eslint-plugin-sonarjs 4.0.0 → 4.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (413) hide show
  1. package/README.md +269 -268
  2. package/cjs/S100/rule.js +7 -5
  3. package/cjs/S101/rule.js +2 -2
  4. package/cjs/S104/rule.js +2 -2
  5. package/cjs/S105/rule.js +2 -2
  6. package/cjs/S1066/rule.js +5 -4
  7. package/cjs/S1067/rule.js +8 -6
  8. package/cjs/S1110/rule.js +7 -5
  9. package/cjs/S1119/rule.js +85 -7
  10. package/cjs/S1121/rule.js +4 -3
  11. package/cjs/S1125/rule.js +9 -8
  12. package/cjs/S1126/rule.js +2 -2
  13. package/cjs/S1128/rule.js +8 -5
  14. package/cjs/S1134/rule.js +2 -2
  15. package/cjs/S1135/rule.js +2 -2
  16. package/cjs/S1154/rule.js +6 -4
  17. package/cjs/S117/rule.js +6 -5
  18. package/cjs/S1172/rule.js +2 -2
  19. package/cjs/S1192/rule.js +5 -4
  20. package/cjs/S1219/rule.js +4 -3
  21. package/cjs/S1226/rule.js +6 -4
  22. package/cjs/S124/rule.js +2 -2
  23. package/cjs/S125/rule.js +9 -7
  24. package/cjs/S126/rule.js +2 -2
  25. package/cjs/S1264/rule.js +2 -2
  26. package/cjs/S128/rule.js +4 -3
  27. package/cjs/S1291/rule.js +2 -2
  28. package/cjs/S1301/rule.js +2 -2
  29. package/cjs/S1313/rule.js +2 -2
  30. package/cjs/S134/rule.js +7 -5
  31. package/cjs/S135/rule.js +5 -4
  32. package/cjs/S138/rule.js +9 -6
  33. package/cjs/S1439/rule.js +2 -2
  34. package/cjs/S1444/rule.js +2 -2
  35. package/cjs/S1451/rule.js +2 -2
  36. package/cjs/S1472/rule.js +2 -2
  37. package/cjs/S1479/rule.js +2 -2
  38. package/cjs/S1481/rule.js +2 -2
  39. package/cjs/S1488/generated-meta.js +1 -1
  40. package/cjs/S1488/rule.js +11 -7
  41. package/cjs/S1515/rule.js +10 -8
  42. package/cjs/{helpers/aws/index.js → S1523/generated-meta.js} +34 -18
  43. package/cjs/S1523/index.js +21 -0
  44. package/cjs/S1523/meta.js +21 -0
  45. package/cjs/S1523/rule.js +143 -0
  46. package/cjs/S1526/rule.js +5 -4
  47. package/cjs/S1527/rule.js +2 -2
  48. package/cjs/S1528/rule.js +2 -2
  49. package/cjs/S1529/generated-meta.js +1 -1
  50. package/cjs/S1529/rule.js +4 -3
  51. package/cjs/S1530/rule.js +5 -3
  52. package/cjs/S1533/rule.js +2 -2
  53. package/cjs/S1535/rule.js +2 -2
  54. package/cjs/S1541/rule.js +10 -7
  55. package/cjs/S1607/rule.js +22 -20
  56. package/cjs/S1764/rule.js +10 -7
  57. package/cjs/S1821/rule.js +2 -2
  58. package/cjs/S1848/rule.js +10 -7
  59. package/cjs/S1854/rule.js +18 -14
  60. package/cjs/S1862/rule.js +10 -8
  61. package/cjs/S1871/rule.js +21 -16
  62. package/cjs/S1874/rule.js +4 -3
  63. package/cjs/S1940/rule.js +2 -2
  64. package/cjs/S1994/rule.js +10 -7
  65. package/cjs/S2004/rule.js +9 -7
  66. package/cjs/S2068/rule.js +75 -12
  67. package/cjs/S2077/generated-meta.js +1 -1
  68. package/cjs/S2077/rule.js +10 -6
  69. package/cjs/S2092/rule.js +2 -2
  70. package/cjs/S2123/rule.js +2 -2
  71. package/cjs/S2137/rule.js +2 -2
  72. package/cjs/S2138/rule.js +4 -3
  73. package/cjs/S2187/rule.js +2 -2
  74. package/cjs/S2201/rule.js +47 -5
  75. package/cjs/S2208/rule.js +2 -2
  76. package/cjs/S2234/rule.js +58 -11
  77. package/cjs/S2245/rule.js +4 -3
  78. package/cjs/S2251/rule.js +5 -4
  79. package/cjs/S2255/rule.js +6 -5
  80. package/cjs/S2259/rule.js +14 -9
  81. package/cjs/S2301/rule.js +14 -9
  82. package/cjs/S2310/rule.js +80 -9
  83. package/cjs/S2392/rule.js +7 -5
  84. package/cjs/S2424/rule.js +2 -2
  85. package/cjs/S2428/rule.js +8 -6
  86. package/cjs/S2486/rule.js +4 -3
  87. package/cjs/S2589/rule.js +12 -10
  88. package/cjs/S2598/rule.js +17 -14
  89. package/cjs/S2612/generated-meta.js +1 -1
  90. package/cjs/S2612/rule.js +8 -6
  91. package/cjs/S2639/rule.js +2 -2
  92. package/cjs/S2681/rule.js +2 -2
  93. package/cjs/S2692/rule.js +6 -4
  94. package/cjs/S2699/generated-meta.js +1 -1
  95. package/cjs/S2699/rule.js +40 -31
  96. package/cjs/S2703/rule.js +2 -2
  97. package/cjs/S2737/rule.js +6 -4
  98. package/cjs/S2755/rule.js +9 -6
  99. package/cjs/S2757/rule.js +2 -2
  100. package/cjs/S2817/rule.js +10 -7
  101. package/cjs/S2819/rule.js +16 -12
  102. package/cjs/S2870/rule.js +8 -5
  103. package/cjs/S2871/rule.js +12 -9
  104. package/cjs/S2970/rule.js +9 -8
  105. package/cjs/S2990/rule.js +2 -2
  106. package/cjs/S2999/rule.js +10 -7
  107. package/cjs/S3001/rule.js +2 -2
  108. package/cjs/S3003/rule.js +10 -7
  109. package/cjs/S3317/rule.js +4 -3
  110. package/cjs/S3330/rule.js +2 -2
  111. package/cjs/S3358/rule.js +2 -2
  112. package/cjs/S3402/rule.js +14 -10
  113. package/cjs/S3403/rule.js +10 -7
  114. package/cjs/S3415/rule.js +16 -13
  115. package/cjs/S3499/rule.js +5 -4
  116. package/cjs/S3500/rule.js +5 -4
  117. package/cjs/S3513/rule.js +5 -4
  118. package/cjs/S3514/rule.js +10 -7
  119. package/cjs/S3516/rule.js +10 -7
  120. package/cjs/S3524/rule.js +2 -2
  121. package/cjs/S3525/rule.js +6 -4
  122. package/cjs/S3531/rule.js +5 -3
  123. package/cjs/S3533/rule.js +8 -7
  124. package/cjs/S3579/rule.js +6 -4
  125. package/cjs/S3616/rule.js +6 -4
  126. package/cjs/S3626/rule.js +4 -3
  127. package/cjs/S3686/rule.js +7 -5
  128. package/cjs/S3699/rule.js +4 -3
  129. package/cjs/S3735/rule.js +8 -5
  130. package/cjs/S3757/rule.js +8 -6
  131. package/cjs/S3758/rule.js +9 -7
  132. package/cjs/S3760/rule.js +24 -21
  133. package/cjs/S3776/rule.js +26 -22
  134. package/cjs/S3782/rule.js +6 -4
  135. package/cjs/S3785/rule.js +9 -6
  136. package/cjs/S3796/rule.js +12 -8
  137. package/cjs/S3798/rule.js +4 -3
  138. package/cjs/S3800/rule.js +22 -11
  139. package/cjs/S3801/generated-meta.js +1 -1
  140. package/cjs/S3801/rule.js +15 -11
  141. package/cjs/S3827/rule.js +9 -6
  142. package/cjs/S3923/rule.js +9 -6
  143. package/cjs/S3972/rule.js +5 -4
  144. package/cjs/S3973/rule.js +7 -5
  145. package/cjs/S3981/rule.js +4 -3
  146. package/cjs/S3984/rule.js +4 -3
  147. package/cjs/S4030/rule.js +10 -7
  148. package/cjs/S4036/rule.js +7 -5
  149. package/cjs/S4043/rule.js +12 -8
  150. package/cjs/S4139/rule.js +7 -5
  151. package/cjs/S4143/rule.js +12 -9
  152. package/cjs/S4144/rule.js +12 -9
  153. package/cjs/S4158/rule.js +11 -8
  154. package/cjs/S4165/rule.js +14 -12
  155. package/cjs/S4322/rule.js +8 -5
  156. package/cjs/S4323/rule.js +4 -3
  157. package/cjs/S4324/rule.js +7 -5
  158. package/cjs/S4328/rule.js +2 -2
  159. package/cjs/S4335/rule.js +6 -4
  160. package/cjs/S4423/rule.js +4 -3
  161. package/cjs/S4423/rule.lib.js +8 -7
  162. package/cjs/S4426/rule.js +11 -10
  163. package/cjs/S4502/rule.js +16 -13
  164. package/cjs/S4507/rule.js +8 -6
  165. package/cjs/S4524/rule.js +2 -2
  166. package/cjs/S4619/rule.js +6 -4
  167. package/cjs/S4621/rule.js +5 -4
  168. package/cjs/S4622/rule.js +5 -3
  169. package/cjs/S4623/rule.js +8 -5
  170. package/cjs/S4624/rule.js +6 -4
  171. package/cjs/S4634/rule.js +4 -3
  172. package/cjs/S4721/rule.js +7 -5
  173. package/cjs/S4782/rule.js +7 -5
  174. package/cjs/S4784/rule.js +5 -4
  175. package/cjs/S4787/rule.js +9 -7
  176. package/cjs/S4790/rule.js +7 -5
  177. package/cjs/S4798/rule.js +2 -2
  178. package/cjs/S4817/rule.js +10 -8
  179. package/cjs/S4818/rule.js +4 -3
  180. package/cjs/S4822/rule.js +13 -9
  181. package/cjs/S4823/rule.js +4 -3
  182. package/cjs/S4829/rule.js +4 -3
  183. package/cjs/S4830/rule.js +11 -8
  184. package/cjs/S5042/rule.js +9 -7
  185. package/cjs/S5122/rule.js +40 -36
  186. package/cjs/S5148/rule.js +9 -8
  187. package/cjs/S5247/rule.js +22 -18
  188. package/cjs/S5256/rule.js +5 -4
  189. package/cjs/S5257/rule.js +4 -3
  190. package/cjs/S5260/rule.js +4 -3
  191. package/cjs/S5264/rule.js +4 -3
  192. package/cjs/S5332/rule.js +4 -3
  193. package/cjs/S5332/rule.lib.js +19 -17
  194. package/cjs/S5443/rule.js +2 -2
  195. package/cjs/S5527/rule.js +18 -14
  196. package/cjs/S5542/rule.js +6 -4
  197. package/cjs/S5547/rule.js +6 -4
  198. package/cjs/S5604/rule.js +15 -14
  199. package/cjs/S5659/rule.js +15 -12
  200. package/cjs/S5689/rule.js +11 -8
  201. package/cjs/S5691/rule.js +7 -5
  202. package/cjs/S5693/rule.js +14 -12
  203. package/cjs/S5725/rule.js +9 -6
  204. package/cjs/S5728/rule.js +7 -4
  205. package/cjs/S5730/rule.js +9 -6
  206. package/cjs/S5732/rule.js +8 -5
  207. package/cjs/S5734/rule.js +7 -4
  208. package/cjs/S5736/rule.js +8 -5
  209. package/cjs/S5739/rule.js +11 -8
  210. package/cjs/S5742/rule.js +7 -4
  211. package/cjs/S5743/rule.js +8 -6
  212. package/cjs/S5757/rule.js +13 -10
  213. package/cjs/S5759/rule.js +10 -7
  214. package/cjs/S5842/rule.js +2 -2
  215. package/cjs/S5843/rule.js +22 -19
  216. package/cjs/S5850/rule.js +4 -3
  217. package/cjs/S5852/rule.js +2 -2
  218. package/cjs/S5856/rule.js +10 -7
  219. package/cjs/S5860/rule.js +30 -26
  220. package/cjs/S5863/rule.js +15 -11
  221. package/cjs/S5867/rule.js +8 -7
  222. package/cjs/S5868/rule.js +7 -5
  223. package/cjs/S5869/rule.js +6 -5
  224. package/cjs/S5876/rule.js +12 -8
  225. package/cjs/S5958/rule.js +12 -9
  226. package/cjs/S5973/rule.js +10 -7
  227. package/cjs/S6019/rule.js +4 -3
  228. package/cjs/S6035/rule.js +2 -2
  229. package/cjs/S6079/rule.js +9 -6
  230. package/cjs/S6080/rule.js +13 -10
  231. package/cjs/S6092/rule.js +9 -7
  232. package/cjs/S6245/rule.js +14 -9
  233. package/cjs/S6249/rule.js +7 -5
  234. package/cjs/S6252/rule.js +12 -8
  235. package/cjs/S6265/rule.js +27 -20
  236. package/cjs/S6268/rule.js +5 -4
  237. package/cjs/S6270/rule.js +12 -9
  238. package/cjs/S6275/rule.js +2 -2
  239. package/cjs/S6281/rule.js +22 -17
  240. package/cjs/S6299/rule.js +2 -2
  241. package/cjs/S6302/rule.js +6 -5
  242. package/cjs/S6303/rule.js +12 -10
  243. package/cjs/S6304/rule.js +6 -5
  244. package/cjs/S6308/rule.js +7 -5
  245. package/cjs/S6317/rule.js +5 -4
  246. package/cjs/S6319/rule.js +2 -2
  247. package/cjs/S6321/rule.js +25 -23
  248. package/cjs/S6323/rule.js +4 -3
  249. package/cjs/S6324/rule.js +2 -2
  250. package/cjs/S6326/rule.js +2 -2
  251. package/cjs/S6327/rule.js +2 -2
  252. package/cjs/S6328/rule.js +4 -3
  253. package/cjs/S6329/rule.js +7 -5
  254. package/cjs/S6330/rule.js +2 -2
  255. package/cjs/S6332/rule.js +2 -2
  256. package/cjs/S6333/rule.js +8 -6
  257. package/cjs/S6351/rule.js +22 -19
  258. package/cjs/S6353/rule.js +2 -2
  259. package/cjs/S6397/rule.js +2 -2
  260. package/cjs/S6418/config.js +1 -1
  261. package/cjs/S6418/rule.js +9 -24
  262. package/cjs/S6426/rule.js +5 -4
  263. package/cjs/S6437/rule.js +10 -7
  264. package/cjs/S6439/rule.js +9 -7
  265. package/cjs/S6442/rule.js +11 -8
  266. package/cjs/S6443/rule.js +9 -7
  267. package/cjs/S6486/rule.js +5 -4
  268. package/cjs/S6564/rule.js +4 -3
  269. package/cjs/S6594/rule.js +12 -8
  270. package/cjs/S6627/rule.js +6 -4
  271. package/cjs/S6759/rule.js +10 -6
  272. package/cjs/S6958/rule.js +2 -2
  273. package/cjs/S6959/rule.js +9 -6
  274. package/cjs/S7059/generated-meta.js +1 -1
  275. package/cjs/S7059/rule.js +8 -5
  276. package/cjs/S7639/generated-meta.js +1 -1
  277. package/cjs/S7639/rule.js +5 -4
  278. package/cjs/S7790/generated-meta.js +1 -1
  279. package/cjs/S7790/rule.js +7 -5
  280. package/cjs/S8441/generated-meta.js +1 -1
  281. package/cjs/S8441/rule.js +13 -9
  282. package/cjs/S881/rule.js +2 -2
  283. package/cjs/S888/rule.js +4 -3
  284. package/cjs/S930/rule.js +14 -12
  285. package/cjs/helpers/ast.js +11 -8
  286. package/cjs/helpers/aws/s3.js +9 -6
  287. package/cjs/helpers/chai.js +41 -43
  288. package/cjs/helpers/configs.js +92 -0
  289. package/cjs/helpers/cookie-flag-check.js +19 -17
  290. package/cjs/helpers/{decorators/index.js → entropy.js} +16 -17
  291. package/cjs/helpers/express.js +127 -128
  292. package/cjs/helpers/find-up/all-in-parent-dirs.js +0 -16
  293. package/cjs/helpers/mocha.js +50 -54
  294. package/cjs/helpers/regex/ast.js +7 -6
  295. package/cjs/helpers/regex/extract.js +11 -11
  296. package/cjs/helpers/regex/group.js +2 -2
  297. package/cjs/helpers/regex/location.js +2 -2
  298. package/cjs/helpers/regex/range.js +5 -4
  299. package/cjs/helpers/regex/rule-template.js +4 -3
  300. package/cjs/helpers/sinon.js +33 -36
  301. package/cjs/helpers/supertest.js +34 -37
  302. package/cjs/helpers/vitest.js +29 -32
  303. package/cjs/plugin-rules.js +452 -450
  304. package/docs/assertions-in-tests.md +2 -0
  305. package/docs/bitwise-operators.md +2 -0
  306. package/docs/code-eval.md +7 -0
  307. package/docs/file-permissions.md +1 -1
  308. package/docs/no-async-constructor.md +2 -0
  309. package/docs/no-inconsistent-returns.md +2 -0
  310. package/docs/prefer-immediate-return.md +2 -0
  311. package/docs/sql-queries.md +2 -0
  312. package/package.json +39 -1
  313. package/types/S1067/rule.d.ts +1 -1
  314. package/types/S1110/rule.d.ts +1 -1
  315. package/types/S1128/rule.d.ts +1 -1
  316. package/types/S1172/rule.d.ts +1 -1
  317. package/types/S1226/rule.d.ts +1 -1
  318. package/types/S134/rule.d.ts +1 -1
  319. package/types/S1472/rule.d.ts +1 -1
  320. package/types/S1481/rule.d.ts +1 -1
  321. package/types/S1488/generated-meta.d.ts +1 -1
  322. package/types/S1515/rule.d.ts +1 -1
  323. package/types/S1523/generated-meta.d.ts +17 -0
  324. package/types/S1523/index.d.ts +1 -0
  325. package/types/S1523/meta.d.ts +2 -0
  326. package/types/S1523/rule.d.ts +2 -0
  327. package/types/S1527/rule.d.ts +1 -1
  328. package/types/S1529/generated-meta.d.ts +1 -1
  329. package/types/S1541/rule.d.ts +1 -1
  330. package/types/S1862/rule.d.ts +1 -1
  331. package/types/S2077/generated-meta.d.ts +1 -1
  332. package/types/S2123/rule.d.ts +1 -1
  333. package/types/S2259/rule.d.ts +1 -1
  334. package/types/S2428/rule.d.ts +1 -1
  335. package/types/S2589/rule.d.ts +1 -1
  336. package/types/S2598/rule.d.ts +1 -1
  337. package/types/S2699/generated-meta.d.ts +1 -1
  338. package/types/S2699/rule.d.ts +1 -1
  339. package/types/S2737/rule.d.ts +1 -1
  340. package/types/S2757/rule.d.ts +1 -1
  341. package/types/S2819/rule.d.ts +1 -1
  342. package/types/S3001/rule.d.ts +1 -1
  343. package/types/S3317/rule.d.ts +1 -1
  344. package/types/S3500/rule.d.ts +1 -1
  345. package/types/S3513/rule.d.ts +1 -1
  346. package/types/S3686/rule.d.ts +1 -1
  347. package/types/S3801/generated-meta.d.ts +1 -1
  348. package/types/S3972/rule.d.ts +1 -1
  349. package/types/S3973/rule.d.ts +1 -1
  350. package/types/S4030/rule.d.ts +1 -1
  351. package/types/S4143/rule.d.ts +1 -1
  352. package/types/S4158/rule.d.ts +1 -1
  353. package/types/S4621/rule.d.ts +1 -1
  354. package/types/S4782/rule.d.ts +1 -1
  355. package/types/S5693/rule.d.ts +1 -1
  356. package/types/S5725/rule.d.ts +1 -1
  357. package/types/S5860/rule.d.ts +1 -1
  358. package/types/S5868/rule.d.ts +1 -1
  359. package/types/S5869/rule.d.ts +1 -1
  360. package/types/S6079/rule.d.ts +1 -1
  361. package/types/S6326/rule.d.ts +1 -1
  362. package/types/S6351/rule.d.ts +1 -1
  363. package/types/S6418/config.d.ts +1 -1
  364. package/types/S6443/rule.d.ts +1 -1
  365. package/types/S7059/generated-meta.d.ts +1 -1
  366. package/types/S7639/generated-meta.d.ts +1 -1
  367. package/types/S7790/generated-meta.d.ts +1 -1
  368. package/types/S8441/generated-meta.d.ts +1 -1
  369. package/types/S930/rule.d.ts +1 -1
  370. package/types/helpers/ancestor.d.ts +3 -3
  371. package/types/helpers/ast.d.ts +1 -1
  372. package/types/helpers/aws/iam.d.ts +2 -2
  373. package/types/helpers/aws/s3.d.ts +1 -1
  374. package/types/helpers/chai.d.ts +3 -5
  375. package/types/helpers/configs.d.ts +39 -1
  376. package/types/helpers/entropy.d.ts +1 -0
  377. package/types/helpers/equivalence.d.ts +1 -1
  378. package/types/helpers/express.d.ts +38 -43
  379. package/types/helpers/find-up/all-in-parent-dirs.d.ts +1 -1
  380. package/types/helpers/find-up/closest.d.ts +1 -1
  381. package/types/helpers/find-up/find-minimatch.d.ts +1 -1
  382. package/types/helpers/generate-meta.d.ts +1 -1
  383. package/types/helpers/mocha.d.ts +19 -21
  384. package/types/helpers/module.d.ts +1 -1
  385. package/types/helpers/package-jsons/all-in-parent-dirs.d.ts +1 -1
  386. package/types/helpers/package-jsons/dependencies.d.ts +1 -1
  387. package/types/helpers/recognizers/CodeRecognizer.d.ts +1 -1
  388. package/types/helpers/recognizers/JavaScriptFootPrint.d.ts +2 -2
  389. package/types/helpers/recognizers/LanguageFootprint.d.ts +1 -1
  390. package/types/helpers/regex/alternation.d.ts +1 -1
  391. package/types/helpers/regex/ast.d.ts +1 -1
  392. package/types/helpers/regex/location.d.ts +2 -2
  393. package/types/helpers/regex/range.d.ts +2 -2
  394. package/types/helpers/regex/rule-template.d.ts +1 -1
  395. package/types/helpers/result.d.ts +1 -1
  396. package/types/helpers/sinon.d.ts +4 -6
  397. package/types/helpers/sonar-runtime.d.ts +1 -1
  398. package/types/helpers/supertest.d.ts +4 -6
  399. package/types/helpers/type.d.ts +1 -1
  400. package/types/helpers/vitest.d.ts +4 -6
  401. package/types/plugin-rules.d.ts +1 -0
  402. package/cjs/helpers/decorators/interceptor.js +0 -88
  403. package/cjs/helpers/index.js +0 -60
  404. package/cjs/helpers/recognizers/index.js +0 -37
  405. package/cjs/helpers/rule-detect-react.js +0 -29
  406. package/cjs/helpers/validate-version.js +0 -94
  407. package/types/helpers/aws/index.d.ts +0 -3
  408. package/types/helpers/decorators/index.d.ts +0 -2
  409. package/types/helpers/decorators/interceptor.d.ts +0 -16
  410. package/types/helpers/index.d.ts +0 -28
  411. package/types/helpers/recognizers/index.d.ts +0 -2
  412. package/types/helpers/rule-detect-react.d.ts +0 -2
  413. package/types/helpers/validate-version.d.ts +0 -13
package/cjs/S6080/rule.js CHANGED
@@ -51,20 +51,23 @@ var __importStar = (this && this.__importStar) || (function () {
51
51
  })();
52
52
  Object.defineProperty(exports, "__esModule", { value: true });
53
53
  exports.rule = void 0;
54
- const index_js_1 = require("../helpers/index.js");
54
+ const chai_js_1 = require("../helpers/chai.js");
55
+ const generate_meta_js_1 = require("../helpers/generate-meta.js");
56
+ const ast_js_1 = require("../helpers/ast.js");
57
+ const mocha_js_1 = require("../helpers/mocha.js");
55
58
  const meta = __importStar(require("./generated-meta.js"));
56
59
  const MESSAGE = 'Set this timeout to 0 if you want to disable it, otherwise use a value lower than 2147483648.';
57
60
  const MAX_DELAY_VALUE = 2_147_483_647;
58
61
  exports.rule = {
59
- meta: (0, index_js_1.generateMeta)(meta),
62
+ meta: (0, generate_meta_js_1.generateMeta)(meta),
60
63
  create(context) {
61
- if (!index_js_1.Chai.isImported(context)) {
64
+ if (!(0, chai_js_1.isImported)(context)) {
62
65
  return {};
63
66
  }
64
67
  const constructs = [];
65
68
  return {
66
69
  CallExpression: (node) => {
67
- if (index_js_1.Mocha.isTestConstruct(node)) {
70
+ if ((0, mocha_js_1.isTestConstruct)(node)) {
68
71
  constructs.push(node);
69
72
  return;
70
73
  }
@@ -73,7 +76,7 @@ exports.rule = {
73
76
  }
74
77
  },
75
78
  'CallExpression:exit': (node) => {
76
- if (index_js_1.Mocha.isTestConstruct(node)) {
79
+ if ((0, mocha_js_1.isTestConstruct)(node)) {
77
80
  constructs.pop();
78
81
  }
79
82
  },
@@ -81,10 +84,10 @@ exports.rule = {
81
84
  },
82
85
  };
83
86
  function checkTimeoutDisabling(node, context) {
84
- if ((0, index_js_1.isMethodCall)(node) && node.arguments.length > 0) {
87
+ if ((0, ast_js_1.isMethodCall)(node) && node.arguments.length > 0) {
85
88
  const { callee: { object, property }, arguments: [value], } = node;
86
- if ((0, index_js_1.isThisExpression)(object) &&
87
- (0, index_js_1.isIdentifier)(property, 'timeout') &&
89
+ if ((0, ast_js_1.isThisExpression)(object) &&
90
+ (0, ast_js_1.isIdentifier)(property, 'timeout') &&
88
91
  isDisablingTimeout(value, context)) {
89
92
  context.report({
90
93
  message: MESSAGE,
@@ -94,6 +97,6 @@ function checkTimeoutDisabling(node, context) {
94
97
  }
95
98
  }
96
99
  function isDisablingTimeout(timeout, context) {
97
- const usage = (0, index_js_1.getUniqueWriteUsageOrNode)(context, timeout);
98
- return (0, index_js_1.isNumberLiteral)(usage) && usage.value > MAX_DELAY_VALUE;
100
+ const usage = (0, ast_js_1.getUniqueWriteUsageOrNode)(context, timeout);
101
+ return (0, ast_js_1.isNumberLiteral)(usage) && usage.value > MAX_DELAY_VALUE;
99
102
  }
package/cjs/S6092/rule.js CHANGED
@@ -51,20 +51,22 @@ var __importStar = (this && this.__importStar) || (function () {
51
51
  })();
52
52
  Object.defineProperty(exports, "__esModule", { value: true });
53
53
  exports.rule = void 0;
54
- const index_js_1 = require("../helpers/index.js");
54
+ const chai_js_1 = require("../helpers/chai.js");
55
+ const generate_meta_js_1 = require("../helpers/generate-meta.js");
56
+ const ast_js_1 = require("../helpers/ast.js");
55
57
  const meta = __importStar(require("./generated-meta.js"));
56
58
  const message = 'Refactor this uncertain assertion; it can succeed for multiple reasons.';
57
59
  exports.rule = {
58
- meta: (0, index_js_1.generateMeta)(meta),
60
+ meta: (0, generate_meta_js_1.generateMeta)(meta),
59
61
  create(context) {
60
- if (!index_js_1.Chai.isImported(context)) {
62
+ if (!(0, chai_js_1.isImported)(context)) {
61
63
  return {};
62
64
  }
63
65
  return {
64
66
  ExpressionStatement: (node) => {
65
67
  const elements = retrieveAssertionChainElements(node.expression);
66
68
  if (elements.length > 1 &&
67
- ((0, index_js_1.isIdentifier)(elements[0].identifier, 'expect') ||
69
+ ((0, ast_js_1.isIdentifier)(elements[0].identifier, 'expect') ||
68
70
  getElementIndex(elements, 'should') >= 0)) {
69
71
  checkNotThrow(context, elements);
70
72
  checkNotInclude(context, elements);
@@ -135,7 +137,7 @@ function retrieveAssertionChainElements(node) {
135
137
  const result = [];
136
138
  let currentArguments = undefined;
137
139
  while (true) {
138
- if ((0, index_js_1.isDotNotation)(currentNode)) {
140
+ if ((0, ast_js_1.isDotNotation)(currentNode)) {
139
141
  result.push({ identifier: currentNode.property, arguments: currentArguments });
140
142
  currentNode = currentNode.object;
141
143
  currentArguments = undefined;
@@ -144,7 +146,7 @@ function retrieveAssertionChainElements(node) {
144
146
  currentArguments = currentNode.arguments;
145
147
  currentNode = currentNode.callee;
146
148
  }
147
- else if ((0, index_js_1.isIdentifier)(currentNode)) {
149
+ else if ((0, ast_js_1.isIdentifier)(currentNode)) {
148
150
  result.push({ identifier: currentNode, arguments: currentArguments });
149
151
  break;
150
152
  }
@@ -155,7 +157,7 @@ function retrieveAssertionChainElements(node) {
155
157
  return result.reverse();
156
158
  }
157
159
  function getElementIndex(elements, name) {
158
- return elements.findIndex(element => (0, index_js_1.isIdentifier)(element.identifier, name));
160
+ return elements.findIndex(element => (0, ast_js_1.isIdentifier)(element.identifier, name));
159
161
  }
160
162
  function locFromTwoNodes(start, end) {
161
163
  return {
package/cjs/S6245/rule.js CHANGED
@@ -51,32 +51,37 @@ var __importStar = (this && this.__importStar) || (function () {
51
51
  })();
52
52
  Object.defineProperty(exports, "__esModule", { value: true });
53
53
  exports.rule = void 0;
54
- const index_js_1 = require("../helpers/index.js");
54
+ const s3_js_1 = require("../helpers/aws/s3.js");
55
+ const generate_meta_js_1 = require("../helpers/generate-meta.js");
56
+ const module_js_1 = require("../helpers/module.js");
57
+ const ast_js_1 = require("../helpers/ast.js");
58
+ const cdk_js_1 = require("../helpers/aws/cdk.js");
59
+ const location_js_1 = require("../helpers/location.js");
55
60
  const meta = __importStar(require("./generated-meta.js"));
56
61
  const ENCRYPTED_KEY = 'encryption';
57
62
  const messages = {
58
63
  unencrypted: 'Objects in the bucket are not encrypted. Make sure it is safe here.',
59
64
  omitted: 'Omitting "encryption" disables server-side encryption. Make sure it is safe here.',
60
65
  };
61
- exports.rule = (0, index_js_1.S3BucketTemplate)((bucket, context) => {
62
- const encryptedProperty = (0, index_js_1.getBucketProperty)(context, bucket, ENCRYPTED_KEY);
66
+ exports.rule = (0, s3_js_1.S3BucketTemplate)((bucket, context) => {
67
+ const encryptedProperty = (0, s3_js_1.getBucketProperty)(context, bucket, ENCRYPTED_KEY);
63
68
  if (encryptedProperty == null) {
64
- (0, index_js_1.report)(context, {
69
+ (0, location_js_1.report)(context, {
65
70
  message: messages['omitted'],
66
71
  node: bucket.callee,
67
72
  });
68
73
  return;
69
74
  }
70
- const encryptedValue = (0, index_js_1.getValueOfExpression)(context, encryptedProperty.value, 'MemberExpression');
75
+ const encryptedValue = (0, ast_js_1.getValueOfExpression)(context, encryptedProperty.value, 'MemberExpression');
71
76
  if (encryptedValue && isUnencrypted(encryptedValue)) {
72
- const propagated = (0, index_js_1.findPropagatedSetting)(encryptedProperty, encryptedValue);
73
- (0, index_js_1.report)(context, {
77
+ const propagated = (0, s3_js_1.findPropagatedSetting)(encryptedProperty, encryptedValue);
78
+ (0, location_js_1.report)(context, {
74
79
  message: messages['unencrypted'],
75
80
  node: encryptedProperty,
76
81
  }, propagated ? [propagated] : []);
77
82
  }
78
83
  function isUnencrypted(encrypted) {
79
- return ((0, index_js_1.normalizeFQN)((0, index_js_1.getFullyQualifiedName)(context, encrypted)) ===
84
+ return ((0, cdk_js_1.normalizeFQN)((0, module_js_1.getFullyQualifiedName)(context, encrypted)) ===
80
85
  'aws_cdk_lib.aws_s3.BucketEncryption.UNENCRYPTED');
81
86
  }
82
- }, (0, index_js_1.generateMeta)(meta));
87
+ }, (0, generate_meta_js_1.generateMeta)(meta));
package/cjs/S6249/rule.js CHANGED
@@ -51,15 +51,17 @@ var __importStar = (this && this.__importStar) || (function () {
51
51
  })();
52
52
  Object.defineProperty(exports, "__esModule", { value: true });
53
53
  exports.rule = void 0;
54
- const index_js_1 = require("../helpers/index.js");
54
+ const generate_meta_js_1 = require("../helpers/generate-meta.js");
55
+ const s3_js_1 = require("../helpers/aws/s3.js");
56
+ const ast_js_1 = require("../helpers/ast.js");
55
57
  const meta = __importStar(require("./generated-meta.js"));
56
58
  const ENFORCE_SSL_KEY = 'enforceSSL';
57
59
  const messages = {
58
60
  authorized: 'Make sure authorizing HTTP requests is safe here.',
59
61
  omitted: "Omitting 'enforceSSL' authorizes HTTP requests. Make sure it is safe here.",
60
62
  };
61
- exports.rule = (0, index_js_1.S3BucketTemplate)((bucket, context) => {
62
- const enforceSSLProperty = (0, index_js_1.getBucketProperty)(context, bucket, ENFORCE_SSL_KEY);
63
+ exports.rule = (0, s3_js_1.S3BucketTemplate)((bucket, context) => {
64
+ const enforceSSLProperty = (0, s3_js_1.getBucketProperty)(context, bucket, ENFORCE_SSL_KEY);
63
65
  if (enforceSSLProperty == null) {
64
66
  context.report({
65
67
  message: messages['omitted'],
@@ -67,11 +69,11 @@ exports.rule = (0, index_js_1.S3BucketTemplate)((bucket, context) => {
67
69
  });
68
70
  return;
69
71
  }
70
- const enforceSSLValue = (0, index_js_1.getValueOfExpression)(context, enforceSSLProperty.value, 'Literal');
72
+ const enforceSSLValue = (0, ast_js_1.getValueOfExpression)(context, enforceSSLProperty.value, 'Literal');
71
73
  if (enforceSSLValue?.value === false) {
72
74
  context.report({
73
75
  message: messages['authorized'],
74
76
  node: enforceSSLProperty,
75
77
  });
76
78
  }
77
- }, (0, index_js_1.generateMeta)(meta));
79
+ }, (0, generate_meta_js_1.generateMeta)(meta));
package/cjs/S6252/rule.js CHANGED
@@ -51,7 +51,11 @@ var __importStar = (this && this.__importStar) || (function () {
51
51
  })();
52
52
  Object.defineProperty(exports, "__esModule", { value: true });
53
53
  exports.rule = void 0;
54
- const index_js_1 = require("../helpers/index.js");
54
+ const location_js_1 = require("../helpers/location.js");
55
+ const generate_meta_js_1 = require("../helpers/generate-meta.js");
56
+ const s3_js_1 = require("../helpers/aws/s3.js");
57
+ const ancestor_js_1 = require("../helpers/ancestor.js");
58
+ const ast_js_1 = require("../helpers/ast.js");
55
59
  const meta = __importStar(require("./generated-meta.js"));
56
60
  const VERSIONED_KEY = 'versioned';
57
61
  const messages = {
@@ -59,25 +63,25 @@ const messages = {
59
63
  omitted: 'Omitting the "versioned" argument disables S3 bucket versioning. Make sure it is safe here.',
60
64
  secondary: 'Propagated setting',
61
65
  };
62
- exports.rule = (0, index_js_1.S3BucketTemplate)((bucketConstructor, context) => {
63
- const versionedProperty = (0, index_js_1.getBucketProperty)(context, bucketConstructor, VERSIONED_KEY);
66
+ exports.rule = (0, s3_js_1.S3BucketTemplate)((bucketConstructor, context) => {
67
+ const versionedProperty = (0, s3_js_1.getBucketProperty)(context, bucketConstructor, VERSIONED_KEY);
64
68
  if (versionedProperty == null) {
65
- (0, index_js_1.report)(context, {
69
+ (0, location_js_1.report)(context, {
66
70
  message: messages.omitted,
67
71
  node: bucketConstructor.callee,
68
72
  });
69
73
  return;
70
74
  }
71
- const propertyLiteralValue = (0, index_js_1.getValueOfExpression)(context, versionedProperty.value, 'Literal');
75
+ const propertyLiteralValue = (0, ast_js_1.getValueOfExpression)(context, versionedProperty.value, 'Literal');
72
76
  if (propertyLiteralValue?.value === false) {
73
77
  const secondaries = [];
74
78
  const isPropagatedProperty = versionedProperty.value !== propertyLiteralValue;
75
79
  if (isPropagatedProperty) {
76
- secondaries.push((0, index_js_1.toSecondaryLocation)((0, index_js_1.getNodeParent)(propertyLiteralValue), messages.secondary));
80
+ secondaries.push((0, location_js_1.toSecondaryLocation)((0, ancestor_js_1.getNodeParent)(propertyLiteralValue), messages.secondary));
77
81
  }
78
- (0, index_js_1.report)(context, {
82
+ (0, location_js_1.report)(context, {
79
83
  message: messages.unversioned,
80
84
  node: versionedProperty,
81
85
  }, secondaries);
82
86
  }
83
- }, (0, index_js_1.generateMeta)(meta));
87
+ }, (0, generate_meta_js_1.generateMeta)(meta));
package/cjs/S6265/rule.js CHANGED
@@ -51,7 +51,14 @@ var __importStar = (this && this.__importStar) || (function () {
51
51
  })();
52
52
  Object.defineProperty(exports, "__esModule", { value: true });
53
53
  exports.rule = void 0;
54
- const index_js_1 = require("../helpers/index.js");
54
+ const s3_js_1 = require("../helpers/aws/s3.js");
55
+ const generate_meta_js_1 = require("../helpers/generate-meta.js");
56
+ const module_js_1 = require("../helpers/module.js");
57
+ const ast_js_1 = require("../helpers/ast.js");
58
+ const collection_js_1 = require("../helpers/collection.js");
59
+ const merger_js_1 = require("../helpers/decorators/merger.js");
60
+ const cdk_js_1 = require("../helpers/aws/cdk.js");
61
+ const location_js_1 = require("../helpers/location.js");
55
62
  const meta = __importStar(require("./generated-meta.js"));
56
63
  const messages = {
57
64
  accessLevel: (param) => `Make sure granting ${param} access is safe here.`,
@@ -62,12 +69,12 @@ const INVALID_ACCESS_CONTROL_VALUES = ['PUBLIC_READ', 'PUBLIC_READ_WRITE', 'AUTH
62
69
  const PUBLIC_READ_ACCESS_KEY = 'publicReadAccess';
63
70
  const INVALID_PUBLIC_READ_ACCESS_VALUE = true;
64
71
  exports.rule = {
65
- meta: (0, index_js_1.generateMeta)(meta),
72
+ meta: (0, generate_meta_js_1.generateMeta)(meta),
66
73
  create(context) {
67
- return (0, index_js_1.mergeRules)(s3BucketConstructorRule.create(context), s3BucketDeploymentConstructorRule.create(context), handleGrantPublicAccess.create(context));
74
+ return (0, merger_js_1.mergeRules)(s3BucketConstructorRule.create(context), s3BucketDeploymentConstructorRule.create(context), handleGrantPublicAccess.create(context));
68
75
  },
69
76
  };
70
- const s3BucketConstructorRule = (0, index_js_1.S3BucketTemplate)((bucketConstructor, context) => {
77
+ const s3BucketConstructorRule = (0, s3_js_1.S3BucketTemplate)((bucketConstructor, context) => {
71
78
  for (const value of INVALID_ACCESS_CONTROL_VALUES) {
72
79
  checkConstantParam(context, bucketConstructor, ACCESS_CONTROL_KEY, [
73
80
  'BucketAccessControl',
@@ -80,7 +87,7 @@ const s3BucketDeploymentConstructorRule = {
80
87
  create(context) {
81
88
  return {
82
89
  NewExpression: (node) => {
83
- if ((0, index_js_1.isS3BucketDeploymentConstructor)(context, node)) {
90
+ if ((0, s3_js_1.isS3BucketDeploymentConstructor)(context, node)) {
84
91
  for (const value of INVALID_ACCESS_CONTROL_VALUES) {
85
92
  checkConstantParam(context, node, ACCESS_CONTROL_KEY, ['BucketAccessControl', value]);
86
93
  }
@@ -90,31 +97,31 @@ const s3BucketDeploymentConstructorRule = {
90
97
  },
91
98
  };
92
99
  function checkBooleanParam(context, bucketConstructor, propName, propValue) {
93
- const property = (0, index_js_1.getBucketProperty)(context, bucketConstructor, propName);
100
+ const property = (0, s3_js_1.getBucketProperty)(context, bucketConstructor, propName);
94
101
  if (property == null) {
95
102
  return;
96
103
  }
97
- const propertyLiteralValue = (0, index_js_1.getValueOfExpression)(context, property.value, 'Literal');
104
+ const propertyLiteralValue = (0, ast_js_1.getValueOfExpression)(context, property.value, 'Literal');
98
105
  if (propertyLiteralValue?.value === propValue) {
99
- const secondary = (0, index_js_1.findPropagatedSetting)(property, propertyLiteralValue);
100
- (0, index_js_1.report)(context, {
106
+ const secondary = (0, s3_js_1.findPropagatedSetting)(property, propertyLiteralValue);
107
+ (0, location_js_1.report)(context, {
101
108
  message: messages.unrestricted,
102
109
  node: property,
103
110
  }, secondary ? [secondary] : []);
104
111
  }
105
112
  }
106
113
  function checkConstantParam(context, bucketConstructor, propName, paramQualifiers) {
107
- const property = (0, index_js_1.getBucketProperty)(context, bucketConstructor, propName);
114
+ const property = (0, s3_js_1.getBucketProperty)(context, bucketConstructor, propName);
108
115
  if (property == null) {
109
116
  return;
110
117
  }
111
- const propertyLiteralValue = (0, index_js_1.getValueOfExpression)(context, property.value, 'MemberExpression');
118
+ const propertyLiteralValue = (0, ast_js_1.getValueOfExpression)(context, property.value, 'MemberExpression');
112
119
  if (propertyLiteralValue !== undefined &&
113
- (0, index_js_1.normalizeFQN)((0, index_js_1.getFullyQualifiedName)(context, propertyLiteralValue)) ===
120
+ (0, cdk_js_1.normalizeFQN)((0, module_js_1.getFullyQualifiedName)(context, propertyLiteralValue)) ===
114
121
  `aws_cdk_lib.aws_s3.${paramQualifiers.join('.')}`) {
115
- const secondary = (0, index_js_1.findPropagatedSetting)(property, propertyLiteralValue);
116
- (0, index_js_1.report)(context, {
117
- message: messages.accessLevel((0, index_js_1.last)(paramQualifiers)),
122
+ const secondary = (0, s3_js_1.findPropagatedSetting)(property, propertyLiteralValue);
123
+ (0, location_js_1.report)(context, {
124
+ message: messages.accessLevel((0, collection_js_1.last)(paramQualifiers)),
118
125
  node: property,
119
126
  }, secondary ? [secondary] : []);
120
127
  }
@@ -123,21 +130,21 @@ const handleGrantPublicAccess = {
123
130
  create(context) {
124
131
  return {
125
132
  CallExpression: (node) => {
126
- if (!(0, index_js_1.isMethodCall)(node)) {
133
+ if (!(0, ast_js_1.isMethodCall)(node)) {
127
134
  return;
128
135
  }
129
136
  const { object, property } = node.callee;
130
- const isGrantPublicAccessMethodCall = (0, index_js_1.isIdentifier)(property, 'grantPublicAccess');
137
+ const isGrantPublicAccessMethodCall = (0, ast_js_1.isIdentifier)(property, 'grantPublicAccess');
131
138
  if (!isGrantPublicAccessMethodCall) {
132
139
  return;
133
140
  }
134
- const variableAssignment = (0, index_js_1.getUniqueWriteUsageOrNode)(context, object);
141
+ const variableAssignment = (0, ast_js_1.getUniqueWriteUsageOrNode)(context, object);
135
142
  const isS3bucketInstance = variableAssignment.type === 'NewExpression' &&
136
- (0, index_js_1.isS3BucketConstructor)(context, variableAssignment);
143
+ (0, s3_js_1.isS3BucketConstructor)(context, variableAssignment);
137
144
  if (!isS3bucketInstance) {
138
145
  return;
139
146
  }
140
- (0, index_js_1.report)(context, {
147
+ (0, location_js_1.report)(context, {
141
148
  message: messages.unrestricted,
142
149
  node: property,
143
150
  });
package/cjs/S6268/rule.js CHANGED
@@ -51,7 +51,8 @@ var __importStar = (this && this.__importStar) || (function () {
51
51
  })();
52
52
  Object.defineProperty(exports, "__esModule", { value: true });
53
53
  exports.rule = void 0;
54
- const index_js_1 = require("../helpers/index.js");
54
+ const generate_meta_js_1 = require("../helpers/generate-meta.js");
55
+ const ast_js_1 = require("../helpers/ast.js");
55
56
  const meta = __importStar(require("./generated-meta.js"));
56
57
  const bypassMethods = [
57
58
  'bypassSecurityTrustHtml',
@@ -61,7 +62,7 @@ const bypassMethods = [
61
62
  'bypassSecurityTrustResourceUrl',
62
63
  ];
63
64
  exports.rule = {
64
- meta: (0, index_js_1.generateMeta)(meta, {
65
+ meta: (0, generate_meta_js_1.generateMeta)(meta, {
65
66
  messages: {
66
67
  checkAngularBypass: 'Make sure disabling Angular built-in sanitization is safe here.',
67
68
  },
@@ -70,7 +71,7 @@ exports.rule = {
70
71
  return {
71
72
  CallExpression: (node) => {
72
73
  const { callee, arguments: args } = node;
73
- if ((0, index_js_1.isMemberWithProperty)(callee, ...bypassMethods) &&
74
+ if ((0, ast_js_1.isMemberWithProperty)(callee, ...bypassMethods) &&
74
75
  args.length === 1 &&
75
76
  !isHardcodedLiteral(args[0])) {
76
77
  context.report({
@@ -87,6 +88,6 @@ function isHardcodedLiteral(node) {
87
88
  return node.expressions.length === 0;
88
89
  }
89
90
  else {
90
- return (0, index_js_1.isLiteral)(node);
91
+ return (0, ast_js_1.isLiteral)(node);
91
92
  }
92
93
  }
package/cjs/S6270/rule.js CHANGED
@@ -51,7 +51,10 @@ var __importStar = (this && this.__importStar) || (function () {
51
51
  })();
52
52
  Object.defineProperty(exports, "__esModule", { value: true });
53
53
  exports.rule = void 0;
54
- const index_js_1 = require("../helpers/index.js");
54
+ const ast_js_1 = require("../helpers/ast.js");
55
+ const generate_meta_js_1 = require("../helpers/generate-meta.js");
56
+ const module_js_1 = require("../helpers/module.js");
57
+ const location_js_1 = require("../helpers/location.js");
55
58
  const result_js_1 = require("../helpers/result.js");
56
59
  const iam_js_1 = require("../helpers/aws/iam.js");
57
60
  const cdk_js_1 = require("../helpers/aws/cdk.js");
@@ -62,22 +65,22 @@ const MESSAGES = {
62
65
  message: 'Make sure granting public access is safe here.',
63
66
  secondary: 'Related effect',
64
67
  };
65
- exports.rule = (0, iam_js_1.AwsIamPolicyTemplate)(publicAccessStatementChecker, (0, index_js_1.generateMeta)(meta));
68
+ exports.rule = (0, iam_js_1.AwsIamPolicyTemplate)(publicAccessStatementChecker, (0, generate_meta_js_1.generateMeta)(meta));
66
69
  function publicAccessStatementChecker(expr, ctx, options) {
67
70
  const properties = (0, result_js_1.getResultOfExpression)(ctx, expr);
68
71
  const effect = (0, iam_js_1.getSensitiveEffect)(properties, ctx, options);
69
72
  const principal = getSensitivePrincipal(properties, ctx, options);
70
73
  if (effect.isMissing && principal) {
71
- (0, index_js_1.report)(ctx, {
74
+ (0, location_js_1.report)(ctx, {
72
75
  message: MESSAGES.message,
73
76
  node: principal,
74
77
  });
75
78
  }
76
79
  else if (effect.isFound && principal) {
77
- (0, index_js_1.report)(ctx, {
80
+ (0, location_js_1.report)(ctx, {
78
81
  message: MESSAGES.message,
79
82
  node: principal,
80
- }, [(0, index_js_1.toSecondaryLocation)(effect.node, MESSAGES.secondary)]);
83
+ }, [(0, location_js_1.toSecondaryLocation)(effect.node, MESSAGES.secondary)]);
81
84
  }
82
85
  }
83
86
  function getSensitivePrincipal(properties, ctx, options) {
@@ -97,7 +100,7 @@ function getSensitivePrincipalFromFullyQualifiedName(ctx, node, options) {
97
100
  }
98
101
  function getPrincipalNewExpressions(node) {
99
102
  const newExpressions = [];
100
- if ((0, index_js_1.isArrayExpression)(node)) {
103
+ if ((0, ast_js_1.isArrayExpression)(node)) {
101
104
  for (const element of node.elements) {
102
105
  if (element?.type === 'NewExpression') {
103
106
  newExpressions.push(element);
@@ -113,16 +116,16 @@ function isSensitivePrincipalNewExpression(ctx, newExpression, options) {
113
116
  return (options.principals.anyValues ?? []).some(anyValue => {
114
117
  if (anyValue === ARN_PRINCIPAL) {
115
118
  const argument = newExpression.arguments[0];
116
- return (0, index_js_1.isStringLiteral)(argument) && (0, iam_js_1.isAnyLiteral)(argument);
119
+ return (0, ast_js_1.isStringLiteral)(argument) && (0, iam_js_1.isAnyLiteral)(argument);
117
120
  }
118
121
  else {
119
- return anyValue === (0, cdk_js_1.normalizeFQN)((0, index_js_1.getFullyQualifiedName)(ctx, newExpression.callee));
122
+ return anyValue === (0, cdk_js_1.normalizeFQN)((0, module_js_1.getFullyQualifiedName)(ctx, newExpression.callee));
120
123
  }
121
124
  });
122
125
  }
123
126
  function getPrincipalLiterals(node, ctx) {
124
127
  const literals = [];
125
- if ((0, index_js_1.isStringLiteral)(node)) {
128
+ if ((0, ast_js_1.isStringLiteral)(node)) {
126
129
  literals.push(node);
127
130
  }
128
131
  else {
package/cjs/S6275/rule.js CHANGED
@@ -52,11 +52,11 @@ var __importStar = (this && this.__importStar) || (function () {
52
52
  Object.defineProperty(exports, "__esModule", { value: true });
53
53
  exports.rule = void 0;
54
54
  const cdk_js_1 = require("../helpers/aws/cdk.js");
55
- const index_js_1 = require("../helpers/index.js");
55
+ const generate_meta_js_1 = require("../helpers/generate-meta.js");
56
56
  const meta = __importStar(require("./generated-meta.js"));
57
57
  exports.rule = (0, cdk_js_1.AwsCdkTemplate)({
58
58
  'aws-cdk-lib.aws-ec2.Volume': (0, cdk_js_1.AwsCdkCheckArguments)(['encryptionOmitted', 'encryptionDisabled'], true, 'encrypted', { primitives: { invalid: [false] } }),
59
- }, (0, index_js_1.generateMeta)(meta, {
59
+ }, (0, generate_meta_js_1.generateMeta)(meta, {
60
60
  messages: {
61
61
  encryptionDisabled: 'Make sure that using unencrypted volumes is safe here.',
62
62
  encryptionOmitted: 'Omitting "encrypted" disables volumes encryption. Make sure it is safe here.',
package/cjs/S6281/rule.js CHANGED
@@ -51,7 +51,12 @@ var __importStar = (this && this.__importStar) || (function () {
51
51
  })();
52
52
  Object.defineProperty(exports, "__esModule", { value: true });
53
53
  exports.rule = void 0;
54
- const index_js_1 = require("../helpers/index.js");
54
+ const s3_js_1 = require("../helpers/aws/s3.js");
55
+ const generate_meta_js_1 = require("../helpers/generate-meta.js");
56
+ const module_js_1 = require("../helpers/module.js");
57
+ const ast_js_1 = require("../helpers/ast.js");
58
+ const cdk_js_1 = require("../helpers/aws/cdk.js");
59
+ const location_js_1 = require("../helpers/location.js");
55
60
  const meta = __importStar(require("./generated-meta.js"));
56
61
  const BLOCK_PUBLIC_ACCESS_KEY = 'blockPublicAccess';
57
62
  const BLOCK_PUBLIC_ACCESS_PROPERTY_KEYS = [
@@ -65,10 +70,10 @@ const messages = {
65
70
  'to be set on this S3 bucket. Make sure it is safe here.',
66
71
  public: 'Make sure allowing public ACL/policies to be set is safe here.',
67
72
  };
68
- exports.rule = (0, index_js_1.S3BucketTemplate)((bucket, context) => {
69
- const blockPublicAccess = (0, index_js_1.getBucketProperty)(context, bucket, BLOCK_PUBLIC_ACCESS_KEY);
73
+ exports.rule = (0, s3_js_1.S3BucketTemplate)((bucket, context) => {
74
+ const blockPublicAccess = (0, s3_js_1.getBucketProperty)(context, bucket, BLOCK_PUBLIC_ACCESS_KEY);
70
75
  if (blockPublicAccess == null) {
71
- (0, index_js_1.report)(context, {
76
+ (0, location_js_1.report)(context, {
72
77
  message: messages['omitted'],
73
78
  node: bucket.callee,
74
79
  });
@@ -79,12 +84,12 @@ exports.rule = (0, index_js_1.S3BucketTemplate)((bucket, context) => {
79
84
  }
80
85
  /** Checks `blockPublicAccess: s3.BlockPublicAccess.BLOCK_ACLS` sensitive pattern */
81
86
  function checkBlockPublicAccessValue(blockPublicAccess) {
82
- const blockPublicAccessMember = (0, index_js_1.getValueOfExpression)(context, blockPublicAccess.value, 'MemberExpression');
87
+ const blockPublicAccessMember = (0, ast_js_1.getValueOfExpression)(context, blockPublicAccess.value, 'MemberExpression');
83
88
  if (blockPublicAccessMember !== undefined &&
84
- (0, index_js_1.normalizeFQN)((0, index_js_1.getFullyQualifiedName)(context, blockPublicAccessMember)) ===
89
+ (0, cdk_js_1.normalizeFQN)((0, module_js_1.getFullyQualifiedName)(context, blockPublicAccessMember)) ===
85
90
  'aws_cdk_lib.aws_s3.BlockPublicAccess.BLOCK_ACLS') {
86
- const propagated = (0, index_js_1.findPropagatedSetting)(blockPublicAccess, blockPublicAccessMember);
87
- (0, index_js_1.report)(context, {
91
+ const propagated = (0, s3_js_1.findPropagatedSetting)(blockPublicAccess, blockPublicAccessMember);
92
+ (0, location_js_1.report)(context, {
88
93
  message: messages['public'],
89
94
  node: blockPublicAccess,
90
95
  }, propagated ? [propagated] : []);
@@ -92,12 +97,12 @@ exports.rule = (0, index_js_1.S3BucketTemplate)((bucket, context) => {
92
97
  }
93
98
  /** Checks `blockPublicAccess: new s3.BlockPublicAccess({...})` sensitive pattern */
94
99
  function checkBlockPublicAccessConstructor(blockPublicAccess) {
95
- const blockPublicAccessNew = (0, index_js_1.getValueOfExpression)(context, blockPublicAccess.value, 'NewExpression');
100
+ const blockPublicAccessNew = (0, ast_js_1.getValueOfExpression)(context, blockPublicAccess.value, 'NewExpression');
96
101
  if (blockPublicAccessNew !== undefined &&
97
102
  isS3BlockPublicAccessConstructor(blockPublicAccessNew)) {
98
- const blockPublicAccessConfig = (0, index_js_1.getValueOfExpression)(context, blockPublicAccessNew.arguments[0], 'ObjectExpression');
103
+ const blockPublicAccessConfig = (0, ast_js_1.getValueOfExpression)(context, blockPublicAccessNew.arguments[0], 'ObjectExpression');
99
104
  if (blockPublicAccessConfig === undefined) {
100
- (0, index_js_1.report)(context, {
105
+ (0, location_js_1.report)(context, {
101
106
  message: messages['omitted'],
102
107
  node: blockPublicAccessNew,
103
108
  });
@@ -109,12 +114,12 @@ exports.rule = (0, index_js_1.S3BucketTemplate)((bucket, context) => {
109
114
  }
110
115
  }
111
116
  function checkBlockPublicAccessConstructorProperty(blockPublicAccessConfig, key) {
112
- const blockPublicAccessProperty = blockPublicAccessConfig.properties.find(property => (0, index_js_1.isProperty)(property) && (0, index_js_1.isIdentifier)(property.key, key));
117
+ const blockPublicAccessProperty = blockPublicAccessConfig.properties.find(property => (0, ast_js_1.isProperty)(property) && (0, ast_js_1.isIdentifier)(property.key, key));
113
118
  if (blockPublicAccessProperty !== undefined) {
114
- const blockPublicAccessValue = (0, index_js_1.getValueOfExpression)(context, blockPublicAccessProperty.value, 'Literal');
119
+ const blockPublicAccessValue = (0, ast_js_1.getValueOfExpression)(context, blockPublicAccessProperty.value, 'Literal');
115
120
  if (blockPublicAccessValue?.value === false) {
116
- const propagated = (0, index_js_1.findPropagatedSetting)(blockPublicAccessProperty, blockPublicAccessValue);
117
- (0, index_js_1.report)(context, {
121
+ const propagated = (0, s3_js_1.findPropagatedSetting)(blockPublicAccessProperty, blockPublicAccessValue);
122
+ (0, location_js_1.report)(context, {
118
123
  message: messages['public'],
119
124
  node: blockPublicAccessProperty,
120
125
  }, propagated ? [propagated] : []);
@@ -123,8 +128,8 @@ exports.rule = (0, index_js_1.S3BucketTemplate)((bucket, context) => {
123
128
  }
124
129
  function isS3BlockPublicAccessConstructor(expr) {
125
130
  return (expr.callee.type === 'MemberExpression' &&
126
- (0, index_js_1.normalizeFQN)((0, index_js_1.getFullyQualifiedName)(context, expr.callee)) ===
131
+ (0, cdk_js_1.normalizeFQN)((0, module_js_1.getFullyQualifiedName)(context, expr.callee)) ===
127
132
  'aws_cdk_lib.aws_s3.BlockPublicAccess');
128
133
  }
129
134
  }
130
- }, (0, index_js_1.generateMeta)(meta));
135
+ }, (0, generate_meta_js_1.generateMeta)(meta));
package/cjs/S6299/rule.js CHANGED
@@ -51,10 +51,10 @@ var __importStar = (this && this.__importStar) || (function () {
51
51
  })();
52
52
  Object.defineProperty(exports, "__esModule", { value: true });
53
53
  exports.rule = void 0;
54
- const index_js_1 = require("../helpers/index.js");
54
+ const generate_meta_js_1 = require("../helpers/generate-meta.js");
55
55
  const meta = __importStar(require("./generated-meta.js"));
56
56
  exports.rule = {
57
- meta: (0, index_js_1.generateMeta)(meta, {
57
+ meta: (0, generate_meta_js_1.generateMeta)(meta, {
58
58
  messages: {
59
59
  safeVueBypassing: 'Make sure bypassing Vue built-in sanitization is safe here.',
60
60
  },
package/cjs/S6302/rule.js CHANGED
@@ -53,28 +53,29 @@ Object.defineProperty(exports, "__esModule", { value: true });
53
53
  exports.rule = void 0;
54
54
  const result_js_1 = require("../helpers/result.js");
55
55
  const iam_js_1 = require("../helpers/aws/iam.js");
56
- const index_js_1 = require("../helpers/index.js");
56
+ const generate_meta_js_1 = require("../helpers/generate-meta.js");
57
+ const location_js_1 = require("../helpers/location.js");
57
58
  const meta = __importStar(require("./generated-meta.js"));
58
59
  const MESSAGES = {
59
60
  message: 'Make sure granting all privileges is safe here.',
60
61
  secondary: 'Related effect',
61
62
  };
62
- exports.rule = (0, iam_js_1.AwsIamPolicyTemplate)(allPrivilegesStatementChecker, (0, index_js_1.generateMeta)(meta));
63
+ exports.rule = (0, iam_js_1.AwsIamPolicyTemplate)(allPrivilegesStatementChecker, (0, generate_meta_js_1.generateMeta)(meta));
63
64
  function allPrivilegesStatementChecker(expr, ctx, options) {
64
65
  const properties = (0, result_js_1.getResultOfExpression)(ctx, expr);
65
66
  const effect = (0, iam_js_1.getSensitiveEffect)(properties, ctx, options);
66
67
  const action = getSensitiveAction(properties, options);
67
68
  if (effect.isMissing && action) {
68
- (0, index_js_1.report)(ctx, {
69
+ (0, location_js_1.report)(ctx, {
69
70
  message: MESSAGES.message,
70
71
  node: action,
71
72
  });
72
73
  }
73
74
  else if (effect.isFound && action) {
74
- (0, index_js_1.report)(ctx, {
75
+ (0, location_js_1.report)(ctx, {
75
76
  message: MESSAGES.message,
76
77
  node: action,
77
- }, [(0, index_js_1.toSecondaryLocation)(effect.node, MESSAGES.secondary)]);
78
+ }, [(0, location_js_1.toSecondaryLocation)(effect.node, MESSAGES.secondary)]);
78
79
  }
79
80
  }
80
81
  function getSensitiveAction(properties, options) {