eslint-plugin-sdl-2 1.2.4 → 1.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +81 -873
- package/dist/_internal/config-references.d.ts +2 -1
- package/dist/_internal/config-references.d.ts.map +1 -1
- package/dist/_internal/config-references.js.map +1 -1
- package/dist/_internal/electron-web-preferences.d.ts.map +1 -1
- package/dist/_internal/electron-web-preferences.js +1 -3
- package/dist/_internal/electron-web-preferences.js.map +1 -1
- package/dist/plugin.cjs +613 -652
- package/dist/plugin.cjs.map +3 -3
- package/dist/plugin.js +13 -13
- package/dist/plugin.js.map +1 -1
- package/dist/rules/no-angular-bypass-sanitizer.d.ts.map +1 -1
- package/dist/rules/no-angular-bypass-sanitizer.js +8 -10
- package/dist/rules/no-angular-bypass-sanitizer.js.map +1 -1
- package/dist/rules/no-angular-bypass-security-trust-html.d.ts.map +1 -1
- package/dist/rules/no-angular-bypass-security-trust-html.js +14 -17
- package/dist/rules/no-angular-bypass-security-trust-html.js.map +1 -1
- package/dist/rules/no-angular-innerhtml-binding.d.ts.map +1 -1
- package/dist/rules/no-angular-innerhtml-binding.js +30 -32
- package/dist/rules/no-angular-innerhtml-binding.js.map +1 -1
- package/dist/rules/no-angular-sanitization-trusted-urls.d.ts.map +1 -1
- package/dist/rules/no-angular-sanitization-trusted-urls.js +8 -10
- package/dist/rules/no-angular-sanitization-trusted-urls.js.map +1 -1
- package/dist/rules/no-angularjs-ng-bind-html-without-sanitize.d.ts.map +1 -1
- package/dist/rules/no-angularjs-ng-bind-html-without-sanitize.js +36 -38
- package/dist/rules/no-angularjs-ng-bind-html-without-sanitize.js.map +1 -1
- package/dist/rules/no-angularjs-sanitization-whitelist.d.ts.map +1 -1
- package/dist/rules/no-angularjs-sanitization-whitelist.js +8 -10
- package/dist/rules/no-angularjs-sanitization-whitelist.js.map +1 -1
- package/dist/rules/no-document-parse-html-unsafe.d.ts.map +1 -1
- package/dist/rules/no-document-parse-html-unsafe.js +6 -3
- package/dist/rules/no-document-parse-html-unsafe.js.map +1 -1
- package/dist/rules/no-dynamic-import-unsafe-url.d.ts.map +1 -1
- package/dist/rules/no-dynamic-import-unsafe-url.js +11 -13
- package/dist/rules/no-dynamic-import-unsafe-url.js.map +1 -1
- package/dist/rules/no-electron-allow-running-insecure-content.d.ts.map +1 -1
- package/dist/rules/no-electron-allow-running-insecure-content.js +4 -6
- package/dist/rules/no-electron-allow-running-insecure-content.js.map +1 -1
- package/dist/rules/no-electron-disable-context-isolation.d.ts.map +1 -1
- package/dist/rules/no-electron-disable-context-isolation.js +4 -6
- package/dist/rules/no-electron-disable-context-isolation.js.map +1 -1
- package/dist/rules/no-electron-disable-sandbox.d.ts.map +1 -1
- package/dist/rules/no-electron-disable-sandbox.js +4 -6
- package/dist/rules/no-electron-disable-sandbox.js.map +1 -1
- package/dist/rules/no-electron-disable-web-security.d.ts.map +1 -1
- package/dist/rules/no-electron-disable-web-security.js +4 -6
- package/dist/rules/no-electron-disable-web-security.js.map +1 -1
- package/dist/rules/no-electron-enable-remote-module.d.ts.map +1 -1
- package/dist/rules/no-electron-enable-remote-module.js +4 -6
- package/dist/rules/no-electron-enable-remote-module.js.map +1 -1
- package/dist/rules/no-electron-enable-webview-tag.d.ts.map +1 -1
- package/dist/rules/no-electron-enable-webview-tag.js +4 -6
- package/dist/rules/no-electron-enable-webview-tag.js.map +1 -1
- package/dist/rules/no-electron-experimental-features.d.ts.map +1 -1
- package/dist/rules/no-electron-experimental-features.js +4 -6
- package/dist/rules/no-electron-experimental-features.js.map +1 -1
- package/dist/rules/no-electron-node-integration.d.ts.map +1 -1
- package/dist/rules/no-electron-node-integration.js +27 -29
- package/dist/rules/no-electron-node-integration.js.map +1 -1
- package/dist/rules/no-electron-webview-allowpopups.d.ts.map +1 -1
- package/dist/rules/no-electron-webview-allowpopups.js +21 -25
- package/dist/rules/no-electron-webview-allowpopups.js.map +1 -1
- package/dist/rules/no-electron-webview-insecure-webpreferences.d.ts.map +1 -1
- package/dist/rules/no-electron-webview-insecure-webpreferences.js +28 -30
- package/dist/rules/no-electron-webview-insecure-webpreferences.js.map +1 -1
- package/dist/rules/no-electron-webview-node-integration.d.ts.map +1 -1
- package/dist/rules/no-electron-webview-node-integration.js +27 -31
- package/dist/rules/no-electron-webview-node-integration.js.map +1 -1
- package/dist/rules/no-inner-html.js +3 -3
- package/dist/rules/no-inner-html.js.map +1 -1
- package/dist/rules/no-insecure-random.js +1 -1
- package/dist/rules/no-insecure-random.js.map +1 -1
- package/dist/rules/no-insecure-tls-agent-options.d.ts.map +1 -1
- package/dist/rules/no-insecure-tls-agent-options.js +20 -22
- package/dist/rules/no-insecure-tls-agent-options.js.map +1 -1
- package/dist/rules/no-insecure-url.js +8 -8
- package/dist/rules/no-insecure-url.js.map +1 -1
- package/dist/rules/no-message-event-without-origin-check.js +19 -19
- package/dist/rules/no-message-event-without-origin-check.js.map +1 -1
- package/dist/rules/no-msapp-exec-unsafe.d.ts.map +1 -1
- package/dist/rules/no-msapp-exec-unsafe.js +8 -10
- package/dist/rules/no-msapp-exec-unsafe.js.map +1 -1
- package/dist/rules/no-node-tls-check-server-identity-bypass.d.ts.map +1 -1
- package/dist/rules/no-node-tls-check-server-identity-bypass.js +29 -32
- package/dist/rules/no-node-tls-check-server-identity-bypass.js.map +1 -1
- package/dist/rules/no-node-tls-legacy-protocol.d.ts.map +1 -1
- package/dist/rules/no-node-tls-legacy-protocol.js +51 -50
- package/dist/rules/no-node-tls-legacy-protocol.js.map +1 -1
- package/dist/rules/no-node-tls-reject-unauthorized-zero.d.ts.map +1 -1
- package/dist/rules/no-node-tls-reject-unauthorized-zero.js +28 -30
- package/dist/rules/no-node-tls-reject-unauthorized-zero.js.map +1 -1
- package/dist/rules/no-node-tls-security-level-zero.d.ts.map +1 -1
- package/dist/rules/no-node-tls-security-level-zero.js +37 -39
- package/dist/rules/no-node-tls-security-level-zero.js.map +1 -1
- package/dist/rules/no-nonnull-assertion-on-security-input.d.ts.map +1 -1
- package/dist/rules/no-nonnull-assertion-on-security-input.js +11 -13
- package/dist/rules/no-nonnull-assertion-on-security-input.js.map +1 -1
- package/dist/rules/no-postmessage-star-origin.d.ts.map +1 -1
- package/dist/rules/no-postmessage-star-origin.js +1 -3
- package/dist/rules/no-postmessage-star-origin.js.map +1 -1
- package/dist/rules/no-script-text.d.ts.map +1 -1
- package/dist/rules/no-script-text.js +6 -3
- package/dist/rules/no-script-text.js.map +1 -1
- package/dist/rules/no-unsafe-cast-to-trusted-types.d.ts.map +1 -1
- package/dist/rules/no-unsafe-cast-to-trusted-types.js +26 -28
- package/dist/rules/no-unsafe-cast-to-trusted-types.js.map +1 -1
- package/dist/rules/no-winjs-html-unsafe.d.ts.map +1 -1
- package/dist/rules/no-winjs-html-unsafe.js +8 -10
- package/dist/rules/no-winjs-html-unsafe.js.map +1 -1
- package/docs/rules/no-child-process-exec.md +1 -1
- package/docs/rules/no-child-process-shell-true.md +1 -1
- package/docs/rules/no-msapp-exec-unsafe.md +1 -1
- package/docs/rules/no-winjs-html-unsafe.md +1 -1
- package/package.json +49 -41
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-insecure-tls-agent-options.d.ts","sourceRoot":"","sources":["../../src/rules/no-insecure-tls-agent-options.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AA8CzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,
|
|
1
|
+
{"version":3,"file":"no-insecure-tls-agent-options.d.ts","sourceRoot":"","sources":["../../src/rules/no-insecure-tls-agent-options.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AA8CzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CAgDtC,CAAC;AAEH,eAAe,IAAI,CAAC"}
|
|
@@ -29,28 +29,26 @@ const findRejectUnauthorizedFalseProperty = (objectExpression) => {
|
|
|
29
29
|
};
|
|
30
30
|
/** Rule implementation. */
|
|
31
31
|
const rule = createRule({
|
|
32
|
-
create(context) {
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
};
|
|
53
|
-
},
|
|
32
|
+
create: (context) => ({
|
|
33
|
+
ObjectExpression(node) {
|
|
34
|
+
const insecureOptionProperty = findRejectUnauthorizedFalseProperty(node);
|
|
35
|
+
if (insecureOptionProperty === undefined) {
|
|
36
|
+
return;
|
|
37
|
+
}
|
|
38
|
+
context.report({
|
|
39
|
+
fix(fixer) {
|
|
40
|
+
if (insecureOptionProperty.value.type !==
|
|
41
|
+
AST_NODE_TYPES.Literal ||
|
|
42
|
+
insecureOptionProperty.value.value !== false) {
|
|
43
|
+
return null;
|
|
44
|
+
}
|
|
45
|
+
return fixer.replaceText(insecureOptionProperty.value, "true");
|
|
46
|
+
},
|
|
47
|
+
messageId: "default",
|
|
48
|
+
node: insecureOptionProperty,
|
|
49
|
+
});
|
|
50
|
+
},
|
|
51
|
+
}),
|
|
54
52
|
meta: {
|
|
55
53
|
deprecated: false,
|
|
56
54
|
docs: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-insecure-tls-agent-options.js","sourceRoot":"","sources":["../../src/rules/no-insecure-tls-agent-options.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAE1D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAIzD,MAAM,cAAc,GAAG,CAAC,IAAgC,EAAW,EAAE,CACjE,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,OAAO,IAAI,IAAI,CAAC,KAAK,KAAK,KAAK,CAAC;AAEjE,MAAM,qBAAqB,GAAG,CAC1B,YAA+B,EACb,EAAE;IACpB,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;QACxB,OAAO,SAAS,CAAC;IACrB,CAAC;IAED,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU,EAAE,CAAC;QACtD,OAAO,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC;IACjC,CAAC;IAED,OAAO,OAAO,YAAY,CAAC,GAAG,CAAC,KAAK,KAAK,QAAQ;QAC7C,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK;QACxB,CAAC,CAAC,SAAS,CAAC;AACpB,CAAC,CAAC;AAEF,MAAM,mCAAmC,GAAG,CACxC,gBAA2C,EACd,EAAE;IAC/B,KAAK,MAAM,YAAY,IAAI,gBAAgB,CAAC,UAAU,EAAE,CAAC;QACrD,IACI,YAAY,CAAC,IAAI,KAAK,cAAc,CAAC,QAAQ;YAC7C,YAAY,CAAC,IAAI,KAAK,MAAM,EAC9B,CAAC;YACC,SAAS;QACb,CAAC;QAED,IAAI,qBAAqB,CAAC,YAAY,CAAC,KAAK,oBAAoB,EAAE,CAAC;YAC/D,SAAS;QACb,CAAC;QAED,IAAI,cAAc,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;YACrC,OAAO,YAAY,CAAC;QACxB,CAAC;IACL,CAAC;IAED,OAAO,SAAS,CAAC;AACrB,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAiB;IACnE,MAAM,CAAC,OAAO
|
|
1
|
+
{"version":3,"file":"no-insecure-tls-agent-options.js","sourceRoot":"","sources":["../../src/rules/no-insecure-tls-agent-options.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAE1D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAIzD,MAAM,cAAc,GAAG,CAAC,IAAgC,EAAW,EAAE,CACjE,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,OAAO,IAAI,IAAI,CAAC,KAAK,KAAK,KAAK,CAAC;AAEjE,MAAM,qBAAqB,GAAG,CAC1B,YAA+B,EACb,EAAE;IACpB,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;QACxB,OAAO,SAAS,CAAC;IACrB,CAAC;IAED,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU,EAAE,CAAC;QACtD,OAAO,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC;IACjC,CAAC;IAED,OAAO,OAAO,YAAY,CAAC,GAAG,CAAC,KAAK,KAAK,QAAQ;QAC7C,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK;QACxB,CAAC,CAAC,SAAS,CAAC;AACpB,CAAC,CAAC;AAEF,MAAM,mCAAmC,GAAG,CACxC,gBAA2C,EACd,EAAE;IAC/B,KAAK,MAAM,YAAY,IAAI,gBAAgB,CAAC,UAAU,EAAE,CAAC;QACrD,IACI,YAAY,CAAC,IAAI,KAAK,cAAc,CAAC,QAAQ;YAC7C,YAAY,CAAC,IAAI,KAAK,MAAM,EAC9B,CAAC;YACC,SAAS;QACb,CAAC;QAED,IAAI,qBAAqB,CAAC,YAAY,CAAC,KAAK,oBAAoB,EAAE,CAAC;YAC/D,SAAS;QACb,CAAC;QAED,IAAI,cAAc,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;YACrC,OAAO,YAAY,CAAC;QACxB,CAAC;IACL,CAAC;IAED,OAAO,SAAS,CAAC;AACrB,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAiB;IACnE,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAClB,gBAAgB,CAAC,IAA+B;YAC5C,MAAM,sBAAsB,GACxB,mCAAmC,CAAC,IAAI,CAAC,CAAC;YAE9C,IAAI,sBAAsB,KAAK,SAAS,EAAE,CAAC;gBACvC,OAAO;YACX,CAAC;YAED,OAAO,CAAC,MAAM,CAAC;gBACX,GAAG,CAAC,KAAK;oBACL,IACI,sBAAsB,CAAC,KAAK,CAAC,IAAI;wBAC7B,cAAc,CAAC,OAAO;wBAC1B,sBAAsB,CAAC,KAAK,CAAC,KAAK,KAAK,KAAK,EAC9C,CAAC;wBACC,OAAO,IAAI,CAAC;oBAChB,CAAC;oBAED,OAAO,KAAK,CAAC,WAAW,CACpB,sBAAsB,CAAC,KAAK,EAC5B,MAAM,CACT,CAAC;gBACN,CAAC;gBACD,SAAS,EAAE,SAAS;gBACpB,IAAI,EAAE,sBAAsB;aAC/B,CAAC,CAAC;QACP,CAAC;KACJ,CAAC;IACF,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,iEAAiE;YACrE,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,2FAA2F;SACnG;QACD,OAAO,EAAE,MAAM;QACf,QAAQ,EAAE;YACN,OAAO,EACH,6EAA6E;SACpF;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,+BAA+B;CACxC,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}
|
|
@@ -20,12 +20,12 @@ const asCaseInsensitiveRegex = (pattern) => {
|
|
|
20
20
|
// eslint-disable-next-line security/detect-non-literal-regexp -- User-configured regex patterns are intentionally compiled for matching behavior.
|
|
21
21
|
return new RegExp(pattern, "iu");
|
|
22
22
|
};
|
|
23
|
-
const
|
|
23
|
+
const hasPatternMatch = (patterns, value) => patterns.some((pattern) => pattern.test(value));
|
|
24
24
|
const toRegexSources = (patterns) => patterns.map((pattern) => pattern.source);
|
|
25
25
|
const shouldAttemptFix = (variableExceptions, context, node) => {
|
|
26
26
|
const targetNode = node.parent ?? node;
|
|
27
27
|
const targetText = context.sourceCode.getText(targetNode);
|
|
28
|
-
return !
|
|
28
|
+
return !hasPatternMatch(variableExceptions, targetText);
|
|
29
29
|
};
|
|
30
30
|
const reportInsecureUrl = (context, node, replacementSourceText) => {
|
|
31
31
|
context.report({
|
|
@@ -56,8 +56,8 @@ const rule = createRule({
|
|
|
56
56
|
node.parent.name.name === "xmlns") {
|
|
57
57
|
return;
|
|
58
58
|
}
|
|
59
|
-
if (!
|
|
60
|
-
|
|
59
|
+
if (!hasPatternMatch(blocklist, node.value) ||
|
|
60
|
+
hasPatternMatch(exceptions, node.value)) {
|
|
61
61
|
return;
|
|
62
62
|
}
|
|
63
63
|
if (!shouldAttemptFix(variableExceptions, context, node)) {
|
|
@@ -71,10 +71,10 @@ const rule = createRule({
|
|
|
71
71
|
return;
|
|
72
72
|
}
|
|
73
73
|
const isRawMatch = shouldAttemptFix(variableExceptions, context, node) &&
|
|
74
|
-
|
|
75
|
-
!
|
|
76
|
-
const isCookedMatch =
|
|
77
|
-
!
|
|
74
|
+
hasPatternMatch(blocklist, node.value.raw) &&
|
|
75
|
+
!hasPatternMatch(exceptions, node.value.raw);
|
|
76
|
+
const isCookedMatch = hasPatternMatch(blocklist, node.value.cooked) &&
|
|
77
|
+
!hasPatternMatch(exceptions, node.value.cooked);
|
|
78
78
|
if (!isRawMatch && !isCookedMatch) {
|
|
79
79
|
return;
|
|
80
80
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-insecure-url.js","sourceRoot":"","sources":["../../src/rules/no-insecure-url.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAE1D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,oDAAoD;AACpD,MAAM,gBAAgB,GAAsB,CAAC,gCAAgC,CAAC,CAAC;AAE/E,kDAAkD;AAClD,MAAM,iBAAiB,GAAsB;IACzC,0DAA0D;IAC1D,+DAA+D;IAC/D,qDAAqD;IACrD,wCAAwC;IACxC,sCAAsC;CACzC,CAAC;AAEF,qEAAqE;AACrE,MAAM,yBAAyB,GAAsB,EAAE,CAAC;AAYxD,MAAM,sBAAsB,GAAG,CAAC,OAAwB,EAAU,EAAE;IAChE,IAAI,OAAO,YAAY,MAAM,EAAE,CAAC;QAC5B,2HAA2H;QAC3H,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED,kJAAkJ;IAClJ,OAAO,IAAI,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;AACrC,CAAC,CAAC;AAEF,MAAM,
|
|
1
|
+
{"version":3,"file":"no-insecure-url.js","sourceRoot":"","sources":["../../src/rules/no-insecure-url.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAE1D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,oDAAoD;AACpD,MAAM,gBAAgB,GAAsB,CAAC,gCAAgC,CAAC,CAAC;AAE/E,kDAAkD;AAClD,MAAM,iBAAiB,GAAsB;IACzC,0DAA0D;IAC1D,+DAA+D;IAC/D,qDAAqD;IACrD,wCAAwC;IACxC,sCAAsC;CACzC,CAAC;AAEF,qEAAqE;AACrE,MAAM,yBAAyB,GAAsB,EAAE,CAAC;AAYxD,MAAM,sBAAsB,GAAG,CAAC,OAAwB,EAAU,EAAE;IAChE,IAAI,OAAO,YAAY,MAAM,EAAE,CAAC;QAC5B,2HAA2H;QAC3H,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED,kJAAkJ;IAClJ,OAAO,IAAI,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;AACrC,CAAC,CAAC;AAEF,MAAM,eAAe,GAAG,CAAC,QAA2B,EAAE,KAAa,EAAW,EAAE,CAC5E,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;AAEpD,MAAM,cAAc,GAAG,CAAC,QAA2B,EAAqB,EAAE,CACtE,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;AAE9C,MAAM,gBAAgB,GAAG,CACrB,kBAAqC,EACrC,OAAkD,EAClD,IAAmB,EACZ,EAAE;IACT,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;IACvC,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAE1D,OAAO,CAAC,eAAe,CAAC,kBAAkB,EAAE,UAAU,CAAC,CAAC;AAC5D,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACtB,OAAkD,EAClD,IAAmB,EACnB,qBAA6B,EACzB,EAAE;IACN,OAAO,CAAC,MAAM,CAAC;QACX,GAAG,CAAC,KAAK;YACL,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,qBAAqB,CAAC,EAAE,CAAC;gBACzC,OAAO,IAAI,CAAC;YAChB,CAAC;YAED,OAAO,KAAK,CAAC,WAAW,CACpB,IAAI,EACJ,qBAAqB,CAAC,OAAO,CAAC,SAAS,EAAE,QAAQ,CAAC,CACrD,CAAC;QACN,CAAC;QACD,SAAS,EAAE,qBAAqB;QAChC,IAAI;KACP,CAAC,CAAC;AACP,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAsB;IACxE,MAAM,CAAC,OAAO;QACV,MAAM,CAAC,OAAO,GAAG,EAAE,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;QACvC,MAAM,SAAS,GAAG,CAAC,OAAO,CAAC,SAAS,IAAI,gBAAgB,CAAC,CAAC,GAAG,CACzD,CAAC,OAAO,EAAE,EAAE,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAC/C,CAAC;QACF,MAAM,UAAU,GAAG,CAAC,OAAO,CAAC,UAAU,IAAI,iBAAiB,CAAC,CAAC,GAAG,CAC5D,CAAC,OAAO,EAAE,EAAE,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAC/C,CAAC;QACF,MAAM,kBAAkB,GAAG,CACvB,OAAO,CAAC,aAAa,IAAI,yBAAyB,CACrD,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,CAAC;QAEpD,OAAO;YACH,OAAO,CAAC,IAAI;gBACR,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACjC,OAAO;gBACX,CAAC;gBAED,IACI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,cAAc,CAAC,YAAY;oBAChD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa;oBACtD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,KAAK,OAAO,EACnC,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,IACI,CAAC,eAAe,CAAC,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC;oBACvC,eAAe,CAAC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,EACzC,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,IAAI,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC;oBACvD,OAAO;gBACX,CAAC;gBAED,iBAAiB,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;YACjE,CAAC;YACD,eAAe,CAAC,IAAI;gBAChB,IACI,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,KAAK,QAAQ;oBAClC,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,QAAQ,EACvC,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,MAAM,UAAU,GACZ,gBAAgB,CAAC,kBAAkB,EAAE,OAAO,EAAE,IAAI,CAAC;oBACnD,eAAe,CAAC,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC;oBAC1C,CAAC,eAAe,CAAC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACjD,MAAM,aAAa,GACf,eAAe,CAAC,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;oBAC7C,CAAC,eAAe,CAAC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBAEpD,IAAI,CAAC,UAAU,IAAI,CAAC,aAAa,EAAE,CAAC;oBAChC,OAAO;gBACX,CAAC;gBAED,MAAM,mBAAmB,GAAG,IAAI,CAAC,SAAS,CACtC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CACnC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;gBAEf,iBAAiB,CAAC,OAAO,EAAE,IAAI,EAAE,mBAAmB,CAAC,CAAC;YAC1D,CAAC;SACJ,CAAC;IACN,CAAC;IACD,IAAI,EAAE;QACF,cAAc,EAAE;YACZ;gBACI,SAAS,EAAE,cAAc,CAAC,gBAAgB,CAAC;gBAC3C,UAAU,EAAE,cAAc,CAAC,iBAAiB,CAAC;gBAC7C,aAAa,EAAE,cAAc,CAAC,yBAAyB,CAAC;aAC3D;SACJ;QACD,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,0FAA0F;YAC9F,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,6EAA6E;SACrF;QACD,OAAO,EAAE,MAAM;QACf,QAAQ,EAAE;YACN,mBAAmB,EAAE,2BAA2B;SACnD;QACD,MAAM,EAAE;YACJ;gBACI,oBAAoB,EAAE,KAAK;gBAC3B,UAAU,EAAE;oBACR,SAAS,EAAE;wBACP,WAAW,EACP,0EAA0E;wBAC9E,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,IAAI,EAAE,OAAO;qBAChB;oBACD,UAAU,EAAE;wBACR,WAAW,EACP,+FAA+F;wBACnG,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,IAAI,EAAE,OAAO;qBAChB;oBACD,aAAa,EAAE;wBACX,WAAW,EACP,yGAAyG;wBAC7G,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,IAAI,EAAE,OAAO;qBAChB;iBACJ;gBACD,IAAI,EAAE,QAAQ;aACjB;SACJ;QACD,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,iBAAiB;CAC1B,CAAC,CAAC;AAEH,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,yBAAyB,EAAE,CAAC;AAC1E,eAAe,IAAI,CAAC;AACpB,iIAAiI"}
|
|
@@ -10,8 +10,8 @@ const isNodeLike = (value) => isUnknownRecord(value) &&
|
|
|
10
10
|
keyIn(value, "type") &&
|
|
11
11
|
typeof value["type"] === "string";
|
|
12
12
|
const toNode = (value) => isNodeLike(value) ? value : undefined;
|
|
13
|
-
const
|
|
14
|
-
if (
|
|
13
|
+
const hasDescendantNode = (node, hasMatchingNode) => {
|
|
14
|
+
if (hasMatchingNode(node)) {
|
|
15
15
|
return true;
|
|
16
16
|
}
|
|
17
17
|
for (const [propertyName, propertyValue] of objectEntries(node)) {
|
|
@@ -22,7 +22,7 @@ const someDescendantNode = (node, predicate) => {
|
|
|
22
22
|
for (const element of propertyValue) {
|
|
23
23
|
const childNode = toNode(element);
|
|
24
24
|
if (childNode !== undefined &&
|
|
25
|
-
|
|
25
|
+
hasDescendantNode(childNode, hasMatchingNode)) {
|
|
26
26
|
return true;
|
|
27
27
|
}
|
|
28
28
|
}
|
|
@@ -30,7 +30,7 @@ const someDescendantNode = (node, predicate) => {
|
|
|
30
30
|
}
|
|
31
31
|
const childNode = toNode(propertyValue);
|
|
32
32
|
if (childNode !== undefined &&
|
|
33
|
-
|
|
33
|
+
hasDescendantNode(childNode, hasMatchingNode)) {
|
|
34
34
|
return true;
|
|
35
35
|
}
|
|
36
36
|
}
|
|
@@ -39,27 +39,27 @@ const someDescendantNode = (node, predicate) => {
|
|
|
39
39
|
const isIdentifierNamed = (node, identifierName) => node.type === AST_NODE_TYPES.Identifier && node.name === identifierName;
|
|
40
40
|
const isStaticPropertyMatch = (memberExpression, objectName, propertyName) => isIdentifierNamed(memberExpression.object, objectName) &&
|
|
41
41
|
getMemberPropertyName(memberExpression) === propertyName;
|
|
42
|
-
const
|
|
42
|
+
const hasPatternProperty = (pattern, propertyName) => pattern.properties.some((propertyNode) => {
|
|
43
43
|
if (propertyNode.type !== AST_NODE_TYPES.Property) {
|
|
44
44
|
return false;
|
|
45
45
|
}
|
|
46
46
|
return getPropertyName(propertyNode) === propertyName;
|
|
47
47
|
});
|
|
48
|
-
const
|
|
48
|
+
const hasObjectDestructureFromIdentifier = (rootNode, sourceName, propertyName) => hasDescendantNode(rootNode, (node) => {
|
|
49
49
|
if (node.type === AST_NODE_TYPES.VariableDeclarator) {
|
|
50
50
|
return (node.id.type === AST_NODE_TYPES.ObjectPattern &&
|
|
51
51
|
node.init !== null &&
|
|
52
52
|
isIdentifierNamed(node.init, sourceName) &&
|
|
53
|
-
|
|
53
|
+
hasPatternProperty(node.id, propertyName));
|
|
54
54
|
}
|
|
55
55
|
if (node.type !== AST_NODE_TYPES.AssignmentExpression) {
|
|
56
56
|
return false;
|
|
57
57
|
}
|
|
58
58
|
return (node.left.type === AST_NODE_TYPES.ObjectPattern &&
|
|
59
59
|
isIdentifierNamed(node.right, sourceName) &&
|
|
60
|
-
|
|
60
|
+
hasPatternProperty(node.left, propertyName));
|
|
61
61
|
});
|
|
62
|
-
const
|
|
62
|
+
const hasMemberPropertyAccess = (rootNode, objectName, propertyName) => hasDescendantNode(rootNode, (node) => node.type === AST_NODE_TYPES.MemberExpression
|
|
63
63
|
? isStaticPropertyMatch(node, objectName, propertyName)
|
|
64
64
|
: false);
|
|
65
65
|
const hasObjectPatternProperty = (objectPattern, propertyName) => objectPattern.properties.some((propertyNode) => {
|
|
@@ -68,17 +68,17 @@ const hasObjectPatternProperty = (objectPattern, propertyName) => objectPattern.
|
|
|
68
68
|
}
|
|
69
69
|
return getPropertyName(propertyNode) === propertyName;
|
|
70
70
|
});
|
|
71
|
-
const
|
|
72
|
-
|
|
73
|
-
const
|
|
71
|
+
const hasCallbackMessageDataUsage = (callbackNode, eventParameterName) => hasMemberPropertyAccess(callbackNode.body, eventParameterName, "data") ||
|
|
72
|
+
hasObjectDestructureFromIdentifier(callbackNode.body, eventParameterName, "data");
|
|
73
|
+
const hasCallbackOriginValidation = (callbackNode, context, eventParameterName) => {
|
|
74
74
|
const callbackSourceText = context.sourceCode.getText(callbackNode);
|
|
75
|
-
return (
|
|
76
|
-
|
|
75
|
+
return (hasMemberPropertyAccess(callbackNode.body, eventParameterName, "origin") ||
|
|
76
|
+
hasObjectDestructureFromIdentifier(callbackNode.body, eventParameterName, "origin") ||
|
|
77
77
|
hasMessageEventGuardKeywords(callbackSourceText));
|
|
78
78
|
};
|
|
79
|
-
const
|
|
80
|
-
!
|
|
81
|
-
const
|
|
79
|
+
const shouldReportIdentifierCallback = (callbackNode, context, eventParameter) => hasCallbackMessageDataUsage(callbackNode, eventParameter.name) &&
|
|
80
|
+
!hasCallbackOriginValidation(callbackNode, context, eventParameter.name);
|
|
81
|
+
const shouldReportObjectPatternCallback = (callbackNode, context, eventParameter) => {
|
|
82
82
|
if (!hasObjectPatternProperty(eventParameter, "data")) {
|
|
83
83
|
return false;
|
|
84
84
|
}
|
|
@@ -94,10 +94,10 @@ const shouldReportMessageEventCallback = (callbackNode, context) => {
|
|
|
94
94
|
return false;
|
|
95
95
|
}
|
|
96
96
|
if (firstParameter.type === AST_NODE_TYPES.Identifier) {
|
|
97
|
-
return
|
|
97
|
+
return shouldReportIdentifierCallback(callbackNode, context, firstParameter);
|
|
98
98
|
}
|
|
99
99
|
if (firstParameter.type === AST_NODE_TYPES.ObjectPattern) {
|
|
100
|
-
return
|
|
100
|
+
return shouldReportObjectPatternCallback(callbackNode, context, firstParameter);
|
|
101
101
|
}
|
|
102
102
|
return false;
|
|
103
103
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-message-event-without-origin-check.js","sourceRoot":"","sources":["../../src/rules/no-message-event-without-origin-check.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAEjD,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EACH,qBAAqB,EACrB,eAAe,EACf,oBAAoB,GACvB,MAAM,8BAA8B,CAAC;AAStC,MAAM,oBAAoB,GAAG,CACzB,UAAmC,EACL,EAAE,CAChC,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,uBAAuB;IAC1D,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,kBAAkB,CAAC;AAE1D,MAAM,4BAA4B,GAAG,CAAC,YAAoB,EAAW,EAAE,CACnE,8DAA8D,CAAC,IAAI,CAC/D,YAAY,CACf,CAAC;AAEN,MAAM,eAAe,GAAG,CAAC,KAAc,EAA0B,EAAE,CAC/D,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,CAAC;AAEhD,MAAM,UAAU,GAAG,CAAC,KAAc,EAAoC,EAAE,CACpE,eAAe,CAAC,KAAK,CAAC;IACtB,KAAK,CAAC,KAAK,EAAE,MAAM,CAAC;IACpB,OAAO,KAAK,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC;AAEtC,MAAM,MAAM,GAAG,CAAC,KAAc,EAAuC,EAAE,CACnE,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAE1C,MAAM,
|
|
1
|
+
{"version":3,"file":"no-message-event-without-origin-check.js","sourceRoot":"","sources":["../../src/rules/no-message-event-without-origin-check.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAEjD,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EACH,qBAAqB,EACrB,eAAe,EACf,oBAAoB,GACvB,MAAM,8BAA8B,CAAC;AAStC,MAAM,oBAAoB,GAAG,CACzB,UAAmC,EACL,EAAE,CAChC,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,uBAAuB;IAC1D,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,kBAAkB,CAAC;AAE1D,MAAM,4BAA4B,GAAG,CAAC,YAAoB,EAAW,EAAE,CACnE,8DAA8D,CAAC,IAAI,CAC/D,YAAY,CACf,CAAC;AAEN,MAAM,eAAe,GAAG,CAAC,KAAc,EAA0B,EAAE,CAC/D,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,CAAC;AAEhD,MAAM,UAAU,GAAG,CAAC,KAAc,EAAoC,EAAE,CACpE,eAAe,CAAC,KAAK,CAAC;IACtB,KAAK,CAAC,KAAK,EAAE,MAAM,CAAC;IACpB,OAAO,KAAK,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC;AAEtC,MAAM,MAAM,GAAG,CAAC,KAAc,EAAuC,EAAE,CACnE,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAE1C,MAAM,iBAAiB,GAAG,CACtB,IAA6B,EAC7B,eAA2D,EACpD,EAAE;IACT,IAAI,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,KAAK,MAAM,CAAC,YAAY,EAAE,aAAa,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9D,IAAI,YAAY,KAAK,QAAQ,EAAE,CAAC;YAC5B,SAAS;QACb,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC;YAC/B,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;gBAClC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;gBAElC,IACI,SAAS,KAAK,SAAS;oBACvB,iBAAiB,CAAC,SAAS,EAAE,eAAe,CAAC,EAC/C,CAAC;oBACC,OAAO,IAAI,CAAC;gBAChB,CAAC;YACL,CAAC;YAED,SAAS;QACb,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,CAAC,aAAa,CAAC,CAAC;QAExC,IACI,SAAS,KAAK,SAAS;YACvB,iBAAiB,CAAC,SAAS,EAAE,eAAe,CAAC,EAC/C,CAAC;YACC,OAAO,IAAI,CAAC;QAChB,CAAC;IACL,CAAC;IAED,OAAO,KAAK,CAAC;AACjB,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACtB,IAA6B,EAC7B,cAAsB,EACK,EAAE,CAC7B,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC;AAE5E,MAAM,qBAAqB,GAAG,CAC1B,gBAAqD,EACrD,UAAkB,EAClB,YAAoB,EACb,EAAE,CACT,iBAAiB,CAAC,gBAAgB,CAAC,MAAM,EAAE,UAAU,CAAC;IACtD,qBAAqB,CAAC,gBAAgB,CAAC,KAAK,YAAY,CAAC;AAE7D,MAAM,kBAAkB,GAAG,CACvB,OAAyC,EACzC,YAAoB,EACb,EAAE,CACT,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,EAAE;IACrC,IAAI,YAAY,CAAC,IAAI,KAAK,cAAc,CAAC,QAAQ,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,eAAe,CAAC,YAAY,CAAC,KAAK,YAAY,CAAC;AAC1D,CAAC,CAAC,CAAC;AAEP,MAAM,kCAAkC,GAAG,CACvC,QAAiC,EACjC,UAAkB,EAClB,YAAoB,EACb,EAAE,CACT,iBAAiB,CAAC,QAAQ,EAAE,CAAC,IAAI,EAAE,EAAE;IACjC,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,kBAAkB,EAAE,CAAC;QAClD,OAAO,CACH,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa;YAC7C,IAAI,CAAC,IAAI,KAAK,IAAI;YAClB,iBAAiB,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC;YACxC,kBAAkB,CAAC,IAAI,CAAC,EAAE,EAAE,YAAY,CAAC,CAC5C,CAAC;IACN,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,oBAAoB,EAAE,CAAC;QACpD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,CACH,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa;QAC/C,iBAAiB,CAAC,IAAI,CAAC,KAAK,EAAE,UAAU,CAAC;QACzC,kBAAkB,CAAC,IAAI,CAAC,IAAI,EAAE,YAAY,CAAC,CAC9C,CAAC;AACN,CAAC,CAAC,CAAC;AAEP,MAAM,uBAAuB,GAAG,CAC5B,QAAiC,EACjC,UAAkB,EAClB,YAAoB,EACb,EAAE,CACT,iBAAiB,CAAC,QAAQ,EAAE,CAAC,IAAI,EAAE,EAAE,CACjC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,gBAAgB;IACzC,CAAC,CAAC,qBAAqB,CAAC,IAAI,EAAE,UAAU,EAAE,YAAY,CAAC;IACvD,CAAC,CAAC,KAAK,CACd,CAAC;AAEN,MAAM,wBAAwB,GAAG,CAC7B,aAAqC,EACrC,YAAoB,EACb,EAAE,CACT,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,EAAE;IAC3C,IAAI,YAAY,CAAC,IAAI,KAAK,cAAc,CAAC,QAAQ,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,eAAe,CAAC,YAAY,CAAC,KAAK,YAAY,CAAC;AAC1D,CAAC,CAAC,CAAC;AAEP,MAAM,2BAA2B,GAAG,CAChC,YAA8B,EAC9B,kBAA0B,EACnB,EAAE,CACT,uBAAuB,CAAC,YAAY,CAAC,IAAI,EAAE,kBAAkB,EAAE,MAAM,CAAC;IACtE,kCAAkC,CAC9B,YAAY,CAAC,IAAI,EACjB,kBAAkB,EAClB,MAAM,CACT,CAAC;AAEN,MAAM,2BAA2B,GAAG,CAChC,YAA8B,EAC9B,OAAoB,EACpB,kBAA0B,EACnB,EAAE;IACT,MAAM,kBAAkB,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IAEpE,OAAO,CACH,uBAAuB,CACnB,YAAY,CAAC,IAAI,EACjB,kBAAkB,EAClB,QAAQ,CACX;QACD,kCAAkC,CAC9B,YAAY,CAAC,IAAI,EACjB,kBAAkB,EAClB,QAAQ,CACX;QACD,4BAA4B,CAAC,kBAAkB,CAAC,CACnD,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,8BAA8B,GAAG,CACnC,YAA8B,EAC9B,OAAoB,EACpB,cAAmC,EAC5B,EAAE,CACT,2BAA2B,CAAC,YAAY,EAAE,cAAc,CAAC,IAAI,CAAC;IAC9D,CAAC,2BAA2B,CAAC,YAAY,EAAE,OAAO,EAAE,cAAc,CAAC,IAAI,CAAC,CAAC;AAE7E,MAAM,iCAAiC,GAAG,CACtC,YAA8B,EAC9B,OAAoB,EACpB,cAAsC,EAC/B,EAAE;IACT,IAAI,CAAC,wBAAwB,CAAC,cAAc,EAAE,MAAM,CAAC,EAAE,CAAC;QACpD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,wBAAwB,CAAC,cAAc,EAAE,QAAQ,CAAC,EAAE,CAAC;QACrD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,CAAC,4BAA4B,CAChC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,YAAY,CAAC,CAC3C,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,gCAAgC,GAAG,CACrC,YAA8B,EAC9B,OAAoB,EACb,EAAE;IACT,MAAM,CAAC,cAAc,CAAC,GAAG,YAAY,CAAC,MAAM,CAAC;IAE7C,IACI,cAAc,KAAK,SAAS;QAC5B,cAAc,CAAC,IAAI,KAAK,cAAc,CAAC,WAAW,EACpD,CAAC;QACC,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,cAAc,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU,EAAE,CAAC;QACpD,OAAO,8BAA8B,CACjC,YAAY,EACZ,OAAO,EACP,cAAc,CACjB,CAAC;IACN,CAAC;IAED,IAAI,cAAc,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa,EAAE,CAAC;QACvD,OAAO,iCAAiC,CACpC,YAAY,EACZ,OAAO,EACP,cAAc,CACjB,CAAC;IACN,CAAC;IAED,OAAO,KAAK,CAAC;AACjB,CAAC,CAAC;AAEF,MAAM,0BAA0B,GAAG,CAAC,IAA6B,EAAW,EAAE;IAC1E,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,cAAc,CAAC,gBAAgB,EAAE,CAAC;QACvD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,kBAAkB,EAAE,CAAC;QAC5D,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC;IAEvC,OAAO,CACH,aAAa,KAAK,SAAS;QAC3B,aAAa,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa;QACnD,oBAAoB,CAAC,aAAa,CAAC,KAAK,SAAS,CACpD,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,IAAmC,EAAW,EAAE,CAC3E,IAAI,CAAC,QAAQ,KAAK,GAAG;IACrB,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,gBAAgB;IAClD,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,WAAW,CAAC;AAErD,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAiB;IACnE,MAAM,CAAC,OAAO;QACV,OAAO;YACH,oBAAoB,CAAC,IAAmC;gBACpD,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC/B,OAAO;gBACX,CAAC;gBAED,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;oBACpC,OAAO;gBACX,CAAC;gBAED,IAAI,CAAC,gCAAgC,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,CAAC;oBACzD,OAAO;gBACX,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,SAAS,EAAE,SAAS;oBACpB,IAAI,EAAE,IAAI,CAAC,KAAK;iBACnB,CAAC,CAAC;YACP,CAAC;YACD,cAAc,CAAC,IAA6B;gBACxC,IAAI,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,CAAC;oBACpC,OAAO;gBACX,CAAC;gBAED,MAAM,CAAC,EAAE,cAAc,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC;gBAE1C,IACI,cAAc,KAAK,SAAS;oBAC5B,cAAc,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa,EACtD,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,IAAI,CAAC,oBAAoB,CAAC,cAAc,CAAC,EAAE,CAAC;oBACxC,OAAO;gBACX,CAAC;gBAED,IACI,CAAC,gCAAgC,CAAC,cAAc,EAAE,OAAO,CAAC,EAC5D,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,SAAS,EAAE,SAAS;oBACpB,IAAI,EAAE,cAAc;iBACvB,CAAC,CAAC;YACP,CAAC;SACJ,CAAC;IACN,CAAC;IACD,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,yFAAyF;YAC7F,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,mGAAmG;SAC3G;QACD,QAAQ,EAAE;YACN,OAAO,EACH,kFAAkF;SACzF;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,uCAAuC;CAChD,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-msapp-exec-unsafe.d.ts","sourceRoot":"","sources":["../../src/rules/no-msapp-exec-unsafe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,
|
|
1
|
+
{"version":3,"file":"no-msapp-exec-unsafe.d.ts","sourceRoot":"","sources":["../../src/rules/no-msapp-exec-unsafe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA2BtC,CAAC;AAEH,eAAe,IAAI,CAAC"}
|
|
@@ -1,16 +1,14 @@
|
|
|
1
1
|
import { createRule } from "../_internal/create-rule.js";
|
|
2
2
|
/** Rule implementation. */
|
|
3
3
|
const rule = createRule({
|
|
4
|
-
create(context) {
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
};
|
|
13
|
-
},
|
|
4
|
+
create: (context) => ({
|
|
5
|
+
"CallExpression[arguments.length=1][callee.object.name='MSApp'][callee.property.name='execUnsafeLocalFunction']"(node) {
|
|
6
|
+
context.report({
|
|
7
|
+
messageId: "default",
|
|
8
|
+
node,
|
|
9
|
+
});
|
|
10
|
+
},
|
|
11
|
+
}),
|
|
14
12
|
meta: {
|
|
15
13
|
deprecated: false,
|
|
16
14
|
docs: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-msapp-exec-unsafe.js","sourceRoot":"","sources":["../../src/rules/no-msapp-exec-unsafe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAgB;IAClE,MAAM,CAAC,OAAO
|
|
1
|
+
{"version":3,"file":"no-msapp-exec-unsafe.js","sourceRoot":"","sources":["../../src/rules/no-msapp-exec-unsafe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAgB;IAClE,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAClB,gHAAgH,CAC5G,IAAI;YAEJ,OAAO,CAAC,MAAM,CAAC;gBACX,SAAS,EAAE,SAAS;gBACpB,IAAI;aACP,CAAC,CAAC;QACP,CAAC;KACJ,CAAC;IACF,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,oFAAoF;YACxF,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,kFAAkF;SAC1F;QACD,QAAQ,EAAE;YACN,OAAO,EAAE,4CAA4C;SACxD;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,sBAAsB;CAC/B,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-node-tls-check-server-identity-bypass.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-check-server-identity-bypass.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAsEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,
|
|
1
|
+
{"version":3,"file":"no-node-tls-check-server-identity-bypass.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-check-server-identity-bypass.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAsEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA6DtC,CAAC;AAEH,eAAe,IAAI,CAAC"}
|
|
@@ -38,42 +38,39 @@ const isAlwaysSuccessfulCheckServerIdentity = (callbackNode) => {
|
|
|
38
38
|
};
|
|
39
39
|
/** Rule implementation. */
|
|
40
40
|
const rule = createRule({
|
|
41
|
-
create(context) {
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
41
|
+
create: (context) => ({
|
|
42
|
+
AssignmentExpression(node) {
|
|
43
|
+
if (node.operator !== "=" ||
|
|
44
|
+
!isNodeTlsStaticMember(node.left, CHECK_SERVER_IDENTITY_PROPERTY_NAMES) ||
|
|
45
|
+
!isFunctionExpression(node.right) ||
|
|
46
|
+
!isAlwaysSuccessfulCheckServerIdentity(node.right)) {
|
|
47
|
+
return;
|
|
48
|
+
}
|
|
49
|
+
context.report({
|
|
50
|
+
messageId: "default",
|
|
51
|
+
node: node.right,
|
|
52
|
+
});
|
|
53
|
+
},
|
|
54
|
+
ObjectExpression(node) {
|
|
55
|
+
if (!isRelevantNodeTlsOptionsObject(node)) {
|
|
56
|
+
return;
|
|
57
|
+
}
|
|
58
|
+
for (const propertyNode of node.properties) {
|
|
59
|
+
if (propertyNode.type !== AST_NODE_TYPES.Property ||
|
|
60
|
+
propertyNode.kind !== "init" ||
|
|
61
|
+
getPropertyName(propertyNode) !== "checkServerIdentity" ||
|
|
62
|
+
!isExpressionNode(propertyNode.value) ||
|
|
63
|
+
!isFunctionExpression(propertyNode.value) ||
|
|
64
|
+
!isAlwaysSuccessfulCheckServerIdentity(propertyNode.value)) {
|
|
65
|
+
continue;
|
|
49
66
|
}
|
|
50
67
|
context.report({
|
|
51
68
|
messageId: "default",
|
|
52
|
-
node:
|
|
69
|
+
node: propertyNode.value,
|
|
53
70
|
});
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
return;
|
|
58
|
-
}
|
|
59
|
-
for (const propertyNode of node.properties) {
|
|
60
|
-
if (propertyNode.type !== AST_NODE_TYPES.Property ||
|
|
61
|
-
propertyNode.kind !== "init" ||
|
|
62
|
-
getPropertyName(propertyNode) !==
|
|
63
|
-
"checkServerIdentity" ||
|
|
64
|
-
!isExpressionNode(propertyNode.value) ||
|
|
65
|
-
!isFunctionExpression(propertyNode.value) ||
|
|
66
|
-
!isAlwaysSuccessfulCheckServerIdentity(propertyNode.value)) {
|
|
67
|
-
continue;
|
|
68
|
-
}
|
|
69
|
-
context.report({
|
|
70
|
-
messageId: "default",
|
|
71
|
-
node: propertyNode.value,
|
|
72
|
-
});
|
|
73
|
-
}
|
|
74
|
-
},
|
|
75
|
-
};
|
|
76
|
-
},
|
|
71
|
+
}
|
|
72
|
+
},
|
|
73
|
+
}),
|
|
77
74
|
meta: {
|
|
78
75
|
deprecated: false,
|
|
79
76
|
docs: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-node-tls-check-server-identity-bypass.js","sourceRoot":"","sources":["../../src/rules/no-node-tls-check-server-identity-bypass.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAEvC,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EACH,qBAAqB,EACrB,8BAA8B,GACjC,MAAM,iCAAiC,CAAC;AAQzC,MAAM,oCAAoC,GAAG,IAAI,GAAG,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC;AAE9E,MAAM,oBAAoB,GAAG,CACzB,UAA+B,EACU,EAAE,CAC3C,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,uBAAuB;IAC1D,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,kBAAkB,CAAC;AAE1D,MAAM,gBAAgB,GAAG,CAAC,IAAmB,EAA+B,EAAE,CAC1E,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,YAAY;IACzC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,iBAAiB;IAC9C,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa,CAAC;AAE/C,MAAM,kCAAkC,GAAG,CACvC,UAA+B,EACxB,EAAE;IACT,IAAI,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU,EAAE,CAAC;QAChD,OAAO,UAAU,CAAC,IAAI,KAAK,WAAW,CAAC;IAC3C,CAAC;IAED,IAAI,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,OAAO,EAAE,CAAC;QAC7C,OAAO,UAAU,CAAC,KAAK,KAAK,IAAI,CAAC;IACrC,CAAC;IAED,OAAO,CACH,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,eAAe;QAClD,UAAU,CAAC,QAAQ,KAAK,MAAM,CACjC,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,qCAAqC,GAAG,CAC1C,YAAyC,EAClC,EAAE;IACT,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,cAAc,EAAE,CAAC;QAC3D,OAAO,kCAAkC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtC,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,aAAa,GAAG,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEzD,IAAI,aAAa,EAAE,IAAI,KAAK,cAAc,CAAC,eAAe,EAAE,CAAC;QACzD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,CACH,aAAa,CAAC,QAAQ,KAAK,IAAI;QAC/B,kCAAkC,CAAC,aAAa,CAAC,QAAQ,CAAC,CAC7D,CAAC;AACN,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAiB;IACnE,MAAM,CAAC,OAAO
|
|
1
|
+
{"version":3,"file":"no-node-tls-check-server-identity-bypass.js","sourceRoot":"","sources":["../../src/rules/no-node-tls-check-server-identity-bypass.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAEvC,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EACH,qBAAqB,EACrB,8BAA8B,GACjC,MAAM,iCAAiC,CAAC;AAQzC,MAAM,oCAAoC,GAAG,IAAI,GAAG,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC;AAE9E,MAAM,oBAAoB,GAAG,CACzB,UAA+B,EACU,EAAE,CAC3C,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,uBAAuB;IAC1D,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,kBAAkB,CAAC;AAE1D,MAAM,gBAAgB,GAAG,CAAC,IAAmB,EAA+B,EAAE,CAC1E,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,YAAY;IACzC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,iBAAiB;IAC9C,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa,CAAC;AAE/C,MAAM,kCAAkC,GAAG,CACvC,UAA+B,EACxB,EAAE;IACT,IAAI,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU,EAAE,CAAC;QAChD,OAAO,UAAU,CAAC,IAAI,KAAK,WAAW,CAAC;IAC3C,CAAC;IAED,IAAI,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,OAAO,EAAE,CAAC;QAC7C,OAAO,UAAU,CAAC,KAAK,KAAK,IAAI,CAAC;IACrC,CAAC;IAED,OAAO,CACH,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,eAAe;QAClD,UAAU,CAAC,QAAQ,KAAK,MAAM,CACjC,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,qCAAqC,GAAG,CAC1C,YAAyC,EAClC,EAAE;IACT,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,cAAc,EAAE,CAAC;QAC3D,OAAO,kCAAkC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtC,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,aAAa,GAAG,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEzD,IAAI,aAAa,EAAE,IAAI,KAAK,cAAc,CAAC,eAAe,EAAE,CAAC;QACzD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,CACH,aAAa,CAAC,QAAQ,KAAK,IAAI;QAC/B,kCAAkC,CAAC,aAAa,CAAC,QAAQ,CAAC,CAC7D,CAAC;AACN,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAiB;IACnE,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAClB,oBAAoB,CAAC,IAAmC;YACpD,IACI,IAAI,CAAC,QAAQ,KAAK,GAAG;gBACrB,CAAC,qBAAqB,CAClB,IAAI,CAAC,IAAI,EACT,oCAAoC,CACvC;gBACD,CAAC,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC;gBACjC,CAAC,qCAAqC,CAAC,IAAI,CAAC,KAAK,CAAC,EACpD,CAAC;gBACC,OAAO;YACX,CAAC;YAED,OAAO,CAAC,MAAM,CAAC;gBACX,SAAS,EAAE,SAAS;gBACpB,IAAI,EAAE,IAAI,CAAC,KAAK;aACnB,CAAC,CAAC;QACP,CAAC;QACD,gBAAgB,CAAC,IAA+B;YAC5C,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxC,OAAO;YACX,CAAC;YAED,KAAK,MAAM,YAAY,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACzC,IACI,YAAY,CAAC,IAAI,KAAK,cAAc,CAAC,QAAQ;oBAC7C,YAAY,CAAC,IAAI,KAAK,MAAM;oBAC5B,eAAe,CAAC,YAAY,CAAC,KAAK,qBAAqB;oBACvD,CAAC,gBAAgB,CAAC,YAAY,CAAC,KAAK,CAAC;oBACrC,CAAC,oBAAoB,CAAC,YAAY,CAAC,KAAK,CAAC;oBACzC,CAAC,qCAAqC,CAAC,YAAY,CAAC,KAAK,CAAC,EAC5D,CAAC;oBACC,SAAS;gBACb,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,SAAS,EAAE,SAAS;oBACpB,IAAI,EAAE,YAAY,CAAC,KAAK;iBAC3B,CAAC,CAAC;YACP,CAAC;QACL,CAAC;KACJ,CAAC;IACF,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,sFAAsF;YAC1F,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,sGAAsG;SAC9G;QACD,QAAQ,EAAE;YACN,OAAO,EACH,6GAA6G;SACpH;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,0CAA0C;CACnD,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-node-tls-legacy-protocol.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-legacy-protocol.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;
|
|
1
|
+
{"version":3,"file":"no-node-tls-legacy-protocol.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-legacy-protocol.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAiEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA4FtC,CAAC;AAEH,eAAe,IAAI,CAAC"}
|
|
@@ -1,8 +1,13 @@
|
|
|
1
1
|
import { AST_NODE_TYPES } from "@typescript-eslint/utils";
|
|
2
|
-
import { isDefined, setHas } from "ts-extras";
|
|
2
|
+
import { arrayIncludes, isDefined, setHas } from "ts-extras";
|
|
3
3
|
import { createRule } from "../_internal/create-rule.js";
|
|
4
4
|
import { getMemberPropertyName, getPropertyName, getStaticStringValue, } from "../_internal/estree-utils.js";
|
|
5
5
|
import { isNodeTlsStaticMember, isRelevantNodeTlsOptionsObject, } from "../_internal/node-tls-config.js";
|
|
6
|
+
const LEGACY_TLS_PROPERTY_NAMES = [
|
|
7
|
+
"maxVersion",
|
|
8
|
+
"minVersion",
|
|
9
|
+
"secureProtocol",
|
|
10
|
+
];
|
|
6
11
|
const LEGACY_TLS_VERSION_VALUES = new Set([
|
|
7
12
|
"TLSv1",
|
|
8
13
|
"TLSv1.0",
|
|
@@ -20,9 +25,7 @@ const isLegacyTlsPropertyValue = (propertyName, configuredValue) => {
|
|
|
20
25
|
};
|
|
21
26
|
const getLegacyTlsPropertyName = (propertyNode) => {
|
|
22
27
|
const propertyName = getPropertyName(propertyNode);
|
|
23
|
-
if (propertyName
|
|
24
|
-
propertyName === "minVersion" ||
|
|
25
|
-
propertyName === "secureProtocol") {
|
|
28
|
+
if (arrayIncludes(LEGACY_TLS_PROPERTY_NAMES, propertyName)) {
|
|
26
29
|
return propertyName;
|
|
27
30
|
}
|
|
28
31
|
return undefined;
|
|
@@ -30,61 +33,59 @@ const getLegacyTlsPropertyName = (propertyNode) => {
|
|
|
30
33
|
const isTlsDefaultVersionMember = (node) => isNodeTlsStaticMember(node, new Set(["DEFAULT_MAX_VERSION", "DEFAULT_MIN_VERSION"]));
|
|
31
34
|
/** Rule implementation. */
|
|
32
35
|
const rule = createRule({
|
|
33
|
-
create(context) {
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
36
|
+
create: (context) => ({
|
|
37
|
+
AssignmentExpression(node) {
|
|
38
|
+
if (node.operator !== "=" ||
|
|
39
|
+
!isTlsDefaultVersionMember(node.left)) {
|
|
40
|
+
return;
|
|
41
|
+
}
|
|
42
|
+
const configuredValue = getStaticStringValue(node.right);
|
|
43
|
+
if (typeof configuredValue !== "string" ||
|
|
44
|
+
!setHas(LEGACY_TLS_VERSION_VALUES, configuredValue)) {
|
|
45
|
+
return;
|
|
46
|
+
}
|
|
47
|
+
context.report({
|
|
48
|
+
data: {
|
|
49
|
+
configuredValue,
|
|
50
|
+
propertyName: getMemberPropertyName(node.left) ??
|
|
51
|
+
"DEFAULT_MIN_VERSION",
|
|
52
|
+
},
|
|
53
|
+
messageId: "default",
|
|
54
|
+
node: node.right,
|
|
55
|
+
});
|
|
56
|
+
},
|
|
57
|
+
ObjectExpression(node) {
|
|
58
|
+
if (!isRelevantNodeTlsOptionsObject(node)) {
|
|
59
|
+
return;
|
|
60
|
+
}
|
|
61
|
+
for (const propertyNode of node.properties) {
|
|
62
|
+
if (propertyNode.type !== AST_NODE_TYPES.Property ||
|
|
63
|
+
propertyNode.kind !== "init") {
|
|
64
|
+
continue;
|
|
65
|
+
}
|
|
66
|
+
if (!isExpressionNode(propertyNode.value)) {
|
|
67
|
+
continue;
|
|
39
68
|
}
|
|
40
|
-
const
|
|
69
|
+
const propertyName = getLegacyTlsPropertyName(propertyNode);
|
|
70
|
+
if (!isDefined(propertyName)) {
|
|
71
|
+
continue;
|
|
72
|
+
}
|
|
73
|
+
const configuredValue = getStaticStringValue(propertyNode.value);
|
|
41
74
|
if (typeof configuredValue !== "string" ||
|
|
42
|
-
!
|
|
43
|
-
|
|
75
|
+
!isLegacyTlsPropertyValue(propertyName, configuredValue)) {
|
|
76
|
+
continue;
|
|
44
77
|
}
|
|
45
78
|
context.report({
|
|
46
79
|
data: {
|
|
47
80
|
configuredValue,
|
|
48
|
-
propertyName
|
|
49
|
-
"DEFAULT_MIN_VERSION",
|
|
81
|
+
propertyName,
|
|
50
82
|
},
|
|
51
83
|
messageId: "default",
|
|
52
|
-
node:
|
|
84
|
+
node: propertyNode.value,
|
|
53
85
|
});
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
return;
|
|
58
|
-
}
|
|
59
|
-
for (const propertyNode of node.properties) {
|
|
60
|
-
if (propertyNode.type !== AST_NODE_TYPES.Property ||
|
|
61
|
-
propertyNode.kind !== "init") {
|
|
62
|
-
continue;
|
|
63
|
-
}
|
|
64
|
-
if (!isExpressionNode(propertyNode.value)) {
|
|
65
|
-
continue;
|
|
66
|
-
}
|
|
67
|
-
const propertyName = getLegacyTlsPropertyName(propertyNode);
|
|
68
|
-
if (!isDefined(propertyName)) {
|
|
69
|
-
continue;
|
|
70
|
-
}
|
|
71
|
-
const configuredValue = getStaticStringValue(propertyNode.value);
|
|
72
|
-
if (typeof configuredValue !== "string" ||
|
|
73
|
-
!isLegacyTlsPropertyValue(propertyName, configuredValue)) {
|
|
74
|
-
continue;
|
|
75
|
-
}
|
|
76
|
-
context.report({
|
|
77
|
-
data: {
|
|
78
|
-
configuredValue,
|
|
79
|
-
propertyName,
|
|
80
|
-
},
|
|
81
|
-
messageId: "default",
|
|
82
|
-
node: propertyNode.value,
|
|
83
|
-
});
|
|
84
|
-
}
|
|
85
|
-
},
|
|
86
|
-
};
|
|
87
|
-
},
|
|
86
|
+
}
|
|
87
|
+
},
|
|
88
|
+
}),
|
|
88
89
|
meta: {
|
|
89
90
|
deprecated: false,
|
|
90
91
|
docs: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-node-tls-legacy-protocol.js","sourceRoot":"","sources":["../../src/rules/no-node-tls-legacy-protocol.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"no-node-tls-legacy-protocol.js","sourceRoot":"","sources":["../../src/rules/no-node-tls-legacy-protocol.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;AAE7D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EACH,qBAAqB,EACrB,eAAe,EACf,oBAAoB,GACvB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACH,qBAAqB,EACrB,8BAA8B,GACjC,MAAM,iCAAiC,CAAC;AAKzC,MAAM,yBAAyB,GAAG;IAC9B,YAAY;IACZ,YAAY;IACZ,gBAAgB;CACiC,CAAC;AAEtD,MAAM,yBAAyB,GAAG,IAAI,GAAG,CAAC;IACtC,OAAO;IACP,SAAS;IACT,SAAS;CACZ,CAAC,CAAC;AAEH,MAAM,2BAA2B,GAAG,CAAC,KAAa,EAAW,EAAE,CAC3D,+DAA+D,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAEhF,MAAM,gBAAgB,GAAG,CAAC,IAAmB,EAA+B,EAAE,CAC1E,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,YAAY;IACzC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,iBAAiB;IAC9C,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa,CAAC;AAE/C,MAAM,wBAAwB,GAAG,CAC7B,YAAmC,EACnC,eAAuB,EAChB,EAAE;IACT,IAAI,YAAY,KAAK,gBAAgB,EAAE,CAAC;QACpC,OAAO,2BAA2B,CAAC,eAAe,CAAC,CAAC;IACxD,CAAC;IAED,OAAO,MAAM,CAAC,yBAAyB,EAAE,eAAe,CAAC,CAAC;AAC9D,CAAC,CAAC;AAEF,MAAM,wBAAwB,GAAG,CAC7B,YAA+B,EACE,EAAE;IACnC,MAAM,YAAY,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC;IAEnD,IAAI,aAAa,CAAC,yBAAyB,EAAE,YAAY,CAAC,EAAE,CAAC;QACzD,OAAO,YAAY,CAAC;IACxB,CAAC;IAED,OAAO,SAAS,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,yBAAyB,GAAG,CAC9B,IAA2C,EACV,EAAE,CACnC,qBAAqB,CACjB,IAAI,EACJ,IAAI,GAAG,CAAC,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,CAAC,CAC1D,CAAC;AAEN,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAiB;IACnE,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAClB,oBAAoB,CAAC,IAAmC;YACpD,IACI,IAAI,CAAC,QAAQ,KAAK,GAAG;gBACrB,CAAC,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC,EACvC,CAAC;gBACC,OAAO;YACX,CAAC;YAED,MAAM,eAAe,GAAG,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAEzD,IACI,OAAO,eAAe,KAAK,QAAQ;gBACnC,CAAC,MAAM,CAAC,yBAAyB,EAAE,eAAe,CAAC,EACrD,CAAC;gBACC,OAAO;YACX,CAAC;YAED,OAAO,CAAC,MAAM,CAAC;gBACX,IAAI,EAAE;oBACF,eAAe;oBACf,YAAY,EACR,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC;wBAChC,qBAAqB;iBAC5B;gBACD,SAAS,EAAE,SAAS;gBACpB,IAAI,EAAE,IAAI,CAAC,KAAK;aACnB,CAAC,CAAC;QACP,CAAC;QACD,gBAAgB,CAAC,IAA+B;YAC5C,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxC,OAAO;YACX,CAAC;YAED,KAAK,MAAM,YAAY,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACzC,IACI,YAAY,CAAC,IAAI,KAAK,cAAc,CAAC,QAAQ;oBAC7C,YAAY,CAAC,IAAI,KAAK,MAAM,EAC9B,CAAC;oBACC,SAAS;gBACb,CAAC;gBAED,IAAI,CAAC,gBAAgB,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;oBACxC,SAAS;gBACb,CAAC;gBAED,MAAM,YAAY,GAAG,wBAAwB,CAAC,YAAY,CAAC,CAAC;gBAE5D,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC;oBAC3B,SAAS;gBACb,CAAC;gBAED,MAAM,eAAe,GAAG,oBAAoB,CACxC,YAAY,CAAC,KAAK,CACrB,CAAC;gBAEF,IACI,OAAO,eAAe,KAAK,QAAQ;oBACnC,CAAC,wBAAwB,CAAC,YAAY,EAAE,eAAe,CAAC,EAC1D,CAAC;oBACC,SAAS;gBACb,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,IAAI,EAAE;wBACF,eAAe;wBACf,YAAY;qBACf;oBACD,SAAS,EAAE,SAAS;oBACpB,IAAI,EAAE,YAAY,CAAC,KAAK;iBAC3B,CAAC,CAAC;YACP,CAAC;QACL,CAAC;KACJ,CAAC;IACF,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,sGAAsG;YAC1G,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,yFAAyF;SACjG;QACD,QAAQ,EAAE;YACN,OAAO,EACH,mHAAmH;SAC1H;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,6BAA6B;CACtC,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-node-tls-reject-unauthorized-zero.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-reject-unauthorized-zero.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAiEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,
|
|
1
|
+
{"version":3,"file":"no-node-tls-reject-unauthorized-zero.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-reject-unauthorized-zero.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAiEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA0DtC,CAAC;AAEH,eAAe,IAAI,CAAC"}
|