eslint-plugin-secure-coding 2.3.2 → 2.3.3

package/src/rules/no-improper-type-validation/index.js

@@ -1,475 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.noImproperTypeValidation = void 0;
-const eslint_devkit_1 = require("@interlace/eslint-devkit");
-const eslint_devkit_2 = require("@interlace/eslint-devkit");
-const eslint_devkit_3 = require("@interlace/eslint-devkit");
-exports.noImproperTypeValidation = (0, eslint_devkit_1.createRule)({
-    name: 'no-improper-type-validation',
-    meta: {
-        type: 'problem',
-        docs: {
-            description: 'Detects improper type validation in user input handling',
-        },
-        fixable: 'code',
-        hasSuggestions: true,
-        messages: {
-            improperTypeValidation: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.SECURITY,
-                issueName: 'Improper Type Validation',
-                cwe: 'CWE-1287',
-                description: 'Type validation may be bypassed or incomplete',
-                severity: '{{severity}}',
-                fix: '{{safeAlternative}}',
-                documentationLink: 'https://cwe.mitre.org/data/definitions/1287.html',
-            }),
-            unsafeTypeofCheck: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.WARNING,
-                issueName: 'Unsafe typeof Check',
-                cwe: 'CWE-1287',
-                description: 'typeof check misses null values',
-                severity: 'MEDIUM',
-                fix: 'Use value != null && typeof value === "object"',
-                documentationLink: 'https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/typeof',
-            }),
-            unsafeInstanceofUsage: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.WARNING,
-                issueName: 'Unsafe instanceof Usage',
-                cwe: 'CWE-1287',
-                description: 'instanceof may fail across contexts',
-                severity: 'LOW',
-                fix: 'Use Array.isArray() or typeof checks',
-                documentationLink: 'https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/instanceof',
-            }),
-            looseEqualityTypeCheck: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.WARNING,
-                issueName: 'Loose Equality Type Check',
-                cwe: 'CWE-1287',
-                description: 'Loose equality may cause type confusion',
-                severity: 'LOW',
-                fix: 'Use strict equality (===) for type checking',
-                documentationLink: 'https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Equality',
-            }),
-            missingNullCheck: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.WARNING,
-                issueName: 'Missing Null Check',
-                cwe: 'CWE-1287',
-                description: 'Type check doesn\'t handle null values',
-                severity: 'MEDIUM',
-                fix: 'Check for both null and undefined',
-                documentationLink: 'https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/typeof',
-            }),
-            unreliableConstructorCheck: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.WARNING,
-                issueName: 'Unreliable Constructor Check',
-                cwe: 'CWE-1287',
-                description: 'constructor.name can be spoofed',
-                severity: 'MEDIUM',
-                fix: 'Use Object.prototype.toString.call() or duck typing',
-                documentationLink: 'https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/constructor',
-            }),
-            incompleteTypeValidation: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.WARNING,
-                issueName: 'Incomplete Type Validation',
-                cwe: 'CWE-1287',
-                description: 'Type validation is incomplete',
-                severity: 'LOW',
-                fix: 'Use comprehensive type checking',
-                documentationLink: 'https://cwe.mitre.org/data/definitions/1287.html',
-            }),
-            useTypeofCorrectly: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.INFO,
-                issueName: 'Use typeof Correctly',
-                description: 'Use typeof with null checks for objects',
-                severity: 'LOW',
-                fix: 'if (value != null && typeof value === "object")',
-                documentationLink: 'https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/typeof',
-            }),
-            useProperTypeGuards: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.INFO,
-                issueName: 'Use Proper Type Guards',
-                description: 'Use proper type guard functions',
-                severity: 'LOW',
-                fix: 'Array.isArray(), Number.isNaN(), etc.',
-                documentationLink: 'https://www.typescriptlang.org/docs/handbook/advanced-types.html#type-guards-and-differentiating-types',
-            }),
-            validateUserInput: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.INFO,
-                issueName: 'Validate User Input',
-                description: 'Validate user input before processing',
-                severity: 'LOW',
-                fix: 'Use schema validation libraries',
-                documentationLink: 'https://joi.dev/',
-            }),
-            strategyTypeGuards: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.STRATEGY,
-                issueName: 'Type Guards Strategy',
-                description: 'Use type guards for runtime type checking',
-                severity: 'LOW',
-                fix: 'Implement custom type guard functions',
-                documentationLink: 'https://www.typescriptlang.org/docs/handbook/advanced-types.html#type-guards-and-differentiating-types',
-            }),
-            strategySchemaValidation: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.STRATEGY,
-                issueName: 'Schema Validation Strategy',
-                description: 'Use schema validation for complex inputs',
-                severity: 'LOW',
-                fix: 'Use Joi, Yup, or Zod for input validation',
-                documentationLink: 'https://joi.dev/',
-            }),
-            strategyDefensiveProgramming: (0, eslint_devkit_2.formatLLMMessage)({
-                icon: eslint_devkit_2.MessageIcons.STRATEGY,
-                issueName: 'Defensive Programming Strategy',
-                description: 'Use defensive programming techniques',
-                severity: 'LOW',
-                fix: 'Check types and handle edge cases explicitly',
-                documentationLink: 'https://en.wikipedia.org/wiki/Defensive_programming',
-            })
-        },
-        schema: [
-            {
-                type: 'object',
-                properties: {
-                    userInputVariables: {
-                        type: 'array',
-                        items: { type: 'string' },
-                        default: ['req', 'request', 'body', 'query', 'params', 'input', 'data', 'userInput'],
-                    },
-                    safeTypeCheckFunctions: {
-                        type: 'array',
-                        items: { type: 'string' },
-                        default: ['isArray', 'isString', 'isNumber', 'isObject', 'validateType', 'checkType'],
-                    },
-                    allowInstanceofSameRealm: {
-                        type: 'boolean',
-                        default: true,
-                        description: 'Allow instanceof for same-realm objects'
-                    },
-                    trustedSanitizers: {
-                        type: 'array',
-                        items: { type: 'string' },
-                        default: [],
-                        description: 'Additional function names to consider as type validators',
-                    },
-                    trustedAnnotations: {
-                        type: 'array',
-                        items: { type: 'string' },
-                        default: [],
-                        description: 'Additional JSDoc annotations to consider as safe markers',
-                    },
-                    strictMode: {
-                        type: 'boolean',
-                        default: false,
-                        description: 'Disable all false positive detection (strict mode)',
-                    },
-                },
-                additionalProperties: false,
-            },
-        ],
-    },
-    defaultOptions: [
-        {
-            userInputVariables: ['req', 'request', 'body', 'query', 'params', 'input', 'data', 'userInput'],
-            safeTypeCheckFunctions: ['isArray', 'isString', 'isNumber', 'isObject', 'validateType', 'checkType'],
-            allowInstanceofSameRealm: true,
-            trustedSanitizers: [],
-            trustedAnnotations: [],
-            strictMode: false,
-        },
-    ],
-    create(context) {
-        const options = context.options[0] || {};
-        const { userInputVariables = ['req', 'request', 'body', 'query', 'params', 'input', 'data', 'userInput'], allowInstanceofSameRealm = true, trustedSanitizers = [], trustedAnnotations = [], strictMode = false, } = options;
-        const sourceCode = context.sourceCode || context.sourceCode;
-        const filename = context.filename || context.getFilename();
-        // Create safety checker for false positive detection
-        const safetyChecker = (0, eslint_devkit_3.createSafetyChecker)({
-            trustedSanitizers,
-            trustedAnnotations,
-            trustedOrmPatterns: [],
-            strictMode,
-        });
-        /**
-         * Check if a variable is user input
-         */
-        const isUserInput = (varName) => {
-            return userInputVariables.some(input => varName.includes(input));
-        };
-        /**
-         * Check if a typeof check is unsafe
-         */
-        const isUnsafeTypeof = (node) => {
-            if (node.operator !== '===' && node.operator !== '!==') {
-                return false;
-            }
-            const left = node.left;
-            const right = node.right;
-            // Check for typeof x === 'object' (misses null)
-            if (left.type === 'UnaryExpression' &&
-                left.operator === 'typeof' &&
-                right.type === 'Literal' &&
-                right.value === 'object') {
-                // Check if this node is part of a larger expression that includes a null check
-                let varName = '';
-                if (left.argument.type === 'Identifier') {
-                    varName = left.argument.name;
-                }
-                if (varName) {
-                    let current = node.parent;
-                    let child = node;
-                    while (current) {
-                        if (current.type === 'LogicalExpression' && current.operator === '&&') {
-                            // If we are on the right side, check the left side for null check
-                            if (current.right === child) {
-                                const leftText = sourceCode.getText(current.left);
-                                if (leftText.includes(`${varName} !== null`) ||
-                                    leftText.includes(`${varName} != null`)) {
-                                    return false;
-                                }
-                            }
-                        }
-                        if (current.type.includes('Statement') || current.type.includes('Declaration')) {
-                            break;
-                        }
-                        child = current;
-                        current = current.parent;
-                    }
-                }
-                return true;
-            }
-            return false;
-        };
-        /**
-         * Check if instanceof usage is unsafe
-         */
-        const isUnsafeInstanceof = (node) => {
-            if (node.operator !== 'instanceof') {
-                return false;
-            }
-            if (!allowInstanceofSameRealm) {
-                return true;
-            }
-            // instanceof is generally safe within the same realm
-            // but can be problematic across different contexts/windows
-            return false;
-        };
-        /**
-         * Check if equality is loose and used for type checking
-         */
-        const isLooseEqualityTypeCheck = (node) => {
-            if (node.operator !== '==' && node.operator !== '!=') {
-                return false;
-            }
-            const leftText = sourceCode.getText(node.left).toLowerCase();
-            const rightText = sourceCode.getText(node.right).toLowerCase();
-            // Check if comparing against null/undefined with loose equality
-            return (leftText.includes('null') || rightText.includes('null') ||
-                leftText.includes('undefined') || rightText.includes('undefined'));
-        };
-        /**
-         * Check for unreliable constructor checks
-         */
-        const isUnreliableConstructorCheck = (node) => {
-            return node.property.type === 'Identifier' &&
-                node.property.name === 'name' &&
-                node.object.type === 'MemberExpression' &&
-                node.object.property.type === 'Identifier' &&
-                node.object.property.name === 'constructor';
-        };
-        return {
-            // Check binary expressions for type validation issues
-            BinaryExpression(node) {
-                // Check for unsafe typeof usage
-                if (isUnsafeTypeof(node)) {
-                    const left = node.left;
-                    let matchesUserInput = false;
-                    if (left.argument.type === 'Identifier' && isUserInput(left.argument.name)) {
-                        matchesUserInput = true;
-                    }
-                    else if (left.argument.type === 'MemberExpression' &&
-                        left.argument.object.type === 'Identifier' &&
-                        isUserInput(left.argument.object.name)) {
-                        matchesUserInput = true;
-                    }
-                    if (matchesUserInput) {
-                        /* c8 ignore start -- safetyChecker requires JSDoc annotations not testable via RuleTester */
-                        if (safetyChecker.isSafe(node, context)) {
-                            return;
-                        }
-                        /* c8 ignore stop */
-                        context.report({
-                            node: left,
-                            messageId: 'unsafeTypeofCheck',
-                            data: {
-                                filePath: filename,
-                                line: String(node.loc?.start.line ?? 0),
-                            },
-                            suggest: [
-                                {
-                                    messageId: 'useTypeofCorrectly',
-                                    fix: () => null // Would need complex AST manipulation
-                                },
-                            ],
-                        });
-                    }
-                }
-                // Check for unsafe instanceof usage
-                if (isUnsafeInstanceof(node)) {
-                    const left = node.left;
-                    if (left.type === 'Identifier' && isUserInput(left.name)) {
-                        context.report({
-                            node,
-                            messageId: 'unsafeInstanceofUsage',
-                            data: {
-                                filePath: filename,
-                                line: String(node.loc?.start.line ?? 0),
-                            },
-                        });
-                    }
-                }
-                // Check for loose equality in type checks
-                if (isLooseEqualityTypeCheck(node)) {
-                    const left = node.left;
-                    const right = node.right;
-                    // Check if this involves user input variables
-                    const leftText = sourceCode.getText(left);
-                    const rightText = sourceCode.getText(right);
-                    if ((left.type === 'Identifier' && isUserInput(left.name)) ||
-                        (right.type === 'Identifier' && isUserInput(right.name)) ||
-                        leftText.includes('null') || rightText.includes('null')) {
-                        /* c8 ignore start -- safetyChecker requires JSDoc annotations not testable via RuleTester */
-                        if (safetyChecker.isSafe(node, context)) {
-                            return;
-                        }
-                        /* c8 ignore stop */
-                        context.report({
-                            node: node,
-                            messageId: 'looseEqualityTypeCheck',
-                            data: {
-                                filePath: filename,
-                                line: String(node.loc?.start.line ?? 0),
-                            },
-                        });
-                    }
-                }
-            },
-            // Check member expressions for constructor.name usage
-            MemberExpression(node) {
-                if (isUnreliableConstructorCheck(node)) {
-                    // Check if this involves user input
-                    let current = node;
-                    let involvesUserInput = false;
-                    // Walk up to find if this is used with user input
-                    while (current.parent) {
-                        current = current.parent;
-                        if (current.type === 'VariableDeclarator' &&
-                            current.init === node) {
-                            // This is assignment - check if assigned to user input
-                            involvesUserInput = true;
-                            break;
-                        }
-                        if (current.type === 'BinaryExpression' &&
-                            (current.left === node || current.right === node)) {
-                            // Used in comparison - likely type checking
-                            involvesUserInput = true;
-                            break;
-                        }
-                    }
-                    if (involvesUserInput) {
-                        /* c8 ignore start -- safetyChecker requires JSDoc annotations not testable via RuleTester */
-                        if (safetyChecker.isSafe(node, context)) {
-                            return;
-                        }
-                        /* c8 ignore stop */
-                        context.report({
-                            node,
-                            messageId: 'unreliableConstructorCheck',
-                            data: {
-                                filePath: filename,
-                                line: String(node.loc?.start.line ?? 0),
-                            },
-                        });
-                    }
-                }
-            },
-            // Check call expressions for type checking functions
-            CallExpression(node) {
-                const callee = node.callee;
-                // Check for safe type checking functions
-                if (callee.type === 'MemberExpression' &&
-                    callee.property.type === 'Identifier') {
-                    const methodName = callee.property.name;
-                    const objectName = callee.object.type === 'Identifier' ? callee.object.name : '';
-                    // Check for proper type guards
-                    if (['isArray', 'isString', 'isNumber', 'isObject'].includes(methodName) &&
-                        objectName && ['Array', 'Number', 'String', 'Object'].includes(objectName)) {
-                        // This is good - using proper type guards
-                        return;
-                    }
-                }
-                // Check for typeof usage in function calls
-                if (callee.type === 'Identifier' && callee.name === 'typeof') {
-                    // This is unusual - typeof is normally a unary operator
-                    // But if used as a function call, it's likely wrong
-                    context.report({
-                        node,
-                        messageId: 'improperTypeValidation',
-                        data: {
-                            filePath: filename,
-                            line: String(node.loc?.start.line ?? 0),
-                            severity: 'LOW',
-                            safeAlternative: 'Use typeof as unary operator: typeof value',
-                        },
-                    });
-                }
-            },
-            // Check if statements for incomplete type validation
-            IfStatement(node) {
-                const test = node.test;
-                // NEW: Check for implicit truthiness check on user input
-                if (test.type === 'Identifier' && isUserInput(test.name)) {
-                    /* c8 ignore start -- safetyChecker requires JSDoc annotations not testable via RuleTester */
-                    if (safetyChecker.isSafe(node, context)) {
-                        return;
-                    }
-                    /* c8 ignore stop */
-                    context.report({
-                        node: test,
-                        messageId: 'improperTypeValidation',
-                        data: {
-                            filePath: filename,
-                            line: String(node.loc?.start.line ?? 0),
-                            severity: 'LOW',
-                            safeAlternative: 'Explicitly check for null/undefined or type',
-                        }
-                    });
-                }
-                // Look for if statements that only check one aspect of type
-                if (test.type === 'BinaryExpression') {
-                    const testText = sourceCode.getText(test).toLowerCase();
-                    // Check for incomplete null checks
-                    if ((testText.includes('!= null') || testText.includes('== null')) &&
-                        !testText.includes('!== undefined') && !testText.includes('=== undefined')) {
-                        // Check if this involves user input
-                        if ((test.left.type === 'Identifier' && isUserInput(test.left.name)) ||
-                            (test.right.type === 'Identifier' && isUserInput(test.right.name))) {
-                            /* c8 ignore start -- safetyChecker requires JSDoc annotations not testable via RuleTester */
-                            if (safetyChecker.isSafe(node, context)) {
-                                return;
-                            }
-                            /* c8 ignore stop */
-                            context.report({
-                                node: test,
-                                messageId: 'missingNullCheck',
-                                data: {
-                                    filePath: filename,
-                                    line: String(node.loc?.start.line ?? 0),
-                                },
-                            });
-                        }
-                    }
-                }
-            }
-        };
-    },
-});

package/src/rules/no-insecure-comparison/index.d.ts

@@ -1,7 +0,0 @@
-export interface Options {
-    /** Allow insecure comparison in test files. Default: false */
-    allowInTests?: boolean;
-    /** Additional patterns to ignore. Default: [] */
-    ignorePatterns?: string[];
-}
-export declare const noInsecureComparison: ESLintUtils.RuleModule<MessageIds, Options, unknown, ESLintUtils.RuleListener>;

package/src/rules/no-insecure-comparison/index.js

@@ -1,193 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.noInsecureComparison = void 0;
-const eslint_devkit_1 = require("@interlace/eslint-devkit");
-const eslint_devkit_2 = require("@interlace/eslint-devkit");
-exports.noInsecureComparison = (0, eslint_devkit_2.createRule)({
-    name: 'no-insecure-comparison',
-    meta: {
-        type: 'problem',
-        deprecated: true,
-        replacedBy: ['@see eslint-plugin-crypto/no-timing-unsafe-compare'],
-        docs: {
-            description: 'Detects insecure comparison operators (==, !=) that can lead to type coercion vulnerabilities',
-        },
-        fixable: 'code',
-        hasSuggestions: true,
-        messages: {
-            insecureComparison: (0, eslint_devkit_1.formatLLMMessage)({
-                icon: eslint_devkit_1.MessageIcons.SECURITY,
-                issueName: 'Insecure Comparison',
-                cwe: 'CWE-697',
-                description: 'Insecure comparison operator ({{operator}}) detected - can lead to type coercion vulnerabilities',
-                severity: 'HIGH',
-                fix: 'Use strict equality ({{strictOperator}}) instead: {{example}}',
-                documentationLink: 'https://cwe.mitre.org/data/definitions/697.html',
-            }),
-            useStrictEquality: (0, eslint_devkit_1.formatLLMMessage)({
-                icon: eslint_devkit_1.MessageIcons.INFO,
-                issueName: 'Use Strict Equality',
-                description: 'Use strict equality operator',
-                severity: 'LOW',
-                fix: 'Replace == with === and != with !==',
-                documentationLink: 'https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Strict_equality',
-            }),
-            timingUnsafeComparison: (0, eslint_devkit_1.formatLLMMessage)({
-                icon: eslint_devkit_1.MessageIcons.SECURITY,
-                issueName: 'Timing Attack Risk',
-                cwe: 'CWE-208',
-                description: 'Secret comparison with {{operator}} can leak timing information',
-                severity: 'HIGH',
-                fix: 'Use crypto.timingSafeEqual(Buffer.from(a), Buffer.from(b))',
-                documentationLink: 'https://nodejs.org/api/crypto.html#cryptotimingsafeequala-b',
-            }),
-        },
-        schema: [
-            {
-                type: 'object',
-                properties: {
-                    allowInTests: {
-                        type: 'boolean',
-                        default: false,
-                        description: 'Allow insecure comparison in test files',
-                    },
-                    ignorePatterns: {
-                        type: 'array',
-                        items: { type: 'string' },
-                        default: [],
-                        description: 'Additional patterns to ignore',
-                    },
-                },
-                additionalProperties: false,
-            },
-        ],
-    },
-    defaultOptions: [
-        {
-            allowInTests: false,
-            ignorePatterns: [],
-        },
-    ],
-    create(context, [options = {}]) {
-        const { allowInTests = false, ignorePatterns = [], } = options;
-        const filename = context.getFilename();
-        const isTestFile = allowInTests && /\.(test|spec)\.(ts|tsx|js|jsx)$/.test(filename);
-        const sourceCode = context.sourceCode || context.sourceCode;
-        /**
-         * Check if a string matches any ignore pattern
-         */
-        function matchesIgnorePattern(text, patterns) {
-            return patterns.some(pattern => {
-                try {
-                    const regex = new RegExp(pattern, 'i');
-                    return regex.test(text);
-                }
-                catch {
-                    // Invalid regex - treat as literal string match
-                    return text.toLowerCase().includes(pattern.toLowerCase());
-                }
-            });
-        }
-        /**
-         * Check BinaryExpression for insecure comparison operators
-         */
-        function checkBinaryExpression(node) {
-            if (isTestFile) {
-                return;
-            }
-            const secretKeywords = ['secret', 'token', 'password', 'apikey', 'api_key', 'signature', 'auth', 'key', 'hash', 'digest', 'mac'];
-            const isSecurityContext = (() => {
-                let current = node;
-                while (current) {
-                    if ((current.type === 'FunctionDeclaration' ||
-                        current.type === 'FunctionExpression' ||
-                        current.type === 'ArrowFunctionExpression') &&
-                        'id' in current && current.id?.name) {
-                        if (/security|auth|crypto|hash|token|secret|insecure|verify|validate/i.test(current.id.name)) {
-                            return true;
-                        }
-                    }
-                    if (current.type === 'MethodDefinition' && current.key.type === 'Identifier') {
-                        if (/security|auth|crypto|hash|token|secret|insecure|verify|validate/i.test(current.key.name)) {
-                            return true;
-                        }
-                    }
-                    current = current.parent;
-                }
-                return false;
-            })();
-            const isPotentialSecret = (expr) => {
-                const text = sourceCode.getText(expr).toLowerCase();
-                if (secretKeywords.some(keyword => text.includes(keyword)))
-                    return true;
-                // In security contexts, treat generic terms as potential secrets
-                if (isSecurityContext) {
-                    const contextKeywords = ['provided', 'expected', 'actual', 'input', 'value', 'data'];
-                    return contextKeywords.some(keyword => text.includes(keyword));
-                }
-                return false;
-            };
-            // Timing-safe comparison for secrets even with strict equality
-            if ((node.operator === '===' || node.operator === '!==') &&
-                (isPotentialSecret(node.left) || isPotentialSecret(node.right))) {
-                const leftText = sourceCode.getText(node.left);
-                const rightText = sourceCode.getText(node.right);
-                // ... rest of logic uses example ...
-                const example = `crypto.timingSafeEqual(Buffer.from(${leftText}), Buffer.from(${rightText}))`;
-                context.report({
-                    node,
-                    messageId: 'timingUnsafeComparison',
-                    data: {
-                        operator: node.operator,
-                        strictOperator: node.operator,
-                        example: example,
-                    },
-                    suggest: [
-                        {
-                            messageId: 'useStrictEquality', // This messageId usage might be wrong for timing safe output, but kept for now or reused?
-                            // Wait, previous code used useStrictEquality as suggest?
-                            // Ah, the previous code had a fix/suggest structure.
-                            fix: (fixer) => fixer.replaceText(node, example),
-                        },
-                    ],
-                });
-                return;
-            }
-            // Check for insecure comparison operators
-            if (node.operator === '==' || node.operator === '!=') {
-                const text = sourceCode.getText(node);
-                // Check if it matches any ignore pattern
-                if (matchesIgnorePattern(text, ignorePatterns)) {
-                    return;
-                }
-                const strictOperator = node.operator === '==' ? '===' : '!==';
-                const leftText = sourceCode.getText(node.left);
-                const rightText = sourceCode.getText(node.right);
-                const example = `${leftText} ${strictOperator} ${rightText}`;
-                context.report({
-                    node: node,
-                    messageId: 'insecureComparison',
-                    data: {
-                        operator: node.operator,
-                        strictOperator,
-                        example,
-                    },
-                    fix: (fixer) => {
-                        return fixer.replaceText(node, example);
-                    },
-                    suggest: [
-                        {
-                            messageId: 'useStrictEquality',
-                            fix: (fixer) => {
-                                return fixer.replaceText(node, example);
-                            },
-                        },
-                    ],
-                });
-            }
-        }
-        return {
-            BinaryExpression: checkBinaryExpression,
-        };
-    },
-});