npm - eslint-plugin-secure-coding - Versions diffs - 3.0.1 → 3.0.2 - Mend

eslint-plugin-secure-coding 3.0.1 → 3.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (130) hide show

package/src/rules/no-unlimited-resource-allocation/index.d.ts CHANGED Viewed

@@ -32,5 +32,7 @@ export interface Options extends SecurityRuleOptions {
     requireResourceValidation?: boolean;
 }
 type RuleOptions = [Options?];
-export declare const noUnlimitedResourceAllocation: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener>;
+export declare const noUnlimitedResourceAllocation: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener> & {
+    name: string;
+};
 export {};

package/src/rules/no-unsafe-deserialization/index.d.ts CHANGED Viewed

@@ -34,5 +34,7 @@ export interface Options extends SecurityRuleOptions {
     validationFunctions?: string[];
 }
 type RuleOptions = [Options?];
-export declare const noUnsafeDeserialization: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener>;
+export declare const noUnsafeDeserialization: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener> & {
+    name: string;
+};
 export {};

package/src/rules/no-unsafe-regex-construction/index.d.ts CHANGED Viewed

@@ -24,5 +24,7 @@ export interface Options {
     maxPatternLength?: number;
 }
 type RuleOptions = [Options?];
-export declare const noUnsafeRegexConstruction: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener>;
+export declare const noUnsafeRegexConstruction: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener> & {
+    name: string;
+};
 export {};

package/src/rules/no-weak-password-recovery/index.d.ts CHANGED Viewed

@@ -32,5 +32,7 @@ export interface Options extends SecurityRuleOptions {
     secureTokenFunctions?: string[];
 }
 type RuleOptions = [Options?];
-export declare const noWeakPasswordRecovery: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener>;
+export declare const noWeakPasswordRecovery: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener> & {
+    name: string;
+};
 export {};

package/src/rules/no-xpath-injection/index.d.ts CHANGED Viewed

@@ -33,5 +33,7 @@ export interface Options extends SecurityRuleOptions {
     xpathValidationFunctions?: string[];
 }
 type RuleOptions = [Options?];
-export declare const noXpathInjection: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener>;
+export declare const noXpathInjection: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener> & {
+    name: string;
+};
 export {};

package/src/rules/no-xxe-injection/index.d.ts CHANGED Viewed

@@ -30,5 +30,7 @@ export interface Options {
     xmlValidationFunctions?: string[];
 }
 type RuleOptions = [Options?];
-export declare const noXxeInjection: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener>;
+export declare const noXxeInjection: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener> & {
+    name: string;
+};
 export {};

package/src/rules/require-backend-authorization/index.d.ts CHANGED Viewed

@@ -6,5 +6,7 @@
 export interface Options {
 }
 type RuleOptions = [Options?];
-export declare const requireBackendAuthorization: import("@typescript-eslint/utils/ts-eslint").RuleModule<"violationDetected", RuleOptions, unknown, import("@typescript-eslint/utils/ts-eslint").RuleListener>;
+export declare const requireBackendAuthorization: import("@typescript-eslint/utils/ts-eslint").RuleModule<"violationDetected", RuleOptions, unknown, import("@typescript-eslint/utils/ts-eslint").RuleListener> & {
+    name: string;
+};
 export {};

package/src/rules/require-secure-defaults/index.d.ts CHANGED Viewed

@@ -6,5 +6,7 @@
 export interface Options {
 }
 type RuleOptions = [Options?];
-export declare const requireSecureDefaults: import("@typescript-eslint/utils/ts-eslint").RuleModule<"violationDetected", RuleOptions, unknown, import("@typescript-eslint/utils/ts-eslint").RuleListener>;
+export declare const requireSecureDefaults: import("@typescript-eslint/utils/ts-eslint").RuleModule<"violationDetected", RuleOptions, unknown, import("@typescript-eslint/utils/ts-eslint").RuleListener> & {
+    name: string;
+};
 export {};

package/src/types/index.d.ts CHANGED Viewed

@@ -7,28 +7,13 @@
  * eslint-plugin-secure-coding Type Exports
  *
  * Barrel file that exports all security rule Options types with consistent naming.
- *
- * Usage:
- * ```typescript
- * import type { NoHardcodedCredentialsOptions } from 'eslint-plugin-secure-coding/types';
- *
- * const config: NoHardcodedCredentialsOptions = {
- *   ignorePatterns: ['test/*'],
- * };
- * ```
  */
-import type { Options as DetectEvalWithExpressionOptions } from '../rules/detect-eval-with-expression';
-import type { Options as DetectChildProcessOptions } from '../rules/detect-child-process';
-import type { Options as NoUnsafeDynamicRequireOptions } from '../rules/no-unsafe-dynamic-require';
 import type { Options as NoGraphqlInjectionOptions } from '../rules/no-graphql-injection';
 import type { Options as NoXxeInjectionOptions } from '../rules/no-xxe-injection';
 import type { Options as NoXpathInjectionOptions } from '../rules/no-xpath-injection';
 import type { Options as NoLdapInjectionOptions } from '../rules/no-ldap-injection';
 import type { Options as NoDirectiveInjectionOptions } from '../rules/no-directive-injection';
 import type { Options as NoFormatStringInjectionOptions } from '../rules/no-format-string-injection';
-import type { Options as DetectNonLiteralFsFilenameOptions } from '../rules/detect-non-literal-fs-filename';
-import type { Options as NoZipSlipOptions } from '../rules/no-zip-slip';
-import type { Options as NoToctouVulnerabilityOptions } from '../rules/no-toctou-vulnerability';
 import type { Options as DetectNonLiteralRegexpOptions } from '../rules/detect-non-literal-regexp';
 import type { Options as NoRedosVulnerableRegexOptions } from '../rules/no-redos-vulnerable-regex';
 import type { Options as NoUnsafeRegexConstructionOptions } from '../rules/no-unsafe-regex-construction';
@@ -36,52 +21,28 @@ import type { Options as DetectObjectInjectionOptions } from '../rules/detect-ob
 import type { Options as NoUnsafeDeserializationOptions } from '../rules/no-unsafe-deserialization';
 import type { Options as NoHardcodedCredentialsOptions } from '../rules/no-hardcoded-credentials';
 import type { Options as NoInsecureComparisonOptions } from '../rules/no-insecure-comparison';
-import type { Options as NoUnvalidatedUserInputOptions } from '../rules/no-unvalidated-user-input';
-import type { Options as NoUnescapedUrlParameterOptions } from '../rules/no-unescaped-url-parameter';
 import type { Options as NoImproperSanitizationOptions } from '../rules/no-improper-sanitization';
 import type { Options as NoImproperTypeValidationOptions } from '../rules/no-improper-type-validation';
 import type { Options as NoMissingAuthenticationOptions } from '../rules/no-missing-authentication';
 import type { Options as NoPrivilegeEscalationOptions } from '../rules/no-privilege-escalation';
 import type { Options as NoWeakPasswordRecoveryOptions } from '../rules/no-weak-password-recovery';
-import type { Options as NoMissingCsrfProtectionOptions } from '../rules/no-missing-csrf-protection';
-import type { Options as NoMissingCorsCheckOptions } from '../rules/no-missing-cors-check';
-import type { Options as NoMissingSecurityHeadersOptions } from '../rules/no-missing-security-headers';
-import type { Options as NoInsecureRedirectsOptions } from '../rules/no-insecure-redirects';
-import type { Options as NoUnencryptedTransmissionOptions } from '../rules/no-unencrypted-transmission';
-import type { Options as NoClickjackingOptions } from '../rules/no-clickjacking';
-import type { Options as NoExposedSensitiveDataOptions } from '../rules/no-exposed-sensitive-data';
+import type { Options as RequireBackendAuthorizationOptions } from '../rules/require-backend-authorization';
 import type { Options as NoSensitiveDataExposureOptions } from '../rules/no-sensitive-data-exposure';
-import type { Options as NoBufferOverreadOptions } from '../rules/no-buffer-overread';
+import type { Options as NoPiiInLogsOptions } from '../rules/no-pii-in-logs';
 import type { Options as NoUnlimitedResourceAllocationOptions } from '../rules/no-unlimited-resource-allocation';
 import type { Options as NoUncheckedLoopConditionOptions } from '../rules/no-unchecked-loop-condition';
 import type { Options as NoElectronSecurityIssuesOptions } from '../rules/no-electron-security-issues';
-export type { DetectEvalWithExpressionOptions, DetectChildProcessOptions, NoUnsafeDynamicRequireOptions, NoGraphqlInjectionOptions, NoXxeInjectionOptions, NoXpathInjectionOptions, NoLdapInjectionOptions, NoDirectiveInjectionOptions, NoFormatStringInjectionOptions, DetectNonLiteralFsFilenameOptions, NoZipSlipOptions, NoToctouVulnerabilityOptions, DetectNonLiteralRegexpOptions, NoRedosVulnerableRegexOptions, NoUnsafeRegexConstructionOptions, DetectObjectInjectionOptions, NoUnsafeDeserializationOptions, NoHardcodedCredentialsOptions, NoInsecureComparisonOptions, NoUnvalidatedUserInputOptions, NoUnescapedUrlParameterOptions, NoImproperSanitizationOptions, NoImproperTypeValidationOptions, NoMissingAuthenticationOptions, NoPrivilegeEscalationOptions, NoWeakPasswordRecoveryOptions, NoMissingCsrfProtectionOptions, NoMissingCorsCheckOptions, NoMissingSecurityHeadersOptions, NoInsecureRedirectsOptions, NoUnencryptedTransmissionOptions, NoClickjackingOptions, NoExposedSensitiveDataOptions, NoSensitiveDataExposureOptions, NoBufferOverreadOptions, NoUnlimitedResourceAllocationOptions, NoUncheckedLoopConditionOptions, NoElectronSecurityIssuesOptions, };
+export type { NoGraphqlInjectionOptions, NoXxeInjectionOptions, NoXpathInjectionOptions, NoLdapInjectionOptions, NoDirectiveInjectionOptions, NoFormatStringInjectionOptions, DetectNonLiteralRegexpOptions, NoRedosVulnerableRegexOptions, NoUnsafeRegexConstructionOptions, DetectObjectInjectionOptions, NoUnsafeDeserializationOptions, NoHardcodedCredentialsOptions, NoInsecureComparisonOptions, NoImproperSanitizationOptions, NoImproperTypeValidationOptions, NoMissingAuthenticationOptions, NoPrivilegeEscalationOptions, NoWeakPasswordRecoveryOptions, NoPiiInLogsOptions, RequireBackendAuthorizationOptions, NoSensitiveDataExposureOptions, NoUnlimitedResourceAllocationOptions, NoUncheckedLoopConditionOptions, NoElectronSecurityIssuesOptions, };
 /**
  * Combined type for all security rule options
- * Useful for creating unified configuration objects
- *
- * @example
- * ```typescript
- * const config: AllSecurityRulesOptions = {
- *   'no-hardcoded-credentials': {
- *     ignorePatterns: ['test/*'],
- *   },
- * };
- * ```
  */
 export type AllSecurityRulesOptions = {
-    'detect-eval-with-expression'?: DetectEvalWithExpressionOptions;
-    'detect-child-process'?: DetectChildProcessOptions;
-    'no-unsafe-dynamic-require'?: NoUnsafeDynamicRequireOptions;
     'no-graphql-injection'?: NoGraphqlInjectionOptions;
     'no-xxe-injection'?: NoXxeInjectionOptions;
     'no-xpath-injection'?: NoXpathInjectionOptions;
     'no-ldap-injection'?: NoLdapInjectionOptions;
     'no-directive-injection'?: NoDirectiveInjectionOptions;
     'no-format-string-injection'?: NoFormatStringInjectionOptions;
-    'detect-non-literal-fs-filename'?: DetectNonLiteralFsFilenameOptions;
-    'no-zip-slip'?: NoZipSlipOptions;
-    'no-toctou-vulnerability'?: NoToctouVulnerabilityOptions;
     'detect-non-literal-regexp'?: DetectNonLiteralRegexpOptions;
     'no-redos-vulnerable-regex'?: NoRedosVulnerableRegexOptions;
     'no-unsafe-regex-construction'?: NoUnsafeRegexConstructionOptions;
@@ -89,22 +50,14 @@ export type AllSecurityRulesOptions = {
     'no-unsafe-deserialization'?: NoUnsafeDeserializationOptions;
     'no-hardcoded-credentials'?: NoHardcodedCredentialsOptions;
     'no-insecure-comparison'?: NoInsecureComparisonOptions;
-    'no-unvalidated-user-input'?: NoUnvalidatedUserInputOptions;
-    'no-unescaped-url-parameter'?: NoUnescapedUrlParameterOptions;
     'no-improper-sanitization'?: NoImproperSanitizationOptions;
     'no-improper-type-validation'?: NoImproperTypeValidationOptions;
     'no-missing-authentication'?: NoMissingAuthenticationOptions;
     'no-privilege-escalation'?: NoPrivilegeEscalationOptions;
     'no-weak-password-recovery'?: NoWeakPasswordRecoveryOptions;
-    'no-missing-csrf-protection'?: NoMissingCsrfProtectionOptions;
-    'no-missing-cors-check'?: NoMissingCorsCheckOptions;
-    'no-missing-security-headers'?: NoMissingSecurityHeadersOptions;
-    'no-insecure-redirects'?: NoInsecureRedirectsOptions;
-    'no-unencrypted-transmission'?: NoUnencryptedTransmissionOptions;
-    'no-clickjacking'?: NoClickjackingOptions;
-    'no-exposed-sensitive-data'?: NoExposedSensitiveDataOptions;
+    'no-pii-in-logs'?: NoPiiInLogsOptions;
+    'require-backend-authorization'?: RequireBackendAuthorizationOptions;
     'no-sensitive-data-exposure'?: NoSensitiveDataExposureOptions;
-    'no-buffer-overread'?: NoBufferOverreadOptions;
     'no-unlimited-resource-allocation'?: NoUnlimitedResourceAllocationOptions;
     'no-unchecked-loop-condition'?: NoUncheckedLoopConditionOptions;
     'no-electron-security-issues'?: NoElectronSecurityIssuesOptions;

package/src/rules/detect-child-process/index.d.ts DELETED Viewed

@@ -1,28 +0,0 @@
-/**
- * Copyright (c) 2025 Ofri Peretz
- * Licensed under the MIT License. Use of this source code is governed by the
- * MIT license that can be found in the LICENSE file.
- */
-/**
- * ESLint Rule: detect-child-process
- * Detects instances of child_process & non-literal exec() calls
- * LLM-optimized with comprehensive command injection prevention guidance
- *
- * @see https://owasp.org/www-community/attacks/Command_Injection
- * @see https://cwe.mitre.org/data/definitions/78.html
- */
-import type { TSESLint } from '@interlace/eslint-devkit';
-type MessageIds = 'childProcessCommandInjection' | 'useExecFile' | 'useSpawn' | 'useSaferLibrary' | 'validateInput' | 'useShellFalse' | 'strategyValidate' | 'strategySanitize' | 'strategyRestrict';
-export interface Options {
-    /** Allow exec() with literal strings. Default: false (stricter) */
-    allowLiteralStrings?: boolean;
-    /** Allow spawn() with literal arguments. Default: false (stricter) */
-    allowLiteralSpawn?: boolean;
-    /** Additional child_process methods to check */
-    additionalMethods?: string[];
-    /** Strategy for fixing command injection: 'validate', 'sanitize', 'restrict', or 'auto' */
-    strategy?: 'validate' | 'sanitize' | 'restrict' | 'auto';
-}
-type RuleOptions = [Options?];
-export declare const detectChildProcess: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener>;
-export {};