eslint-plugin-node-security 4.0.0

package/src/rules/detect-non-literal-fs-filename/index.js

@@ -0,0 +1,460 @@
+"use strict";
+/**
+ * Copyright (c) 2025 Ofri Peretz
+ * Licensed under the MIT License. Use of this source code is governed by the
+ * MIT license that can be found in the LICENSE file.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.detectNonLiteralFsFilename = void 0;
+const eslint_devkit_1 = require("@interlace/eslint-devkit");
+const eslint_devkit_2 = require("@interlace/eslint-devkit");
+const FS_OPERATIONS = [
+    {
+        method: 'readFile',
+        dangerous: true,
+        vulnerability: 'file-access',
+        safePattern: 'path.resolve(SAFE_DIR, path.basename(userInput))',
+        example: {
+            bad: 'fs.readFile(userPath, callback)',
+            good: 'const safePath = path.join(SAFE_UPLOADS_DIR, path.basename(userPath)); fs.readFile(safePath, callback)'
+        },
+        effort: '10-15 minutes'
+    },
+    {
+        method: 'writeFile',
+        dangerous: true,
+        vulnerability: 'file-access',
+        safePattern: 'path.resolve(SAFE_DIR, path.basename(userInput))',
+        example: {
+            bad: 'fs.writeFile(userPath, data, callback)',
+            good: 'const safePath = path.join(SAFE_WRITES_DIR, path.basename(userPath)); fs.writeFile(safePath, data, callback)'
+        },
+        effort: '10-15 minutes'
+    },
+    {
+        method: 'stat',
+        dangerous: true,
+        vulnerability: 'path-traversal',
+        safePattern: 'path.resolve(baseDir, userInput) with validation',
+        example: {
+            bad: 'fs.stat(userPath, callback)',
+            good: 'const resolvedPath = path.resolve(SAFE_DIR, userPath);\nif (!resolvedPath.startsWith(SAFE_DIR)) return;\nfs.stat(resolvedPath, callback)'
+        },
+        effort: '15-20 minutes'
+    },
+    {
+        method: 'readdir',
+        dangerous: true,
+        vulnerability: 'directory-traversal',
+        safePattern: 'Validate directory is within allowed paths',
+        example: {
+            bad: 'fs.readdir(userDir, callback)',
+            good: 'const resolvedDir = path.resolve(ALLOWED_DIRS, userDir);\nif (!resolvedDir.startsWith(ALLOWED_DIRS)) return;\nfs.readdir(resolvedDir, callback)'
+        },
+        effort: '15-20 minutes'
+    }
+];
+exports.detectNonLiteralFsFilename = (0, eslint_devkit_2.createRule)({
+    name: 'detect-non-literal-fs-filename',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Detects variable in filename argument of fs calls, which might allow an attacker to access anything on your system',
+        },
+        messages: {
+            // 🎯 Token optimization: 39% reduction (49→30 tokens) - template variables still work
+            fsPathTraversal: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: '🔑',
+                issueName: 'Path traversal',
+                cwe: 'CWE-22',
+                description: 'Path traversal vulnerability',
+                severity: '{{riskLevel}}',
+                fix: '{{safePattern}}',
+                documentationLink: 'https://owasp.org/www-community/attacks/Path_Traversal',
+            }),
+            usePathResolve: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.INFO,
+                issueName: 'Use path.resolve',
+                description: 'Use path.resolve() to normalize paths',
+                severity: 'LOW',
+                fix: 'path.resolve(SAFE_DIR, userInput)',
+                documentationLink: 'https://nodejs.org/api/path.html#pathresolvepaths',
+            }),
+            validatePath: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.INFO,
+                issueName: 'Validate Path',
+                description: 'Validate resolved path starts with allowed base',
+                severity: 'LOW',
+                fix: 'if (!resolved.startsWith(SAFE_DIR)) throw new Error()',
+                documentationLink: 'https://owasp.org/www-community/attacks/Path_Traversal',
+            }),
+            useBasename: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.INFO,
+                issueName: 'Use path.basename',
+                description: 'Use path.basename() to strip directory components',
+                severity: 'LOW',
+                fix: 'path.basename(userInput)',
+                documentationLink: 'https://nodejs.org/api/path.html#pathbasenamepath-suffix',
+            }),
+            createSafeDir: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.INFO,
+                issueName: 'Define Safe Directory',
+                description: 'Define SAFE_DIR constant',
+                severity: 'LOW',
+                fix: 'const SAFE_DIR = path.resolve(__dirname, "uploads")',
+                documentationLink: 'https://owasp.org/www-community/attacks/Path_Traversal',
+            }),
+            whitelistExtensions: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.INFO,
+                issueName: 'Whitelist Extensions',
+                description: 'Whitelist allowed file extensions',
+                severity: 'LOW',
+                fix: 'const ALLOWED_EXT = [".txt", ".pdf"]; if (!ALLOWED_EXT.includes(ext)) throw',
+                documentationLink: 'https://owasp.org/www-community/attacks/Path_Traversal',
+            })
+        },
+        schema: [
+            {
+                type: 'object',
+                properties: {
+                    allowLiterals: {
+                        type: 'boolean',
+                        default: false,
+                        description: 'Allow literal string paths'
+                    },
+                    additionalMethods: {
+                        type: 'array',
+                        items: { type: 'string' },
+                        default: [],
+                        description: 'Additional fs methods to check'
+                    },
+                    allowedExtensions: {
+                        type: 'array',
+                        items: { type: 'string' },
+                        default: [],
+                        description: 'Allowed file extensions (e.g., [".txt", ".json"])'
+                    }
+                },
+                additionalProperties: false,
+            },
+        ],
+    },
+    defaultOptions: [
+        {
+            allowLiterals: false,
+            additionalMethods: []
+        },
+    ],
+    create(context) {
+        const options = context.options[0] || {};
+        const { allowLiterals = false, additionalMethods = [] } = options || {};
+        /**
+         * File system methods that can be dangerous with user input
+         */
+        const dangerousMethods = [
+            'readFile', 'readFileSync',
+            'writeFile', 'writeFileSync',
+            'appendFile', 'appendFileSync',
+            'stat', 'statSync',
+            'lstat', 'lstatSync',
+            'readdir', 'readdirSync',
+            'unlink', 'unlinkSync',
+            'mkdir', 'mkdirSync',
+            'rmdir', 'rmdirSync',
+            'access', 'accessSync',
+            'createReadStream', 'createWriteStream',
+            ...additionalMethods
+        ];
+        /**
+         * Check if a node is a literal string (safe)
+         */
+        const isLiteralString = (node) => {
+            return node.type === 'Literal' && typeof node.value === 'string';
+        };
+        /**
+         * Check if path has dangerous patterns like ../ or ..\
+         */
+        const hasTraversalPatterns = (pathStr) => {
+            return /\.\.[/\\]/.test(pathStr) || /^\.\.[/\\]/.test(pathStr);
+        };
+        /**
+         * Extract path argument from fs call
+         */
+        const extractPathArgument = (node) => {
+            const method = node.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
+                node.callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier
+                ? node.callee.property.name
+                : 'unknown';
+            const operation = FS_OPERATIONS.find(op => op.method === method) || null;
+            // First argument is usually the path
+            const pathNode = node.arguments.length > 0 ? node.arguments[0] : null;
+            const sourceCode = context.sourceCode || context.sourceCode;
+            const path = pathNode ? sourceCode.getText(pathNode) : '';
+            return { path, pathNode, method, operation };
+        };
+        /**
+         * Determine if the path argument is potentially dangerous
+         */
+        const isDangerousPath = (pathNode, pathStr) => {
+            // Allow literals if configured
+            if (allowLiterals && pathNode && isLiteralString(pathNode)) {
+                return false;
+            }
+            // Check for obvious traversal patterns in literals
+            if (pathNode && isLiteralString(pathNode) && hasTraversalPatterns(pathStr)) {
+                return true;
+            }
+            // SAFE: path.join(__dirname, 'literal', 'path') with all literal args
+            if (pathNode && isSafePathConstruction(pathNode)) {
+                return false;
+            }
+            // SAFE: Path variable inside validated if-block with startsWith check
+            if (pathNode && hasPathValidation(pathNode)) {
+                return false;
+            }
+            // Any non-literal is dangerous
+            return !pathNode || !isLiteralString(pathNode);
+        };
+        /**
+         * Check if path is constructed safely using path.join/__dirname with literal args
+         *
+         * Safe patterns:
+         * - path.join(__dirname, 'data', 'file.json')
+         * - path.resolve(__dirname, 'uploads')
+         */
+        const isSafePathConstruction = (pathNode) => {
+            if (pathNode.type !== eslint_devkit_1.AST_NODE_TYPES.CallExpression) {
+                return false;
+            }
+            const callee = pathNode.callee;
+            if (callee.type !== eslint_devkit_1.AST_NODE_TYPES.MemberExpression ||
+                callee.object.type !== eslint_devkit_1.AST_NODE_TYPES.Identifier ||
+                callee.object.name !== 'path' ||
+                callee.property.type !== eslint_devkit_1.AST_NODE_TYPES.Identifier) {
+                return false;
+            }
+            const method = callee.property.name;
+            if (!['join', 'resolve'].includes(method)) {
+                return false;
+            }
+            const args = pathNode.arguments;
+            if (args.length === 0) {
+                return false;
+            }
+            // First arg should be __dirname or a literal
+            const firstArg = args[0];
+            const isFirstArgSafe = (firstArg.type === eslint_devkit_1.AST_NODE_TYPES.Identifier && firstArg.name === '__dirname') ||
+                (firstArg.type === eslint_devkit_1.AST_NODE_TYPES.Literal && typeof firstArg.value === 'string');
+            if (!isFirstArgSafe) {
+                return false;
+            }
+            // All remaining args should be literals
+            for (let i = 1; i < args.length; i++) {
+                const arg = args[i];
+                if (arg.type !== eslint_devkit_1.AST_NODE_TYPES.Literal || typeof arg.value !== 'string') {
+                    return false;
+                }
+                // Also check for traversal patterns in literals
+                if (hasTraversalPatterns(String(arg.value))) {
+                    return false;
+                }
+            }
+            return true;
+        };
+        /**
+         * Check if the path variable has been validated with startsWith()
+         *
+         * Safe patterns:
+         * 1. Inside if-block: if (safePath.startsWith(SAFE_DIR)) { fs.readFileSync(safePath); }
+         * 2. After guard clause: if (!safePath.startsWith(SAFE_DIR)) { throw }; fs.readFileSync(safePath);
+         */
+        const hasPathValidation = (pathNode) => {
+            if (pathNode.type !== eslint_devkit_1.AST_NODE_TYPES.Identifier) {
+                return false;
+            }
+            const varName = pathNode.name;
+            // AST-based validation detection (faster than getText + regex)
+            const isStartsWithOrIncludesCall = (testNode) => {
+                // Handle negation: !path.startsWith(...)
+                if (testNode.type === eslint_devkit_1.AST_NODE_TYPES.UnaryExpression &&
+                    testNode.operator === '!' &&
+                    testNode.argument.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression) {
+                    testNode = testNode.argument;
+                }
+                // Pattern: varName.startsWith(...) or varName.includes(...)
+                if (testNode.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression &&
+                    testNode.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
+                    testNode.callee.object.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
+                    testNode.callee.object.name === varName &&
+                    testNode.callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
+                    (testNode.callee.property.name === 'startsWith' ||
+                        testNode.callee.property.name === 'includes')) {
+                    return true;
+                }
+                return false;
+            };
+            const hasEarlyExit = (consequent) => {
+                if (consequent.type === eslint_devkit_1.AST_NODE_TYPES.BlockStatement) {
+                    return consequent.body.some(stmt => stmt.type === eslint_devkit_1.AST_NODE_TYPES.ThrowStatement ||
+                        stmt.type === eslint_devkit_1.AST_NODE_TYPES.ReturnStatement);
+                }
+                return consequent.type === eslint_devkit_1.AST_NODE_TYPES.ThrowStatement ||
+                    consequent.type === eslint_devkit_1.AST_NODE_TYPES.ReturnStatement;
+            };
+            // Walk up to find enclosing IfStatement or BlockStatement
+            let current = pathNode.parent;
+            let foundFunctionBody = false;
+            while (current && !foundFunctionBody) {
+                // Check 1: Inside an if-block with validation
+                if (current.type === eslint_devkit_1.AST_NODE_TYPES.IfStatement) {
+                    if (isStartsWithOrIncludesCall(current.test)) {
+                        return true;
+                    }
+                }
+                // Check 2: In a function body, look for preceding sibling if-statements with guard clause
+                if (current.type === eslint_devkit_1.AST_NODE_TYPES.BlockStatement && current.parent && (current.parent.type === eslint_devkit_1.AST_NODE_TYPES.FunctionDeclaration ||
+                    current.parent.type === eslint_devkit_1.AST_NODE_TYPES.FunctionExpression ||
+                    current.parent.type === eslint_devkit_1.AST_NODE_TYPES.ArrowFunctionExpression)) {
+                    foundFunctionBody = true;
+                    const blockBody = current.body;
+                    const nodeIndex = blockBody.findIndex((stmt) => {
+                        let check = pathNode;
+                        while (check) {
+                            if (check === stmt)
+                                return true;
+                            check = check.parent;
+                        }
+                        return false;
+                    });
+                    // Look at preceding statements for validation patterns with early exit
+                    for (let i = 0; i < nodeIndex; i++) {
+                        const stmt = blockBody[i];
+                        if (stmt.type === eslint_devkit_1.AST_NODE_TYPES.IfStatement &&
+                            isStartsWithOrIncludesCall(stmt.test) &&
+                            hasEarlyExit(stmt.consequent)) {
+                            return true;
+                        }
+                    }
+                }
+                current = current.parent;
+            }
+            return false;
+        };
+        /**
+         * Generate refactoring steps based on the operation
+         */
+        const generateRefactoringSteps = (operation) => {
+            switch (operation.method) {
+                case 'readFile':
+                case 'writeFile':
+                    return [
+                        '   1. Define a SAFE_DIR constant for allowed operations',
+                        '   2. Use path.basename() to strip directory components',
+                        '   3. Combine with SAFE_DIR: path.join(SAFE_DIR, path.basename(userPath))',
+                        '   4. Optionally validate file extensions',
+                        '   5. Add error handling for invalid paths'
+                    ].join('\n');
+                case 'stat':
+                    return [
+                        '   1. Use path.resolve() to normalize the path',
+                        '   2. Check if resolved path starts with allowed base directory',
+                        '   3. Reject requests that escape the allowed directory',
+                        '   4. Use path.relative() for additional validation',
+                        '   5. Log security events for monitoring'
+                    ].join('\n');
+                case 'readdir':
+                    return [
+                        '   1. Resolve the directory path: path.resolve(ALLOWED_DIRS, userDir)',
+                        '   2. Validate resolved path starts with ALLOWED_DIRS',
+                        '   3. Check directory exists and is readable',
+                        '   4. Consider whitelisting allowed directories',
+                        '   5. Add rate limiting to prevent enumeration attacks'
+                    ].join('\n');
+                default:
+                    return [
+                        '   1. Identify the specific file operation needed',
+                        '   2. Define safe base directories for operations',
+                        '   3. Use path.resolve() and validate containment',
+                        '   4. Sanitize user input (basename, extension validation)',
+                        '   5. Add comprehensive error handling'
+                    ].join('\n');
+            }
+        };
+        /**
+         * Determine risk level based on the operation and path
+         */
+        const determineRiskLevel = (operation, pathStr) => {
+            if (hasTraversalPatterns(pathStr)) {
+                return 'CRITICAL';
+            }
+            if (operation.dangerous) {
+                return 'HIGH';
+            }
+            return 'MEDIUM';
+        };
+        /**
+         * Check fs method calls for path traversal vulnerabilities
+         */
+        const checkFsCall = (node) => {
+            // Check if it's an fs method call
+            if (node.callee.type !== 'MemberExpression' ||
+                node.callee.object.type !== 'Identifier' ||
+                node.callee.object.name !== 'fs' ||
+                node.callee.property.type !== 'Identifier') {
+                return;
+            }
+            const methodName = node.callee.property.name;
+            // Skip if not a dangerous method
+            if (!dangerousMethods.includes(methodName)) {
+                return;
+            }
+            const { path, pathNode, method, operation } = extractPathArgument(node);
+            // Check if the path argument is dangerous
+            if (!isDangerousPath(pathNode, path)) {
+                return;
+            }
+            const riskLevel = determineRiskLevel(operation || FS_OPERATIONS[0], path);
+            const steps = operation ? generateRefactoringSteps(operation) : 'Review file system access patterns';
+            const safePattern = operation?.safePattern || 'Use path.resolve() with validation';
+            context.report({
+                node,
+                messageId: 'fsPathTraversal',
+                data: {
+                    method,
+                    path,
+                    riskLevel,
+                    vulnerability: operation?.vulnerability || 'path traversal',
+                    safePattern,
+                    steps,
+                    effort: operation?.effort || '15-20 minutes'
+                },
+                suggest: [
+                    {
+                        messageId: 'usePathResolve',
+                        fix: () => null
+                    },
+                    {
+                        messageId: 'validatePath',
+                        fix: () => null
+                    },
+                    {
+                        messageId: 'useBasename',
+                        fix: () => null
+                    },
+                    {
+                        messageId: 'createSafeDir',
+                        fix: () => null
+                    },
+                    {
+                        messageId: 'whitelistExtensions',
+                        fix: () => null
+                    }
+                ]
+            });
+        };
+        return {
+            CallExpression: checkFsCall
+        };
+    },
+});
+//# sourceMappingURL=index.js.map

package/src/rules/detect-non-literal-fs-filename/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/detect-non-literal-fs-filename/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAWH,4DAA0F;AAC1F,4DAAsD;AAgCtD,MAAM,aAAa,GAAkB;IACnC;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,aAAa;QAC5B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,iCAAiC;YACtC,IAAI,EAAE,wGAAwG;SAC/G;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,WAAW;QACnB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,aAAa;QAC5B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE,8GAA8G;SACrH;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,gBAAgB;QAC/B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,6BAA6B;YAClC,IAAI,EAAE,0IAA0I;SACjJ;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,SAAS;QACjB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,qBAAqB;QACpC,WAAW,EAAE,4CAA4C;QACzD,OAAO,EAAE;YACP,GAAG,EAAE,+BAA+B;YACpC,IAAI,EAAE,iJAAiJ;SACxJ;QACD,MAAM,EAAE,eAAe;KACxB;CACF,CAAC;AAEW,QAAA,0BAA0B,GAAG,IAAA,0BAAU,EAA0B;IAC5E,IAAI,EAAE,gCAAgC;IACtC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,oHAAoH;SAClI;QACD,QAAQ,EAAE;YACR,sFAAsF;YACtF,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,IAAI;gBACV,SAAS,EAAE,gBAAgB;gBAC3B,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,8BAA8B;gBAC3C,QAAQ,EAAE,eAAe;gBACzB,GAAG,EAAE,iBAAiB;gBACtB,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,cAAc,EAAE,IAAA,gCAAgB,EAAC;gBAC/B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,kBAAkB;gBAC7B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,mCAAmC;gBACxC,iBAAiB,EAAE,mDAAmD;aACvE,CAAC;YACF,YAAY,EAAE,IAAA,gCAAgB,EAAC;gBAC7B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,eAAe;gBAC1B,WAAW,EAAE,iDAAiD;gBAC9D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,uDAAuD;gBAC5D,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,WAAW,EAAE,IAAA,gCAAgB,EAAC;gBAC5B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,mDAAmD;gBAChE,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,0BAA0B;gBAC/B,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,uBAAuB;gBAClC,WAAW,EAAE,0BAA0B;gBACvC,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,qDAAqD;gBAC1D,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,mBAAmB,EAAE,IAAA,gCAAgB,EAAC;gBACpC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,sBAAsB;gBACjC,WAAW,EAAE,mCAAmC;gBAChD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,6EAA6E;gBAClF,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,aAAa,EAAE;wBACb,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,4BAA4B;qBAC1C;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,gCAAgC;qBAC9C;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,mDAAmD;qBACjE;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,aAAa,EAAE,KAAK;YACpB,iBAAiB,EAAE,EAAE;SACtB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACV,aAAa,GAAG,KAAK,EACf,iBAAiB,GAAG,EAAE,EAE3B,GAAY,OAAO,IAAI,EAAE,CAAC;QAEvB;;WAEG;QACH,MAAM,gBAAgB,GAAG;YACvB,UAAU,EAAE,cAAc;YAC1B,WAAW,EAAE,eAAe;YAC5B,YAAY,EAAE,gBAAgB;YAC9B,MAAM,EAAE,UAAU;YAClB,OAAO,EAAE,WAAW;YACpB,SAAS,EAAE,aAAa;YACxB,QAAQ,EAAE,YAAY;YACtB,OAAO,EAAE,WAAW;YACpB,OAAO,EAAE,WAAW;YACpB,QAAQ,EAAE,YAAY;YACtB,kBAAkB,EAAE,mBAAmB;YACvC,GAAG,iBAAiB;SACrB,CAAC;QAEF;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,IAAmB,EAAW,EAAE;YACvD,OAAO,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC;QACnE,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,oBAAoB,GAAG,CAAC,OAAe,EAAW,EAAE;YACxD,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACjE,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,mBAAmB,GAAG,CAAC,IAA6B,EAKxD,EAAE;YACF,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;gBACrD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;gBACrD,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI;gBAC3B,CAAC,CAAC,SAAS,CAAC;YAE5B,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC;YAEzE,qCAAqC;YACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACtE,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAC5D,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAE1D,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;QAC/C,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,QAA8B,EAAE,OAAe,EAAW,EAAE;YACnF,+BAA+B;YAC/B,IAAI,aAAa,IAAI,QAAQ,IAAI,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3D,OAAO,KAAK,CAAC;YACf,CAAC;YAED,mDAAmD;YACnD,IAAI,QAAQ,IAAI,eAAe,CAAC,QAAQ,CAAC,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3E,OAAO,IAAI,CAAC;YACd,CAAC;YAED,sEAAsE;YACtE,IAAI,QAAQ,IAAI,sBAAsB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACjD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,sEAAsE;YACtE,IAAI,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC5C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,+BAA+B;YAC/B,OAAO,CAAC,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QACjD,CAAC,CAAC;QAEF;;;;;;WAMG;QACH,MAAM,sBAAsB,GAAG,CAAC,QAAuB,EAAW,EAAE;YAClE,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;gBACpD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;YAC/B,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;gBAC/C,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;gBAChD,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,MAAM;gBAC7B,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBACvD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YACpC,IAAI,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC;YAChC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,6CAA6C;YAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACzB,MAAM,cAAc,GAClB,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,IAAI,QAAQ,CAAC,IAAI,KAAK,WAAW,CAAC;gBAC9E,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,QAAQ,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC;YAEnF,IAAI,CAAC,cAAc,EAAE,CAAC;gBACpB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,wCAAwC;YACxC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACrC,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;gBACpB,IAAI,GAAG,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACzE,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,gDAAgD;gBAChD,IAAI,oBAAoB,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBAC5C,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;;;;;WAMG;QACH,MAAM,iBAAiB,GAAG,CAAC,QAAuB,EAAW,EAAE;YAC7D,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBAChD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC;YAE9B,+DAA+D;YAC/D,MAAM,0BAA0B,GAAG,CAAC,QAAuB,EAAW,EAAE;gBACtE,yCAAyC;gBACzC,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe;oBAChD,QAAQ,CAAC,QAAQ,KAAK,GAAG;oBACzB,QAAQ,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;oBAC7D,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC;gBAC/B,CAAC;gBAED,4DAA4D;gBAC5D,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;oBAC/C,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBACxD,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBACzD,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,OAAO;oBACvC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAC3D,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;wBAC9C,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU,CAAC,EAAE,CAAC;oBACnD,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC;YAEF,MAAM,YAAY,GAAG,CAAC,UAA8B,EAAW,EAAE;gBAC/D,IAAI,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;oBACtD,OAAO,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACjC,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;wBAC3C,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,CAC7C,CAAC;gBACJ,CAAC;gBACD,OAAO,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;oBACjD,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,CAAC;YAC5D,CAAC,CAAC;YAEF,0DAA0D;YAC1D,IAAI,OAAO,GAA8B,QAAQ,CAAC,MAAM,CAAC;YACzD,IAAI,iBAAiB,GAAG,KAAK,CAAC;YAE9B,OAAO,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACrC,8CAA8C;gBAC9C,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW,EAAE,CAAC;oBAChD,IAAI,0BAA0B,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC7C,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;gBAED,0FAA0F;gBAC1F,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,IAAI,OAAO,CAAC,MAAM,IAAI,CACpE,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,mBAAmB;oBAC1D,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,kBAAkB;oBACzD,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,uBAAuB,CAAC,EAAE,CAAC;oBAEpE,iBAAiB,GAAG,IAAI,CAAC;oBACzB,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;oBAC/B,MAAM,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,IAAwB,EAAE,EAAE;wBACjE,IAAI,KAAK,GAA8B,QAAQ,CAAC;wBAChD,OAAO,KAAK,EAAE,CAAC;4BACb,IAAI,KAAK,KAAK,IAAI;gCAAE,OAAO,IAAI,CAAC;4BAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC;wBACvB,CAAC;wBACD,OAAO,KAAK,CAAC;oBACf,CAAC,CAAC,CAAC;oBAEH,uEAAuE;oBACvE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;wBACnC,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;wBAC1B,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW;4BACxC,0BAA0B,CAAC,IAAI,CAAC,IAAI,CAAC;4BACrC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;4BAClC,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC;YAC3B,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,SAAsB,EAAU,EAAE;YAClE,QAAQ,SAAS,CAAC,MAAM,EAAE,CAAC;gBACzB,KAAK,UAAU,CAAC;gBAChB,KAAK,WAAW;oBACd,OAAO;wBACL,yDAAyD;wBACzD,yDAAyD;wBACzD,2EAA2E;wBAC3E,2CAA2C;wBAC3C,4CAA4C;qBAC7C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,MAAM;oBACT,OAAO;wBACL,gDAAgD;wBAChD,iEAAiE;wBACjE,yDAAyD;wBACzD,qDAAqD;wBACrD,0CAA0C;qBAC3C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,SAAS;oBACZ,OAAO;wBACL,uEAAuE;wBACvE,uDAAuD;wBACvD,8CAA8C;wBAC9C,iDAAiD;wBACjD,wDAAwD;qBACzD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf;oBACE,OAAO;wBACL,mDAAmD;wBACnD,mDAAmD;wBACnD,mDAAmD;wBACnD,4DAA4D;wBAC5D,wCAAwC;qBACzC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,SAAsB,EAAE,OAAe,EAAU,EAAE;YAC7E,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClC,OAAO,UAAU,CAAC;YACpB,CAAC;YAED,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;gBACxB,OAAO,MAAM,CAAC;YAChB,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,WAAW,GAAG,CAAC,IAA6B,EAAE,EAAE;YACpD,kCAAkC;YAClC,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACxC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI;gBAChC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/C,OAAO;YACT,CAAC;YAED,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YAE7C,iCAAiC;YACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC3C,OAAO;YACT,CAAC;YAED,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAExE,0CAA0C;YAC1C,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,IAAI,CAAC,EAAE,CAAC;gBACrC,OAAO;YACT,CAAC;YAED,MAAM,SAAS,GAAG,kBAAkB,CAAC,SAAS,IAAI,aAAa,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YAC1E,MAAM,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,oCAAoC,CAAC;YACrG,MAAM,WAAW,GAAG,SAAS,EAAE,WAAW,IAAI,oCAAoC,CAAC;YAEnF,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,iBAAiB;gBAC5B,IAAI,EAAE;oBACJ,MAAM;oBACN,IAAI;oBACJ,SAAS;oBACT,aAAa,EAAE,SAAS,EAAE,aAAa,IAAI,gBAAgB;oBAC3D,WAAW;oBACX,KAAK;oBACL,MAAM,EAAE,SAAS,EAAE,MAAM,IAAI,eAAe;iBAC7C;gBACD,OAAO,EAAE;oBACP;wBACE,SAAS,EAAE,gBAAgB;wBAC3B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,cAAc;wBACzB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,aAAa;wBACxB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,qBAAqB;wBAChC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;iBACF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,OAAO;YACL,cAAc,EAAE,WAAW;SAC5B,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}

package/src/rules/detect-suspicious-dependencies/index.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Copyright (c) 2025 Ofri Peretz
+ * Licensed under the MIT License. Use of this source code is governed by the
+ * MIT license that can be found in the LICENSE file.
+ */
+export interface Options {
+}
+type RuleOptions = [Options?];
+export declare const detectSuspiciousDependencies: import("@typescript-eslint/utils/ts-eslint").RuleModule<"violationDetected", RuleOptions, unknown, import("@typescript-eslint/utils/ts-eslint").RuleListener> & {
+    name: string;
+};
+export {};

package/src/rules/detect-suspicious-dependencies/index.js

@@ -0,0 +1,77 @@
+"use strict";
+/**
+ * Copyright (c) 2025 Ofri Peretz
+ * Licensed under the MIT License. Use of this source code is governed by the
+ * MIT license that can be found in the LICENSE file.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.detectSuspiciousDependencies = void 0;
+/**
+ * @fileoverview Detect potential typosquatting in dependencies
+ * @see https://owasp.org/www-project-mobile-top-10/
+ * @see https://cwe.mitre.org/data/definitions/506.html
+ */
+const eslint_devkit_1 = require("@interlace/eslint-devkit");
+exports.detectSuspiciousDependencies = (0, eslint_devkit_1.createRule)({
+    name: 'detect-suspicious-dependencies',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Detect typosquatting in package names',
+        },
+        messages: {
+            violationDetected: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.SECURITY,
+                issueName: 'Suspicious Dependency',
+                cwe: 'CWE-506',
+                description: 'Suspicious package name detected - possible typosquatting',
+                severity: 'HIGH',
+                fix: 'Verify package authenticity on npm registry',
+                documentationLink: 'https://cwe.mitre.org/data/definitions/506.html',
+            })
+        },
+        schema: [],
+    },
+    defaultOptions: [],
+    create(context) {
+        const popularPackages = ['react', 'lodash', 'express', 'axios', 'webpack'];
+        function levenshtein(a, b) {
+            const matrix = [];
+            for (let i = 0; i <= b.length; i++) {
+                matrix[i] = [i];
+            }
+            for (let j = 0; j <= a.length; j++) {
+                matrix[0][j] = j;
+            }
+            for (let i = 1; i <= b.length; i++) {
+                for (let j = 1; j <= a.length; j++) {
+                    if (b.charAt(i - 1) === a.charAt(j - 1)) {
+                        matrix[i][j] = matrix[i - 1][j - 1];
+                    }
+                    else {
+                        matrix[i][j] = Math.min(matrix[i - 1][j - 1] + 1, matrix[i][j - 1] + 1, matrix[i - 1][j] + 1);
+                    }
+                }
+            }
+            return matrix[b.length][a.length];
+        }
+        return {
+            ImportDeclaration(node) {
+                const source = node.source.value;
+                if (typeof source === 'string' && !source.startsWith('.') && !source.startsWith('@')) {
+                    for (const popular of popularPackages) {
+                        const distance = levenshtein(source, popular);
+                        if (distance > 0 && distance <= 2) {
+                            context.report({
+                                node,
+                                messageId: 'violationDetected',
+                                data: { name: source, similar: popular },
+                            });
+                        }
+                    }
+                }
+            },
+        };
+    },
+});
+//# sourceMappingURL=index.js.map

package/src/rules/detect-suspicious-dependencies/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/detect-suspicious-dependencies/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAEH;;;;GAIG;AAEH,4DAAsF;AAUzE,QAAA,4BAA4B,GAAG,IAAA,0BAAU,EAA0B;IAC9E,IAAI,EAAE,gCAAgC;IACtC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,uCAAuC;SACrD;QACD,QAAQ,EAAE;YACR,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,uBAAuB;gBAClC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,2DAA2D;gBACxE,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,6CAA6C;gBAClD,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;SACH;QACD,MAAM,EAAE,EAAE;KACX;IACD,cAAc,EAAE,EAAE;IAClB,MAAM,CAAC,OAAO;QACZ,MAAM,eAAe,GAAG,CAAC,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QAE3E,SAAS,WAAW,CAAC,CAAS,EAAE,CAAS;YACvC,MAAM,MAAM,GAAG,EAAE,CAAC;YAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACnC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACnC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACnB,CAAC;YACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACnC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;wBACxC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;oBACtC,CAAC;yBAAM,CAAC;wBACN,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CACrB,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,EACxB,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,EACpB,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CACrB,CAAC;oBACJ,CAAC;gBACH,CAAC;YACH,CAAC;YACD,OAAO,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QACpC,CAAC;QAED,OAAO;YACL,iBAAiB,CAAC,IAAgC;gBAChD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;gBACjC,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBACrF,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;wBACtC,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;wBAC9C,IAAI,QAAQ,GAAG,CAAC,IAAI,QAAQ,IAAI,CAAC,EAAE,CAAC;4BAClC,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI;gCACJ,SAAS,EAAE,mBAAmB;gCAC9B,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE;6BACzC,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}

package/src/rules/lock-file/index.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Copyright (c) 2025 Ofri Peretz
+ * Licensed under the MIT License. Use of this source code is governed by the
+ * MIT license that can be found in the LICENSE file.
+ */
+export interface Options {
+    packageManager?: 'npm' | 'yarn' | 'pnpm';
+}
+type RuleOptions = [Options?];
+export declare const lockFile: import("@typescript-eslint/utils/ts-eslint").RuleModule<"violationDetected", RuleOptions, unknown, import("@typescript-eslint/utils/ts-eslint").RuleListener> & {
+    name: string;
+};
+export {};