eslint-plugin-sonarjs 4.0.1 → 4.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/cjs/S100/rule.js +7 -5
- package/cjs/S101/rule.js +2 -2
- package/cjs/S104/rule.js +2 -2
- package/cjs/S105/rule.js +2 -2
- package/cjs/S1066/rule.js +5 -4
- package/cjs/S1067/rule.js +8 -6
- package/cjs/S1110/rule.js +7 -5
- package/cjs/S1119/rule.js +2 -2
- package/cjs/S1121/rule.js +4 -3
- package/cjs/S1125/rule.js +9 -8
- package/cjs/S1126/rule.js +2 -2
- package/cjs/S1128/rule.js +8 -5
- package/cjs/S1134/rule.js +2 -2
- package/cjs/S1135/rule.js +2 -2
- package/cjs/S1154/rule.js +6 -4
- package/cjs/S117/rule.js +6 -5
- package/cjs/S1172/rule.js +2 -2
- package/cjs/S1192/rule.js +5 -4
- package/cjs/S1219/rule.js +4 -3
- package/cjs/S1226/rule.js +6 -4
- package/cjs/S124/rule.js +2 -2
- package/cjs/S125/rule.js +9 -7
- package/cjs/S126/rule.js +2 -2
- package/cjs/S1264/rule.js +2 -2
- package/cjs/S128/rule.js +4 -3
- package/cjs/S1291/rule.js +2 -2
- package/cjs/S1301/rule.js +2 -2
- package/cjs/S1313/rule.js +2 -2
- package/cjs/S134/rule.js +7 -5
- package/cjs/S135/rule.js +5 -4
- package/cjs/S138/rule.js +9 -6
- package/cjs/S1439/rule.js +2 -2
- package/cjs/S1444/rule.js +2 -2
- package/cjs/S1451/rule.js +2 -2
- package/cjs/S1472/rule.js +2 -2
- package/cjs/S1479/rule.js +2 -2
- package/cjs/S1481/rule.js +2 -2
- package/cjs/S1488/rule.js +11 -7
- package/cjs/S1515/rule.js +10 -8
- package/cjs/S1523/rule.js +5 -5
- package/cjs/S1526/rule.js +5 -4
- package/cjs/S1527/rule.js +2 -2
- package/cjs/S1528/rule.js +2 -2
- package/cjs/S1529/rule.js +4 -3
- package/cjs/S1530/rule.js +5 -3
- package/cjs/S1533/rule.js +2 -2
- package/cjs/S1535/rule.js +2 -2
- package/cjs/S1541/rule.js +10 -7
- package/cjs/S1607/rule.js +22 -20
- package/cjs/S1764/rule.js +10 -7
- package/cjs/S1821/rule.js +2 -2
- package/cjs/S1848/rule.js +10 -7
- package/cjs/S1854/rule.js +18 -14
- package/cjs/S1862/rule.js +10 -8
- package/cjs/S1871/rule.js +21 -16
- package/cjs/S1874/rule.js +4 -3
- package/cjs/S1940/rule.js +2 -2
- package/cjs/S1994/rule.js +10 -7
- package/cjs/S2004/rule.js +9 -7
- package/cjs/S2068/rule.js +75 -12
- package/cjs/S2077/rule.js +10 -6
- package/cjs/S2092/rule.js +2 -2
- package/cjs/S2123/rule.js +2 -2
- package/cjs/S2137/rule.js +2 -2
- package/cjs/S2138/rule.js +4 -3
- package/cjs/S2187/rule.js +2 -2
- package/cjs/S2201/rule.js +8 -5
- package/cjs/S2208/rule.js +2 -2
- package/cjs/S2234/rule.js +15 -11
- package/cjs/S2245/rule.js +4 -3
- package/cjs/S2251/rule.js +5 -4
- package/cjs/S2255/rule.js +6 -5
- package/cjs/S2259/rule.js +14 -9
- package/cjs/S2301/rule.js +14 -9
- package/cjs/S2310/rule.js +14 -11
- package/cjs/S2392/rule.js +7 -5
- package/cjs/S2424/rule.js +2 -2
- package/cjs/S2428/rule.js +8 -6
- package/cjs/S2486/rule.js +4 -3
- package/cjs/S2589/rule.js +12 -10
- package/cjs/S2598/rule.js +17 -14
- package/cjs/S2612/generated-meta.js +1 -1
- package/cjs/S2612/rule.js +8 -6
- package/cjs/S2639/rule.js +2 -2
- package/cjs/S2681/rule.js +2 -2
- package/cjs/S2692/rule.js +6 -4
- package/cjs/S2699/rule.js +40 -31
- package/cjs/S2703/rule.js +2 -2
- package/cjs/S2737/rule.js +6 -4
- package/cjs/S2755/rule.js +9 -6
- package/cjs/S2757/rule.js +2 -2
- package/cjs/S2817/rule.js +10 -7
- package/cjs/S2819/rule.js +16 -12
- package/cjs/S2870/rule.js +8 -5
- package/cjs/S2871/rule.js +12 -9
- package/cjs/S2970/rule.js +9 -8
- package/cjs/S2990/rule.js +2 -2
- package/cjs/S2999/rule.js +10 -7
- package/cjs/S3001/rule.js +2 -2
- package/cjs/S3003/rule.js +10 -7
- package/cjs/S3317/rule.js +4 -3
- package/cjs/S3330/rule.js +2 -2
- package/cjs/S3358/rule.js +2 -2
- package/cjs/S3402/rule.js +14 -10
- package/cjs/S3403/rule.js +10 -7
- package/cjs/S3415/rule.js +16 -13
- package/cjs/S3499/rule.js +5 -4
- package/cjs/S3500/rule.js +5 -4
- package/cjs/S3513/rule.js +5 -4
- package/cjs/S3514/rule.js +10 -7
- package/cjs/S3516/rule.js +10 -7
- package/cjs/S3524/rule.js +2 -2
- package/cjs/S3525/rule.js +6 -4
- package/cjs/S3531/rule.js +5 -3
- package/cjs/S3533/rule.js +8 -7
- package/cjs/S3579/rule.js +6 -4
- package/cjs/S3616/rule.js +6 -4
- package/cjs/S3626/rule.js +4 -3
- package/cjs/S3686/rule.js +7 -5
- package/cjs/S3699/rule.js +4 -3
- package/cjs/S3735/rule.js +8 -5
- package/cjs/S3757/rule.js +8 -6
- package/cjs/S3758/rule.js +9 -7
- package/cjs/S3760/rule.js +24 -21
- package/cjs/S3776/rule.js +26 -22
- package/cjs/S3782/rule.js +6 -4
- package/cjs/S3785/rule.js +9 -6
- package/cjs/S3796/rule.js +12 -8
- package/cjs/S3798/rule.js +4 -3
- package/cjs/S3800/rule.js +16 -11
- package/cjs/S3801/rule.js +15 -11
- package/cjs/S3827/rule.js +9 -6
- package/cjs/S3923/rule.js +9 -6
- package/cjs/S3972/rule.js +5 -4
- package/cjs/S3973/rule.js +7 -5
- package/cjs/S3981/rule.js +4 -3
- package/cjs/S3984/rule.js +4 -3
- package/cjs/S4030/rule.js +10 -7
- package/cjs/S4036/rule.js +7 -5
- package/cjs/S4043/rule.js +12 -8
- package/cjs/S4139/rule.js +7 -5
- package/cjs/S4143/rule.js +12 -9
- package/cjs/S4144/rule.js +12 -9
- package/cjs/S4158/rule.js +11 -8
- package/cjs/S4165/rule.js +14 -12
- package/cjs/S4322/rule.js +8 -5
- package/cjs/S4323/rule.js +4 -3
- package/cjs/S4324/rule.js +7 -5
- package/cjs/S4328/rule.js +2 -2
- package/cjs/S4335/rule.js +6 -4
- package/cjs/S4423/rule.js +4 -3
- package/cjs/S4423/rule.lib.js +8 -7
- package/cjs/S4426/rule.js +11 -10
- package/cjs/S4502/rule.js +16 -13
- package/cjs/S4507/rule.js +8 -6
- package/cjs/S4524/rule.js +2 -2
- package/cjs/S4619/rule.js +6 -4
- package/cjs/S4621/rule.js +5 -4
- package/cjs/S4622/rule.js +5 -3
- package/cjs/S4623/rule.js +8 -5
- package/cjs/S4624/rule.js +6 -4
- package/cjs/S4634/rule.js +4 -3
- package/cjs/S4721/rule.js +7 -5
- package/cjs/S4782/rule.js +7 -5
- package/cjs/S4784/rule.js +5 -4
- package/cjs/S4787/rule.js +9 -7
- package/cjs/S4790/rule.js +7 -5
- package/cjs/S4798/rule.js +2 -2
- package/cjs/S4817/rule.js +10 -8
- package/cjs/S4818/rule.js +4 -3
- package/cjs/S4822/rule.js +13 -9
- package/cjs/S4823/rule.js +4 -3
- package/cjs/S4829/rule.js +4 -3
- package/cjs/S4830/rule.js +11 -8
- package/cjs/S5042/rule.js +9 -7
- package/cjs/S5122/rule.js +40 -36
- package/cjs/S5148/rule.js +9 -8
- package/cjs/S5247/rule.js +22 -18
- package/cjs/S5256/rule.js +5 -4
- package/cjs/S5257/rule.js +4 -3
- package/cjs/S5260/rule.js +4 -3
- package/cjs/S5264/rule.js +4 -3
- package/cjs/S5332/rule.js +4 -3
- package/cjs/S5332/rule.lib.js +19 -17
- package/cjs/S5443/rule.js +2 -2
- package/cjs/S5527/rule.js +18 -14
- package/cjs/S5542/rule.js +6 -4
- package/cjs/S5547/rule.js +6 -4
- package/cjs/S5604/rule.js +15 -14
- package/cjs/S5659/rule.js +15 -12
- package/cjs/S5689/rule.js +11 -8
- package/cjs/S5691/rule.js +7 -5
- package/cjs/S5693/rule.js +14 -12
- package/cjs/S5725/rule.js +9 -6
- package/cjs/S5728/rule.js +7 -4
- package/cjs/S5730/rule.js +9 -6
- package/cjs/S5732/rule.js +8 -5
- package/cjs/S5734/rule.js +7 -4
- package/cjs/S5736/rule.js +8 -5
- package/cjs/S5739/rule.js +11 -8
- package/cjs/S5742/rule.js +7 -4
- package/cjs/S5743/rule.js +8 -6
- package/cjs/S5757/rule.js +13 -10
- package/cjs/S5759/rule.js +10 -7
- package/cjs/S5842/rule.js +2 -2
- package/cjs/S5843/rule.js +22 -19
- package/cjs/S5850/rule.js +4 -3
- package/cjs/S5852/rule.js +2 -2
- package/cjs/S5856/rule.js +10 -7
- package/cjs/S5860/rule.js +30 -26
- package/cjs/S5863/rule.js +15 -11
- package/cjs/S5867/rule.js +8 -7
- package/cjs/S5868/rule.js +7 -5
- package/cjs/S5869/rule.js +6 -5
- package/cjs/S5876/rule.js +12 -8
- package/cjs/S5958/rule.js +12 -9
- package/cjs/S5973/rule.js +10 -7
- package/cjs/S6019/rule.js +4 -3
- package/cjs/S6035/rule.js +2 -2
- package/cjs/S6079/rule.js +9 -6
- package/cjs/S6080/rule.js +13 -10
- package/cjs/S6092/rule.js +9 -7
- package/cjs/S6245/rule.js +14 -9
- package/cjs/S6249/rule.js +7 -5
- package/cjs/S6252/rule.js +12 -8
- package/cjs/S6265/rule.js +27 -20
- package/cjs/S6268/rule.js +5 -4
- package/cjs/S6270/rule.js +12 -9
- package/cjs/S6275/rule.js +2 -2
- package/cjs/S6281/rule.js +22 -17
- package/cjs/S6299/rule.js +2 -2
- package/cjs/S6302/rule.js +6 -5
- package/cjs/S6303/rule.js +12 -10
- package/cjs/S6304/rule.js +6 -5
- package/cjs/S6308/rule.js +7 -5
- package/cjs/S6317/rule.js +5 -4
- package/cjs/S6319/rule.js +2 -2
- package/cjs/S6321/rule.js +25 -23
- package/cjs/S6323/rule.js +4 -3
- package/cjs/S6324/rule.js +2 -2
- package/cjs/S6326/rule.js +2 -2
- package/cjs/S6327/rule.js +2 -2
- package/cjs/S6328/rule.js +4 -3
- package/cjs/S6329/rule.js +7 -5
- package/cjs/S6330/rule.js +2 -2
- package/cjs/S6332/rule.js +2 -2
- package/cjs/S6333/rule.js +8 -6
- package/cjs/S6351/rule.js +22 -19
- package/cjs/S6353/rule.js +2 -2
- package/cjs/S6397/rule.js +2 -2
- package/cjs/S6418/rule.js +9 -24
- package/cjs/S6426/rule.js +5 -4
- package/cjs/S6437/rule.js +10 -7
- package/cjs/S6439/rule.js +9 -7
- package/cjs/S6442/rule.js +11 -8
- package/cjs/S6443/rule.js +9 -7
- package/cjs/S6486/rule.js +5 -4
- package/cjs/S6564/rule.js +4 -3
- package/cjs/S6594/rule.js +12 -8
- package/cjs/S6627/rule.js +6 -4
- package/cjs/S6759/rule.js +10 -6
- package/cjs/S6958/rule.js +2 -2
- package/cjs/S6959/rule.js +9 -6
- package/cjs/S7059/rule.js +8 -5
- package/cjs/S7639/rule.js +5 -4
- package/cjs/S7790/rule.js +7 -5
- package/cjs/S8441/rule.js +13 -9
- package/cjs/S881/rule.js +2 -2
- package/cjs/S888/rule.js +4 -3
- package/cjs/S930/rule.js +14 -12
- package/cjs/helpers/ast.js +11 -8
- package/cjs/helpers/aws/s3.js +9 -6
- package/cjs/helpers/chai.js +41 -43
- package/cjs/helpers/cookie-flag-check.js +19 -17
- package/cjs/helpers/{decorators/index.js → entropy.js} +16 -17
- package/cjs/helpers/express.js +127 -128
- package/cjs/helpers/mocha.js +50 -54
- package/cjs/helpers/regex/ast.js +7 -6
- package/cjs/helpers/regex/extract.js +11 -11
- package/cjs/helpers/regex/group.js +2 -2
- package/cjs/helpers/regex/location.js +2 -2
- package/cjs/helpers/regex/range.js +5 -4
- package/cjs/helpers/regex/rule-template.js +4 -3
- package/cjs/helpers/sinon.js +33 -36
- package/cjs/helpers/supertest.js +34 -37
- package/cjs/helpers/vitest.js +29 -32
- package/docs/file-permissions.md +1 -1
- package/package.json +39 -1
- package/types/helpers/ancestor.d.ts +1 -1
- package/types/helpers/aws/s3.d.ts +1 -1
- package/types/helpers/chai.d.ts +3 -5
- package/types/helpers/entropy.d.ts +1 -0
- package/types/helpers/express.d.ts +38 -43
- package/types/helpers/mocha.d.ts +19 -21
- package/types/helpers/regex/ast.d.ts +1 -1
- package/types/helpers/regex/rule-template.d.ts +1 -1
- package/types/helpers/sinon.d.ts +3 -5
- package/types/helpers/supertest.d.ts +3 -5
- package/types/helpers/type.d.ts +1 -1
- package/types/helpers/vitest.d.ts +3 -5
- package/cjs/helpers/aws/index.js +0 -35
- package/cjs/helpers/decorators/interceptor.js +0 -88
- package/cjs/helpers/index.js +0 -60
- package/cjs/helpers/recognizers/index.js +0 -37
- package/cjs/helpers/rule-detect-react.js +0 -29
- package/cjs/helpers/validate-version.js +0 -94
- package/types/helpers/aws/index.d.ts +0 -3
- package/types/helpers/decorators/index.d.ts +0 -2
- package/types/helpers/decorators/interceptor.d.ts +0 -16
- package/types/helpers/index.d.ts +0 -28
- package/types/helpers/recognizers/index.d.ts +0 -2
- package/types/helpers/rule-detect-react.d.ts +0 -2
- package/types/helpers/validate-version.d.ts +0 -13
package/cjs/S1994/rule.js
CHANGED
|
@@ -51,7 +51,10 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const equivalence_js_1 = require("../helpers/equivalence.js");
|
|
55
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
56
|
+
const ancestor_js_1 = require("../helpers/ancestor.js");
|
|
57
|
+
const collection_js_1 = require("../helpers/collection.js");
|
|
55
58
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
59
|
class ForInfo {
|
|
57
60
|
constructor(forLoop) {
|
|
@@ -61,7 +64,7 @@ class ForInfo {
|
|
|
61
64
|
}
|
|
62
65
|
}
|
|
63
66
|
exports.rule = {
|
|
64
|
-
meta: (0,
|
|
67
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, {
|
|
65
68
|
messages: {
|
|
66
69
|
misplacedCounter: `This loop's stop condition tests "{{test}}" but the incrementer updates "{{update}}".`,
|
|
67
70
|
},
|
|
@@ -90,7 +93,7 @@ exports.rule = {
|
|
|
90
93
|
return false;
|
|
91
94
|
}
|
|
92
95
|
function peekFor() {
|
|
93
|
-
return (0,
|
|
96
|
+
return (0, collection_js_1.last)(forLoopStack);
|
|
94
97
|
}
|
|
95
98
|
return {
|
|
96
99
|
ForStatement: (node) => {
|
|
@@ -101,7 +104,7 @@ exports.rule = {
|
|
|
101
104
|
if (forInfo.updatedExpressions.length === 0 || !forInfo.forLoop.test) {
|
|
102
105
|
return;
|
|
103
106
|
}
|
|
104
|
-
const hasIntersection = forInfo.testedExpressions.some(testedExpr => forInfo.updatedExpressions.some(updatedExpr => (0,
|
|
107
|
+
const hasIntersection = forInfo.testedExpressions.some(testedExpr => forInfo.updatedExpressions.some(updatedExpr => (0, equivalence_js_1.areEquivalent)(updatedExpr, testedExpr, context.sourceCode)));
|
|
105
108
|
if (!hasIntersection) {
|
|
106
109
|
context.report({
|
|
107
110
|
loc: context.sourceCode.getFirstToken(forInfo.forLoop).loc,
|
|
@@ -140,7 +143,7 @@ exports.rule = {
|
|
|
140
143
|
},
|
|
141
144
|
'ForStatement Identifier': (node) => {
|
|
142
145
|
if (isInsideTest(node)) {
|
|
143
|
-
const parent = (0,
|
|
146
|
+
const parent = (0, ancestor_js_1.getParent)(context, node);
|
|
144
147
|
if (parent.type !== 'MemberExpression' || parent.computed || parent.object === node) {
|
|
145
148
|
peekFor().testedExpressions.push(node);
|
|
146
149
|
}
|
|
@@ -148,8 +151,8 @@ exports.rule = {
|
|
|
148
151
|
},
|
|
149
152
|
'ForStatement MemberExpression': (node) => {
|
|
150
153
|
if (isInsideTest(node) &&
|
|
151
|
-
(0,
|
|
152
|
-
(0,
|
|
154
|
+
(0, ancestor_js_1.getParent)(context, node).type !== 'MemberExpression' &&
|
|
155
|
+
(0, ancestor_js_1.getParent)(context, node).type !== 'CallExpression') {
|
|
153
156
|
peekFor().testedExpressions.push(node);
|
|
154
157
|
}
|
|
155
158
|
},
|
package/cjs/S2004/rule.js
CHANGED
|
@@ -51,7 +51,9 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
|
+
const location_js_1 = require("../helpers/location.js");
|
|
56
|
+
const test_frameworks_js_1 = require("../helpers/test-frameworks.js");
|
|
55
57
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
58
|
const DEFAULT_THRESHOLD = 4;
|
|
57
59
|
/**
|
|
@@ -63,10 +65,10 @@ function isTestFrameworkCallback(node) {
|
|
|
63
65
|
if (parent?.type !== 'CallExpression') {
|
|
64
66
|
return false;
|
|
65
67
|
}
|
|
66
|
-
return (0,
|
|
68
|
+
return (0, test_frameworks_js_1.isTestFrameworkCall)(parent);
|
|
67
69
|
}
|
|
68
70
|
exports.rule = {
|
|
69
|
-
meta: (0,
|
|
71
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta),
|
|
70
72
|
create(context) {
|
|
71
73
|
const max = context.options[0]?.threshold ?? DEFAULT_THRESHOLD;
|
|
72
74
|
const nestedStack = [];
|
|
@@ -80,11 +82,11 @@ exports.rule = {
|
|
|
80
82
|
nestedStack.push(fn);
|
|
81
83
|
if (nestedStack.length === max + 1) {
|
|
82
84
|
const secondaries = nestedStack.slice(0, -1);
|
|
83
|
-
(0,
|
|
84
|
-
loc: (0,
|
|
85
|
+
(0, location_js_1.report)(context, {
|
|
86
|
+
loc: (0, location_js_1.getMainFunctionTokenLocation)(fn, fn.parent, context),
|
|
85
87
|
message: `Refactor this code to not nest functions more than ${max} levels deep.`,
|
|
86
|
-
}, secondaries.map(n => (0,
|
|
87
|
-
loc: (0,
|
|
88
|
+
}, secondaries.map(n => (0, location_js_1.toSecondaryLocation)({
|
|
89
|
+
loc: (0, location_js_1.getMainFunctionTokenLocation)(n, n.parent, context),
|
|
88
90
|
}, 'Nesting +1')));
|
|
89
91
|
}
|
|
90
92
|
},
|
package/cjs/S2068/rule.js
CHANGED
|
@@ -54,17 +54,27 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
54
54
|
};
|
|
55
55
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
56
56
|
exports.rule = void 0;
|
|
57
|
-
const
|
|
57
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
58
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
59
|
+
const entropy_js_1 = require("../helpers/entropy.js");
|
|
58
60
|
const node_path_1 = __importDefault(require("node:path"));
|
|
59
61
|
const meta = __importStar(require("./generated-meta.js"));
|
|
60
62
|
const DEFAULT_NAMES = ['password', 'pwd', 'passwd', 'passphrase'];
|
|
63
|
+
const ENTROPY_THRESHOLD = 3;
|
|
64
|
+
const MIN_PASSWORD_LENGTH = 5;
|
|
65
|
+
const NON_CREDENTIAL_CHARS = /[\s/["'\]<>]/;
|
|
66
|
+
const TEST_FILE_PATTERN = /\.(spec|test|mock)\.[jt]sx?$/;
|
|
61
67
|
const messages = {
|
|
62
68
|
reviewPassword: 'Review this potentially hard-coded password.',
|
|
63
69
|
};
|
|
64
70
|
exports.rule = {
|
|
65
|
-
meta: (0,
|
|
71
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, { messages }),
|
|
66
72
|
create(context) {
|
|
67
|
-
const
|
|
73
|
+
const filename = context.physicalFilename;
|
|
74
|
+
if (TEST_FILE_PATTERN.test(filename)) {
|
|
75
|
+
return {};
|
|
76
|
+
}
|
|
77
|
+
const dir = node_path_1.default.dirname(filename);
|
|
68
78
|
const parts = dir.split(node_path_1.default.sep).map(part => part.toLowerCase());
|
|
69
79
|
if (parts.includes('l10n')) {
|
|
70
80
|
return {};
|
|
@@ -98,21 +108,74 @@ exports.rule = {
|
|
|
98
108
|
};
|
|
99
109
|
function checkAssignment(context, patterns, variable, initializer) {
|
|
100
110
|
if (initializer &&
|
|
101
|
-
(
|
|
102
|
-
initializer
|
|
103
|
-
patterns.some(pattern => context.sourceCode.getText(variable).toLowerCase().includes(pattern))) {
|
|
111
|
+
patterns.some(pattern => context.sourceCode.getText(variable).toLowerCase().includes(pattern)) &&
|
|
112
|
+
findValueSuspect(initializer)) {
|
|
104
113
|
context.report({
|
|
105
114
|
messageId: 'reviewPassword',
|
|
106
115
|
node: initializer,
|
|
107
116
|
});
|
|
108
117
|
}
|
|
109
118
|
}
|
|
119
|
+
function findValueSuspect(node) {
|
|
120
|
+
if (!node) {
|
|
121
|
+
return false;
|
|
122
|
+
}
|
|
123
|
+
if ((0, ast_js_1.isStringLiteral)(node)) {
|
|
124
|
+
const value = node.value;
|
|
125
|
+
return (value.length >= MIN_PASSWORD_LENGTH &&
|
|
126
|
+
!NON_CREDENTIAL_CHARS.test(value) &&
|
|
127
|
+
hasHighEntropy(value));
|
|
128
|
+
}
|
|
129
|
+
if (node.type === 'ConditionalExpression') {
|
|
130
|
+
return findValueSuspect(node.consequent) || findValueSuspect(node.alternate);
|
|
131
|
+
}
|
|
132
|
+
if ((0, ast_js_1.isLogicalExpression)(node) &&
|
|
133
|
+
['??', '||'].includes(node.operator)) {
|
|
134
|
+
return findValueSuspect(node.right);
|
|
135
|
+
}
|
|
136
|
+
return false;
|
|
137
|
+
}
|
|
110
138
|
function checkLiteral(context, patterns, literal) {
|
|
111
|
-
if ((0,
|
|
112
|
-
|
|
113
|
-
context.report({
|
|
114
|
-
messageId: 'reviewPassword',
|
|
115
|
-
node: literal,
|
|
116
|
-
});
|
|
139
|
+
if (!(0, ast_js_1.isStringLiteral)(literal)) {
|
|
140
|
+
return;
|
|
117
141
|
}
|
|
142
|
+
const value = literal.value;
|
|
143
|
+
const lowerValue = value.toLowerCase();
|
|
144
|
+
for (const pattern of patterns) {
|
|
145
|
+
const match = pattern.exec(lowerValue);
|
|
146
|
+
if (!match) {
|
|
147
|
+
continue;
|
|
148
|
+
}
|
|
149
|
+
const eqIndex = value.indexOf('=', match.index);
|
|
150
|
+
if (eqIndex === -1) {
|
|
151
|
+
continue;
|
|
152
|
+
}
|
|
153
|
+
const passwordValue = extractPasswordValue(value, eqIndex);
|
|
154
|
+
if (passwordValue.length >= MIN_PASSWORD_LENGTH && hasHighEntropy(passwordValue)) {
|
|
155
|
+
context.report({
|
|
156
|
+
messageId: 'reviewPassword',
|
|
157
|
+
node: literal,
|
|
158
|
+
});
|
|
159
|
+
return;
|
|
160
|
+
}
|
|
161
|
+
}
|
|
162
|
+
}
|
|
163
|
+
function extractPasswordValue(value, eqIndex) {
|
|
164
|
+
const passwordPart = value.substring(eqIndex + 1);
|
|
165
|
+
const nextSep = findNextSeparator(passwordPart);
|
|
166
|
+
return nextSep === -1 ? passwordPart : passwordPart.substring(0, nextSep);
|
|
167
|
+
}
|
|
168
|
+
function findNextSeparator(str) {
|
|
169
|
+
const separators = ['&', ' ', ';'];
|
|
170
|
+
let minIndex = -1;
|
|
171
|
+
for (const sep of separators) {
|
|
172
|
+
const idx = str.indexOf(sep);
|
|
173
|
+
if (idx !== -1 && (minIndex === -1 || idx < minIndex)) {
|
|
174
|
+
minIndex = idx;
|
|
175
|
+
}
|
|
176
|
+
}
|
|
177
|
+
return minIndex;
|
|
178
|
+
}
|
|
179
|
+
function hasHighEntropy(value) {
|
|
180
|
+
return (0, entropy_js_1.shannonEntropy)(value) > ENTROPY_THRESHOLD;
|
|
118
181
|
}
|
package/cjs/S2077/rule.js
CHANGED
|
@@ -51,7 +51,11 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
|
+
const module_js_1 = require("../helpers/module.js");
|
|
56
|
+
const module_ts_js_1 = require("../helpers/module-ts.js");
|
|
57
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
58
|
+
const parser_services_js_1 = require("../helpers/parser-services.js");
|
|
55
59
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
60
|
const sqlQuerySignatures = new Set([
|
|
57
61
|
'pg.Client.query',
|
|
@@ -72,23 +76,23 @@ const sqlQuerySignatures = new Set([
|
|
|
72
76
|
'better-sqlite3.prepare',
|
|
73
77
|
]);
|
|
74
78
|
exports.rule = {
|
|
75
|
-
meta: (0,
|
|
79
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, {
|
|
76
80
|
messages: {
|
|
77
81
|
safeQuery: `Make sure that executing SQL queries is safe here.`,
|
|
78
82
|
},
|
|
79
83
|
}),
|
|
80
84
|
create(context) {
|
|
81
85
|
const services = context.sourceCode.parserServices;
|
|
82
|
-
const hasTypeInformation = (0,
|
|
86
|
+
const hasTypeInformation = (0, parser_services_js_1.isRequiredParserServices)(services);
|
|
83
87
|
return {
|
|
84
88
|
CallExpression(node) {
|
|
85
89
|
let fqn = null;
|
|
86
90
|
if (hasTypeInformation) {
|
|
87
91
|
const tsNode = services.esTreeNodeToTSNodeMap.get(node);
|
|
88
|
-
fqn = (0,
|
|
92
|
+
fqn = (0, module_ts_js_1.getFullyQualifiedNameTS)(services, tsNode);
|
|
89
93
|
}
|
|
90
94
|
else {
|
|
91
|
-
fqn = (0,
|
|
95
|
+
fqn = (0, module_js_1.getFullyQualifiedName)(context, node.callee);
|
|
92
96
|
}
|
|
93
97
|
if (fqn && sqlQuerySignatures.has(fqn) && isQuestionable(node.arguments[0])) {
|
|
94
98
|
context.report({
|
|
@@ -110,7 +114,7 @@ function isQuestionable(sqlQuery) {
|
|
|
110
114
|
if (isConcatenation(sqlQuery)) {
|
|
111
115
|
return isVariableConcat(sqlQuery);
|
|
112
116
|
}
|
|
113
|
-
return (sqlQuery.type === 'CallExpression' && (0,
|
|
117
|
+
return (sqlQuery.type === 'CallExpression' && (0, ast_js_1.isMemberWithProperty)(sqlQuery.callee, 'concat', 'replace'));
|
|
114
118
|
}
|
|
115
119
|
function isVariableConcat(node) {
|
|
116
120
|
const { left, right } = node;
|
package/cjs/S2092/rule.js
CHANGED
|
@@ -52,10 +52,10 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
54
|
const cookie_flag_check_js_1 = require("../helpers/cookie-flag-check.js");
|
|
55
|
-
const
|
|
55
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
56
56
|
const meta = __importStar(require("./generated-meta.js"));
|
|
57
57
|
exports.rule = {
|
|
58
|
-
meta: (0,
|
|
58
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta),
|
|
59
59
|
create(context) {
|
|
60
60
|
return {
|
|
61
61
|
CallExpression: (node) => new cookie_flag_check_js_1.CookieFlagCheck(context, 'secure').checkCookiesFromCallExpression(node),
|
package/cjs/S2123/rule.js
CHANGED
|
@@ -51,10 +51,10 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
55
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
56
|
exports.rule = {
|
|
57
|
-
meta: (0,
|
|
57
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, {
|
|
58
58
|
messages: {
|
|
59
59
|
removeIncrement: 'Remove this {{updateOperator}}rement or correct the code not to waste it.',
|
|
60
60
|
},
|
package/cjs/S2137/rule.js
CHANGED
|
@@ -55,7 +55,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
55
55
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
56
56
|
exports.rule = void 0;
|
|
57
57
|
const globals_1 = __importDefault(require("globals"));
|
|
58
|
-
const
|
|
58
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
59
59
|
const meta = __importStar(require("./generated-meta.js"));
|
|
60
60
|
const illegalNames = new Set(['arguments']);
|
|
61
61
|
const objectPrototypeProperties = new Set([
|
|
@@ -77,7 +77,7 @@ const getModificationIssue = (functionName) => ({
|
|
|
77
77
|
data: { symbol: functionName },
|
|
78
78
|
});
|
|
79
79
|
exports.rule = {
|
|
80
|
-
meta: (0,
|
|
80
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, {
|
|
81
81
|
messages: {
|
|
82
82
|
removeModification: 'Remove the modification of "{{symbol}}".',
|
|
83
83
|
forbidDeclaration: 'Do not use "{{symbol}}" to declare a {{type}} - use another name.',
|
package/cjs/S2138/rule.js
CHANGED
|
@@ -51,17 +51,18 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
55
56
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
57
|
exports.rule = {
|
|
57
|
-
meta: (0,
|
|
58
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, {
|
|
58
59
|
messages: {
|
|
59
60
|
useNull: 'Use null instead.',
|
|
60
61
|
},
|
|
61
62
|
}),
|
|
62
63
|
create(context) {
|
|
63
64
|
function raiseOnUndefined(node) {
|
|
64
|
-
if ((0,
|
|
65
|
+
if ((0, ast_js_1.isUndefined)(node)) {
|
|
65
66
|
context.report({
|
|
66
67
|
messageId: 'useNull',
|
|
67
68
|
node,
|
package/cjs/S2187/rule.js
CHANGED
|
@@ -51,7 +51,7 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
55
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
56
|
const APIs = new Set([
|
|
57
57
|
// Jasmine
|
|
@@ -114,7 +114,7 @@ const APIs = new Set([
|
|
|
114
114
|
'ruleTester.run',
|
|
115
115
|
]);
|
|
116
116
|
exports.rule = {
|
|
117
|
-
meta: (0,
|
|
117
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, {
|
|
118
118
|
messages: {
|
|
119
119
|
missingTest: 'Add some tests to this file or delete it.',
|
|
120
120
|
},
|
package/cjs/S2201/rule.js
CHANGED
|
@@ -55,7 +55,10 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
55
55
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
56
56
|
exports.rule = void 0;
|
|
57
57
|
const typescript_1 = __importDefault(require("typescript"));
|
|
58
|
-
const
|
|
58
|
+
const ancestor_js_1 = require("../helpers/ancestor.js");
|
|
59
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
60
|
+
const type_js_1 = require("../helpers/type.js");
|
|
61
|
+
const parser_services_js_1 = require("../helpers/parser-services.js");
|
|
59
62
|
const meta = __importStar(require("./generated-meta.js"));
|
|
60
63
|
const METHODS_WITHOUT_SIDE_EFFECTS = {
|
|
61
64
|
array: new Set([
|
|
@@ -205,7 +208,7 @@ const METHODS_WITHOUT_SIDE_EFFECTS = {
|
|
|
205
208
|
]),
|
|
206
209
|
};
|
|
207
210
|
exports.rule = {
|
|
208
|
-
meta: (0,
|
|
211
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, {
|
|
209
212
|
messages: {
|
|
210
213
|
useForEach: `Consider using "forEach" instead of "map" as its return value is not being used here.`,
|
|
211
214
|
returnValueMustBeUsed: 'The return value of "{{methodName}}" must be used.',
|
|
@@ -213,7 +216,7 @@ exports.rule = {
|
|
|
213
216
|
}),
|
|
214
217
|
create(context) {
|
|
215
218
|
const services = context.sourceCode.parserServices;
|
|
216
|
-
if (!(0,
|
|
219
|
+
if (!(0, parser_services_js_1.isRequiredParserServices)(services)) {
|
|
217
220
|
return {};
|
|
218
221
|
}
|
|
219
222
|
return {
|
|
@@ -244,7 +247,7 @@ const isFunctionTypeNode = (candidate) => {
|
|
|
244
247
|
};
|
|
245
248
|
function isReplaceWithCallback(methodName, callArguments, services) {
|
|
246
249
|
if (methodName === 'replace' && callArguments.length > 1) {
|
|
247
|
-
const type = (0,
|
|
250
|
+
const type = (0, type_js_1.getTypeFromTreeNode)(callArguments[1], services);
|
|
248
251
|
const typeNode = services.program.getTypeChecker().typeToTypeNode(type, undefined, undefined);
|
|
249
252
|
return typeNode && isFunctionTypeNode(typeNode);
|
|
250
253
|
}
|
|
@@ -284,7 +287,7 @@ function containsAssignment(node, visitorKeys) {
|
|
|
284
287
|
if (FUNCTION_BOUNDARIES.has(node.type)) {
|
|
285
288
|
return false;
|
|
286
289
|
}
|
|
287
|
-
return (0,
|
|
290
|
+
return (0, ancestor_js_1.childrenOf)(node, visitorKeys).some(child => containsAssignment(child, visitorKeys));
|
|
288
291
|
}
|
|
289
292
|
function reportDescriptor(methodName, node) {
|
|
290
293
|
if (methodName === 'map') {
|
package/cjs/S2208/rule.js
CHANGED
|
@@ -51,10 +51,10 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
55
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
56
|
exports.rule = {
|
|
57
|
-
meta: (0,
|
|
57
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, {
|
|
58
58
|
messages: {
|
|
59
59
|
wildcardImport: 'Explicitly {{xPort}} the specific member needed.',
|
|
60
60
|
},
|
package/cjs/S2234/rule.js
CHANGED
|
@@ -51,13 +51,17 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
55
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
56
|
+
const type_js_1 = require("../helpers/type.js");
|
|
57
|
+
const parser_services_js_1 = require("../helpers/parser-services.js");
|
|
58
|
+
const location_js_1 = require("../helpers/location.js");
|
|
55
59
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
60
|
exports.rule = {
|
|
57
|
-
meta: (0,
|
|
61
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta),
|
|
58
62
|
create(context) {
|
|
59
63
|
const services = context.sourceCode.parserServices;
|
|
60
|
-
const canResolveType = (0,
|
|
64
|
+
const canResolveType = (0, parser_services_js_1.isRequiredParserServices)(services);
|
|
61
65
|
function checkArguments(functionCall) {
|
|
62
66
|
// Extract argument names first (cheap operation)
|
|
63
67
|
const argumentNames = functionCall.arguments.map(arg => {
|
|
@@ -141,11 +145,11 @@ exports.rule = {
|
|
|
141
145
|
return resolveFromTSSignature(node);
|
|
142
146
|
}
|
|
143
147
|
let functionDeclaration = null;
|
|
144
|
-
if ((0,
|
|
148
|
+
if ((0, ast_js_1.isFunctionNode)(node.callee)) {
|
|
145
149
|
functionDeclaration = node.callee;
|
|
146
150
|
}
|
|
147
151
|
else if (node.callee.type === 'Identifier') {
|
|
148
|
-
functionDeclaration = (0,
|
|
152
|
+
functionDeclaration = (0, ast_js_1.resolveFromFunctionReference)(context, node.callee);
|
|
149
153
|
}
|
|
150
154
|
if (!functionDeclaration) {
|
|
151
155
|
return null;
|
|
@@ -156,7 +160,7 @@ exports.rule = {
|
|
|
156
160
|
};
|
|
157
161
|
}
|
|
158
162
|
function resolveFromTSSignature(node) {
|
|
159
|
-
const signature = (0,
|
|
163
|
+
const signature = (0, type_js_1.getSignatureFromCallee)(node, services);
|
|
160
164
|
if (signature?.declaration) {
|
|
161
165
|
return {
|
|
162
166
|
params: signature.parameters.map(param => param.name),
|
|
@@ -179,14 +183,14 @@ exports.rule = {
|
|
|
179
183
|
}
|
|
180
184
|
function haveCompatibleTypes(arg1, arg2) {
|
|
181
185
|
if (canResolveType) {
|
|
182
|
-
const type1 = normalizeType((0,
|
|
183
|
-
const type2 = normalizeType((0,
|
|
186
|
+
const type1 = normalizeType((0, type_js_1.getTypeAsString)(arg1, services));
|
|
187
|
+
const type2 = normalizeType((0, type_js_1.getTypeAsString)(arg2, services));
|
|
184
188
|
return type1 === type2;
|
|
185
189
|
}
|
|
186
190
|
return true;
|
|
187
191
|
}
|
|
188
192
|
function raiseIssue(arg1, arg2, functionDeclaration, node) {
|
|
189
|
-
(0,
|
|
193
|
+
(0, location_js_1.report)(context, {
|
|
190
194
|
message: `Arguments '${arg1}' and '${arg2}' have the same names but not the same order as the function parameters.`,
|
|
191
195
|
loc: getParametersClauseLocation(node.arguments),
|
|
192
196
|
}, getSecondaryLocations(functionDeclaration));
|
|
@@ -243,7 +247,7 @@ function isCryptoCyclicRotation(functionCall, functionParameters) {
|
|
|
243
247
|
}
|
|
244
248
|
function extractFunctionParameters(functionDeclaration) {
|
|
245
249
|
return functionDeclaration.params.map(param => {
|
|
246
|
-
const identifiers = (0,
|
|
250
|
+
const identifiers = (0, ast_js_1.resolveIdentifiers)(param);
|
|
247
251
|
if (identifiers.length === 1 && identifiers[0]) {
|
|
248
252
|
return identifiers[0].name;
|
|
249
253
|
}
|
|
@@ -253,7 +257,7 @@ function extractFunctionParameters(functionDeclaration) {
|
|
|
253
257
|
function getSecondaryLocations(functionDeclaration) {
|
|
254
258
|
if (functionDeclaration?.params && functionDeclaration.params.length > 0) {
|
|
255
259
|
const { start, end } = getParametersClauseLocation(functionDeclaration.params);
|
|
256
|
-
return [(0,
|
|
260
|
+
return [(0, location_js_1.toSecondaryLocation)({ loc: { start, end } }, 'Formal parameters')];
|
|
257
261
|
}
|
|
258
262
|
return [];
|
|
259
263
|
}
|
package/cjs/S2245/rule.js
CHANGED
|
@@ -51,10 +51,11 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
|
+
const module_js_1 = require("../helpers/module.js");
|
|
55
56
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
57
|
exports.rule = {
|
|
57
|
-
meta: (0,
|
|
58
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, {
|
|
58
59
|
messages: {
|
|
59
60
|
safeGenerator: 'Make sure that using this pseudorandom number generator is safe here.',
|
|
60
61
|
},
|
|
@@ -62,7 +63,7 @@ exports.rule = {
|
|
|
62
63
|
create(context) {
|
|
63
64
|
return {
|
|
64
65
|
CallExpression(node) {
|
|
65
|
-
const fqn = (0,
|
|
66
|
+
const fqn = (0, module_js_1.getFullyQualifiedName)(context, node);
|
|
66
67
|
if (fqn === 'Math.random') {
|
|
67
68
|
context.report({
|
|
68
69
|
messageId: 'safeGenerator',
|
package/cjs/S2251/rule.js
CHANGED
|
@@ -51,10 +51,11 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
|
+
const location_js_1 = require("../helpers/location.js");
|
|
55
56
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
57
|
exports.rule = {
|
|
57
|
-
meta: (0,
|
|
58
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta),
|
|
58
59
|
create(context) {
|
|
59
60
|
return {
|
|
60
61
|
ForStatement: (node) => {
|
|
@@ -67,10 +68,10 @@ exports.rule = {
|
|
|
67
68
|
const wrongDirection = getWrongDirection(test, loopIncrement);
|
|
68
69
|
if (wrongDirection !== 0 && wrongDirection === loopIncrement.direction) {
|
|
69
70
|
const movement = wrongDirection > 0 ? 'incremented' : 'decremented';
|
|
70
|
-
(0,
|
|
71
|
+
(0, location_js_1.report)(context, {
|
|
71
72
|
message: `"${loopIncrement.identifier.name}" is ${movement} and will never reach its stop condition.`,
|
|
72
73
|
node: forStatement.update,
|
|
73
|
-
}, [(0,
|
|
74
|
+
}, [(0, location_js_1.toSecondaryLocation)(test)]);
|
|
74
75
|
}
|
|
75
76
|
},
|
|
76
77
|
};
|
package/cjs/S2255/rule.js
CHANGED
|
@@ -51,10 +51,11 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
51
51
|
})();
|
|
52
52
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
53
|
exports.rule = void 0;
|
|
54
|
-
const
|
|
54
|
+
const generate_meta_js_1 = require("../helpers/generate-meta.js");
|
|
55
|
+
const ast_js_1 = require("../helpers/ast.js");
|
|
55
56
|
const meta = __importStar(require("./generated-meta.js"));
|
|
56
57
|
exports.rule = {
|
|
57
|
-
meta: (0,
|
|
58
|
+
meta: (0, generate_meta_js_1.generateMeta)(meta, {
|
|
58
59
|
messages: {
|
|
59
60
|
safeCookie: 'Make sure that cookie is written safely here.',
|
|
60
61
|
},
|
|
@@ -75,7 +76,7 @@ exports.rule = {
|
|
|
75
76
|
const { left } = node;
|
|
76
77
|
if (left.type === 'MemberExpression') {
|
|
77
78
|
const { object, property } = left;
|
|
78
|
-
if ((0,
|
|
79
|
+
if ((0, ast_js_1.isIdentifier)(object, 'document') && (0, ast_js_1.isIdentifier)(property, 'cookie')) {
|
|
79
80
|
context.report({
|
|
80
81
|
messageId: 'safeCookie',
|
|
81
82
|
node: left,
|
|
@@ -87,14 +88,14 @@ exports.rule = {
|
|
|
87
88
|
const { callee, arguments: args } = node;
|
|
88
89
|
if (callee.type === 'MemberExpression' &&
|
|
89
90
|
usingExpressFramework &&
|
|
90
|
-
(0,
|
|
91
|
+
(0, ast_js_1.isIdentifier)(callee.property, 'cookie', 'cookies')) {
|
|
91
92
|
context.report({
|
|
92
93
|
messageId: 'safeCookie',
|
|
93
94
|
node,
|
|
94
95
|
});
|
|
95
96
|
}
|
|
96
97
|
if (callee.type === 'MemberExpression' &&
|
|
97
|
-
(0,
|
|
98
|
+
(0, ast_js_1.isIdentifier)(callee.property, 'setHeader') &&
|
|
98
99
|
isLiteral(args[0], 'Set-Cookie')) {
|
|
99
100
|
context.report({
|
|
100
101
|
messageId: 'safeCookie',
|