eslint-plugin-node-security 4.0.0

package/src/rules/require-dependency-integrity/index.js

@@ -0,0 +1,70 @@
+"use strict";
+/**
+ * Copyright (c) 2025 Ofri Peretz
+ * Licensed under the MIT License. Use of this source code is governed by the
+ * MIT license that can be found in the LICENSE file.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.requireDependencyIntegrity = void 0;
+/**
+ * @fileoverview Require integrity hashes for external resources
+ */
+const eslint_devkit_1 = require("@interlace/eslint-devkit");
+exports.requireDependencyIntegrity = (0, eslint_devkit_1.createRule)({
+    name: 'require-dependency-integrity',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Require SRI (Subresource Integrity) for CDN resources',
+        },
+        messages: {
+            violationDetected: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.SECURITY,
+                issueName: 'Missing SRI',
+                cwe: 'CWE-494',
+                description: 'External resource loaded without integrity hash - supply chain risk',
+                severity: 'HIGH',
+                fix: 'Add integrity="sha384-..." and crossorigin="anonymous" attributes',
+                documentationLink: 'https://cwe.mitre.org/data/definitions/494.html',
+            })
+        },
+        schema: [],
+    },
+    defaultOptions: [],
+    create(context) {
+        function report(node) {
+            context.report({ node, messageId: 'violationDetected' });
+        }
+        return {
+            Literal(node) {
+                if (typeof node.value !== 'string')
+                    return;
+                // Check for script/link tags without integrity
+                const value = node.value.toLowerCase();
+                if ((value.includes('<script') && value.includes('src=')) ||
+                    (value.includes('<link') && value.includes('href='))) {
+                    // Check if CDN source
+                    if (value.includes('cdn.') || value.includes('cdnjs.') ||
+                        value.includes('unpkg.') || value.includes('jsdelivr.')) {
+                        if (!value.includes('integrity=')) {
+                            report(node);
+                        }
+                    }
+                }
+            },
+            TemplateLiteral(node) {
+                const text = context.sourceCode.getText(node).toLowerCase();
+                if ((text.includes('<script') && text.includes('src=')) ||
+                    (text.includes('<link') && text.includes('href='))) {
+                    if (text.includes('cdn.') || text.includes('cdnjs.') ||
+                        text.includes('unpkg.') || text.includes('jsdelivr.')) {
+                        if (!text.includes('integrity=')) {
+                            report(node);
+                        }
+                    }
+                }
+            },
+        };
+    },
+});
+//# sourceMappingURL=index.js.map

package/src/rules/require-dependency-integrity/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/require-dependency-integrity/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAEH;;GAEG;AAEH,4DAAsF;AAUzE,QAAA,0BAA0B,GAAG,IAAA,0BAAU,EAA0B;IAC5E,IAAI,EAAE,8BAA8B;IACpC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,uDAAuD;SACrE;QACD,QAAQ,EAAE;YACR,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,aAAa;gBACxB,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,qEAAqE;gBAClF,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,mEAAmE;gBACxE,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;SACH;QACD,MAAM,EAAE,EAAE;KACX;IACD,cAAc,EAAE,EAAE;IAClB,MAAM,CAAC,OAAO;QACZ,SAAS,MAAM,CAAC,IAAmB;YACjC,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;QAC3D,CAAC;QAED,OAAO;YACL,OAAO,CAAC,IAAsB;gBAC5B,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ;oBAAE,OAAO;gBAE3C,+CAA+C;gBAC/C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;gBACvC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;oBACrD,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;oBAEzD,sBAAsB;oBACtB,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC;wBAClD,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;wBAE5D,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;4BAClC,MAAM,CAAC,IAAI,CAAC,CAAC;wBACf,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,eAAe,CAAC,IAA8B;gBAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;gBAE5D,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;oBACnD,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;oBAEvD,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC;wBAChD,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;wBAE1D,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;4BACjC,MAAM,CAAC,IAAI,CAAC,CAAC;wBACf,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}

package/src/rules/require-secure-credential-storage/index.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Copyright (c) 2025 Ofri Peretz
+ * Licensed under the MIT License. Use of this source code is governed by the
+ * MIT license that can be found in the LICENSE file.
+ */
+export interface Options {
+}
+type RuleOptions = [Options?];
+export declare const requireSecureCredentialStorage: import("@typescript-eslint/utils/ts-eslint").RuleModule<"violationDetected", RuleOptions, unknown, import("@typescript-eslint/utils/ts-eslint").RuleListener> & {
+    name: string;
+};
+export {};

package/src/rules/require-secure-credential-storage/index.js

@@ -0,0 +1,54 @@
+"use strict";
+/**
+ * Copyright (c) 2025 Ofri Peretz
+ * Licensed under the MIT License. Use of this source code is governed by the
+ * MIT license that can be found in the LICENSE file.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.requireSecureCredentialStorage = void 0;
+/**
+ * @fileoverview Enforce secure storage patterns for credentials
+ * @see https://owasp.org/www-project-mobile-top-10/
+ * @see https://cwe.mitre.org/data/definitions/522.html
+ */
+const eslint_devkit_1 = require("@interlace/eslint-devkit");
+exports.requireSecureCredentialStorage = (0, eslint_devkit_1.createRule)({
+    name: 'require-secure-credential-storage',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Enforce secure storage patterns for credentials',
+        },
+        messages: {
+            violationDetected: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.SECURITY,
+                issueName: 'violation Detected',
+                cwe: 'CWE-312',
+                description: 'Enforce secure storage patterns for credentials detected - Credentials without encryption',
+                severity: 'HIGH',
+                fix: 'Review and apply secure practices',
+                documentationLink: 'https://cwe.mitre.org/data/definitions/312.html',
+            })
+        },
+        schema: [],
+    },
+    defaultOptions: [],
+    create(context) {
+        return {
+            CallExpression(node) {
+                if (node.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
+                    node.callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
+                    ['setItem', 'writeFile'].includes(node.callee.property.name)) {
+                    // Check for encryption wrapper
+                    const hasEncryption = node.arguments.some(arg => arg.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression &&
+                        arg.callee.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
+                        arg.callee.name.includes('encrypt'));
+                    if (!hasEncryption) {
+                        context.report({ node, messageId: 'violationDetected' });
+                    }
+                }
+            },
+        };
+    },
+});
+//# sourceMappingURL=index.js.map

package/src/rules/require-secure-credential-storage/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/require-secure-credential-storage/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAEH;;;;GAIG;AAEH,4DAAsG;AAUzF,QAAA,8BAA8B,GAAG,IAAA,0BAAU,EAA0B;IAChF,IAAI,EAAE,mCAAmC;IACzC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,iDAAiD;SAC/D;QACD,QAAQ,EAAE;YACR,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,oBAAoB;gBAC/B,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,2FAA2F;gBACxG,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,mCAAmC;gBACxC,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;SACH;QACD,MAAM,EAAE,EAAE;KACX;IACD,cAAc,EAAE,EAAE;IAClB,MAAM,CAAC,OAAO;QACZ,OAAO;YACL,cAAc,CAAC,IAA6B;gBAC1C,IACE,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBACpD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBACvD,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAC5D,CAAC;oBACD,+BAA+B;oBAC/B,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAC9C,GAAG,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;wBAC1C,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;wBAC7C,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CACpC,CAAC;oBACF,IAAI,CAAC,aAAa,EAAE,CAAC;wBACnB,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;oBAC3D,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}

package/src/rules/require-secure-deletion/index.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Copyright (c) 2025 Ofri Peretz
+ * Licensed under the MIT License. Use of this source code is governed by the
+ * MIT license that can be found in the LICENSE file.
+ */
+export interface Options {
+}
+type RuleOptions = [Options?];
+export declare const requireSecureDeletion: import("@typescript-eslint/utils/ts-eslint").RuleModule<"violationDetected", RuleOptions, unknown, import("@typescript-eslint/utils/ts-eslint").RuleListener> & {
+    name: string;
+};
+export {};

package/src/rules/require-secure-deletion/index.js

@@ -0,0 +1,46 @@
+"use strict";
+/**
+ * Copyright (c) 2025 Ofri Peretz
+ * Licensed under the MIT License. Use of this source code is governed by the
+ * MIT license that can be found in the LICENSE file.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.requireSecureDeletion = void 0;
+/**
+ * @fileoverview Require secure data deletion patterns
+ * @see https://owasp.org/www-project-mobile-top-10/
+ * @see https://cwe.mitre.org/data/definitions/459.html
+ */
+const eslint_devkit_1 = require("@interlace/eslint-devkit");
+exports.requireSecureDeletion = (0, eslint_devkit_1.createRule)({
+    name: 'require-secure-deletion',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Require secure data deletion patterns',
+        },
+        messages: {
+            violationDetected: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.SECURITY,
+                issueName: 'violation Detected',
+                cwe: 'CWE-459',
+                description: 'Require secure data deletion patterns detected - delete without secure wipe',
+                severity: 'MEDIUM',
+                fix: 'Review and apply secure practices',
+                documentationLink: 'https://cwe.mitre.org/data/definitions/459.html',
+            })
+        },
+        schema: [],
+    },
+    defaultOptions: [],
+    create(context) {
+        return {
+            UnaryExpression(node) {
+                if (node.operator === 'delete') {
+                    context.report({ node, messageId: 'violationDetected' });
+                }
+            },
+        };
+    },
+});
+//# sourceMappingURL=index.js.map

package/src/rules/require-secure-deletion/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/require-secure-deletion/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAEH;;;;GAIG;AAEH,4DAAsF;AAUzE,QAAA,qBAAqB,GAAG,IAAA,0BAAU,EAA0B;IACvE,IAAI,EAAE,yBAAyB;IAC/B,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,uCAAuC;SACrD;QACD,QAAQ,EAAE;YACR,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,oBAAoB;gBAC/B,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,6EAA6E;gBAC1F,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,mCAAmC;gBACxC,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;SACH;QACD,MAAM,EAAE,EAAE;KACX;IACD,cAAc,EAAE,EAAE;IAClB,MAAM,CAAC,OAAO;QACZ,OAAO;YAEL,eAAe,CAAC,IAA8B;gBAC5C,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBAC/B,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;gBAC3D,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}

package/src/rules/require-storage-encryption/index.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Copyright (c) 2025 Ofri Peretz
+ * Licensed under the MIT License. Use of this source code is governed by the
+ * MIT license that can be found in the LICENSE file.
+ */
+export interface Options {
+}
+type RuleOptions = [Options?];
+export declare const requireStorageEncryption: import("@typescript-eslint/utils/ts-eslint").RuleModule<"violationDetected", RuleOptions, unknown, import("@typescript-eslint/utils/ts-eslint").RuleListener> & {
+    name: string;
+};
+export {};

package/src/rules/require-storage-encryption/index.js

@@ -0,0 +1,54 @@
+"use strict";
+/**
+ * Copyright (c) 2025 Ofri Peretz
+ * Licensed under the MIT License. Use of this source code is governed by the
+ * MIT license that can be found in the LICENSE file.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.requireStorageEncryption = void 0;
+/**
+ * @fileoverview Require encryption for persistent storage
+ * @see https://owasp.org/www-project-mobile-top-10/
+ * @see https://cwe.mitre.org/data/definitions/311.html
+ */
+const eslint_devkit_1 = require("@interlace/eslint-devkit");
+exports.requireStorageEncryption = (0, eslint_devkit_1.createRule)({
+    name: 'require-storage-encryption',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Require encryption for persistent storage',
+        },
+        messages: {
+            violationDetected: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.SECURITY,
+                issueName: 'violation Detected',
+                cwe: 'CWE-312',
+                description: 'Require encryption for persistent storage detected - Storage without encryption',
+                severity: 'HIGH',
+                fix: 'Review and apply secure practices',
+                documentationLink: 'https://cwe.mitre.org/data/definitions/312.html',
+            })
+        },
+        schema: [],
+    },
+    defaultOptions: [],
+    create(context) {
+        return {
+            CallExpression(node) {
+                if (node.callee.type === 'MemberExpression' &&
+                    node.callee.property.type === 'Identifier' &&
+                    ['setItem', 'writeFile'].includes(node.callee.property.name)) {
+                    // Check for encryption wrapper
+                    const hasEncryption = node.arguments.some(arg => arg.type === 'CallExpression' &&
+                        arg.callee.type === 'Identifier' &&
+                        arg.callee.name.includes('encrypt'));
+                    if (!hasEncryption) {
+                        context.report({ node, messageId: 'violationDetected' });
+                    }
+                }
+            },
+        };
+    },
+});
+//# sourceMappingURL=index.js.map

package/src/rules/require-storage-encryption/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/require-storage-encryption/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAEH;;;;GAIG;AAEH,4DAAsF;AAUzE,QAAA,wBAAwB,GAAG,IAAA,0BAAU,EAA0B;IAC1E,IAAI,EAAE,4BAA4B;IAClC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,2CAA2C;SACzD;QACD,QAAQ,EAAE;YACR,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,oBAAoB;gBAC/B,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,iFAAiF;gBAC9F,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,mCAAmC;gBACxC,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;SACH;QACD,MAAM,EAAE,EAAE;KACX;IACD,cAAc,EAAE,EAAE;IAClB,MAAM,CAAC,OAAO;QACZ,OAAO;YAEL,cAAc,CAAC,IAA6B;gBAC1C,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;oBACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;oBAC1C,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBACjE,+BAA+B;oBAC/B,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAC9C,GAAG,CAAC,IAAI,KAAK,gBAAgB;wBAC7B,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;wBAChC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CACpC,CAAC;oBACF,IAAI,CAAC,aAAa,EAAE,CAAC;wBACnB,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;oBAC3D,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}

package/src/types/index.d.ts

@@ -0,0 +1,24 @@
+/**
+ * eslint-plugin-node-security Type Exports
+ *
+ * Barrel file that exports all Node.js security rule Options types.
+ */
+import type { Options as DetectChildProcessOptions } from '../rules/detect-child-process';
+import type { Options as DetectEvalWithExpressionOptions } from '../rules/detect-eval-with-expression';
+import type { Options as DetectNonLiteralFsFilenameOptions } from '../rules/detect-non-literal-fs-filename';
+import type { Options as NoUnsafeDynamicRequireOptions } from '../rules/no-unsafe-dynamic-require';
+import type { Options as NoBufferOverreadOptions } from '../rules/no-buffer-overread';
+import type { Options as NoToctouVulnerabilityOptions } from '../rules/no-toctou-vulnerability';
+import type { Options as NoZipSlipOptions } from '../rules/no-zip-slip';
+import type { Options as NoArbitraryFileAccessOptions } from '../rules/no-arbitrary-file-access';
+export type { DetectChildProcessOptions, DetectEvalWithExpressionOptions, DetectNonLiteralFsFilenameOptions, NoUnsafeDynamicRequireOptions, NoBufferOverreadOptions, NoToctouVulnerabilityOptions, NoZipSlipOptions, NoArbitraryFileAccessOptions, };
+export type AllNodeSecurityRulesOptions = {
+    'detect-child-process'?: DetectChildProcessOptions;
+    'detect-eval-with-expression'?: DetectEvalWithExpressionOptions;
+    'detect-non-literal-fs-filename'?: DetectNonLiteralFsFilenameOptions;
+    'no-unsafe-dynamic-require'?: NoUnsafeDynamicRequireOptions;
+    'no-buffer-overread'?: NoBufferOverreadOptions;
+    'no-toctou-vulnerability'?: NoToctouVulnerabilityOptions;
+    'no-zip-slip'?: NoZipSlipOptions;
+    'no-arbitrary-file-access'?: NoArbitraryFileAccessOptions;
+};

package/src/types/index.js

@@ -0,0 +1,8 @@
+"use strict";
+/**
+ * eslint-plugin-node-security Type Exports
+ *
+ * Barrel file that exports all Node.js security rule Options types.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=index.js.map

package/src/types/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/eslint-plugin-node-security/src/types/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG"}