyzer {
313
313
  while ((match = pattern.exec(content)) !== null) {
314
314
  const lineNumber = this.getLineNumber(content, match.index);
315
315
  violations.push({
316
- rule: this.ruleId,
316
+ ruleId: this.ruleId,
317
317
  source: sourceFile.getFilePath(),
318
318
  category: this.category,
319
319
  line: lineNumber,
@@ -354,7 +354,7 @@ class S025SymbolBasedAnalyzer {
354
354
  while ((match = pattern.exec(content)) !== null) {
355
355
  const lineNumber = this.getLineNumber(content, match.index);
356
356
  violations.push({
357
- rule: this.ruleId,
357
+ ruleId: this.ruleId,
358
358
  source: sourceFile.getFilePath(),
359
359
  category: this.category,
360
360
  line: lineNumber,
@@ -395,7 +395,7 @@ class S025SymbolBasedAnalyzer {
395
395
  if (uploadMatch) {
396
396
  const lineNumber = this.getLineNumber(content, uploadMatch.index);
397
397
  violations.push({
398
- rule: this.ruleId,
398
+ ruleId: this.ruleId,
399
399
  source: sourceFile.getFilePath(),
400
400
  category: this.category,
401
401
  line: lineNumber,
@@ -444,7 +444,7 @@ class S025SymbolBasedAnalyzer {
444
444
  if (!hasValidation) {
445
445
  const lineNumber = this.getLineNumber(content, match.index);
446
446
  violations.push({
447
- rule: this.ruleId,
447
+ ruleId: this.ruleId,
448
448
  source: sourceFile.getFilePath(),
449
449
  category: this.category,
450
450
  line: lineNumber,
@@ -495,7 +495,7 @@ class S025SymbolBasedAnalyzer {
495
495
  const lineAndChar = sourceFile.getLineAndColumnAtPos(start);
496
496
 
497
497
  return {
498
- rule: this.ruleId,
498
+ ruleId: this.ruleId,
499
499
  source: sourceFile.getFilePath(),
500
500
  category: this.category,
501
501
  line: lineAndChar.line,
package/rules/security/S032_httponly_session_cookies/typescript/regex-based-analyzer.js CHANGED
@@ -243,7 +243,7 @@ class S032RegexBasedAnalyzer {
243
243
  }
244
244
 
245
245
  violations.push({
246
- rule: this.ruleId,
246
+ ruleId: this.ruleId,
247
247
  source: filePath,
248
248
  category: this.category,
249
249
  line: lineNumber,
@@ -299,7 +299,7 @@ class S032RegexBasedAnalyzer {
299
299
  }
300
300
 
301
301
  violations.push({
302
- rule: this.ruleId,
302
+ ruleId: this.ruleId,
303
303
  source: filePath,
304
304
  category: this.category,
305
305
  line: lineNumber,
@@ -360,7 +360,7 @@ class S032RegexBasedAnalyzer {
360
360
  const lineNumber = this.getLineNumber(content, match.index);
361
361
 
362
362
  violations.push({
363
- rule: this.ruleId,
363
+ ruleId: this.ruleId,
364
364
  source: filePath,
365
365
  category: this.category,
366
366
  line: lineNumber,
@@ -450,7 +450,7 @@ class S032RegexBasedAnalyzer {
450
450
  const lineNumber = this.getLineNumber(content, match.index);
451
451
 
452
452
  violations.push({
453
- rule: this.ruleId,
453
+ ruleId: this.ruleId,
454
454
  source: filePath,
455
455
  category: this.category,
456
456
  line: lineNumber,
@@ -465,7 +465,7 @@ class S032RegexBasedAnalyzer {
465
465
  const lineNumber = this.getLineNumber(content, match.index);
466
466
 
467
467
  violations.push({
468
- rule: this.ruleId,
468
+ ruleId: this.ruleId,
469
469
  source: filePath,
470
470
  category: this.category,
471
471
  line: lineNumber,
@@ -606,7 +606,7 @@ class S032RegexBasedAnalyzer {
606
606
  if (!this.hasHttpOnlyInNextAuthConfig(cookieConfig)) {
607
607
  const lineNumber = this.getLineNumber(content, match.index);
608
608
  violations.push({
609
- rule: this.ruleId,
609
+ ruleId: this.ruleId,
610
610
  source: filePath,
611
611
  category: this.category,
612
612
  line: lineNumber,
@@ -627,7 +627,7 @@ class S032RegexBasedAnalyzer {
627
627
  ) {
628
628
  const lineNumber = this.getLineNumber(content, match.index);
629
629
  violations.push({
630
- rule: this.ruleId,
630
+ ruleId: this.ruleId,
631
631
  source: filePath,
632
632
  category: this.category,
633
633
  line: lineNumber,
@@ -646,7 +646,7 @@ class S032RegexBasedAnalyzer {
646
646
  const framework = this.detectFramework(matchText);
647
647
 
648
648
  violations.push({
649
- rule: this.ruleId,
649
+ ruleId: this.ruleId,
650
650
  source: filePath,
651
651
  category: this.category,
652
652
  line: lineNumber,
package/rules/security/S033_samesite_session_cookies/typescript/regex-based-analyzer.js CHANGED
@@ -188,7 +188,7 @@ class S033RegexBasedAnalyzer {
188
188
 
189
189
  const lineNumber = this.getLineNumber(content, match.index);
190
190
  violations.push({
191
- rule: this.ruleId,
191
+ ruleId: this.ruleId,
192
192
  source: filePath,
193
193
  category: this.category,
194
194
  line: lineNumber,
@@ -247,7 +247,7 @@ class S033RegexBasedAnalyzer {
247
247
  ) {
248
248
  const lineNumber = this.getLineNumber(content, match.index);
249
249
  violations.push({
250
- rule: this.ruleId,
250
+ ruleId: this.ruleId,
251
251
  source: filePath,
252
252
  category: this.category,
253
253
  line: lineNumber,
@@ -266,7 +266,7 @@ class S033RegexBasedAnalyzer {
266
266
  ) {
267
267
  const lineNumber = this.getLineNumber(content, match.index);
268
268
  violations.push({
269
- rule: this.ruleId,
269
+ ruleId: this.ruleId,
270
270
  source: filePath,
271
271
  category: this.category,
272
272
  line: lineNumber,
@@ -310,7 +310,7 @@ class S033RegexBasedAnalyzer {
310
310
  if (!this.hasSameSiteInText(cookieConfig)) {
311
311
  const lineNumber = this.getLineNumber(content, match.index);
312
312
  violations.push({
313
- rule: this.ruleId,
313
+ ruleId: this.ruleId,
314
314
  source: filePath,
315
315
  category: this.category,
316
316
  line: lineNumber,
@@ -323,7 +323,7 @@ class S033RegexBasedAnalyzer {
323
323
  // No cookie config at all
324
324
  const lineNumber = this.getLineNumber(content, match.index);
325
325
  violations.push({
326
- rule: this.ruleId,
326
+ ruleId: this.ruleId,
327
327
  source: filePath,
328
328
  category: this.category,
329
329
  line: lineNumber,
@@ -432,7 +432,7 @@ class S033RegexBasedAnalyzer {
432
432
  if (!configObject || !this.hasSameSiteInText(configObject)) {
433
433
  const lineNumber = this.getLineNumber(content, match.index);
434
434
  violations.push({
435
- rule: this.ruleId,
435
+ ruleId: this.ruleId,
436
436
  source: filePath,
437
437
  category: this.category,
438
438
  line: lineNumber,
@@ -471,7 +471,7 @@ class S033RegexBasedAnalyzer {
471
471
  if (!configObject || !this.hasSameSiteInText(configObject)) {
472
472
  const lineNumber = this.getLineNumber(content, match.index);
473
473
  violations.push({
474
- rule: this.ruleId,
474
+ ruleId: this.ruleId,
475
475
  source: filePath,
476
476
  category: this.category,
477
477
  line: lineNumber,
@@ -510,7 +510,7 @@ class S033RegexBasedAnalyzer {
510
510
  if (!configObject || !this.hasSameSiteInText(configObject)) {
511
511
  const lineNumber = this.getLineNumber(content, match.index);
512
512
  violations.push({
513
- rule: this.ruleId,
513
+ ruleId: this.ruleId,
514
514
  source: filePath,
515
515
  category: this.category,
516
516
  line: lineNumber,
@@ -556,7 +556,7 @@ class S033RegexBasedAnalyzer {
556
556
  if (!configObject || !this.hasSameSiteInText(configObject)) {
557
557
  const lineNumber = this.getLineNumber(content, match.index);
558
558
  violations.push({
559
- rule: this.ruleId,
559
+ ruleId: this.ruleId,
560
560
  source: filePath,
561
561
  category: this.category,
562
562
  line: lineNumber,
@@ -602,7 +602,7 @@ class S033RegexBasedAnalyzer {
602
602
  if (!configObject || !this.hasSameSiteInText(configObject)) {
603
603
  const lineNumber = this.getLineNumber(content, match.index);
604
604
  violations.push({
605
- rule: this.ruleId,
605
+ ruleId: this.ruleId,
606
606
  source: filePath,
607
607
  category: this.category,
608
608
  line: lineNumber,
@@ -642,7 +642,7 @@ class S033RegexBasedAnalyzer {
642
642
  if (!this.hasSameSiteInText(cookieOptions)) {
643
643
  const lineNumber = this.getLineNumber(content, match.index);
644
644
  violations.push({
645
- rule: this.ruleId,
645
+ ruleId: this.ruleId,
646
646
  source: filePath,
647
647
  category: this.category,
648
648
  line: lineNumber,
@@ -674,7 +674,7 @@ class S033RegexBasedAnalyzer {
674
674
  if (!this.hasSameSiteInText(cookieOptions)) {
675
675
  const lineNumber = this.getLineNumber(content, match.index);
676
676
  violations.push({
677
- rule: this.ruleId,
677
+ ruleId: this.ruleId,
678
678
  source: filePath,
679
679
  category: this.category,
680
680
  line: lineNumber,
package/rules/security/S033_samesite_session_cookies/typescript/symbol-based-analyzer.js CHANGED
@@ -592,7 +592,7 @@ class S033SymbolBasedAnalyzer {
592
592
  const lineAndChar = sourceFile.getLineAndColumnAtPos(start);
593
593
 
594
594
  return {
595
- rule: this.ruleId,
595
+ ruleId: this.ruleId,
596
596
  source: sourceFile.getFilePath(),
597
597
  category: this.category,
598
598
  line: lineAndChar.line,
package/rules/security/S034_host_prefix_session_cookies/typescript/regex-based-analyzer.js CHANGED
@@ -460,7 +460,7 @@ class S034RegexBasedAnalyzer {
460
460
  }
461
461
 
462
462
  this.violations.push({
463
- rule: this.ruleId,
463
+ ruleId: this.ruleId,
464
464
  source: filePath,
465
465
  category: this.category,
466
466
  line: line,
package/rules/security/S041_session_token_invalidation/typescript/regex-based-analyzer.js CHANGED
@@ -185,7 +185,7 @@ class S041RegexBasedAnalyzer {
185
185
 
186
186
  if (!hasSessionCleanup) {
187
187
  violations.push({
188
- rule: this.ruleId,
188
+ ruleId: this.ruleId,
189
189
  source: filePath,
190
190
  category: this.category,
191
191
  line: lineNumber,
@@ -218,7 +218,7 @@ class S041RegexBasedAnalyzer {
218
218
 
219
219
  if (!hasSessionCleanup) {
220
220
  violations.push({
221
- rule: this.ruleId,
221
+ ruleId: this.ruleId,
222
222
  source: filePath,
223
223
  category: this.category,
224
224
  line: lineNumber,
@@ -249,7 +249,7 @@ class S041RegexBasedAnalyzer {
249
249
 
250
250
  if (isInLogoutContext) {
251
251
  violations.push({
252
- rule: this.ruleId,
252
+ ruleId: this.ruleId,
253
253
  source: filePath,
254
254
  category: this.category,
255
255
  line: lineNumber,
@@ -299,7 +299,7 @@ class S041RegexBasedAnalyzer {
299
299
  // Only report if it's in logout context and missing token invalidation
300
300
  if (isInLogoutContext && !hasTokenInvalidation) {
301
301
  violations.push({
302
- rule: this.ruleId,
302
+ ruleId: this.ruleId,
303
303
  source: filePath,
304
304
  category: this.category,
305
305
  line: lineNumber,
package/rules/security/S041_session_token_invalidation/typescript/symbol-based-analyzer.js CHANGED
@@ -666,7 +666,7 @@ class S041SymbolBasedAnalyzer {
666
666
  const lineAndChar = sourceFile.getLineAndColumnAtPos(start);
667
667
 
668
668
  return {
669
- rule: this.ruleId,
669
+ ruleId: this.ruleId,
670
670
  source: sourceFile.getFilePath(),
671
671
  category: this.category,
672
672
  line: lineAndChar.line,
package/rules/security/S044_re_authentication_required/typescript/regex-based-analyzer.js CHANGED
@@ -308,7 +308,7 @@ class S044RegexBasedAnalyzer {
308
308
 
309
309
  createViolation(filePath, line, column, message) {
310
310
  return {
311
- rule: this.ruleId,
311
+ ruleId: this.ruleId,
312
312
  source: filePath,
313
313
  category: this.category,
314
314
  line: line,
package/rules/security/S044_re_authentication_required/typescript/symbol-based-analyzer.js CHANGED
@@ -514,7 +514,7 @@ class S044SymbolBasedAnalyzer {
514
514
  const lineAndChar = sourceFile.getLineAndColumnAtPos(start);
515
515
 
516
516
  return {
517
- rule: this.ruleId,
517
+ ruleId: this.ruleId,
518
518
  source: sourceFile.getFilePath(),
519
519
  category: this.category,
520
520
  line: lineAndChar.line,
package/rules/security/S045_brute_force_protection/typescript/analyzer.js CHANGED
@@ -283,7 +283,7 @@ class S045Analyzer {
283
283
  // Always flag violations if no protection is found
284
284
  if (!hasProtection) {
285
285
  violations.push({
286
- rule: this.ruleId,
286
+ ruleId: this.ruleId,
287
287
  source: filePath,
288
288
  category: "security",
289
289
  line: lineNumber,
package/rules/security/S045_brute_force_protection/typescript/symbol-based-analyzer.js CHANGED
@@ -623,7 +623,7 @@ class S045SymbolBasedAnalyzer {
623
623
  const lineAndChar = sourceFile.getLineAndColumnAtPos(start);
624
624
 
625
625
  return {
626
- rule: this.ruleId,
626
+ ruleId: this.ruleId,
627
627
  source: sourceFile.getFilePath(),
628
628
  category: this.category,
629
629
  line: lineAndChar.line,