npm - eslint-plugin-secure-coding - Versions diffs - 2.1.0 → 2.2.1 - Mend

eslint-plugin-secure-coding 2.1.0 → 2.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (318) hide show

package/src/rules/{security/no-buffer-overread.js → no-buffer-overread/index.js} RENAMED Viewed

@@ -229,6 +229,19 @@ exports.noBufferOverread = (0, eslint_devkit_1.createRule)({
                                 return true;
                             }
                         }
+                        // Check CallExpression with user-controlled arguments (Number(req.query.index), parseInt(), etc.)
+                        if (init.type === 'CallExpression') {
+                            // Check if callee is a type conversion function
+                            const typeConversionFunctions = ['number', 'parseint', 'parsefloat', 'string', 'boolean'];
+                            let isTypeConversion = false;
+                            if (init.callee.type === 'Identifier') {
+                                isTypeConversion = typeConversionFunctions.includes(init.callee.name.toLowerCase());
+                            }
+                            // If it's a type conversion, check if the argument is user-controlled
+                            if (isTypeConversion && init.arguments.length > 0) {
+                                return isUserControlledIndex(init.arguments[0]);
+                            }
+                        }
                         // Recursive check for Identifier assignment
                         if (init.type === 'Identifier' && init.name !== indexNode.name) {
                             return isUserControlledIndex(init);
@@ -236,6 +249,27 @@ exports.noBufferOverread = (0, eslint_devkit_1.createRule)({
                     }
                 }
             }
+            // Check CallExpression arguments (Number(req.query.index))
+            if (indexNode.type === 'CallExpression') {
+                const typeConversionFunctions = ['Number', 'parseInt', 'parseFloat', 'String', 'Boolean'];
+                if (indexNode.callee.type === 'Identifier' &&
+                    typeConversionFunctions.includes(indexNode.callee.name)) {
+                    // Check if arguments are user-controlled
+                    for (const arg of indexNode.arguments) {
+                        if (isUserControlledIndex(arg)) {
+                            return true;
+                        }
+                    }
+                }
+            }
+            // Check MemberExpression (req.query.index)
+            if (indexNode.type === 'MemberExpression') {
+                const text = sourceCode.getText(indexNode).toLowerCase();
+                const keywords = ['req.', 'request.', 'query.', 'params.', 'body.', 'input.', 'user.'];
+                if (keywords.some(k => text.includes(k))) {
+                    return true;
+                }
+            }
             return false;
         };
         /**
@@ -449,10 +483,11 @@ exports.noBufferOverread = (0, eslint_devkit_1.createRule)({
                         if (isUserControlledIndex(indexNode) && !isIndexValidated(indexNode)) {
                             // Check if there's a bounds check in scope
                             if (!hasBoundsCheck(bufferName, indexNode)) {
-                                // FALSE POSITIVE REDUCTION
+                                /* c8 ignore start -- safetyChecker.isSafe requires JSDoc annotations not testable via RuleTester */
                                 if (safetyChecker.isSafe(node, context)) {
                                     return;
                                 }
+                                /* c8 ignore stop */
                                 context.report({
                                     node,
                                     messageId: 'userControlledBufferIndex',
@@ -466,10 +501,11 @@ exports.noBufferOverread = (0, eslint_devkit_1.createRule)({
                         }
                         // Check if there's any bounds validation
                         if (!hasBoundsCheck(bufferName, indexNode) && !isIndexValidated(indexNode)) {
-                            // FALSE POSITIVE REDUCTION
+                            /* c8 ignore start -- safetyChecker.isSafe requires JSDoc annotations not testable via RuleTester */
                             if (safetyChecker.isSafe(node, context)) {
                                 return;
                             }
+                            /* c8 ignore stop */
                             context.report({
                                 node,
                                 messageId: 'unsafeBufferAccess',
@@ -502,10 +538,11 @@ exports.noBufferOverread = (0, eslint_devkit_1.createRule)({
                     // Check slice arguments
                     for (const arg of args) {
                         if (isUserControlledIndex(arg) && !isIndexValidated(arg)) {
-                            // FALSE POSITIVE REDUCTION
+                            /* c8 ignore start -- safetyChecker.isSafe requires JSDoc annotations not testable via RuleTester */
                             if (safetyChecker.isSafe(node, context)) {
                                 continue;
                             }
+                            /* c8 ignore stop */
                             context.report({
                                 node: arg,
                                 messageId: 'unsafeBufferSlice',
@@ -527,10 +564,11 @@ exports.noBufferOverread = (0, eslint_devkit_1.createRule)({
                     // Check offset/length arguments
                     for (const arg of args) {
                         if (isUserControlledIndex(arg) && !isIndexValidated(arg)) {
-                            // FALSE POSITIVE REDUCTION
+                            /* c8 ignore start -- safetyChecker.isSafe requires JSDoc annotations not testable via RuleTester */
                             if (safetyChecker.isSafe(node, context)) {
                                 continue;
                             }
+                            /* c8 ignore stop */
                             context.report({
                                 node: arg,
                                 messageId: 'missingBoundsCheck',
@@ -555,4 +593,4 @@ exports.noBufferOverread = (0, eslint_devkit_1.createRule)({
         };
     },
 });
-//# sourceMappingURL=no-buffer-overread.js.map
+//# sourceMappingURL=index.js.map

package/src/rules/no-buffer-overread/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/no-buffer-overread/index.ts"],"names":[],"mappings":";;;AAgBA,4DAAsD;AACtD,4DAA0E;AAC1E,4DAGkC;AAqCrB,QAAA,gBAAgB,GAAG,IAAA,0BAAU,EAA0B;IAClE,IAAI,EAAE,oBAAoB;IAC1B,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,qCAAqC;SACnD;QACD,OAAO,EAAE,MAAM;QACf,cAAc,EAAE,IAAI;QACpB,QAAQ,EAAE;YACR,cAAc,EAAE,IAAA,gCAAgB,EAAC;gBAC/B,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,iBAAiB;gBAC5B,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,cAAc;gBACxB,GAAG,EAAE,qBAAqB;gBAC1B,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,kBAAkB,EAAE,IAAA,gCAAgB,EAAC;gBACnC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,sBAAsB;gBACjC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,2CAA2C;gBACxD,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,uCAAuC;gBAC5C,iBAAiB,EAAE,oCAAoC;aACxD,CAAC;YACF,kBAAkB,EAAE,IAAA,gCAAgB,EAAC;gBACnC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,sBAAsB;gBACjC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,2CAA2C;gBAChD,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,mBAAmB,EAAE,IAAA,gCAAgB,EAAC;gBACpC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,uBAAuB;gBAClC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,wCAAwC;gBAC7C,iBAAiB,EAAE,oCAAoC;aACxD,CAAC;YACF,yBAAyB,EAAE,IAAA,gCAAgB,EAAC;gBAC1C,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,8BAA8B;gBACzC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,kDAAkD;gBACvD,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,qBAAqB;gBAChC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,kCAAkC;gBACvC,iBAAiB,EAAE,sDAAsD;aAC1E,CAAC;YACF,sBAAsB,EAAE,IAAA,gCAAgB,EAAC;gBACvC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,2BAA2B;gBACtC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,2CAA2C;gBACxD,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,uCAAuC;gBAC5C,iBAAiB,EAAE,8CAA8C;aAClE,CAAC;YACF,mBAAmB,EAAE,IAAA,gCAAgB,EAAC;gBACpC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,wBAAwB;gBACnC,WAAW,EAAE,0CAA0C;gBACvD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,qEAAqE;gBAC1E,iBAAiB,EAAE,oCAAoC;aACxD,CAAC;YACF,qBAAqB,EAAE,IAAA,gCAAgB,EAAC;gBACtC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,yBAAyB;gBACpC,WAAW,EAAE,oCAAoC;gBACjD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,kCAAkC;gBACvC,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,qBAAqB;gBAChC,WAAW,EAAE,4BAA4B;gBACzC,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,kDAAkD;gBACvD,iBAAiB,EAAE,8CAA8C;aAClE,CAAC;YACF,sBAAsB,EAAE,IAAA,gCAAgB,EAAC;gBACvC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,0BAA0B;gBACrC,WAAW,EAAE,yCAAyC;gBACtD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,2DAA2D;gBAChE,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,uBAAuB,EAAE,IAAA,gCAAgB,EAAC;gBACxC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,2BAA2B;gBACtC,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,+DAA+D;gBACpE,iBAAiB,EAAE,oCAAoC;aACxD,CAAC;YACF,mBAAmB,EAAE,IAAA,gCAAgB,EAAC;gBACpC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,sBAAsB;gBACjC,WAAW,EAAE,mCAAmC;gBAChD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,6DAA6D;gBAClE,iBAAiB,EAAE,2CAA2C;aAC/D,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,aAAa,EAAE;wBACb,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,WAAW,EAAE,cAAc,EAAE,cAAc,EAAE,UAAU,EAAE,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,eAAe,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,CAAC;qBAClK;oBACD,oBAAoB,EAAE;wBACpB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,eAAe,EAAE,aAAa,EAAE,WAAW,EAAE,qBAAqB,CAAC;qBAC9E;oBACD,WAAW,EAAE;wBACX,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,QAAQ,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,CAAC;qBAC7D;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,kEAAkE;qBAChF;oBACD,kBAAkB,EAAE;wBAClB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,0DAA0D;qBACxE;oBACD,UAAU,EAAE;wBACV,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,oDAAoD;qBAClE;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,aAAa,EAAE,CAAC,WAAW,EAAE,cAAc,EAAE,cAAc,EAAE,UAAU,EAAE,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,eAAe,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,CAAC;YACvK,oBAAoB,EAAE,CAAC,eAAe,EAAE,aAAa,EAAE,WAAW,EAAE,qBAAqB,CAAC;YAC1F,WAAW,EAAE,CAAC,QAAQ,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,CAAC;YAChE,iBAAiB,EAAE,EAAE;YACrB,kBAAkB,EAAE,EAAE;YACtB,UAAU,EAAE,KAAK;SAClB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACJ,aAAa,GAAG,CAAC,WAAW,EAAE,cAAc,EAAE,cAAc,EAAE,UAAU,EAAE,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,eAAe,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,CAAC,EACxK,oBAAoB,GAAG,CAAC,eAAe,EAAE,aAAa,EAAE,WAAW,EAAE,qBAAqB,CAAC,EAC3F,WAAW,GAAG,CAAC,QAAQ,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,CAAC,EACjE,iBAAiB,GAAG,EAAE,EACtB,kBAAkB,GAAG,EAAE,EACvB,UAAU,GAAG,KAAK,GACnB,GAAY,OAAO,CAAC;QAErB,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;QAC5D,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QAE3D,qDAAqD;QACrD,MAAM,aAAa,GAAG,IAAA,mCAAmB,EAAC;YACxC,iBAAiB;YACjB,kBAAkB;YAClB,kBAAkB,EAAE,EAAE;YACtB,UAAU;SACX,CAAC,CAAC;QAEH,yBAAyB;QACzB,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAC;QAErC;;WAEG;QACH,MAAM,YAAY,GAAG,CAAC,OAAe,EAAW,EAAE;YAChD,OAAO,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC;gBACvB,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QACtF,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,qBAAqB,GAAG,CAAC,SAAwB,EAAW,EAAE;YAClE,IAAI,SAAS,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBACpC,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;gBAC7C,IAAI,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAC3F,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAC1B,EAAE,CAAC;oBACA,OAAO,IAAI,CAAC;gBAChB,CAAC;gBAED,4BAA4B;gBAC5B,IAAI,YAAY,GAAG,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;gBAClD,IAAI,QAAQ,GAAG,IAAI,CAAC;gBACpB,OAAM,YAAY,EAAE,CAAC;oBACjB,QAAQ,GAAG,YAAY,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,CAAC,CAAC;oBACvE,IAAI,QAAQ;wBAAE,MAAM;oBACpB,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC;gBACtC,CAAC;gBAED,IAAI,QAAQ,IAAI,QAAQ,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACtC,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;oBAC7B,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;wBAC3C,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC;wBAE3B,uEAAuE;wBACvE,IAAI,IAAI,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;4BACnC,MAAM,UAAU,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;4BACjE,MAAM,YAAY,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;4BAErE,MAAM,QAAQ,GAAG,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;4BAChF,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gCACzE,OAAO,IAAI,CAAC;4BAChB,CAAC;wBACL,CAAC;wBAED,kGAAkG;wBAClG,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;4BACjC,gDAAgD;4BAChD,MAAM,uBAAuB,GAAG,CAAC,QAAQ,EAAE,UAAU,EAAE,YAAY,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;4BAC1F,IAAI,gBAAgB,GAAG,KAAK,CAAC;4BAE7B,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gCACpC,gBAAgB,GAAG,uBAAuB,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;4BACxF,CAAC;4BAED,sEAAsE;4BACtE,IAAI,gBAAgB,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gCAChD,OAAO,qBAAqB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;4BACpD,CAAC;wBACL,CAAC;wBAED,4CAA4C;wBAC5C,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,EAAE,CAAC;4BAC7D,OAAO,qBAAqB,CAAC,IAAI,CAAC,CAAC;wBACvC,CAAC;oBACL,CAAC;gBACN,CAAC;YACH,CAAC;YAED,2DAA2D;YAC3D,IAAI,SAAS,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;gBACtC,MAAM,uBAAuB,GAAG,CAAC,QAAQ,EAAE,UAAU,EAAE,YAAY,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;gBAC1F,IAAI,SAAS,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACtC,uBAAuB,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1D,yCAAyC;oBACzC,KAAK,MAAM,GAAG,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;wBACpC,IAAI,qBAAqB,CAAC,GAAG,CAAC,EAAE,CAAC;4BAC7B,OAAO,IAAI,CAAC;wBAChB,CAAC;oBACL,CAAC;gBACL,CAAC;YACL,CAAC;YAED,2CAA2C;YAC3C,IAAI,SAAS,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;gBACxC,MAAM,IAAI,GAAG,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;gBACzD,MAAM,QAAQ,GAAG,CAAC,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;gBACvF,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBACvC,OAAO,IAAI,CAAC;gBAChB,CAAC;YACL,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,gBAAgB,GAAG,CAAC,SAAwB,EAAW,EAAE;YAC7D,uDAAuD;YACvD,IAAI,SAAS,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,SAAS,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACxE,OAAO,SAAS,CAAC,KAAK,IAAI,CAAC,CAAC;YAC9B,CAAC;YAED,wEAAwE;YACxE,IAAI,SAAS,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBACpC,IAAI,OAAO,GAA8B,SAAS,CAAC;gBAEnD,2DAA2D;gBAC3D,OAAO,OAAO,EAAE,CAAC;oBACf,2CAA2C;oBAC3C,IAAI,OAAO,CAAC,IAAI,KAAK,oBAAoB;wBACrC,OAAO,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY;wBAChC,OAAO,CAAC,EAAE,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI;wBAClC,OAAO,CAAC,IAAI,EAAE,CAAC;wBAEjB,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;wBAE1B,iDAAiD;wBACjD,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB;4BAC9B,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;4BACjC,oBAAoB,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;4BACpD,OAAO,IAAI,CAAC;wBACd,CAAC;wBAED,yDAAyD;wBACzD,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB;4BAC9B,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;4BACvC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;4BACxC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,MAAM;4BAClC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;4BAC1C,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,KAAK,CAAC,EAAE,CAAC;4BACjF,OAAO,IAAI,CAAC;wBACd,CAAC;wBAED,MAAM;oBACR,CAAC;oBAED,sFAAsF;oBACtF,IAAI,OAAO,CAAC,IAAI,KAAK,qBAAqB;wBACtC,OAAO,CAAC,IAAI,KAAK,oBAAoB;wBACrC,OAAO,CAAC,IAAI,KAAK,yBAAyB,EAAE,CAAC;wBAC/C,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;wBAC9B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;4BAC3B,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,EAAE,CAAC;gCACjE,OAAO,IAAI,CAAC,CAAC,4CAA4C;4BAC3D,CAAC;wBACH,CAAC;oBACH,CAAC;oBAED,OAAO,GAAG,OAAO,CAAC,MAAuB,CAAC;gBAC5C,CAAC;YACH,CAAC;YAED,2DAA2D;YAC3D,IAAI,SAAS,CAAC,IAAI,KAAK,gBAAgB;gBACnC,SAAS,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACtC,oBAAoB,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBACzD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,cAAc,GAAG,CAAC,UAAkB,EAAE,SAAwB,EAAW,EAAE;YAC/E,uDAAuD;YACvD,IAAI,OAAO,GAA8B,SAAS,CAAC;YAEnD,OAAO,OAAO,EAAE,CAAC;gBACf,+BAA+B;gBAC/B,IAAI,OAAO,CAAC,IAAI,KAAK,qBAAqB;oBACtC,OAAO,CAAC,IAAI,KAAK,oBAAoB;oBACrC,OAAO,CAAC,IAAI,KAAK,yBAAyB,EAAE,CAAC;oBAC/C,MAAM;gBACR,CAAC;gBAED,2CAA2C;gBAC3C,IAAI,OAAO,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;oBACnC,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;oBAC/B,MAAM,aAAa,GAAG,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;oBAElE,qCAAqC;oBACrC,IAAI,aAAa,CAAC,QAAQ,CAAC,GAAG,UAAU,SAAS,CAAC;wBAC9C,CAAC,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC;4BAC3D,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC;4BAC3D,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;wBACnE,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;gBAED,6DAA6D;gBAC7D,IAAI,OAAO,CAAC,IAAI,KAAK,qBAAqB,EAAE,CAAC;oBAC3C,KAAK,MAAM,UAAU,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;wBAC9C,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;4BACpB,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;4BACnE,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,UAAU,SAAS,CAAC;gCACzC,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;oCAC9D,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;gCACnE,OAAO,IAAI,CAAC;4BACd,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,kFAAkF;gBAClF,IAAI,OAAO,CAAC,IAAI,KAAK,iBAAiB,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;oBAC3D,MAAM,UAAU,GAAG,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;oBACtE,IAAI,UAAU,CAAC,QAAQ,CAAC,GAAG,UAAU,SAAS,CAAC,EAAE,CAAC;wBAChD,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;gBAED,OAAO,GAAG,OAAO,CAAC,MAAuB,CAAC;YAC5C,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,SAAwB,EAAW,EAAE;YAC5D,qCAAqC;YACrC,qCAAqC;YACrC,IAAI,SAAS,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,SAAS,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACxE,OAAO,SAAS,CAAC,KAAK,GAAG,CAAC,CAAC;YAC7B,CAAC;YAED,uDAAuD;YACvD,IAAI,SAAS,CAAC,IAAI,KAAK,iBAAiB;gBACpC,SAAS,CAAC,QAAQ,KAAK,GAAG;gBAC1B,SAAS,CAAC,QAAQ,CAAC,IAAI,KAAK,SAAS;gBACrC,OAAO,SAAS,CAAC,QAAQ,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACjD,OAAO,IAAI,CAAC,CAAC,uCAAuC;YACtD,CAAC;YAED,0EAA0E;YAC1E,IAAI,SAAS,CAAC,IAAI,KAAK,kBAAkB,IAAI,SAAS,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;gBACxE,gEAAgE;gBAChE,OAAO,IAAI,CAAC,CAAC,4CAA4C;YAC3D,CAAC;YAED,yEAAyE;YACzE,IAAI,SAAS,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBACpC,gEAAgE;gBAChE,iFAAiF;gBACjF,IAAI,OAAO,GAA8B,SAAS,CAAC;gBAEnD,OAAO,OAAO,EAAE,CAAC;oBACf,IAAI,OAAO,CAAC,IAAI,KAAK,oBAAoB,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;wBAC1D,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,KAAK,SAAS;4BAC/B,OAAO,OAAO,CAAC,IAAI,CAAC,KAAK,KAAK,QAAQ;4BACtC,OAAO,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,EAAE,CAAC;4BAC3B,OAAO,IAAI,CAAC;wBACd,CAAC;wBACD,oCAAoC;wBACpC,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,KAAK,iBAAiB;4BACvC,OAAO,CAAC,IAAI,CAAC,QAAQ,KAAK,GAAG;4BAC7B,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,SAAS;4BACxC,OAAO,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;4BACpD,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;oBACD,OAAO,GAAG,OAAO,CAAC,MAAuB,CAAC;gBAC5C,CAAC;YACH,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF,OAAO;YACL,qCAAqC;YACrC,kBAAkB,CAAC,IAAiC;gBAClD,IAAI,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;oBAC/C,MAAM,OAAO,GAAG,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC;oBAE7B,kCAAkC;oBAClC,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,eAAe;wBAClC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;wBACtC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;wBAChD,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;oBAC1B,CAAC;oBAED,yDAAyD;oBACzD,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,gBAAgB;wBACnC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;wBAC5C,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;wBAC7C,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,QAAQ;wBACzC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;wBAC/C,CAAC,MAAM,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC7E,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;oBAC3B,CAAC;oBAED,2CAA2C;oBAC3C,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;wBACxC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC;wBAChC,IAAI,MAAM,CAAC,IAAI,KAAK,kBAAkB;4BAClC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;4BACrC,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;4BACjD,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;wBAC1B,CAAC;oBACH,CAAC;oBAED,+BAA+B;oBAC/B,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;wBACjF,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;oBAC1B,CAAC;gBACH,CAAC;YACH,CAAC;YAED,4DAA4D;YAC5D,gBAAgB,CAAC,IAA+B;gBAC9C,iCAAiC;gBACjC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBACvD,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;oBACpC,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC;oBAEhC,IAAI,YAAY,CAAC,UAAU,CAAC,EAAE,CAAC;wBAC7B,6BAA6B;wBAC7B,IAAI,eAAe,CAAC,SAAS,CAAC,EAAE,CAAC;4BAC/B,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI;gCACJ,SAAS,EAAE,qBAAqB;gCAChC,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;6BACF,CAAC,CAAC;4BACH,OAAO;wBACT,CAAC;wBAED,uDAAuD;wBACvD,IAAI,qBAAqB,CAAC,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,EAAE,CAAC;4BACrE,2CAA2C;4BAC3C,IAAI,CAAC,cAAc,CAAC,UAAU,EAAE,SAAS,CAAC,EAAE,CAAC;gCAC3C,oGAAoG;gCACpG,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;oCACxC,OAAO;gCACT,CAAC;gCACD,oBAAoB;gCAEpB,OAAO,CAAC,MAAM,CAAC;oCACb,IAAI;oCACJ,SAAS,EAAE,2BAA2B;oCACtC,IAAI,EAAE;wCACJ,QAAQ,EAAE,QAAQ;wCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;qCACxC;iCACF,CAAC,CAAC;gCACH,OAAO;4BACT,CAAC;wBACH,CAAC;wBAED,yCAAyC;wBACzC,IAAI,CAAC,cAAc,CAAC,UAAU,EAAE,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,EAAE,CAAC;4BAC7E,oGAAoG;4BACpG,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;gCACxC,OAAO;4BACT,CAAC;4BACD,oBAAoB;4BAElB,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI;gCACJ,SAAS,EAAE,oBAAoB;gCAC/B,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;6BACF,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,0DAA0D;gBAC1D,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;oBACnC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;oBAC1C,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACjC,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBAEnC,6DAA6D;gBAC/D,CAAC;YACH,CAAC;YAED,4BAA4B;YAC5B,cAAc,CAAC,IAA6B;gBAC1C,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;gBAE3B,iCAAiC;gBACjC,IAAI,MAAM,CAAC,IAAI,KAAK,kBAAkB;oBAClC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;oBACrC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,OAAO;oBAChC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACnC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBAErC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;oBAE5B,wBAAwB;oBACxB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;wBACvB,IAAI,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;4BAC3D,oGAAoG;4BAClG,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;gCACxC,SAAS;4BACX,CAAC;4BACD,oBAAoB;4BAEpB,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI,EAAE,GAAG;gCACT,SAAS,EAAE,mBAAmB;gCAC9B,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;6BACF,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,sCAAsC;gBACtC,IAAI,MAAM,CAAC,IAAI,KAAK,kBAAkB;oBAClC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;oBACrC,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;oBAC5C,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACnC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBAErC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;oBAE5B,gCAAgC;oBAChC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;wBACvB,IAAI,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;4BACzD,oGAAoG;4BACpG,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;gCACxC,SAAS;4BACX,CAAC;4BACD,oBAAoB;4BAEpB,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI,EAAE,GAAG;gCACT,SAAS,EAAE,oBAAoB;gCAC/B,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;6BACF,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,gEAAgE;YAChE,gBAAgB,CAAC,IAA+B;gBAC9C,uFAAuF;gBACvF,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAC/C,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAEjD,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;oBAClE,+DAA+D;gBACjE,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}

package/src/rules/{security/no-clickjacking.js → no-clickjacking/index.js} RENAMED Viewed

@@ -250,10 +250,11 @@ exports.noClickjacking = (0, eslint_devkit_1.createRule)({
                         }
                     }
                     if (hasSrc && srcValue && !isTrustedSource(srcValue)) {
-                        // FALSE POSITIVE REDUCTION
+                        /* c8 ignore start -- safetyChecker requires JSDoc annotations not testable via RuleTester */
                         if (safetyChecker.isSafe(node, context)) {
                             return;
                         }
+                        /* c8 ignore stop */
                         context.report({
                             node: node.openingElement,
                             messageId: 'unsafeIframeUsage',
@@ -297,10 +298,11 @@ exports.noClickjacking = (0, eslint_devkit_1.createRule)({
                             current = current.parent;
                         }
                         if (isFrameManipulation) {
-                            // FALSE POSITIVE REDUCTION
+                            /* c8 ignore start -- safetyChecker requires JSDoc annotations not testable via RuleTester */
                             if (safetyChecker.isSafe(node, context)) {
                                 return;
                             }
+                            /* c8 ignore stop */
                             context.report({
                                 node,
                                 messageId: 'frameManipulation',
@@ -320,10 +322,11 @@ exports.noClickjacking = (0, eslint_devkit_1.createRule)({
                     const text = node.value.toLowerCase();
                     if ((text.includes('style=') || text.includes('css')) &&
                         hasTransparentStyles(text)) {
-                        // FALSE POSITIVE REDUCTION
+                        /* c8 ignore start -- safetyChecker requires JSDoc annotations not testable via RuleTester */
                         if (safetyChecker.isSafe(node, context)) {
                             return;
                         }
+                        /* c8 ignore stop */
                         context.report({
                             node,
                             messageId: 'transparentFrameOverlay',
@@ -340,10 +343,11 @@ exports.noClickjacking = (0, eslint_devkit_1.createRule)({
                 if (detectTransparentOverlays) {
                     const text = sourceCode.getText(node).toLowerCase();
                     if (text.includes('style') && hasTransparentStyles(text)) {
-                        // FALSE POSITIVE REDUCTION
+                        /* c8 ignore start -- safetyChecker requires JSDoc annotations not testable via RuleTester */
                         if (safetyChecker.isSafe(node, context)) {
                             return;
                         }
+                        /* c8 ignore stop */
                         context.report({
                             node,
                             messageId: 'transparentFrameOverlay',
@@ -358,11 +362,21 @@ exports.noClickjacking = (0, eslint_devkit_1.createRule)({
             // At the end of the file, check if frame-busting is required but missing
             'Program:exit'() {
                 if (requireFrameBusting && !hasFrameBusting) {
-                    // Check if this file likely needs frame protection (has UI elements)
+                    // Only check files that are likely entry points or render HTML
+                    const isEntryPoint = /\.(html|htm)$/.test(filename) ||
+                        /(index|app|main|page)\.(tsx|jsx)$/i.test(filename) ||
+                        /pages?\/.*\.(tsx|jsx)$/i.test(filename) ||
+                        /layout\.(tsx|jsx)$/i.test(filename);
+                    // Skip non-entry point files
+                    if (!isEntryPoint) {
+                        return;
+                    }
+                    // Check if this file has actual UI rendering (JSX elements with event handlers)
                     const fileContent = sourceCode.getText();
-                    const hasUIElements = /\b(button|input|form|a|div)\b/i.test(fileContent) ||
-                        fileContent.includes('onClick') ||
-                        fileContent.includes('onSubmit');
+                    const hasUIElements = fileContent.includes('<button') ||
+                        fileContent.includes('<form') ||
+                        fileContent.includes('<input') ||
+                        (fileContent.includes('onClick') && fileContent.includes('<'));
                     if (hasUIElements) {
                         context.report({
                             node: context.sourceCode.ast,
@@ -378,4 +392,4 @@ exports.noClickjacking = (0, eslint_devkit_1.createRule)({
         };
     },
 });
-//# sourceMappingURL=no-clickjacking.js.map
+//# sourceMappingURL=index.js.map

package/src/rules/no-clickjacking/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/no-clickjacking/index.ts"],"names":[],"mappings":";;;AAgBA,4DAAsD;AACtD,4DAA0E;AAC1E,4DAGkC;AA8BrB,QAAA,cAAc,GAAG,IAAA,0BAAU,EAA0B;IAChE,IAAI,EAAE,iBAAiB;IACvB,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,oEAAoE;SAClF;QACD,OAAO,EAAE,MAAM;QACf,cAAc,EAAE,IAAI;QACpB,QAAQ,EAAE;YACR,yBAAyB,EAAE,IAAA,gCAAgB,EAAC;gBAC1C,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,4BAA4B;gBACvC,GAAG,EAAE,UAAU;gBACf,WAAW,EAAE,iCAAiC;gBAC9C,QAAQ,EAAE,cAAc;gBACxB,GAAG,EAAE,qBAAqB;gBAC1B,iBAAiB,EAAE,sFAAsF;aAC1G,CAAC;YACF,mBAAmB,EAAE,IAAA,gCAAgB,EAAC;gBACpC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,uBAAuB;gBAClC,GAAG,EAAE,UAAU;gBACf,WAAW,EAAE,+CAA+C;gBAC5D,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,iDAAiD;gBACtD,iBAAiB,EAAE,sFAAsF;aAC1G,CAAC;YACF,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,qBAAqB;gBAChC,GAAG,EAAE,UAAU;gBACf,WAAW,EAAE,wCAAwC;gBACrD,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,uDAAuD;gBAC5D,iBAAiB,EAAE,sFAAsF;aAC1G,CAAC;YACF,oBAAoB,EAAE,IAAA,gCAAgB,EAAC;gBACrC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,yBAAyB;gBACpC,GAAG,EAAE,UAAU;gBACf,WAAW,EAAE,gCAAgC;gBAC7C,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,yCAAyC;gBAC9C,iBAAiB,EAAE,2EAA2E;aAC/F,CAAC;YACF,wBAAwB,EAAE,IAAA,gCAAgB,EAAC;gBACzC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,6BAA6B;gBACxC,GAAG,EAAE,UAAU;gBACf,WAAW,EAAE,8CAA8C;gBAC3D,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,gDAAgD;gBACrD,iBAAiB,EAAE,mGAAmG;aACvH,CAAC;YACF,uBAAuB,EAAE,IAAA,gCAAgB,EAAC;gBACxC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,2BAA2B;gBACtC,GAAG,EAAE,UAAU;gBACf,WAAW,EAAE,oDAAoD;gBACjE,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,sCAAsC;gBAC3C,iBAAiB,EAAE,sFAAsF;aAC1G,CAAC;YACF,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,oBAAoB;gBAC/B,GAAG,EAAE,UAAU;gBACf,WAAW,EAAE,2CAA2C;gBACxD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,yDAAyD;gBAC9D,iBAAiB,EAAE,sFAAsF;aAC1G,CAAC;YACF,qBAAqB,EAAE,IAAA,gCAAgB,EAAC;gBACtC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,yBAAyB;gBACpC,WAAW,EAAE,mCAAmC;gBAChD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,2CAA2C;gBAChD,iBAAiB,EAAE,sFAAsF;aAC1G,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,qBAAqB;gBAChC,WAAW,EAAE,iCAAiC;gBAC9C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,uBAAuB;gBAC5B,iBAAiB,EAAE,2EAA2E;aAC/F,CAAC;YACF,oBAAoB,EAAE,IAAA,gCAAgB,EAAC;gBACrC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,yBAAyB;gBACpC,WAAW,EAAE,yCAAyC;gBACtD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,8CAA8C;gBACnD,iBAAiB,EAAE,mGAAmG;aACvH,CAAC;YACF,uBAAuB,EAAE,IAAA,gCAAgB,EAAC;gBACxC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,2BAA2B;gBACtC,WAAW,EAAE,+CAA+C;gBAC5D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,sDAAsD;gBAC3D,iBAAiB,EAAE,sFAAsF;aAC1G,CAAC;YACF,uBAAuB,EAAE,IAAA,gCAAgB,EAAC;gBACxC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,2BAA2B;gBACtC,WAAW,EAAE,yCAAyC;gBACtD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,2CAA2C;gBAChD,iBAAiB,EAAE,uDAAuD;aAC3E,CAAC;YACF,uBAAuB,EAAE,IAAA,gCAAgB,EAAC;gBACxC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,2BAA2B;gBACtC,WAAW,EAAE,gDAAgD;gBAC7D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,4CAA4C;gBACjD,iBAAiB,EAAE,sFAAsF;aAC1G,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,cAAc,EAAE;wBACd,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,MAAM,EAAE,aAAa,CAAC;qBACjC;oBACD,mBAAmB,EAAE;wBACnB,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,IAAI;qBACd;oBACD,yBAAyB,EAAE;wBACzB,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,IAAI;qBACd;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,2DAA2D;qBACzE;oBACD,kBAAkB,EAAE;wBAClB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,0DAA0D;qBACxE;oBACD,UAAU,EAAE;wBACV,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,oDAAoD;qBAClE;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,cAAc,EAAE,CAAC,MAAM,EAAE,aAAa,CAAC;YACvC,mBAAmB,EAAE,IAAI;YACzB,yBAAyB,EAAE,IAAI;YAC/B,iBAAiB,EAAE,EAAE;YACrB,kBAAkB,EAAE,EAAE;YACtB,UAAU,EAAE,KAAK;SAClB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACJ,cAAc,GAAG,CAAC,MAAM,EAAE,aAAa,CAAC,EACxC,mBAAmB,GAAG,IAAI,EAC1B,yBAAyB,GAAG,IAAI,EAChC,iBAAiB,GAAG,EAAE,EACtB,kBAAkB,GAAG,EAAE,EACvB,UAAU,GAAG,KAAK,GACnB,GAAY,OAAO,CAAC;QAErB,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;QAC5D,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QAE3D,qDAAqD;QACrD,MAAM,aAAa,GAAG,IAAA,mCAAmB,EAAC;YACxC,iBAAiB;YACjB,kBAAkB;YAClB,kBAAkB,EAAE,EAAE;YACtB,UAAU;SACX,CAAC,CAAC;QAEH,yCAAyC;QACzC,IAAI,eAAe,GAAG,KAAK,CAAC;QAE5B;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,MAAc,EAAW,EAAE;YAClD,OAAO,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CACnC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC;gBACxB,CAAC,OAAO,KAAK,MAAM,IAAI,CAAC,MAAM,KAAK,MAAM,IAAI,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;gBACrE,CAAC,OAAO,KAAK,aAAa,IAAI,MAAM,KAAK,aAAa,CAAC,CACxD,CAAC;QACJ,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,IAA0B,EAAW,EAAE;YACjE,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;YACvB,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;YAExD,yCAAyC;YACzC,OAAO,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC;gBAChC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC;gBACjC,QAAQ,CAAC,QAAQ,CAAC,4BAA4B,CAAC;gBAC/C,QAAQ,CAAC,QAAQ,CAAC,gBAAgB,CAAC;gBACnC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC;gBACjC,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;QAC5C,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,oBAAoB,GAAG,CAAC,SAAiB,EAAW,EAAE;YAC1D,MAAM,MAAM,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;YACvC,OAAO,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC;gBAC7B,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC;gBAC5B,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAAC;gBACrC,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC;gBAChC,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC;gBAC9B,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;QAC1G,CAAC,CAAC;QAEF,OAAO;YACL,+BAA+B;YAC/B,WAAW,CAAC,IAA0B;gBACpC,IAAI,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC7B,eAAe,GAAG,IAAI,CAAC;gBACzB,CAAC;YACH,CAAC;YAED,qCAAqC;YACrC,UAAU,CAAC,IAAyB;gBAClC,IAAI,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,KAAK,eAAe;oBACjD,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAE/C,0BAA0B;oBAC1B,MAAM,UAAU,GAAG,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC;oBAClD,IAAI,MAAM,GAAG,KAAK,CAAC;oBACnB,IAAI,QAAQ,GAAG,EAAE,CAAC;oBAElB,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;wBAC9B,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc;4BAC5B,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,eAAe;4BAClC,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK;4BACxB,IAAI,CAAC,KAAK,EAAE,CAAC;4BAEf,MAAM,GAAG,IAAI,CAAC;4BACd,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gCAC1E,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;4BAC9B,CAAC;wBACH,CAAC;oBACH,CAAC;oBAED,IAAI,MAAM,IAAI,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;wBACrD,6FAA6F;wBAC7F,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;4BACxC,OAAO;wBACT,CAAC;wBACD,oBAAoB;wBAEpB,OAAO,CAAC,MAAM,CAAC;4BACb,IAAI,EAAE,IAAI,CAAC,cAAc;4BACzB,SAAS,EAAE,mBAAmB;4BAC9B,IAAI,EAAE;gCACJ,QAAQ,EAAE,QAAQ;gCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;6BACxC;yBACF,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAED,oCAAoC;YACpC,gBAAgB,CAAC,IAA+B;gBAC9C,mDAAmD;gBACnD,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACjC,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;oBAElE,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;wBACnC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,KAAK,CAAC,EAAE,CAAC;wBAExE,8CAA8C;wBAC9C,IAAI,OAAO,GAA8B,IAAI,CAAC;wBAC9C,IAAI,mBAAmB,GAAG,KAAK,CAAC;wBAEhC,wDAAwD;wBACxD,OAAO,OAAO,IAAI,CAAC,mBAAmB,EAAE,CAAC;4BACvC,IAAI,OAAO,CAAC,IAAI,KAAK,sBAAsB;gCACvC,OAAO,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;gCAC1B,mBAAmB,GAAG,IAAI,CAAC;gCAC3B,MAAM;4BACR,CAAC;4BACD,IAAI,OAAO,CAAC,IAAI,KAAK,kBAAkB;gCACnC,CAAC,OAAO,CAAC,IAAI,KAAK,IAAI,IAAI,OAAO,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAC;gCACtD,8BAA8B;gCAC9B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;gCAClC,IAAI,QAAQ,KAAK,IAAI,IAAI,QAAQ,KAAK,KAAK;oCACvC,QAAQ,KAAK,IAAI,IAAI,QAAQ,KAAK,KAAK,EAAE,CAAC;oCAC5C,mCAAmC;oCACnC,MAAM;gCACR,CAAC;gCACD,mBAAmB,GAAG,IAAI,CAAC;gCAC3B,MAAM;4BACR,CAAC;4BACD,OAAO,GAAG,OAAO,CAAC,MAAuB,CAAC;wBAC5C,CAAC;wBAED,IAAI,mBAAmB,EAAE,CAAC;4BACxB,6FAA6F;4BAC7F,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;gCACxC,OAAO;4BACT,CAAC;4BACD,oBAAoB;4BAEpB,OAAO,CAAC,MAAM,CAAC;gCACb,IAAI;gCACJ,SAAS,EAAE,mBAAmB;gCAC9B,IAAI,EAAE;oCACJ,QAAQ,EAAE,QAAQ;oCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;iCACxC;6BACF,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,qDAAqD;YACrD,OAAO,CAAC,IAAsB;gBAC5B,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,IAAI,yBAAyB,EAAE,CAAC;oBAChE,+BAA+B;oBAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;oBAEtC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;wBACjD,oBAAoB,CAAC,IAAI,CAAC,EAAE,CAAC;wBAE/B,6FAA6F;wBAC7F,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;4BACxC,OAAO;wBACT,CAAC;wBACD,oBAAoB;wBAEpB,OAAO,CAAC,MAAM,CAAC;4BACb,IAAI;4BACJ,SAAS,EAAE,yBAAyB;4BACpC,IAAI,EAAE;gCACJ,QAAQ,EAAE,QAAQ;gCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;6BACxC;yBACF,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAED,kCAAkC;YAClC,eAAe,CAAC,IAA8B;gBAC5C,IAAI,yBAAyB,EAAE,CAAC;oBAC9B,MAAM,IAAI,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;oBAEpD,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,oBAAoB,CAAC,IAAI,CAAC,EAAE,CAAC;wBACzD,6FAA6F;wBAC7F,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;4BACxC,OAAO;wBACT,CAAC;wBACD,oBAAoB;wBAEpB,OAAO,CAAC,MAAM,CAAC;4BACb,IAAI;4BACJ,SAAS,EAAE,yBAAyB;4BACpC,IAAI,EAAE;gCACJ,QAAQ,EAAE,QAAQ;gCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;6BACxC;yBACF,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAED,yEAAyE;YACzE,cAAc;gBACZ,IAAI,mBAAmB,IAAI,CAAC,eAAe,EAAE,CAAC;oBAC5C,+DAA+D;oBAC/D,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC;wBAC/B,oCAAoC,CAAC,IAAI,CAAC,QAAQ,CAAC;wBACnD,yBAAyB,CAAC,IAAI,CAAC,QAAQ,CAAC;wBACxC,qBAAqB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;oBAEzD,6BAA6B;oBAC7B,IAAI,CAAC,YAAY,EAAE,CAAC;wBAClB,OAAO;oBACT,CAAC;oBAED,gFAAgF;oBAChF,MAAM,WAAW,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC;oBACzC,MAAM,aAAa,GAAG,WAAW,CAAC,QAAQ,CAAC,SAAS,CAAC;wBAChC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC;wBAC7B,WAAW,CAAC,QAAQ,CAAC,QAAQ,CAAC;wBAC9B,CAAC,WAAW,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;oBAEpF,IAAI,aAAa,EAAE,CAAC;wBAClB,OAAO,CAAC,MAAM,CAAC;4BACb,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,GAAG;4BAC5B,SAAS,EAAE,qBAAqB;4BAChC,IAAI,EAAE;gCACJ,QAAQ,EAAE,QAAQ;gCAClB,IAAI,EAAE,GAAG;6BACV;yBACF,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}

package/src/rules/no-client-side-auth-logic/index.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+/**
+ * @fileoverview Prevent authentication logic in client code
+ */
+export interface Options {
+}
+export declare const noClientSideAuthLogic: ESLintUtils.RuleModule<MessageIds, Options, unknown, ESLintUtils.RuleListener>;

package/src/rules/no-client-side-auth-logic/index.js ADDED Viewed

@@ -0,0 +1,70 @@
+"use strict";
+/**
+ * @fileoverview Prevent authentication logic in client code
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.noClientSideAuthLogic = void 0;
+const eslint_devkit_1 = require("@interlace/eslint-devkit");
+exports.noClientSideAuthLogic = (0, eslint_devkit_1.createRule)({
+    name: 'no-client-side-auth-logic',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Prevent authentication logic in client code',
+        },
+        messages: {
+            violationDetected: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.SECURITY,
+                issueName: 'Client-Side Auth Logic',
+                cwe: 'CWE-602',
+                description: 'Authentication logic in client code - easily bypassed',
+                severity: 'CRITICAL',
+                fix: 'Move authentication checks to the server',
+                documentationLink: 'https://cwe.mitre.org/data/definitions/602.html',
+            })
+        },
+        schema: [],
+    },
+    defaultOptions: [],
+    create(context) {
+        function report(node) {
+            context.report({ node, messageId: 'violationDetected' });
+        }
+        const authKeywords = ['admin', 'authenticated', 'authorized', 'isAdmin', 'isAuthenticated', 'role'];
+        return {
+            IfStatement(node) {
+                // Detect role/auth checks from localStorage
+                if (node.test.type === 'CallExpression' &&
+                    node.test.callee.type === 'MemberExpression' &&
+                    node.test.callee.object.type === 'Identifier' &&
+                    node.test.callee.object.name === 'localStorage' &&
+                    node.test.callee.property.type === 'Identifier' &&
+                    node.test.callee.property.name === 'getItem') {
+                    const keyArg = node.test.arguments[0];
+                    if (keyArg && keyArg.type === 'Literal') {
+                        const key = String(keyArg.value).toLowerCase();
+                        if (authKeywords.some(kw => key.includes(kw))) {
+                            report(node);
+                        }
+                    }
+                }
+                // Detect password comparison
+                if (node.test.type === 'BinaryExpression') {
+                    const checkMember = (expr) => {
+                        if (expr.type === 'MemberExpression' &&
+                            expr.property.type === 'Identifier' &&
+                            ['password', 'secret', 'token'].includes(expr.property.name)) {
+                            return true;
+                        }
+                        return false;
+                    };
+                    if (checkMember(node.test.left) ||
+                        checkMember(node.test.right)) {
+                        report(node);
+                    }
+                }
+            },
+        };
+    },
+});
+//# sourceMappingURL=index.js.map

package/src/rules/no-client-side-auth-logic/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/no-client-side-auth-logic/index.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,4DAAsF;AAUzE,QAAA,qBAAqB,GAAG,IAAA,0BAAU,EAA0B;IACvE,IAAI,EAAE,2BAA2B;IACjC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,6CAA6C;SAC3D;QACD,QAAQ,EAAE;YACR,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,wBAAwB;gBACnC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,uDAAuD;gBACpE,QAAQ,EAAE,UAAU;gBACpB,GAAG,EAAE,0CAA0C;gBAC/C,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;SACH;QACD,MAAM,EAAE,EAAE;KACX;IACD,cAAc,EAAE,EAAE;IAClB,MAAM,CAAC,OAAO;QACZ,SAAS,MAAM,CAAC,IAAmB;YACjC,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,YAAY,GAAG,CAAC,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,CAAC,CAAC;QAEpG,OAAO;YACL,WAAW,CAAC,IAA0B;gBACpC,4CAA4C;gBAC5C,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,gBAAgB;oBACnC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;oBAC5C,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBAC7C,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,cAAc;oBAC/C,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;oBAC/C,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;oBAEjD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oBACtC,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;wBACxC,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;wBAC/C,IAAI,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;4BAC9C,MAAM,CAAC,IAAI,CAAC,CAAC;wBACf,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,6BAA6B;gBAC7B,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;oBAC1C,MAAM,WAAW,GAAG,CAAC,IAAyB,EAAE,EAAE;wBAChD,IAAI,IAAI,CAAC,IAAI,KAAK,kBAAkB;4BAChC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;4BACnC,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;4BACjE,OAAO,IAAI,CAAC;wBACd,CAAC;wBACD,OAAO,KAAK,CAAC;oBACf,CAAC,CAAC;oBAEF,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,IAA2B,CAAC;wBAClD,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,KAA4B,CAAC,EAAE,CAAC;wBACxD,MAAM,CAAC,IAAI,CAAC,CAAC;oBACf,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}

package/src/rules/no-credentials-in-query-params/index.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+/**
+ * @fileoverview Disallow credentials in URL query parameters
+ * @see https://owasp.org/www-project-mobile-top-10/
+ * @see https://cwe.mitre.org/data/definitions/598.html
+ */
+export interface Options {
+}
+export declare const noCredentialsInQueryParams: ESLintUtils.RuleModule<MessageIds, Options, unknown, ESLintUtils.RuleListener>;

package/src/rules/no-credentials-in-query-params/index.js ADDED Viewed

@@ -0,0 +1,58 @@
+"use strict";
+/**
+ * @fileoverview Disallow credentials in URL query parameters
+ * @see https://owasp.org/www-project-mobile-top-10/
+ * @see https://cwe.mitre.org/data/definitions/598.html
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.noCredentialsInQueryParams = void 0;
+const eslint_devkit_1 = require("@interlace/eslint-devkit");
+exports.noCredentialsInQueryParams = (0, eslint_devkit_1.createRule)({
+    name: 'no-credentials-in-query-params',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Disallow credentials in URL query parameters',
+        },
+        messages: {
+            violationDetected: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.SECURITY,
+                issueName: 'Credentials in Query Parameters',
+                cwe: 'CWE-798',
+                description: 'Credentials detected in URL query parameters - this is a security risk',
+                severity: 'CRITICAL',
+                fix: 'Use secure methods: POST body, headers (Authorization), or secure cookies',
+                documentationLink: 'https://cwe.mitre.org/data/definitions/798.html',
+            })
+        },
+        schema: [],
+    },
+    defaultOptions: [],
+    create(context) {
+        const sourceCode = context.sourceCode;
+        const sensitiveParams = ['password=', 'token=', 'apikey=', 'secret=', 'auth='];
+        function report(node) {
+            context.report({
+                node,
+                messageId: 'violationDetected',
+            });
+        }
+        return {
+            Literal(node) {
+                if (typeof node.value === 'string') {
+                    const url = node.value.toLowerCase();
+                    if (sensitiveParams.some(param => url.includes('?' + param) || url.includes('&' + param))) {
+                        report(node);
+                    }
+                }
+            },
+            TemplateLiteral(node) {
+                const text = sourceCode.getText(node).toLowerCase();
+                if (sensitiveParams.some(param => text.includes(param))) {
+                    report(node);
+                }
+            },
+        };
+    },
+});
+//# sourceMappingURL=index.js.map

package/src/rules/no-credentials-in-query-params/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/no-credentials-in-query-params/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAEH,4DAAsF;AAUzE,QAAA,0BAA0B,GAAG,IAAA,0BAAU,EAA0B;IAC5E,IAAI,EAAE,gCAAgC;IACtC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,8CAA8C;SAC5D;QACD,QAAQ,EAAE;YACR,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,iCAAiC;gBAC5C,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,wEAAwE;gBACrF,QAAQ,EAAE,UAAU;gBACpB,GAAG,EAAE,2EAA2E;gBAChF,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;SACH;QACD,MAAM,EAAE,EAAE;KACX;IACD,cAAc,EAAE,EAAE;IAClB,MAAM,CAAC,OAAO;QACZ,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;QACtC,MAAM,eAAe,GAAG,CAAC,WAAW,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QAE/E,SAAS,MAAM,CAAC,IAAmB;YACjC,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,mBAAmB;aAC/B,CAAC,CAAC;QACL,CAAC;QAED,OAAO;YACL,OAAO,CAAC,IAAsB;gBAC5B,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACnC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;oBAErC,IAAI,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,GAAG,KAAK,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;wBAC1F,MAAM,CAAC,IAAI,CAAC,CAAC;oBACf,CAAC;gBACH,CAAC;YACH,CAAC;YAED,eAAe,CAAC,IAA8B;gBAC5C,MAAM,IAAI,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;gBAEpD,IAAI,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACxD,MAAM,CAAC,IAAI,CAAC,CAAC;gBACf,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}

package/src/rules/no-credentials-in-storage-api/index.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+/**
+ * @fileoverview Disallow storing credentials in browser/mobile storage APIs
+ */
+export interface Options {
+}
+export declare const noCredentialsInStorageApi: ESLintUtils.RuleModule<MessageIds, Options, unknown, ESLintUtils.RuleListener>;

package/src/rules/no-credentials-in-storage-api/index.js ADDED Viewed

@@ -0,0 +1,55 @@
+"use strict";
+/**
+ * @fileoverview Disallow storing credentials in browser/mobile storage APIs
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.noCredentialsInStorageApi = void 0;
+const eslint_devkit_1 = require("@interlace/eslint-devkit");
+exports.noCredentialsInStorageApi = (0, eslint_devkit_1.createRule)({
+    name: 'no-credentials-in-storage-api',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Disallow storing credentials in browser/mobile storage APIs',
+        },
+        messages: {
+            violationDetected: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.SECURITY,
+                issueName: 'Credentials in Storage',
+                cwe: 'CWE-522',
+                description: 'Credentials stored in insecure browser/mobile storage',
+                severity: 'CRITICAL',
+                fix: 'Use secure storage like Keychain, SecureStore, or encrypted storage',
+                documentationLink: 'https://cwe.mitre.org/data/definitions/522.html',
+            })
+        },
+        schema: [],
+    },
+    defaultOptions: [],
+    create(context) {
+        function report(node) {
+            context.report({ node, messageId: 'violationDetected' });
+        }
+        const sensitiveKeys = ['password', 'token', 'apikey', 'secret', 'credential', 'auth', 'key'];
+        const storageObjects = ['localStorage', 'sessionStorage', 'AsyncStorage'];
+        return {
+            CallExpression(node) {
+                // Check localStorage.setItem/sessionStorage.setItem/AsyncStorage.setItem
+                if (node.callee.type === 'MemberExpression' &&
+                    node.callee.object.type === 'Identifier' &&
+                    storageObjects.includes(node.callee.object.name) &&
+                    node.callee.property.type === 'Identifier' &&
+                    node.callee.property.name === 'setItem') {
+                    const keyArg = node.arguments[0];
+                    if (keyArg && keyArg.type === 'Literal' && typeof keyArg.value === 'string') {
+                        const key = keyArg.value.toLowerCase();
+                        if (sensitiveKeys.some(k => key.includes(k))) {
+                            report(node);
+                        }
+                    }
+                }
+            },
+        };
+    },
+});
+//# sourceMappingURL=index.js.map

package/src/rules/no-credentials-in-storage-api/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/no-credentials-in-storage-api/index.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,4DAAsF;AAUzE,QAAA,yBAAyB,GAAG,IAAA,0BAAU,EAA0B;IAC3E,IAAI,EAAE,+BAA+B;IACrC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,6DAA6D;SAC3E;QACD,QAAQ,EAAE;YACR,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,wBAAwB;gBACnC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,uDAAuD;gBACpE,QAAQ,EAAE,UAAU;gBACpB,GAAG,EAAE,qEAAqE;gBAC1E,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;SACH;QACD,MAAM,EAAE,EAAE;KACX;IACD,cAAc,EAAE,EAAE;IAClB,MAAM,CAAC,OAAO;QACZ,SAAS,MAAM,CAAC,IAAmB;YACjC,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,aAAa,GAAG,CAAC,UAAU,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;QAC7F,MAAM,cAAc,GAAG,CAAC,cAAc,EAAE,gBAAgB,EAAE,cAAc,CAAC,CAAC;QAE1E,OAAO;YACL,cAAc,CAAC,IAA6B;gBAC1C,yEAAyE;gBACzE,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;oBACvC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACxC,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC;oBAChD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;oBAC1C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;oBAE5C,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oBACjC,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;wBAC5E,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;wBACvC,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;4BAC7C,MAAM,CAAC,IAAI,CAAC,CAAC;wBACf,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}

package/src/rules/no-data-in-temp-storage/index.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+/**
+ * @fileoverview Prevent sensitive data in temp directories
+ */
+export interface Options {
+}
+export declare const noDataInTempStorage: ESLintUtils.RuleModule<MessageIds, Options, unknown, ESLintUtils.RuleListener>;

package/src/rules/no-data-in-temp-storage/index.js ADDED Viewed

@@ -0,0 +1,65 @@
+"use strict";
+/**
+ * @fileoverview Prevent sensitive data in temp directories
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.noDataInTempStorage = void 0;
+const eslint_devkit_1 = require("@interlace/eslint-devkit");
+exports.noDataInTempStorage = (0, eslint_devkit_1.createRule)({
+    name: 'no-data-in-temp-storage',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Prevent sensitive data in temp directories',
+        },
+        messages: {
+            violationDetected: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.SECURITY,
+                issueName: 'Temp Storage Data',
+                cwe: 'CWE-312',
+                description: 'Sensitive data written to temp directory - not secure',
+                severity: 'HIGH',
+                fix: 'Use secure storage location or encrypt data before writing',
+                documentationLink: 'https://cwe.mitre.org/data/definitions/312.html',
+            })
+        },
+        schema: [],
+    },
+    defaultOptions: [],
+    create(context) {
+        function report(node) {
+            context.report({ node, messageId: 'violationDetected' });
+        }
+        const tempPaths = ['/tmp', '/var/tmp', 'temp/', '/temp'];
+        return {
+            CallExpression(node) {
+                // Detect fs.writeFileSync or fs.writeFile with temp path
+                if (node.callee.type === 'MemberExpression' &&
+                    node.callee.object.type === 'Identifier' &&
+                    node.callee.object.name === 'fs' &&
+                    node.callee.property.type === 'Identifier' &&
+                    ['writeFileSync', 'writeFile'].includes(node.callee.property.name)) {
+                    const pathArg = node.arguments[0];
+                    if (pathArg && pathArg.type === 'Literal' && typeof pathArg.value === 'string') {
+                        if (tempPaths.some(tp => pathArg.value.includes(tp))) {
+                            report(node);
+                        }
+                    }
+                }
+            },
+            Literal(node) {
+                // Detect temp path literals
+                if (typeof node.value === 'string') {
+                    if (tempPaths.some(tp => node.value.includes(tp))) {
+                        // Only flag if parent is assignment or variable declaration
+                        const parent = node.parent;
+                        if (parent?.type === 'VariableDeclarator' || parent?.type === 'AssignmentExpression') {
+                            report(node);
+                        }
+                    }
+                }
+            },
+        };
+    },
+});
+//# sourceMappingURL=index.js.map

package/src/rules/no-data-in-temp-storage/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/no-data-in-temp-storage/index.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,4DAAsF;AAUzE,QAAA,mBAAmB,GAAG,IAAA,0BAAU,EAA0B;IACrE,IAAI,EAAE,yBAAyB;IAC/B,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,4CAA4C;SAC1D;QACD,QAAQ,EAAE;YACR,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,uDAAuD;gBACpE,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,4DAA4D;gBACjE,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;SACH;QACD,MAAM,EAAE,EAAE;KACX;IACD,cAAc,EAAE,EAAE;IAClB,MAAM,CAAC,OAAO;QACZ,SAAS,MAAM,CAAC,IAAmB;YACjC,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,SAAS,GAAG,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAEzD,OAAO;YACL,cAAc,CAAC,IAA6B;gBAC1C,yDAAyD;gBACzD,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;oBACvC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACxC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI;oBAChC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;oBAC1C,CAAC,eAAe,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBAEvE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oBAClC,IAAI,OAAO,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;wBAC/E,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;4BACrD,MAAM,CAAC,IAAI,CAAC,CAAC;wBACf,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,OAAO,CAAC,IAAsB;gBAC5B,4BAA4B;gBAC5B,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACnC,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;wBAClD,4DAA4D;wBAC5D,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;wBAC3B,IAAI,MAAM,EAAE,IAAI,KAAK,oBAAoB,IAAI,MAAM,EAAE,IAAI,KAAK,sBAAsB,EAAE,CAAC;4BACrF,MAAM,CAAC,IAAI,CAAC,CAAC;wBACf,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}

package/src/rules/no-debug-code-in-production/index.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+/**
+ * @fileoverview Detect debug code in production
+ * @see https://owasp.org/www-project-mobile-top-10/
+ * @see https://cwe.mitre.org/data/definitions/489.html
+ */
+export interface Options {
+}
+export declare const noDebugCodeInProduction: ESLintUtils.RuleModule<MessageIds, Options, unknown, ESLintUtils.RuleListener>;

package/src/rules/no-debug-code-in-production/index.js ADDED Viewed

@@ -0,0 +1,52 @@
+"use strict";
+/**
+ * @fileoverview Detect debug code in production
+ * @see https://owasp.org/www-project-mobile-top-10/
+ * @see https://cwe.mitre.org/data/definitions/489.html
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.noDebugCodeInProduction = void 0;
+const eslint_devkit_1 = require("@interlace/eslint-devkit");
+exports.noDebugCodeInProduction = (0, eslint_devkit_1.createRule)({
+    name: 'no-debug-code-in-production',
+    meta: {
+        type: 'problem',
+        docs: {
+            description: 'Detect debug code in production',
+            category: 'Security',
+            recommended: true,
+            owaspMobile: ['M7'],
+            cweIds: ["CWE-489"],
+        },
+        messages: {
+            violationDetected: (0, eslint_devkit_1.formatLLMMessage)({
+                icon: eslint_devkit_1.MessageIcons.SECURITY,
+                issueName: 'violation Detected',
+                cwe: 'CWE-489',
+                description: 'Detect debug code in production detected - DEBUG, __DEV__, console',
+                severity: 'HIGH',
+                fix: 'Review and apply secure practices',
+                documentationLink: 'https://cwe.mitre.org/data/definitions/489.html',
+            })
+        },
+        schema: [],
+    },
+    defaultOptions: [],
+    create(context) {
+        return {
+            Identifier(node) {
+                if (['DEBUG', '__DEV__'].includes(node.name)) {
+                    context.report({ node, messageId: 'violationDetected' });
+                }
+            },
+            CallExpression(node) {
+                if (node.callee.type === 'MemberExpression' &&
+                    node.callee.object.name === 'console' &&
+                    node.callee.property.name === 'log') {
+                    context.report({ node, messageId: 'violationDetected' });
+                }
+            },
+        };
+    },
+});
+//# sourceMappingURL=index.js.map

package/src/rules/no-debug-code-in-production/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/no-debug-code-in-production/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAEH,4DAAsF;AAUzE,QAAA,uBAAuB,GAAG,IAAA,0BAAU,EAA0B;IACzE,IAAI,EAAE,6BAA6B;IACnC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,iCAAiC;YAC9C,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,IAAI;YACjB,WAAW,EAAE,CAAC,IAAI,CAAC;YACnB,MAAM,EAAE,CAAC,SAAS,CAAC;SACpB;QACD,QAAQ,EAAE;YACR,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,oBAAoB;gBAC/B,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,oEAAoE;gBACjF,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,mCAAmC;gBACxC,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;SACH;QACD,MAAM,EAAE,EAAE;KACX;IACD,cAAc,EAAE,EAAE;IAClB,MAAM,CAAC,OAAO;QACZ,OAAO;YAEL,UAAU,CAAC,IAAyB;gBAClC,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC7C,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;gBAC3D,CAAC;YACH,CAAC;YACD,cAAc,CAAC,IAA6B;gBAC1C,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;oBACvC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS;oBACrC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;oBACxC,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;gBAC3D,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}