eslint-plugin-sonarjs 4.0.1 → 4.0.2

package/cjs/helpers/aws/s3.js

@@ -5,7 +5,10 @@ exports.isS3BucketConstructor = isS3BucketConstructor;
 exports.isS3BucketDeploymentConstructor = isS3BucketDeploymentConstructor;
 exports.getBucketProperty = getBucketProperty;
 exports.findPropagatedSetting = findPropagatedSetting;
-const index_js_1 = require("../index.js");
+const location_js_1 = require("../location.js");
+const module_js_1 = require("../module.js");
+const ancestor_js_1 = require("../ancestor.js");
+const ast_js_1 = require("../ast.js");
 const cdk_js_1 = require("./cdk.js");
 /**
  * A rule template for AWS S3 Buckets
@@ -40,7 +43,7 @@ function S3BucketTemplate(callback, meta = {}) {
  * new s3.Bucket();
  */
 function isS3BucketConstructor(context, node) {
-    return (0, cdk_js_1.normalizeFQN)((0, index_js_1.getFullyQualifiedName)(context, node)) === 'aws_cdk_lib.aws_s3.Bucket';
+    return (0, cdk_js_1.normalizeFQN)((0, module_js_1.getFullyQualifiedName)(context, node)) === 'aws_cdk_lib.aws_s3.Bucket';
 }
 /**
  * Detects S3 BucketDeployment's constructor invocation from 'aws-cdk-lib/aws-s3-deployment':
@@ -49,7 +52,7 @@ function isS3BucketConstructor(context, node) {
  * new s3.BucketDeployment();
  */
 function isS3BucketDeploymentConstructor(context, node) {
-    return ((0, cdk_js_1.normalizeFQN)((0, index_js_1.getFullyQualifiedName)(context, node)) ===
+    return ((0, cdk_js_1.normalizeFQN)((0, module_js_1.getFullyQualifiedName)(context, node)) ===
         'aws_cdk_lib.aws_s3_deployment.BucketDeployment');
 }
 /**
@@ -71,11 +74,11 @@ function isS3BucketDeploymentConstructor(context, node) {
 function getBucketProperty(context, bucket, key) {
     const args = bucket.arguments;
     const optionsArg = args[2];
-    const options = (0, index_js_1.getValueOfExpression)(context, optionsArg, 'ObjectExpression');
+    const options = (0, ast_js_1.getValueOfExpression)(context, optionsArg, 'ObjectExpression');
     if (options == null) {
         return null;
     }
-    return options.properties.find(property => (0, index_js_1.isProperty)(property) && (0, index_js_1.isIdentifier)(property.key, key));
+    return options.properties.find(property => (0, ast_js_1.isProperty)(property) && (0, ast_js_1.isIdentifier)(property.key, key));
 }
 /**
  * Finds the propagated setting of a sensitive property
@@ -83,7 +86,7 @@ function getBucketProperty(context, bucket, key) {
 function findPropagatedSetting(sensitiveProperty, propagatedValue) {
     const isPropagatedProperty = sensitiveProperty.value !== propagatedValue;
     if (isPropagatedProperty) {
-        return (0, index_js_1.toSecondaryLocation)((0, index_js_1.getNodeParent)(propagatedValue), 'Propagated setting.');
+        return (0, location_js_1.toSecondaryLocation)((0, ancestor_js_1.getNodeParent)(propagatedValue), 'Propagated setting.');
     }
     return undefined;
 }

package/cjs/helpers/chai.js

@@ -3,51 +3,49 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Chai = void 0;
-const index_js_1 = require("./index.js");
+exports.isImported = isImported;
+exports.isTSAssertion = isTSAssertion;
+exports.isAssertion = isAssertion;
+const module_js_1 = require("./module.js");
+const module_ts_js_1 = require("./module-ts.js");
+const ast_js_1 = require("./ast.js");
 const typescript_1 = __importDefault(require("typescript"));
-var Chai;
-(function (Chai) {
-    function isImported(context) {
-        return ((0, index_js_1.getRequireCalls)(context).some(r => r.arguments[0].type === 'Literal' && r.arguments[0].value === 'chai') || (0, index_js_1.getImportDeclarations)(context).some(i => i.source.value === 'chai'));
+function isImported(context) {
+    return ((0, module_js_1.getRequireCalls)(context).some(r => r.arguments[0].type === 'Literal' && r.arguments[0].value === 'chai') || (0, module_js_1.getImportDeclarations)(context).some(i => i.source.value === 'chai'));
+}
+function isTSAssertion(services, node) {
+    if (node.kind !== typescript_1.default.SyntaxKind.CallExpression) {
+        return false;
     }
-    Chai.isImported = isImported;
-    function isTSAssertion(services, node) {
-        if (node.kind !== typescript_1.default.SyntaxKind.CallExpression) {
-            return false;
-        }
-        const fqn = (0, index_js_1.getFullyQualifiedNameTS)(services, node);
-        if (!fqn) {
-            return false;
-        }
-        return fqn.startsWith('chai.assert') || fqn.startsWith('chai.expect') || fqn.includes('should');
+    const fqn = (0, module_ts_js_1.getFullyQualifiedNameTS)(services, node);
+    if (!fqn) {
+        return false;
     }
-    Chai.isTSAssertion = isTSAssertion;
-    function isAssertion(context, node) {
-        return isAssertUsage(context, node) || isExpectUsage(context, node) || isShouldUsage(node);
+    return fqn.startsWith('chai.assert') || fqn.startsWith('chai.expect') || fqn.includes('should');
+}
+function isAssertion(context, node) {
+    return isAssertUsage(context, node) || isExpectUsage(context, node) || isShouldUsage(node);
+}
+function isAssertUsage(context, node) {
+    // assert(), assert.<expr>(), chai.assert(), chai.assert.<expr>()
+    const fqn = extractFQNforCallExpression(context, node);
+    if (!fqn) {
+        return false;
     }
-    Chai.isAssertion = isAssertion;
-    function isAssertUsage(context, node) {
-        // assert(), assert.<expr>(), chai.assert(), chai.assert.<expr>()
-        const fqn = extractFQNforCallExpression(context, node);
-        if (!fqn) {
-            return false;
-        }
-        const names = fqn.split('.');
-        return names[0] === 'chai' && names[1] === 'assert';
+    const names = fqn.split('.');
+    return names[0] === 'chai' && names[1] === 'assert';
+}
+function isExpectUsage(context, node) {
+    // expect(), chai.expect()
+    return extractFQNforCallExpression(context, node) === 'chai.expect';
+}
+function isShouldUsage(node) {
+    // <expr>.should.<expr>
+    return node.type === 'MemberExpression' && (0, ast_js_1.isIdentifier)(node.property, 'should');
+}
+function extractFQNforCallExpression(context, node) {
+    if (node.type !== 'CallExpression') {
+        return undefined;
     }
-    function isExpectUsage(context, node) {
-        // expect(), chai.expect()
-        return extractFQNforCallExpression(context, node) === 'chai.expect';
-    }
-    function isShouldUsage(node) {
-        // <expr>.should.<expr>
-        return node.type === 'MemberExpression' && (0, index_js_1.isIdentifier)(node.property, 'should');
-    }
-    function extractFQNforCallExpression(context, node) {
-        if (node.type !== 'CallExpression') {
-            return undefined;
-        }
-        return (0, index_js_1.getFullyQualifiedName)(context, node);
-    }
-})(Chai || (exports.Chai = Chai = {}));
+    return (0, module_js_1.getFullyQualifiedName)(context, node);
+}

package/cjs/helpers/cookie-flag-check.js

@@ -1,7 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CookieFlagCheck = void 0;
-const index_js_1 = require("./index.js");
+const location_js_1 = require("./location.js");
+const ast_js_1 = require("./ast.js");
+const module_js_1 = require("./module.js");
 class CookieFlagCheck {
     constructor(context, flag) {
         this.context = context;
@@ -13,7 +15,7 @@ class CookieFlagCheck {
         this.checkSensitiveCookieArgument(callExpression, 0);
     }
     checkCookiesMethodCall(callExpression) {
-        if (!(0, index_js_1.isIdentifier)(callExpression.callee.property, 'set')) {
+        if (!(0, ast_js_1.isIdentifier)(callExpression.callee.property, 'set')) {
             return;
         }
         // Sensitive argument is third argument for "cookies.set" calls
@@ -25,12 +27,12 @@ class CookieFlagCheck {
         if (cookieProperty) {
             // csurf cookie property can be passed as a boolean literal,
             // in which case neither "secure" nor "httponly" are enabled by default
-            const cookiePropertyLiteral = (0, index_js_1.getValueOfExpression)(this.context, cookieProperty.value, 'Literal');
+            const cookiePropertyLiteral = (0, ast_js_1.getValueOfExpression)(this.context, cookieProperty.value, 'Literal');
             if (cookiePropertyLiteral?.value === true) {
-                (0, index_js_1.report)(this.context, {
+                (0, location_js_1.report)(this.context, {
                     node: callExpression.callee,
                     message: this.issueMessage,
-                }, [(0, index_js_1.toSecondaryLocation)(cookiePropertyLiteral)]);
+                }, [(0, location_js_1.toSecondaryLocation)(cookiePropertyLiteral)]);
             }
         }
     }
@@ -43,7 +45,7 @@ class CookieFlagCheck {
             return;
         }
         const sensitiveArgument = callExpression.arguments[sensitiveArgumentIndex];
-        const cookieObjectExpression = (0, index_js_1.getValueOfExpression)(this.context, sensitiveArgument, 'ObjectExpression');
+        const cookieObjectExpression = (0, ast_js_1.getValueOfExpression)(this.context, sensitiveArgument, 'ObjectExpression');
         if (!cookieObjectExpression) {
             return;
         }
@@ -54,15 +56,15 @@ class CookieFlagCheck {
             return;
         }
         const firstArgument = callExpression.arguments[argumentIndex];
-        const objectExpression = (0, index_js_1.getValueOfExpression)(this.context, firstArgument, 'ObjectExpression');
+        const objectExpression = (0, ast_js_1.getValueOfExpression)(this.context, firstArgument, 'ObjectExpression');
         if (!objectExpression) {
             return;
         }
-        const cookieProperty = (0, index_js_1.getProperty)(objectExpression, 'cookie', this.context);
+        const cookieProperty = (0, ast_js_1.getProperty)(objectExpression, 'cookie', this.context);
         if (!cookieProperty) {
             return;
         }
-        const cookiePropertyValue = (0, index_js_1.getValueOfExpression)(this.context, cookieProperty.value, 'ObjectExpression');
+        const cookiePropertyValue = (0, ast_js_1.getValueOfExpression)(this.context, cookieProperty.value, 'ObjectExpression');
         if (cookiePropertyValue) {
             this.checkFlagOnCookieExpression(cookiePropertyValue, firstArgument, objectExpression, callExpression);
             return;
@@ -70,15 +72,15 @@ class CookieFlagCheck {
         return cookieProperty;
     }
     checkFlagOnCookieExpression(cookiePropertyValue, firstArgument, objectExpression, callExpression) {
-        const flagProperty = (0, index_js_1.getProperty)(cookiePropertyValue, this.flag, this.context);
+        const flagProperty = (0, ast_js_1.getProperty)(cookiePropertyValue, this.flag, this.context);
         if (flagProperty) {
-            const flagPropertyValue = (0, index_js_1.getValueOfExpression)(this.context, flagProperty.value, 'Literal');
+            const flagPropertyValue = (0, ast_js_1.getValueOfExpression)(this.context, flagProperty.value, 'Literal');
             if (flagPropertyValue?.value === false) {
-                const secondaryLocations = [(0, index_js_1.toSecondaryLocation)(flagPropertyValue)];
+                const secondaryLocations = [(0, location_js_1.toSecondaryLocation)(flagPropertyValue)];
                 if (firstArgument !== objectExpression) {
-                    secondaryLocations.push((0, index_js_1.toSecondaryLocation)(objectExpression));
+                    secondaryLocations.push((0, location_js_1.toSecondaryLocation)(objectExpression));
                 }
-                (0, index_js_1.report)(this.context, {
+                (0, location_js_1.report)(this.context, {
                     node: callExpression.callee,
                     message: this.issueMessage,
                 }, secondaryLocations);
@@ -88,7 +90,7 @@ class CookieFlagCheck {
     checkCookiesFromCallExpression(node) {
         const callExpression = node;
         const { callee } = callExpression;
-        const fqn = (0, index_js_1.getFullyQualifiedName)(this.context, callee);
+        const fqn = (0, module_js_1.getFullyQualifiedName)(this.context, callee);
         if (fqn === 'cookie-session') {
             this.checkCookieSession(callExpression);
             return;
@@ -102,8 +104,8 @@ class CookieFlagCheck {
             return;
         }
         if (callee.type === 'MemberExpression') {
-            const objectValue = (0, index_js_1.getValueOfExpression)(this.context, callee.object, 'NewExpression');
-            if (objectValue && (0, index_js_1.getFullyQualifiedName)(this.context, objectValue.callee) === 'cookies') {
+            const objectValue = (0, ast_js_1.getValueOfExpression)(this.context, callee.object, 'NewExpression');
+            if (objectValue && (0, module_js_1.getFullyQualifiedName)(this.context, objectValue.callee) === 'cookies') {
                 this.checkCookiesMethodCall(callExpression);
             }
         }

package/cjs/helpers/{decorators/index.js → entropy.js}

@@ -1,19 +1,4 @@
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
 /*
  * SonarQube JavaScript Plugin
  * Copyright (C) 2011-2025 SonarSource Sàrl
@@ -30,5 +15,19 @@ Object.defineProperty(exports, "__esModule", { value: true });
  * You should have received a copy of the Sonar Source-Available License
  * along with this program; if not, see https://sonarsource.com/license/ssal/
  */
-__exportStar(require("./interceptor.js"), exports);
-__exportStar(require("./merger.js"), exports);
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.shannonEntropy = shannonEntropy;
+function shannonEntropy(str) {
+    if (!str) {
+        return 0;
+    }
+    const len = str.length;
+    const occurrences = {};
+    for (const ch of str) {
+        occurrences[ch] = (occurrences[ch] ?? 0) + 1;
+    }
+    return (Object.values(occurrences)
+        .map(count => count / len)
+        .map(freq => -freq * Math.log(freq))
+        .reduce((acc, e) => acc + e, 0) / Math.log(2));
+}

package/cjs/helpers/express.js

@@ -1,144 +1,143 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Express = void 0;
-const index_js_1 = require("./index.js");
+exports.attemptFindAppInstantiation = attemptFindAppInstantiation;
+exports.attemptFindAppInjection = attemptFindAppInjection;
+exports.isUsingMiddleware = isUsingMiddleware;
+exports.isMiddlewareInstance = isMiddlewareInstance;
+exports.SensitiveMiddlewarePropertyRule = SensitiveMiddlewarePropertyRule;
+const module_js_1 = require("./module.js");
+const ast_js_1 = require("./ast.js");
+const ancestor_js_1 = require("./ancestor.js");
+const location_js_1 = require("./location.js");
 /**
  * This modules provides utilities for writing rules about Express.js.
  */
-var Express;
-(function (Express) {
-    const EXPRESS = 'express';
-    /**
-     * Checks whether the declaration looks somewhat like `<id> = express()`
-     * and returns `<id>` if it matches.
-     */
-    function attemptFindAppInstantiation(varDecl, context) {
-        const rhs = varDecl.init;
-        if (rhs?.type === 'CallExpression' && (0, index_js_1.getFullyQualifiedName)(context, rhs) === EXPRESS) {
-            const pattern = varDecl.id;
-            return pattern.type === 'Identifier' ? pattern : undefined;
-        }
-        return undefined;
+const EXPRESS = 'express';
+/**
+ * Checks whether the declaration looks somewhat like `<id> = express()`
+ * and returns `<id>` if it matches.
+ */
+function attemptFindAppInstantiation(varDecl, context) {
+    const rhs = varDecl.init;
+    if (rhs?.type === 'CallExpression' && (0, module_js_1.getFullyQualifiedName)(context, rhs) === EXPRESS) {
+        const pattern = varDecl.id;
+        return pattern.type === 'Identifier' ? pattern : undefined;
     }
-    Express.attemptFindAppInstantiation = attemptFindAppInstantiation;
-    /**
-     * Checks whether the function injects an instantiated app and is exported like `module.exports = function(app) {}`
-     * or `module.exports.property = function(app) {}`, and returns app if it matches.
-     */
-    function attemptFindAppInjection(functionDef, context, node) {
-        const app = functionDef.params.find(param => param.type === 'Identifier' && param.name === 'app');
-        if (app) {
-            const parent = (0, index_js_1.getParent)(context, node);
-            if (parent?.type === 'AssignmentExpression') {
-                const { left } = parent;
-                if (left.type === 'MemberExpression' &&
-                    ((0, index_js_1.isModuleExports)(left) || (0, index_js_1.isModuleExports)(left.object))) {
-                    return app;
-                }
+    return undefined;
+}
+/**
+ * Checks whether the function injects an instantiated app and is exported like `module.exports = function(app) {}`
+ * or `module.exports.property = function(app) {}`, and returns app if it matches.
+ */
+function attemptFindAppInjection(functionDef, context, node) {
+    const app = functionDef.params.find(param => param.type === 'Identifier' && param.name === 'app');
+    if (app) {
+        const parent = (0, ancestor_js_1.getParent)(context, node);
+        if (parent?.type === 'AssignmentExpression') {
+            const { left } = parent;
+            if (left.type === 'MemberExpression' &&
+                ((0, ast_js_1.isModuleExports)(left) || (0, ast_js_1.isModuleExports)(left.object))) {
+                return app;
             }
         }
-        return undefined;
     }
-    Express.attemptFindAppInjection = attemptFindAppInjection;
-    /**
-     * Checks whether the expression looks somewhat like `app.use(m1, [m2, m3], ..., mN)`,
-     * where one of `mK`-nodes satisfies the given predicate.
-     */
-    function isUsingMiddleware(context, callExpression, app, middlewareNodePredicate) {
-        if ((0, index_js_1.isMethodInvocation)(callExpression, app.name, 'use', 1)) {
-            const flattenedArgs = (0, index_js_1.flattenArgs)(context, callExpression.arguments);
-            return flattenedArgs.some(middlewareNodePredicate);
-        }
-        return false;
+    return undefined;
+}
+/**
+ * Checks whether the expression looks somewhat like `app.use(m1, [m2, m3], ..., mN)`,
+ * where one of `mK`-nodes satisfies the given predicate.
+ */
+function isUsingMiddleware(context, callExpression, app, middlewareNodePredicate) {
+    if ((0, ast_js_1.isMethodInvocation)(callExpression, app.name, 'use', 1)) {
+        const flattenedArgs = (0, ast_js_1.flattenArgs)(context, callExpression.arguments);
+        return flattenedArgs.some(middlewareNodePredicate);
     }
-    Express.isUsingMiddleware = isUsingMiddleware;
-    /**
-     * Checks whether a node looks somewhat like `require('m')()` for
-     * some middleware `m` from the list of middlewares.
-     */
-    function isMiddlewareInstance(context, middlewares, n) {
-        if (n.type === 'CallExpression') {
-            const fqn = (0, index_js_1.getFullyQualifiedName)(context, n);
-            return fqn !== null && middlewares.includes(fqn);
-        }
-        return false;
+    return false;
+}
+/**
+ * Checks whether a node looks somewhat like `require('m')()` for
+ * some middleware `m` from the list of middlewares.
+ */
+function isMiddlewareInstance(context, middlewares, n) {
+    if (n.type === 'CallExpression') {
+        const fqn = (0, module_js_1.getFullyQualifiedName)(context, n);
+        return fqn !== null && middlewares.includes(fqn);
     }
-    Express.isMiddlewareInstance = isMiddlewareInstance;
-    /**
-     * Rule factory for detecting sensitive settings that are passed to
-     * middlewares eventually used by Express.js applications:
-     *
-     * app.use(
-     *   middleware(settings)
-     * )
-     *
-     * or
-     *
-     * app.use(
-     *   middleware.method(settings)
-     * )
-     *
-     * @param sensitivePropertyFinder - a function looking for a sensitive setting on a middleware call
-     * @param message - the reported message when an issue is raised
-     * @param meta - the rule metadata
-     * @returns a rule module that raises issues when a sensitive property is found
-     */
-    function SensitiveMiddlewarePropertyRule(sensitivePropertyFinder, message, meta = {}) {
-        return {
-            meta,
-            create(context) {
-                let app;
-                let sensitiveProperties;
-                function isExposing(middlewareNode) {
-                    return Boolean(sensitiveProperties.push(...findSensitiveProperty(middlewareNode)));
-                }
-                function findSensitiveProperty(middlewareNode) {
-                    if (middlewareNode.type === 'CallExpression') {
-                        return sensitivePropertyFinder(context, middlewareNode);
-                    }
-                    return [];
+    return false;
+}
+/**
+ * Rule factory for detecting sensitive settings that are passed to
+ * middlewares eventually used by Express.js applications:
+ *
+ * app.use(
+ *   middleware(settings)
+ * )
+ *
+ * or
+ *
+ * app.use(
+ *   middleware.method(settings)
+ * )
+ *
+ * @param sensitivePropertyFinder - a function looking for a sensitive setting on a middleware call
+ * @param message - the reported message when an issue is raised
+ * @param meta - the rule metadata
+ * @returns a rule module that raises issues when a sensitive property is found
+ */
+function SensitiveMiddlewarePropertyRule(sensitivePropertyFinder, message, meta = {}) {
+    return {
+        meta,
+        create(context) {
+            let app;
+            let sensitiveProperties;
+            function isExposing(middlewareNode) {
+                return Boolean(sensitiveProperties.push(...findSensitiveProperty(middlewareNode)));
+            }
+            function findSensitiveProperty(middlewareNode) {
+                if (middlewareNode.type === 'CallExpression') {
+                    return sensitivePropertyFinder(context, middlewareNode);
                 }
-                return {
-                    Program: () => {
-                        app = null;
-                        sensitiveProperties = [];
-                    },
-                    CallExpression: (node) => {
-                        if (app) {
-                            const callExpr = node;
-                            const isSafe = !isUsingMiddleware(context, callExpr, app, isExposing);
-                            if (!isSafe) {
-                                for (const sensitive of sensitiveProperties) {
-                                    (0, index_js_1.report)(context, {
-                                        node: callExpr,
-                                        message,
-                                    }, [(0, index_js_1.toSecondaryLocation)(sensitive)]);
-                                }
-                                sensitiveProperties = [];
+                return [];
+            }
+            return {
+                Program: () => {
+                    app = null;
+                    sensitiveProperties = [];
+                },
+                CallExpression: (node) => {
+                    if (app) {
+                        const callExpr = node;
+                        const isSafe = !isUsingMiddleware(context, callExpr, app, isExposing);
+                        if (!isSafe) {
+                            for (const sensitive of sensitiveProperties) {
+                                (0, location_js_1.report)(context, {
+                                    node: callExpr,
+                                    message,
+                                }, [(0, location_js_1.toSecondaryLocation)(sensitive)]);
                             }
+                            sensitiveProperties = [];
                         }
-                    },
-                    VariableDeclarator: (node) => {
-                        if (!app) {
-                            const varDecl = node;
-                            const instantiatedApp = attemptFindAppInstantiation(varDecl, context);
-                            if (instantiatedApp) {
-                                app = instantiatedApp;
-                            }
+                    }
+                },
+                VariableDeclarator: (node) => {
+                    if (!app) {
+                        const varDecl = node;
+                        const instantiatedApp = attemptFindAppInstantiation(varDecl, context);
+                        if (instantiatedApp) {
+                            app = instantiatedApp;
                         }
-                    },
-                    ':function': (node) => {
-                        if (!app) {
-                            const functionDef = node;
-                            const injectedApp = attemptFindAppInjection(functionDef, context, node);
-                            if (injectedApp) {
-                                app = injectedApp;
-                            }
+                    }
+                },
+                ':function': (node) => {
+                    if (!app) {
+                        const functionDef = node;
+                        const injectedApp = attemptFindAppInjection(functionDef, context, node);
+                        if (injectedApp) {
+                            app = injectedApp;
                         }
-                    },
-                };
-            },
-        };
-    }
-    Express.SensitiveMiddlewarePropertyRule = SensitiveMiddlewarePropertyRule;
-})(Express || (exports.Express = Express = {}));
+                    }
+                },
+            };
+        },
+    };
+}