npm - eslint-plugin-secure-coding - Versions diffs - 2.3.3 → 2.4.0 - Mend

eslint-plugin-secure-coding 2.3.3 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (337) hide show

package/src/rules/require-secure-defaults/index.ts DELETED Viewed

@@ -1,54 +0,0 @@
-/**
- * @fileoverview Ensure secure default configurations
- * @see https://owasp.org/www-project-mobile-top-10/
- * @see https://cwe.mitre.org/data/definitions/453.html
- */
-import { createRule, formatLLMMessage, MessageIcons } from '@interlace/eslint-devkit';
-import type { TSESTree } from '@interlace/eslint-devkit';
-type MessageIds = 'violationDetected';
-// eslint-disable-next-line @typescript-eslint/no-empty-object-type, @typescript-eslint/no-empty-interface -- Rule has no configurable options
-export interface Options {}
-type RuleOptions = [Options?];
-export const requireSecureDefaults = createRule<RuleOptions, MessageIds>({
-  name: 'require-secure-defaults',
-  meta: {
-    type: 'problem',
-    docs: {
-      description: 'Ensure secure default configurations',
-      category: 'Security',
-      recommended: true,
-      owaspMobile: ['M8'],
-      cweIds: ["CWE-453"],
-    },
-    messages: {
-      violationDetected: formatLLMMessage({
-        icon: MessageIcons.SECURITY,
-        issueName: 'violation Detected',
-        cwe: 'CWE-1188',
-        description: 'Ensure secure default configurations detected - Insecure default values',
-        severity: 'MEDIUM',
-        fix: 'Review and apply secure practices',
-        documentationLink: 'https://cwe.mitre.org/data/definitions/1188.html',
-      })
-    },
-    schema: [],
-  },
-  defaultOptions: [],
-  create(context) {
-    return {
-      Property(node: TSESTree.Property) {
-        if (node.key.type === 'Identifier' &&
-            ['secure', 'strictSSL', 'verify'].includes(node.key.name) &&
-            node.value.type === 'Literal' &&
-            node.value.value === false) {
-          context.report({ node, messageId: 'violationDetected' });
-        }
-      },
-    };
-  },
-});

package/src/rules/require-secure-defaults/require-secure-defaults.test.ts DELETED Viewed

@@ -1,26 +0,0 @@
-/**
- * @fileoverview Tests for require-secure-defaults
- *
- * Coverage: Comprehensive test suite with valid and invalid cases
- */
-import { RuleTester } from '@typescript-eslint/rule-tester';
-import { requireSecureDefaults } from './index';
-const ruleTester = new RuleTester({
-  languageOptions: {
-    ecmaVersion: 2022,
-    sourceType: 'module',
-  },
-});
-ruleTester.run('require-secure-defaults', requireSecureDefaults, {
-  valid: [
-    { code: "const config = { secure: true, httpOnly: true }" },
-    { code: "cookie({ secure: true })" }
-  ],
-  invalid: [
-    { code: "cookie({ secure: false })", errors: [{ messageId: 'violationDetected' }] }
-  ],
-});

package/src/rules/require-secure-deletion/index.ts DELETED Viewed

@@ -1,52 +0,0 @@
-/**
- * @fileoverview Require secure data deletion patterns
- * @see https://owasp.org/www-project-mobile-top-10/
- * @see https://cwe.mitre.org/data/definitions/459.html
- */
-import { createRule, formatLLMMessage, MessageIcons } from '@interlace/eslint-devkit';
-import type { TSESTree } from '@interlace/eslint-devkit';
-type MessageIds = 'violationDetected';
-// eslint-disable-next-line @typescript-eslint/no-empty-object-type, @typescript-eslint/no-empty-interface -- Rule has no configurable options
-export interface Options {}
-type RuleOptions = [Options?];
-export const requireSecureDeletion = createRule<RuleOptions, MessageIds>({
-  name: 'require-secure-deletion',
-  meta: {
-    type: 'problem',
-    docs: {
-      description: 'Require secure data deletion patterns',
-      category: 'Security',
-      recommended: true,
-      owaspMobile: ['M9'],
-      cweIds: ["CWE-459"],
-    },
-    messages: {
-      violationDetected: formatLLMMessage({
-        icon: MessageIcons.SECURITY,
-        issueName: 'violation Detected',
-        cwe: 'CWE-459',
-        description: 'Require secure data deletion patterns detected - delete without secure wipe',
-        severity: 'MEDIUM',
-        fix: 'Review and apply secure practices',
-        documentationLink: 'https://cwe.mitre.org/data/definitions/459.html',
-      })
-    },
-    schema: [],
-  },
-  defaultOptions: [],
-  create(context) {
-    return {
-      UnaryExpression(node: TSESTree.UnaryExpression) {
-        if (node.operator === 'delete') {
-          context.report({ node, messageId: 'violationDetected' });
-        }
-      },
-    };
-  },
-});

package/src/rules/require-secure-deletion/require-secure-deletion.test.ts DELETED Viewed

@@ -1,29 +0,0 @@
-/**
- * @fileoverview Tests for require-secure-deletion
- */
-import { RuleTester } from '@typescript-eslint/rule-tester';
-import { requireSecureDeletion } from './index';
-const ruleTester = new RuleTester({
-  languageOptions: {
-    ecmaVersion: 2022,
-    sourceType: 'module',
-  },
-});
-ruleTester.run('require-secure-deletion', requireSecureDeletion, {
-  valid: [
-    // Secure deletion patterns
-    { code: "secureDelete(file)" },
-    { code: "data = null; gc()" },
-    { code: "const x = 1" },
-  ],
-  invalid: [
-    // Using delete operator (doesn't securely wipe)
-    { code: "delete user.password", errors: [{ messageId: 'violationDetected' }] },
-    { code: "delete sensitiveData.token", errors: [{ messageId: 'violationDetected' }] },
-    { code: "delete obj.secret", errors: [{ messageId: 'violationDetected' }] },
-  ],
-});

package/src/rules/require-storage-encryption/index.ts DELETED Viewed

@@ -1,60 +0,0 @@
-/**
- * @fileoverview Require encryption for persistent storage
- * @see https://owasp.org/www-project-mobile-top-10/
- * @see https://cwe.mitre.org/data/definitions/311.html
- */
-import { createRule, formatLLMMessage, MessageIcons } from '@interlace/eslint-devkit';
-import type { TSESTree } from '@interlace/eslint-devkit';
-type MessageIds = 'violationDetected';
-// eslint-disable-next-line @typescript-eslint/no-empty-object-type, @typescript-eslint/no-empty-interface -- Rule has no configurable options
-export interface Options {}
-type RuleOptions = [Options?];
-export const requireStorageEncryption = createRule<RuleOptions, MessageIds>({
-  name: 'require-storage-encryption',
-  meta: {
-    type: 'problem',
-    docs: {
-      description: 'Require encryption for persistent storage',
-      category: 'Security',
-      recommended: true,
-      owaspMobile: ['M9'],
-      cweIds: ["CWE-311"],
-    },
-    messages: {
-      violationDetected: formatLLMMessage({
-        icon: MessageIcons.SECURITY,
-        issueName: 'violation Detected',
-        cwe: 'CWE-312',
-        description: 'Require encryption for persistent storage detected - Storage without encryption',
-        severity: 'HIGH',
-        fix: 'Review and apply secure practices',
-        documentationLink: 'https://cwe.mitre.org/data/definitions/312.html',
-      })
-    },
-    schema: [],
-  },
-  defaultOptions: [],
-  create(context) {
-    return {
-      CallExpression(node: TSESTree.CallExpression) {
-        if (node.callee.type === 'MemberExpression' &&
-            ['setItem', 'writeFile'].includes(node.callee.property.name)) {
-          // Check for encryption wrapper
-          const hasEncryption = node.arguments.some(arg =>
-            arg.type === 'CallExpression' &&
-            arg.callee.name?.includes('encrypt')
-          );
-          if (!hasEncryption) {
-            context.report({ node, messageId: 'violationDetected' });
-          }
-        }
-      },
-    };
-  },
-});

package/src/rules/require-storage-encryption/require-storage-encryption.test.ts DELETED Viewed

@@ -1,26 +0,0 @@
-/**
- * @fileoverview Tests for require-storage-encryption
- *
- * Coverage: Comprehensive test suite with valid and invalid cases
- */
-import { RuleTester } from '@typescript-eslint/rule-tester';
-import { requireStorageEncryption } from './index';
-const ruleTester = new RuleTester({
-  languageOptions: {
-    ecmaVersion: 2022,
-    sourceType: 'module',
-  },
-});
-ruleTester.run('require-storage-encryption', requireStorageEncryption, {
-  valid: [
-    { code: "await SecureStore.setItemAsync('token', token)" },
-    { code: "const encrypted = encrypt(data)" }
-  ],
-  invalid: [
-    { code: "AsyncStorage.setItem('password', pwd)", errors: [{ messageId: 'violationDetected' }] }
-  ],
-});

package/src/rules/require-url-validation/index.ts DELETED Viewed

@@ -1,85 +0,0 @@
-/**
- * @fileoverview Enforce URL validation before navigation
- */
-import { createRule, formatLLMMessage, MessageIcons } from '@interlace/eslint-devkit';
-import type { TSESTree } from '@interlace/eslint-devkit';
-type MessageIds = 'violationDetected';
-// eslint-disable-next-line @typescript-eslint/no-empty-object-type, @typescript-eslint/no-empty-interface -- Rule has no configurable options
-export interface Options {}
-type RuleOptions = [Options?];
-export const requireUrlValidation = createRule<RuleOptions, MessageIds>({
-  name: 'require-url-validation',
-  meta: {
-    type: 'problem',
-    docs: {
-      description: 'Enforce URL validation before navigation',
-    },
-    messages: {
-      violationDetected: formatLLMMessage({
-        icon: MessageIcons.SECURITY,
-        issueName: 'URL Validation Required',
-        cwe: 'CWE-601',
-        description: 'Unvalidated URL used for navigation - this is a security risk',
-        severity: 'HIGH',
-        fix: 'Validate URLs before using them for navigation',
-        documentationLink: 'https://cwe.mitre.org/data/definitions/601.html',
-      })
-    },
-    schema: [],
-  },
-  defaultOptions: [],
-  create(context) {
-    function report(node: TSESTree.Node) {
-      context.report({ node, messageId: 'violationDetected' });
-    }
-    return {
-      AssignmentExpression(node: TSESTree.AssignmentExpression) {
-        // Detect window.location assignment from user input
-        if (node.left.type === 'MemberExpression' &&
-            node.left.object.type === 'Identifier' &&
-            node.left.object.name === 'window' &&
-            node.left.property.type === 'Identifier' &&
-            node.left.property.name === 'location') {
-          // Flag if right side is a variable (not a literal URL)
-          if (node.right.type === 'Identifier') {
-            report(node);
-          }
-        }
-        // Detect location.href assignment
-        if (node.left.type === 'MemberExpression' &&
-            node.left.object.type === 'Identifier' &&
-            node.left.object.name === 'location' &&
-            node.left.property.type === 'Identifier' &&
-            node.left.property.name === 'href') {
-          if (node.right.type === 'Identifier') {
-            report(node);
-          }
-        }
-      },
-      CallExpression(node: TSESTree.CallExpression) {
-        // Detect window.open with variable URL
-        if (node.callee.type === 'MemberExpression' &&
-            node.callee.object.type === 'Identifier' &&
-            node.callee.object.name === 'window' &&
-            node.callee.property.type === 'Identifier' &&
-            node.callee.property.name === 'open') {
-          const urlArg = node.arguments[0];
-          if (urlArg && urlArg.type === 'Identifier') {
-            report(node);
-          }
-        }
-      },
-    };
-  },
-});

package/src/rules/require-url-validation/require-url-validation.test.ts DELETED Viewed

@@ -1,32 +0,0 @@
-/**
- * @fileoverview Tests for require-url-validation
- */
-import { RuleTester } from '@typescript-eslint/rule-tester';
-import { requireUrlValidation } from './index';
-const ruleTester = new RuleTester({
-  languageOptions: {
-    ecmaVersion: 2022,
-    sourceType: 'module',
-  },
-});
-ruleTester.run('require-url-validation', requireUrlValidation, {
-  valid: [
-    // Safe static URLs
-    { code: "window.location = 'https://example.com'" },
-    { code: "location.href = 'https://safe.com'" },
-    { code: "window.open('https://example.com')" },
-    // Non-navigation code
-    { code: "const url = 'https://example.com'" },
-    { code: "const x = 1" },
-  ],
-  invalid: [
-    // Variable URLs without validation
-    { code: "window.location = userUrl", errors: [{ messageId: 'violationDetected' }] },
-    { code: "location.href = redirectUrl", errors: [{ messageId: 'violationDetected' }] },
-    { code: "window.open(targetUrl)", errors: [{ messageId: 'violationDetected' }] },
-  ],
-});

package/src/types/index.ts DELETED Viewed

@@ -1,235 +0,0 @@
-/**
- * eslint-plugin-secure-coding Type Exports
- *
- * Barrel file that exports all security rule Options types with consistent naming.
- *
- * Usage:
- * ```typescript
- * import type { NoSqlInjectionOptions } from 'eslint-plugin-secure-coding/types';
- *
- * const config: NoSqlInjectionOptions = {
- *   allowDynamicTableNames: false,
- *   strategy: 'parameterize',
- * };
- * ```
- */
-// Injection Rules
-import type { Options as NoSqlInjectionOptions } from '../rules/no-sql-injection';
-import type { Options as DatabaseInjectionOptions } from '../rules/database-injection';
-import type { Options as DetectEvalWithExpressionOptions } from '../rules/detect-eval-with-expression';
-import type { Options as DetectChildProcessOptions } from '../rules/detect-child-process';
-import type { Options as NoUnsafeDynamicRequireOptions } from '../rules/no-unsafe-dynamic-require';
-import type { Options as NoGraphqlInjectionOptions } from '../rules/no-graphql-injection';
-import type { Options as NoXxeInjectionOptions } from '../rules/no-xxe-injection';
-import type { Options as NoXpathInjectionOptions } from '../rules/no-xpath-injection';
-import type { Options as NoLdapInjectionOptions } from '../rules/no-ldap-injection';
-import type { Options as NoDirectiveInjectionOptions } from '../rules/no-directive-injection';
-import type { Options as NoFormatStringInjectionOptions } from '../rules/no-format-string-injection';
-// Path & File Rules
-import type { Options as DetectNonLiteralFsFilenameOptions } from '../rules/detect-non-literal-fs-filename';
-import type { Options as NoZipSlipOptions } from '../rules/no-zip-slip';
-import type { Options as NoToctouVulnerabilityOptions } from '../rules/no-toctou-vulnerability';
-// Regex Rules
-import type { Options as DetectNonLiteralRegexpOptions } from '../rules/detect-non-literal-regexp';
-import type { Options as NoRedosVulnerableRegexOptions } from '../rules/no-redos-vulnerable-regex';
-import type { Options as NoUnsafeRegexConstructionOptions } from '../rules/no-unsafe-regex-construction';
-// Object & Prototype Rules
-import type { Options as DetectObjectInjectionOptions } from '../rules/detect-object-injection';
-import type { Options as NoUnsafeDeserializationOptions } from '../rules/no-unsafe-deserialization';
-// Credentials & Crypto Rules
-import type { Options as NoHardcodedCredentialsOptions } from '../rules/no-hardcoded-credentials';
-import type { Options as NoWeakCryptoOptions } from '../rules/no-weak-crypto';
-import type { Options as NoInsufficientRandomOptions } from '../rules/no-insufficient-random';
-import type { Options as NoTimingAttackOptions } from '../rules/no-timing-attack';
-import type { Options as NoInsecureComparisonOptions } from '../rules/no-insecure-comparison';
-import type { Options as NoInsecureJwtOptions } from '../rules/no-insecure-jwt';
-// Input Validation & XSS Rules
-import type { Options as NoUnvalidatedUserInputOptions } from '../rules/no-unvalidated-user-input';
-import type { Options as NoUnsanitizedHtmlOptions } from '../rules/no-unsanitized-html';
-import type { Options as NoUnescapedUrlParameterOptions } from '../rules/no-unescaped-url-parameter';
-import type { Options as NoImproperSanitizationOptions } from '../rules/no-improper-sanitization';
-import type { Options as NoImproperTypeValidationOptions } from '../rules/no-improper-type-validation';
-// Authentication & Authorization Rules
-import type { Options as NoMissingAuthenticationOptions } from '../rules/no-missing-authentication';
-import type { Options as NoPrivilegeEscalationOptions } from '../rules/no-privilege-escalation';
-import type { Options as NoWeakPasswordRecoveryOptions } from '../rules/no-weak-password-recovery';
-// Session & Cookies Rules
-import type { Options as NoInsecureCookieSettingsOptions } from '../rules/no-insecure-cookie-settings';
-import type { Options as NoMissingCsrfProtectionOptions } from '../rules/no-missing-csrf-protection';
-import type { Options as NoDocumentCookieOptions } from '../rules/no-document-cookie';
-// Network & Headers Rules
-import type { Options as NoMissingCorsCheckOptions } from '../rules/no-missing-cors-check';
-import type { Options as NoMissingSecurityHeadersOptions } from '../rules/no-missing-security-headers';
-import type { Options as NoInsecureRedirectsOptions } from '../rules/no-insecure-redirects';
-import type { Options as NoUnencryptedTransmissionOptions } from '../rules/no-unencrypted-transmission';
-import type { Options as NoClickjackingOptions } from '../rules/no-clickjacking';
-// Data Exposure Rules
-import type { Options as NoExposedSensitiveDataOptions } from '../rules/no-exposed-sensitive-data';
-import type { Options as NoSensitiveDataExposureOptions } from '../rules/no-sensitive-data-exposure';
-// Buffer & Memory Rules
-import type { Options as NoBufferOverreadOptions } from '../rules/no-buffer-overread';
-// Resource & DoS Rules
-import type { Options as NoUnlimitedResourceAllocationOptions } from '../rules/no-unlimited-resource-allocation';
-import type { Options as NoUncheckedLoopConditionOptions } from '../rules/no-unchecked-loop-condition';
-// Platform Specific Rules
-import type { Options as NoElectronSecurityIssuesOptions } from '../rules/no-electron-security-issues';
-import type { Options as NoInsufficientPostmessageValidationOptions } from '../rules/no-insufficient-postmessage-validation';
-// Export all types with consistent naming
-export type {
-  // Injection
-  NoSqlInjectionOptions,
-  DatabaseInjectionOptions,
-  DetectEvalWithExpressionOptions,
-  DetectChildProcessOptions,
-  NoUnsafeDynamicRequireOptions,
-  NoGraphqlInjectionOptions,
-  NoXxeInjectionOptions,
-  NoXpathInjectionOptions,
-  NoLdapInjectionOptions,
-  NoDirectiveInjectionOptions,
-  NoFormatStringInjectionOptions,
-  // Path & File
-  DetectNonLiteralFsFilenameOptions,
-  NoZipSlipOptions,
-  NoToctouVulnerabilityOptions,
-  // Regex
-  DetectNonLiteralRegexpOptions,
-  NoRedosVulnerableRegexOptions,
-  NoUnsafeRegexConstructionOptions,
-  // Object & Prototype
-  DetectObjectInjectionOptions,
-  NoUnsafeDeserializationOptions,
-  // Credentials & Crypto
-  NoHardcodedCredentialsOptions,
-  NoWeakCryptoOptions,
-  NoInsufficientRandomOptions,
-  NoTimingAttackOptions,
-  NoInsecureComparisonOptions,
-  NoInsecureJwtOptions,
-  // Input Validation & XSS
-  NoUnvalidatedUserInputOptions,
-  NoUnsanitizedHtmlOptions,
-  NoUnescapedUrlParameterOptions,
-  NoImproperSanitizationOptions,
-  NoImproperTypeValidationOptions,
-  // Authentication & Authorization
-  NoMissingAuthenticationOptions,
-  NoPrivilegeEscalationOptions,
-  NoWeakPasswordRecoveryOptions,
-  // Session & Cookies
-  NoInsecureCookieSettingsOptions,
-  NoMissingCsrfProtectionOptions,
-  NoDocumentCookieOptions,
-  // Network & Headers
-  NoMissingCorsCheckOptions,
-  NoMissingSecurityHeadersOptions,
-  NoInsecureRedirectsOptions,
-  NoUnencryptedTransmissionOptions,
-  NoClickjackingOptions,
-  // Data Exposure
-  NoExposedSensitiveDataOptions,
-  NoSensitiveDataExposureOptions,
-  // Buffer & Memory
-  NoBufferOverreadOptions,
-  // Resource & DoS
-  NoUnlimitedResourceAllocationOptions,
-  NoUncheckedLoopConditionOptions,
-  // Platform Specific
-  NoElectronSecurityIssuesOptions,
-  NoInsufficientPostmessageValidationOptions,
-};
-/**
- * Combined type for all security rule options
- * Useful for creating unified configuration objects
- *
- * @example
- * ```typescript
- * const config: AllSecurityRulesOptions = {
- *   'no-sql-injection': {
- *     allowDynamicTableNames: false,
- *     strategy: 'parameterize',
- *   },
- *   'no-hardcoded-credentials': {
- *     ignorePatterns: ['test/*'],
- *   },
- * };
- * ```
- */
-export type AllSecurityRulesOptions = {
-  // Injection
-  'no-sql-injection'?: NoSqlInjectionOptions;
-  'database-injection'?: DatabaseInjectionOptions;
-  'detect-eval-with-expression'?: DetectEvalWithExpressionOptions;
-  'detect-child-process'?: DetectChildProcessOptions;
-  'no-unsafe-dynamic-require'?: NoUnsafeDynamicRequireOptions;
-  'no-graphql-injection'?: NoGraphqlInjectionOptions;
-  'no-xxe-injection'?: NoXxeInjectionOptions;
-  'no-xpath-injection'?: NoXpathInjectionOptions;
-  'no-ldap-injection'?: NoLdapInjectionOptions;
-  'no-directive-injection'?: NoDirectiveInjectionOptions;
-  'no-format-string-injection'?: NoFormatStringInjectionOptions;
-  // Path & File
-  'detect-non-literal-fs-filename'?: DetectNonLiteralFsFilenameOptions;
-  'no-zip-slip'?: NoZipSlipOptions;
-  'no-toctou-vulnerability'?: NoToctouVulnerabilityOptions;
-  // Regex
-  'detect-non-literal-regexp'?: DetectNonLiteralRegexpOptions;
-  'no-redos-vulnerable-regex'?: NoRedosVulnerableRegexOptions;
-  'no-unsafe-regex-construction'?: NoUnsafeRegexConstructionOptions;
-  // Object & Prototype
-  'detect-object-injection'?: DetectObjectInjectionOptions;
-  'no-unsafe-deserialization'?: NoUnsafeDeserializationOptions;
-  // Credentials & Crypto
-  'no-hardcoded-credentials'?: NoHardcodedCredentialsOptions;
-  'no-weak-crypto'?: NoWeakCryptoOptions;
-  'no-insufficient-random'?: NoInsufficientRandomOptions;
-  'no-timing-attack'?: NoTimingAttackOptions;
-  'no-insecure-comparison'?: NoInsecureComparisonOptions;
-  'no-insecure-jwt'?: NoInsecureJwtOptions;
-  // Input Validation & XSS
-  'no-unvalidated-user-input'?: NoUnvalidatedUserInputOptions;
-  'no-unsanitized-html'?: NoUnsanitizedHtmlOptions;
-  'no-unescaped-url-parameter'?: NoUnescapedUrlParameterOptions;
-  'no-improper-sanitization'?: NoImproperSanitizationOptions;
-  'no-improper-type-validation'?: NoImproperTypeValidationOptions;
-  // Authentication & Authorization
-  'no-missing-authentication'?: NoMissingAuthenticationOptions;
-  'no-privilege-escalation'?: NoPrivilegeEscalationOptions;
-  'no-weak-password-recovery'?: NoWeakPasswordRecoveryOptions;
-  // Session & Cookies
-  'no-insecure-cookie-settings'?: NoInsecureCookieSettingsOptions;
-  'no-missing-csrf-protection'?: NoMissingCsrfProtectionOptions;
-  'no-document-cookie'?: NoDocumentCookieOptions;
-  // Network & Headers
-  'no-missing-cors-check'?: NoMissingCorsCheckOptions;
-  'no-missing-security-headers'?: NoMissingSecurityHeadersOptions;
-  'no-insecure-redirects'?: NoInsecureRedirectsOptions;
-  'no-unencrypted-transmission'?: NoUnencryptedTransmissionOptions;
-  'no-clickjacking'?: NoClickjackingOptions;
-  // Data Exposure
-  'no-exposed-sensitive-data'?: NoExposedSensitiveDataOptions;
-  'no-sensitive-data-exposure'?: NoSensitiveDataExposureOptions;
-  // Buffer & Memory
-  'no-buffer-overread'?: NoBufferOverreadOptions;
-  // Resource & DoS
-  'no-unlimited-resource-allocation'?: NoUnlimitedResourceAllocationOptions;
-  'no-unchecked-loop-condition'?: NoUncheckedLoopConditionOptions;
-  // Platform Specific
-  'no-electron-security-issues'?: NoElectronSecurityIssuesOptions;
-  'no-insufficient-postmessage-validation'?: NoInsufficientPostmessageValidationOptions;
-};