eslint-plugin-node-security 4.0.2 → 4.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +19 -0
  2. package/README.md +1 -1
  3. package/package.json +1 -1
  4. package/src/index.js +3 -0
  5. package/src/index.js.map +1 -1
  6. package/src/rules/detect-child-process/index.js +183 -6
  7. package/src/rules/detect-child-process/index.js.map +1 -1
  8. package/src/rules/detect-non-literal-fs-filename/index.js +48 -6
  9. package/src/rules/detect-non-literal-fs-filename/index.js.map +1 -1
  10. package/src/rules/no-ssrf/index.d.ts +25 -0
  11. package/src/rules/no-ssrf/index.js +225 -0
  12. package/src/rules/no-ssrf/index.js.map +1 -0
  13. package/src/rules/no-zip-slip/index.js +58 -4
  14. package/src/rules/no-zip-slip/index.js.map +1 -1
package/CHANGELOG.md CHANGED
@@ -1,3 +1,22 @@
1
+ ## [4.0.3] - 2026-02-06
2
+
3
+ ### Bug Fixes
4
+
5
+ - ⚠️ **rules:** reduce false positives across security rules ([af4ca0e7](https://github.com/ofri-peretz/eslint/commit/af4ca0e7))
6
+ - align codecov component names and update docs components ([0a59a86c](https://github.com/ofri-peretz/eslint/commit/0a59a86c))
7
+
8
+ ### ⚠️ Breaking Changes
9
+
10
+ - **rules:** Some previously flagged patterns are now correctly allowed ([af4ca0e7](https://github.com/ofri-peretz/eslint/commit/af4ca0e7))
11
+
12
+ ### ❤️ Thank You
13
+
14
+ - Ofri Peretz
15
+
16
+ ## [4.0.2] - 2026-02-02
17
+
18
+ This was a version bump only for eslint-plugin-node-security to align it with other projects, there were no code changes.
19
+
1
20
  # Changelog
2
21
 
3
22
  All notable changes to `eslint-plugin-node-security` will be documented in this file.
package/README.md CHANGED
@@ -10,7 +10,7 @@
10
10
  <a href="https://www.npmjs.com/package/eslint-plugin-node-security" target="_blank"><img src="https://img.shields.io/npm/v/eslint-plugin-node-security.svg" alt="NPM Version" /></a>
11
11
  <a href="https://www.npmjs.com/package/eslint-plugin-node-security" target="_blank"><img src="https://img.shields.io/npm/dm/eslint-plugin-node-security.svg" alt="NPM Downloads" /></a>
12
12
  <a href="https://opensource.org/licenses/MIT" target="_blank"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="Package License" /></a>
13
- <a href="https://app.codecov.io/gh/ofri-peretz/eslint/components?components%5B0%5D=node-security" target="_blank"><img src="https://codecov.io/gh/ofri-peretz/eslint/graph/badge.svg?component=node-security" alt="Codecov" /></a>
13
+ <a href="https://app.codecov.io/gh/ofri-peretz/eslint/components?components%5B0%5D=node-security" target="_blank"><img src="https://codecov.io/gh/ofri-peretz/eslint/graph/badge.svg?component=eslint-plugin-node-security" alt="Codecov" /></a>
14
14
  <a href="https://github.com/ofri-peretz/eslint" target="_blank"><img src="https://img.shields.io/badge/Since-Dec_2025-blue?logo=rocket&logoColor=white" alt="Since Dec 2025" /></a>
15
15
  </p>
16
16
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "eslint-plugin-node-security",
3
- "version": "4.0.2",
3
+ "version": "4.0.4",
4
4
  "description": "Security-focused ESLint plugin for Node.js built-in modules (fs, child_process, vm, path, Buffer). Detects command injection, path traversal, code execution vulnerabilities with AI-parseable error messages.",
5
5
  "type": "commonjs",
6
6
  "main": "./src/index.js",
package/src/index.js CHANGED
@@ -15,6 +15,7 @@ const no_toctou_vulnerability_1 = require("./rules/no-toctou-vulnerability");
15
15
  const no_zip_slip_1 = require("./rules/no-zip-slip");
16
16
  const no_arbitrary_file_access_1 = require("./rules/no-arbitrary-file-access");
17
17
  const no_data_in_temp_storage_1 = require("./rules/no-data-in-temp-storage");
18
+ const no_ssrf_1 = require("./rules/no-ssrf");
18
19
  // Migrated rules from secure-coding
19
20
  const detect_suspicious_dependencies_1 = require("./rules/detect-suspicious-dependencies");
20
21
  const lock_file_1 = require("./rules/lock-file");
@@ -48,6 +49,7 @@ exports.rules = {
48
49
  'no-zip-slip': no_zip_slip_1.noZipSlip,
49
50
  'no-arbitrary-file-access': no_arbitrary_file_access_1.noArbitraryFileAccess,
50
51
  'no-data-in-temp-storage': no_data_in_temp_storage_1.noDataInTempStorage,
52
+ 'no-ssrf': no_ssrf_1.noSsrf,
51
53
  // Migrated rules
52
54
  'detect-suspicious-dependencies': detect_suspicious_dependencies_1.detectSuspiciousDependencies,
53
55
  'lock-file': lock_file_1.lockFile,
@@ -89,6 +91,7 @@ const recommendedRules = {
89
91
  'node-security/no-zip-slip': 'error',
90
92
  'node-security/no-arbitrary-file-access': 'error',
91
93
  'node-security/no-data-in-temp-storage': 'error',
94
+ 'node-security/no-ssrf': 'error',
92
95
  // Migrated Rules
93
96
  'node-security/detect-suspicious-dependencies': 'warn',
94
97
  'node-security/lock-file': 'error',
package/src/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../packages/eslint-plugin-node-security/src/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAEH,uEAAkE;AAClE,qFAA+E;AAC/E,2FAAoF;AACpF,iFAA2E;AAC3E,mEAA8D;AAC9D,6EAAwE;AACxE,qDAAgD;AAChD,+EAAyE;AACzE,6EAAsE;AAEtE,oCAAoC;AACpC,2FAAsF;AACtF,iDAA6C;AAC7C,yFAAmF;AACnF,uFAAkF;AAClF,iGAA2F;AAC3F,6EAAwE;AACxE,mFAA8E;AAC9E,mEAA8D;AAE9D,6BAA6B;AAC7B,qDAAiD;AACjD,6EAAuE;AACvE,qFAA+E;AAC/E,qDAAgD;AAChD,mFAA6E;AAC7E,6EAAuE;AACvE,uEAAiE;AACjE,uDAAkD;AAClD,uDAAkD;AAClD,+EAAyE;AACzE,+EAAyE;AACzE,2EAAqE;AACrE,uEAAkE;AAIrD,QAAA,KAAK,GAAoE;IACpF,sBAAsB,EAAE,yCAAkB;IAC1C,6BAA6B,EAAE,sDAAwB;IACvD,gCAAgC,EAAE,2DAA0B;IAC5D,2BAA2B,EAAE,kDAAsB;IACnD,oBAAoB,EAAE,qCAAgB;IACtC,yBAAyB,EAAE,+CAAqB;IAChD,aAAa,EAAE,uBAAS;IACxB,0BAA0B,EAAE,gDAAqB;IACjD,yBAAyB,EAAE,6CAAmB;IAE9C,iBAAiB;IACjB,gCAAgC,EAAE,6DAA4B;IAC9D,WAAW,EAAE,oBAAQ;IACrB,+BAA+B,EAAE,0DAA0B;IAC3D,8BAA8B,EAAE,yDAA0B;IAC1D,mCAAmC,EAAE,kEAA8B;IACnE,yBAAyB,EAAE,+CAAqB;IAChD,4BAA4B,EAAE,qDAAwB;IACtD,oBAAoB,EAAE,qCAAgB;IAEtC,wBAAwB;IACxB,aAAa,EAAE,wBAAU;IACzB,yBAAyB,EAAE,8CAAoB;IAC/C,6BAA6B,EAAE,sDAAwB;IACvD,aAAa,EAAE,uBAAS;IACxB,4BAA4B,EAAE,oDAAuB;IACrD,yBAAyB,EAAE,8CAAoB;IAC/C,sBAAsB,EAAE,wCAAiB;IACzC,cAAc,EAAE,yBAAU;IAC1B,cAAc,EAAE,yBAAU;IAC1B,0BAA0B,EAAE,gDAAqB;IACjD,0BAA0B,EAAE,gDAAqB;IACjD,wBAAwB,EAAE,4CAAmB;IAC7C,sBAAsB,EAAE,yCAAkB;CAC3C,CAAC;AAEW,QAAA,MAAM,GAA+B;IAChD,IAAI,EAAE;QACJ,IAAI,EAAE,6BAA6B;QACnC,OAAO,EAAE,OAAO;KACjB;IACD,KAAK,EAAL,aAAK;CACN,CAAC;AAEF,MAAM,gBAAgB,GAAkD;IACtE,oCAAoC,EAAE,OAAO;IAC7C,2CAA2C,EAAE,OAAO;IACpD,8CAA8C,EAAE,OAAO;IACvD,yCAAyC,EAAE,OAAO;IAClD,kCAAkC,EAAE,OAAO;IAC3C,uCAAuC,EAAE,OAAO;IAChD,2BAA2B,EAAE,OAAO;IACpC,wCAAwC,EAAE,OAAO;IACjD,uCAAuC,EAAE,OAAO;IAEhD,iBAAiB;IACjB,8CAA8C,EAAE,MAAM;IACtD,yBAAyB,EAAE,OAAO;IAClC,4CAA4C,EAAE,OAAO;IAErD,8BAA8B;IAC9B,sCAAsC,EAAE,OAAO;IAC/C,wCAAwC,EAAE,OAAO;IACjD,4BAA4B,EAAE,OAAO;IACrC,2BAA2B,EAAE,OAAO;IACpC,2BAA2B,EAAE,MAAM;CACpC,CAAC;AAEW,QAAA,OAAO,GAA+C;IACjE,WAAW,EAAE;QACX,OAAO,EAAE;YACP,eAAe,EAAE,cAAM;SACxB;QACD,KAAK,EAAE,gBAAgB;KACa;IACtC,MAAM,EAAE;QACN,OAAO,EAAE;YACP,eAAe,EAAE,cAAM;SACxB;QACD,KAAK,EAAE,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,IAAI,CAAC,aAAK,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,iBAAiB,QAAQ,EAAE,EAAE,OAAO,CAAC,CAAC,CAC3E;KACmC;CACvC,CAAC;AAGF,kBAAe,cAAM,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../packages/eslint-plugin-node-security/src/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAEH,uEAAkE;AAClE,qFAA+E;AAC/E,2FAAoF;AACpF,iFAA2E;AAC3E,mEAA8D;AAC9D,6EAAwE;AACxE,qDAAgD;AAChD,+EAAyE;AACzE,6EAAsE;AACtE,6CAAyC;AAEzC,oCAAoC;AACpC,2FAAsF;AACtF,iDAA6C;AAC7C,yFAAmF;AACnF,uFAAkF;AAClF,iGAA2F;AAC3F,6EAAwE;AACxE,mFAA8E;AAC9E,mEAA8D;AAE9D,6BAA6B;AAC7B,qDAAiD;AACjD,6EAAuE;AACvE,qFAA+E;AAC/E,qDAAgD;AAChD,mFAA6E;AAC7E,6EAAuE;AACvE,uEAAiE;AACjE,uDAAkD;AAClD,uDAAkD;AAClD,+EAAyE;AACzE,+EAAyE;AACzE,2EAAqE;AACrE,uEAAkE;AAIrD,QAAA,KAAK,GAAoE;IACpF,sBAAsB,EAAE,yCAAkB;IAC1C,6BAA6B,EAAE,sDAAwB;IACvD,gCAAgC,EAAE,2DAA0B;IAC5D,2BAA2B,EAAE,kDAAsB;IACnD,oBAAoB,EAAE,qCAAgB;IACtC,yBAAyB,EAAE,+CAAqB;IAChD,aAAa,EAAE,uBAAS;IACxB,0BAA0B,EAAE,gDAAqB;IACjD,yBAAyB,EAAE,6CAAmB;IAC9C,SAAS,EAAE,gBAAM;IAEjB,iBAAiB;IACjB,gCAAgC,EAAE,6DAA4B;IAC9D,WAAW,EAAE,oBAAQ;IACrB,+BAA+B,EAAE,0DAA0B;IAC3D,8BAA8B,EAAE,yDAA0B;IAC1D,mCAAmC,EAAE,kEAA8B;IACnE,yBAAyB,EAAE,+CAAqB;IAChD,4BAA4B,EAAE,qDAAwB;IACtD,oBAAoB,EAAE,qCAAgB;IAEtC,wBAAwB;IACxB,aAAa,EAAE,wBAAU;IACzB,yBAAyB,EAAE,8CAAoB;IAC/C,6BAA6B,EAAE,sDAAwB;IACvD,aAAa,EAAE,uBAAS;IACxB,4BAA4B,EAAE,oDAAuB;IACrD,yBAAyB,EAAE,8CAAoB;IAC/C,sBAAsB,EAAE,wCAAiB;IACzC,cAAc,EAAE,yBAAU;IAC1B,cAAc,EAAE,yBAAU;IAC1B,0BAA0B,EAAE,gDAAqB;IACjD,0BAA0B,EAAE,gDAAqB;IACjD,wBAAwB,EAAE,4CAAmB;IAC7C,sBAAsB,EAAE,yCAAkB;CAC3C,CAAC;AAEW,QAAA,MAAM,GAA+B;IAChD,IAAI,EAAE;QACJ,IAAI,EAAE,6BAA6B;QACnC,OAAO,EAAE,OAAO;KACjB;IACD,KAAK,EAAL,aAAK;CACN,CAAC;AAEF,MAAM,gBAAgB,GAAkD;IACtE,oCAAoC,EAAE,OAAO;IAC7C,2CAA2C,EAAE,OAAO;IACpD,8CAA8C,EAAE,OAAO;IACvD,yCAAyC,EAAE,OAAO;IAClD,kCAAkC,EAAE,OAAO;IAC3C,uCAAuC,EAAE,OAAO;IAChD,2BAA2B,EAAE,OAAO;IACpC,wCAAwC,EAAE,OAAO;IACjD,uCAAuC,EAAE,OAAO;IAChD,uBAAuB,EAAE,OAAO;IAEhC,iBAAiB;IACjB,8CAA8C,EAAE,MAAM;IACtD,yBAAyB,EAAE,OAAO;IAClC,4CAA4C,EAAE,OAAO;IAErD,8BAA8B;IAC9B,sCAAsC,EAAE,OAAO;IAC/C,wCAAwC,EAAE,OAAO;IACjD,4BAA4B,EAAE,OAAO;IACrC,2BAA2B,EAAE,OAAO;IACpC,2BAA2B,EAAE,MAAM;CACpC,CAAC;AAEW,QAAA,OAAO,GAA+C;IACjE,WAAW,EAAE;QACX,OAAO,EAAE;YACP,eAAe,EAAE,cAAM;SACxB;QACD,KAAK,EAAE,gBAAgB;KACa;IACtC,MAAM,EAAE;QACN,OAAO,EAAE;YACP,eAAe,EAAE,cAAM;SACxB;QACD,KAAK,EAAE,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,IAAI,CAAC,aAAK,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,iBAAiB,QAAQ,EAAE,EAAE,OAAO,CAAC,CAAC,CAC3E;KACmC;CACvC,CAAC;AAGF,kBAAe,cAAM,CAAC"}
package/src/rules/detect-child-process/index.js CHANGED
@@ -284,12 +284,171 @@ exports.detectChildProcess = (0, eslint_devkit_2.createRule)({
284
284
  return false;
285
285
  };
286
286
  /**
287
- * Check if arguments contain only literals (safe)
287
+ * Check if command and arguments are literals (safe for execFile/spawn patterns)
288
+ * We only care about the command (arg 0) and args array (arg 1).
289
+ * The options object (arg 2) is irrelevant for command injection.
288
290
  */
289
291
  const hasOnlyLiteralArgs = (args) => {
290
- return args.every(arg => arg.type === 'Literal' ||
291
- (arg.type === 'ArrayExpression' &&
292
- arg.elements.every((el) => el?.type === 'Literal')));
292
+ if (args.length === 0)
293
+ return false;
294
+ // First argument must be a literal string (the command)
295
+ const command = args[0];
296
+ if (command.type !== 'Literal' || typeof command.value !== 'string') {
297
+ return false;
298
+ }
299
+ // Second argument (if present) must be a literal array of literal strings
300
+ if (args.length >= 2) {
301
+ const argsArray = args[1];
302
+ if (argsArray.type === 'ArrayExpression') {
303
+ const allLiteralElements = argsArray.elements.every((el) => el?.type === 'Literal' && typeof el.value === 'string');
304
+ if (!allLiteralElements) {
305
+ return false;
306
+ }
307
+ }
308
+ else if (argsArray.type !== 'Literal') {
309
+ // If second arg is not array or literal, it's dynamic
310
+ return false;
311
+ }
312
+ }
313
+ // Options object (arg 2+) is irrelevant for command injection safety
314
+ // It may contain callbacks, cwd, env, etc. which are not injection vectors
315
+ return true;
316
+ };
317
+ /**
318
+ * Check if spawn/spawnSync has { shell: false } option
319
+ */
320
+ const hasShellFalseOption = (node) => {
321
+ // Options is typically the 3rd argument for spawn(cmd, args, options)
322
+ const optionsArg = node.arguments[2];
323
+ if (!optionsArg || optionsArg.type !== eslint_devkit_1.AST_NODE_TYPES.ObjectExpression) {
324
+ // No options = default shell: false for spawn
325
+ return true;
326
+ }
327
+ for (const prop of optionsArg.properties) {
328
+ if (prop.type === eslint_devkit_1.AST_NODE_TYPES.Property &&
329
+ prop.key.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
330
+ prop.key.name === 'shell') {
331
+ // shell: false is safe
332
+ if (prop.value.type === eslint_devkit_1.AST_NODE_TYPES.Literal && prop.value.value === false) {
333
+ return true;
334
+ }
335
+ // shell: true or shell: someVar is not safe
336
+ return false;
337
+ }
338
+ }
339
+ // No shell property = default is false = safe
340
+ return true;
341
+ };
342
+ /**
343
+ * Check if a variable is validated against an allowlist before use
344
+ * Looks for patterns like: if (ALLOWED.includes(arg)) or if (!ALLOWED.includes(arg)) { return/throw }
345
+ */
346
+ const hasPrecedingAllowlistValidation = (node) => {
347
+ // Helper: check if an arg node contains a validated variable
348
+ const makeArgChecker = (validatedVarNames) => {
349
+ const check = (argNode) => {
350
+ if (argNode.type === 'Identifier' && validatedVarNames.has(argNode.name))
351
+ return true;
352
+ if (argNode.type === 'TemplateLiteral') {
353
+ return argNode.expressions.some(e => e.type === 'Identifier' && validatedVarNames.has(e.name));
354
+ }
355
+ if (argNode.type === eslint_devkit_1.AST_NODE_TYPES.ArrayExpression) {
356
+ return argNode.elements.some(el => el != null && check(el));
357
+ }
358
+ return false;
359
+ };
360
+ return check;
361
+ };
362
+ // Helper: check if a guard clause IfStatement validates any of our call's args
363
+ const checkGuardClause = (ifNode) => {
364
+ const test = ifNode.test;
365
+ // Pattern 1: if (ALLOWED.includes(arg)) { ... our call is inside ... }
366
+ if (test.type === 'CallExpression' &&
367
+ test.callee.type === 'MemberExpression' &&
368
+ test.callee.property.type === 'Identifier' &&
369
+ test.callee.property.name === 'includes') {
370
+ const validatedVarNames = new Set();
371
+ for (const testArg of test.arguments) {
372
+ if (testArg.type === 'Identifier')
373
+ validatedVarNames.add(testArg.name);
374
+ }
375
+ const check = makeArgChecker(validatedVarNames);
376
+ for (const arg of node.arguments) {
377
+ if (check(arg))
378
+ return true;
379
+ }
380
+ }
381
+ // Pattern 2: if (!ALLOWED.includes(arg)) { throw/return } — guard clause
382
+ if (test.type === eslint_devkit_1.AST_NODE_TYPES.UnaryExpression && test.operator === '!' &&
383
+ test.argument.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression &&
384
+ test.argument.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
385
+ test.argument.callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
386
+ test.argument.callee.property.name === 'includes') {
387
+ const consequent = ifNode.consequent;
388
+ const isGuardBody = (consequent.type === eslint_devkit_1.AST_NODE_TYPES.ReturnStatement ||
389
+ consequent.type === eslint_devkit_1.AST_NODE_TYPES.ThrowStatement ||
390
+ (consequent.type === eslint_devkit_1.AST_NODE_TYPES.BlockStatement &&
391
+ consequent.body.length > 0 &&
392
+ (consequent.body[0].type === eslint_devkit_1.AST_NODE_TYPES.ReturnStatement ||
393
+ consequent.body[0].type === eslint_devkit_1.AST_NODE_TYPES.ThrowStatement)));
394
+ if (isGuardBody) {
395
+ const validatedVarNames = new Set();
396
+ for (const testArg of test.argument.arguments) {
397
+ if (testArg.type === 'Identifier')
398
+ validatedVarNames.add(testArg.name);
399
+ }
400
+ const check = makeArgChecker(validatedVarNames.size > 0 ? validatedVarNames : new Set(['*']));
401
+ // If we have specific validated var names, check them; otherwise check any identifier
402
+ if (validatedVarNames.size > 0) {
403
+ for (const arg of node.arguments) {
404
+ if (check(arg))
405
+ return true;
406
+ }
407
+ }
408
+ else {
409
+ // No specific args in includes() - treat as generic guard
410
+ for (const arg of node.arguments) {
411
+ if (arg.type === 'Identifier' ||
412
+ (arg.type === eslint_devkit_1.AST_NODE_TYPES.ArrayExpression && arg.elements.some(el => el?.type === 'Identifier'))) {
413
+ return true;
414
+ }
415
+ }
416
+ }
417
+ }
418
+ }
419
+ return false;
420
+ };
421
+ // Pass 1: Walk up parent chain looking for ancestor IfStatements
422
+ let current = node.parent;
423
+ while (current) {
424
+ if (current.type === 'IfStatement') {
425
+ if (checkGuardClause(current))
426
+ return true;
427
+ }
428
+ current = current.parent;
429
+ }
430
+ // Pass 2: Look for guard clause IfStatements as preceding siblings in the same block
431
+ // This handles: function f(x) { if (!allowed.includes(x)) throw ...; execFile('cmd', [x]); }
432
+ let stmt = node.parent;
433
+ // Walk up to find the statement that contains our call in a block
434
+ while (stmt && stmt.parent && stmt.parent.type !== eslint_devkit_1.AST_NODE_TYPES.BlockStatement) {
435
+ stmt = stmt.parent;
436
+ }
437
+ if (stmt && stmt.parent && stmt.parent.type === eslint_devkit_1.AST_NODE_TYPES.BlockStatement) {
438
+ const block = stmt.parent;
439
+ const callIndex = block.body.indexOf(stmt);
440
+ if (callIndex > 0) {
441
+ // Check preceding siblings for guard clause IfStatements
442
+ for (let i = 0; i < callIndex; i++) {
443
+ const sibling = block.body[i];
444
+ if (sibling.type === 'IfStatement') {
445
+ if (checkGuardClause(sibling))
446
+ return true;
447
+ }
448
+ }
449
+ }
450
+ }
451
+ return false;
293
452
  };
294
453
  /**
295
454
  * Extract command and arguments for analysis
@@ -432,8 +591,26 @@ exports.detectChildProcess = (0, eslint_devkit_2.createRule)({
432
591
  if (allowLiteralStrings && method === 'exec' && !isDynamic) {
433
592
  return;
434
593
  }
435
- // Allow literal spawn if configured
436
- if (allowLiteralSpawn && method === 'spawn' && hasOnlyLiteralArgs(node.arguments)) {
594
+ // Allow safe methods with literal args if configured
595
+ // execFile, execFileSync, spawn, spawnSync are inherently safer than exec
596
+ // when using literal command + literal args array
597
+ const saferMethods = ['spawn', 'spawnSync', 'execFile', 'execFileSync'];
598
+ if (allowLiteralSpawn && saferMethods.includes(method) && hasOnlyLiteralArgs(node.arguments)) {
599
+ return;
600
+ }
601
+ // ALWAYS safe: literal command + ALL literal args (no dynamic input at all).
602
+ // For execFile/execFileSync: no shell by default, all-literal = nothing to inject.
603
+ // For spawn/spawnSync: requires shell:false + all-literal args.
604
+ if (saferMethods.includes(method) && hasOnlyLiteralArgs(node.arguments)) {
605
+ const isExecFile = method === 'execFile' || method === 'execFileSync';
606
+ if (isExecFile || hasShellFalseOption(node)) {
607
+ return;
608
+ }
609
+ }
610
+ // Allow safe methods when args are validated against an allowlist
611
+ // Pattern: if (ALLOWED.includes(arg)) { execFile('cmd', [arg]) }
612
+ const allSafeMethods = ['execFile', 'execFileSync', 'spawn', 'spawnSync'];
613
+ if (allSafeMethods.includes(method) && hasPrecedingAllowlistValidation(node)) {
437
614
  return;
438
615
  }
439
616
  // Report the security issue
package/src/rules/detect-child-process/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/detect-child-process/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAWH,4DAA0E;AAC1E,4DAAsD;AAyCtD,MAAM,gBAAgB,GAAqB;IACzC;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,UAAU,EAAE,OAAO,CAAC;QACvC,OAAO,EAAE;YACP,GAAG,EAAE,8BAA8B;YACnC,IAAI,EAAE;gBACJ,yDAAyD;gBACzD,sDAAsD;aACvD;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC;QAC/C,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE;gBACJ,mEAAmE;gBACnE,gEAAgE;aACjE;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,OAAO;QACf,SAAS,EAAE,KAAK;QAChB,aAAa,EAAE,oBAAoB;QACnC,gBAAgB,EAAE,CAAC,uBAAuB,CAAC;QAC3C,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE;gBACJ,wDAAwD;gBACxD,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,OAAO,CAAC;QAC3B,OAAO,EAAE;YACP,GAAG,EAAE,2CAA2C;YAChD,IAAI,EAAE;gBACJ,wDAAwD;gBACxD,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,cAAc;QACtB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,WAAW,CAAC;QAC/B,OAAO,EAAE;YACP,GAAG,EAAE,qCAAqC;YAC1C,IAAI,EAAE;gBACJ,4DAA4D;gBAC5D,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,WAAW;QACnB,SAAS,EAAE,KAAK;QAChB,aAAa,EAAE,oBAAoB;QACnC,gBAAgB,EAAE,CAAC,2BAA2B,CAAC;QAC/C,OAAO,EAAE;YACP,GAAG,EAAE,4CAA4C;YACjD,IAAI,EAAE;gBACJ,4DAA4D;gBAC5D,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,OAAO,CAAC;QAC3B,OAAO,EAAE;YACP,GAAG,EAAE,kBAAkB;YACvB,IAAI,EAAE;gBACJ,oDAAoD;gBACpD,+BAA+B;aAChC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,WAAW,CAAC;QAC/B,OAAO,EAAE;YACP,GAAG,EAAE,sBAAsB;YAC3B,IAAI,EAAE;gBACJ,4EAA4E;gBAC5E,+BAA+B;aAChC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;CACF,CAAC;AAEW,QAAA,kBAAkB,GAAG,IAAA,0BAAU,EAA0B;IACpE,IAAI,EAAE,sBAAsB;IAC5B,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,8DAA8D;SAC5E;QACD,QAAQ,EAAE;YACR,8EAA8E;YAC9E,4BAA4B,EAAE,IAAA,gCAAgB,EAAC;gBAC7C,IAAI,EAAE,4BAAY,CAAC,OAAO;gBAC1B,SAAS,EAAE,mBAAmB;gBAC9B,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,4BAA4B;gBACzC,QAAQ,EAAE,UAAU;gBACpB,GAAG,EAAE,uDAAuD;gBAC5D,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,WAAW,EAAE,IAAA,gCAAgB,EAAC;gBAC5B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,cAAc;gBACzB,WAAW,EAAE,oCAAoC;gBACjD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,+CAA+C;gBACpD,iBAAiB,EAAE,2FAA2F;aAC/G,CAAC;YACF,QAAQ,EAAE,IAAA,gCAAgB,EAAC;gBACzB,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,WAAW;gBACtB,WAAW,EAAE,qCAAqC;gBAClD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,4CAA4C;gBACjD,iBAAiB,EAAE,kFAAkF;aACtG,CAAC;YACF,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,uCAAuC;gBAC5C,iBAAiB,EAAE,uCAAuC;aAC3D,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,gBAAgB;gBAC3B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,+CAA+C;gBACpD,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,eAAe;gBAC1B,WAAW,EAAE,yBAAyB;gBACtC,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,kDAAkD;gBACvD,iBAAiB,EAAE,iFAAiF;aACrG,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,gCAAgC;gBAC7C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,mDAAmD;gBACxD,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,gDAAgD;gBACrD,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,sCAAsC;gBACnD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,wCAAwC;gBAC7C,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,mBAAmB,EAAE;wBACnB,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,mCAAmC;qBACjD;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,sCAAsC;qBACpD;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,2CAA2C;qBACzD;oBACD,QAAQ,EAAE;wBACR,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,CAAC;wBAClD,OAAO,EAAE,MAAM;wBACf,WAAW,EAAE,gEAAgE;qBAC9E;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,mBAAmB,EAAE,KAAK;YAC1B,iBAAiB,EAAE,KAAK;YACxB,iBAAiB,EAAE,EAAE;YACrB,QAAQ,EAAE,MAAM;SACjB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACJ,mBAAmB,GAAG,KAAK,EAC3B,iBAAiB,GAAG,KAAK,EACzB,iBAAiB,GAAG,EAAE,GACvB,GAAY,OAAO,IAAI,EAAE,CAAC;QAE3B;;WAEG;QACH,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;YAClC,MAAM;YACN,UAAU;YACV,UAAU;YACV,cAAc;YACd,OAAO;YACP,WAAW;YACX,MAAM;YACN,UAAU;YACV,GAAG,iBAAiB;SACrB,CAAC,CAAC;QAEH;;;WAGG;QACH,MAAM,aAAa,GAAG,IAAI,GAAG,CAAS,CAAC,eAAe,CAAC,CAAC,CAAC;QACzD,MAAM,eAAe,GAAG,IAAI,GAAG,EAAU,CAAC;QAE1C;;WAEG;QACH,MAAM,sBAAsB,GAAG,CAAC,IAAmB,EAAW,EAAE;YAC9D,IAAI,IAAI,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;gBACpC,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;YACrC,CAAC;YAED,IAAI,IAAI,CAAC,IAAI,KAAK,kBAAkB,IAAI,IAAI,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;gBAC9D,OAAO,IAAI,CAAC;YACd,CAAC;YAED,gCAAgC;YAChC,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/B,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,IAAqB,EAAW,EAAE;YAC5D,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CACtB,GAAG,CAAC,IAAI,KAAK,SAAS;gBACtB,CAAC,GAAG,CAAC,IAAI,KAAK,iBAAiB;oBAC9B,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAwB,EAAE,EAAE,CAAC,EAAE,EAAE,IAAI,KAAK,SAAS,CAAC,CAAC,CAC3E,CAAC;QACJ,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,IAA6B,EAKvD,EAAE;YACF,IAAI,MAAM,GAAG,SAAS,CAAC;YACvB,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/C,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YACrC,CAAC;iBAAM,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC7C,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;YAC5B,CAAC;YAED,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAC5D,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAkB,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAE5F,MAAM,OAAO,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC;YAExE,6CAA6C;YAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,GAAkB,EAAE,EAAE,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC;YAE3F,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;QAC9C,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,OAAuB,EAAU,EAAE;YACnE,QAAQ,OAAO,CAAC,MAAM,EAAE,CAAC;gBACvB,KAAK,MAAM,CAAC;gBACZ,KAAK,UAAU;oBACb,OAAO;wBACL,iDAAiD;wBACjD,gEAAgE;wBAChE,iEAAiE;wBACjE,6CAA6C;wBAC7C,wDAAwD;qBACzD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,OAAO;oBACV,OAAO;wBACL,+DAA+D;wBAC/D,iDAAiD;wBACjD,qDAAqD;wBACrD,iDAAiD;wBACjD,4DAA4D;qBAC7D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,UAAU;oBACb,OAAO;wBACL,2DAA2D;wBAC3D,8CAA8C;wBAC9C,+CAA+C;wBAC/C,iCAAiC;wBACjC,oCAAoC;qBACrC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,cAAc;oBACjB,OAAO;wBACL,mEAAmE;wBACnE,8CAA8C;wBAC9C,+CAA+C;wBAC/C,iCAAiC;wBACjC,oCAAoC;qBACrC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,WAAW;oBACd,OAAO;wBACL,+DAA+D;wBAC/D,iDAAiD;wBACjD,qDAAqD;wBACrD,iDAAiD;wBACjD,6CAA6C;qBAC9C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,MAAM;oBACT,OAAO;wBACL,uDAAuD;wBACvD,mDAAmD;wBACnD,0DAA0D;wBAC1D,iCAAiC;wBACjC,kEAAkE;qBACnE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,UAAU;oBACb,OAAO;wBACL,+DAA+D;wBAC/D,mDAAmD;wBACnD,8DAA8D;wBAC9D,yDAAyD;wBACzD,sEAAsE;qBACvE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf;oBACE,OAAO;wBACL,oDAAoD;wBACpD,+CAA+C;wBAC/C,2DAA2D;wBAC3D,0CAA0C;wBAC1C,kCAAkC;qBACnC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,OAA8B,EAAE,SAAkB,EAAkC,EAAE;YAChH,IAAI,OAAO,EAAE,SAAS,IAAI,SAAS,EAAE,CAAC;gBACpC,OAAO,UAAU,CAAC;YACpB,CAAC;YACD,IAAI,OAAO,EAAE,SAAS,IAAI,SAAS,EAAE,CAAC;gBACpC,OAAO,MAAM,CAAC;YAChB,CAAC;YACD,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,mBAAmB,GAAG,CAC1B,IAA6B,EACyB,EAAE;YACxD,0BAA0B;YAC1B,IACE,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAC1C,CAAC;gBACD,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAC7C,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;oBACzC,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,6CAA6C;gBAC7C,IACE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACxC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAC1C,CAAC;oBACD,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;gBACzD,CAAC;YACH,CAAC;YAED,sDAAsD;YACtD,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,IAAI,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBACnF,IAAI,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1C,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;gBAC/D,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,qBAAqB,GAAG,CAAC,IAA6B,EAAE,EAAE;YAC9D,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO;YACT,CAAC;YAED,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;YAEtE,sCAAsC;YACtC,IAAI,mBAAmB,IAAI,MAAM,KAAK,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;gBAC3D,OAAO;YACT,CAAC;YAED,oCAAoC;YACpC,IAAI,iBAAiB,IAAI,MAAM,KAAK,OAAO,IAAI,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;gBAClF,OAAO;YACT,CAAC;YAED,4BAA4B;YAC5B,MAAM,SAAS,GAAG,kBAAkB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YACzD,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,qCAAqC,CAAC;YAClG,MAAM,YAAY,GAAG,OAAO,EAAE,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,iCAAiC,CAAC;YAE/F,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,8BAA8B;gBACzC,IAAI,EAAE;oBACJ,MAAM;oBACN,IAAI;oBACJ,SAAS;oBACT,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,mBAAmB;oBAC5D,YAAY;oBACZ,KAAK;oBACL,MAAM,EAAE,OAAO,EAAE,MAAM,IAAI,eAAe;iBAC3C;gBACD,OAAO,EAAE;oBACP;wBACE,SAAS,EAAE,aAAa;wBACxB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,UAAU;wBACrB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,iBAAiB;wBAC5B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;iBACF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,uBAAuB,GAAG,CAAC,IAAgC,EAAE,EAAE;YACnE,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,KAAK,eAAe,EAAE,CAAC;gBAC1C,OAAO;YACT,CAAC;YAED,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACxC,IAAI,SAAS,CAAC,IAAI,KAAK,wBAAwB,IAAI,SAAS,CAAC,IAAI,KAAK,0BAA0B,EAAE,CAAC;oBACjG,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC1C,CAAC;gBAED,IAAI,SAAS,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;oBACzC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC5C,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,IAAiC,EAAE,EAAE;YACrE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACf,OAAO;YACT,CAAC;YAED,uCAAuC;YACvC,IACE,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY;gBAC7B,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,gBAAgB;gBACnC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACtC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS;gBACnC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS;gBACzC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,eAAe,EAChD,CAAC;gBACD,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;gBAChC,OAAO;YACT,CAAC;YAED,6CAA6C;YAC7C,IACE,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,eAAe;gBAChC,IAAI,CAAC,IAAI,EAAE,IAAI,KAAK,gBAAgB;gBACpC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACtC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS;gBACnC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS;gBACzC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,eAAe,EAChD,CAAC;gBACD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,UAAU,EAAE,CAAC;oBACtC,IAAI,IAAI,CAAC,IAAI,KAAK,UAAU,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;wBAC/D,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;oBAC1F,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,OAAO;YACL,cAAc,EAAE,qBAAqB;YACrC,iBAAiB,EAAE,uBAAuB;YAC1C,kBAAkB,EAAE,wBAAwB;SAC7C,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/detect-child-process/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAWH,4DAA0F;AAC1F,4DAAsD;AAyCtD,MAAM,gBAAgB,GAAqB;IACzC;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,UAAU,EAAE,OAAO,CAAC;QACvC,OAAO,EAAE;YACP,GAAG,EAAE,8BAA8B;YACnC,IAAI,EAAE;gBACJ,yDAAyD;gBACzD,sDAAsD;aACvD;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC;QAC/C,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE;gBACJ,mEAAmE;gBACnE,gEAAgE;aACjE;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,OAAO;QACf,SAAS,EAAE,KAAK;QAChB,aAAa,EAAE,oBAAoB;QACnC,gBAAgB,EAAE,CAAC,uBAAuB,CAAC;QAC3C,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE;gBACJ,wDAAwD;gBACxD,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,OAAO,CAAC;QAC3B,OAAO,EAAE;YACP,GAAG,EAAE,2CAA2C;YAChD,IAAI,EAAE;gBACJ,wDAAwD;gBACxD,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,cAAc;QACtB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,WAAW,CAAC;QAC/B,OAAO,EAAE;YACP,GAAG,EAAE,qCAAqC;YAC1C,IAAI,EAAE;gBACJ,4DAA4D;gBAC5D,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,WAAW;QACnB,SAAS,EAAE,KAAK;QAChB,aAAa,EAAE,oBAAoB;QACnC,gBAAgB,EAAE,CAAC,2BAA2B,CAAC;QAC/C,OAAO,EAAE;YACP,GAAG,EAAE,4CAA4C;YACjD,IAAI,EAAE;gBACJ,4DAA4D;gBAC5D,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,OAAO,CAAC;QAC3B,OAAO,EAAE;YACP,GAAG,EAAE,kBAAkB;YACvB,IAAI,EAAE;gBACJ,oDAAoD;gBACpD,+BAA+B;aAChC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,WAAW,CAAC;QAC/B,OAAO,EAAE;YACP,GAAG,EAAE,sBAAsB;YAC3B,IAAI,EAAE;gBACJ,4EAA4E;gBAC5E,+BAA+B;aAChC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;CACF,CAAC;AAEW,QAAA,kBAAkB,GAAG,IAAA,0BAAU,EAA0B;IACpE,IAAI,EAAE,sBAAsB;IAC5B,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,8DAA8D;SAC5E;QACD,QAAQ,EAAE;YACR,8EAA8E;YAC9E,4BAA4B,EAAE,IAAA,gCAAgB,EAAC;gBAC7C,IAAI,EAAE,4BAAY,CAAC,OAAO;gBAC1B,SAAS,EAAE,mBAAmB;gBAC9B,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,4BAA4B;gBACzC,QAAQ,EAAE,UAAU;gBACpB,GAAG,EAAE,uDAAuD;gBAC5D,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,WAAW,EAAE,IAAA,gCAAgB,EAAC;gBAC5B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,cAAc;gBACzB,WAAW,EAAE,oCAAoC;gBACjD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,+CAA+C;gBACpD,iBAAiB,EAAE,2FAA2F;aAC/G,CAAC;YACF,QAAQ,EAAE,IAAA,gCAAgB,EAAC;gBACzB,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,WAAW;gBACtB,WAAW,EAAE,qCAAqC;gBAClD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,4CAA4C;gBACjD,iBAAiB,EAAE,kFAAkF;aACtG,CAAC;YACF,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,uCAAuC;gBAC5C,iBAAiB,EAAE,uCAAuC;aAC3D,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,gBAAgB;gBAC3B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,+CAA+C;gBACpD,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,eAAe;gBAC1B,WAAW,EAAE,yBAAyB;gBACtC,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,kDAAkD;gBACvD,iBAAiB,EAAE,iFAAiF;aACrG,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,gCAAgC;gBAC7C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,mDAAmD;gBACxD,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,gDAAgD;gBACrD,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,sCAAsC;gBACnD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,wCAAwC;gBAC7C,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,mBAAmB,EAAE;wBACnB,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,mCAAmC;qBACjD;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,sCAAsC;qBACpD;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,2CAA2C;qBACzD;oBACD,QAAQ,EAAE;wBACR,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,CAAC;wBAClD,OAAO,EAAE,MAAM;wBACf,WAAW,EAAE,gEAAgE;qBAC9E;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,mBAAmB,EAAE,KAAK;YAC1B,iBAAiB,EAAE,KAAK;YACxB,iBAAiB,EAAE,EAAE;YACrB,QAAQ,EAAE,MAAM;SACjB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACJ,mBAAmB,GAAG,KAAK,EAC3B,iBAAiB,GAAG,KAAK,EACzB,iBAAiB,GAAG,EAAE,GACvB,GAAY,OAAO,IAAI,EAAE,CAAC;QAE3B;;WAEG;QACH,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;YAClC,MAAM;YACN,UAAU;YACV,UAAU;YACV,cAAc;YACd,OAAO;YACP,WAAW;YACX,MAAM;YACN,UAAU;YACV,GAAG,iBAAiB;SACrB,CAAC,CAAC;QAEH;;;WAGG;QACH,MAAM,aAAa,GAAG,IAAI,GAAG,CAAS,CAAC,eAAe,CAAC,CAAC,CAAC;QACzD,MAAM,eAAe,GAAG,IAAI,GAAG,EAAU,CAAC;QAE1C;;WAEG;QACH,MAAM,sBAAsB,GAAG,CAAC,IAAmB,EAAW,EAAE;YAC9D,IAAI,IAAI,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;gBACpC,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;YACrC,CAAC;YAED,IAAI,IAAI,CAAC,IAAI,KAAK,kBAAkB,IAAI,IAAI,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;gBAC9D,OAAO,IAAI,CAAC;YACd,CAAC;YAED,gCAAgC;YAChC,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/B,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;;;WAIG;QACH,MAAM,kBAAkB,GAAG,CAAC,IAAqB,EAAW,EAAE;YAC5D,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;YAEpC,wDAAwD;YACxD,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACxB,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,OAAQ,OAA4B,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC1F,OAAO,KAAK,CAAC;YACf,CAAC;YAED,0EAA0E;YAC1E,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;gBACrB,MAAM,SAAS,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;gBAC1B,IAAI,SAAS,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;oBACzC,MAAM,kBAAkB,GAAG,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAwB,EAAE,EAAE,CAC/E,EAAE,EAAE,IAAI,KAAK,SAAS,IAAI,OAAQ,EAAuB,CAAC,KAAK,KAAK,QAAQ,CAC7E,CAAC;oBACF,IAAI,CAAC,kBAAkB,EAAE,CAAC;wBACxB,OAAO,KAAK,CAAC;oBACf,CAAC;gBACH,CAAC;qBAAM,IAAI,SAAS,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;oBACxC,sDAAsD;oBACtD,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YAED,qEAAqE;YACrE,2EAA2E;YAC3E,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,mBAAmB,GAAG,CAAC,IAA6B,EAAW,EAAE;YACrE,sEAAsE;YACtE,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB,EAAE,CAAC;gBACvE,8CAA8C;gBAC9C,OAAO,IAAI,CAAC;YACd,CAAC;YAED,KAAK,MAAM,IAAI,IAAI,UAAU,CAAC,UAAU,EAAE,CAAC;gBACzC,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,QAAQ;oBACrC,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAC3C,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBAC9B,uBAAuB;oBACvB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,IAAI,CAAC,KAAK,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;wBAC7E,OAAO,IAAI,CAAC;oBACd,CAAC;oBACD,4CAA4C;oBAC5C,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YAED,8CAA8C;YAC9C,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;;WAGG;QACH,MAAM,+BAA+B,GAAG,CAAC,IAA6B,EAAW,EAAE;YACjF,6DAA6D;YAC7D,MAAM,cAAc,GAAG,CAAC,iBAA8B,EAAE,EAAE;gBACxD,MAAM,KAAK,GAAG,CAAC,OAAsB,EAAW,EAAE;oBAChD,IAAI,OAAO,CAAC,IAAI,KAAK,YAAY,IAAI,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC;wBAAE,OAAO,IAAI,CAAC;oBACtF,IAAI,OAAO,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;wBACvC,OAAO,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,IAAI,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;oBACjG,CAAC;oBACD,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,EAAE,CAAC;wBACpD,OAAO,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;oBAC9D,CAAC;oBACD,OAAO,KAAK,CAAC;gBACf,CAAC,CAAC;gBACF,OAAO,KAAK,CAAC;YACf,CAAC,CAAC;YAEF,+EAA+E;YAC/E,MAAM,gBAAgB,GAAG,CAAC,MAA4B,EAAW,EAAE;gBACjE,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;gBAEzB,uEAAuE;gBACvE,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB;oBAC9B,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;oBACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;oBAC1C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;oBAC7C,MAAM,iBAAiB,GAAG,IAAI,GAAG,EAAU,CAAC;oBAC5C,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;wBACrC,IAAI,OAAO,CAAC,IAAI,KAAK,YAAY;4BAAE,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;oBACzE,CAAC;oBACD,MAAM,KAAK,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;oBAChD,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;wBACjC,IAAI,KAAK,CAAC,GAAG,CAAC;4BAAE,OAAO,IAAI,CAAC;oBAC9B,CAAC;gBACH,CAAC;gBAED,yEAAyE;gBACzE,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,IAAI,IAAI,CAAC,QAAQ,KAAK,GAAG;oBACrE,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;oBACpD,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBAC7D,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAChE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;oBACtD,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;oBACrC,MAAM,WAAW,GAAG,CAClB,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe;wBAClD,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;wBACjD,CAAC,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;4BACjD,UAAU,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC;4BAC1B,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe;gCAC1D,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,CAAC,CAAC,CAC9D,CAAC;oBACF,IAAI,WAAW,EAAE,CAAC;wBAChB,MAAM,iBAAiB,GAAG,IAAI,GAAG,EAAU,CAAC;wBAC5C,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,CAAC;4BAC9C,IAAI,OAAO,CAAC,IAAI,KAAK,YAAY;gCAAE,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;wBACzE,CAAC;wBACD,MAAM,KAAK,GAAG,cAAc,CAAC,iBAAiB,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;wBAC9F,sFAAsF;wBACtF,IAAI,iBAAiB,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;4BAC/B,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;gCACjC,IAAI,KAAK,CAAC,GAAG,CAAC;oCAAE,OAAO,IAAI,CAAC;4BAC9B,CAAC;wBACH,CAAC;6BAAM,CAAC;4BACN,0DAA0D;4BAC1D,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;gCACjC,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY;oCACzB,CAAC,GAAG,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,KAAK,YAAY,CAAC,CAAC,EAAE,CAAC;oCACxG,OAAO,IAAI,CAAC;gCACd,CAAC;4BACH,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC;YAEF,iEAAiE;YACjE,IAAI,OAAO,GAA8B,IAAI,CAAC,MAAM,CAAC;YACrD,OAAO,OAAO,EAAE,CAAC;gBACf,IAAI,OAAO,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;oBACnC,IAAI,gBAAgB,CAAC,OAAO,CAAC;wBAAE,OAAO,IAAI,CAAC;gBAC7C,CAAC;gBACD,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC;YAC3B,CAAC;YAED,qFAAqF;YACrF,6FAA6F;YAC7F,IAAI,IAAI,GAA8B,IAAI,CAAC,MAAM,CAAC;YAClD,kEAAkE;YAClE,OAAO,IAAI,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;gBACjF,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC;YACrB,CAAC;YACD,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;gBAC9E,MAAM,KAAK,GAAG,IAAI,CAAC,MAAiC,CAAC;gBACrD,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAA0B,CAAC,CAAC;gBACjE,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;oBAClB,yDAAyD;oBACzD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;wBACnC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;wBAC9B,IAAI,OAAO,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;4BACnC,IAAI,gBAAgB,CAAC,OAAO,CAAC;gCAAE,OAAO,IAAI,CAAC;wBAC7C,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,IAA6B,EAKvD,EAAE;YACF,IAAI,MAAM,GAAG,SAAS,CAAC;YACvB,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/C,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YACrC,CAAC;iBAAM,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC7C,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;YAC5B,CAAC;YAED,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAC5D,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAkB,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAE5F,MAAM,OAAO,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC;YAExE,6CAA6C;YAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,GAAkB,EAAE,EAAE,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC;YAE3F,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;QAC9C,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,OAAuB,EAAU,EAAE;YACnE,QAAQ,OAAO,CAAC,MAAM,EAAE,CAAC;gBACvB,KAAK,MAAM,CAAC;gBACZ,KAAK,UAAU;oBACb,OAAO;wBACL,iDAAiD;wBACjD,gEAAgE;wBAChE,iEAAiE;wBACjE,6CAA6C;wBAC7C,wDAAwD;qBACzD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,OAAO;oBACV,OAAO;wBACL,+DAA+D;wBAC/D,iDAAiD;wBACjD,qDAAqD;wBACrD,iDAAiD;wBACjD,4DAA4D;qBAC7D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,UAAU;oBACb,OAAO;wBACL,2DAA2D;wBAC3D,8CAA8C;wBAC9C,+CAA+C;wBAC/C,iCAAiC;wBACjC,oCAAoC;qBACrC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,cAAc;oBACjB,OAAO;wBACL,mEAAmE;wBACnE,8CAA8C;wBAC9C,+CAA+C;wBAC/C,iCAAiC;wBACjC,oCAAoC;qBACrC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,WAAW;oBACd,OAAO;wBACL,+DAA+D;wBAC/D,iDAAiD;wBACjD,qDAAqD;wBACrD,iDAAiD;wBACjD,6CAA6C;qBAC9C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,MAAM;oBACT,OAAO;wBACL,uDAAuD;wBACvD,mDAAmD;wBACnD,0DAA0D;wBAC1D,iCAAiC;wBACjC,kEAAkE;qBACnE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,UAAU;oBACb,OAAO;wBACL,+DAA+D;wBAC/D,mDAAmD;wBACnD,8DAA8D;wBAC9D,yDAAyD;wBACzD,sEAAsE;qBACvE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf;oBACE,OAAO;wBACL,oDAAoD;wBACpD,+CAA+C;wBAC/C,2DAA2D;wBAC3D,0CAA0C;wBAC1C,kCAAkC;qBACnC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,OAA8B,EAAE,SAAkB,EAAkC,EAAE;YAChH,IAAI,OAAO,EAAE,SAAS,IAAI,SAAS,EAAE,CAAC;gBACpC,OAAO,UAAU,CAAC;YACpB,CAAC;YACD,IAAI,OAAO,EAAE,SAAS,IAAI,SAAS,EAAE,CAAC;gBACpC,OAAO,MAAM,CAAC;YAChB,CAAC;YACD,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,mBAAmB,GAAG,CAC1B,IAA6B,EACyB,EAAE;YACxD,0BAA0B;YAC1B,IACE,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAC1C,CAAC;gBACD,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAC7C,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;oBACzC,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,6CAA6C;gBAC7C,IACE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACxC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAC1C,CAAC;oBACD,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;gBACzD,CAAC;YACH,CAAC;YAED,sDAAsD;YACtD,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,IAAI,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBACnF,IAAI,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1C,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;gBAC/D,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,qBAAqB,GAAG,CAAC,IAA6B,EAAE,EAAE;YAC9D,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO;YACT,CAAC;YAED,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;YAEtE,sCAAsC;YACtC,IAAI,mBAAmB,IAAI,MAAM,KAAK,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;gBAC3D,OAAO;YACT,CAAC;YAED,qDAAqD;YACrD,0EAA0E;YAC1E,kDAAkD;YAClD,MAAM,YAAY,GAAG,CAAC,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,cAAc,CAAC,CAAC;YACxE,IAAI,iBAAiB,IAAI,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC7F,OAAO;YACT,CAAC;YAED,6EAA6E;YAC7E,mFAAmF;YACnF,gEAAgE;YAChE,IAAI,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;gBACxE,MAAM,UAAU,GAAG,MAAM,KAAK,UAAU,IAAI,MAAM,KAAK,cAAc,CAAC;gBACtE,IAAI,UAAU,IAAI,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC5C,OAAO;gBACT,CAAC;YACH,CAAC;YAED,kEAAkE;YAClE,iEAAiE;YACjE,MAAM,cAAc,GAAG,CAAC,UAAU,EAAE,cAAc,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;YAC1E,IAAI,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,+BAA+B,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7E,OAAO;YACT,CAAC;YAED,4BAA4B;YAC5B,MAAM,SAAS,GAAG,kBAAkB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YACzD,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,qCAAqC,CAAC;YAClG,MAAM,YAAY,GAAG,OAAO,EAAE,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,iCAAiC,CAAC;YAE/F,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,8BAA8B;gBACzC,IAAI,EAAE;oBACJ,MAAM;oBACN,IAAI;oBACJ,SAAS;oBACT,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,mBAAmB;oBAC5D,YAAY;oBACZ,KAAK;oBACL,MAAM,EAAE,OAAO,EAAE,MAAM,IAAI,eAAe;iBAC3C;gBACD,OAAO,EAAE;oBACP;wBACE,SAAS,EAAE,aAAa;wBACxB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,UAAU;wBACrB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,iBAAiB;wBAC5B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;iBACF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,uBAAuB,GAAG,CAAC,IAAgC,EAAE,EAAE;YACnE,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,KAAK,eAAe,EAAE,CAAC;gBAC1C,OAAO;YACT,CAAC;YAED,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACxC,IAAI,SAAS,CAAC,IAAI,KAAK,wBAAwB,IAAI,SAAS,CAAC,IAAI,KAAK,0BAA0B,EAAE,CAAC;oBACjG,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC1C,CAAC;gBAED,IAAI,SAAS,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;oBACzC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC5C,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,IAAiC,EAAE,EAAE;YACrE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACf,OAAO;YACT,CAAC;YAED,uCAAuC;YACvC,IACE,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY;gBAC7B,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,gBAAgB;gBACnC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACtC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS;gBACnC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS;gBACzC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,eAAe,EAChD,CAAC;gBACD,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;gBAChC,OAAO;YACT,CAAC;YAED,6CAA6C;YAC7C,IACE,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,eAAe;gBAChC,IAAI,CAAC,IAAI,EAAE,IAAI,KAAK,gBAAgB;gBACpC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACtC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS;gBACnC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS;gBACzC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,eAAe,EAChD,CAAC;gBACD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,UAAU,EAAE,CAAC;oBACtC,IAAI,IAAI,CAAC,IAAI,KAAK,UAAU,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;wBAC/D,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;oBAC1F,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,OAAO;YACL,cAAc,EAAE,qBAAqB;YACrC,iBAAiB,EAAE,uBAAuB;YAC1C,kBAAkB,EAAE,wBAAwB;SAC7C,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
package/src/rules/detect-non-literal-fs-filename/index.js CHANGED
@@ -212,6 +212,22 @@ exports.detectNonLiteralFsFilename = (0, eslint_devkit_2.createRule)({
212
212
  if (pathNode && hasPathValidation(pathNode)) {
213
213
  return false;
214
214
  }
215
+ // SAFE: path.join("./base", dynamicVar) where dynamicVar has been validated
216
+ // Extract dynamic identifiers from path.join/resolve calls and check their validation
217
+ if (pathNode && pathNode.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression) {
218
+ const callee = pathNode.callee;
219
+ if (callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
220
+ callee.object.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
221
+ callee.object.name === 'path' &&
222
+ callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
223
+ ['join', 'resolve'].includes(callee.property.name)) {
224
+ // Find any dynamic (non-literal) identifier args and check if they're validated
225
+ const dynamicArgs = pathNode.arguments.filter((arg) => arg.type === eslint_devkit_1.AST_NODE_TYPES.Identifier && arg.name !== '__dirname');
226
+ if (dynamicArgs.length > 0 && dynamicArgs.every((arg) => hasPathValidation(arg))) {
227
+ return false;
228
+ }
229
+ }
230
+ }
215
231
  // Any non-literal is dangerous
216
232
  return !pathNode || !isLiteralString(pathNode);
217
233
  };
@@ -274,16 +290,20 @@ exports.detectNonLiteralFsFilename = (0, eslint_devkit_2.createRule)({
274
290
  }
275
291
  const varName = pathNode.name;
276
292
  // AST-based validation detection (faster than getText + regex)
277
- const isStartsWithOrIncludesCall = (testNode) => {
293
+ const isValidationCall = (testNode) => {
278
294
  // Handle negation: !path.startsWith(...)
295
+ let _isNegated = false;
279
296
  if (testNode.type === eslint_devkit_1.AST_NODE_TYPES.UnaryExpression &&
280
297
  testNode.operator === '!' &&
281
298
  testNode.argument.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression) {
282
299
  testNode = testNode.argument;
300
+ _isNegated = true;
283
301
  }
284
- // Pattern: varName.startsWith(...) or varName.includes(...)
285
- if (testNode.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression &&
286
- testNode.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
302
+ if (testNode.type !== eslint_devkit_1.AST_NODE_TYPES.CallExpression) {
303
+ return false;
304
+ }
305
+ // Pattern 1: varName.startsWith(...) or varName.includes(...)
306
+ if (testNode.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
287
307
  testNode.callee.object.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
288
308
  testNode.callee.object.name === varName &&
289
309
  testNode.callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
@@ -291,6 +311,28 @@ exports.detectNonLiteralFsFilename = (0, eslint_devkit_2.createRule)({
291
311
  testNode.callee.property.name === 'includes')) {
292
312
  return true;
293
313
  }
314
+ // Pattern 2: ALLOWED_FILES.includes(varName) - allowlist validation
315
+ if (testNode.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
316
+ testNode.callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
317
+ testNode.callee.property.name === 'includes') {
318
+ // Check if varName is in the arguments
319
+ for (const arg of testNode.arguments) {
320
+ if (arg.type === eslint_devkit_1.AST_NODE_TYPES.Identifier && arg.name === varName) {
321
+ return true;
322
+ }
323
+ }
324
+ }
325
+ // Pattern 3: /regex/.test(varName) - regex validation
326
+ if (testNode.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
327
+ testNode.callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
328
+ testNode.callee.property.name === 'test') {
329
+ // Check if varName is in the arguments
330
+ for (const arg of testNode.arguments) {
331
+ if (arg.type === eslint_devkit_1.AST_NODE_TYPES.Identifier && arg.name === varName) {
332
+ return true;
333
+ }
334
+ }
335
+ }
294
336
  return false;
295
337
  };
296
338
  const hasEarlyExit = (consequent) => {
@@ -307,7 +349,7 @@ exports.detectNonLiteralFsFilename = (0, eslint_devkit_2.createRule)({
307
349
  while (current && !foundFunctionBody) {
308
350
  // Check 1: Inside an if-block with validation
309
351
  if (current.type === eslint_devkit_1.AST_NODE_TYPES.IfStatement) {
310
- if (isStartsWithOrIncludesCall(current.test)) {
352
+ if (isValidationCall(current.test)) {
311
353
  return true;
312
354
  }
313
355
  }
@@ -330,7 +372,7 @@ exports.detectNonLiteralFsFilename = (0, eslint_devkit_2.createRule)({
330
372
  for (let i = 0; i < nodeIndex; i++) {
331
373
  const stmt = blockBody[i];
332
374
  if (stmt.type === eslint_devkit_1.AST_NODE_TYPES.IfStatement &&
333
- isStartsWithOrIncludesCall(stmt.test) &&
375
+ isValidationCall(stmt.test) &&
334
376
  hasEarlyExit(stmt.consequent)) {
335
377
  return true;
336
378
  }
package/src/rules/detect-non-literal-fs-filename/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/detect-non-literal-fs-filename/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAWH,4DAA0F;AAC1F,4DAAsD;AAgCtD,MAAM,aAAa,GAAkB;IACnC;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,aAAa;QAC5B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,iCAAiC;YACtC,IAAI,EAAE,wGAAwG;SAC/G;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,WAAW;QACnB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,aAAa;QAC5B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE,8GAA8G;SACrH;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,gBAAgB;QAC/B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,6BAA6B;YAClC,IAAI,EAAE,0IAA0I;SACjJ;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,SAAS;QACjB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,qBAAqB;QACpC,WAAW,EAAE,4CAA4C;QACzD,OAAO,EAAE;YACP,GAAG,EAAE,+BAA+B;YACpC,IAAI,EAAE,iJAAiJ;SACxJ;QACD,MAAM,EAAE,eAAe;KACxB;CACF,CAAC;AAEW,QAAA,0BAA0B,GAAG,IAAA,0BAAU,EAA0B;IAC5E,IAAI,EAAE,gCAAgC;IACtC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,oHAAoH;SAClI;QACD,QAAQ,EAAE;YACR,sFAAsF;YACtF,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,IAAI;gBACV,SAAS,EAAE,gBAAgB;gBAC3B,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,8BAA8B;gBAC3C,QAAQ,EAAE,eAAe;gBACzB,GAAG,EAAE,iBAAiB;gBACtB,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,cAAc,EAAE,IAAA,gCAAgB,EAAC;gBAC/B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,kBAAkB;gBAC7B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,mCAAmC;gBACxC,iBAAiB,EAAE,mDAAmD;aACvE,CAAC;YACF,YAAY,EAAE,IAAA,gCAAgB,EAAC;gBAC7B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,eAAe;gBAC1B,WAAW,EAAE,iDAAiD;gBAC9D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,uDAAuD;gBAC5D,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,WAAW,EAAE,IAAA,gCAAgB,EAAC;gBAC5B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,mDAAmD;gBAChE,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,0BAA0B;gBAC/B,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,uBAAuB;gBAClC,WAAW,EAAE,0BAA0B;gBACvC,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,qDAAqD;gBAC1D,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,mBAAmB,EAAE,IAAA,gCAAgB,EAAC;gBACpC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,sBAAsB;gBACjC,WAAW,EAAE,mCAAmC;gBAChD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,6EAA6E;gBAClF,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,aAAa,EAAE;wBACb,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,4BAA4B;qBAC1C;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,gCAAgC;qBAC9C;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,mDAAmD;qBACjE;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,aAAa,EAAE,KAAK;YACpB,iBAAiB,EAAE,EAAE;SACtB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACV,aAAa,GAAG,KAAK,EACf,iBAAiB,GAAG,EAAE,EAE3B,GAAY,OAAO,IAAI,EAAE,CAAC;QAEvB;;WAEG;QACH,MAAM,gBAAgB,GAAG;YACvB,UAAU,EAAE,cAAc;YAC1B,WAAW,EAAE,eAAe;YAC5B,YAAY,EAAE,gBAAgB;YAC9B,MAAM,EAAE,UAAU;YAClB,OAAO,EAAE,WAAW;YACpB,SAAS,EAAE,aAAa;YACxB,QAAQ,EAAE,YAAY;YACtB,OAAO,EAAE,WAAW;YACpB,OAAO,EAAE,WAAW;YACpB,QAAQ,EAAE,YAAY;YACtB,kBAAkB,EAAE,mBAAmB;YACvC,GAAG,iBAAiB;SACrB,CAAC;QAEF;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,IAAmB,EAAW,EAAE;YACvD,OAAO,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC;QACnE,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,oBAAoB,GAAG,CAAC,OAAe,EAAW,EAAE;YACxD,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACjE,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,mBAAmB,GAAG,CAAC,IAA6B,EAKxD,EAAE;YACF,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;gBACrD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;gBACrD,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI;gBAC3B,CAAC,CAAC,SAAS,CAAC;YAE5B,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC;YAEzE,qCAAqC;YACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACtE,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAC5D,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAE1D,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;QAC/C,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,QAA8B,EAAE,OAAe,EAAW,EAAE;YACnF,+BAA+B;YAC/B,IAAI,aAAa,IAAI,QAAQ,IAAI,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3D,OAAO,KAAK,CAAC;YACf,CAAC;YAED,mDAAmD;YACnD,IAAI,QAAQ,IAAI,eAAe,CAAC,QAAQ,CAAC,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3E,OAAO,IAAI,CAAC;YACd,CAAC;YAED,sEAAsE;YACtE,IAAI,QAAQ,IAAI,sBAAsB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACjD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,sEAAsE;YACtE,IAAI,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC5C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,+BAA+B;YAC/B,OAAO,CAAC,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QACjD,CAAC,CAAC;QAEF;;;;;;WAMG;QACH,MAAM,sBAAsB,GAAG,CAAC,QAAuB,EAAW,EAAE;YAClE,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;gBACpD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;YAC/B,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;gBAC/C,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;gBAChD,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,MAAM;gBAC7B,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBACvD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YACpC,IAAI,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC;YAChC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,6CAA6C;YAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACzB,MAAM,cAAc,GAClB,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,IAAI,QAAQ,CAAC,IAAI,KAAK,WAAW,CAAC;gBAC9E,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,QAAQ,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC;YAEnF,IAAI,CAAC,cAAc,EAAE,CAAC;gBACpB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,wCAAwC;YACxC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACrC,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;gBACpB,IAAI,GAAG,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACzE,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,gDAAgD;gBAChD,IAAI,oBAAoB,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBAC5C,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;;;;;WAMG;QACH,MAAM,iBAAiB,GAAG,CAAC,QAAuB,EAAW,EAAE;YAC7D,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBAChD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC;YAE9B,+DAA+D;YAC/D,MAAM,0BAA0B,GAAG,CAAC,QAAuB,EAAW,EAAE;gBACtE,yCAAyC;gBACzC,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe;oBAChD,QAAQ,CAAC,QAAQ,KAAK,GAAG;oBACzB,QAAQ,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;oBAC7D,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC;gBAC/B,CAAC;gBAED,4DAA4D;gBAC5D,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;oBAC/C,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBACxD,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBACzD,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,OAAO;oBACvC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAC3D,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;wBAC9C,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU,CAAC,EAAE,CAAC;oBACnD,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC;YAEF,MAAM,YAAY,GAAG,CAAC,UAA8B,EAAW,EAAE;gBAC/D,IAAI,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;oBACtD,OAAO,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACjC,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;wBAC3C,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,CAC7C,CAAC;gBACJ,CAAC;gBACD,OAAO,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;oBACjD,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,CAAC;YAC5D,CAAC,CAAC;YAEF,0DAA0D;YAC1D,IAAI,OAAO,GAA8B,QAAQ,CAAC,MAAM,CAAC;YACzD,IAAI,iBAAiB,GAAG,KAAK,CAAC;YAE9B,OAAO,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACrC,8CAA8C;gBAC9C,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW,EAAE,CAAC;oBAChD,IAAI,0BAA0B,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC7C,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;gBAED,0FAA0F;gBAC1F,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,IAAI,OAAO,CAAC,MAAM,IAAI,CACpE,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,mBAAmB;oBAC1D,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,kBAAkB;oBACzD,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,uBAAuB,CAAC,EAAE,CAAC;oBAEpE,iBAAiB,GAAG,IAAI,CAAC;oBACzB,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;oBAC/B,MAAM,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,IAAwB,EAAE,EAAE;wBACjE,IAAI,KAAK,GAA8B,QAAQ,CAAC;wBAChD,OAAO,KAAK,EAAE,CAAC;4BACb,IAAI,KAAK,KAAK,IAAI;gCAAE,OAAO,IAAI,CAAC;4BAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC;wBACvB,CAAC;wBACD,OAAO,KAAK,CAAC;oBACf,CAAC,CAAC,CAAC;oBAEH,uEAAuE;oBACvE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;wBACnC,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;wBAC1B,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW;4BACxC,0BAA0B,CAAC,IAAI,CAAC,IAAI,CAAC;4BACrC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;4BAClC,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC;YAC3B,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,SAAsB,EAAU,EAAE;YAClE,QAAQ,SAAS,CAAC,MAAM,EAAE,CAAC;gBACzB,KAAK,UAAU,CAAC;gBAChB,KAAK,WAAW;oBACd,OAAO;wBACL,yDAAyD;wBACzD,yDAAyD;wBACzD,2EAA2E;wBAC3E,2CAA2C;wBAC3C,4CAA4C;qBAC7C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,MAAM;oBACT,OAAO;wBACL,gDAAgD;wBAChD,iEAAiE;wBACjE,yDAAyD;wBACzD,qDAAqD;wBACrD,0CAA0C;qBAC3C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,SAAS;oBACZ,OAAO;wBACL,uEAAuE;wBACvE,uDAAuD;wBACvD,8CAA8C;wBAC9C,iDAAiD;wBACjD,wDAAwD;qBACzD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf;oBACE,OAAO;wBACL,mDAAmD;wBACnD,mDAAmD;wBACnD,mDAAmD;wBACnD,4DAA4D;wBAC5D,wCAAwC;qBACzC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,SAAsB,EAAE,OAAe,EAAU,EAAE;YAC7E,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClC,OAAO,UAAU,CAAC;YACpB,CAAC;YAED,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;gBACxB,OAAO,MAAM,CAAC;YAChB,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,WAAW,GAAG,CAAC,IAA6B,EAAE,EAAE;YACpD,kCAAkC;YAClC,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACxC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI;gBAChC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/C,OAAO;YACT,CAAC;YAED,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YAE7C,iCAAiC;YACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC3C,OAAO;YACT,CAAC;YAED,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAExE,0CAA0C;YAC1C,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,IAAI,CAAC,EAAE,CAAC;gBACrC,OAAO;YACT,CAAC;YAED,MAAM,SAAS,GAAG,kBAAkB,CAAC,SAAS,IAAI,aAAa,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YAC1E,MAAM,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,oCAAoC,CAAC;YACrG,MAAM,WAAW,GAAG,SAAS,EAAE,WAAW,IAAI,oCAAoC,CAAC;YAEnF,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,iBAAiB;gBAC5B,IAAI,EAAE;oBACJ,MAAM;oBACN,IAAI;oBACJ,SAAS;oBACT,aAAa,EAAE,SAAS,EAAE,aAAa,IAAI,gBAAgB;oBAC3D,WAAW;oBACX,KAAK;oBACL,MAAM,EAAE,SAAS,EAAE,MAAM,IAAI,eAAe;iBAC7C;gBACD,OAAO,EAAE;oBACP;wBACE,SAAS,EAAE,gBAAgB;wBAC3B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,cAAc;wBACzB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,aAAa;wBACxB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,qBAAqB;wBAChC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;iBACF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,OAAO;YACL,cAAc,EAAE,WAAW;SAC5B,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/detect-non-literal-fs-filename/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAWH,4DAA0F;AAC1F,4DAAsD;AAgCtD,MAAM,aAAa,GAAkB;IACnC;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,aAAa;QAC5B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,iCAAiC;YACtC,IAAI,EAAE,wGAAwG;SAC/G;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,WAAW;QACnB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,aAAa;QAC5B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE,8GAA8G;SACrH;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,gBAAgB;QAC/B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,6BAA6B;YAClC,IAAI,EAAE,0IAA0I;SACjJ;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,SAAS;QACjB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,qBAAqB;QACpC,WAAW,EAAE,4CAA4C;QACzD,OAAO,EAAE;YACP,GAAG,EAAE,+BAA+B;YACpC,IAAI,EAAE,iJAAiJ;SACxJ;QACD,MAAM,EAAE,eAAe;KACxB;CACF,CAAC;AAEW,QAAA,0BAA0B,GAAG,IAAA,0BAAU,EAA0B;IAC5E,IAAI,EAAE,gCAAgC;IACtC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,oHAAoH;SAClI;QACD,QAAQ,EAAE;YACR,sFAAsF;YACtF,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,IAAI;gBACV,SAAS,EAAE,gBAAgB;gBAC3B,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,8BAA8B;gBAC3C,QAAQ,EAAE,eAAe;gBACzB,GAAG,EAAE,iBAAiB;gBACtB,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,cAAc,EAAE,IAAA,gCAAgB,EAAC;gBAC/B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,kBAAkB;gBAC7B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,mCAAmC;gBACxC,iBAAiB,EAAE,mDAAmD;aACvE,CAAC;YACF,YAAY,EAAE,IAAA,gCAAgB,EAAC;gBAC7B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,eAAe;gBAC1B,WAAW,EAAE,iDAAiD;gBAC9D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,uDAAuD;gBAC5D,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,WAAW,EAAE,IAAA,gCAAgB,EAAC;gBAC5B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,mDAAmD;gBAChE,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,0BAA0B;gBAC/B,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,uBAAuB;gBAClC,WAAW,EAAE,0BAA0B;gBACvC,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,qDAAqD;gBAC1D,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,mBAAmB,EAAE,IAAA,gCAAgB,EAAC;gBACpC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,sBAAsB;gBACjC,WAAW,EAAE,mCAAmC;gBAChD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,6EAA6E;gBAClF,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,aAAa,EAAE;wBACb,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,4BAA4B;qBAC1C;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,gCAAgC;qBAC9C;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,mDAAmD;qBACjE;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,aAAa,EAAE,KAAK;YACpB,iBAAiB,EAAE,EAAE;SACtB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACV,aAAa,GAAG,KAAK,EACf,iBAAiB,GAAG,EAAE,EAE3B,GAAY,OAAO,IAAI,EAAE,CAAC;QAEvB;;WAEG;QACH,MAAM,gBAAgB,GAAG;YACvB,UAAU,EAAE,cAAc;YAC1B,WAAW,EAAE,eAAe;YAC5B,YAAY,EAAE,gBAAgB;YAC9B,MAAM,EAAE,UAAU;YAClB,OAAO,EAAE,WAAW;YACpB,SAAS,EAAE,aAAa;YACxB,QAAQ,EAAE,YAAY;YACtB,OAAO,EAAE,WAAW;YACpB,OAAO,EAAE,WAAW;YACpB,QAAQ,EAAE,YAAY;YACtB,kBAAkB,EAAE,mBAAmB;YACvC,GAAG,iBAAiB;SACrB,CAAC;QAEF;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,IAAmB,EAAW,EAAE;YACvD,OAAO,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC;QACnE,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,oBAAoB,GAAG,CAAC,OAAe,EAAW,EAAE;YACxD,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACjE,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,mBAAmB,GAAG,CAAC,IAA6B,EAKxD,EAAE;YACF,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;gBACrD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;gBACrD,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI;gBAC3B,CAAC,CAAC,SAAS,CAAC;YAE5B,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC;YAEzE,qCAAqC;YACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACtE,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAC5D,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAE1D,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;QAC/C,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,QAA8B,EAAE,OAAe,EAAW,EAAE;YACnF,+BAA+B;YAC/B,IAAI,aAAa,IAAI,QAAQ,IAAI,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3D,OAAO,KAAK,CAAC;YACf,CAAC;YAED,mDAAmD;YACnD,IAAI,QAAQ,IAAI,eAAe,CAAC,QAAQ,CAAC,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3E,OAAO,IAAI,CAAC;YACd,CAAC;YAED,sEAAsE;YACtE,IAAI,QAAQ,IAAI,sBAAsB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACjD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,sEAAsE;YACtE,IAAI,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC5C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,4EAA4E;YAC5E,sFAAsF;YACtF,IAAI,QAAQ,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;gBAChE,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;gBAC/B,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBAC/C,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAChD,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,MAAM;oBAC7B,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAClD,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBACvD,gFAAgF;oBAChF,MAAM,WAAW,GAAG,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAAkB,EAAE,EAAE,CACnE,GAAG,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,IAAI,GAAG,CAAC,IAAI,KAAK,WAAW,CACnE,CAAC;oBACF,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC,GAAkB,EAAE,EAAE,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;wBAChG,OAAO,KAAK,CAAC;oBACf,CAAC;gBACH,CAAC;YACH,CAAC;YAED,+BAA+B;YAC/B,OAAO,CAAC,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QACjD,CAAC,CAAC;QAEF;;;;;;WAMG;QACH,MAAM,sBAAsB,GAAG,CAAC,QAAuB,EAAW,EAAE;YAClE,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;gBACpD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;YAC/B,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;gBAC/C,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;gBAChD,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,MAAM;gBAC7B,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBACvD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YACpC,IAAI,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC;YAChC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,6CAA6C;YAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACzB,MAAM,cAAc,GAClB,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,IAAI,QAAQ,CAAC,IAAI,KAAK,WAAW,CAAC;gBAC9E,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,QAAQ,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC;YAEnF,IAAI,CAAC,cAAc,EAAE,CAAC;gBACpB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,wCAAwC;YACxC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACrC,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;gBACpB,IAAI,GAAG,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACzE,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,gDAAgD;gBAChD,IAAI,oBAAoB,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBAC5C,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;;;;;WAMG;QACH,MAAM,iBAAiB,GAAG,CAAC,QAAuB,EAAW,EAAE;YAC7D,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBAChD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC;YAE9B,+DAA+D;YAC/D,MAAM,gBAAgB,GAAG,CAAC,QAAuB,EAAW,EAAE;gBAC5D,yCAAyC;gBACzC,IAAI,UAAU,GAAG,KAAK,CAAC;gBACvB,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe;oBAChD,QAAQ,CAAC,QAAQ,KAAK,GAAG;oBACzB,QAAQ,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;oBAC7D,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC;oBAC7B,UAAU,GAAG,IAAI,CAAC;gBACpB,CAAC;gBAED,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;oBACpD,OAAO,KAAK,CAAC;gBACf,CAAC;gBAED,8DAA8D;gBAC9D,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBACxD,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBACzD,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,OAAO;oBACvC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAC3D,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;wBAC9C,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU,CAAC,EAAE,CAAC;oBACnD,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,oEAAoE;gBACpE,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBACxD,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAC3D,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;oBACjD,uCAAuC;oBACvC,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;wBACrC,IAAI,GAAG,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,IAAI,GAAG,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;4BACnE,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,sDAAsD;gBACtD,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBACxD,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAC3D,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;oBAC7C,uCAAuC;oBACvC,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;wBACrC,IAAI,GAAG,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,IAAI,GAAG,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;4BACnE,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,OAAO,KAAK,CAAC;YACf,CAAC,CAAC;YAEF,MAAM,YAAY,GAAG,CAAC,UAA8B,EAAW,EAAE;gBAC/D,IAAI,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;oBACtD,OAAO,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACjC,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;wBAC3C,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,CAC7C,CAAC;gBACJ,CAAC;gBACD,OAAO,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;oBACjD,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,CAAC;YAC5D,CAAC,CAAC;YAEF,0DAA0D;YAC1D,IAAI,OAAO,GAA8B,QAAQ,CAAC,MAAM,CAAC;YACzD,IAAI,iBAAiB,GAAG,KAAK,CAAC;YAE9B,OAAO,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACrC,8CAA8C;gBAC9C,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW,EAAE,CAAC;oBAChD,IAAI,gBAAgB,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;wBACnC,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;gBAED,0FAA0F;gBAC1F,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,IAAI,OAAO,CAAC,MAAM,IAAI,CACpE,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,mBAAmB;oBAC1D,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,kBAAkB;oBACzD,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,uBAAuB,CAAC,EAAE,CAAC;oBAEpE,iBAAiB,GAAG,IAAI,CAAC;oBACzB,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;oBAC/B,MAAM,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,IAAwB,EAAE,EAAE;wBACjE,IAAI,KAAK,GAA8B,QAAQ,CAAC;wBAChD,OAAO,KAAK,EAAE,CAAC;4BACb,IAAI,KAAK,KAAK,IAAI;gCAAE,OAAO,IAAI,CAAC;4BAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC;wBACvB,CAAC;wBACD,OAAO,KAAK,CAAC;oBACf,CAAC,CAAC,CAAC;oBAEH,uEAAuE;oBACvE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;wBACnC,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;wBAC1B,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW;4BACxC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC;4BAC3B,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;4BAClC,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC;YAC3B,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,SAAsB,EAAU,EAAE;YAClE,QAAQ,SAAS,CAAC,MAAM,EAAE,CAAC;gBACzB,KAAK,UAAU,CAAC;gBAChB,KAAK,WAAW;oBACd,OAAO;wBACL,yDAAyD;wBACzD,yDAAyD;wBACzD,2EAA2E;wBAC3E,2CAA2C;wBAC3C,4CAA4C;qBAC7C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,MAAM;oBACT,OAAO;wBACL,gDAAgD;wBAChD,iEAAiE;wBACjE,yDAAyD;wBACzD,qDAAqD;wBACrD,0CAA0C;qBAC3C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,SAAS;oBACZ,OAAO;wBACL,uEAAuE;wBACvE,uDAAuD;wBACvD,8CAA8C;wBAC9C,iDAAiD;wBACjD,wDAAwD;qBACzD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf;oBACE,OAAO;wBACL,mDAAmD;wBACnD,mDAAmD;wBACnD,mDAAmD;wBACnD,4DAA4D;wBAC5D,wCAAwC;qBACzC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,SAAsB,EAAE,OAAe,EAAU,EAAE;YAC7E,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClC,OAAO,UAAU,CAAC;YACpB,CAAC;YAED,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;gBACxB,OAAO,MAAM,CAAC;YAChB,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,WAAW,GAAG,CAAC,IAA6B,EAAE,EAAE;YACpD,kCAAkC;YAClC,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACxC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI;gBAChC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/C,OAAO;YACT,CAAC;YAED,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YAE7C,iCAAiC;YACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC3C,OAAO;YACT,CAAC;YAED,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAExE,0CAA0C;YAC1C,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,IAAI,CAAC,EAAE,CAAC;gBACrC,OAAO;YACT,CAAC;YAED,MAAM,SAAS,GAAG,kBAAkB,CAAC,SAAS,IAAI,aAAa,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YAC1E,MAAM,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,oCAAoC,CAAC;YACrG,MAAM,WAAW,GAAG,SAAS,EAAE,WAAW,IAAI,oCAAoC,CAAC;YAEnF,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,iBAAiB;gBAC5B,IAAI,EAAE;oBACJ,MAAM;oBACN,IAAI;oBACJ,SAAS;oBACT,aAAa,EAAE,SAAS,EAAE,aAAa,IAAI,gBAAgB;oBAC3D,WAAW;oBACX,KAAK;oBACL,MAAM,EAAE,SAAS,EAAE,MAAM,IAAI,eAAe;iBAC7C;gBACD,OAAO,EAAE;oBACP;wBACE,SAAS,EAAE,gBAAgB;wBAC3B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,cAAc;wBACzB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,aAAa;wBACxB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,qBAAqB;wBAChC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;iBACF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,OAAO;YACL,cAAc,EAAE,WAAW;SAC5B,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
package/src/rules/no-ssrf/index.d.ts ADDED
@@ -0,0 +1,25 @@
1
+ /**
2
+ * Copyright (c) 2025 Ofri Peretz
3
+ * Licensed under the MIT License. Use of this source code is governed by the
4
+ * MIT license that can be found in the LICENSE file.
5
+ */
6
+ /**
7
+ * ESLint Rule: no-ssrf
8
+ * Detects Server-Side Request Forgery (SSRF) vulnerabilities where
9
+ * user-controlled URLs are passed to HTTP client functions without validation.
10
+ *
11
+ * CWE-918: Server-Side Request Forgery (SSRF)
12
+ *
13
+ * @see https://cwe.mitre.org/data/definitions/918.html
14
+ * @see https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
15
+ */
16
+ import type { TSESLint } from '@interlace/eslint-devkit';
17
+ export interface Options {
18
+ /** Ignore in test files. Default: true */
19
+ allowInTests?: boolean;
20
+ }
21
+ type RuleOptions = [Options?];
22
+ export declare const noSsrf: TSESLint.RuleModule<"ssrfVulnerability", RuleOptions, unknown, TSESLint.RuleListener> & {
23
+ name: string;
24
+ };
25
+ export {};
package/src/rules/no-ssrf/index.js ADDED
@@ -0,0 +1,225 @@
1
+ "use strict";
2
+ /**
3
+ * Copyright (c) 2025 Ofri Peretz
4
+ * Licensed under the MIT License. Use of this source code is governed by the
5
+ * MIT license that can be found in the LICENSE file.
6
+ */
7
+ Object.defineProperty(exports, "__esModule", { value: true });
8
+ exports.noSsrf = void 0;
9
+ const eslint_devkit_1 = require("@interlace/eslint-devkit");
10
+ // HTTP client functions that make outbound requests
11
+ const HTTP_CLIENT_FUNCTIONS = new Set([
12
+ 'fetch', // built-in / node-fetch
13
+ 'got', // got
14
+ 'nodeFetch', // node-fetch
15
+ 'undici', // undici
16
+ ]);
17
+ // HTTP client method calls (e.g., axios.get, http.request)
18
+ const HTTP_CLIENT_METHODS = new Set([
19
+ 'get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'request',
20
+ ]);
21
+ // Object names that are HTTP client libraries
22
+ const HTTP_CLIENT_OBJECTS = new Set([
23
+ 'axios', 'got', 'superagent', 'request', 'http', 'https', 'undici',
24
+ ]);
25
+ // Function names that indicate URL validation
26
+ const VALIDATION_FUNCTION_NAMES = new Set([
27
+ 'validateUrl', 'validateURL', 'isValidUrl', 'isSafeUrl', 'isAllowed',
28
+ 'isValidURL', 'checkUrl', 'checkURL', 'sanitizeUrl', 'sanitizeURL',
29
+ ]);
30
+ // Substrings in identifier names that suggest user input
31
+ const USER_INPUT_SUBSTRINGS = [
32
+ 'url', 'endpoint', 'uri', 'href', 'link',
33
+ 'target', 'dest', 'source', 'host',
34
+ 'user', 'input', 'param',
35
+ ];
36
+ /**
37
+ * Check if a function parameter name suggests user input
38
+ */
39
+ function isUserInputParamName(name) {
40
+ const lower = name.toLowerCase();
41
+ return USER_INPUT_SUBSTRINGS.some(sub => lower.includes(sub));
42
+ }
43
+ /**
44
+ * AST-based check: does this node contain a validation pattern?
45
+ * Walks the node tree looking for known validation constructs.
46
+ */
47
+ function nodeContainsValidation(node) {
48
+ // new URL(x) — URL constructor (parsing/validation)
49
+ if (node.type === eslint_devkit_1.AST_NODE_TYPES.NewExpression &&
50
+ node.callee.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
51
+ node.callee.name === 'URL') {
52
+ return true;
53
+ }
54
+ // validateUrl(x), isValidUrl(x), etc.
55
+ if (node.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression &&
56
+ node.callee.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
57
+ VALIDATION_FUNCTION_NAMES.has(node.callee.name)) {
58
+ return true;
59
+ }
60
+ // arr.includes(x), set.has(x), x.startsWith('...'), regex.test(x)
61
+ if (node.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression &&
62
+ node.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
63
+ node.callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier) {
64
+ const method = node.callee.property.name;
65
+ if (method === 'includes' || method === 'has' || method === 'startsWith' || method === 'test' || method === 'some') {
66
+ return true;
67
+ }
68
+ }
69
+ // hostname === '...' or host === '...'
70
+ if (node.type === eslint_devkit_1.AST_NODE_TYPES.BinaryExpression &&
71
+ (node.operator === '===' || node.operator === '==') &&
72
+ ((node.left.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
73
+ node.left.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
74
+ (node.left.property.name === 'hostname' || node.left.property.name === 'host')) ||
75
+ (node.right.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
76
+ node.right.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
77
+ (node.right.property.name === 'hostname' || node.right.property.name === 'host')))) {
78
+ return true;
79
+ }
80
+ // throw new Error(...) — guard clause
81
+ if (node.type === eslint_devkit_1.AST_NODE_TYPES.ThrowStatement) {
82
+ return true;
83
+ }
84
+ // Keys to skip: non-child properties that cause circular refs or aren't AST children
85
+ const SKIP_KEYS = new Set(['parent', 'range', 'loc', 'tokens', 'comments', 'start', 'end']);
86
+ // Recurse into child nodes
87
+ for (const key of Object.keys(node)) {
88
+ if (SKIP_KEYS.has(key))
89
+ continue;
90
+ const value = node[key];
91
+ if (value && typeof value === 'object' && 'type' in value) {
92
+ if (nodeContainsValidation(value))
93
+ return true;
94
+ }
95
+ if (Array.isArray(value)) {
96
+ for (const item of value) {
97
+ if (item && typeof item === 'object' && 'type' in item) {
98
+ if (nodeContainsValidation(item))
99
+ return true;
100
+ }
101
+ }
102
+ }
103
+ }
104
+ return false;
105
+ }
106
+ /**
107
+ * Check if there is URL validation before the HTTP call using AST walking
108
+ */
109
+ function hasValidationBefore(node) {
110
+ // Walk up to find the containing block
111
+ let current = node.parent;
112
+ while (current) {
113
+ const parent = current.parent;
114
+ if (!parent)
115
+ break;
116
+ if (parent.type === eslint_devkit_1.AST_NODE_TYPES.BlockStatement || parent.type === eslint_devkit_1.AST_NODE_TYPES.Program) {
117
+ const body = parent.body;
118
+ const idx = body.indexOf(current);
119
+ // Check previous sibling statements for validation patterns
120
+ for (let i = idx - 1; i >= 0 && i >= idx - 10; i--) {
121
+ if (nodeContainsValidation(body[i])) {
122
+ return true;
123
+ }
124
+ }
125
+ }
126
+ // Check if inside an if-block where the condition contains validation
127
+ if (parent.type === eslint_devkit_1.AST_NODE_TYPES.IfStatement && parent.test) {
128
+ if (nodeContainsValidation(parent.test)) {
129
+ return true;
130
+ }
131
+ }
132
+ current = parent;
133
+ }
134
+ return false;
135
+ }
136
+ exports.noSsrf = (0, eslint_devkit_1.createRule)({
137
+ name: 'no-ssrf',
138
+ meta: {
139
+ type: 'problem',
140
+ docs: {
141
+ description: 'Detects HTTP requests with user-controlled URLs (SSRF vulnerability)',
142
+ },
143
+ messages: {
144
+ ssrfVulnerability: (0, eslint_devkit_1.formatLLMMessage)({
145
+ icon: eslint_devkit_1.MessageIcons.SECURITY,
146
+ issueName: 'Server-Side Request Forgery (SSRF)',
147
+ cwe: 'CWE-918',
148
+ description: 'HTTP request with potentially user-controlled URL. An attacker could access internal services.',
149
+ severity: 'HIGH',
150
+ fix: 'Validate URL against an allowlist of permitted hosts before making the request.',
151
+ documentationLink: 'https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html',
152
+ }),
153
+ },
154
+ schema: [
155
+ {
156
+ type: 'object',
157
+ properties: {
158
+ allowInTests: {
159
+ type: 'boolean',
160
+ default: true,
161
+ },
162
+ },
163
+ additionalProperties: false,
164
+ },
165
+ ],
166
+ },
167
+ defaultOptions: [{ allowInTests: true }],
168
+ create(context, [options = {}]) {
169
+ const { allowInTests = true } = options || {};
170
+ const filename = context.filename || context.getFilename();
171
+ const isTestFile = allowInTests && /\.(test|spec)\.(ts|tsx|js|jsx)$/.test(filename);
172
+ if (isTestFile)
173
+ return {};
174
+ return {
175
+ CallExpression(node) {
176
+ let isHttpCall = false;
177
+ // 1. Direct function call: fetch(url), got(url)
178
+ if (node.callee.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
179
+ HTTP_CLIENT_FUNCTIONS.has(node.callee.name)) {
180
+ isHttpCall = true;
181
+ }
182
+ // 2. Method call: axios.get(url), http.request(url)
183
+ if (node.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
184
+ node.callee.object.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
185
+ node.callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
186
+ HTTP_CLIENT_OBJECTS.has(node.callee.object.name) &&
187
+ HTTP_CLIENT_METHODS.has(node.callee.property.name)) {
188
+ isHttpCall = true;
189
+ }
190
+ if (!isHttpCall)
191
+ return;
192
+ // Check the first argument (the URL)
193
+ const urlArg = node.arguments[0];
194
+ if (!urlArg)
195
+ return;
196
+ // Safe: literal string URL — fetch('https://api.example.com')
197
+ if (urlArg.type === eslint_devkit_1.AST_NODE_TYPES.Literal)
198
+ return;
199
+ // Safe: template literal without expressions — fetch(`https://api.example.com`)
200
+ if (urlArg.type === eslint_devkit_1.AST_NODE_TYPES.TemplateLiteral &&
201
+ urlArg.expressions.length === 0) {
202
+ return;
203
+ }
204
+ // The URL is dynamic (identifier, template with expressions, etc.)
205
+ // Check if there is URL validation before this call
206
+ if (hasValidationBefore(node)) {
207
+ return;
208
+ }
209
+ // Check if the argument is a function parameter that looks like user input
210
+ if (urlArg.type === eslint_devkit_1.AST_NODE_TYPES.Identifier) {
211
+ // If the variable name doesn't suggest user input, skip
212
+ // This reduces false positives on internal API calls
213
+ if (!isUserInputParamName(urlArg.name)) {
214
+ return;
215
+ }
216
+ }
217
+ context.report({
218
+ node,
219
+ messageId: 'ssrfVulnerability',
220
+ });
221
+ },
222
+ };
223
+ },
224
+ });
225
+ //# sourceMappingURL=index.js.map
package/src/rules/no-ssrf/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/no-ssrf/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAaH,4DAKkC;AAWlC,oDAAoD;AACpD,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC;IACpC,OAAO,EAAQ,wBAAwB;IACvC,KAAK,EAAU,MAAM;IACrB,WAAW,EAAI,aAAa;IAC5B,QAAQ,EAAO,SAAS;CACzB,CAAC,CAAC;AAEH,2DAA2D;AAC3D,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;IAClC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS;CACtE,CAAC,CAAC;AAEH,8CAA8C;AAC9C,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;IAClC,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ;CACnE,CAAC,CAAC;AAEH,8CAA8C;AAC9C,MAAM,yBAAyB,GAAG,IAAI,GAAG,CAAC;IACxC,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,WAAW,EAAE,WAAW;IACpE,YAAY,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa,EAAE,aAAa;CACnE,CAAC,CAAC;AAEH,yDAAyD;AACzD,MAAM,qBAAqB,GAAG;IAC5B,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM;IACxC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM;IAClC,MAAM,EAAE,OAAO,EAAE,OAAO;CACzB,CAAC;AAEF;;GAEG;AACH,SAAS,oBAAoB,CAAC,IAAY;IACxC,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IACjC,OAAO,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;AAChE,CAAC;AAED;;;GAGG;AACH,SAAS,sBAAsB,CAAC,IAAmB;IACjD,oDAAoD;IACpD,IACE,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,aAAa;QAC1C,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;QAC9C,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,KAAK,EAC1B,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,sCAAsC;IACtC,IACE,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;QAC3C,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;QAC9C,yBAAyB,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAC/C,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,kEAAkE;IAClE,IACE,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;QAC3C,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;QACpD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EACvD,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;QACzC,IAAI,MAAM,KAAK,UAAU,IAAI,MAAM,KAAK,KAAK,IAAI,MAAM,KAAK,YAAY,IAAI,MAAM,KAAK,MAAM,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACnH,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,IACE,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;QAC7C,CAAC,IAAI,CAAC,QAAQ,KAAK,KAAK,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC;QACnD,CACE,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;YAClD,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;YACrD,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC;YAChF,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;gBACnD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;gBACtD,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CACnF,EACD,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,sCAAsC;IACtC,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;QAChD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,qFAAqF;IACrF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,CAAC,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;IAE5F,2BAA2B;IAC3B,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACpC,IAAI,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QACjC,MAAM,KAAK,GAAI,IAA2C,CAAC,GAAG,CAAC,CAAC;QAChE,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,IAAK,KAAiC,EAAE,CAAC;YACvF,IAAI,sBAAsB,CAAC,KAAsB,CAAC;gBAAE,OAAO,IAAI,CAAC;QAClE,CAAC;QACD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC;oBACvD,IAAI,sBAAsB,CAAC,IAAqB,CAAC;wBAAE,OAAO,IAAI,CAAC;gBACjE,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,IAA6B;IACxD,uCAAuC;IACvC,IAAI,OAAO,GAA+B,IAAmD,CAAC,MAAM,CAAC;IACrG,OAAO,OAAO,EAAE,CAAC;QACf,MAAM,MAAM,GAA+B,OAAsD,CAAC,MAAM,CAAC;QACzG,IAAI,CAAC,MAAM;YAAE,MAAM;QAEnB,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,EAAE,CAAC;YAC5F,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACzB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,OAA6B,CAAC,CAAC;YAExD,4DAA4D;YAC5D,KAAK,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;gBACnD,IAAI,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBACpC,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;QACH,CAAC;QAED,sEAAsE;QACtE,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;YAC9D,IAAI,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxC,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,OAAO,GAAG,MAAM,CAAC;IACnB,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAEY,QAAA,MAAM,GAAG,IAAA,0BAAU,EAA0B;IACxD,IAAI,EAAE,SAAS;IACf,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EACT,sEAAsE;SACzE;QACD,QAAQ,EAAE;YACR,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,oCAAoC;gBAC/C,GAAG,EAAE,SAAS;gBACd,WAAW,EACT,gGAAgG;gBAClG,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,iFAAiF;gBACtF,iBAAiB,EACf,wGAAwG;aAC3G,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,YAAY,EAAE;wBACZ,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,IAAI;qBACd;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;IACxC,MAAM,CACJ,OAAsD,EACtD,CAAC,OAAO,GAAG,EAAE,CAAC;QAEd,MAAM,EAAE,YAAY,GAAG,IAAI,EAAE,GAAY,OAAO,IAAI,EAAE,CAAC;QAEvD,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QAC3D,MAAM,UAAU,GACd,YAAY,IAAI,iCAAiC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnE,IAAI,UAAU;YAAE,OAAO,EAAE,CAAC;QAE1B,OAAO;YACL,cAAc,CAAC,IAA6B;gBAC1C,IAAI,UAAU,GAAG,KAAK,CAAC;gBAEvB,gDAAgD;gBAChD,IACE,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAC9C,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAC3C,CAAC;oBACD,UAAU,GAAG,IAAI,CAAC;gBACpB,CAAC;gBAED,oDAAoD;gBACpD,IACE,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBACpD,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBACrD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBACvD,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC;oBAChD,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAClD,CAAC;oBACD,UAAU,GAAG,IAAI,CAAC;gBACpB,CAAC;gBAED,IAAI,CAAC,UAAU;oBAAE,OAAO;gBAExB,qCAAqC;gBACrC,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;gBACjC,IAAI,CAAC,MAAM;oBAAE,OAAO;gBAEpB,8DAA8D;gBAC9D,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO;oBAAE,OAAO;gBAEnD,gFAAgF;gBAChF,IACE,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe;oBAC9C,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAC/B,CAAC;oBACD,OAAO;gBACT,CAAC;gBAED,mEAAmE;gBACnE,oDAAoD;gBACpD,IAAI,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC9B,OAAO;gBACT,CAAC;gBAED,2EAA2E;gBAC3E,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;oBAC9C,wDAAwD;oBACxD,qDAAqD;oBACrD,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;wBACvC,OAAO;oBACT,CAAC;gBACH,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACb,IAAI;oBACJ,SAAS,EAAE,mBAAmB;iBAC/B,CAAC,CAAC;YACL,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
package/src/rules/no-zip-slip/index.js CHANGED
@@ -177,38 +177,92 @@ exports.noZipSlip = (0, eslint_devkit_1.createRule)({
177
177
  /\/\.\./.test(pathText); // Embedded /..
178
178
  };
179
179
  /**
180
- * Check if path has been validated
180
+ * Check if path has been validated or sanitized
181
+ * Detects patterns like:
182
+ * - validatePath(), sanitizePath() custom functions
183
+ * - path.basename() sanitization
184
+ * - startsWith() validation in preceding if-block
181
185
  */
182
186
  const isPathValidated = (pathNode) => {
183
187
  let current = pathNode;
184
188
  while (current) {
189
+ // Check for custom validation function wrappers
185
190
  if (current.type === 'CallExpression' &&
186
191
  current.callee.type === 'Identifier' &&
187
192
  pathValidationFunctions.includes(current.callee.name)) {
188
193
  return true;
189
194
  }
195
+ // Check for path.basename() sanitization
196
+ if (current.type === 'CallExpression' &&
197
+ current.callee.type === 'MemberExpression' &&
198
+ current.callee.object.type === 'Identifier' &&
199
+ current.callee.object.name === 'path' &&
200
+ current.callee.property.type === 'Identifier' &&
201
+ current.callee.property.name === 'basename') {
202
+ return true;
203
+ }
204
+ // Check for preceding if-block with startsWith validation
205
+ if (current.type === 'IfStatement') {
206
+ const test = current.test;
207
+ // if (path.startsWith(...)) or if (!path.startsWith(...)) { throw/return }
208
+ if (test.type === 'CallExpression' &&
209
+ test.callee.type === 'MemberExpression' &&
210
+ test.callee.property.type === 'Identifier' &&
211
+ test.callee.property.name === 'startsWith') {
212
+ return true;
213
+ }
214
+ if (test.type === 'UnaryExpression' && test.operator === '!' &&
215
+ test.argument.type === 'CallExpression' &&
216
+ test.argument.callee.type === 'MemberExpression' &&
217
+ test.argument.callee.property.type === 'Identifier' &&
218
+ test.argument.callee.property.name === 'startsWith') {
219
+ return true;
220
+ }
221
+ // if (path.includes('..')) { throw/return }
222
+ if (test.type === 'CallExpression' &&
223
+ test.callee.type === 'MemberExpression' &&
224
+ test.callee.property.type === 'Identifier' &&
225
+ test.callee.property.name === 'includes') {
226
+ return true;
227
+ }
228
+ }
190
229
  current = current.parent;
191
230
  }
192
231
  return false;
193
232
  };
194
233
  /**
195
234
  * Check if this uses a safe library
235
+ * Safe libraries have built-in path validation or are known to be secure
196
236
  */
197
237
  const isSafeLibrary = (node) => {
198
238
  const callee = node.callee;
239
+ // Check for method calls on safe library instances (e.g., yauzl.open())
199
240
  if (callee.type === 'MemberExpression' &&
200
241
  callee.object.type === 'Identifier' &&
201
242
  safeLibraries.includes(callee.object.name)) {
202
243
  return true;
203
244
  }
245
+ // Check for direct calls to safe library functions (e.g., extract(file, opts))
246
+ // This handles patterns like: const extract = require('extract-zip'); extract(...)
247
+ if (callee.type === 'Identifier') {
248
+ const name = callee.name.toLowerCase();
249
+ if (name === 'extract' || name === 'unzipper' ||
250
+ safeLibraries.some(lib => name.includes(lib.toLowerCase()))) {
251
+ return true;
252
+ }
253
+ }
204
254
  return false;
205
255
  };
206
256
  /**
207
- * Check if destination is dangerous
257
+ * Check if destination is dangerous (sensitive system directories)
258
+ * Note: /tmp is NOT dangerous - it's the standard safe temp location
208
259
  */
209
260
  const isDangerousDestination = (destText) => {
210
- return destText.includes('/tmp') ||
211
- destText.includes('/var') ||
261
+ // /tmp is SAFE - it's the standard temp location
262
+ if (destText.startsWith('/tmp') || destText.includes('os.tmpdir') || destText.includes('TMPDIR')) {
263
+ return false;
264
+ }
265
+ return destText.includes('/var') ||
212
266
  destText.includes('/usr') ||
213
267
  destText.includes('/etc') ||
214
268
  destText.includes('/root') ||
package/src/rules/no-zip-slip/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/no-zip-slip/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAkBH,4DAAsD;AACtD,4DAA0E;AA4B7D,QAAA,SAAS,GAAG,IAAA,0BAAU,EAA0B;IAC3D,IAAI,EAAE,aAAa;IACnB,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,qDAAqD;SACnE;QACD,OAAO,EAAE,MAAM;QACf,cAAc,EAAE,IAAI;QACpB,QAAQ,EAAE;YACR,oBAAoB,EAAE,IAAA,gCAAgB,EAAC;gBACrC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,wBAAwB;gBACnC,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,iDAAiD;gBAC9D,QAAQ,EAAE,cAAc;gBACxB,GAAG,EAAE,qBAAqB;gBAC1B,iBAAiB,EAAE,gDAAgD;aACpE,CAAC;YACF,uBAAuB,EAAE,IAAA,gCAAgB,EAAC;gBACxC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,2BAA2B;gBACtC,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,qDAAqD;gBAC1D,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,sBAAsB,EAAE,IAAA,gCAAgB,EAAC;gBACvC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,2BAA2B;gBACtC,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,2CAA2C;gBACxD,QAAQ,EAAE,UAAU;gBACpB,GAAG,EAAE,uDAAuD;gBAC5D,iBAAiB,EAAE,gDAAgD;aACpE,CAAC;YACF,sBAAsB,EAAE,IAAA,gCAAgB,EAAC;gBACvC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,0BAA0B;gBACrC,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,kCAAkC;gBACvC,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,2BAA2B,EAAE,IAAA,gCAAgB,EAAC;gBAC5C,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,+BAA+B;gBAC1C,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,yCAAyC;gBACtD,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,qCAAqC;gBAC1C,iBAAiB,EAAE,gDAAgD;aACpE,CAAC;YACF,wBAAwB,EAAE,IAAA,gCAAgB,EAAC;gBACzC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,6BAA6B;gBACxC,WAAW,EAAE,6CAA6C;gBAC1D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,4DAA4D;gBACjE,iBAAiB,EAAE,qCAAqC;aACzD,CAAC;YACF,oBAAoB,EAAE,IAAA,gCAAgB,EAAC;gBACrC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,wBAAwB;gBACnC,WAAW,EAAE,kCAAkC;gBAC/C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,qEAAqE;gBAC1E,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,oBAAoB,EAAE,IAAA,gCAAgB,EAAC;gBACrC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,wBAAwB;gBACnC,WAAW,EAAE,8BAA8B;gBAC3C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,4CAA4C;gBACjD,iBAAiB,EAAE,uDAAuD;aAC3E,CAAC;YACF,sBAAsB,EAAE,IAAA,gCAAgB,EAAC;gBACvC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,0BAA0B;gBACrC,WAAW,EAAE,2CAA2C;gBACxD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,yDAAyD;gBAC9D,iBAAiB,EAAE,gDAAgD;aACpE,CAAC;YACF,qBAAqB,EAAE,IAAA,gCAAgB,EAAC;gBACtC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,yBAAyB;gBACpC,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,6DAA6D;gBAClE,iBAAiB,EAAE,oDAAoD;aACxE,CAAC;YACF,kBAAkB,EAAE,IAAA,gCAAgB,EAAC;gBACnC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,qBAAqB;gBAChC,WAAW,EAAE,2CAA2C;gBACxD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,oDAAoD;gBACzD,iBAAiB,EAAE,qEAAqE;aACzF,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,gBAAgB,EAAE;wBAChB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,SAAS,EAAE,YAAY,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,gBAAgB,CAAC;qBACvF;oBACD,uBAAuB,EAAE;wBACvB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,cAAc,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC;qBACnE;oBACD,aAAa,EAAE;wBACb,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,OAAO,EAAE,sBAAsB,EAAE,YAAY,EAAE,UAAU,CAAC;qBACrE;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,gBAAgB,EAAE,CAAC,SAAS,EAAE,YAAY,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,gBAAgB,CAAC;YAC/F,uBAAuB,EAAE,CAAC,cAAc,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC;YAClF,aAAa,EAAE,CAAC,OAAO,EAAE,sBAAsB,EAAE,YAAY,EAAE,UAAU,CAAC;SAC3E;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACJ,gBAAgB,GAAG,CAAC,SAAS,EAAE,YAAY,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAChG,uBAAuB,GAAG,CAAC,cAAc,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC,EACnF,aAAa,GAAG,CAAC,OAAO,EAAE,sBAAsB,EAAE,YAAY,EAAE,UAAU,CAAC,GAC5E,GAAY,OAAO,CAAC;QAErB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QAE3D,yDAAyD;QAEzD;;WAEG;QACH,MAAM,mBAAmB,GAAG,CAAC,IAA6B,EAAW,EAAE;YACrE,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;YAE3B,0DAA0D;YAC1D,IAAI,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBAClC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;gBACrC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBACpD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,gEAAgE;YAChE,IAAI,MAAM,CAAC,IAAI,KAAK,YAAY;gBAC5B,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3C,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,qBAAqB,GAAG,CAAC,QAAgB,EAAW,EAAE;YAC1D,0BAA0B;YAC1B,OAAO,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,gBAAgB;gBAC3C,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,aAAa;gBACvC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAE,eAAe;QAClD,CAAC,CAAC;QAGF;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,QAAuB,EAAW,EAAE;YAC3D,IAAI,OAAO,GAA8B,QAAQ,CAAC;YAElD,OAAO,OAAO,EAAE,CAAC;gBACf,IAAI,OAAO,CAAC,IAAI,KAAK,gBAAgB;oBACjC,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACpC,uBAAuB,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1D,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,OAAO,GAAG,OAAO,CAAC,MAAuB,CAAC;YAC5C,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,aAAa,GAAG,CAAC,IAA6B,EAAW,EAAE;YAC/D,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;YAE3B,IAAI,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBAClC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACnC,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC/C,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,sBAAsB,GAAG,CAAC,QAAgB,EAAW,EAAE;YAC3D,OAAO,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzB,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzB,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzB,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzB,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAC1B,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAC1B,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC;gBAChC,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,CAAC;gBACtC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACxC,CAAC,CAAC;QAEF,OAAO;YACL,iCAAiC;YACjC,cAAc,CAAC,IAA6B;gBAC1C,IAAI,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC;oBACtD,4CAA4C;oBAC5C,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;oBACtC,IAAI,iBAAiB,GAAG,KAAK,CAAC;oBAE9B,6CAA6C;oBAC7C,MAAM,WAAW,GAAG,UAAU,CAAC,cAAc,EAAE,CAAC;oBAChD,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;wBAClC,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;4BAChE,iBAAiB,GAAG,IAAI,CAAC;4BACzB,MAAM;wBACR,CAAC;oBACH,CAAC;oBAED,IAAI,iBAAiB,EAAE,CAAC;wBACtB,OAAO,CAAC,mCAAmC;oBAC7C,CAAC;oBAED,oCAAoC;oBACpC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;oBAC5B,IAAI,OAAkC,CAAC;oBAEvC,oEAAoE;oBACpE,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;wBAC1F,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;wBAC7C,IAAI,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;4BACnD,oCAAoC;4BACpC,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;wBACpB,CAAC;6BAAM,IAAI,gBAAgB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;4BACjD,4EAA4E;4BAC5E,OAAO,GAAG,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;wBACnD,CAAC;oBACH,CAAC;yBAAM,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,IAAI,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC5F,2DAA2D;wBAC3D,OAAO,GAAG,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;oBACnD,CAAC;oBAED,MAAM,QAAQ,GAAG,OAAO,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;oBACjH,MAAM,eAAe,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC;oBACzD,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB,CAAC;oBAE7D,IAAI,YAAY,EAAE,CAAC;wBACjB,yFAAyF;wBACzF,MAAM,kBAAkB,GAAG,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;wBAEnF,IAAI,CAAC,kBAAkB,EAAE,CAAC;4BACxB,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI;gCACJ,SAAS,EAAE,yBAAyB;gCACpC,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;gCACD,OAAO,EAAE;oCACP;wCACE,SAAS,EAAE,0BAA0B;wCACrC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qCAChB;iCACF;6BACF,CAAC,CAAC;wBACL,CAAC;wBACD,kDAAkD;wBAElD,uEAAuE;wBACvE,IAAI,eAAe,EAAE,CAAC;4BACpB,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI,EAAE,OAAO,IAAI,IAAI;gCACrB,SAAS,EAAE,6BAA6B;gCACxC,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;6BACF,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,qHAAqH;wBACrH,IAAI,eAAe,EAAE,CAAC;4BACpB,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI;gCACJ,SAAS,EAAE,6BAA6B;gCACxC,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;6BACF,CAAC,CAAC;wBACL,CAAC;6BAAM,CAAC;4BACN,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI;gCACJ,SAAS,EAAE,yBAAyB;gCACpC,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;gCACD,OAAO,EAAE;oCACP;wCACE,SAAS,EAAE,0BAA0B;wCACrC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qCAChB;iCACF;6BACF,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,qEAAqE;gBACrE,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;gBAC3B,IAAI,MAAM,CAAC,IAAI,KAAK,kBAAkB;oBAClC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;oBACrC,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBAEhF,oDAAoD;oBACpD,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;oBAC5B,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;wBACvB,IAAI,GAAG,CAAC,IAAI,KAAK,kBAAkB;4BAC/B,GAAG,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;4BAClC,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,cAAc,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;4BAElH,mEAAmE;4BACnE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC;gCAC1B,OAAO,CAAC,MAAM,CAAC;oCACb,IAAI,EAAE,GAAG;oCACT,SAAS,EAAE,wBAAwB;oCACnC,IAAI,EAAE;wCACJ,QAAQ,EAAE,QAAQ;wCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;qCACxC;iCACF,CAAC,CAAC;4BACL,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,4CAA4C;YAC5C,OAAO,CAAC,IAAsB;gBAC5B,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACnC,OAAO;gBACT,CAAC;gBAED,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC;gBAExB,gEAAgE;gBAChE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC/E,iDAAiD;oBACjD,IAAI,OAAO,GAA8B,IAAI,CAAC;oBAC9C,IAAI,gBAAgB,GAAG,KAAK,CAAC;oBAE7B,OAAO,OAAO,IAAI,CAAC,gBAAgB,EAAE,CAAC;wBACpC,IAAI,OAAO,CAAC,IAAI,KAAK,gBAAgB,IAAI,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAAC;4BACtE,gBAAgB,GAAG,IAAI,CAAC;4BACxB,MAAM;wBACR,CAAC;wBACD,IAAI,OAAO,CAAC,IAAI,KAAK,oBAAoB;4BACrC,OAAO,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY;4BAChC,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;gCACnC,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;gCAC/B,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;gCAC/B,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;gCAChC,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;gCAChC,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;4BACxC,gBAAgB,GAAG,IAAI,CAAC;4BACxB,MAAM;wBACR,CAAC;wBACD,OAAO,GAAG,OAAO,CAAC,MAAuB,CAAC;oBAC5C,CAAC;oBAED,yDAAyD;oBACzD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;oBAC3B,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,KAAK,oBAAoB,IAAI,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;wBACtF,MAAM,OAAO,GAAG,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;wBAC7C,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC;4BACjF,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;4BACnF,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;4BAC9B,gBAAgB,GAAG,IAAI,CAAC;wBAC1B,CAAC;oBACH,CAAC;oBAED,IAAI,gBAAgB,EAAE,CAAC;wBACrB,OAAO,CAAC,MAAM,CAAC;4BACb,IAAI;4BACJ,SAAS,EAAE,wBAAwB;4BACnC,IAAI,EAAE;gCACJ,QAAQ,EAAE,QAAQ;gCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;6BACxC;yBACF,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;gBAED,uFAAuF;gBACvF,0EAA0E;gBAC1E,IAAI,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;oBACjE,qDAAqD;oBACrD,IAAI,OAAO,GAA8B,IAAI,CAAC;oBAC9C,IAAI,gBAAgB,GAAG,KAAK,CAAC;oBAE7B,OAAO,OAAO,IAAI,CAAC,gBAAgB,EAAE,CAAC;wBACpC,IAAI,OAAO,CAAC,IAAI,KAAK,gBAAgB,IAAI,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAAC;4BACtE,+CAA+C;4BAC/C,MAAM,IAAI,GAAG,OAAO,CAAC,SAAS,CAAC;4BAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;4BAC9B,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,KAAK,kBAAkB,CAAC;4BAExD,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC;gCACtD,CAAC,CAAC,YAAY,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,EAAE,CAAC;gCAC5D,gBAAgB,GAAG,IAAI,CAAC;gCACxB,MAAM;4BACR,CAAC;wBACH,CAAC;wBACD,OAAO,GAAG,OAAO,CAAC,MAAuB,CAAC;oBAC5C,CAAC;oBAED,+DAA+D;oBAC/D,IAAI,CAAC,gBAAgB,EAAE,CAAC;wBACtB,OAAO,CAAC,MAAM,CAAC;4BACb,IAAI;4BACJ,SAAS,EAAE,6BAA6B;4BACxC,IAAI,EAAE;gCACJ,QAAQ,EAAE,QAAQ;gCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;6BACxC;yBACF,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAED,6BAA6B;YAC7B,kBAAkB,CAAC,IAAiC;gBAClD,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAChD,OAAO;gBACT,CAAC;gBAED,MAAM,OAAO,GAAG,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;gBAE3C,oDAAoD;gBACpD,IAAI,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBACtF,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,kBAAkB;wBACrC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;wBACxC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;wBAEvD,iDAAiD;wBACjD,gDAAgD;wBAChD,iFAAiF;oBACnF,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-node-security/src/rules/no-zip-slip/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAkBH,4DAAsD;AACtD,4DAA0E;AA4B7D,QAAA,SAAS,GAAG,IAAA,0BAAU,EAA0B;IAC3D,IAAI,EAAE,aAAa;IACnB,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,qDAAqD;SACnE;QACD,OAAO,EAAE,MAAM;QACf,cAAc,EAAE,IAAI;QACpB,QAAQ,EAAE;YACR,oBAAoB,EAAE,IAAA,gCAAgB,EAAC;gBACrC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,wBAAwB;gBACnC,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,iDAAiD;gBAC9D,QAAQ,EAAE,cAAc;gBACxB,GAAG,EAAE,qBAAqB;gBAC1B,iBAAiB,EAAE,gDAAgD;aACpE,CAAC;YACF,uBAAuB,EAAE,IAAA,gCAAgB,EAAC;gBACxC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,2BAA2B;gBACtC,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,qDAAqD;gBAC1D,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,sBAAsB,EAAE,IAAA,gCAAgB,EAAC;gBACvC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,2BAA2B;gBACtC,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,2CAA2C;gBACxD,QAAQ,EAAE,UAAU;gBACpB,GAAG,EAAE,uDAAuD;gBAC5D,iBAAiB,EAAE,gDAAgD;aACpE,CAAC;YACF,sBAAsB,EAAE,IAAA,gCAAgB,EAAC;gBACvC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,0BAA0B;gBACrC,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,kCAAkC;gBACvC,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,2BAA2B,EAAE,IAAA,gCAAgB,EAAC;gBAC5C,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,+BAA+B;gBAC1C,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,yCAAyC;gBACtD,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,qCAAqC;gBAC1C,iBAAiB,EAAE,gDAAgD;aACpE,CAAC;YACF,wBAAwB,EAAE,IAAA,gCAAgB,EAAC;gBACzC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,6BAA6B;gBACxC,WAAW,EAAE,6CAA6C;gBAC1D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,4DAA4D;gBACjE,iBAAiB,EAAE,qCAAqC;aACzD,CAAC;YACF,oBAAoB,EAAE,IAAA,gCAAgB,EAAC;gBACrC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,wBAAwB;gBACnC,WAAW,EAAE,kCAAkC;gBAC/C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,qEAAqE;gBAC1E,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,oBAAoB,EAAE,IAAA,gCAAgB,EAAC;gBACrC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,wBAAwB;gBACnC,WAAW,EAAE,8BAA8B;gBAC3C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,4CAA4C;gBACjD,iBAAiB,EAAE,uDAAuD;aAC3E,CAAC;YACF,sBAAsB,EAAE,IAAA,gCAAgB,EAAC;gBACvC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,0BAA0B;gBACrC,WAAW,EAAE,2CAA2C;gBACxD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,yDAAyD;gBAC9D,iBAAiB,EAAE,gDAAgD;aACpE,CAAC;YACF,qBAAqB,EAAE,IAAA,gCAAgB,EAAC;gBACtC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,yBAAyB;gBACpC,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,6DAA6D;gBAClE,iBAAiB,EAAE,oDAAoD;aACxE,CAAC;YACF,kBAAkB,EAAE,IAAA,gCAAgB,EAAC;gBACnC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,qBAAqB;gBAChC,WAAW,EAAE,2CAA2C;gBACxD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,oDAAoD;gBACzD,iBAAiB,EAAE,qEAAqE;aACzF,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,gBAAgB,EAAE;wBAChB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,SAAS,EAAE,YAAY,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,gBAAgB,CAAC;qBACvF;oBACD,uBAAuB,EAAE;wBACvB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,cAAc,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC;qBACnE;oBACD,aAAa,EAAE;wBACb,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,OAAO,EAAE,sBAAsB,EAAE,YAAY,EAAE,UAAU,CAAC;qBACrE;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,gBAAgB,EAAE,CAAC,SAAS,EAAE,YAAY,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,gBAAgB,CAAC;YAC/F,uBAAuB,EAAE,CAAC,cAAc,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC;YAClF,aAAa,EAAE,CAAC,OAAO,EAAE,sBAAsB,EAAE,YAAY,EAAE,UAAU,CAAC;SAC3E;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACJ,gBAAgB,GAAG,CAAC,SAAS,EAAE,YAAY,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAChG,uBAAuB,GAAG,CAAC,cAAc,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC,EACnF,aAAa,GAAG,CAAC,OAAO,EAAE,sBAAsB,EAAE,YAAY,EAAE,UAAU,CAAC,GAC5E,GAAY,OAAO,CAAC;QAErB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QAE3D,yDAAyD;QAEzD;;WAEG;QACH,MAAM,mBAAmB,GAAG,CAAC,IAA6B,EAAW,EAAE;YACrE,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;YAE3B,0DAA0D;YAC1D,IAAI,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBAClC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;gBACrC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBACpD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,gEAAgE;YAChE,IAAI,MAAM,CAAC,IAAI,KAAK,YAAY;gBAC5B,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3C,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,qBAAqB,GAAG,CAAC,QAAgB,EAAW,EAAE;YAC1D,0BAA0B;YAC1B,OAAO,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,gBAAgB;gBAC3C,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,aAAa;gBACvC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAE,eAAe;QAClD,CAAC,CAAC;QAGF;;;;;;WAMG;QACH,MAAM,eAAe,GAAG,CAAC,QAAuB,EAAW,EAAE;YAC3D,IAAI,OAAO,GAA8B,QAAQ,CAAC;YAElD,OAAO,OAAO,EAAE,CAAC;gBACf,gDAAgD;gBAChD,IAAI,OAAO,CAAC,IAAI,KAAK,gBAAgB;oBACjC,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACpC,uBAAuB,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1D,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,yCAAyC;gBACzC,IAAI,OAAO,CAAC,IAAI,KAAK,gBAAgB;oBACjC,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;oBAC1C,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBAC3C,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,MAAM;oBACrC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;oBAC7C,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;oBAChD,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,0DAA0D;gBAC1D,IAAI,OAAO,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;oBACnC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;oBAC1B,2EAA2E;oBAC3E,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB;wBAC9B,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;wBACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;wBAC1C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;wBAC/C,OAAO,IAAI,CAAC;oBACd,CAAC;oBACD,IAAI,IAAI,CAAC,IAAI,KAAK,iBAAiB,IAAI,IAAI,CAAC,QAAQ,KAAK,GAAG;wBACxD,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,gBAAgB;wBACvC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;wBAChD,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;wBACnD,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;wBACxD,OAAO,IAAI,CAAC;oBACd,CAAC;oBACD,4CAA4C;oBAC5C,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB;wBAC9B,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;wBACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;wBAC1C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;wBAC7C,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;gBAED,OAAO,GAAG,OAAO,CAAC,MAAuB,CAAC;YAC5C,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;;WAGG;QACH,MAAM,aAAa,GAAG,CAAC,IAA6B,EAAW,EAAE;YAC/D,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;YAE3B,wEAAwE;YACxE,IAAI,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBAClC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACnC,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC/C,OAAO,IAAI,CAAC;YACd,CAAC;YAED,+EAA+E;YAC/E,mFAAmF;YACnF,IAAI,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBACjC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;gBACvC,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,UAAU;oBACzC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;oBAChE,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;;WAGG;QACH,MAAM,sBAAsB,GAAG,CAAC,QAAgB,EAAW,EAAE;YAC3D,iDAAiD;YACjD,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACjG,OAAO,KAAK,CAAC;YACf,CAAC;YAED,OAAO,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzB,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzB,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzB,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAC1B,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAC1B,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC;gBAChC,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,CAAC;gBACtC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACxC,CAAC,CAAC;QAEF,OAAO;YACL,iCAAiC;YACjC,cAAc,CAAC,IAA6B;gBAC1C,IAAI,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC;oBACtD,4CAA4C;oBAC5C,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;oBACtC,IAAI,iBAAiB,GAAG,KAAK,CAAC;oBAE9B,6CAA6C;oBAC7C,MAAM,WAAW,GAAG,UAAU,CAAC,cAAc,EAAE,CAAC;oBAChD,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;wBAClC,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;4BAChE,iBAAiB,GAAG,IAAI,CAAC;4BACzB,MAAM;wBACR,CAAC;oBACH,CAAC;oBAED,IAAI,iBAAiB,EAAE,CAAC;wBACtB,OAAO,CAAC,mCAAmC;oBAC7C,CAAC;oBAED,oCAAoC;oBACpC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;oBAC5B,IAAI,OAAkC,CAAC;oBAEvC,oEAAoE;oBACpE,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;wBAC1F,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;wBAC7C,IAAI,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;4BACnD,oCAAoC;4BACpC,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;wBACpB,CAAC;6BAAM,IAAI,gBAAgB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;4BACjD,4EAA4E;4BAC5E,OAAO,GAAG,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;wBACnD,CAAC;oBACH,CAAC;yBAAM,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,IAAI,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC5F,2DAA2D;wBAC3D,OAAO,GAAG,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;oBACnD,CAAC;oBAED,MAAM,QAAQ,GAAG,OAAO,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;oBACjH,MAAM,eAAe,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC;oBACzD,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB,CAAC;oBAE7D,IAAI,YAAY,EAAE,CAAC;wBACjB,yFAAyF;wBACzF,MAAM,kBAAkB,GAAG,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;wBAEnF,IAAI,CAAC,kBAAkB,EAAE,CAAC;4BACxB,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI;gCACJ,SAAS,EAAE,yBAAyB;gCACpC,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;gCACD,OAAO,EAAE;oCACP;wCACE,SAAS,EAAE,0BAA0B;wCACrC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qCAChB;iCACF;6BACF,CAAC,CAAC;wBACL,CAAC;wBACD,kDAAkD;wBAElD,uEAAuE;wBACvE,IAAI,eAAe,EAAE,CAAC;4BACpB,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI,EAAE,OAAO,IAAI,IAAI;gCACrB,SAAS,EAAE,6BAA6B;gCACxC,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;6BACF,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,qHAAqH;wBACrH,IAAI,eAAe,EAAE,CAAC;4BACpB,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI;gCACJ,SAAS,EAAE,6BAA6B;gCACxC,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;6BACF,CAAC,CAAC;wBACL,CAAC;6BAAM,CAAC;4BACN,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI;gCACJ,SAAS,EAAE,yBAAyB;gCACpC,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;gCACD,OAAO,EAAE;oCACP;wCACE,SAAS,EAAE,0BAA0B;wCACrC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qCAChB;iCACF;6BACF,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,qEAAqE;gBACrE,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;gBAC3B,IAAI,MAAM,CAAC,IAAI,KAAK,kBAAkB;oBAClC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;oBACrC,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBAEhF,oDAAoD;oBACpD,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;oBAC5B,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;wBACvB,IAAI,GAAG,CAAC,IAAI,KAAK,kBAAkB;4BAC/B,GAAG,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;4BAClC,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,cAAc,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;4BAElH,mEAAmE;4BACnE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC;gCAC1B,OAAO,CAAC,MAAM,CAAC;oCACb,IAAI,EAAE,GAAG;oCACT,SAAS,EAAE,wBAAwB;oCACnC,IAAI,EAAE;wCACJ,QAAQ,EAAE,QAAQ;wCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;qCACxC;iCACF,CAAC,CAAC;4BACL,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,4CAA4C;YAC5C,OAAO,CAAC,IAAsB;gBAC5B,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACnC,OAAO;gBACT,CAAC;gBAED,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC;gBAExB,gEAAgE;gBAChE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC/E,iDAAiD;oBACjD,IAAI,OAAO,GAA8B,IAAI,CAAC;oBAC9C,IAAI,gBAAgB,GAAG,KAAK,CAAC;oBAE7B,OAAO,OAAO,IAAI,CAAC,gBAAgB,EAAE,CAAC;wBACpC,IAAI,OAAO,CAAC,IAAI,KAAK,gBAAgB,IAAI,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAAC;4BACtE,gBAAgB,GAAG,IAAI,CAAC;4BACxB,MAAM;wBACR,CAAC;wBACD,IAAI,OAAO,CAAC,IAAI,KAAK,oBAAoB;4BACrC,OAAO,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY;4BAChC,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;gCACnC,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;gCAC/B,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;gCAC/B,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;gCAChC,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;gCAChC,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;4BACxC,gBAAgB,GAAG,IAAI,CAAC;4BACxB,MAAM;wBACR,CAAC;wBACD,OAAO,GAAG,OAAO,CAAC,MAAuB,CAAC;oBAC5C,CAAC;oBAED,yDAAyD;oBACzD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;oBAC3B,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,KAAK,oBAAoB,IAAI,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;wBACtF,MAAM,OAAO,GAAG,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;wBAC7C,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC;4BACjF,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;4BACnF,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;4BAC9B,gBAAgB,GAAG,IAAI,CAAC;wBAC1B,CAAC;oBACH,CAAC;oBAED,IAAI,gBAAgB,EAAE,CAAC;wBACrB,OAAO,CAAC,MAAM,CAAC;4BACb,IAAI;4BACJ,SAAS,EAAE,wBAAwB;4BACnC,IAAI,EAAE;gCACJ,QAAQ,EAAE,QAAQ;gCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;6BACxC;yBACF,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;gBAED,uFAAuF;gBACvF,0EAA0E;gBAC1E,IAAI,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;oBACjE,qDAAqD;oBACrD,IAAI,OAAO,GAA8B,IAAI,CAAC;oBAC9C,IAAI,gBAAgB,GAAG,KAAK,CAAC;oBAE7B,OAAO,OAAO,IAAI,CAAC,gBAAgB,EAAE,CAAC;wBACpC,IAAI,OAAO,CAAC,IAAI,KAAK,gBAAgB,IAAI,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAAC;4BACtE,+CAA+C;4BAC/C,MAAM,IAAI,GAAG,OAAO,CAAC,SAAS,CAAC;4BAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;4BAC9B,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,KAAK,kBAAkB,CAAC;4BAExD,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC;gCACtD,CAAC,CAAC,YAAY,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,EAAE,CAAC;gCAC5D,gBAAgB,GAAG,IAAI,CAAC;gCACxB,MAAM;4BACR,CAAC;wBACH,CAAC;wBACD,OAAO,GAAG,OAAO,CAAC,MAAuB,CAAC;oBAC5C,CAAC;oBAED,+DAA+D;oBAC/D,IAAI,CAAC,gBAAgB,EAAE,CAAC;wBACtB,OAAO,CAAC,MAAM,CAAC;4BACb,IAAI;4BACJ,SAAS,EAAE,6BAA6B;4BACxC,IAAI,EAAE;gCACJ,QAAQ,EAAE,QAAQ;gCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;6BACxC;yBACF,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAED,6BAA6B;YAC7B,kBAAkB,CAAC,IAAiC;gBAClD,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAChD,OAAO;gBACT,CAAC;gBAED,MAAM,OAAO,GAAG,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;gBAE3C,oDAAoD;gBACpD,IAAI,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBACtF,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,kBAAkB;wBACrC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;wBACxC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;wBAEvD,iDAAiD;wBACjD,gDAAgD;wBAChD,iFAAiF;oBACnF,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}