eslint-plugin-sdl-2 1.2.4 → 1.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (114) hide show
  1. package/CHANGELOG.md +81 -873
  2. package/dist/_internal/config-references.d.ts +2 -1
  3. package/dist/_internal/config-references.d.ts.map +1 -1
  4. package/dist/_internal/config-references.js.map +1 -1
  5. package/dist/_internal/electron-web-preferences.d.ts.map +1 -1
  6. package/dist/_internal/electron-web-preferences.js +1 -3
  7. package/dist/_internal/electron-web-preferences.js.map +1 -1
  8. package/dist/plugin.cjs +613 -652
  9. package/dist/plugin.cjs.map +3 -3
  10. package/dist/plugin.js +13 -13
  11. package/dist/plugin.js.map +1 -1
  12. package/dist/rules/no-angular-bypass-sanitizer.d.ts.map +1 -1
  13. package/dist/rules/no-angular-bypass-sanitizer.js +8 -10
  14. package/dist/rules/no-angular-bypass-sanitizer.js.map +1 -1
  15. package/dist/rules/no-angular-bypass-security-trust-html.d.ts.map +1 -1
  16. package/dist/rules/no-angular-bypass-security-trust-html.js +14 -17
  17. package/dist/rules/no-angular-bypass-security-trust-html.js.map +1 -1
  18. package/dist/rules/no-angular-innerhtml-binding.d.ts.map +1 -1
  19. package/dist/rules/no-angular-innerhtml-binding.js +30 -32
  20. package/dist/rules/no-angular-innerhtml-binding.js.map +1 -1
  21. package/dist/rules/no-angular-sanitization-trusted-urls.d.ts.map +1 -1
  22. package/dist/rules/no-angular-sanitization-trusted-urls.js +8 -10
  23. package/dist/rules/no-angular-sanitization-trusted-urls.js.map +1 -1
  24. package/dist/rules/no-angularjs-ng-bind-html-without-sanitize.d.ts.map +1 -1
  25. package/dist/rules/no-angularjs-ng-bind-html-without-sanitize.js +36 -38
  26. package/dist/rules/no-angularjs-ng-bind-html-without-sanitize.js.map +1 -1
  27. package/dist/rules/no-angularjs-sanitization-whitelist.d.ts.map +1 -1
  28. package/dist/rules/no-angularjs-sanitization-whitelist.js +8 -10
  29. package/dist/rules/no-angularjs-sanitization-whitelist.js.map +1 -1
  30. package/dist/rules/no-document-parse-html-unsafe.d.ts.map +1 -1
  31. package/dist/rules/no-document-parse-html-unsafe.js +6 -3
  32. package/dist/rules/no-document-parse-html-unsafe.js.map +1 -1
  33. package/dist/rules/no-dynamic-import-unsafe-url.d.ts.map +1 -1
  34. package/dist/rules/no-dynamic-import-unsafe-url.js +11 -13
  35. package/dist/rules/no-dynamic-import-unsafe-url.js.map +1 -1
  36. package/dist/rules/no-electron-allow-running-insecure-content.d.ts.map +1 -1
  37. package/dist/rules/no-electron-allow-running-insecure-content.js +4 -6
  38. package/dist/rules/no-electron-allow-running-insecure-content.js.map +1 -1
  39. package/dist/rules/no-electron-disable-context-isolation.d.ts.map +1 -1
  40. package/dist/rules/no-electron-disable-context-isolation.js +4 -6
  41. package/dist/rules/no-electron-disable-context-isolation.js.map +1 -1
  42. package/dist/rules/no-electron-disable-sandbox.d.ts.map +1 -1
  43. package/dist/rules/no-electron-disable-sandbox.js +4 -6
  44. package/dist/rules/no-electron-disable-sandbox.js.map +1 -1
  45. package/dist/rules/no-electron-disable-web-security.d.ts.map +1 -1
  46. package/dist/rules/no-electron-disable-web-security.js +4 -6
  47. package/dist/rules/no-electron-disable-web-security.js.map +1 -1
  48. package/dist/rules/no-electron-enable-remote-module.d.ts.map +1 -1
  49. package/dist/rules/no-electron-enable-remote-module.js +4 -6
  50. package/dist/rules/no-electron-enable-remote-module.js.map +1 -1
  51. package/dist/rules/no-electron-enable-webview-tag.d.ts.map +1 -1
  52. package/dist/rules/no-electron-enable-webview-tag.js +4 -6
  53. package/dist/rules/no-electron-enable-webview-tag.js.map +1 -1
  54. package/dist/rules/no-electron-experimental-features.d.ts.map +1 -1
  55. package/dist/rules/no-electron-experimental-features.js +4 -6
  56. package/dist/rules/no-electron-experimental-features.js.map +1 -1
  57. package/dist/rules/no-electron-node-integration.d.ts.map +1 -1
  58. package/dist/rules/no-electron-node-integration.js +27 -29
  59. package/dist/rules/no-electron-node-integration.js.map +1 -1
  60. package/dist/rules/no-electron-webview-allowpopups.d.ts.map +1 -1
  61. package/dist/rules/no-electron-webview-allowpopups.js +21 -25
  62. package/dist/rules/no-electron-webview-allowpopups.js.map +1 -1
  63. package/dist/rules/no-electron-webview-insecure-webpreferences.d.ts.map +1 -1
  64. package/dist/rules/no-electron-webview-insecure-webpreferences.js +28 -30
  65. package/dist/rules/no-electron-webview-insecure-webpreferences.js.map +1 -1
  66. package/dist/rules/no-electron-webview-node-integration.d.ts.map +1 -1
  67. package/dist/rules/no-electron-webview-node-integration.js +27 -31
  68. package/dist/rules/no-electron-webview-node-integration.js.map +1 -1
  69. package/dist/rules/no-inner-html.js +3 -3
  70. package/dist/rules/no-inner-html.js.map +1 -1
  71. package/dist/rules/no-insecure-random.js +1 -1
  72. package/dist/rules/no-insecure-random.js.map +1 -1
  73. package/dist/rules/no-insecure-tls-agent-options.d.ts.map +1 -1
  74. package/dist/rules/no-insecure-tls-agent-options.js +20 -22
  75. package/dist/rules/no-insecure-tls-agent-options.js.map +1 -1
  76. package/dist/rules/no-insecure-url.js +8 -8
  77. package/dist/rules/no-insecure-url.js.map +1 -1
  78. package/dist/rules/no-message-event-without-origin-check.js +19 -19
  79. package/dist/rules/no-message-event-without-origin-check.js.map +1 -1
  80. package/dist/rules/no-msapp-exec-unsafe.d.ts.map +1 -1
  81. package/dist/rules/no-msapp-exec-unsafe.js +8 -10
  82. package/dist/rules/no-msapp-exec-unsafe.js.map +1 -1
  83. package/dist/rules/no-node-tls-check-server-identity-bypass.d.ts.map +1 -1
  84. package/dist/rules/no-node-tls-check-server-identity-bypass.js +29 -32
  85. package/dist/rules/no-node-tls-check-server-identity-bypass.js.map +1 -1
  86. package/dist/rules/no-node-tls-legacy-protocol.d.ts.map +1 -1
  87. package/dist/rules/no-node-tls-legacy-protocol.js +51 -50
  88. package/dist/rules/no-node-tls-legacy-protocol.js.map +1 -1
  89. package/dist/rules/no-node-tls-reject-unauthorized-zero.d.ts.map +1 -1
  90. package/dist/rules/no-node-tls-reject-unauthorized-zero.js +28 -30
  91. package/dist/rules/no-node-tls-reject-unauthorized-zero.js.map +1 -1
  92. package/dist/rules/no-node-tls-security-level-zero.d.ts.map +1 -1
  93. package/dist/rules/no-node-tls-security-level-zero.js +37 -39
  94. package/dist/rules/no-node-tls-security-level-zero.js.map +1 -1
  95. package/dist/rules/no-nonnull-assertion-on-security-input.d.ts.map +1 -1
  96. package/dist/rules/no-nonnull-assertion-on-security-input.js +11 -13
  97. package/dist/rules/no-nonnull-assertion-on-security-input.js.map +1 -1
  98. package/dist/rules/no-postmessage-star-origin.d.ts.map +1 -1
  99. package/dist/rules/no-postmessage-star-origin.js +1 -3
  100. package/dist/rules/no-postmessage-star-origin.js.map +1 -1
  101. package/dist/rules/no-script-text.d.ts.map +1 -1
  102. package/dist/rules/no-script-text.js +6 -3
  103. package/dist/rules/no-script-text.js.map +1 -1
  104. package/dist/rules/no-unsafe-cast-to-trusted-types.d.ts.map +1 -1
  105. package/dist/rules/no-unsafe-cast-to-trusted-types.js +26 -28
  106. package/dist/rules/no-unsafe-cast-to-trusted-types.js.map +1 -1
  107. package/dist/rules/no-winjs-html-unsafe.d.ts.map +1 -1
  108. package/dist/rules/no-winjs-html-unsafe.js +8 -10
  109. package/dist/rules/no-winjs-html-unsafe.js.map +1 -1
  110. package/docs/rules/no-child-process-exec.md +1 -1
  111. package/docs/rules/no-child-process-shell-true.md +1 -1
  112. package/docs/rules/no-msapp-exec-unsafe.md +1 -1
  113. package/docs/rules/no-winjs-html-unsafe.md +1 -1
  114. package/package.json +49 -41
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "$schema": "https://www.schemastore.org/package.json",
3
3
  "name": "eslint-plugin-sdl-2",
4
- "version": "1.2.4",
4
+ "version": "1.2.6",
5
5
  "private": false,
6
6
  "description": "ESLint plugin providing SDL-focused security and platform hardening rules.",
7
7
  "keywords": [
@@ -26,7 +26,7 @@
26
26
  "url": "git+https://github.com/Nick2bad4u/eslint-plugin-SDL-2.git"
27
27
  },
28
28
  "license": "MIT",
29
- "author": "Nick2bad4u <20943337+Nick2bad4u@users.noreply.github.com> (https://nick2bad4u.github.io/eslint-plugin-SDL-2)",
29
+ "author": "Nick2bad4u <20943337+Nick2bad4u@users.noreply.github.com> (https://github.com/Nick2bad4u)",
30
30
  "contributors": [
31
31
  {
32
32
  "name": "Nick2bad4u",
@@ -85,7 +85,7 @@
85
85
  "build:types:cjs": "node -e \"require('node:fs').copyFileSync('dist/plugin.d.ts','dist/plugin.d.cts')\"",
86
86
  "changelog:generate": "git-cliff --config cliff.toml --output CHANGELOG.md",
87
87
  "changelog:preview": "git-cliff --config cliff.toml --unreleased",
88
- "changelog:release-notes": "git-cliff --config cliff.toml --latest --strip all",
88
+ "changelog:release-notes": "git-cliff --config cliff.toml --current --strip all",
89
89
  "clean:cache": "node scripts/remove-paths.mjs dist coverage cache .cache .vite .turbo",
90
90
  "clean:cache:coverage": "node scripts/remove-paths.mjs coverage .coverage",
91
91
  "clean:cache:dist": "node scripts/remove-paths.mjs dist release",
@@ -122,9 +122,9 @@
122
122
  "lint": "cross-env NODE_OPTIONS=--max_old_space_size=16384 eslint --cache --cache-strategy content --cache-location .cache/.eslintcache",
123
123
  "lint:action": "npm run lint:actions",
124
124
  "lint:actions": "node scripts/lint-actionlint.mjs",
125
- "lint:all": "npm run lint && npm run lint:css && npm run lint:prettier && npm run lint:remark && npm run lint:package && npm run lint:secretlint && npm run lint:yaml && npm run lint:actions && npm run lint:circular",
126
- "lint:all:fix": "npm run lint:fix && npm run lint:css:fix && npm run lint:prettier:fix && npm run lint:remark && npm run lint:package && npm run lint:secretlint && npm run lint:yaml:fix && npm run lint:actions && npm run lint:circular",
127
- "lint:all:fix:quiet": "npm run lint:fix:quiet && npm run lint:css:fix && npm run lint:prettier:fix && npm run lint:remark && npm run lint:package && npm run lint:secretlint && npm run lint:yaml:fix && npm run lint:actions && npm run lint:circular",
125
+ "lint:all": "npm run lint && npm run lint:css && npm run lint:prettier && npm run lint:remark && npm run lint:package && npm run lint:gitleaks && npm run lint:secretlint && npm run lint:yaml && npm run lint:yamllint && npm run lint:actions && npm run lint:circular",
126
+ "lint:all:fix": "npm run lint:fix && npm run lint:css:fix && npm run lint:prettier:fix && npm run lint:remark && npm run lint:package && npm run lint:gitleaks && npm run lint:secretlint && npm run lint:yaml:fix && npm run lint:yamllint && npm run lint:actions && npm run lint:circular",
127
+ "lint:all:fix:quiet": "npm run lint:fix:quiet && npm run lint:css:fix && npm run lint:prettier:fix && npm run lint:remark && npm run lint:package && npm run lint:gitleaks && npm run lint:secretlint && npm run lint:yaml:fix && npm run lint:yamllint && npm run lint:actions && npm run lint:circular",
128
128
  "lint:circular": "npm run madge:circular",
129
129
  "lint:compat:eslint9": "node scripts/eslint9-compat-smoke.mjs",
130
130
  "lint:config:build": "npm run build:eslint-inspector",
@@ -141,6 +141,7 @@
141
141
  "lint:exports": "ts-unused-exports tsconfig.json src/plugin.ts --excludePathsFromReport=plugin.ts",
142
142
  "lint:fix": "cross-env NODE_OPTIONS=--max_old_space_size=16384 eslint --cache --cache-strategy content --cache-location .cache/.eslintcache --fix",
143
143
  "lint:fix:quiet": "cross-env ESLINT_PROGRESS=off NODE_OPTIONS=--max_old_space_size=16384 eslint --cache --cache-strategy content --cache-location .cache/.eslintcache --fix && echo \"Eslint fix done!\"",
144
+ "lint:gitleaks": "gitleaks dir --config .gitleaks.toml .",
144
145
  "lint:grype": "grype . -c .grype.yaml --name eslint-plugin-sdl-2",
145
146
  "lint:knip": "npm run knip",
146
147
  "lint:knip:exports": "npm run knip -- --include exports,nsExports,classMembers,types,nsTypes,enumMembers,duplicates",
@@ -168,13 +169,14 @@
168
169
  "lint:unused-deps": "npm run knip -- --include dependencies",
169
170
  "lint:yaml": "cross-env NODE_OPTIONS=--max_old_space_size=16384 eslint --cache --cache-strategy content --cache-location .cache/.eslintcache \"**/*.{yml,yaml}\" && echo \"YAML lint done!\"",
170
171
  "lint:yaml:fix": "cross-env NODE_OPTIONS=--max_old_space_size=16384 eslint --cache --cache-strategy content --cache-location .cache/.eslintcache --fix \"**/*.{yml,yaml}\" && echo \"YAML lint (fix) done!\"",
172
+ "lint:yamllint": "yamllint .",
171
173
  "madge:circular": "madge --circular --no-spinner --ts-config tsconfig.json --extensions ts,tsx,js,jsx,mjs,cjs,cts,mts ./src --exclude \"(^|[\\/])(test|dist|node_modules|cache|.cache|coverage|build|eslint-inspector|temp|.docusaurus)($|[\\/])|\\.css$\"",
172
174
  "madge:leaves": "madge --leaves --no-spinner --ts-config tsconfig.json --extensions ts,tsx,js,jsx,mjs,cjs,cts,mts ./src --exclude \"(^|[\\/])(test|dist|node_modules|cache|.cache|coverage|build|eslint-inspector|temp|.docusaurus)($|[\\/])|\\.css$\"",
173
175
  "madge:orphans": "madge --orphans --no-spinner --ts-config tsconfig.json --extensions ts,tsx,js,jsx,mjs,cjs,cts,mts ./src --exclude \"(^|[\\/])(test|dist|node_modules|cache|.cache|coverage|build|eslint-inspector|temp|.docusaurus)($|[\\/])|\\.css$\"",
174
176
  "open:coverage": "open-cli coverage/index.html",
175
177
  "prepublishOnly": "npm run release:check",
176
178
  "release:check": "npm run release:verify",
177
- "release:verify": "npm run build && npm run lint && npm run typecheck && npm run test && npm run sync:readme-rules-table && npm run sync:presets-rules-matrix && npm run docs:check-links && npm pack --dry-run",
179
+ "release:verify": "npm run build && npm run docs:api && npm run lint && npm run typecheck && npm run test && npm run sync:readme-rules-table && npm run sync:presets-rules-matrix && npm run docs:check-links && npm pack --dry-run",
178
180
  "remark:fix": "remark --rc-path .remarkrc.mjs --silently-ignore --ignore-path .remarkignore --frail --quiet --output -- \"*.{md,mdx}\" \"docs/**/*.{md,mdx}\"",
179
181
  "remark:test-config": "remark --rc-path .remarkrc.mjs --silently-ignore --ignore-path .remarkignore --frail \"README.md\"",
180
182
  "sync:node-version-files": "node scripts/sync-node-version-files.mjs",
@@ -210,6 +212,7 @@
210
212
  "typecheck": "tsc -p tsconfig.json --noEmit && tsc -p tsconfig.build.json --noEmit && tsc -p tsconfig.eslint.json --noEmit && tsc -p tsconfig.js.json --noEmit && npm run --workspace docs/docusaurus typecheck",
211
213
  "typecheck:all": "npm run typecheck",
212
214
  "types:update": "typesync",
215
+ "update-actions": "npx actions-up --yes --style sha",
213
216
  "update-deps": "npx ncu -i --install never && npm update --workspaces --force && npm install --force && npm run sync:peer-eslint-range && npm run sync:node-version-files && npm run sync:rules:write",
214
217
  "verify:readme-rules-table": "npm run build && npm run sync:readme-rules-table"
215
218
  },
@@ -218,21 +221,21 @@
218
221
  },
219
222
  "dependencies": {
220
223
  "@types/eslint-plugin-security": "^3.0.1",
221
- "@typescript-eslint/eslint-plugin": "^8.59.3",
222
- "@typescript-eslint/parser": "^8.59.3",
223
- "@typescript-eslint/type-utils": "^8.59.3",
224
- "@typescript-eslint/utils": "^8.59.3",
225
- "eslint-plugin-n": "^18.0.1",
226
- "eslint-plugin-security": "^3.0.1",
224
+ "@typescript-eslint/eslint-plugin": "^8.61.1",
225
+ "@typescript-eslint/parser": "^8.61.1",
226
+ "@typescript-eslint/type-utils": "^8.61.1",
227
+ "@typescript-eslint/utils": "^8.61.1",
228
+ "eslint-plugin-n": "^18.1.0",
229
+ "eslint-plugin-security": "^4.0.1",
227
230
  "ts-extras": "^1.0.0",
228
- "type-fest": "^5.6.0"
231
+ "type-fest": "^5.7.0"
229
232
  },
230
233
  "devDependencies": {
231
- "@arethetypeswrong/cli": "^0.18.2",
234
+ "@arethetypeswrong/cli": "^0.18.3",
232
235
  "@csstools/stylelint-formatter-github": "^2.0.0",
233
236
  "@double-great/remark-lint-alt-text": "^1.1.1",
234
237
  "@eslint/compat": "^2.1.0",
235
- "@eslint/config-inspector": "^3.0.2",
238
+ "@eslint/config-inspector": "^3.0.4",
236
239
  "@microsoft/tsdoc-config": "^0.18.1",
237
240
  "@stryker-ignorer/console-all": "^0.3.2",
238
241
  "@stryker-mutator/core": "^9.6.1",
@@ -240,63 +243,68 @@
240
243
  "@stryker-mutator/vitest-runner": "^9.6.1",
241
244
  "@types/htmlhint": "^1.1.5",
242
245
  "@types/madge": "^5.0.3",
243
- "@types/node": "^25.7.0",
246
+ "@types/node": "^25.9.3",
244
247
  "@types/sloc": "^0.2.3",
245
- "@typescript-eslint/rule-tester": "^8.59.3",
246
- "@vitest/coverage-v8": "^4.1.6",
247
- "@vitest/ui": "^4.1.6",
248
+ "@typescript-eslint/rule-tester": "^8.61.1",
249
+ "@vitest/coverage-v8": "^4.1.9",
250
+ "@vitest/ui": "^4.1.9",
248
251
  "actionlint": "^2.0.6",
249
252
  "all-contributors-cli": "^6.26.1",
250
- "cognitive-complexity-ts": "^0.8.1",
251
- "commitlint": "^21.0.1",
253
+ "cognitive-complexity-ts": "^0.8.2",
254
+ "commitlint": "^21.0.2",
252
255
  "commitlint-config-gitmoji": "^2.3.1",
253
256
  "cross-env": "^10.1.0",
254
257
  "detect-secrets": "^1.0.6",
255
- "eslint": "^10.3.0",
256
- "eslint-config-nick2bad4u": "^1.0.16",
258
+ "eslint": "^10.5.0",
259
+ "eslint-config-nick2bad4u": "^2.0.2",
257
260
  "eslint-formatter-unix": "^9.0.1",
258
261
  "eslint-rule-benchmark": "^0.8.0",
259
262
  "fast-check": "^4.8.0",
260
263
  "git-cliff": "^2.13.1",
264
+ "gitleaks-config-nick2bad4u": "^1.0.2",
261
265
  "gitleaks-secret-scanner": "^2.1.1",
262
266
  "htmlhint": "^1.9.2",
263
- "jscpd": "^4.1.1",
264
- "knip": "^6.13.1",
267
+ "jscpd": "^5.0.10",
268
+ "knip": "^6.17.1",
265
269
  "leasot": "^14.4.0",
266
270
  "madge": "^8.0.0",
267
271
  "markdown-link-check": "^3.14.2",
268
- "npm-check-updates": "^22.2.0",
269
- "npm-package-json-lint": "^10.4.0",
272
+ "npm-check-updates": "^22.2.3",
273
+ "npm-package-json-lint": "^10.4.1",
274
+ "npm-package-json-lint-config-nick2bad4u": "^1.0.3",
270
275
  "picocolors": "^1.1.1",
271
- "prettier": "^3.8.3",
272
- "prettier-config-nick2bad4u": "^1.0.12",
276
+ "prettier": "^3.8.4",
277
+ "prettier-config-nick2bad4u": "^1.0.17",
273
278
  "publint": "^0.3.21",
274
279
  "rehype-katex": "^7.0.1",
275
280
  "remark": "^15.0.1",
276
281
  "remark-cli": "^12.0.1",
277
- "remark-config-nick2bad4u": "^1.0.1",
278
- "secretlint": "^13.0.0",
279
- "secretlint-config-nick2bad4u": "^1.0.4",
282
+ "remark-config-nick2bad4u": "^1.0.8",
283
+ "secretlint": "^13.0.2",
284
+ "secretlint-config-nick2bad4u": "^1.1.0",
280
285
  "sloc": "^0.3.2",
281
- "sort-package-json": "^3.6.1",
282
- "stylelint": "^17.11.0",
283
- "stylelint-config-nick2bad4u": "^1.0.10",
286
+ "sort-package-json": "^4.0.0",
287
+ "stylelint": "^17.13.0",
288
+ "stylelint-config-nick2bad4u": "^1.0.19",
284
289
  "ts-unused-exports": "^11.0.1",
290
+ "tsdoc-config-nick2bad4u": "^1.0.5",
285
291
  "typedoc": "^0.28.19",
292
+ "typedoc-config-nick2bad4u": "^2.0.0",
286
293
  "typescript": "^6.0.3",
287
- "typescript-eslint": "^8.59.3",
294
+ "typescript-eslint": "^8.61.1",
288
295
  "typesync": "^0.14.3",
289
296
  "vfile": "^6.0.3",
290
- "vite": "^8.0.12",
297
+ "vite": "^8.0.16",
291
298
  "vite-tsconfig-paths": "^6.1.1",
292
- "vitest": "^4.1.6",
299
+ "vitest": "^4.1.9",
300
+ "yamllint-config-nick2bad4u": "^1.0.2",
293
301
  "yamllint-js": "^0.2.4"
294
302
  },
295
303
  "peerDependencies": {
296
- "eslint": "^9.0.0 || ^10.3.0",
304
+ "eslint": "^9.0.0 || ^10.5.0",
297
305
  "typescript": ">=5.0.0"
298
306
  },
299
- "packageManager": "npm@11.14.1",
307
+ "packageManager": "npm@11.17.0",
300
308
  "engines": {
301
309
  "node": ">=20.19.0"
302
310
  },