eslint-plugin-sonarjs 4.0.1 → 4.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/cjs/S100/rule.js +7 -5
- package/cjs/S101/rule.js +2 -2
- package/cjs/S104/rule.js +2 -2
- package/cjs/S105/rule.js +2 -2
- package/cjs/S1066/rule.js +5 -4
- package/cjs/S1067/rule.js +8 -6
- package/cjs/S1110/rule.js +7 -5
- package/cjs/S1119/rule.js +2 -2
- package/cjs/S1121/rule.js +4 -3
- package/cjs/S1125/rule.js +9 -8
- package/cjs/S1126/rule.js +2 -2
- package/cjs/S1128/rule.js +8 -5
- package/cjs/S1134/rule.js +2 -2
- package/cjs/S1135/rule.js +2 -2
- package/cjs/S1154/rule.js +6 -4
- package/cjs/S117/rule.js +6 -5
- package/cjs/S1172/rule.js +2 -2
- package/cjs/S1192/rule.js +5 -4
- package/cjs/S1219/rule.js +4 -3
- package/cjs/S1226/rule.js +6 -4
- package/cjs/S124/rule.js +2 -2
- package/cjs/S125/rule.js +9 -7
- package/cjs/S126/rule.js +2 -2
- package/cjs/S1264/rule.js +2 -2
- package/cjs/S128/rule.js +4 -3
- package/cjs/S1291/rule.js +2 -2
- package/cjs/S1301/rule.js +2 -2
- package/cjs/S1313/rule.js +2 -2
- package/cjs/S134/rule.js +7 -5
- package/cjs/S135/rule.js +5 -4
- package/cjs/S138/rule.js +9 -6
- package/cjs/S1439/rule.js +2 -2
- package/cjs/S1444/rule.js +2 -2
- package/cjs/S1451/rule.js +2 -2
- package/cjs/S1472/rule.js +2 -2
- package/cjs/S1479/rule.js +2 -2
- package/cjs/S1481/rule.js +2 -2
- package/cjs/S1488/rule.js +11 -7
- package/cjs/S1515/rule.js +10 -8
- package/cjs/S1523/rule.js +5 -5
- package/cjs/S1526/rule.js +5 -4
- package/cjs/S1527/rule.js +2 -2
- package/cjs/S1528/rule.js +2 -2
- package/cjs/S1529/rule.js +4 -3
- package/cjs/S1530/rule.js +5 -3
- package/cjs/S1533/rule.js +2 -2
- package/cjs/S1535/rule.js +2 -2
- package/cjs/S1541/rule.js +10 -7
- package/cjs/S1607/rule.js +22 -20
- package/cjs/S1764/rule.js +10 -7
- package/cjs/S1821/rule.js +2 -2
- package/cjs/S1848/rule.js +10 -7
- package/cjs/S1854/rule.js +18 -14
- package/cjs/S1862/rule.js +10 -8
- package/cjs/S1871/rule.js +21 -16
- package/cjs/S1874/rule.js +4 -3
- package/cjs/S1940/rule.js +2 -2
- package/cjs/S1994/rule.js +10 -7
- package/cjs/S2004/rule.js +9 -7
- package/cjs/S2068/rule.js +75 -12
- package/cjs/S2077/rule.js +10 -6
- package/cjs/S2092/rule.js +2 -2
- package/cjs/S2123/rule.js +2 -2
- package/cjs/S2137/rule.js +2 -2
- package/cjs/S2138/rule.js +4 -3
- package/cjs/S2187/rule.js +2 -2
- package/cjs/S2201/rule.js +8 -5
- package/cjs/S2208/rule.js +2 -2
- package/cjs/S2234/rule.js +15 -11
- package/cjs/S2245/rule.js +4 -3
- package/cjs/S2251/rule.js +5 -4
- package/cjs/S2255/rule.js +6 -5
- package/cjs/S2259/rule.js +14 -9
- package/cjs/S2301/rule.js +14 -9
- package/cjs/S2310/rule.js +14 -11
- package/cjs/S2392/rule.js +7 -5
- package/cjs/S2424/rule.js +2 -2
- package/cjs/S2428/rule.js +8 -6
- package/cjs/S2486/rule.js +4 -3
- package/cjs/S2589/rule.js +12 -10
- package/cjs/S2598/rule.js +17 -14
- package/cjs/S2612/generated-meta.js +1 -1
- package/cjs/S2612/rule.js +8 -6
- package/cjs/S2639/rule.js +2 -2
- package/cjs/S2681/rule.js +2 -2
- package/cjs/S2692/rule.js +6 -4
- package/cjs/S2699/rule.js +40 -31
- package/cjs/S2703/rule.js +2 -2
- package/cjs/S2737/rule.js +6 -4
- package/cjs/S2755/rule.js +9 -6
- package/cjs/S2757/rule.js +2 -2
- package/cjs/S2817/rule.js +10 -7
- package/cjs/S2819/rule.js +16 -12
- package/cjs/S2870/rule.js +8 -5
- package/cjs/S2871/rule.js +12 -9
- package/cjs/S2970/rule.js +9 -8
- package/cjs/S2990/rule.js +2 -2
- package/cjs/S2999/rule.js +10 -7
- package/cjs/S3001/rule.js +2 -2
- package/cjs/S3003/rule.js +10 -7
- package/cjs/S3317/rule.js +4 -3
- package/cjs/S3330/rule.js +2 -2
- package/cjs/S3358/rule.js +2 -2
- package/cjs/S3402/rule.js +14 -10
- package/cjs/S3403/rule.js +10 -7
- package/cjs/S3415/rule.js +16 -13
- package/cjs/S3499/rule.js +5 -4
- package/cjs/S3500/rule.js +5 -4
- package/cjs/S3513/rule.js +5 -4
- package/cjs/S3514/rule.js +10 -7
- package/cjs/S3516/rule.js +10 -7
- package/cjs/S3524/rule.js +2 -2
- package/cjs/S3525/rule.js +6 -4
- package/cjs/S3531/rule.js +5 -3
- package/cjs/S3533/rule.js +8 -7
- package/cjs/S3579/rule.js +6 -4
- package/cjs/S3616/rule.js +6 -4
- package/cjs/S3626/rule.js +4 -3
- package/cjs/S3686/rule.js +7 -5
- package/cjs/S3699/rule.js +4 -3
- package/cjs/S3735/rule.js +8 -5
- package/cjs/S3757/rule.js +8 -6
- package/cjs/S3758/rule.js +9 -7
- package/cjs/S3760/rule.js +24 -21
- package/cjs/S3776/rule.js +26 -22
- package/cjs/S3782/rule.js +6 -4
- package/cjs/S3785/rule.js +9 -6
- package/cjs/S3796/rule.js +12 -8
- package/cjs/S3798/rule.js +4 -3
- package/cjs/S3800/rule.js +16 -11
- package/cjs/S3801/rule.js +15 -11
- package/cjs/S3827/rule.js +9 -6
- package/cjs/S3923/rule.js +9 -6
- package/cjs/S3972/rule.js +5 -4
- package/cjs/S3973/rule.js +7 -5
- package/cjs/S3981/rule.js +4 -3
- package/cjs/S3984/rule.js +4 -3
- package/cjs/S4030/rule.js +10 -7
- package/cjs/S4036/rule.js +7 -5
- package/cjs/S4043/rule.js +12 -8
- package/cjs/S4139/rule.js +7 -5
- package/cjs/S4143/rule.js +12 -9
- package/cjs/S4144/rule.js +12 -9
- package/cjs/S4158/rule.js +11 -8
- package/cjs/S4165/rule.js +14 -12
- package/cjs/S4322/rule.js +8 -5
- package/cjs/S4323/rule.js +4 -3
- package/cjs/S4324/rule.js +7 -5
- package/cjs/S4328/rule.js +2 -2
- package/cjs/S4335/rule.js +6 -4
- package/cjs/S4423/rule.js +4 -3
- package/cjs/S4423/rule.lib.js +8 -7
- package/cjs/S4426/rule.js +11 -10
- package/cjs/S4502/rule.js +16 -13
- package/cjs/S4507/rule.js +8 -6
- package/cjs/S4524/rule.js +2 -2
- package/cjs/S4619/rule.js +6 -4
- package/cjs/S4621/rule.js +5 -4
- package/cjs/S4622/rule.js +5 -3
- package/cjs/S4623/rule.js +8 -5
- package/cjs/S4624/rule.js +6 -4
- package/cjs/S4634/rule.js +4 -3
- package/cjs/S4721/rule.js +7 -5
- package/cjs/S4782/rule.js +7 -5
- package/cjs/S4784/rule.js +5 -4
- package/cjs/S4787/rule.js +9 -7
- package/cjs/S4790/rule.js +7 -5
- package/cjs/S4798/rule.js +2 -2
- package/cjs/S4817/rule.js +10 -8
- package/cjs/S4818/rule.js +4 -3
- package/cjs/S4822/rule.js +13 -9
- package/cjs/S4823/rule.js +4 -3
- package/cjs/S4829/rule.js +4 -3
- package/cjs/S4830/rule.js +11 -8
- package/cjs/S5042/rule.js +9 -7
- package/cjs/S5122/rule.js +40 -36
- package/cjs/S5148/rule.js +9 -8
- package/cjs/S5247/rule.js +22 -18
- package/cjs/S5256/rule.js +5 -4
- package/cjs/S5257/rule.js +4 -3
- package/cjs/S5260/rule.js +4 -3
- package/cjs/S5264/rule.js +4 -3
- package/cjs/S5332/rule.js +4 -3
- package/cjs/S5332/rule.lib.js +19 -17
- package/cjs/S5443/rule.js +2 -2
- package/cjs/S5527/rule.js +18 -14
- package/cjs/S5542/rule.js +6 -4
- package/cjs/S5547/rule.js +6 -4
- package/cjs/S5604/rule.js +15 -14
- package/cjs/S5659/rule.js +15 -12
- package/cjs/S5689/rule.js +11 -8
- package/cjs/S5691/rule.js +7 -5
- package/cjs/S5693/rule.js +14 -12
- package/cjs/S5725/rule.js +9 -6
- package/cjs/S5728/rule.js +7 -4
- package/cjs/S5730/rule.js +9 -6
- package/cjs/S5732/rule.js +8 -5
- package/cjs/S5734/rule.js +7 -4
- package/cjs/S5736/rule.js +8 -5
- package/cjs/S5739/rule.js +11 -8
- package/cjs/S5742/rule.js +7 -4
- package/cjs/S5743/rule.js +8 -6
- package/cjs/S5757/rule.js +13 -10
- package/cjs/S5759/rule.js +10 -7
- package/cjs/S5842/rule.js +2 -2
- package/cjs/S5843/rule.js +22 -19
- package/cjs/S5850/rule.js +4 -3
- package/cjs/S5852/rule.js +2 -2
- package/cjs/S5856/rule.js +10 -7
- package/cjs/S5860/rule.js +30 -26
- package/cjs/S5863/rule.js +15 -11
- package/cjs/S5867/rule.js +8 -7
- package/cjs/S5868/rule.js +7 -5
- package/cjs/S5869/rule.js +6 -5
- package/cjs/S5876/rule.js +12 -8
- package/cjs/S5958/rule.js +12 -9
- package/cjs/S5973/rule.js +10 -7
- package/cjs/S6019/rule.js +4 -3
- package/cjs/S6035/rule.js +2 -2
- package/cjs/S6079/rule.js +9 -6
- package/cjs/S6080/rule.js +13 -10
- package/cjs/S6092/rule.js +9 -7
- package/cjs/S6245/rule.js +14 -9
- package/cjs/S6249/rule.js +7 -5
- package/cjs/S6252/rule.js +12 -8
- package/cjs/S6265/rule.js +27 -20
- package/cjs/S6268/rule.js +5 -4
- package/cjs/S6270/rule.js +12 -9
- package/cjs/S6275/rule.js +2 -2
- package/cjs/S6281/rule.js +22 -17
- package/cjs/S6299/rule.js +2 -2
- package/cjs/S6302/rule.js +6 -5
- package/cjs/S6303/rule.js +12 -10
- package/cjs/S6304/rule.js +6 -5
- package/cjs/S6308/rule.js +7 -5
- package/cjs/S6317/rule.js +5 -4
- package/cjs/S6319/rule.js +2 -2
- package/cjs/S6321/rule.js +25 -23
- package/cjs/S6323/rule.js +4 -3
- package/cjs/S6324/rule.js +2 -2
- package/cjs/S6326/rule.js +2 -2
- package/cjs/S6327/rule.js +2 -2
- package/cjs/S6328/rule.js +4 -3
- package/cjs/S6329/rule.js +7 -5
- package/cjs/S6330/rule.js +2 -2
- package/cjs/S6332/rule.js +2 -2
- package/cjs/S6333/rule.js +8 -6
- package/cjs/S6351/rule.js +22 -19
- package/cjs/S6353/rule.js +2 -2
- package/cjs/S6397/rule.js +2 -2
- package/cjs/S6418/rule.js +9 -24
- package/cjs/S6426/rule.js +5 -4
- package/cjs/S6437/rule.js +10 -7
- package/cjs/S6439/rule.js +9 -7
- package/cjs/S6442/rule.js +11 -8
- package/cjs/S6443/rule.js +9 -7
- package/cjs/S6486/rule.js +5 -4
- package/cjs/S6564/rule.js +4 -3
- package/cjs/S6594/rule.js +12 -8
- package/cjs/S6627/rule.js +6 -4
- package/cjs/S6759/rule.js +10 -6
- package/cjs/S6958/rule.js +2 -2
- package/cjs/S6959/rule.js +9 -6
- package/cjs/S7059/rule.js +8 -5
- package/cjs/S7639/rule.js +5 -4
- package/cjs/S7790/rule.js +7 -5
- package/cjs/S8441/rule.js +13 -9
- package/cjs/S881/rule.js +2 -2
- package/cjs/S888/rule.js +4 -3
- package/cjs/S930/rule.js +14 -12
- package/cjs/helpers/ast.js +11 -8
- package/cjs/helpers/aws/s3.js +9 -6
- package/cjs/helpers/chai.js +41 -43
- package/cjs/helpers/cookie-flag-check.js +19 -17
- package/cjs/helpers/{decorators/index.js → entropy.js} +16 -17
- package/cjs/helpers/express.js +127 -128
- package/cjs/helpers/mocha.js +50 -54
- package/cjs/helpers/regex/ast.js +7 -6
- package/cjs/helpers/regex/extract.js +11 -11
- package/cjs/helpers/regex/group.js +2 -2
- package/cjs/helpers/regex/location.js +2 -2
- package/cjs/helpers/regex/range.js +5 -4
- package/cjs/helpers/regex/rule-template.js +4 -3
- package/cjs/helpers/sinon.js +33 -36
- package/cjs/helpers/supertest.js +34 -37
- package/cjs/helpers/vitest.js +29 -32
- package/docs/file-permissions.md +1 -1
- package/package.json +39 -1
- package/types/helpers/ancestor.d.ts +1 -1
- package/types/helpers/aws/s3.d.ts +1 -1
- package/types/helpers/chai.d.ts +3 -5
- package/types/helpers/entropy.d.ts +1 -0
- package/types/helpers/express.d.ts +38 -43
- package/types/helpers/mocha.d.ts +19 -21
- package/types/helpers/regex/ast.d.ts +1 -1
- package/types/helpers/regex/rule-template.d.ts +1 -1
- package/types/helpers/sinon.d.ts +3 -5
- package/types/helpers/supertest.d.ts +3 -5
- package/types/helpers/type.d.ts +1 -1
- package/types/helpers/vitest.d.ts +3 -5
- package/cjs/helpers/aws/index.js +0 -35
- package/cjs/helpers/decorators/interceptor.js +0 -88
- package/cjs/helpers/index.js +0 -60
- package/cjs/helpers/recognizers/index.js +0 -37
- package/cjs/helpers/rule-detect-react.js +0 -29
- package/cjs/helpers/validate-version.js +0 -94
- package/types/helpers/aws/index.d.ts +0 -3
- package/types/helpers/decorators/index.d.ts +0 -2
- package/types/helpers/decorators/interceptor.d.ts +0 -16
- package/types/helpers/index.d.ts +0 -28
- package/types/helpers/recognizers/index.d.ts +0 -2
- package/types/helpers/rule-detect-react.d.ts +0 -2
- package/types/helpers/validate-version.d.ts +0 -13
package/cjs/S5958/rule.js
CHANGED
|
@@ -51,16 +51,19 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
|
+
const reaching_definitions_js_1 = require("../helpers/reaching-definitions.js");
|
|
56
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
57
|
+
const mocha_js_1 = require("../helpers/mocha.js");
|
|
55
58
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
59
|
exports.rule = {
|
|
57
|
-
meta: (0,
|
|
60
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta),
|
|
58
61
|
create(context) {
|
|
59
62
|
let catchWithDone = false;
|
|
60
63
|
function isInsideTest(node) {
|
|
61
64
|
return context.sourceCode
|
|
62
65
|
.getAncestors(node)
|
|
63
|
-
.some(n => n.type === 'CallExpression' &&
|
|
66
|
+
.some(n => n.type === 'CallExpression' && (0, mocha_js_1.isTestConstruct)(n));
|
|
64
67
|
}
|
|
65
68
|
return {
|
|
66
69
|
'CatchClause CallExpression[callee.name="done"]': (_node) => {
|
|
@@ -73,7 +76,7 @@ exports.rule = {
|
|
|
73
76
|
catchWithDone = false;
|
|
74
77
|
const { param } = node;
|
|
75
78
|
if (param?.type === 'Identifier') {
|
|
76
|
-
const exception = (0,
|
|
79
|
+
const exception = (0, reaching_definitions_js_1.getVariableFromIdentifier)(param, context.sourceCode.getScope(node));
|
|
77
80
|
if (exception?.references.length === 0) {
|
|
78
81
|
context.report({
|
|
79
82
|
node: param,
|
|
@@ -87,7 +90,7 @@ exports.rule = {
|
|
|
87
90
|
if (isInsideTest(node) &&
|
|
88
91
|
isThrowAssertWithoutNot(callExpr) &&
|
|
89
92
|
(callExpr.arguments.length === 0 ||
|
|
90
|
-
(callExpr.arguments.length === 1 && (0,
|
|
93
|
+
(callExpr.arguments.length === 1 && (0, ast_js_1.isIdentifier)(callExpr.arguments[0], 'Error')))) {
|
|
91
94
|
context.report({
|
|
92
95
|
node: callExpr.callee.property,
|
|
93
96
|
message: 'Assert more concrete exception type or assert the message of exception.',
|
|
@@ -103,17 +106,17 @@ function isThrowAssertWithoutNot(node) {
|
|
|
103
106
|
return false;
|
|
104
107
|
}
|
|
105
108
|
let { object, property } = node.callee;
|
|
106
|
-
if (!(0,
|
|
109
|
+
if (!(0, ast_js_1.isIdentifier)(property, 'throw')) {
|
|
107
110
|
return false;
|
|
108
111
|
}
|
|
109
112
|
while (object.type === 'MemberExpression') {
|
|
110
|
-
if ((0,
|
|
113
|
+
if ((0, ast_js_1.isIdentifier)(object.property, 'not')) {
|
|
111
114
|
return false;
|
|
112
115
|
}
|
|
113
|
-
if ((0,
|
|
116
|
+
if ((0, ast_js_1.isIdentifier)(object.property, 'should')) {
|
|
114
117
|
return true;
|
|
115
118
|
}
|
|
116
119
|
object = object.object;
|
|
117
120
|
}
|
|
118
|
-
return object.type === 'CallExpression' && (0,
|
|
121
|
+
return object.type === 'CallExpression' && (0, ast_js_1.isIdentifier)(object.callee, 'expect');
|
|
119
122
|
}
|
package/cjs/S5973/rule.js
CHANGED
|
@@ -51,11 +51,14 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
|
+
const module_js_1 = require("../helpers/module.js");
|
|
56
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
57
|
+
const mocha_js_1 = require("../helpers/mocha.js");
|
|
55
58
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
59
|
const dependencies_js_1 = require("../helpers/package-jsons/dependencies.js");
|
|
57
60
|
exports.rule = {
|
|
58
|
-
meta: (0,
|
|
61
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, {
|
|
59
62
|
messages: {
|
|
60
63
|
stable: 'Make your tests stable so that they pass on the first try, or remove the flaky ones.',
|
|
61
64
|
},
|
|
@@ -73,7 +76,7 @@ exports.rule = {
|
|
|
73
76
|
report(context, node);
|
|
74
77
|
return;
|
|
75
78
|
}
|
|
76
|
-
if (
|
|
79
|
+
if ((0, mocha_js_1.isDescribeCase)(node)) {
|
|
77
80
|
describes.push(node);
|
|
78
81
|
return;
|
|
79
82
|
}
|
|
@@ -82,7 +85,7 @@ exports.rule = {
|
|
|
82
85
|
}
|
|
83
86
|
},
|
|
84
87
|
'CallExpression:exit': (node) => {
|
|
85
|
-
if (
|
|
88
|
+
if ((0, mocha_js_1.isDescribeCase)(node)) {
|
|
86
89
|
describes.pop();
|
|
87
90
|
}
|
|
88
91
|
},
|
|
@@ -93,9 +96,9 @@ exports.rule = {
|
|
|
93
96
|
},
|
|
94
97
|
};
|
|
95
98
|
function hasJestRetry(context, node, hasJest) {
|
|
96
|
-
const callExpressionName = (0,
|
|
99
|
+
const callExpressionName = (0, module_js_1.getFullyQualifiedName)(context, node);
|
|
97
100
|
return (callExpressionName === 'jest.retryTimes' ||
|
|
98
|
-
(hasJest && (0,
|
|
101
|
+
(hasJest && (0, ast_js_1.isMethodInvocation)(node, 'jest', 'retryTimes', 1)));
|
|
99
102
|
}
|
|
100
103
|
function hasJestDependency(context) {
|
|
101
104
|
const dependencies = (0, dependencies_js_1.getDependenciesSanitizePaths)(context);
|
|
@@ -108,7 +111,7 @@ function checkMochaRetries(context, node) {
|
|
|
108
111
|
const callee = node.callee;
|
|
109
112
|
if (callee.type === 'MemberExpression' &&
|
|
110
113
|
callee.object.type === 'ThisExpression' &&
|
|
111
|
-
(0,
|
|
114
|
+
(0, ast_js_1.isIdentifier)(callee.property, 'retries')) {
|
|
112
115
|
report(context, node);
|
|
113
116
|
}
|
|
114
117
|
}
|
package/cjs/S6019/rule.js
CHANGED
|
@@ -51,7 +51,8 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
|
+
const collection_js_1 = require("../helpers/collection.js");
|
|
55
56
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
57
|
const rule_template_js_1 = require("../helpers/regex/rule-template.js");
|
|
57
58
|
exports.rule = (0, rule_template_js_1.createRegExpRule)(context => {
|
|
@@ -62,7 +63,7 @@ exports.rule = (0, rule_template_js_1.createRegExpRule)(context => {
|
|
|
62
63
|
}
|
|
63
64
|
},
|
|
64
65
|
};
|
|
65
|
-
}, (0,
|
|
66
|
+
}, (0, generate_meta_js_1.generateMeta)(meta));
|
|
66
67
|
function report(quantifier, context) {
|
|
67
68
|
const ending = quantifier.min === 1 ? '' : 's';
|
|
68
69
|
const message = `Fix this reluctant quantifier that will only ever match ${quantifier.min} repetition${ending}.`;
|
|
@@ -76,7 +77,7 @@ function checkElements(elements, context) {
|
|
|
76
77
|
if (elements.length === 0) {
|
|
77
78
|
return;
|
|
78
79
|
}
|
|
79
|
-
const lastElement = (0,
|
|
80
|
+
const lastElement = (0, collection_js_1.last)(elements);
|
|
80
81
|
if (lastElement.type === 'Quantifier' && !lastElement.greedy) {
|
|
81
82
|
report(lastElement, context);
|
|
82
83
|
return;
|
package/cjs/S6035/rule.js
CHANGED
|
@@ -51,7 +51,7 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
55
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
56
|
const rule_template_js_1 = require("../helpers/regex/rule-template.js");
|
|
57
57
|
exports.rule = (0, rule_template_js_1.createRegExpRule)(context => {
|
|
@@ -78,4 +78,4 @@ exports.rule = (0, rule_template_js_1.createRegExpRule)(context => {
|
|
|
78
78
|
}
|
|
79
79
|
},
|
|
80
80
|
};
|
|
81
|
-
}, (0,
|
|
81
|
+
}, (0, generate_meta_js_1.generateMeta)(meta));
|
package/cjs/S6079/rule.js
CHANGED
|
@@ -51,10 +51,13 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
|
+
const reaching_definitions_js_1 = require("../helpers/reaching-definitions.js");
|
|
56
|
+
const mocha_js_1 = require("../helpers/mocha.js");
|
|
57
|
+
const location_js_1 = require("../helpers/location.js");
|
|
55
58
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
59
|
exports.rule = {
|
|
57
|
-
meta: (0,
|
|
60
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta),
|
|
58
61
|
create(context) {
|
|
59
62
|
let currentDoneVariable;
|
|
60
63
|
let doneCall;
|
|
@@ -63,7 +66,7 @@ exports.rule = {
|
|
|
63
66
|
let currentCase;
|
|
64
67
|
const segmentFirstStatement = new Map();
|
|
65
68
|
function checkForTestCase(node) {
|
|
66
|
-
const testCase =
|
|
69
|
+
const testCase = (0, mocha_js_1.extractTestCase)(node);
|
|
67
70
|
if (!testCase) {
|
|
68
71
|
return;
|
|
69
72
|
}
|
|
@@ -82,7 +85,7 @@ exports.rule = {
|
|
|
82
85
|
if (!callbackScope) {
|
|
83
86
|
return;
|
|
84
87
|
}
|
|
85
|
-
currentDoneVariable = (0,
|
|
88
|
+
currentDoneVariable = (0, reaching_definitions_js_1.getVariableFromIdentifier)(done, callbackScope);
|
|
86
89
|
}
|
|
87
90
|
function checkForDoneCall(node) {
|
|
88
91
|
const { callee } = node;
|
|
@@ -92,10 +95,10 @@ exports.rule = {
|
|
|
92
95
|
}
|
|
93
96
|
}
|
|
94
97
|
function report(statementAfterDone) {
|
|
95
|
-
(0,
|
|
98
|
+
(0, location_js_1.report)(context, {
|
|
96
99
|
node: statementAfterDone,
|
|
97
100
|
message: `Move this code before the call to "done".`,
|
|
98
|
-
}, [(0,
|
|
101
|
+
}, [(0, location_js_1.toSecondaryLocation)(doneCall)]);
|
|
99
102
|
doneSegment = undefined;
|
|
100
103
|
doneCall = undefined;
|
|
101
104
|
currentDoneVariable = undefined;
|
package/cjs/S6080/rule.js
CHANGED
|
@@ -51,20 +51,23 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const chai_js_1 = require("../helpers/chai.js");
|
|
55
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
56
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
57
|
+
const mocha_js_1 = require("../helpers/mocha.js");
|
|
55
58
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
59
|
const MESSAGE = 'Set this timeout to 0 if you want to disable it, otherwise use a value lower than 2147483648.';
|
|
57
60
|
const MAX_DELAY_VALUE = 2_147_483_647;
|
|
58
61
|
exports.rule = {
|
|
59
|
-
meta: (0,
|
|
62
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta),
|
|
60
63
|
create(context) {
|
|
61
|
-
if (!
|
|
64
|
+
if (!(0, chai_js_1.isImported)(context)) {
|
|
62
65
|
return {};
|
|
63
66
|
}
|
|
64
67
|
const constructs = [];
|
|
65
68
|
return {
|
|
66
69
|
CallExpression: (node) => {
|
|
67
|
-
if (
|
|
70
|
+
if ((0, mocha_js_1.isTestConstruct)(node)) {
|
|
68
71
|
constructs.push(node);
|
|
69
72
|
return;
|
|
70
73
|
}
|
|
@@ -73,7 +76,7 @@ exports.rule = {
|
|
|
73
76
|
}
|
|
74
77
|
},
|
|
75
78
|
'CallExpression:exit': (node) => {
|
|
76
|
-
if (
|
|
79
|
+
if ((0, mocha_js_1.isTestConstruct)(node)) {
|
|
77
80
|
constructs.pop();
|
|
78
81
|
}
|
|
79
82
|
},
|
|
@@ -81,10 +84,10 @@ exports.rule = {
|
|
|
81
84
|
},
|
|
82
85
|
};
|
|
83
86
|
function checkTimeoutDisabling(node, context) {
|
|
84
|
-
if ((0,
|
|
87
|
+
if ((0, ast_js_1.isMethodCall)(node) && node.arguments.length > 0) {
|
|
85
88
|
const { callee: { object, property }, arguments: [value], } = node;
|
|
86
|
-
if ((0,
|
|
87
|
-
(0,
|
|
89
|
+
if ((0, ast_js_1.isThisExpression)(object) &&
|
|
90
|
+
(0, ast_js_1.isIdentifier)(property, 'timeout') &&
|
|
88
91
|
isDisablingTimeout(value, context)) {
|
|
89
92
|
context.report({
|
|
90
93
|
message: MESSAGE,
|
|
@@ -94,6 +97,6 @@ function checkTimeoutDisabling(node, context) {
|
|
|
94
97
|
}
|
|
95
98
|
}
|
|
96
99
|
function isDisablingTimeout(timeout, context) {
|
|
97
|
-
const usage = (0,
|
|
98
|
-
return (0,
|
|
100
|
+
const usage = (0, ast_js_1.getUniqueWriteUsageOrNode)(context, timeout);
|
|
101
|
+
return (0, ast_js_1.isNumberLiteral)(usage) && usage.value > MAX_DELAY_VALUE;
|
|
99
102
|
}
|
package/cjs/S6092/rule.js
CHANGED
|
@@ -51,20 +51,22 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const chai_js_1 = require("../helpers/chai.js");
|
|
55
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
56
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
55
57
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
58
|
const message = 'Refactor this uncertain assertion; it can succeed for multiple reasons.';
|
|
57
59
|
exports.rule = {
|
|
58
|
-
meta: (0,
|
|
60
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta),
|
|
59
61
|
create(context) {
|
|
60
|
-
if (!
|
|
62
|
+
if (!(0, chai_js_1.isImported)(context)) {
|
|
61
63
|
return {};
|
|
62
64
|
}
|
|
63
65
|
return {
|
|
64
66
|
ExpressionStatement: (node) => {
|
|
65
67
|
const elements = retrieveAssertionChainElements(node.expression);
|
|
66
68
|
if (elements.length > 1 &&
|
|
67
|
-
((0,
|
|
69
|
+
((0, ast_js_1.isIdentifier)(elements[0].identifier, 'expect') ||
|
|
68
70
|
getElementIndex(elements, 'should') >= 0)) {
|
|
69
71
|
checkNotThrow(context, elements);
|
|
70
72
|
checkNotInclude(context, elements);
|
|
@@ -135,7 +137,7 @@ function retrieveAssertionChainElements(node) {
|
|
|
135
137
|
const result = [];
|
|
136
138
|
let currentArguments = undefined;
|
|
137
139
|
while (true) {
|
|
138
|
-
if ((0,
|
|
140
|
+
if ((0, ast_js_1.isDotNotation)(currentNode)) {
|
|
139
141
|
result.push({ identifier: currentNode.property, arguments: currentArguments });
|
|
140
142
|
currentNode = currentNode.object;
|
|
141
143
|
currentArguments = undefined;
|
|
@@ -144,7 +146,7 @@ function retrieveAssertionChainElements(node) {
|
|
|
144
146
|
currentArguments = currentNode.arguments;
|
|
145
147
|
currentNode = currentNode.callee;
|
|
146
148
|
}
|
|
147
|
-
else if ((0,
|
|
149
|
+
else if ((0, ast_js_1.isIdentifier)(currentNode)) {
|
|
148
150
|
result.push({ identifier: currentNode, arguments: currentArguments });
|
|
149
151
|
break;
|
|
150
152
|
}
|
|
@@ -155,7 +157,7 @@ function retrieveAssertionChainElements(node) {
|
|
|
155
157
|
return result.reverse();
|
|
156
158
|
}
|
|
157
159
|
function getElementIndex(elements, name) {
|
|
158
|
-
return elements.findIndex(element => (0,
|
|
160
|
+
return elements.findIndex(element => (0, ast_js_1.isIdentifier)(element.identifier, name));
|
|
159
161
|
}
|
|
160
162
|
function locFromTwoNodes(start, end) {
|
|
161
163
|
return {
|
package/cjs/S6245/rule.js
CHANGED
|
@@ -51,32 +51,37 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const s3_js_1 = require("../helpers/aws/s3.js");
|
|
55
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
56
|
+
const module_js_1 = require("../helpers/module.js");
|
|
57
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
58
|
+
const cdk_js_1 = require("../helpers/aws/cdk.js");
|
|
59
|
+
const location_js_1 = require("../helpers/location.js");
|
|
55
60
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
61
|
const ENCRYPTED_KEY = 'encryption';
|
|
57
62
|
const messages = {
|
|
58
63
|
unencrypted: 'Objects in the bucket are not encrypted. Make sure it is safe here.',
|
|
59
64
|
omitted: 'Omitting "encryption" disables server-side encryption. Make sure it is safe here.',
|
|
60
65
|
};
|
|
61
|
-
exports.rule = (0,
|
|
62
|
-
const encryptedProperty = (0,
|
|
66
|
+
exports.rule = (0, s3_js_1.S3BucketTemplate)((bucket, context) => {
|
|
67
|
+
const encryptedProperty = (0, s3_js_1.getBucketProperty)(context, bucket, ENCRYPTED_KEY);
|
|
63
68
|
if (encryptedProperty == null) {
|
|
64
|
-
(0,
|
|
69
|
+
(0, location_js_1.report)(context, {
|
|
65
70
|
message: messages['omitted'],
|
|
66
71
|
node: bucket.callee,
|
|
67
72
|
});
|
|
68
73
|
return;
|
|
69
74
|
}
|
|
70
|
-
const encryptedValue = (0,
|
|
75
|
+
const encryptedValue = (0, ast_js_1.getValueOfExpression)(context, encryptedProperty.value, 'MemberExpression');
|
|
71
76
|
if (encryptedValue && isUnencrypted(encryptedValue)) {
|
|
72
|
-
const propagated = (0,
|
|
73
|
-
(0,
|
|
77
|
+
const propagated = (0, s3_js_1.findPropagatedSetting)(encryptedProperty, encryptedValue);
|
|
78
|
+
(0, location_js_1.report)(context, {
|
|
74
79
|
message: messages['unencrypted'],
|
|
75
80
|
node: encryptedProperty,
|
|
76
81
|
}, propagated ? [propagated] : []);
|
|
77
82
|
}
|
|
78
83
|
function isUnencrypted(encrypted) {
|
|
79
|
-
return ((0,
|
|
84
|
+
return ((0, cdk_js_1.normalizeFQN)((0, module_js_1.getFullyQualifiedName)(context, encrypted)) ===
|
|
80
85
|
'aws_cdk_lib.aws_s3.BucketEncryption.UNENCRYPTED');
|
|
81
86
|
}
|
|
82
|
-
}, (0,
|
|
87
|
+
}, (0, generate_meta_js_1.generateMeta)(meta));
|
package/cjs/S6249/rule.js
CHANGED
|
@@ -51,15 +51,17 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
|
+
const s3_js_1 = require("../helpers/aws/s3.js");
|
|
56
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
55
57
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
58
|
const ENFORCE_SSL_KEY = 'enforceSSL';
|
|
57
59
|
const messages = {
|
|
58
60
|
authorized: 'Make sure authorizing HTTP requests is safe here.',
|
|
59
61
|
omitted: "Omitting 'enforceSSL' authorizes HTTP requests. Make sure it is safe here.",
|
|
60
62
|
};
|
|
61
|
-
exports.rule = (0,
|
|
62
|
-
const enforceSSLProperty = (0,
|
|
63
|
+
exports.rule = (0, s3_js_1.S3BucketTemplate)((bucket, context) => {
|
|
64
|
+
const enforceSSLProperty = (0, s3_js_1.getBucketProperty)(context, bucket, ENFORCE_SSL_KEY);
|
|
63
65
|
if (enforceSSLProperty == null) {
|
|
64
66
|
context.report({
|
|
65
67
|
message: messages['omitted'],
|
|
@@ -67,11 +69,11 @@ exports.rule = (0, index_js_1.S3BucketTemplate)((bucket, context) => {
|
|
|
67
69
|
});
|
|
68
70
|
return;
|
|
69
71
|
}
|
|
70
|
-
const enforceSSLValue = (0,
|
|
72
|
+
const enforceSSLValue = (0, ast_js_1.getValueOfExpression)(context, enforceSSLProperty.value, 'Literal');
|
|
71
73
|
if (enforceSSLValue?.value === false) {
|
|
72
74
|
context.report({
|
|
73
75
|
message: messages['authorized'],
|
|
74
76
|
node: enforceSSLProperty,
|
|
75
77
|
});
|
|
76
78
|
}
|
|
77
|
-
}, (0,
|
|
79
|
+
}, (0, generate_meta_js_1.generateMeta)(meta));
|
package/cjs/S6252/rule.js
CHANGED
|
@@ -51,7 +51,11 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const location_js_1 = require("../helpers/location.js");
|
|
55
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
56
|
+
const s3_js_1 = require("../helpers/aws/s3.js");
|
|
57
|
+
const ancestor_js_1 = require("../helpers/ancestor.js");
|
|
58
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
55
59
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
60
|
const VERSIONED_KEY = 'versioned';
|
|
57
61
|
const messages = {
|
|
@@ -59,25 +63,25 @@ const messages = {
|
|
|
59
63
|
omitted: 'Omitting the "versioned" argument disables S3 bucket versioning. Make sure it is safe here.',
|
|
60
64
|
secondary: 'Propagated setting',
|
|
61
65
|
};
|
|
62
|
-
exports.rule = (0,
|
|
63
|
-
const versionedProperty = (0,
|
|
66
|
+
exports.rule = (0, s3_js_1.S3BucketTemplate)((bucketConstructor, context) => {
|
|
67
|
+
const versionedProperty = (0, s3_js_1.getBucketProperty)(context, bucketConstructor, VERSIONED_KEY);
|
|
64
68
|
if (versionedProperty == null) {
|
|
65
|
-
(0,
|
|
69
|
+
(0, location_js_1.report)(context, {
|
|
66
70
|
message: messages.omitted,
|
|
67
71
|
node: bucketConstructor.callee,
|
|
68
72
|
});
|
|
69
73
|
return;
|
|
70
74
|
}
|
|
71
|
-
const propertyLiteralValue = (0,
|
|
75
|
+
const propertyLiteralValue = (0, ast_js_1.getValueOfExpression)(context, versionedProperty.value, 'Literal');
|
|
72
76
|
if (propertyLiteralValue?.value === false) {
|
|
73
77
|
const secondaries = [];
|
|
74
78
|
const isPropagatedProperty = versionedProperty.value !== propertyLiteralValue;
|
|
75
79
|
if (isPropagatedProperty) {
|
|
76
|
-
secondaries.push((0,
|
|
80
|
+
secondaries.push((0, location_js_1.toSecondaryLocation)((0, ancestor_js_1.getNodeParent)(propertyLiteralValue), messages.secondary));
|
|
77
81
|
}
|
|
78
|
-
(0,
|
|
82
|
+
(0, location_js_1.report)(context, {
|
|
79
83
|
message: messages.unversioned,
|
|
80
84
|
node: versionedProperty,
|
|
81
85
|
}, secondaries);
|
|
82
86
|
}
|
|
83
|
-
}, (0,
|
|
87
|
+
}, (0, generate_meta_js_1.generateMeta)(meta));
|
package/cjs/S6265/rule.js
CHANGED
|
@@ -51,7 +51,14 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const s3_js_1 = require("../helpers/aws/s3.js");
|
|
55
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
56
|
+
const module_js_1 = require("../helpers/module.js");
|
|
57
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
58
|
+
const collection_js_1 = require("../helpers/collection.js");
|
|
59
|
+
const merger_js_1 = require("../helpers/decorators/merger.js");
|
|
60
|
+
const cdk_js_1 = require("../helpers/aws/cdk.js");
|
|
61
|
+
const location_js_1 = require("../helpers/location.js");
|
|
55
62
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
63
|
const messages = {
|
|
57
64
|
accessLevel: (param) => `Make sure granting ${param} access is safe here.`,
|
|
@@ -62,12 +69,12 @@ const INVALID_ACCESS_CONTROL_VALUES = ['PUBLIC_READ', 'PUBLIC_READ_WRITE', 'AUTH
|
|
|
62
69
|
const PUBLIC_READ_ACCESS_KEY = 'publicReadAccess';
|
|
63
70
|
const INVALID_PUBLIC_READ_ACCESS_VALUE = true;
|
|
64
71
|
exports.rule = {
|
|
65
|
-
meta: (0,
|
|
72
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta),
|
|
66
73
|
create(context) {
|
|
67
|
-
return (0,
|
|
74
|
+
return (0, merger_js_1.mergeRules)(s3BucketConstructorRule.create(context), s3BucketDeploymentConstructorRule.create(context), handleGrantPublicAccess.create(context));
|
|
68
75
|
},
|
|
69
76
|
};
|
|
70
|
-
const s3BucketConstructorRule = (0,
|
|
77
|
+
const s3BucketConstructorRule = (0, s3_js_1.S3BucketTemplate)((bucketConstructor, context) => {
|
|
71
78
|
for (const value of INVALID_ACCESS_CONTROL_VALUES) {
|
|
72
79
|
checkConstantParam(context, bucketConstructor, ACCESS_CONTROL_KEY, [
|
|
73
80
|
'BucketAccessControl',
|
|
@@ -80,7 +87,7 @@ const s3BucketDeploymentConstructorRule = {
|
|
|
80
87
|
create(context) {
|
|
81
88
|
return {
|
|
82
89
|
NewExpression: (node) => {
|
|
83
|
-
if ((0,
|
|
90
|
+
if ((0, s3_js_1.isS3BucketDeploymentConstructor)(context, node)) {
|
|
84
91
|
for (const value of INVALID_ACCESS_CONTROL_VALUES) {
|
|
85
92
|
checkConstantParam(context, node, ACCESS_CONTROL_KEY, ['BucketAccessControl', value]);
|
|
86
93
|
}
|
|
@@ -90,31 +97,31 @@ const s3BucketDeploymentConstructorRule = {
|
|
|
90
97
|
},
|
|
91
98
|
};
|
|
92
99
|
function checkBooleanParam(context, bucketConstructor, propName, propValue) {
|
|
93
|
-
const property = (0,
|
|
100
|
+
const property = (0, s3_js_1.getBucketProperty)(context, bucketConstructor, propName);
|
|
94
101
|
if (property == null) {
|
|
95
102
|
return;
|
|
96
103
|
}
|
|
97
|
-
const propertyLiteralValue = (0,
|
|
104
|
+
const propertyLiteralValue = (0, ast_js_1.getValueOfExpression)(context, property.value, 'Literal');
|
|
98
105
|
if (propertyLiteralValue?.value === propValue) {
|
|
99
|
-
const secondary = (0,
|
|
100
|
-
(0,
|
|
106
|
+
const secondary = (0, s3_js_1.findPropagatedSetting)(property, propertyLiteralValue);
|
|
107
|
+
(0, location_js_1.report)(context, {
|
|
101
108
|
message: messages.unrestricted,
|
|
102
109
|
node: property,
|
|
103
110
|
}, secondary ? [secondary] : []);
|
|
104
111
|
}
|
|
105
112
|
}
|
|
106
113
|
function checkConstantParam(context, bucketConstructor, propName, paramQualifiers) {
|
|
107
|
-
const property = (0,
|
|
114
|
+
const property = (0, s3_js_1.getBucketProperty)(context, bucketConstructor, propName);
|
|
108
115
|
if (property == null) {
|
|
109
116
|
return;
|
|
110
117
|
}
|
|
111
|
-
const propertyLiteralValue = (0,
|
|
118
|
+
const propertyLiteralValue = (0, ast_js_1.getValueOfExpression)(context, property.value, 'MemberExpression');
|
|
112
119
|
if (propertyLiteralValue !== undefined &&
|
|
113
|
-
(0,
|
|
120
|
+
(0, cdk_js_1.normalizeFQN)((0, module_js_1.getFullyQualifiedName)(context, propertyLiteralValue)) ===
|
|
114
121
|
`aws_cdk_lib.aws_s3.${paramQualifiers.join('.')}`) {
|
|
115
|
-
const secondary = (0,
|
|
116
|
-
(0,
|
|
117
|
-
message: messages.accessLevel((0,
|
|
122
|
+
const secondary = (0, s3_js_1.findPropagatedSetting)(property, propertyLiteralValue);
|
|
123
|
+
(0, location_js_1.report)(context, {
|
|
124
|
+
message: messages.accessLevel((0, collection_js_1.last)(paramQualifiers)),
|
|
118
125
|
node: property,
|
|
119
126
|
}, secondary ? [secondary] : []);
|
|
120
127
|
}
|
|
@@ -123,21 +130,21 @@ const handleGrantPublicAccess = {
|
|
|
123
130
|
create(context) {
|
|
124
131
|
return {
|
|
125
132
|
CallExpression: (node) => {
|
|
126
|
-
if (!(0,
|
|
133
|
+
if (!(0, ast_js_1.isMethodCall)(node)) {
|
|
127
134
|
return;
|
|
128
135
|
}
|
|
129
136
|
const { object, property } = node.callee;
|
|
130
|
-
const isGrantPublicAccessMethodCall = (0,
|
|
137
|
+
const isGrantPublicAccessMethodCall = (0, ast_js_1.isIdentifier)(property, 'grantPublicAccess');
|
|
131
138
|
if (!isGrantPublicAccessMethodCall) {
|
|
132
139
|
return;
|
|
133
140
|
}
|
|
134
|
-
const variableAssignment = (0,
|
|
141
|
+
const variableAssignment = (0, ast_js_1.getUniqueWriteUsageOrNode)(context, object);
|
|
135
142
|
const isS3bucketInstance = variableAssignment.type === 'NewExpression' &&
|
|
136
|
-
(0,
|
|
143
|
+
(0, s3_js_1.isS3BucketConstructor)(context, variableAssignment);
|
|
137
144
|
if (!isS3bucketInstance) {
|
|
138
145
|
return;
|
|
139
146
|
}
|
|
140
|
-
(0,
|
|
147
|
+
(0, location_js_1.report)(context, {
|
|
141
148
|
message: messages.unrestricted,
|
|
142
149
|
node: property,
|
|
143
150
|
});
|
package/cjs/S6268/rule.js
CHANGED
|
@@ -51,7 +51,8 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
55
56
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
57
|
const bypassMethods = [
|
|
57
58
|
'bypassSecurityTrustHtml',
|
|
@@ -61,7 +62,7 @@ const bypassMethods = [
|
|
|
61
62
|
'bypassSecurityTrustResourceUrl',
|
|
62
63
|
];
|
|
63
64
|
exports.rule = {
|
|
64
|
-
meta: (0,
|
|
65
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, {
|
|
65
66
|
messages: {
|
|
66
67
|
checkAngularBypass: 'Make sure disabling Angular built-in sanitization is safe here.',
|
|
67
68
|
},
|
|
@@ -70,7 +71,7 @@ exports.rule = {
|
|
|
70
71
|
return {
|
|
71
72
|
CallExpression: (node) => {
|
|
72
73
|
const { callee, arguments: args } = node;
|
|
73
|
-
if ((0,
|
|
74
|
+
if ((0, ast_js_1.isMemberWithProperty)(callee, ...bypassMethods) &&
|
|
74
75
|
args.length === 1 &&
|
|
75
76
|
!isHardcodedLiteral(args[0])) {
|
|
76
77
|
context.report({
|
|
@@ -87,6 +88,6 @@ function isHardcodedLiteral(node) {
|
|
|
87
88
|
return node.expressions.length === 0;
|
|
88
89
|
}
|
|
89
90
|
else {
|
|
90
|
-
return (0,
|
|
91
|
+
return (0, ast_js_1.isLiteral)(node);
|
|
91
92
|
}
|
|
92
93
|
}
|