eslint-plugin-sdl-2 1.2.5 → 1.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +81 -873
- package/dist/_internal/config-references.d.ts +2 -1
- package/dist/_internal/config-references.d.ts.map +1 -1
- package/dist/_internal/config-references.js.map +1 -1
- package/dist/_internal/electron-web-preferences.d.ts.map +1 -1
- package/dist/_internal/electron-web-preferences.js +1 -3
- package/dist/_internal/electron-web-preferences.js.map +1 -1
- package/dist/plugin.cjs +600 -639
- package/dist/plugin.cjs.map +3 -3
- package/dist/rules/no-angular-bypass-sanitizer.d.ts.map +1 -1
- package/dist/rules/no-angular-bypass-sanitizer.js +8 -10
- package/dist/rules/no-angular-bypass-sanitizer.js.map +1 -1
- package/dist/rules/no-angular-bypass-security-trust-html.d.ts.map +1 -1
- package/dist/rules/no-angular-bypass-security-trust-html.js +14 -17
- package/dist/rules/no-angular-bypass-security-trust-html.js.map +1 -1
- package/dist/rules/no-angular-innerhtml-binding.d.ts.map +1 -1
- package/dist/rules/no-angular-innerhtml-binding.js +30 -32
- package/dist/rules/no-angular-innerhtml-binding.js.map +1 -1
- package/dist/rules/no-angular-sanitization-trusted-urls.d.ts.map +1 -1
- package/dist/rules/no-angular-sanitization-trusted-urls.js +8 -10
- package/dist/rules/no-angular-sanitization-trusted-urls.js.map +1 -1
- package/dist/rules/no-angularjs-ng-bind-html-without-sanitize.d.ts.map +1 -1
- package/dist/rules/no-angularjs-ng-bind-html-without-sanitize.js +36 -38
- package/dist/rules/no-angularjs-ng-bind-html-without-sanitize.js.map +1 -1
- package/dist/rules/no-angularjs-sanitization-whitelist.d.ts.map +1 -1
- package/dist/rules/no-angularjs-sanitization-whitelist.js +8 -10
- package/dist/rules/no-angularjs-sanitization-whitelist.js.map +1 -1
- package/dist/rules/no-document-parse-html-unsafe.d.ts.map +1 -1
- package/dist/rules/no-document-parse-html-unsafe.js +6 -3
- package/dist/rules/no-document-parse-html-unsafe.js.map +1 -1
- package/dist/rules/no-dynamic-import-unsafe-url.d.ts.map +1 -1
- package/dist/rules/no-dynamic-import-unsafe-url.js +11 -13
- package/dist/rules/no-dynamic-import-unsafe-url.js.map +1 -1
- package/dist/rules/no-electron-allow-running-insecure-content.d.ts.map +1 -1
- package/dist/rules/no-electron-allow-running-insecure-content.js +4 -6
- package/dist/rules/no-electron-allow-running-insecure-content.js.map +1 -1
- package/dist/rules/no-electron-disable-context-isolation.d.ts.map +1 -1
- package/dist/rules/no-electron-disable-context-isolation.js +4 -6
- package/dist/rules/no-electron-disable-context-isolation.js.map +1 -1
- package/dist/rules/no-electron-disable-sandbox.d.ts.map +1 -1
- package/dist/rules/no-electron-disable-sandbox.js +4 -6
- package/dist/rules/no-electron-disable-sandbox.js.map +1 -1
- package/dist/rules/no-electron-disable-web-security.d.ts.map +1 -1
- package/dist/rules/no-electron-disable-web-security.js +4 -6
- package/dist/rules/no-electron-disable-web-security.js.map +1 -1
- package/dist/rules/no-electron-enable-remote-module.d.ts.map +1 -1
- package/dist/rules/no-electron-enable-remote-module.js +4 -6
- package/dist/rules/no-electron-enable-remote-module.js.map +1 -1
- package/dist/rules/no-electron-enable-webview-tag.d.ts.map +1 -1
- package/dist/rules/no-electron-enable-webview-tag.js +4 -6
- package/dist/rules/no-electron-enable-webview-tag.js.map +1 -1
- package/dist/rules/no-electron-experimental-features.d.ts.map +1 -1
- package/dist/rules/no-electron-experimental-features.js +4 -6
- package/dist/rules/no-electron-experimental-features.js.map +1 -1
- package/dist/rules/no-electron-node-integration.d.ts.map +1 -1
- package/dist/rules/no-electron-node-integration.js +27 -29
- package/dist/rules/no-electron-node-integration.js.map +1 -1
- package/dist/rules/no-electron-webview-allowpopups.d.ts.map +1 -1
- package/dist/rules/no-electron-webview-allowpopups.js +21 -25
- package/dist/rules/no-electron-webview-allowpopups.js.map +1 -1
- package/dist/rules/no-electron-webview-insecure-webpreferences.d.ts.map +1 -1
- package/dist/rules/no-electron-webview-insecure-webpreferences.js +28 -30
- package/dist/rules/no-electron-webview-insecure-webpreferences.js.map +1 -1
- package/dist/rules/no-electron-webview-node-integration.d.ts.map +1 -1
- package/dist/rules/no-electron-webview-node-integration.js +27 -31
- package/dist/rules/no-electron-webview-node-integration.js.map +1 -1
- package/dist/rules/no-inner-html.js +3 -3
- package/dist/rules/no-inner-html.js.map +1 -1
- package/dist/rules/no-insecure-random.js +1 -1
- package/dist/rules/no-insecure-random.js.map +1 -1
- package/dist/rules/no-insecure-tls-agent-options.d.ts.map +1 -1
- package/dist/rules/no-insecure-tls-agent-options.js +20 -22
- package/dist/rules/no-insecure-tls-agent-options.js.map +1 -1
- package/dist/rules/no-insecure-url.js +8 -8
- package/dist/rules/no-insecure-url.js.map +1 -1
- package/dist/rules/no-message-event-without-origin-check.js +19 -19
- package/dist/rules/no-message-event-without-origin-check.js.map +1 -1
- package/dist/rules/no-msapp-exec-unsafe.d.ts.map +1 -1
- package/dist/rules/no-msapp-exec-unsafe.js +8 -10
- package/dist/rules/no-msapp-exec-unsafe.js.map +1 -1
- package/dist/rules/no-node-tls-check-server-identity-bypass.d.ts.map +1 -1
- package/dist/rules/no-node-tls-check-server-identity-bypass.js +29 -32
- package/dist/rules/no-node-tls-check-server-identity-bypass.js.map +1 -1
- package/dist/rules/no-node-tls-legacy-protocol.d.ts.map +1 -1
- package/dist/rules/no-node-tls-legacy-protocol.js +51 -50
- package/dist/rules/no-node-tls-legacy-protocol.js.map +1 -1
- package/dist/rules/no-node-tls-reject-unauthorized-zero.d.ts.map +1 -1
- package/dist/rules/no-node-tls-reject-unauthorized-zero.js +28 -30
- package/dist/rules/no-node-tls-reject-unauthorized-zero.js.map +1 -1
- package/dist/rules/no-node-tls-security-level-zero.d.ts.map +1 -1
- package/dist/rules/no-node-tls-security-level-zero.js +37 -39
- package/dist/rules/no-node-tls-security-level-zero.js.map +1 -1
- package/dist/rules/no-nonnull-assertion-on-security-input.d.ts.map +1 -1
- package/dist/rules/no-nonnull-assertion-on-security-input.js +11 -13
- package/dist/rules/no-nonnull-assertion-on-security-input.js.map +1 -1
- package/dist/rules/no-postmessage-star-origin.d.ts.map +1 -1
- package/dist/rules/no-postmessage-star-origin.js +1 -3
- package/dist/rules/no-postmessage-star-origin.js.map +1 -1
- package/dist/rules/no-script-text.d.ts.map +1 -1
- package/dist/rules/no-script-text.js +6 -3
- package/dist/rules/no-script-text.js.map +1 -1
- package/dist/rules/no-unsafe-cast-to-trusted-types.d.ts.map +1 -1
- package/dist/rules/no-unsafe-cast-to-trusted-types.js +26 -28
- package/dist/rules/no-unsafe-cast-to-trusted-types.js.map +1 -1
- package/dist/rules/no-winjs-html-unsafe.d.ts.map +1 -1
- package/dist/rules/no-winjs-html-unsafe.js +8 -10
- package/dist/rules/no-winjs-html-unsafe.js.map +1 -1
- package/docs/rules/no-child-process-exec.md +1 -1
- package/docs/rules/no-child-process-shell-true.md +1 -1
- package/docs/rules/no-msapp-exec-unsafe.md +1 -1
- package/docs/rules/no-winjs-html-unsafe.md +1 -1
- package/package.json +49 -41
|
@@ -10,8 +10,8 @@ const isNodeLike = (value) => isUnknownRecord(value) &&
|
|
|
10
10
|
keyIn(value, "type") &&
|
|
11
11
|
typeof value["type"] === "string";
|
|
12
12
|
const toNode = (value) => isNodeLike(value) ? value : undefined;
|
|
13
|
-
const
|
|
14
|
-
if (
|
|
13
|
+
const hasDescendantNode = (node, hasMatchingNode) => {
|
|
14
|
+
if (hasMatchingNode(node)) {
|
|
15
15
|
return true;
|
|
16
16
|
}
|
|
17
17
|
for (const [propertyName, propertyValue] of objectEntries(node)) {
|
|
@@ -22,7 +22,7 @@ const someDescendantNode = (node, predicate) => {
|
|
|
22
22
|
for (const element of propertyValue) {
|
|
23
23
|
const childNode = toNode(element);
|
|
24
24
|
if (childNode !== undefined &&
|
|
25
|
-
|
|
25
|
+
hasDescendantNode(childNode, hasMatchingNode)) {
|
|
26
26
|
return true;
|
|
27
27
|
}
|
|
28
28
|
}
|
|
@@ -30,7 +30,7 @@ const someDescendantNode = (node, predicate) => {
|
|
|
30
30
|
}
|
|
31
31
|
const childNode = toNode(propertyValue);
|
|
32
32
|
if (childNode !== undefined &&
|
|
33
|
-
|
|
33
|
+
hasDescendantNode(childNode, hasMatchingNode)) {
|
|
34
34
|
return true;
|
|
35
35
|
}
|
|
36
36
|
}
|
|
@@ -39,27 +39,27 @@ const someDescendantNode = (node, predicate) => {
|
|
|
39
39
|
const isIdentifierNamed = (node, identifierName) => node.type === AST_NODE_TYPES.Identifier && node.name === identifierName;
|
|
40
40
|
const isStaticPropertyMatch = (memberExpression, objectName, propertyName) => isIdentifierNamed(memberExpression.object, objectName) &&
|
|
41
41
|
getMemberPropertyName(memberExpression) === propertyName;
|
|
42
|
-
const
|
|
42
|
+
const hasPatternProperty = (pattern, propertyName) => pattern.properties.some((propertyNode) => {
|
|
43
43
|
if (propertyNode.type !== AST_NODE_TYPES.Property) {
|
|
44
44
|
return false;
|
|
45
45
|
}
|
|
46
46
|
return getPropertyName(propertyNode) === propertyName;
|
|
47
47
|
});
|
|
48
|
-
const
|
|
48
|
+
const hasObjectDestructureFromIdentifier = (rootNode, sourceName, propertyName) => hasDescendantNode(rootNode, (node) => {
|
|
49
49
|
if (node.type === AST_NODE_TYPES.VariableDeclarator) {
|
|
50
50
|
return (node.id.type === AST_NODE_TYPES.ObjectPattern &&
|
|
51
51
|
node.init !== null &&
|
|
52
52
|
isIdentifierNamed(node.init, sourceName) &&
|
|
53
|
-
|
|
53
|
+
hasPatternProperty(node.id, propertyName));
|
|
54
54
|
}
|
|
55
55
|
if (node.type !== AST_NODE_TYPES.AssignmentExpression) {
|
|
56
56
|
return false;
|
|
57
57
|
}
|
|
58
58
|
return (node.left.type === AST_NODE_TYPES.ObjectPattern &&
|
|
59
59
|
isIdentifierNamed(node.right, sourceName) &&
|
|
60
|
-
|
|
60
|
+
hasPatternProperty(node.left, propertyName));
|
|
61
61
|
});
|
|
62
|
-
const
|
|
62
|
+
const hasMemberPropertyAccess = (rootNode, objectName, propertyName) => hasDescendantNode(rootNode, (node) => node.type === AST_NODE_TYPES.MemberExpression
|
|
63
63
|
? isStaticPropertyMatch(node, objectName, propertyName)
|
|
64
64
|
: false);
|
|
65
65
|
const hasObjectPatternProperty = (objectPattern, propertyName) => objectPattern.properties.some((propertyNode) => {
|
|
@@ -68,17 +68,17 @@ const hasObjectPatternProperty = (objectPattern, propertyName) => objectPattern.
|
|
|
68
68
|
}
|
|
69
69
|
return getPropertyName(propertyNode) === propertyName;
|
|
70
70
|
});
|
|
71
|
-
const
|
|
72
|
-
|
|
73
|
-
const
|
|
71
|
+
const hasCallbackMessageDataUsage = (callbackNode, eventParameterName) => hasMemberPropertyAccess(callbackNode.body, eventParameterName, "data") ||
|
|
72
|
+
hasObjectDestructureFromIdentifier(callbackNode.body, eventParameterName, "data");
|
|
73
|
+
const hasCallbackOriginValidation = (callbackNode, context, eventParameterName) => {
|
|
74
74
|
const callbackSourceText = context.sourceCode.getText(callbackNode);
|
|
75
|
-
return (
|
|
76
|
-
|
|
75
|
+
return (hasMemberPropertyAccess(callbackNode.body, eventParameterName, "origin") ||
|
|
76
|
+
hasObjectDestructureFromIdentifier(callbackNode.body, eventParameterName, "origin") ||
|
|
77
77
|
hasMessageEventGuardKeywords(callbackSourceText));
|
|
78
78
|
};
|
|
79
|
-
const
|
|
80
|
-
!
|
|
81
|
-
const
|
|
79
|
+
const shouldReportIdentifierCallback = (callbackNode, context, eventParameter) => hasCallbackMessageDataUsage(callbackNode, eventParameter.name) &&
|
|
80
|
+
!hasCallbackOriginValidation(callbackNode, context, eventParameter.name);
|
|
81
|
+
const shouldReportObjectPatternCallback = (callbackNode, context, eventParameter) => {
|
|
82
82
|
if (!hasObjectPatternProperty(eventParameter, "data")) {
|
|
83
83
|
return false;
|
|
84
84
|
}
|
|
@@ -94,10 +94,10 @@ const shouldReportMessageEventCallback = (callbackNode, context) => {
|
|
|
94
94
|
return false;
|
|
95
95
|
}
|
|
96
96
|
if (firstParameter.type === AST_NODE_TYPES.Identifier) {
|
|
97
|
-
return
|
|
97
|
+
return shouldReportIdentifierCallback(callbackNode, context, firstParameter);
|
|
98
98
|
}
|
|
99
99
|
if (firstParameter.type === AST_NODE_TYPES.ObjectPattern) {
|
|
100
|
-
return
|
|
100
|
+
return shouldReportObjectPatternCallback(callbackNode, context, firstParameter);
|
|
101
101
|
}
|
|
102
102
|
return false;
|
|
103
103
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-message-event-without-origin-check.js","sourceRoot":"","sources":["../../src/rules/no-message-event-without-origin-check.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAEjD,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EACH,qBAAqB,EACrB,eAAe,EACf,oBAAoB,GACvB,MAAM,8BAA8B,CAAC;AAStC,MAAM,oBAAoB,GAAG,CACzB,UAAmC,EACL,EAAE,CAChC,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,uBAAuB;IAC1D,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,kBAAkB,CAAC;AAE1D,MAAM,4BAA4B,GAAG,CAAC,YAAoB,EAAW,EAAE,CACnE,8DAA8D,CAAC,IAAI,CAC/D,YAAY,CACf,CAAC;AAEN,MAAM,eAAe,GAAG,CAAC,KAAc,EAA0B,EAAE,CAC/D,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,CAAC;AAEhD,MAAM,UAAU,GAAG,CAAC,KAAc,EAAoC,EAAE,CACpE,eAAe,CAAC,KAAK,CAAC;IACtB,KAAK,CAAC,KAAK,EAAE,MAAM,CAAC;IACpB,OAAO,KAAK,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC;AAEtC,MAAM,MAAM,GAAG,CAAC,KAAc,EAAuC,EAAE,CACnE,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAE1C,MAAM,
|
|
1
|
+
{"version":3,"file":"no-message-event-without-origin-check.js","sourceRoot":"","sources":["../../src/rules/no-message-event-without-origin-check.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAEjD,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EACH,qBAAqB,EACrB,eAAe,EACf,oBAAoB,GACvB,MAAM,8BAA8B,CAAC;AAStC,MAAM,oBAAoB,GAAG,CACzB,UAAmC,EACL,EAAE,CAChC,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,uBAAuB;IAC1D,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,kBAAkB,CAAC;AAE1D,MAAM,4BAA4B,GAAG,CAAC,YAAoB,EAAW,EAAE,CACnE,8DAA8D,CAAC,IAAI,CAC/D,YAAY,CACf,CAAC;AAEN,MAAM,eAAe,GAAG,CAAC,KAAc,EAA0B,EAAE,CAC/D,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,CAAC;AAEhD,MAAM,UAAU,GAAG,CAAC,KAAc,EAAoC,EAAE,CACpE,eAAe,CAAC,KAAK,CAAC;IACtB,KAAK,CAAC,KAAK,EAAE,MAAM,CAAC;IACpB,OAAO,KAAK,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC;AAEtC,MAAM,MAAM,GAAG,CAAC,KAAc,EAAuC,EAAE,CACnE,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAE1C,MAAM,iBAAiB,GAAG,CACtB,IAA6B,EAC7B,eAA2D,EACpD,EAAE;IACT,IAAI,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,KAAK,MAAM,CAAC,YAAY,EAAE,aAAa,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9D,IAAI,YAAY,KAAK,QAAQ,EAAE,CAAC;YAC5B,SAAS;QACb,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC;YAC/B,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;gBAClC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;gBAElC,IACI,SAAS,KAAK,SAAS;oBACvB,iBAAiB,CAAC,SAAS,EAAE,eAAe,CAAC,EAC/C,CAAC;oBACC,OAAO,IAAI,CAAC;gBAChB,CAAC;YACL,CAAC;YAED,SAAS;QACb,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,CAAC,aAAa,CAAC,CAAC;QAExC,IACI,SAAS,KAAK,SAAS;YACvB,iBAAiB,CAAC,SAAS,EAAE,eAAe,CAAC,EAC/C,CAAC;YACC,OAAO,IAAI,CAAC;QAChB,CAAC;IACL,CAAC;IAED,OAAO,KAAK,CAAC;AACjB,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACtB,IAA6B,EAC7B,cAAsB,EACK,EAAE,CAC7B,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC;AAE5E,MAAM,qBAAqB,GAAG,CAC1B,gBAAqD,EACrD,UAAkB,EAClB,YAAoB,EACb,EAAE,CACT,iBAAiB,CAAC,gBAAgB,CAAC,MAAM,EAAE,UAAU,CAAC;IACtD,qBAAqB,CAAC,gBAAgB,CAAC,KAAK,YAAY,CAAC;AAE7D,MAAM,kBAAkB,GAAG,CACvB,OAAyC,EACzC,YAAoB,EACb,EAAE,CACT,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,EAAE;IACrC,IAAI,YAAY,CAAC,IAAI,KAAK,cAAc,CAAC,QAAQ,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,eAAe,CAAC,YAAY,CAAC,KAAK,YAAY,CAAC;AAC1D,CAAC,CAAC,CAAC;AAEP,MAAM,kCAAkC,GAAG,CACvC,QAAiC,EACjC,UAAkB,EAClB,YAAoB,EACb,EAAE,CACT,iBAAiB,CAAC,QAAQ,EAAE,CAAC,IAAI,EAAE,EAAE;IACjC,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,kBAAkB,EAAE,CAAC;QAClD,OAAO,CACH,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa;YAC7C,IAAI,CAAC,IAAI,KAAK,IAAI;YAClB,iBAAiB,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC;YACxC,kBAAkB,CAAC,IAAI,CAAC,EAAE,EAAE,YAAY,CAAC,CAC5C,CAAC;IACN,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,oBAAoB,EAAE,CAAC;QACpD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,CACH,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa;QAC/C,iBAAiB,CAAC,IAAI,CAAC,KAAK,EAAE,UAAU,CAAC;QACzC,kBAAkB,CAAC,IAAI,CAAC,IAAI,EAAE,YAAY,CAAC,CAC9C,CAAC;AACN,CAAC,CAAC,CAAC;AAEP,MAAM,uBAAuB,GAAG,CAC5B,QAAiC,EACjC,UAAkB,EAClB,YAAoB,EACb,EAAE,CACT,iBAAiB,CAAC,QAAQ,EAAE,CAAC,IAAI,EAAE,EAAE,CACjC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,gBAAgB;IACzC,CAAC,CAAC,qBAAqB,CAAC,IAAI,EAAE,UAAU,EAAE,YAAY,CAAC;IACvD,CAAC,CAAC,KAAK,CACd,CAAC;AAEN,MAAM,wBAAwB,GAAG,CAC7B,aAAqC,EACrC,YAAoB,EACb,EAAE,CACT,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,EAAE;IAC3C,IAAI,YAAY,CAAC,IAAI,KAAK,cAAc,CAAC,QAAQ,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,eAAe,CAAC,YAAY,CAAC,KAAK,YAAY,CAAC;AAC1D,CAAC,CAAC,CAAC;AAEP,MAAM,2BAA2B,GAAG,CAChC,YAA8B,EAC9B,kBAA0B,EACnB,EAAE,CACT,uBAAuB,CAAC,YAAY,CAAC,IAAI,EAAE,kBAAkB,EAAE,MAAM,CAAC;IACtE,kCAAkC,CAC9B,YAAY,CAAC,IAAI,EACjB,kBAAkB,EAClB,MAAM,CACT,CAAC;AAEN,MAAM,2BAA2B,GAAG,CAChC,YAA8B,EAC9B,OAAoB,EACpB,kBAA0B,EACnB,EAAE;IACT,MAAM,kBAAkB,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IAEpE,OAAO,CACH,uBAAuB,CACnB,YAAY,CAAC,IAAI,EACjB,kBAAkB,EAClB,QAAQ,CACX;QACD,kCAAkC,CAC9B,YAAY,CAAC,IAAI,EACjB,kBAAkB,EAClB,QAAQ,CACX;QACD,4BAA4B,CAAC,kBAAkB,CAAC,CACnD,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,8BAA8B,GAAG,CACnC,YAA8B,EAC9B,OAAoB,EACpB,cAAmC,EAC5B,EAAE,CACT,2BAA2B,CAAC,YAAY,EAAE,cAAc,CAAC,IAAI,CAAC;IAC9D,CAAC,2BAA2B,CAAC,YAAY,EAAE,OAAO,EAAE,cAAc,CAAC,IAAI,CAAC,CAAC;AAE7E,MAAM,iCAAiC,GAAG,CACtC,YAA8B,EAC9B,OAAoB,EACpB,cAAsC,EAC/B,EAAE;IACT,IAAI,CAAC,wBAAwB,CAAC,cAAc,EAAE,MAAM,CAAC,EAAE,CAAC;QACpD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,wBAAwB,CAAC,cAAc,EAAE,QAAQ,CAAC,EAAE,CAAC;QACrD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,CAAC,4BAA4B,CAChC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,YAAY,CAAC,CAC3C,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,gCAAgC,GAAG,CACrC,YAA8B,EAC9B,OAAoB,EACb,EAAE;IACT,MAAM,CAAC,cAAc,CAAC,GAAG,YAAY,CAAC,MAAM,CAAC;IAE7C,IACI,cAAc,KAAK,SAAS;QAC5B,cAAc,CAAC,IAAI,KAAK,cAAc,CAAC,WAAW,EACpD,CAAC;QACC,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,cAAc,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU,EAAE,CAAC;QACpD,OAAO,8BAA8B,CACjC,YAAY,EACZ,OAAO,EACP,cAAc,CACjB,CAAC;IACN,CAAC;IAED,IAAI,cAAc,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa,EAAE,CAAC;QACvD,OAAO,iCAAiC,CACpC,YAAY,EACZ,OAAO,EACP,cAAc,CACjB,CAAC;IACN,CAAC;IAED,OAAO,KAAK,CAAC;AACjB,CAAC,CAAC;AAEF,MAAM,0BAA0B,GAAG,CAAC,IAA6B,EAAW,EAAE;IAC1E,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,cAAc,CAAC,gBAAgB,EAAE,CAAC;QACvD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,kBAAkB,EAAE,CAAC;QAC5D,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC;IAEvC,OAAO,CACH,aAAa,KAAK,SAAS;QAC3B,aAAa,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa;QACnD,oBAAoB,CAAC,aAAa,CAAC,KAAK,SAAS,CACpD,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,IAAmC,EAAW,EAAE,CAC3E,IAAI,CAAC,QAAQ,KAAK,GAAG;IACrB,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,gBAAgB;IAClD,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,WAAW,CAAC;AAErD,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAiB;IACnE,MAAM,CAAC,OAAO;QACV,OAAO;YACH,oBAAoB,CAAC,IAAmC;gBACpD,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC/B,OAAO;gBACX,CAAC;gBAED,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;oBACpC,OAAO;gBACX,CAAC;gBAED,IAAI,CAAC,gCAAgC,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,CAAC;oBACzD,OAAO;gBACX,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,SAAS,EAAE,SAAS;oBACpB,IAAI,EAAE,IAAI,CAAC,KAAK;iBACnB,CAAC,CAAC;YACP,CAAC;YACD,cAAc,CAAC,IAA6B;gBACxC,IAAI,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,CAAC;oBACpC,OAAO;gBACX,CAAC;gBAED,MAAM,CAAC,EAAE,cAAc,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC;gBAE1C,IACI,cAAc,KAAK,SAAS;oBAC5B,cAAc,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa,EACtD,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,IAAI,CAAC,oBAAoB,CAAC,cAAc,CAAC,EAAE,CAAC;oBACxC,OAAO;gBACX,CAAC;gBAED,IACI,CAAC,gCAAgC,CAAC,cAAc,EAAE,OAAO,CAAC,EAC5D,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,SAAS,EAAE,SAAS;oBACpB,IAAI,EAAE,cAAc;iBACvB,CAAC,CAAC;YACP,CAAC;SACJ,CAAC;IACN,CAAC;IACD,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,yFAAyF;YAC7F,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,mGAAmG;SAC3G;QACD,QAAQ,EAAE;YACN,OAAO,EACH,kFAAkF;SACzF;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,uCAAuC;CAChD,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-msapp-exec-unsafe.d.ts","sourceRoot":"","sources":["../../src/rules/no-msapp-exec-unsafe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,
|
|
1
|
+
{"version":3,"file":"no-msapp-exec-unsafe.d.ts","sourceRoot":"","sources":["../../src/rules/no-msapp-exec-unsafe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA2BtC,CAAC;AAEH,eAAe,IAAI,CAAC"}
|
|
@@ -1,16 +1,14 @@
|
|
|
1
1
|
import { createRule } from "../_internal/create-rule.js";
|
|
2
2
|
/** Rule implementation. */
|
|
3
3
|
const rule = createRule({
|
|
4
|
-
create(context) {
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
};
|
|
13
|
-
},
|
|
4
|
+
create: (context) => ({
|
|
5
|
+
"CallExpression[arguments.length=1][callee.object.name='MSApp'][callee.property.name='execUnsafeLocalFunction']"(node) {
|
|
6
|
+
context.report({
|
|
7
|
+
messageId: "default",
|
|
8
|
+
node,
|
|
9
|
+
});
|
|
10
|
+
},
|
|
11
|
+
}),
|
|
14
12
|
meta: {
|
|
15
13
|
deprecated: false,
|
|
16
14
|
docs: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-msapp-exec-unsafe.js","sourceRoot":"","sources":["../../src/rules/no-msapp-exec-unsafe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAgB;IAClE,MAAM,CAAC,OAAO
|
|
1
|
+
{"version":3,"file":"no-msapp-exec-unsafe.js","sourceRoot":"","sources":["../../src/rules/no-msapp-exec-unsafe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAgB;IAClE,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAClB,gHAAgH,CAC5G,IAAI;YAEJ,OAAO,CAAC,MAAM,CAAC;gBACX,SAAS,EAAE,SAAS;gBACpB,IAAI;aACP,CAAC,CAAC;QACP,CAAC;KACJ,CAAC;IACF,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,oFAAoF;YACxF,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,kFAAkF;SAC1F;QACD,QAAQ,EAAE;YACN,OAAO,EAAE,4CAA4C;SACxD;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,sBAAsB;CAC/B,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-node-tls-check-server-identity-bypass.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-check-server-identity-bypass.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAsEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,
|
|
1
|
+
{"version":3,"file":"no-node-tls-check-server-identity-bypass.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-check-server-identity-bypass.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAsEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA6DtC,CAAC;AAEH,eAAe,IAAI,CAAC"}
|
|
@@ -38,42 +38,39 @@ const isAlwaysSuccessfulCheckServerIdentity = (callbackNode) => {
|
|
|
38
38
|
};
|
|
39
39
|
/** Rule implementation. */
|
|
40
40
|
const rule = createRule({
|
|
41
|
-
create(context) {
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
41
|
+
create: (context) => ({
|
|
42
|
+
AssignmentExpression(node) {
|
|
43
|
+
if (node.operator !== "=" ||
|
|
44
|
+
!isNodeTlsStaticMember(node.left, CHECK_SERVER_IDENTITY_PROPERTY_NAMES) ||
|
|
45
|
+
!isFunctionExpression(node.right) ||
|
|
46
|
+
!isAlwaysSuccessfulCheckServerIdentity(node.right)) {
|
|
47
|
+
return;
|
|
48
|
+
}
|
|
49
|
+
context.report({
|
|
50
|
+
messageId: "default",
|
|
51
|
+
node: node.right,
|
|
52
|
+
});
|
|
53
|
+
},
|
|
54
|
+
ObjectExpression(node) {
|
|
55
|
+
if (!isRelevantNodeTlsOptionsObject(node)) {
|
|
56
|
+
return;
|
|
57
|
+
}
|
|
58
|
+
for (const propertyNode of node.properties) {
|
|
59
|
+
if (propertyNode.type !== AST_NODE_TYPES.Property ||
|
|
60
|
+
propertyNode.kind !== "init" ||
|
|
61
|
+
getPropertyName(propertyNode) !== "checkServerIdentity" ||
|
|
62
|
+
!isExpressionNode(propertyNode.value) ||
|
|
63
|
+
!isFunctionExpression(propertyNode.value) ||
|
|
64
|
+
!isAlwaysSuccessfulCheckServerIdentity(propertyNode.value)) {
|
|
65
|
+
continue;
|
|
49
66
|
}
|
|
50
67
|
context.report({
|
|
51
68
|
messageId: "default",
|
|
52
|
-
node:
|
|
69
|
+
node: propertyNode.value,
|
|
53
70
|
});
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
return;
|
|
58
|
-
}
|
|
59
|
-
for (const propertyNode of node.properties) {
|
|
60
|
-
if (propertyNode.type !== AST_NODE_TYPES.Property ||
|
|
61
|
-
propertyNode.kind !== "init" ||
|
|
62
|
-
getPropertyName(propertyNode) !==
|
|
63
|
-
"checkServerIdentity" ||
|
|
64
|
-
!isExpressionNode(propertyNode.value) ||
|
|
65
|
-
!isFunctionExpression(propertyNode.value) ||
|
|
66
|
-
!isAlwaysSuccessfulCheckServerIdentity(propertyNode.value)) {
|
|
67
|
-
continue;
|
|
68
|
-
}
|
|
69
|
-
context.report({
|
|
70
|
-
messageId: "default",
|
|
71
|
-
node: propertyNode.value,
|
|
72
|
-
});
|
|
73
|
-
}
|
|
74
|
-
},
|
|
75
|
-
};
|
|
76
|
-
},
|
|
71
|
+
}
|
|
72
|
+
},
|
|
73
|
+
}),
|
|
77
74
|
meta: {
|
|
78
75
|
deprecated: false,
|
|
79
76
|
docs: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-node-tls-check-server-identity-bypass.js","sourceRoot":"","sources":["../../src/rules/no-node-tls-check-server-identity-bypass.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAEvC,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EACH,qBAAqB,EACrB,8BAA8B,GACjC,MAAM,iCAAiC,CAAC;AAQzC,MAAM,oCAAoC,GAAG,IAAI,GAAG,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC;AAE9E,MAAM,oBAAoB,GAAG,CACzB,UAA+B,EACU,EAAE,CAC3C,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,uBAAuB;IAC1D,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,kBAAkB,CAAC;AAE1D,MAAM,gBAAgB,GAAG,CAAC,IAAmB,EAA+B,EAAE,CAC1E,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,YAAY;IACzC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,iBAAiB;IAC9C,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa,CAAC;AAE/C,MAAM,kCAAkC,GAAG,CACvC,UAA+B,EACxB,EAAE;IACT,IAAI,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU,EAAE,CAAC;QAChD,OAAO,UAAU,CAAC,IAAI,KAAK,WAAW,CAAC;IAC3C,CAAC;IAED,IAAI,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,OAAO,EAAE,CAAC;QAC7C,OAAO,UAAU,CAAC,KAAK,KAAK,IAAI,CAAC;IACrC,CAAC;IAED,OAAO,CACH,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,eAAe;QAClD,UAAU,CAAC,QAAQ,KAAK,MAAM,CACjC,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,qCAAqC,GAAG,CAC1C,YAAyC,EAClC,EAAE;IACT,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,cAAc,EAAE,CAAC;QAC3D,OAAO,kCAAkC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtC,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,aAAa,GAAG,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEzD,IAAI,aAAa,EAAE,IAAI,KAAK,cAAc,CAAC,eAAe,EAAE,CAAC;QACzD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,CACH,aAAa,CAAC,QAAQ,KAAK,IAAI;QAC/B,kCAAkC,CAAC,aAAa,CAAC,QAAQ,CAAC,CAC7D,CAAC;AACN,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAiB;IACnE,MAAM,CAAC,OAAO
|
|
1
|
+
{"version":3,"file":"no-node-tls-check-server-identity-bypass.js","sourceRoot":"","sources":["../../src/rules/no-node-tls-check-server-identity-bypass.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAEvC,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EACH,qBAAqB,EACrB,8BAA8B,GACjC,MAAM,iCAAiC,CAAC;AAQzC,MAAM,oCAAoC,GAAG,IAAI,GAAG,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC;AAE9E,MAAM,oBAAoB,GAAG,CACzB,UAA+B,EACU,EAAE,CAC3C,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,uBAAuB;IAC1D,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,kBAAkB,CAAC;AAE1D,MAAM,gBAAgB,GAAG,CAAC,IAAmB,EAA+B,EAAE,CAC1E,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,YAAY;IACzC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,iBAAiB;IAC9C,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa,CAAC;AAE/C,MAAM,kCAAkC,GAAG,CACvC,UAA+B,EACxB,EAAE;IACT,IAAI,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU,EAAE,CAAC;QAChD,OAAO,UAAU,CAAC,IAAI,KAAK,WAAW,CAAC;IAC3C,CAAC;IAED,IAAI,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,OAAO,EAAE,CAAC;QAC7C,OAAO,UAAU,CAAC,KAAK,KAAK,IAAI,CAAC;IACrC,CAAC;IAED,OAAO,CACH,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,eAAe;QAClD,UAAU,CAAC,QAAQ,KAAK,MAAM,CACjC,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,qCAAqC,GAAG,CAC1C,YAAyC,EAClC,EAAE;IACT,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,cAAc,EAAE,CAAC;QAC3D,OAAO,kCAAkC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtC,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,aAAa,GAAG,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEzD,IAAI,aAAa,EAAE,IAAI,KAAK,cAAc,CAAC,eAAe,EAAE,CAAC;QACzD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,CACH,aAAa,CAAC,QAAQ,KAAK,IAAI;QAC/B,kCAAkC,CAAC,aAAa,CAAC,QAAQ,CAAC,CAC7D,CAAC;AACN,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAiB;IACnE,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAClB,oBAAoB,CAAC,IAAmC;YACpD,IACI,IAAI,CAAC,QAAQ,KAAK,GAAG;gBACrB,CAAC,qBAAqB,CAClB,IAAI,CAAC,IAAI,EACT,oCAAoC,CACvC;gBACD,CAAC,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC;gBACjC,CAAC,qCAAqC,CAAC,IAAI,CAAC,KAAK,CAAC,EACpD,CAAC;gBACC,OAAO;YACX,CAAC;YAED,OAAO,CAAC,MAAM,CAAC;gBACX,SAAS,EAAE,SAAS;gBACpB,IAAI,EAAE,IAAI,CAAC,KAAK;aACnB,CAAC,CAAC;QACP,CAAC;QACD,gBAAgB,CAAC,IAA+B;YAC5C,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxC,OAAO;YACX,CAAC;YAED,KAAK,MAAM,YAAY,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACzC,IACI,YAAY,CAAC,IAAI,KAAK,cAAc,CAAC,QAAQ;oBAC7C,YAAY,CAAC,IAAI,KAAK,MAAM;oBAC5B,eAAe,CAAC,YAAY,CAAC,KAAK,qBAAqB;oBACvD,CAAC,gBAAgB,CAAC,YAAY,CAAC,KAAK,CAAC;oBACrC,CAAC,oBAAoB,CAAC,YAAY,CAAC,KAAK,CAAC;oBACzC,CAAC,qCAAqC,CAAC,YAAY,CAAC,KAAK,CAAC,EAC5D,CAAC;oBACC,SAAS;gBACb,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,SAAS,EAAE,SAAS;oBACpB,IAAI,EAAE,YAAY,CAAC,KAAK;iBAC3B,CAAC,CAAC;YACP,CAAC;QACL,CAAC;KACJ,CAAC;IACF,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,sFAAsF;YAC1F,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,sGAAsG;SAC9G;QACD,QAAQ,EAAE;YACN,OAAO,EACH,6GAA6G;SACpH;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,0CAA0C;CACnD,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-node-tls-legacy-protocol.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-legacy-protocol.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;
|
|
1
|
+
{"version":3,"file":"no-node-tls-legacy-protocol.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-legacy-protocol.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAiEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA4FtC,CAAC;AAEH,eAAe,IAAI,CAAC"}
|
|
@@ -1,8 +1,13 @@
|
|
|
1
1
|
import { AST_NODE_TYPES } from "@typescript-eslint/utils";
|
|
2
|
-
import { isDefined, setHas } from "ts-extras";
|
|
2
|
+
import { arrayIncludes, isDefined, setHas } from "ts-extras";
|
|
3
3
|
import { createRule } from "../_internal/create-rule.js";
|
|
4
4
|
import { getMemberPropertyName, getPropertyName, getStaticStringValue, } from "../_internal/estree-utils.js";
|
|
5
5
|
import { isNodeTlsStaticMember, isRelevantNodeTlsOptionsObject, } from "../_internal/node-tls-config.js";
|
|
6
|
+
const LEGACY_TLS_PROPERTY_NAMES = [
|
|
7
|
+
"maxVersion",
|
|
8
|
+
"minVersion",
|
|
9
|
+
"secureProtocol",
|
|
10
|
+
];
|
|
6
11
|
const LEGACY_TLS_VERSION_VALUES = new Set([
|
|
7
12
|
"TLSv1",
|
|
8
13
|
"TLSv1.0",
|
|
@@ -20,9 +25,7 @@ const isLegacyTlsPropertyValue = (propertyName, configuredValue) => {
|
|
|
20
25
|
};
|
|
21
26
|
const getLegacyTlsPropertyName = (propertyNode) => {
|
|
22
27
|
const propertyName = getPropertyName(propertyNode);
|
|
23
|
-
if (propertyName
|
|
24
|
-
propertyName === "minVersion" ||
|
|
25
|
-
propertyName === "secureProtocol") {
|
|
28
|
+
if (arrayIncludes(LEGACY_TLS_PROPERTY_NAMES, propertyName)) {
|
|
26
29
|
return propertyName;
|
|
27
30
|
}
|
|
28
31
|
return undefined;
|
|
@@ -30,61 +33,59 @@ const getLegacyTlsPropertyName = (propertyNode) => {
|
|
|
30
33
|
const isTlsDefaultVersionMember = (node) => isNodeTlsStaticMember(node, new Set(["DEFAULT_MAX_VERSION", "DEFAULT_MIN_VERSION"]));
|
|
31
34
|
/** Rule implementation. */
|
|
32
35
|
const rule = createRule({
|
|
33
|
-
create(context) {
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
36
|
+
create: (context) => ({
|
|
37
|
+
AssignmentExpression(node) {
|
|
38
|
+
if (node.operator !== "=" ||
|
|
39
|
+
!isTlsDefaultVersionMember(node.left)) {
|
|
40
|
+
return;
|
|
41
|
+
}
|
|
42
|
+
const configuredValue = getStaticStringValue(node.right);
|
|
43
|
+
if (typeof configuredValue !== "string" ||
|
|
44
|
+
!setHas(LEGACY_TLS_VERSION_VALUES, configuredValue)) {
|
|
45
|
+
return;
|
|
46
|
+
}
|
|
47
|
+
context.report({
|
|
48
|
+
data: {
|
|
49
|
+
configuredValue,
|
|
50
|
+
propertyName: getMemberPropertyName(node.left) ??
|
|
51
|
+
"DEFAULT_MIN_VERSION",
|
|
52
|
+
},
|
|
53
|
+
messageId: "default",
|
|
54
|
+
node: node.right,
|
|
55
|
+
});
|
|
56
|
+
},
|
|
57
|
+
ObjectExpression(node) {
|
|
58
|
+
if (!isRelevantNodeTlsOptionsObject(node)) {
|
|
59
|
+
return;
|
|
60
|
+
}
|
|
61
|
+
for (const propertyNode of node.properties) {
|
|
62
|
+
if (propertyNode.type !== AST_NODE_TYPES.Property ||
|
|
63
|
+
propertyNode.kind !== "init") {
|
|
64
|
+
continue;
|
|
65
|
+
}
|
|
66
|
+
if (!isExpressionNode(propertyNode.value)) {
|
|
67
|
+
continue;
|
|
39
68
|
}
|
|
40
|
-
const
|
|
69
|
+
const propertyName = getLegacyTlsPropertyName(propertyNode);
|
|
70
|
+
if (!isDefined(propertyName)) {
|
|
71
|
+
continue;
|
|
72
|
+
}
|
|
73
|
+
const configuredValue = getStaticStringValue(propertyNode.value);
|
|
41
74
|
if (typeof configuredValue !== "string" ||
|
|
42
|
-
!
|
|
43
|
-
|
|
75
|
+
!isLegacyTlsPropertyValue(propertyName, configuredValue)) {
|
|
76
|
+
continue;
|
|
44
77
|
}
|
|
45
78
|
context.report({
|
|
46
79
|
data: {
|
|
47
80
|
configuredValue,
|
|
48
|
-
propertyName
|
|
49
|
-
"DEFAULT_MIN_VERSION",
|
|
81
|
+
propertyName,
|
|
50
82
|
},
|
|
51
83
|
messageId: "default",
|
|
52
|
-
node:
|
|
84
|
+
node: propertyNode.value,
|
|
53
85
|
});
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
return;
|
|
58
|
-
}
|
|
59
|
-
for (const propertyNode of node.properties) {
|
|
60
|
-
if (propertyNode.type !== AST_NODE_TYPES.Property ||
|
|
61
|
-
propertyNode.kind !== "init") {
|
|
62
|
-
continue;
|
|
63
|
-
}
|
|
64
|
-
if (!isExpressionNode(propertyNode.value)) {
|
|
65
|
-
continue;
|
|
66
|
-
}
|
|
67
|
-
const propertyName = getLegacyTlsPropertyName(propertyNode);
|
|
68
|
-
if (!isDefined(propertyName)) {
|
|
69
|
-
continue;
|
|
70
|
-
}
|
|
71
|
-
const configuredValue = getStaticStringValue(propertyNode.value);
|
|
72
|
-
if (typeof configuredValue !== "string" ||
|
|
73
|
-
!isLegacyTlsPropertyValue(propertyName, configuredValue)) {
|
|
74
|
-
continue;
|
|
75
|
-
}
|
|
76
|
-
context.report({
|
|
77
|
-
data: {
|
|
78
|
-
configuredValue,
|
|
79
|
-
propertyName,
|
|
80
|
-
},
|
|
81
|
-
messageId: "default",
|
|
82
|
-
node: propertyNode.value,
|
|
83
|
-
});
|
|
84
|
-
}
|
|
85
|
-
},
|
|
86
|
-
};
|
|
87
|
-
},
|
|
86
|
+
}
|
|
87
|
+
},
|
|
88
|
+
}),
|
|
88
89
|
meta: {
|
|
89
90
|
deprecated: false,
|
|
90
91
|
docs: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-node-tls-legacy-protocol.js","sourceRoot":"","sources":["../../src/rules/no-node-tls-legacy-protocol.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"no-node-tls-legacy-protocol.js","sourceRoot":"","sources":["../../src/rules/no-node-tls-legacy-protocol.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;AAE7D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EACH,qBAAqB,EACrB,eAAe,EACf,oBAAoB,GACvB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACH,qBAAqB,EACrB,8BAA8B,GACjC,MAAM,iCAAiC,CAAC;AAKzC,MAAM,yBAAyB,GAAG;IAC9B,YAAY;IACZ,YAAY;IACZ,gBAAgB;CACiC,CAAC;AAEtD,MAAM,yBAAyB,GAAG,IAAI,GAAG,CAAC;IACtC,OAAO;IACP,SAAS;IACT,SAAS;CACZ,CAAC,CAAC;AAEH,MAAM,2BAA2B,GAAG,CAAC,KAAa,EAAW,EAAE,CAC3D,+DAA+D,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAEhF,MAAM,gBAAgB,GAAG,CAAC,IAAmB,EAA+B,EAAE,CAC1E,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,YAAY;IACzC,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,iBAAiB;IAC9C,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,aAAa,CAAC;AAE/C,MAAM,wBAAwB,GAAG,CAC7B,YAAmC,EACnC,eAAuB,EAChB,EAAE;IACT,IAAI,YAAY,KAAK,gBAAgB,EAAE,CAAC;QACpC,OAAO,2BAA2B,CAAC,eAAe,CAAC,CAAC;IACxD,CAAC;IAED,OAAO,MAAM,CAAC,yBAAyB,EAAE,eAAe,CAAC,CAAC;AAC9D,CAAC,CAAC;AAEF,MAAM,wBAAwB,GAAG,CAC7B,YAA+B,EACE,EAAE;IACnC,MAAM,YAAY,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC;IAEnD,IAAI,aAAa,CAAC,yBAAyB,EAAE,YAAY,CAAC,EAAE,CAAC;QACzD,OAAO,YAAY,CAAC;IACxB,CAAC;IAED,OAAO,SAAS,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,yBAAyB,GAAG,CAC9B,IAA2C,EACV,EAAE,CACnC,qBAAqB,CACjB,IAAI,EACJ,IAAI,GAAG,CAAC,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,CAAC,CAC1D,CAAC;AAEN,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAiB;IACnE,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAClB,oBAAoB,CAAC,IAAmC;YACpD,IACI,IAAI,CAAC,QAAQ,KAAK,GAAG;gBACrB,CAAC,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC,EACvC,CAAC;gBACC,OAAO;YACX,CAAC;YAED,MAAM,eAAe,GAAG,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAEzD,IACI,OAAO,eAAe,KAAK,QAAQ;gBACnC,CAAC,MAAM,CAAC,yBAAyB,EAAE,eAAe,CAAC,EACrD,CAAC;gBACC,OAAO;YACX,CAAC;YAED,OAAO,CAAC,MAAM,CAAC;gBACX,IAAI,EAAE;oBACF,eAAe;oBACf,YAAY,EACR,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC;wBAChC,qBAAqB;iBAC5B;gBACD,SAAS,EAAE,SAAS;gBACpB,IAAI,EAAE,IAAI,CAAC,KAAK;aACnB,CAAC,CAAC;QACP,CAAC;QACD,gBAAgB,CAAC,IAA+B;YAC5C,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxC,OAAO;YACX,CAAC;YAED,KAAK,MAAM,YAAY,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACzC,IACI,YAAY,CAAC,IAAI,KAAK,cAAc,CAAC,QAAQ;oBAC7C,YAAY,CAAC,IAAI,KAAK,MAAM,EAC9B,CAAC;oBACC,SAAS;gBACb,CAAC;gBAED,IAAI,CAAC,gBAAgB,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;oBACxC,SAAS;gBACb,CAAC;gBAED,MAAM,YAAY,GAAG,wBAAwB,CAAC,YAAY,CAAC,CAAC;gBAE5D,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC;oBAC3B,SAAS;gBACb,CAAC;gBAED,MAAM,eAAe,GAAG,oBAAoB,CACxC,YAAY,CAAC,KAAK,CACrB,CAAC;gBAEF,IACI,OAAO,eAAe,KAAK,QAAQ;oBACnC,CAAC,wBAAwB,CAAC,YAAY,EAAE,eAAe,CAAC,EAC1D,CAAC;oBACC,SAAS;gBACb,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,IAAI,EAAE;wBACF,eAAe;wBACf,YAAY;qBACf;oBACD,SAAS,EAAE,SAAS;oBACpB,IAAI,EAAE,YAAY,CAAC,KAAK;iBAC3B,CAAC,CAAC;YACP,CAAC;QACL,CAAC;KACJ,CAAC;IACF,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,sGAAsG;YAC1G,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,yFAAyF;SACjG;QACD,QAAQ,EAAE;YACN,OAAO,EACH,mHAAmH;SAC1H;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,6BAA6B;CACtC,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-node-tls-reject-unauthorized-zero.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-reject-unauthorized-zero.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAiEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,
|
|
1
|
+
{"version":3,"file":"no-node-tls-reject-unauthorized-zero.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-reject-unauthorized-zero.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAiEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA0DtC,CAAC;AAEH,eAAe,IAAI,CAAC"}
|
|
@@ -41,37 +41,35 @@ const isUnsafeOverrideValue = (node) => {
|
|
|
41
41
|
};
|
|
42
42
|
/** Rule implementation. */
|
|
43
43
|
const rule = createRule({
|
|
44
|
-
create(context) {
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
{
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
return fixer.replaceText(node.right, replacementValue);
|
|
67
|
-
},
|
|
68
|
-
messageId: "replaceWithTlsRejectUnauthorizedOne",
|
|
44
|
+
create: (context) => ({
|
|
45
|
+
AssignmentExpression(node) {
|
|
46
|
+
if (node.operator !== "=") {
|
|
47
|
+
return;
|
|
48
|
+
}
|
|
49
|
+
if (!isTlsRejectUnauthorizedMember(node.left)) {
|
|
50
|
+
return;
|
|
51
|
+
}
|
|
52
|
+
if (!isUnsafeOverrideValue(node.right)) {
|
|
53
|
+
return;
|
|
54
|
+
}
|
|
55
|
+
context.report({
|
|
56
|
+
messageId: "default",
|
|
57
|
+
node,
|
|
58
|
+
suggest: [
|
|
59
|
+
{
|
|
60
|
+
fix(fixer) {
|
|
61
|
+
const replacementValue = node.right.type ===
|
|
62
|
+
AST_NODE_TYPES.TemplateLiteral
|
|
63
|
+
? "`1`"
|
|
64
|
+
: "'1'";
|
|
65
|
+
return fixer.replaceText(node.right, replacementValue);
|
|
69
66
|
},
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
67
|
+
messageId: "replaceWithTlsRejectUnauthorizedOne",
|
|
68
|
+
},
|
|
69
|
+
],
|
|
70
|
+
});
|
|
71
|
+
},
|
|
72
|
+
}),
|
|
75
73
|
meta: {
|
|
76
74
|
deprecated: false,
|
|
77
75
|
docs: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-node-tls-reject-unauthorized-zero.js","sourceRoot":"","sources":["../../src/rules/no-node-tls-reject-unauthorized-zero.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAEvC,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAIzD,MAAM,qBAAqB,GAAG,CAC1B,gBAA2C,EACzB,EAAE;IACpB,IACI,CAAC,gBAAgB,CAAC,QAAQ;QAC1B,gBAAgB,CAAC,QAAQ,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU,EAC9D,CAAC;QACC,OAAO,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC1C,CAAC;IAED,IACI,gBAAgB,CAAC,QAAQ,CAAC,IAAI,KAAK,cAAc,CAAC,OAAO;QACzD,OAAO,gBAAgB,CAAC,QAAQ,CAAC,KAAK,KAAK,QAAQ,EACrD,CAAC;QACC,OAAO,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC;IAC3C,CAAC;IAED,OAAO,SAAS,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CAAC,IAAyB,EAAW,EAAE;IAC9D,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,gBAAgB,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,qBAAqB,CAAC,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC;QACxC,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,CACH,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU;QAC9C,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS,CACjC,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,6BAA6B,GAAG,CAClC,IAA2C,EACpC,EAAE;IACT,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,gBAAgB,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,qBAAqB,CAAC,IAAI,CAAC,KAAK,8BAA8B,EAAE,CAAC;QACjE,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC3C,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,IAAyB,EAAW,EAAE;IACjE,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,OAAO,EAAE,CAAC;QACvC,OAAO,IAAI,CAAC,KAAK,KAAK,CAAC,IAAI,IAAI,CAAC,KAAK,KAAK,GAAG,CAAC;IAClD,CAAC;IAED,OAAO,CACH,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,eAAe;QAC5C,IAAI,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC;QAC7B,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,KAAK,CAAC,MAAM,KAAK,GAAG,CAChD,CAAC;AACN,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAiB;IACnE,MAAM,CAAC,OAAO
|
|
1
|
+
{"version":3,"file":"no-node-tls-reject-unauthorized-zero.js","sourceRoot":"","sources":["../../src/rules/no-node-tls-reject-unauthorized-zero.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAEvC,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAIzD,MAAM,qBAAqB,GAAG,CAC1B,gBAA2C,EACzB,EAAE;IACpB,IACI,CAAC,gBAAgB,CAAC,QAAQ;QAC1B,gBAAgB,CAAC,QAAQ,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU,EAC9D,CAAC;QACC,OAAO,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC1C,CAAC;IAED,IACI,gBAAgB,CAAC,QAAQ,CAAC,IAAI,KAAK,cAAc,CAAC,OAAO;QACzD,OAAO,gBAAgB,CAAC,QAAQ,CAAC,KAAK,KAAK,QAAQ,EACrD,CAAC;QACC,OAAO,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC;IAC3C,CAAC;IAED,OAAO,SAAS,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CAAC,IAAyB,EAAW,EAAE;IAC9D,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,gBAAgB,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,qBAAqB,CAAC,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC;QACxC,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,CACH,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,cAAc,CAAC,UAAU;QAC9C,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS,CACjC,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,6BAA6B,GAAG,CAClC,IAA2C,EACpC,EAAE;IACT,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,gBAAgB,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,qBAAqB,CAAC,IAAI,CAAC,KAAK,8BAA8B,EAAE,CAAC;QACjE,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC3C,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,IAAyB,EAAW,EAAE;IACjE,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,OAAO,EAAE,CAAC;QACvC,OAAO,IAAI,CAAC,KAAK,KAAK,CAAC,IAAI,IAAI,CAAC,KAAK,KAAK,GAAG,CAAC;IAClD,CAAC;IAED,OAAO,CACH,IAAI,CAAC,IAAI,KAAK,cAAc,CAAC,eAAe;QAC5C,IAAI,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC;QAC7B,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,KAAK,CAAC,MAAM,KAAK,GAAG,CAChD,CAAC;AACN,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAiB;IACnE,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAClB,oBAAoB,CAAC,IAAmC;YACpD,IAAI,IAAI,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;gBACxB,OAAO;YACX,CAAC;YAED,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5C,OAAO;YACX,CAAC;YAED,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBACrC,OAAO;YACX,CAAC;YAED,OAAO,CAAC,MAAM,CAAC;gBACX,SAAS,EAAE,SAAS;gBACpB,IAAI;gBACJ,OAAO,EAAE;oBACL;wBACI,GAAG,CAAC,KAAK;4BACL,MAAM,gBAAgB,GAClB,IAAI,CAAC,KAAK,CAAC,IAAI;gCACf,cAAc,CAAC,eAAe;gCAC1B,CAAC,CAAC,KAAK;gCACP,CAAC,CAAC,KAAK,CAAC;4BAEhB,OAAO,KAAK,CAAC,WAAW,CACpB,IAAI,CAAC,KAAK,EACV,gBAAgB,CACnB,CAAC;wBACN,CAAC;wBACD,SAAS,EAAE,qCAAqC;qBACnD;iBACJ;aACJ,CAAC,CAAC;QACP,CAAC;KACJ,CAAC;IACF,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,4FAA4F;YAChG,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,kGAAkG;SAC1G;QACD,cAAc,EAAE,IAAI;QACpB,QAAQ,EAAE;YACN,OAAO,EACH,gFAAgF;YACpF,mCAAmC,EAC/B,qFAAqF;SAC5F;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,sCAAsC;CAC/C,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"no-node-tls-security-level-zero.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-security-level-zero.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAuBzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,
|
|
1
|
+
{"version":3,"file":"no-node-tls-security-level-zero.d.ts","sourceRoot":"","sources":["../../src/rules/no-node-tls-security-level-zero.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAuBzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CAqFtC,CAAC;AAEH,eAAe,IAAI,CAAC"}
|
|
@@ -10,55 +10,53 @@ const isExpressionNode = (node) => node.type !== AST_NODE_TYPES.ArrayPattern &&
|
|
|
10
10
|
const isSecurityLevelZeroCipherString = (value) => TLS_SECURITY_LEVEL_ZERO_PATTERN.test(value);
|
|
11
11
|
/** Rule implementation. */
|
|
12
12
|
const rule = createRule({
|
|
13
|
-
create(context) {
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
13
|
+
create: (context) => ({
|
|
14
|
+
AssignmentExpression(node) {
|
|
15
|
+
if (node.operator !== "=" ||
|
|
16
|
+
!isNodeTlsStaticMember(node.left, TLS_DEFAULT_CIPHERS_PROPERTY_NAMES)) {
|
|
17
|
+
return;
|
|
18
|
+
}
|
|
19
|
+
const configuredValue = getStaticStringValue(node.right);
|
|
20
|
+
if (typeof configuredValue !== "string" ||
|
|
21
|
+
!isSecurityLevelZeroCipherString(configuredValue)) {
|
|
22
|
+
return;
|
|
23
|
+
}
|
|
24
|
+
context.report({
|
|
25
|
+
data: {
|
|
26
|
+
configuredValue,
|
|
27
|
+
propertyName: "DEFAULT_CIPHERS",
|
|
28
|
+
},
|
|
29
|
+
messageId: "default",
|
|
30
|
+
node: node.right,
|
|
31
|
+
});
|
|
32
|
+
},
|
|
33
|
+
ObjectExpression(node) {
|
|
34
|
+
if (!isRelevantNodeTlsOptionsObject(node)) {
|
|
35
|
+
return;
|
|
36
|
+
}
|
|
37
|
+
for (const propertyNode of node.properties) {
|
|
38
|
+
if (propertyNode.type !== AST_NODE_TYPES.Property ||
|
|
39
|
+
propertyNode.kind !== "init" ||
|
|
40
|
+
getPropertyName(propertyNode) !== "ciphers" ||
|
|
41
|
+
!isExpressionNode(propertyNode.value)) {
|
|
42
|
+
continue;
|
|
19
43
|
}
|
|
20
|
-
const configuredValue = getStaticStringValue(
|
|
44
|
+
const configuredValue = getStaticStringValue(propertyNode.value);
|
|
21
45
|
if (typeof configuredValue !== "string" ||
|
|
22
46
|
!isSecurityLevelZeroCipherString(configuredValue)) {
|
|
23
|
-
|
|
47
|
+
continue;
|
|
24
48
|
}
|
|
25
49
|
context.report({
|
|
26
50
|
data: {
|
|
27
51
|
configuredValue,
|
|
28
|
-
propertyName: "
|
|
52
|
+
propertyName: "ciphers",
|
|
29
53
|
},
|
|
30
54
|
messageId: "default",
|
|
31
|
-
node:
|
|
55
|
+
node: propertyNode.value,
|
|
32
56
|
});
|
|
33
|
-
}
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
return;
|
|
37
|
-
}
|
|
38
|
-
for (const propertyNode of node.properties) {
|
|
39
|
-
if (propertyNode.type !== AST_NODE_TYPES.Property ||
|
|
40
|
-
propertyNode.kind !== "init" ||
|
|
41
|
-
getPropertyName(propertyNode) !== "ciphers" ||
|
|
42
|
-
!isExpressionNode(propertyNode.value)) {
|
|
43
|
-
continue;
|
|
44
|
-
}
|
|
45
|
-
const configuredValue = getStaticStringValue(propertyNode.value);
|
|
46
|
-
if (typeof configuredValue !== "string" ||
|
|
47
|
-
!isSecurityLevelZeroCipherString(configuredValue)) {
|
|
48
|
-
continue;
|
|
49
|
-
}
|
|
50
|
-
context.report({
|
|
51
|
-
data: {
|
|
52
|
-
configuredValue,
|
|
53
|
-
propertyName: "ciphers",
|
|
54
|
-
},
|
|
55
|
-
messageId: "default",
|
|
56
|
-
node: propertyNode.value,
|
|
57
|
-
});
|
|
58
|
-
}
|
|
59
|
-
},
|
|
60
|
-
};
|
|
61
|
-
},
|
|
57
|
+
}
|
|
58
|
+
},
|
|
59
|
+
}),
|
|
62
60
|
meta: {
|
|
63
61
|
deprecated: false,
|
|
64
62
|
docs: {
|