eslint-plugin-sdl-2 1.0.4

package/dist/rules/no-trusted-types-policy-pass-through.d.ts

@@ -0,0 +1,5 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+declare const rule: ReturnType<typeof createRule>;
+export default rule;
+//# sourceMappingURL=no-trusted-types-policy-pass-through.d.ts.map

package/dist/rules/no-trusted-types-policy-pass-through.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-trusted-types-policy-pass-through.d.ts","sourceRoot":"","sources":["../../src/rules/no-trusted-types-policy-pass-through.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAuGzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CAmEtC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-trusted-types-policy-pass-through.js

@@ -0,0 +1,115 @@
+import { arrayFirst, isDefined, setHas } from "ts-extras";
+import { createRule } from "../_internal/create-rule.js";
+import { getMemberPropertyName, getPropertyName, } from "../_internal/estree-utils.js";
+const isExpressionNode = (node) => node.type !== "ArrayPattern" &&
+    node.type !== "AssignmentPattern" &&
+    node.type !== "ObjectPattern";
+const POLICY_FACTORY_NAMES = new Set([
+    "createHTML",
+    "createScript",
+    "createScriptURL",
+]);
+const isFunctionExpression = (expression) => expression.type === "ArrowFunctionExpression" ||
+    expression.type === "FunctionExpression";
+const unwrapTransparentExpression = (expression) => {
+    if (expression.type === "TSAsExpression" ||
+        expression.type === "TSTypeAssertion") {
+        return unwrapTransparentExpression(expression.expression);
+    }
+    return expression;
+};
+const isPassThroughFactory = (factoryNode) => {
+    const [firstParameter] = factoryNode.params;
+    if (firstParameter?.type !== "Identifier") {
+        return false;
+    }
+    if (factoryNode.body.type !== "BlockStatement") {
+        const expressionBody = unwrapTransparentExpression(factoryNode.body);
+        return (expressionBody.type === "Identifier" &&
+            expressionBody.name === firstParameter.name);
+    }
+    if (factoryNode.body.body.length !== 1) {
+        return false;
+    }
+    const onlyStatement = arrayFirst(factoryNode.body.body);
+    if (onlyStatement?.type !== "ReturnStatement" ||
+        onlyStatement.argument === null) {
+        return false;
+    }
+    const returnedExpression = unwrapTransparentExpression(onlyStatement.argument);
+    return (returnedExpression.type === "Identifier" &&
+        returnedExpression.name === firstParameter.name);
+};
+const isTrustedTypesCreatePolicyCall = (node) => {
+    if (node.callee.type !== "MemberExpression") {
+        return false;
+    }
+    if (getMemberPropertyName(node.callee) !== "createPolicy") {
+        return false;
+    }
+    if (node.callee.object.type === "Identifier") {
+        return node.callee.object.name === "trustedTypes";
+    }
+    if (node.callee.object.type !== "MemberExpression") {
+        return false;
+    }
+    return getMemberPropertyName(node.callee.object) === "trustedTypes";
+};
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        return {
+            CallExpression(node) {
+                if (!isTrustedTypesCreatePolicyCall(node)) {
+                    return;
+                }
+                const [, secondArgument] = node.arguments;
+                if (secondArgument === undefined ||
+                    secondArgument.type === "SpreadElement" ||
+                    secondArgument.type !== "ObjectExpression") {
+                    return;
+                }
+                for (const propertyNode of secondArgument.properties) {
+                    if (propertyNode.type !== "Property" ||
+                        propertyNode.kind !== "init") {
+                        continue;
+                    }
+                    const propertyName = getPropertyName(propertyNode);
+                    if (!isDefined(propertyName) ||
+                        !setHas(POLICY_FACTORY_NAMES, propertyName) ||
+                        !isExpressionNode(propertyNode.value) ||
+                        !isFunctionExpression(propertyNode.value) ||
+                        !isPassThroughFactory(propertyNode.value)) {
+                        continue;
+                    }
+                    context.report({
+                        data: {
+                            methodName: propertyName,
+                        },
+                        messageId: "default",
+                        node: propertyNode,
+                    });
+                }
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "disallow pass-through Trusted Types policies that return unvalidated input unchanged.",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-trusted-types-policy-pass-through",
+        },
+        messages: {
+            default: "Do not implement {{methodName}} as a Trusted Types pass-through; sanitize or validate the input first.",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-trusted-types-policy-pass-through",
+});
+export default rule;
+/* eslint-enable @typescript-eslint/prefer-readonly-parameter-types -- Restore linting after rule implementation declarations. */
+//# sourceMappingURL=no-trusted-types-policy-pass-through.js.map

package/dist/rules/no-trusted-types-policy-pass-through.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-trusted-types-policy-pass-through.js","sourceRoot":"","sources":["../../src/rules/no-trusted-types-policy-pass-through.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;AAE1D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EACH,qBAAqB,EACrB,eAAe,GAClB,MAAM,8BAA8B,CAAC;AAQtC,MAAM,gBAAgB,GAAG,CAAC,IAAmB,EAA+B,EAAE,CAC1E,IAAI,CAAC,IAAI,KAAK,cAAc;IAC5B,IAAI,CAAC,IAAI,KAAK,mBAAmB;IACjC,IAAI,CAAC,IAAI,KAAK,eAAe,CAAC;AAElC,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC;IACjC,YAAY;IACZ,cAAc;IACd,iBAAiB;CACpB,CAAC,CAAC;AAEH,MAAM,oBAAoB,GAAG,CACzB,UAA+B,EACI,EAAE,CACrC,UAAU,CAAC,IAAI,KAAK,yBAAyB;IAC7C,UAAU,CAAC,IAAI,KAAK,oBAAoB,CAAC;AAE7C,MAAM,2BAA2B,GAAG,CAChC,UAA+B,EACZ,EAAE;IACrB,IACI,UAAU,CAAC,IAAI,KAAK,gBAAgB;QACpC,UAAU,CAAC,IAAI,KAAK,iBAAiB,EACvC,CAAC;QACC,OAAO,2BAA2B,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO,UAAU,CAAC;AACtB,CAAC,CAAC;AAEF,MAAM,oBAAoB,GAAG,CAAC,WAAkC,EAAW,EAAE;IACzE,MAAM,CAAC,cAAc,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC;IAE5C,IAAI,cAAc,EAAE,IAAI,KAAK,YAAY,EAAE,CAAC;QACxC,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;QAC7C,MAAM,cAAc,GAAG,2BAA2B,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAErE,OAAO,CACH,cAAc,CAAC,IAAI,KAAK,YAAY;YACpC,cAAc,CAAC,IAAI,KAAK,cAAc,CAAC,IAAI,CAC9C,CAAC;IACN,CAAC;IAED,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrC,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,aAAa,GAAG,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAExD,IACI,aAAa,EAAE,IAAI,KAAK,iBAAiB;QACzC,aAAa,CAAC,QAAQ,KAAK,IAAI,EACjC,CAAC;QACC,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,kBAAkB,GAAG,2BAA2B,CAClD,aAAa,CAAC,QAAQ,CACzB,CAAC;IAEF,OAAO,CACH,kBAAkB,CAAC,IAAI,KAAK,YAAY;QACxC,kBAAkB,CAAC,IAAI,KAAK,cAAc,CAAC,IAAI,CAClD,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,8BAA8B,GAAG,CACnC,IAA6B,EACtB,EAAE;IACT,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;QAC1C,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,cAAc,EAAE,CAAC;QACxD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QAC3C,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,cAAc,CAAC;IACtD,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;QACjD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,cAAc,CAAC;AACxE,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAwB;IAC1E,MAAM,CAAC,OAAO;QACV,OAAO;YACH,cAAc,CAAC,IAA6B;gBACxC,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,EAAE,CAAC;oBACxC,OAAO;gBACX,CAAC;gBAED,MAAM,CAAC,EAAE,cAAc,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC;gBAE1C,IACI,cAAc,KAAK,SAAS;oBAC5B,cAAc,CAAC,IAAI,KAAK,eAAe;oBACvC,cAAc,CAAC,IAAI,KAAK,kBAAkB,EAC5C,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,KAAK,MAAM,YAAY,IAAI,cAAc,CAAC,UAAU,EAAE,CAAC;oBACnD,IACI,YAAY,CAAC,IAAI,KAAK,UAAU;wBAChC,YAAY,CAAC,IAAI,KAAK,MAAM,EAC9B,CAAC;wBACC,SAAS;oBACb,CAAC;oBAED,MAAM,YAAY,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC;oBAEnD,IACI,CAAC,SAAS,CAAC,YAAY,CAAC;wBACxB,CAAC,MAAM,CAAC,oBAAoB,EAAE,YAAY,CAAC;wBAC3C,CAAC,gBAAgB,CAAC,YAAY,CAAC,KAAK,CAAC;wBACrC,CAAC,oBAAoB,CAAC,YAAY,CAAC,KAAK,CAAC;wBACzC,CAAC,oBAAoB,CAAC,YAAY,CAAC,KAAK,CAAC,EAC3C,CAAC;wBACC,SAAS;oBACb,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACX,IAAI,EAAE;4BACF,UAAU,EAAE,YAAY;yBAC3B;wBACD,SAAS,EAAE,SAAS;wBACpB,IAAI,EAAE,YAAY;qBACrB,CAAC,CAAC;gBACP,CAAC;YACL,CAAC;SACJ,CAAC;IACN,CAAC;IACD,cAAc,EAAE,EAAE;IAClB,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,uFAAuF;YAC3F,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,kGAAkG;SAC1G;QACD,QAAQ,EAAE;YACN,OAAO,EACH,wGAAwG;SAC/G;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,sCAAsC;CAC/C,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}

package/dist/rules/no-unsafe-alloc.d.ts

@@ -0,0 +1,5 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+declare const rule: ReturnType<typeof createRule>;
+export default rule;
+//# sourceMappingURL=no-unsafe-alloc.d.ts.map

package/dist/rules/no-unsafe-alloc.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-unsafe-alloc.d.ts","sourceRoot":"","sources":["../../src/rules/no-unsafe-alloc.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA0DtC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-unsafe-alloc.js

@@ -0,0 +1,51 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        return {
+            "MemberExpression[object.name='Buffer'][property.name=/^(?:allocUnsafe|allocUnsafeSlow)$/]"(node) {
+                const parentNode = node.parent;
+                if (parentNode?.type === "CallExpression" &&
+                    parentNode.arguments.length === 1) {
+                    const [firstArgument] = parentNode.arguments;
+                    if (firstArgument?.type === "Literal" &&
+                        (firstArgument.value === 0 ||
+                            firstArgument.value === "0")) {
+                        return;
+                    }
+                }
+                context.report({
+                    fix(fixer) {
+                        if (node.computed ||
+                            node.property.type !== "Identifier") {
+                            return null;
+                        }
+                        return fixer.replaceText(node.property, "alloc");
+                    },
+                    messageId: "default",
+                    node,
+                });
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "disallow Buffer.allocUnsafe/allocUnsafeSlow allocations that may expose uninitialized memory.",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-unsafe-alloc",
+        },
+        fixable: "code",
+        messages: {
+            default: "Do not allocate uninitialized buffers in Node.js.",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-unsafe-alloc",
+});
+export default rule;
+/* eslint-enable @typescript-eslint/prefer-readonly-parameter-types -- Restore linting after rule implementation declarations. */
+//# sourceMappingURL=no-unsafe-alloc.js.map

package/dist/rules/no-unsafe-alloc.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-unsafe-alloc.js","sourceRoot":"","sources":["../../src/rules/no-unsafe-alloc.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAC;IACnD,MAAM,CAAC,OAAO;QACV,OAAO;YACH,2FAA2F,CACvF,IAA+B;gBAE/B,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC;gBAE/B,IACI,UAAU,EAAE,IAAI,KAAK,gBAAgB;oBACrC,UAAU,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EACnC,CAAC;oBACC,MAAM,CAAC,aAAa,CAAC,GAAG,UAAU,CAAC,SAAS,CAAC;oBAE7C,IACI,aAAa,EAAE,IAAI,KAAK,SAAS;wBACjC,CAAC,aAAa,CAAC,KAAK,KAAK,CAAC;4BACtB,aAAa,CAAC,KAAK,KAAK,GAAG,CAAC,EAClC,CAAC;wBACC,OAAO;oBACX,CAAC;gBACL,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,GAAG,CAAC,KAAK;wBACL,IACI,IAAI,CAAC,QAAQ;4BACb,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EACrC,CAAC;4BACC,OAAO,IAAI,CAAC;wBAChB,CAAC;wBAED,OAAO,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;oBACrD,CAAC;oBACD,SAAS,EAAE,SAAS;oBACpB,IAAI;iBACP,CAAC,CAAC;YACP,CAAC;SACJ,CAAC;IACN,CAAC;IACD,cAAc,EAAE,EAAE;IAClB,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,+FAA+F;YACnG,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,6EAA6E;SACrF;QACD,OAAO,EAAE,MAAM;QACf,QAAQ,EAAE;YACN,OAAO,EAAE,mDAAmD;SAC/D;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,iBAAiB;CAC1B,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}

package/dist/rules/no-unsafe-cast-to-trusted-types.d.ts

@@ -0,0 +1,5 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+declare const rule: ReturnType<typeof createRule>;
+export default rule;
+//# sourceMappingURL=no-unsafe-cast-to-trusted-types.d.ts.map

package/dist/rules/no-unsafe-cast-to-trusted-types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-unsafe-cast-to-trusted-types.d.ts","sourceRoot":"","sources":["../../src/rules/no-unsafe-cast-to-trusted-types.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AA+DzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CAkDtC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-unsafe-cast-to-trusted-types.js

@@ -0,0 +1,89 @@
+import { isDefined, setHas } from "ts-extras";
+import { createRule } from "../_internal/create-rule.js";
+const TRUSTED_TYPE_NAMES = new Set([
+    "TrustedHTML",
+    "TrustedScript",
+    "TrustedScriptURL",
+]);
+const getTypeName = (node) => {
+    if (node.type === "TSTypeReference" &&
+        node.typeName.type === "Identifier") {
+        return node.typeName.name;
+    }
+    return undefined;
+};
+const isTrustedTypeNode = (node) => {
+    const typeName = getTypeName(node);
+    return isDefined(typeName) && setHas(TRUSTED_TYPE_NAMES, typeName);
+};
+const getExpressionCalleeName = (expression) => {
+    if (expression.type !== "CallExpression") {
+        return undefined;
+    }
+    if (expression.callee.type === "Identifier") {
+        return expression.callee.name;
+    }
+    if (expression.callee.type === "MemberExpression" &&
+        !expression.callee.computed &&
+        expression.callee.property.type === "Identifier") {
+        return expression.callee.property.name;
+    }
+    return undefined;
+};
+const isKnownTrustedFactoryCall = (expression) => {
+    const calleeName = getExpressionCalleeName(expression);
+    if (!isDefined(calleeName)) {
+        return false;
+    }
+    return /sanitize|createhtml|createscripturl|createscript|trusted/u.test(calleeName.toLowerCase());
+};
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        return {
+            TSAsExpression(node) {
+                if (!isTrustedTypeNode(node.typeAnnotation)) {
+                    return;
+                }
+                if (isKnownTrustedFactoryCall(node.expression)) {
+                    return;
+                }
+                context.report({
+                    messageId: "default",
+                    node,
+                });
+            },
+            TSTypeAssertion(node) {
+                if (!isTrustedTypeNode(node.typeAnnotation)) {
+                    return;
+                }
+                if (isKnownTrustedFactoryCall(node.expression)) {
+                    return;
+                }
+                context.report({
+                    messageId: "default",
+                    node,
+                });
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "disallow unsafe casts to Trusted Types without validated/trusted factory paths.",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-unsafe-cast-to-trusted-types",
+        },
+        messages: {
+            default: "Do not cast unvalidated values to Trusted Types.",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-unsafe-cast-to-trusted-types",
+});
+export default rule;
+/* eslint-enable @typescript-eslint/prefer-readonly-parameter-types -- Restore linting after rule implementation declarations. */
+//# sourceMappingURL=no-unsafe-cast-to-trusted-types.js.map

package/dist/rules/no-unsafe-cast-to-trusted-types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-unsafe-cast-to-trusted-types.js","sourceRoot":"","sources":["../../src/rules/no-unsafe-cast-to-trusted-types.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;AAE9C,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAIzD,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC;IAC/B,aAAa;IACb,eAAe;IACf,kBAAkB;CACrB,CAAC,CAAC;AAEH,MAAM,WAAW,GAAG,CAAC,IAAuB,EAAsB,EAAE;IAChE,IACI,IAAI,CAAC,IAAI,KAAK,iBAAiB;QAC/B,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EACrC,CAAC;QACC,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC9B,CAAC;IAED,OAAO,SAAS,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CAAC,IAAuB,EAAW,EAAE;IAC3D,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IAEnC,OAAO,SAAS,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,kBAAkB,EAAE,QAAQ,CAAC,CAAC;AACvE,CAAC,CAAC;AAEF,MAAM,uBAAuB,GAAG,CAC5B,UAA+B,EACb,EAAE;IACpB,IAAI,UAAU,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;QACvC,OAAO,SAAS,CAAC;IACrB,CAAC;IAED,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QAC1C,OAAO,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC;IAClC,CAAC;IAED,IACI,UAAU,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;QAC7C,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ;QAC3B,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAClD,CAAC;QACC,OAAO,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC3C,CAAC;IAED,OAAO,SAAS,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,yBAAyB,GAAG,CAC9B,UAA+B,EACxB,EAAE;IACT,MAAM,UAAU,GAAG,uBAAuB,CAAC,UAAU,CAAC,CAAC;IAEvD,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,2DAA2D,CAAC,IAAI,CACnE,UAAU,CAAC,WAAW,EAAE,CAC3B,CAAC;AACN,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAwB;IAC1E,MAAM,CAAC,OAAO;QACV,OAAO;YACH,cAAc,CAAC,IAA6B;gBACxC,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;oBAC1C,OAAO;gBACX,CAAC;gBAED,IAAI,yBAAyB,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;oBAC7C,OAAO;gBACX,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,SAAS,EAAE,SAAS;oBACpB,IAAI;iBACP,CAAC,CAAC;YACP,CAAC;YACD,eAAe,CAAC,IAA8B;gBAC1C,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;oBAC1C,OAAO;gBACX,CAAC;gBAED,IAAI,yBAAyB,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;oBAC7C,OAAO;gBACX,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,SAAS,EAAE,SAAS;oBACpB,IAAI;iBACP,CAAC,CAAC;YACP,CAAC;SACJ,CAAC;IACN,CAAC;IACD,cAAc,EAAE,EAAE;IAClB,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,iFAAiF;YACrF,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,6FAA6F;SACrG;QACD,QAAQ,EAAE;YACN,OAAO,EAAE,kDAAkD;SAC9D;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,iCAAiC;CAC1C,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}

package/dist/rules/no-window-open-without-noopener.d.ts

@@ -0,0 +1,5 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+declare const rule: ReturnType<typeof createRule>;
+export default rule;
+//# sourceMappingURL=no-window-open-without-noopener.d.ts.map

package/dist/rules/no-window-open-without-noopener.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-window-open-without-noopener.d.ts","sourceRoot":"","sources":["../../src/rules/no-window-open-without-noopener.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AA+CzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CAuEtC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-window-open-without-noopener.js

@@ -0,0 +1,84 @@
+import { arrayFirst, isDefined, stringSplit } from "ts-extras";
+import { createRule } from "../_internal/create-rule.js";
+const getStaticStringValue = (node) => {
+    if (node.type === "Literal" && typeof node.value === "string") {
+        return node.value;
+    }
+    if (node.type === "TemplateLiteral" && node.expressions.length === 0) {
+        const firstQuasi = arrayFirst(node.quasis);
+        if (!isDefined(firstQuasi) ||
+            typeof firstQuasi.value.cooked !== "string") {
+            return undefined;
+        }
+        return firstQuasi.value.cooked;
+    }
+    return undefined;
+};
+const isWindowOpenCallee = (callee) => {
+    if (callee.type !== "MemberExpression" || callee.computed) {
+        return false;
+    }
+    return (callee.object.type === "Identifier" &&
+        callee.object.name === "window" &&
+        callee.property.type === "Identifier" &&
+        callee.property.name === "open");
+};
+const hasNoopenerToken = (features) => stringSplit(features.toLowerCase(), ",")
+    .map((token) => token.trim())
+    .some((token) => token === "noopener" || token.startsWith("noopener="));
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        return {
+            CallExpression(node) {
+                if (!isWindowOpenCallee(node.callee)) {
+                    return;
+                }
+                const [, secondArgument, thirdArgument,] = node.arguments;
+                if (secondArgument === undefined ||
+                    secondArgument.type === "SpreadElement") {
+                    return;
+                }
+                const targetValue = getStaticStringValue(secondArgument);
+                if (targetValue !== "_blank") {
+                    return;
+                }
+                if (thirdArgument === undefined ||
+                    thirdArgument.type === "SpreadElement") {
+                    context.report({
+                        messageId: "default",
+                        node,
+                    });
+                    return;
+                }
+                const featuresValue = getStaticStringValue(thirdArgument);
+                if (typeof featuresValue !== "string" ||
+                    !hasNoopenerToken(featuresValue)) {
+                    context.report({
+                        messageId: "default",
+                        node: thirdArgument,
+                    });
+                }
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "require noopener when using window.open with a _blank target.",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-window-open-without-noopener",
+        },
+        messages: {
+            default: "Include 'noopener' in window.open features when target is '_blank'.",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-window-open-without-noopener",
+});
+export default rule;
+/* eslint-enable @typescript-eslint/prefer-readonly-parameter-types -- Restore linting after rule implementation declarations. */
+//# sourceMappingURL=no-window-open-without-noopener.js.map

package/dist/rules/no-window-open-without-noopener.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-window-open-without-noopener.js","sourceRoot":"","sources":["../../src/rules/no-window-open-without-noopener.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAE/D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAIzD,MAAM,oBAAoB,GAAG,CACzB,IAAyB,EACP,EAAE;IACpB,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC5D,OAAO,IAAI,CAAC,KAAK,CAAC;IACtB,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,KAAK,iBAAiB,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnE,MAAM,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAE3C,IACI,CAAC,SAAS,CAAC,UAAU,CAAC;YACtB,OAAO,UAAU,CAAC,KAAK,CAAC,MAAM,KAAK,QAAQ,EAC7C,CAAC;YACC,OAAO,SAAS,CAAC;QACrB,CAAC;QAED,OAAO,UAAU,CAAC,KAAK,CAAC,MAAM,CAAC;IACnC,CAAC;IAED,OAAO,SAAS,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CACvB,MAAyC,EAClC,EAAE;IACT,IAAI,MAAM,CAAC,IAAI,KAAK,kBAAkB,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACxD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,CACH,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;QACnC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,QAAQ;QAC/B,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;QACrC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,MAAM,CAClC,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,gBAAgB,GAAG,CAAC,QAAgB,EAAW,EAAE,CACnD,WAAW,CAAC,QAAQ,CAAC,WAAW,EAAE,EAAE,GAAG,CAAC;KACnC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;KAC5B,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,KAAK,UAAU,IAAI,KAAK,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;AAEhF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAwB;IAC1E,MAAM,CAAC,OAAO;QACV,OAAO;YACH,cAAc,CAAC,IAA6B;gBACxC,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBACnC,OAAO;gBACX,CAAC;gBAED,MAAM,CACF,AADG,EAEH,cAAc,EACd,aAAa,EAChB,GAAG,IAAI,CAAC,SAAS,CAAC;gBAEnB,IACI,cAAc,KAAK,SAAS;oBAC5B,cAAc,CAAC,IAAI,KAAK,eAAe,EACzC,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,MAAM,WAAW,GAAG,oBAAoB,CAAC,cAAc,CAAC,CAAC;gBAEzD,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;oBAC3B,OAAO;gBACX,CAAC;gBAED,IACI,aAAa,KAAK,SAAS;oBAC3B,aAAa,CAAC,IAAI,KAAK,eAAe,EACxC,CAAC;oBACC,OAAO,CAAC,MAAM,CAAC;wBACX,SAAS,EAAE,SAAS;wBACpB,IAAI;qBACP,CAAC,CAAC;oBAEH,OAAO;gBACX,CAAC;gBAED,MAAM,aAAa,GAAG,oBAAoB,CAAC,aAAa,CAAC,CAAC;gBAE1D,IACI,OAAO,aAAa,KAAK,QAAQ;oBACjC,CAAC,gBAAgB,CAAC,aAAa,CAAC,EAClC,CAAC;oBACC,OAAO,CAAC,MAAM,CAAC;wBACX,SAAS,EAAE,SAAS;wBACpB,IAAI,EAAE,aAAa;qBACtB,CAAC,CAAC;gBACP,CAAC;YACL,CAAC;SACJ,CAAC;IACN,CAAC;IACD,cAAc,EAAE,EAAE;IAClB,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,+DAA+D;YACnE,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,6FAA6F;SACrG;QACD,QAAQ,EAAE;YACN,OAAO,EACH,qEAAqE;SAC5E;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,iCAAiC;CAC1C,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}

package/dist/rules/no-winjs-html-unsafe.d.ts

@@ -0,0 +1,5 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+declare const rule: ReturnType<typeof createRule>;
+export default rule;
+//# sourceMappingURL=no-winjs-html-unsafe.d.ts.map

package/dist/rules/no-winjs-html-unsafe.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-winjs-html-unsafe.d.ts","sourceRoot":"","sources":["../../src/rules/no-winjs-html-unsafe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA+BtC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-winjs-html-unsafe.js

@@ -0,0 +1,32 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        return {
+            "CallExpression[callee.object.object.name='WinJS'][callee.object.property.name='Utilities'][callee.property.name=/^(?:insertAdjacent|setInner|setOuter)HTMLUnsafe$/]"(node) {
+                context.report({
+                    messageId: "default",
+                    node,
+                });
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "disallow WinJS.Utilities unsafe HTML write APIs (setInnerHTMLUnsafe, setOuterHTMLUnsafe, insertAdjacentHTMLUnsafe).",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-winjs-html-unsafe",
+        },
+        messages: {
+            default: "Do not set HTML using unsafe methods from WinJS.Utilities.",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-winjs-html-unsafe",
+});
+export default rule;
+//# sourceMappingURL=no-winjs-html-unsafe.js.map

package/dist/rules/no-winjs-html-unsafe.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-winjs-html-unsafe.js","sourceRoot":"","sources":["../../src/rules/no-winjs-html-unsafe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAC;IACnD,MAAM,CAAC,OAAO;QACV,OAAO;YACH,qKAAqK,CACjK,IAAI;gBAEJ,OAAO,CAAC,MAAM,CAAC;oBACX,SAAS,EAAE,SAAS;oBACpB,IAAI;iBACP,CAAC,CAAC;YACP,CAAC;SACJ,CAAC;IACN,CAAC;IACD,cAAc,EAAE,EAAE;IAClB,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,qHAAqH;YACzH,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,kFAAkF;SAC1F;QACD,QAAQ,EAAE;YACN,OAAO,EACH,4DAA4D;SACnE;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,sBAAsB;CAC/B,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-worker-blob-url.d.ts

@@ -0,0 +1,5 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+declare const rule: ReturnType<typeof createRule>;
+export default rule;
+//# sourceMappingURL=no-worker-blob-url.d.ts.map

package/dist/rules/no-worker-blob-url.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-worker-blob-url.d.ts","sourceRoot":"","sources":["../../src/rules/no-worker-blob-url.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAsBzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA8DtC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-worker-blob-url.js

@@ -0,0 +1,64 @@
+import { createRule } from "../_internal/create-rule.js";
+import { getStaticStringValue } from "../_internal/estree-utils.js";
+import { isBlobUrl, isImportScriptsCall, isUrlCreateObjectUrlCall, isWorkerConstructor, } from "../_internal/worker-code-loading.js";
+const isBlobBackedWorkerCodeExpression = (expression) => {
+    const configuredValue = getStaticStringValue(expression);
+    return ((typeof configuredValue === "string" && isBlobUrl(configuredValue)) ||
+        isUrlCreateObjectUrlCall(expression));
+};
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        return {
+            CallExpression(node) {
+                if (!isImportScriptsCall(node.callee)) {
+                    return;
+                }
+                for (const argumentNode of node.arguments) {
+                    if (argumentNode.type === "SpreadElement" ||
+                        !isBlobBackedWorkerCodeExpression(argumentNode)) {
+                        continue;
+                    }
+                    context.report({
+                        messageId: "default",
+                        node: argumentNode,
+                    });
+                }
+            },
+            NewExpression(node) {
+                if (!isWorkerConstructor(node.callee)) {
+                    return;
+                }
+                const [firstArgument] = node.arguments;
+                if (firstArgument === undefined ||
+                    firstArgument.type === "SpreadElement" ||
+                    !isBlobBackedWorkerCodeExpression(firstArgument)) {
+                    return;
+                }
+                context.report({
+                    messageId: "default",
+                    node: firstArgument,
+                });
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "disallow worker code-loading APIs that use blob: URLs or URL.createObjectURL(...) for executable scripts.",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-worker-blob-url",
+        },
+        messages: {
+            default: "Do not load worker code from a blob: URL or URL.createObjectURL(...); use a reviewed worker script resource instead.",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-worker-blob-url",
+});
+export default rule;
+/* eslint-enable @typescript-eslint/prefer-readonly-parameter-types -- Restore linting after rule implementation declarations. */
+//# sourceMappingURL=no-worker-blob-url.js.map

package/dist/rules/no-worker-blob-url.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-worker-blob-url.js","sourceRoot":"","sources":["../../src/rules/no-worker-blob-url.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EACH,SAAS,EACT,mBAAmB,EACnB,wBAAwB,EACxB,mBAAmB,GACtB,MAAM,qCAAqC,CAAC;AAI7C,MAAM,gCAAgC,GAAG,CACrC,UAAyC,EAClC,EAAE;IACT,MAAM,eAAe,GAAG,oBAAoB,CAAC,UAAU,CAAC,CAAC;IAEzD,OAAO,CACH,CAAC,OAAO,eAAe,KAAK,QAAQ,IAAI,SAAS,CAAC,eAAe,CAAC,CAAC;QACnE,wBAAwB,CAAC,UAAU,CAAC,CACvC,CAAC;AACN,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAwB;IAC1E,MAAM,CAAC,OAAO;QACV,OAAO;YACH,cAAc,CAAC,IAA6B;gBACxC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBACpC,OAAO;gBACX,CAAC;gBAED,KAAK,MAAM,YAAY,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;oBACxC,IACI,YAAY,CAAC,IAAI,KAAK,eAAe;wBACrC,CAAC,gCAAgC,CAAC,YAAY,CAAC,EACjD,CAAC;wBACC,SAAS;oBACb,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACX,SAAS,EAAE,SAAS;wBACpB,IAAI,EAAE,YAAY;qBACrB,CAAC,CAAC;gBACP,CAAC;YACL,CAAC;YACD,aAAa,CAAC,IAA4B;gBACtC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBACpC,OAAO;gBACX,CAAC;gBAED,MAAM,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC;gBAEvC,IACI,aAAa,KAAK,SAAS;oBAC3B,aAAa,CAAC,IAAI,KAAK,eAAe;oBACtC,CAAC,gCAAgC,CAAC,aAAa,CAAC,EAClD,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,SAAS,EAAE,SAAS;oBACpB,IAAI,EAAE,aAAa;iBACtB,CAAC,CAAC;YACP,CAAC;SACJ,CAAC;IACN,CAAC;IACD,cAAc,EAAE,EAAE;IAClB,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,2GAA2G;YAC/G,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,gFAAgF;SACxF;QACD,QAAQ,EAAE;YACN,OAAO,EACH,sHAAsH;SAC7H;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,oBAAoB;CAC7B,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}

package/dist/rules/no-worker-data-url.d.ts

@@ -0,0 +1,5 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+declare const rule: ReturnType<typeof createRule>;
+export default rule;
+//# sourceMappingURL=no-worker-data-url.d.ts.map

package/dist/rules/no-worker-data-url.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-worker-data-url.d.ts","sourceRoot":"","sources":["../../src/rules/no-worker-data-url.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAUzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA4EtC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-worker-data-url.js

@@ -0,0 +1,67 @@
+import { createRule } from "../_internal/create-rule.js";
+import { getStaticStringValue } from "../_internal/estree-utils.js";
+import { isDataUrl, isImportScriptsCall, isWorkerConstructor, } from "../_internal/worker-code-loading.js";
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        return {
+            CallExpression(node) {
+                if (!isImportScriptsCall(node.callee)) {
+                    return;
+                }
+                for (const argumentNode of node.arguments) {
+                    if (argumentNode.type === "SpreadElement") {
+                        continue;
+                    }
+                    const configuredValue = getStaticStringValue(argumentNode);
+                    if (typeof configuredValue !== "string" ||
+                        !isDataUrl(configuredValue)) {
+                        continue;
+                    }
+                    context.report({
+                        messageId: "default",
+                        node: argumentNode,
+                    });
+                }
+            },
+            NewExpression(node) {
+                if (!isWorkerConstructor(node.callee)) {
+                    return;
+                }
+                const [firstArgument] = node.arguments;
+                if (firstArgument === undefined ||
+                    firstArgument.type === "SpreadElement") {
+                    return;
+                }
+                const configuredValue = getStaticStringValue(firstArgument);
+                if (typeof configuredValue !== "string" ||
+                    !isDataUrl(configuredValue)) {
+                    return;
+                }
+                context.report({
+                    messageId: "default",
+                    node: firstArgument,
+                });
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "disallow worker code-loading APIs that use static data: URLs for executable scripts.",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-worker-data-url",
+        },
+        messages: {
+            default: "Do not load worker code from a data: URL; use a reviewed worker script resource instead.",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-worker-data-url",
+});
+export default rule;
+/* eslint-enable @typescript-eslint/prefer-readonly-parameter-types -- Restore linting after rule implementation declarations. */
+//# sourceMappingURL=no-worker-data-url.js.map

package/dist/rules/no-worker-data-url.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-worker-data-url.js","sourceRoot":"","sources":["../../src/rules/no-worker-data-url.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EACH,SAAS,EACT,mBAAmB,EACnB,mBAAmB,GACtB,MAAM,qCAAqC,CAAC;AAI7C,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAwB;IAC1E,MAAM,CAAC,OAAO;QACV,OAAO;YACH,cAAc,CAAC,IAA6B;gBACxC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBACpC,OAAO;gBACX,CAAC;gBAED,KAAK,MAAM,YAAY,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;oBACxC,IAAI,YAAY,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;wBACxC,SAAS;oBACb,CAAC;oBAED,MAAM,eAAe,GAAG,oBAAoB,CAAC,YAAY,CAAC,CAAC;oBAE3D,IACI,OAAO,eAAe,KAAK,QAAQ;wBACnC,CAAC,SAAS,CAAC,eAAe,CAAC,EAC7B,CAAC;wBACC,SAAS;oBACb,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACX,SAAS,EAAE,SAAS;wBACpB,IAAI,EAAE,YAAY;qBACrB,CAAC,CAAC;gBACP,CAAC;YACL,CAAC;YACD,aAAa,CAAC,IAA4B;gBACtC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBACpC,OAAO;gBACX,CAAC;gBAED,MAAM,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC;gBAEvC,IACI,aAAa,KAAK,SAAS;oBAC3B,aAAa,CAAC,IAAI,KAAK,eAAe,EACxC,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,MAAM,eAAe,GAAG,oBAAoB,CAAC,aAAa,CAAC,CAAC;gBAE5D,IACI,OAAO,eAAe,KAAK,QAAQ;oBACnC,CAAC,SAAS,CAAC,eAAe,CAAC,EAC7B,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,SAAS,EAAE,SAAS;oBACpB,IAAI,EAAE,aAAa;iBACtB,CAAC,CAAC;YACP,CAAC;SACJ,CAAC;IACN,CAAC;IACD,cAAc,EAAE,EAAE;IAClB,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,sFAAsF;YAC1F,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,gFAAgF;SACxF;QACD,QAAQ,EAAE;YACN,OAAO,EACH,0FAA0F;SACjG;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,oBAAoB;CAC7B,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}