eslint-plugin-secure-coding 1.0.0 → 2.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +92 -161
- package/package.json +1 -1
- package/src/index.js +0 -54
- package/src/index.js.map +1 -1
package/README.md
CHANGED
|
@@ -15,7 +15,7 @@
|
|
|
15
15
|
- **Feature-based coverage:** 45+ rules grouped by attack surface (injection, crypto, auth, cookies, headers, resource limits, platform specifics).
|
|
16
16
|
- **LLM-optimized & MCP-ready:** Structured 2-line messages with CWE + OWASP + CVSS + concrete fixes so humans _and_ AI auto-fixers stay aligned.
|
|
17
17
|
- **Standards aligned:** OWASP Top 10, CWE tagging, CVSS scoring in every finding for compliance mapping.
|
|
18
|
-
- **Tiered presets:** `recommended`, `strict`, `owasp-top-10
|
|
18
|
+
- **Tiered presets:** `recommended`, `strict`, `owasp-top-10` for fast policy rollout.
|
|
19
19
|
- **False-positive reduction:** Sanitizer awareness, annotations, ORM patterns, and safe-library detection keep noise low for org rollouts.
|
|
20
20
|
|
|
21
21
|
Every security rule produces a **structured 2-line error message**:
|
|
@@ -37,164 +37,7 @@ src/api.ts
|
|
|
37
37
|
|
|
38
38
|
---
|
|
39
39
|
|
|
40
|
-
##
|
|
41
|
-
|
|
42
|
-
```bash
|
|
43
|
-
# Install
|
|
44
|
-
npm install --save-dev eslint-plugin-secure-coding
|
|
45
|
-
|
|
46
|
-
# Add to eslint.config.js
|
|
47
|
-
import secureCoding from 'eslint-plugin-secure-coding';
|
|
48
|
-
|
|
49
|
-
export default [
|
|
50
|
-
secureCoding.configs.recommended, // baseline for most repos
|
|
51
|
-
{ files: ['apps/**'], ...secureCoding.configs['owasp-top-10'] }, // public-facing
|
|
52
|
-
{ files: ['services/auth/**', 'services/payments/**'], ...secureCoding.configs.strict }, // crown jewels
|
|
53
|
-
];
|
|
54
|
-
|
|
55
|
-
# Run
|
|
56
|
-
npx eslint .
|
|
57
|
-
```
|
|
58
|
-
|
|
59
|
-
---
|
|
60
|
-
|
|
61
|
-
## 📋 Available Presets (policy tiers)
|
|
62
|
-
|
|
63
|
-
| Preset | Description |
|
|
64
|
-
| --------------------- | --------------------------------------------------------------------------- |
|
|
65
|
-
| **`recommended`** | Balanced security for most projects (45+ rules, mixed severity) |
|
|
66
|
-
| **`strict`** | Maximum security enforcement (all rules as errors) |
|
|
67
|
-
| **`owasp-top-10`** | OWASP Top 10 2021 compliance focused |
|
|
68
|
-
| **`recommended-llm`** | LLM-friendly baseline; adds harder stances on deserialization/network paths |
|
|
69
|
-
| **`recommended-mcp`** | MCP/agent-focused; tightens process/fs/net/deserialize/resource controls |
|
|
70
|
-
| **`strict-mcp`** | All rules as errors for MCP/agent surfaces |
|
|
71
|
-
|
|
72
|
-
---
|
|
73
|
-
|
|
74
|
-
## 📚 Documentation
|
|
75
|
-
|
|
76
|
-
- **[Rules Reference](./docs/RULES.md)** - Complete list of all 48 rules with configuration options
|
|
77
|
-
|
|
78
|
-
---
|
|
79
|
-
|
|
80
|
-
## 🤖 LLM/MCP Hardening & Quickstart
|
|
81
|
-
|
|
82
|
-
| Use case | Config snippet |
|
|
83
|
-
| ----------------------- | ----------------------------------------- |
|
|
84
|
-
| LLM-aware defaults | `secureCoding.configs['recommended-llm']` |
|
|
85
|
-
| MCP/tool-aware defaults | `secureCoding.configs['recommended-mcp']` |
|
|
86
|
-
| Strict for agents/tools | `secureCoding.configs['strict-mcp']` |
|
|
87
|
-
|
|
88
|
-
Example `eslint.config.js`:
|
|
89
|
-
|
|
90
|
-
```js
|
|
91
|
-
import secureCoding from 'eslint-plugin-secure-coding';
|
|
92
|
-
|
|
93
|
-
export default [
|
|
94
|
-
secureCoding.configs.recommended,
|
|
95
|
-
secureCoding.configs['recommended-llm'],
|
|
96
|
-
secureCoding.configs['recommended-mcp'],
|
|
97
|
-
];
|
|
98
|
-
```
|
|
99
|
-
|
|
100
|
-
**eslint.config.js (CommonJS with types):**
|
|
101
|
-
|
|
102
|
-
```js
|
|
103
|
-
// @ts-check
|
|
104
|
-
const secureCoding = require('eslint-plugin-secure-coding');
|
|
105
|
-
|
|
106
|
-
/** @type {import('eslint').Linter.FlatConfig[]} */
|
|
107
|
-
module.exports = [
|
|
108
|
-
secureCoding.configs.recommended,
|
|
109
|
-
secureCoding.configs['recommended-llm'],
|
|
110
|
-
secureCoding.configs['recommended-mcp'],
|
|
111
|
-
];
|
|
112
|
-
```
|
|
113
|
-
|
|
114
|
-
**eslint.config.ts (TypeScript):**
|
|
115
|
-
|
|
116
|
-
```ts
|
|
117
|
-
import type { Linter } from 'eslint';
|
|
118
|
-
import secureCoding from 'eslint-plugin-secure-coding';
|
|
119
|
-
|
|
120
|
-
export default [
|
|
121
|
-
secureCoding.configs.recommended,
|
|
122
|
-
secureCoding.configs['recommended-llm'],
|
|
123
|
-
secureCoding.configs['recommended-mcp'],
|
|
124
|
-
] satisfies Linter.FlatConfig[];
|
|
125
|
-
```
|
|
126
|
-
|
|
127
|
-
Hardening highlights (LLM/MCP):
|
|
128
|
-
|
|
129
|
-
- Treat model/tool outputs as untrusted: schema-validate, size-cap, and allowlist fields before using.
|
|
130
|
-
- Block risky surfaces from agent code: require allowlists for fs/net/exec/tool params; set timeouts and retries.
|
|
131
|
-
- Redact secrets/PII before sending to models or logs.
|
|
132
|
-
- Prefer `execFile`/`shell:false` and HTTPS-only URLs; disallow internal IP ranges.
|
|
133
|
-
|
|
134
|
-
Troubleshooting:
|
|
135
|
-
|
|
136
|
-
- False positives on known-safe keys: add allowlists/ignore patterns sparingly; keep validation in place.
|
|
137
|
-
- Slow runs: disable unused presets per `files` globs or narrow include paths.
|
|
138
|
-
- Still noisy: tighten options on specific rules (deserialization/object-injection/child-process/fs filename).
|
|
139
|
-
|
|
140
|
-
### What an error looks like (LLM-optimized)
|
|
141
|
-
|
|
142
|
-
```bash
|
|
143
|
-
src/api.ts
|
|
144
|
-
42:15 error 🔒 CWE-89 OWASP:A03-Injection CVSS:9.8 | SQL Injection detected | CRITICAL [SOC2,PCI-DSS,HIPAA]
|
|
145
|
-
Fix: Use parameterized query: db.query("SELECT * FROM users WHERE id = ?", [userId]) | https://owasp.org/...
|
|
146
|
-
```
|
|
147
|
-
|
|
148
|
-
Each finding includes:
|
|
149
|
-
|
|
150
|
-
- CWE + OWASP + CVSS for compliance mapping
|
|
151
|
-
- Severity and compliance tags
|
|
152
|
-
- A ready-to-apply fix suggestion and a doc link (LLM-friendly)
|
|
153
|
-
|
|
154
|
-
---
|
|
155
|
-
|
|
156
|
-
## 🏢 Enterprise Integration Example
|
|
157
|
-
|
|
158
|
-
```bash
|
|
159
|
-
# Install once at the repo root
|
|
160
|
-
pnpm add -D eslint-plugin-secure-coding
|
|
161
|
-
|
|
162
|
-
# eslint.config.js (org-standard)
|
|
163
|
-
import secureCoding from 'eslint-plugin-secure-coding';
|
|
164
|
-
|
|
165
|
-
export default [
|
|
166
|
-
// Baseline for all services (balanced)
|
|
167
|
-
secureCoding.configs.recommended,
|
|
168
|
-
|
|
169
|
-
// LLM-aware defaults (prompts/templates/logging safeguards)
|
|
170
|
-
secureCoding.configs['recommended-llm'],
|
|
171
|
-
|
|
172
|
-
// MCP/tool-aware defaults (process/fs/net/deserialize/resource tightened)
|
|
173
|
-
secureCoding.configs['recommended-mcp'],
|
|
174
|
-
|
|
175
|
-
// Add OWASP Top 10 enforcement for internet-facing apps
|
|
176
|
-
{
|
|
177
|
-
files: ['apps/**'],
|
|
178
|
-
...secureCoding.configs['owasp-top-10'],
|
|
179
|
-
},
|
|
180
|
-
|
|
181
|
-
// Force strict mode for critical backend services
|
|
182
|
-
{
|
|
183
|
-
files: ['services/payments/**', 'services/auth/**'],
|
|
184
|
-
...secureCoding.configs.strict,
|
|
185
|
-
},
|
|
186
|
-
];
|
|
187
|
-
```
|
|
188
|
-
|
|
189
|
-
What this gives organizations:
|
|
190
|
-
|
|
191
|
-
- OWASP/CWE/CVSS metadata in every finding for compliance mapping
|
|
192
|
-
- Consistent, LLM-ready fixes that teammates and AI can apply safely
|
|
193
|
-
- Tiered policies (baseline, OWASP-focused, strict) per surface area
|
|
194
|
-
|
|
195
|
-
---
|
|
196
|
-
|
|
197
|
-
## 🔐 48 Security Rules
|
|
40
|
+
## 🔐 45+ Security Rules
|
|
198
41
|
|
|
199
42
|
💼 = Set in `recommended` | ⚠️ = Warns in `recommended` | 🔧 = Auto-fixable | 💡 = Suggestions
|
|
200
43
|
|
|
@@ -308,6 +151,94 @@ What this gives organizations:
|
|
|
308
151
|
|
|
309
152
|
---
|
|
310
153
|
|
|
154
|
+
## 🚀 Quick Start (Org-friendly)
|
|
155
|
+
|
|
156
|
+
```bash
|
|
157
|
+
# Install
|
|
158
|
+
npm install --save-dev eslint-plugin-secure-coding
|
|
159
|
+
|
|
160
|
+
# Add to eslint.config.js
|
|
161
|
+
import secureCoding from 'eslint-plugin-secure-coding';
|
|
162
|
+
|
|
163
|
+
export default [
|
|
164
|
+
secureCoding.configs.recommended, // baseline for most repos
|
|
165
|
+
{ files: ['apps/**'], ...secureCoding.configs['owasp-top-10'] }, // public-facing
|
|
166
|
+
{ files: ['services/auth/**', 'services/payments/**'], ...secureCoding.configs.strict }, // crown jewels
|
|
167
|
+
];
|
|
168
|
+
|
|
169
|
+
# Run
|
|
170
|
+
npx eslint .
|
|
171
|
+
```
|
|
172
|
+
|
|
173
|
+
---
|
|
174
|
+
|
|
175
|
+
## 📋 Available Presets (policy tiers)
|
|
176
|
+
|
|
177
|
+
| Preset | Description |
|
|
178
|
+
| ------------------ | ------------------------------------------------------ |
|
|
179
|
+
| **`recommended`** | Balanced security for most projects (45+ rules, mixed) |
|
|
180
|
+
| **`strict`** | Maximum security enforcement (all rules as errors) |
|
|
181
|
+
| **`owasp-top-10`** | OWASP Top 10 2021 compliance focused |
|
|
182
|
+
|
|
183
|
+
---
|
|
184
|
+
|
|
185
|
+
## 📚 Documentation
|
|
186
|
+
|
|
187
|
+
- **[Rules Reference](./docs/RULES.md)** - Complete list of all 45+ rules with configuration options
|
|
188
|
+
|
|
189
|
+
---
|
|
190
|
+
|
|
191
|
+
### What an error looks like (LLM-optimized)
|
|
192
|
+
|
|
193
|
+
```bash
|
|
194
|
+
src/api.ts
|
|
195
|
+
42:15 error 🔒 CWE-89 OWASP:A03-Injection CVSS:9.8 | SQL Injection detected | CRITICAL [SOC2,PCI-DSS,HIPAA]
|
|
196
|
+
Fix: Use parameterized query: db.query("SELECT * FROM users WHERE id = ?", [userId]) | https://owasp.org/...
|
|
197
|
+
```
|
|
198
|
+
|
|
199
|
+
Each finding includes:
|
|
200
|
+
|
|
201
|
+
- CWE + OWASP + CVSS for compliance mapping
|
|
202
|
+
- Severity and compliance tags
|
|
203
|
+
- A ready-to-apply fix suggestion and a doc link (LLM-friendly)
|
|
204
|
+
|
|
205
|
+
---
|
|
206
|
+
|
|
207
|
+
## 🏢 Enterprise Integration Example
|
|
208
|
+
|
|
209
|
+
```bash
|
|
210
|
+
# Install once at the repo root
|
|
211
|
+
pnpm add -D eslint-plugin-secure-coding
|
|
212
|
+
|
|
213
|
+
# eslint.config.js (org-standard)
|
|
214
|
+
import secureCoding from 'eslint-plugin-secure-coding';
|
|
215
|
+
|
|
216
|
+
export default [
|
|
217
|
+
// Baseline for all services (balanced)
|
|
218
|
+
secureCoding.configs.recommended,
|
|
219
|
+
|
|
220
|
+
// Add OWASP Top 10 enforcement for internet-facing apps
|
|
221
|
+
{
|
|
222
|
+
files: ['apps/**'],
|
|
223
|
+
...secureCoding.configs['owasp-top-10'],
|
|
224
|
+
},
|
|
225
|
+
|
|
226
|
+
// Force strict mode for critical backend services
|
|
227
|
+
{
|
|
228
|
+
files: ['services/payments/**', 'services/auth/**'],
|
|
229
|
+
...secureCoding.configs.strict,
|
|
230
|
+
},
|
|
231
|
+
];
|
|
232
|
+
```
|
|
233
|
+
|
|
234
|
+
What this gives organizations:
|
|
235
|
+
|
|
236
|
+
- OWASP/CWE/CVSS metadata in every finding for compliance mapping
|
|
237
|
+
- Consistent, LLM-ready fixes that teammates and AI can apply safely
|
|
238
|
+
- Tiered policies (baseline, OWASP-focused, strict) per surface area
|
|
239
|
+
|
|
240
|
+
---
|
|
241
|
+
|
|
311
242
|
## 🧭 Type-safe rule configuration (eslint.config.ts)
|
|
312
243
|
|
|
313
244
|
This package ships rule option types to keep flat configs type-safe.
|
|
@@ -337,8 +268,8 @@ export default [
|
|
|
337
268
|
],
|
|
338
269
|
},
|
|
339
270
|
},
|
|
340
|
-
secureCoding.configs['
|
|
341
|
-
secureCoding.configs
|
|
271
|
+
secureCoding.configs['owasp-top-10'],
|
|
272
|
+
secureCoding.configs.strict,
|
|
342
273
|
] satisfies Linter.FlatConfig[];
|
|
343
274
|
```
|
|
344
275
|
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "eslint-plugin-secure-coding",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "2.0.4",
|
|
4
4
|
"description": "Security-focused ESLint plugin with 48 LLM-optimized rules for detecting and preventing vulnerabilities. OWASP Top 10 coverage, CWE references, and AI-assisted fix guidance.",
|
|
5
5
|
"type": "commonjs",
|
|
6
6
|
"main": "./src/index.js",
|
package/src/index.js
CHANGED
|
@@ -283,60 +283,6 @@ exports.configs = {
|
|
|
283
283
|
'secure-coding/no-unsafe-dynamic-require': 'error',
|
|
284
284
|
},
|
|
285
285
|
},
|
|
286
|
-
/**
|
|
287
|
-
* LLM-friendly recommended config
|
|
288
|
-
* - Mirrors `recommended` severities
|
|
289
|
-
* - Adds guardrails helpful for agent/tool code
|
|
290
|
-
*/
|
|
291
|
-
'recommended-llm': {
|
|
292
|
-
plugins: {
|
|
293
|
-
'secure-coding': exports.plugin,
|
|
294
|
-
},
|
|
295
|
-
rules: {
|
|
296
|
-
// Start from recommended
|
|
297
|
-
...recommendedRules,
|
|
298
|
-
// Emphasize data handling and deserialization for model/tool I/O
|
|
299
|
-
'secure-coding/no-unsafe-deserialization': 'error',
|
|
300
|
-
'secure-coding/detect-object-injection': 'error',
|
|
301
|
-
// Ensure outbound calls are constrained (common in agent tools)
|
|
302
|
-
'secure-coding/no-unencrypted-transmission': 'error',
|
|
303
|
-
'secure-coding/no-insecure-redirects': 'error',
|
|
304
|
-
},
|
|
305
|
-
},
|
|
306
|
-
/**
|
|
307
|
-
* MCP-focused baseline
|
|
308
|
-
* - Stricter on outbound/network/file/process surfaces typical for tools
|
|
309
|
-
*/
|
|
310
|
-
'recommended-mcp': {
|
|
311
|
-
plugins: {
|
|
312
|
-
'secure-coding': exports.plugin,
|
|
313
|
-
},
|
|
314
|
-
rules: {
|
|
315
|
-
...recommendedRules,
|
|
316
|
-
// Raise critical tool vectors
|
|
317
|
-
'secure-coding/detect-child-process': 'error',
|
|
318
|
-
'secure-coding/no-unsafe-dynamic-require': 'error',
|
|
319
|
-
'secure-coding/detect-non-literal-fs-filename': 'error',
|
|
320
|
-
'secure-coding/no-unsafe-deserialization': 'error',
|
|
321
|
-
'secure-coding/detect-object-injection': 'error',
|
|
322
|
-
'secure-coding/no-unlimited-resource-allocation': 'error',
|
|
323
|
-
'secure-coding/no-unchecked-loop-condition': 'error',
|
|
324
|
-
'secure-coding/no-unencrypted-transmission': 'error',
|
|
325
|
-
'secure-coding/no-insecure-redirects': 'error',
|
|
326
|
-
'secure-coding/no-missing-security-headers': 'error',
|
|
327
|
-
'secure-coding/no-missing-cors-check': 'error',
|
|
328
|
-
},
|
|
329
|
-
},
|
|
330
|
-
/**
|
|
331
|
-
* Strict MCP mode
|
|
332
|
-
* - All rules as errors (mirrors strict) with the same plugin wiring
|
|
333
|
-
*/
|
|
334
|
-
'strict-mcp': {
|
|
335
|
-
plugins: {
|
|
336
|
-
'secure-coding': exports.plugin,
|
|
337
|
-
},
|
|
338
|
-
rules: Object.fromEntries(Object.keys(exports.rules).map(ruleName => [`secure-coding/${ruleName}`, 'error'])),
|
|
339
|
-
},
|
|
340
286
|
};
|
|
341
287
|
/**
|
|
342
288
|
* Default export for ESLint plugin
|
package/src/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../packages/eslint-plugin-secure-coding/src/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;;AAIH,6BAA6B;AAC7B,wEAAmE;AACnE,4EAAwE;AACxE,8FAAwF;AACxF,gFAA2E;AAC3E,0FAAoF;AACpF,gFAA2E;AAC3E,wEAAmE;AACnE,4EAAuE;AACvE,0EAAqE;AACrE,oFAA+E;AAC/E,4FAAsF;AAEtF,+BAA+B;AAC/B,oGAA6F;AAC7F,8DAAyD;AACzD,sFAAiF;AAEjF,yBAAyB;AACzB,0FAAoF;AACpF,0FAAoF;AACpF,gGAA0F;AAE1F,sCAAsC;AACtC,sFAAiF;AACjF,0FAAqF;AAErF,wCAAwC;AACxC,wFAAmF;AACnF,oEAA+D;AAC/D,oFAA+E;AAC/E,wEAAmE;AACnE,oFAA+E;AAC/E,sEAAiE;AAEjE,0CAA0C;AAC1C,0FAAoF;AACpF,8EAAyE;AACzE,4FAAsF;AACtF,wFAAmF;AACnF,8FAAwF;AAExF,kDAAkD;AAClD,0FAAqF;AACrF,sFAAiF;AACjF,0FAAoF;AAEpF,qCAAqC;AACrC,8FAAwF;AACxF,4FAAsF;AACtF,4EAAuE;AAEvE,qCAAqC;AACrC,kFAA4E;AAC5E,8FAAwF;AACxF,kFAA6E;AAC7E,8FAAyF;AACzF,sEAAkE;AAElE,iCAAiC;AACjC,0FAAoF;AACpF,4FAAsF;AAEtF,mCAAmC;AACnC,4EAAuE;AAEvE,kCAAkC;AAClC,wGAAkG;AAClG,8FAAwF;AAExF,qCAAqC;AACrC,8FAAwF;AACxF,oHAA8G;AAE9G;;GAEG;AACU,QAAA,KAAK,GAAoE;IACpF,sCAAsC;IACtC,kBAAkB,EAAE,iCAAc;IAClC,oBAAoB,EAAE,sCAAiB;IACvC,6BAA6B,EAAE,sDAAwB;IACvD,sBAAsB,EAAE,yCAAkB;IAC1C,2BAA2B,EAAE,kDAAsB;IACnD,sBAAsB,EAAE,yCAAkB;IAC1C,kBAAkB,EAAE,iCAAc;IAClC,oBAAoB,EAAE,qCAAgB;IACtC,mBAAmB,EAAE,mCAAe;IACpC,wBAAwB,EAAE,6CAAoB;IAC9C,4BAA4B,EAAE,oDAAuB;IACrD,gCAAgC,EAAE,2DAA0B;IAC5D,aAAa,EAAE,uBAAS;IACxB,yBAAyB,EAAE,+CAAqB;IAChD,2BAA2B,EAAE,kDAAsB;IACnD,2BAA2B,EAAE,kDAAsB;IACnD,8BAA8B,EAAE,wDAAyB;IACzD,yBAAyB,EAAE,+CAAqB;IAChD,2BAA2B,EAAE,mDAAuB;IACpD,0BAA0B,EAAE,iDAAsB;IAClD,gBAAgB,EAAE,6BAAY;IAC9B,wBAAwB,EAAE,6CAAoB;IAC9C,kBAAkB,EAAE,iCAAc;IAClC,wBAAwB,EAAE,6CAAoB;IAC9C,iBAAiB,EAAE,+BAAa;IAChC,2BAA2B,EAAE,kDAAsB;IACnD,qBAAqB,EAAE,uCAAiB;IACxC,4BAA4B,EAAE,oDAAuB;IACrD,0BAA0B,EAAE,iDAAsB;IAClD,6BAA6B,EAAE,sDAAwB;IACvD,2BAA2B,EAAE,mDAAuB;IACpD,yBAAyB,EAAE,+CAAqB;IAChD,2BAA2B,EAAE,kDAAsB;IACnD,6BAA6B,EAAE,sDAAwB;IACvD,4BAA4B,EAAE,oDAAuB;IACrD,oBAAoB,EAAE,qCAAgB;IACtC,uBAAuB,EAAE,0CAAkB;IAC3C,6BAA6B,EAAE,sDAAwB;IACvD,uBAAuB,EAAE,2CAAmB;IAC5C,6BAA6B,EAAE,uDAAyB;IACxD,iBAAiB,EAAE,gCAAc;IACjC,2BAA2B,EAAE,kDAAsB;IACnD,4BAA4B,EAAE,oDAAuB;IACrD,oBAAoB,EAAE,qCAAgB;IACtC,kCAAkC,EAAE,gEAA6B;IACjE,6BAA6B,EAAE,sDAAwB;IACvD,6BAA6B,EAAE,sDAAwB;IACvD,wCAAwC,EAAE,4EAAmC;CACJ,CAAC;AAE5E;;GAEG;AACU,QAAA,MAAM,GAA+B;IAChD,IAAI,EAAE;QACJ,IAAI,EAAE,6BAA6B;QACnC,OAAO,EAAE,OAAO;KACjB;IACD,KAAK,EAAL,aAAK;CAC+B,CAAC;AAEvC;;GAEG;AACH,MAAM,gBAAgB,GAAkD;IACtE,mDAAmD;IACnD,gCAAgC,EAAE,OAAO;IACzC,kCAAkC,EAAE,OAAO;IAC3C,2CAA2C,EAAE,OAAO;IACpD,oCAAoC,EAAE,OAAO;IAC7C,yCAAyC,EAAE,OAAO;IAClD,oCAAoC,EAAE,OAAO;IAC7C,gCAAgC,EAAE,OAAO;IACzC,kCAAkC,EAAE,OAAO;IAC3C,iCAAiC,EAAE,OAAO;IAC1C,sCAAsC,EAAE,OAAO;IAC/C,0CAA0C,EAAE,OAAO;IAEnD,8CAA8C;IAC9C,8CAA8C,EAAE,OAAO;IACvD,2BAA2B,EAAE,OAAO;IACpC,uCAAuC,EAAE,OAAO;IAEhD,6BAA6B;IAC7B,yCAAyC,EAAE,OAAO;IAElD,+BAA+B;IAC/B,yCAAyC,EAAE,MAAM;IACjD,yCAAyC,EAAE,OAAO;IAClD,4CAA4C,EAAE,MAAM;IAEpD,6BAA6B;IAC7B,uCAAuC,EAAE,MAAM;IAE/C,sCAAsC;IACtC,wCAAwC,EAAE,OAAO;IACjD,8BAA8B,EAAE,OAAO;IACvC,sCAAsC,EAAE,MAAM;IAC9C,gCAAgC,EAAE,OAAO;IACzC,sCAAsC,EAAE,MAAM;IAC9C,+BAA+B,EAAE,OAAO;IAExC,6CAA6C;IAC7C,yCAAyC,EAAE,MAAM;IACjD,mCAAmC,EAAE,OAAO;IAC5C,0CAA0C,EAAE,MAAM;IAClD,wCAAwC,EAAE,OAAO;IACjD,2CAA2C,EAAE,MAAM;IAEnD,yDAAyD;IACzD,yCAAyC,EAAE,MAAM;IACjD,uCAAuC,EAAE,MAAM;IAC/C,yCAAyC,EAAE,OAAO;IAElD,2BAA2B;IAC3B,2CAA2C,EAAE,MAAM;IACnD,0CAA0C,EAAE,MAAM;IAClD,kCAAkC,EAAE,MAAM;IAE1C,uCAAuC;IACvC,qCAAqC,EAAE,MAAM;IAC7C,2CAA2C,EAAE,MAAM;IACnD,qCAAqC,EAAE,MAAM;IAC7C,2CAA2C,EAAE,MAAM;IACnD,+BAA+B,EAAE,OAAO;IAExC,mCAAmC;IACnC,yCAAyC,EAAE,OAAO;IAClD,0CAA0C,EAAE,MAAM;IAElD,2BAA2B;IAC3B,kCAAkC,EAAE,OAAO;IAE3C,0BAA0B;IAC1B,gDAAgD,EAAE,OAAO;IACzD,2CAA2C,EAAE,OAAO;IAEpD,6BAA6B;IAC7B,2CAA2C,EAAE,OAAO;IACpD,sDAAsD,EAAE,OAAO;CAChE,CAAC;AAEW,QAAA,OAAO,GAA+C;IAEjE;;;;;;OAMG;IACH,WAAW,EAAE;QACX,OAAO,EAAE;YACP,eAAe,EAAE,cAAM;SACxB;QACD,KAAK,EAAE,gBAAgB;KACa;IAEtC;;;;OAIG;IACH,MAAM,EAAE;QACN,OAAO,EAAE;YACP,eAAe,EAAE,cAAM;SACxB;QACD,KAAK,EAAE,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,IAAI,CAAC,aAAK,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,iBAAiB,QAAQ,EAAE,EAAE,OAAO,CAAC,CAAC,CAC3E;KACmC;IAEtC;;;;OAIG;IACH,cAAc,EAAE;QACd,OAAO,EAAE;YACP,eAAe,EAAE,cAAM;SACxB;QACD,KAAK,EAAE;YACL,mCAAmC;YACnC,yCAAyC,EAAE,OAAO;YAClD,uCAAuC,EAAE,OAAO;YAChD,yCAAyC,EAAE,OAAO;YAClD,qCAAqC,EAAE,OAAO;YAE9C,oCAAoC;YACpC,wCAAwC,EAAE,OAAO;YACjD,8BAA8B,EAAE,OAAO;YACvC,sCAAsC,EAAE,OAAO;YAC/C,+BAA+B,EAAE,OAAO;YACxC,2CAA2C,EAAE,OAAO;YACpD,0CAA0C,EAAE,OAAO;YAEnD,uBAAuB;YACvB,gCAAgC,EAAE,OAAO;YACzC,kCAAkC,EAAE,OAAO;YAC3C,2CAA2C,EAAE,OAAO;YACpD,oCAAoC,EAAE,OAAO;YAC7C,oCAAoC,EAAE,OAAO;YAC7C,gCAAgC,EAAE,OAAO;YACzC,kCAAkC,EAAE,OAAO;YAC3C,iCAAiC,EAAE,OAAO;YAC1C,mCAAmC,EAAE,OAAO;YAC5C,0CAA0C,EAAE,OAAO;YAEnD,6BAA6B;YAC7B,yCAAyC,EAAE,OAAO;YAClD,2CAA2C,EAAE,OAAO;YAEpD,uCAAuC;YACvC,2CAA2C,EAAE,OAAO;YACpD,qCAAqC,EAAE,OAAO;YAC9C,2CAA2C,EAAE,OAAO;YACpD,+BAA+B,EAAE,OAAO;YACxC,2CAA2C,EAAE,OAAO;YAEpD,wDAAwD;YACxD,gCAAgC,EAAE,OAAO;YACzC,sCAAsC,EAAE,OAAO;YAC/C,0CAA0C,EAAE,OAAO;YAEnD,kDAAkD;YAClD,yCAAyC,EAAE,OAAO;YAClD,yCAAyC,EAAE,OAAO;SACnD;KACmC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../packages/eslint-plugin-secure-coding/src/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;;AAIH,6BAA6B;AAC7B,wEAAmE;AACnE,4EAAwE;AACxE,8FAAwF;AACxF,gFAA2E;AAC3E,0FAAoF;AACpF,gFAA2E;AAC3E,wEAAmE;AACnE,4EAAuE;AACvE,0EAAqE;AACrE,oFAA+E;AAC/E,4FAAsF;AAEtF,+BAA+B;AAC/B,oGAA6F;AAC7F,8DAAyD;AACzD,sFAAiF;AAEjF,yBAAyB;AACzB,0FAAoF;AACpF,0FAAoF;AACpF,gGAA0F;AAE1F,sCAAsC;AACtC,sFAAiF;AACjF,0FAAqF;AAErF,wCAAwC;AACxC,wFAAmF;AACnF,oEAA+D;AAC/D,oFAA+E;AAC/E,wEAAmE;AACnE,oFAA+E;AAC/E,sEAAiE;AAEjE,0CAA0C;AAC1C,0FAAoF;AACpF,8EAAyE;AACzE,4FAAsF;AACtF,wFAAmF;AACnF,8FAAwF;AAExF,kDAAkD;AAClD,0FAAqF;AACrF,sFAAiF;AACjF,0FAAoF;AAEpF,qCAAqC;AACrC,8FAAwF;AACxF,4FAAsF;AACtF,4EAAuE;AAEvE,qCAAqC;AACrC,kFAA4E;AAC5E,8FAAwF;AACxF,kFAA6E;AAC7E,8FAAyF;AACzF,sEAAkE;AAElE,iCAAiC;AACjC,0FAAoF;AACpF,4FAAsF;AAEtF,mCAAmC;AACnC,4EAAuE;AAEvE,kCAAkC;AAClC,wGAAkG;AAClG,8FAAwF;AAExF,qCAAqC;AACrC,8FAAwF;AACxF,oHAA8G;AAE9G;;GAEG;AACU,QAAA,KAAK,GAAoE;IACpF,sCAAsC;IACtC,kBAAkB,EAAE,iCAAc;IAClC,oBAAoB,EAAE,sCAAiB;IACvC,6BAA6B,EAAE,sDAAwB;IACvD,sBAAsB,EAAE,yCAAkB;IAC1C,2BAA2B,EAAE,kDAAsB;IACnD,sBAAsB,EAAE,yCAAkB;IAC1C,kBAAkB,EAAE,iCAAc;IAClC,oBAAoB,EAAE,qCAAgB;IACtC,mBAAmB,EAAE,mCAAe;IACpC,wBAAwB,EAAE,6CAAoB;IAC9C,4BAA4B,EAAE,oDAAuB;IACrD,gCAAgC,EAAE,2DAA0B;IAC5D,aAAa,EAAE,uBAAS;IACxB,yBAAyB,EAAE,+CAAqB;IAChD,2BAA2B,EAAE,kDAAsB;IACnD,2BAA2B,EAAE,kDAAsB;IACnD,8BAA8B,EAAE,wDAAyB;IACzD,yBAAyB,EAAE,+CAAqB;IAChD,2BAA2B,EAAE,mDAAuB;IACpD,0BAA0B,EAAE,iDAAsB;IAClD,gBAAgB,EAAE,6BAAY;IAC9B,wBAAwB,EAAE,6CAAoB;IAC9C,kBAAkB,EAAE,iCAAc;IAClC,wBAAwB,EAAE,6CAAoB;IAC9C,iBAAiB,EAAE,+BAAa;IAChC,2BAA2B,EAAE,kDAAsB;IACnD,qBAAqB,EAAE,uCAAiB;IACxC,4BAA4B,EAAE,oDAAuB;IACrD,0BAA0B,EAAE,iDAAsB;IAClD,6BAA6B,EAAE,sDAAwB;IACvD,2BAA2B,EAAE,mDAAuB;IACpD,yBAAyB,EAAE,+CAAqB;IAChD,2BAA2B,EAAE,kDAAsB;IACnD,6BAA6B,EAAE,sDAAwB;IACvD,4BAA4B,EAAE,oDAAuB;IACrD,oBAAoB,EAAE,qCAAgB;IACtC,uBAAuB,EAAE,0CAAkB;IAC3C,6BAA6B,EAAE,sDAAwB;IACvD,uBAAuB,EAAE,2CAAmB;IAC5C,6BAA6B,EAAE,uDAAyB;IACxD,iBAAiB,EAAE,gCAAc;IACjC,2BAA2B,EAAE,kDAAsB;IACnD,4BAA4B,EAAE,oDAAuB;IACrD,oBAAoB,EAAE,qCAAgB;IACtC,kCAAkC,EAAE,gEAA6B;IACjE,6BAA6B,EAAE,sDAAwB;IACvD,6BAA6B,EAAE,sDAAwB;IACvD,wCAAwC,EAAE,4EAAmC;CACJ,CAAC;AAE5E;;GAEG;AACU,QAAA,MAAM,GAA+B;IAChD,IAAI,EAAE;QACJ,IAAI,EAAE,6BAA6B;QACnC,OAAO,EAAE,OAAO;KACjB;IACD,KAAK,EAAL,aAAK;CAC+B,CAAC;AAEvC;;GAEG;AACH,MAAM,gBAAgB,GAAkD;IACtE,mDAAmD;IACnD,gCAAgC,EAAE,OAAO;IACzC,kCAAkC,EAAE,OAAO;IAC3C,2CAA2C,EAAE,OAAO;IACpD,oCAAoC,EAAE,OAAO;IAC7C,yCAAyC,EAAE,OAAO;IAClD,oCAAoC,EAAE,OAAO;IAC7C,gCAAgC,EAAE,OAAO;IACzC,kCAAkC,EAAE,OAAO;IAC3C,iCAAiC,EAAE,OAAO;IAC1C,sCAAsC,EAAE,OAAO;IAC/C,0CAA0C,EAAE,OAAO;IAEnD,8CAA8C;IAC9C,8CAA8C,EAAE,OAAO;IACvD,2BAA2B,EAAE,OAAO;IACpC,uCAAuC,EAAE,OAAO;IAEhD,6BAA6B;IAC7B,yCAAyC,EAAE,OAAO;IAElD,+BAA+B;IAC/B,yCAAyC,EAAE,MAAM;IACjD,yCAAyC,EAAE,OAAO;IAClD,4CAA4C,EAAE,MAAM;IAEpD,6BAA6B;IAC7B,uCAAuC,EAAE,MAAM;IAE/C,sCAAsC;IACtC,wCAAwC,EAAE,OAAO;IACjD,8BAA8B,EAAE,OAAO;IACvC,sCAAsC,EAAE,MAAM;IAC9C,gCAAgC,EAAE,OAAO;IACzC,sCAAsC,EAAE,MAAM;IAC9C,+BAA+B,EAAE,OAAO;IAExC,6CAA6C;IAC7C,yCAAyC,EAAE,MAAM;IACjD,mCAAmC,EAAE,OAAO;IAC5C,0CAA0C,EAAE,MAAM;IAClD,wCAAwC,EAAE,OAAO;IACjD,2CAA2C,EAAE,MAAM;IAEnD,yDAAyD;IACzD,yCAAyC,EAAE,MAAM;IACjD,uCAAuC,EAAE,MAAM;IAC/C,yCAAyC,EAAE,OAAO;IAElD,2BAA2B;IAC3B,2CAA2C,EAAE,MAAM;IACnD,0CAA0C,EAAE,MAAM;IAClD,kCAAkC,EAAE,MAAM;IAE1C,uCAAuC;IACvC,qCAAqC,EAAE,MAAM;IAC7C,2CAA2C,EAAE,MAAM;IACnD,qCAAqC,EAAE,MAAM;IAC7C,2CAA2C,EAAE,MAAM;IACnD,+BAA+B,EAAE,OAAO;IAExC,mCAAmC;IACnC,yCAAyC,EAAE,OAAO;IAClD,0CAA0C,EAAE,MAAM;IAElD,2BAA2B;IAC3B,kCAAkC,EAAE,OAAO;IAE3C,0BAA0B;IAC1B,gDAAgD,EAAE,OAAO;IACzD,2CAA2C,EAAE,OAAO;IAEpD,6BAA6B;IAC7B,2CAA2C,EAAE,OAAO;IACpD,sDAAsD,EAAE,OAAO;CAChE,CAAC;AAEW,QAAA,OAAO,GAA+C;IAEjE;;;;;;OAMG;IACH,WAAW,EAAE;QACX,OAAO,EAAE;YACP,eAAe,EAAE,cAAM;SACxB;QACD,KAAK,EAAE,gBAAgB;KACa;IAEtC;;;;OAIG;IACH,MAAM,EAAE;QACN,OAAO,EAAE;YACP,eAAe,EAAE,cAAM;SACxB;QACD,KAAK,EAAE,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,IAAI,CAAC,aAAK,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,iBAAiB,QAAQ,EAAE,EAAE,OAAO,CAAC,CAAC,CAC3E;KACmC;IAEtC;;;;OAIG;IACH,cAAc,EAAE;QACd,OAAO,EAAE;YACP,eAAe,EAAE,cAAM;SACxB;QACD,KAAK,EAAE;YACL,mCAAmC;YACnC,yCAAyC,EAAE,OAAO;YAClD,uCAAuC,EAAE,OAAO;YAChD,yCAAyC,EAAE,OAAO;YAClD,qCAAqC,EAAE,OAAO;YAE9C,oCAAoC;YACpC,wCAAwC,EAAE,OAAO;YACjD,8BAA8B,EAAE,OAAO;YACvC,sCAAsC,EAAE,OAAO;YAC/C,+BAA+B,EAAE,OAAO;YACxC,2CAA2C,EAAE,OAAO;YACpD,0CAA0C,EAAE,OAAO;YAEnD,uBAAuB;YACvB,gCAAgC,EAAE,OAAO;YACzC,kCAAkC,EAAE,OAAO;YAC3C,2CAA2C,EAAE,OAAO;YACpD,oCAAoC,EAAE,OAAO;YAC7C,oCAAoC,EAAE,OAAO;YAC7C,gCAAgC,EAAE,OAAO;YACzC,kCAAkC,EAAE,OAAO;YAC3C,iCAAiC,EAAE,OAAO;YAC1C,mCAAmC,EAAE,OAAO;YAC5C,0CAA0C,EAAE,OAAO;YAEnD,6BAA6B;YAC7B,yCAAyC,EAAE,OAAO;YAClD,2CAA2C,EAAE,OAAO;YAEpD,uCAAuC;YACvC,2CAA2C,EAAE,OAAO;YACpD,qCAAqC,EAAE,OAAO;YAC9C,2CAA2C,EAAE,OAAO;YACpD,+BAA+B,EAAE,OAAO;YACxC,2CAA2C,EAAE,OAAO;YAEpD,wDAAwD;YACxD,gCAAgC,EAAE,OAAO;YACzC,sCAAsC,EAAE,OAAO;YAC/C,0CAA0C,EAAE,OAAO;YAEnD,kDAAkD;YAClD,yCAAyC,EAAE,OAAO;YAClD,yCAAyC,EAAE,OAAO;SACnD;KACmC;CACvC,CAAC;AAEF;;GAEG;AACH,kBAAe,cAAM,CAAC"}
|