eslint-plugin-no-jquery 3.0.1 → 3.0.2

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "eslint-plugin-no-jquery",
-	"version": "3.0.1",
+	"version": "3.0.2",
 	"description": "Disallow jQuery functions with native equivalents.",
 	"repository": {
 		"type": "git",

package/src/rules/no-append-html.js

@@ -1,7 +1,11 @@
 'use strict';
 
 const utils = require( '../utils.js' );
-const methods = [ 'append', 'prepend', 'before', 'after', 'replaceWith', 'add', 'appendTo', 'prependTo' ];
+// htmlStrings or jQuery collections
+const htmlOrCollectionMethods = [ 'append', 'prepend', 'before', 'after', 'replaceWith' ];
+// htmlStrings, selectors or jQuery collections
+const htmlOrSelectorOrCollectionMethods = [ 'add', 'appendTo', 'prependTo', 'insertBefore', 'insertAfter' ];
+const allMethods = htmlOrCollectionMethods.concat( htmlOrSelectorOrCollectionMethods );
 
 function alljQueryOrEmpty( context, node ) {
 	if ( node.type === 'ConditionalExpression' ) {
@@ -22,7 +26,7 @@ module.exports = {
 	meta: {
 		type: 'suggestion',
 		docs: {
-			description: 'Disallows using ' + methods.map( utils.jQueryCollectionLink ).join( '/' ) +
+			description: 'Disallows using ' + allMethods.map( utils.jQueryCollectionLink ).join( '/' ) +
 			' to inject HTML, in order to prevent possible XSS bugs.'
 		},
 		schema: []
@@ -32,13 +36,18 @@ module.exports = {
 		'CallExpression:exit': ( node ) => {
 			if ( !(
 				node.callee.type === 'MemberExpression' &&
-					methods.includes( node.callee.property.name )
+				allMethods.includes( node.callee.property.name )
 			) ) {
 				return;
 			}
 			if ( node.arguments.every( ( arg ) => alljQueryOrEmpty( context, arg ) ) ) {
 				return;
 			}
+			if ( htmlOrSelectorOrCollectionMethods.includes( node.callee.property.name ) ) {
+				if ( node.arguments.every( ( arg ) => !utils.isHtmlString( arg ) ) ) {
+					return;
+				}
+			}
 
 			if ( utils.isjQuery( context, node.callee ) ) {
 				context.report( {

package/src/rules/no-parse-html-literal.js

@@ -2,33 +2,11 @@
 
 const utils = require( '../utils.js' );
 
-// HTML regex (modified from jQuery)
-const rquickExpr = /^(?:\s*(<[\w\W]+>)[^>]*)$/;
 // Single tag regex (from jQuery)
 const rsingleTag = /^<([a-z][^/\0>:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;
 const rsingleTagMinimal = /^<([a-z][^/\0>:\x20\t\r\n\f]*)>$/i;
 const rsingleTagSelfClosing = /^<([a-z][^/\0>:\x20\t\r\n\f]*)\/>$/i;
 
-function allLiteral( node ) {
-	if ( node.type === 'BinaryExpression' ) {
-		return allLiteral( node.left ) && allLiteral( node.right );
-	} else {
-		return node.type === 'Literal';
-	}
-}
-
-function joinLiterals( node ) {
-	if ( node.type === 'BinaryExpression' ) {
-		return joinLiterals( node.left ) + joinLiterals( node.right );
-	}
-	/* istanbul ignore else */
-	if ( node.type === 'Literal' ) {
-		return node.value;
-	}
-	/* istanbul ignore next */
-	throw new Error( 'Non-literal node passed to joinLiteral' );
-}
-
 module.exports = {
 	meta: {
 		type: 'suggestion',
@@ -94,11 +72,10 @@ module.exports = {
 			let expectedTag;
 			const arg = node.arguments[ 0 ];
 			if ( allowSingle ) {
-				const value = arg && allLiteral( arg ) && joinLiterals( arg );
-				if ( !( typeof value === 'string' && value ) || !rquickExpr.exec( value ) ) {
-					// Empty or non-string, or non-HTML
+				if ( !utils.isHtmlString( arg ) ) {
 					return;
 				}
+				const value = utils.joinLiterals( arg );
 				let match;
 				if ( ( match = rsingleTag.exec( value ) ) ) {
 					// Single tag
@@ -122,7 +99,7 @@ module.exports = {
 						return;
 					}
 				}
-			} else if ( !( arg && allLiteral( arg ) ) ) {
+			} else if ( !( arg && utils.allLiteral( arg ) ) ) {
 				// Non literals passed to $.parseHTML
 				return;
 			}

package/src/rules/no-sizzle.js

@@ -2,19 +2,6 @@
 
 const utils = require( '../utils.js' );
 
-function collectLiterals( node ) {
-	if ( node.type === 'BinaryExpression' ) {
-		return collectLiterals( node.left ) + collectLiterals( node.right );
-	} else if ( node.type === 'Literal' ) {
-		return node.value;
-	} else if ( node.type === 'Identifier' ) {
-		// Dummy value for regex matching
-		return 'A0';
-	} else {
-		return '';
-	}
-}
-
 module.exports = {
 	meta: {
 		type: 'suggestion',
@@ -79,7 +66,7 @@ module.exports = {
 					context.options[ 0 ].allowPositional;
 				const allowOther = context.options[ 0 ] &&
 					context.options[ 0 ].allowOther;
-				const value = collectLiterals( node.arguments[ 0 ] );
+				const value = utils.joinLiterals( node.arguments[ 0 ] );
 
 				if ( !allowPositional && forbiddenPositional.test( value ) ) {
 					context.report( {

package/src/utils.js

@@ -541,6 +541,35 @@ function eventShorthandFixer( node, context, fixer ) {
 	}
 }
 
+function allLiteral( node ) {
+	if ( node.type === 'BinaryExpression' ) {
+		return allLiteral( node.left ) && allLiteral( node.right );
+	} else {
+		return node.type === 'Literal';
+	}
+}
+
+function joinLiterals( node ) {
+	if ( node.type === 'BinaryExpression' ) {
+		return joinLiterals( node.left ) + joinLiterals( node.right );
+	} else if ( node.type === 'Literal' ) {
+		return node.value;
+	} else if ( node.type === 'Identifier' ) {
+		// Dummy value for regex matching
+		return 'A0';
+	} else {
+		return '';
+	}
+}
+
+// HTML regex (modified from jQuery)
+const rquickExpr = /^(?:\s*(<[\w\W]+>)[^>]*)$/;
+
+function isHtmlString( arg ) {
+	const value = arg && allLiteral( arg ) && joinLiterals( arg );
+	return typeof value === 'string' && value && rquickExpr.exec( value );
+}
+
 module.exports = {
 	isjQuery,
 	isjQueryConstructor,
@@ -552,5 +581,8 @@ module.exports = {
 	createCollectionOrUtilMethodRule,
 	eventShorthandFixer,
 	jQueryCollectionLink,
-	jQueryGlobalLink
+	jQueryGlobalLink,
+	allLiteral,
+	joinLiterals,
+	isHtmlString
 };