npm - eslint-plugin-sql-template - Versions diffs - 2.0.0 → 3.0.0 - Mend

eslint-plugin-sql-template 2.0.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/LICENSE +1 -1
package/README.md +50 -28
package/index.js +7 -2
package/package.json +23 -7
package/rules/no-unsafe-query.js +25 -7
package/.npmignore +0 -37
package/.travis.yml +0 -7
package/CHANGELOG.md +0 -10
package/test/rules/no-unsafe-query_test.js +0 -54

package/LICENSE CHANGED Viewed

@@ -1,6 +1,6 @@
 MIT License
-Copyright (c) 2016 Uphold
+Copyright (c) 2024 Uphold
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/README.md CHANGED Viewed

@@ -1,47 +1,40 @@
 # eslint-plugin-sql-template
-ESLint plugin with rules for using the `sql` template tag from a library such as [sql-tag](https://github.com/seegno/sql-tag) on raw SQL queries.
+ESLint plugin with rules for using the `sql` template tag from a library such as [sql-tag](https://github.com/ruimarinho/sql-tag) on raw SQL queries.
 That library escapes data provided to an SQL query statement via interpolation. This prevents, for instance, potential SQL injection attacks.
 This ESLint plugin helps teams enforce the usage of that tag, to avoid overlooked vulnerabilities from creeping into their codebases.
+## Status
+[![npm version][npm-image]][npm-url]
+[![build status][ci-image]][ci-url]
 ## Installation
 ```sh
-$ npm install eslint eslint-plugin-sql-template --save-dev
+npm install eslint eslint-plugin-sql-template --save-dev
 ```
 ## Usage
-Create an `.eslint.yml` file with the following:
-```yaml
-plugins:
-  - sql-template
-```
-Then, you can add the custom rules to the `.eslint.yml` file:
-```yaml
-rules:
-  - sql-template/no-unsafe-query: 2
-```
-To lint your project with ESLint, add the following `script` to your `package.json`:
+Add `sql-template` to both the `plugins` and `rules` sections of your `ESLint` configuration file. Example:
-```json
-{
-  "scripts": {
-    "lint": "eslint ."
+```js
+// eslint.config.js
+import sqlTemplate from 'eslint-plugin-sql-template';
+module.exports = [
+  {
+    plugins: {
+      'sql-template': sqlTemplate
+    },
+    rules: {
+      'sql-template/no-unsafe-query': 'error'
+    }
   }
-}
-```
-and run the linter with:
-```sh
-$ npm run lint
+];
 ```
 ## Rules
@@ -81,3 +74,32 @@ Users.query(`SELECT id, name FROM users`);
 const punctuation = '!';
 foo.bar(`Not SQL${punctuation}`);
 ```
+## License
+[MIT](https://opensource.org/licenses/MIT)
+## Contributing
+### Development
+Install dependencies:
+```sh
+npm i
+```
+Run tests:
+```sh
+npm run test
+```
+### Cutting a release
+The release process is automated via the [release](https://github.com/uphold/eslint-plugin-sql-template/actions/workflows/release.yaml) GitHub workflow. Run it by clicking the "Run workflow" button.
+[npm-image]: https://img.shields.io/npm/v/eslint-plugin-sql-template.svg
+[npm-url]: https://www.npmjs.com/package/eslint-plugin-sql-template
+[ci-image]: https://github.com/uphold/eslint-plugin-sql-template/actions/workflows/ci.yaml/badge.svg?branch=master
+[ci-url]: https://github.com/uphold/eslint-plugin-sql-template/actions/workflows/ci.yaml

package/index.js CHANGED Viewed

@@ -4,6 +4,11 @@
  * Export rules.
  */
-module.exports.rules = {
-  'no-unsafe-query': require('./rules/no-unsafe-query')
+module.exports = {
+  meta: {},
+  configs: {},
+  rules: {
+    'no-unsafe-query': require('./rules/no-unsafe-query')
+  },
+  processors: {}
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "eslint-plugin-sql-template",
-  "version": "2.0.0",
+  "version": "3.0.0",
   "description": "ESLint plugin with rules for using the `sql` template tag on raw SQL queries",
   "keywords": [
     "plugin",
@@ -25,15 +25,31 @@
     "sql-parse": "^0.1.5"
   },
   "engines": {
-    "node": ">=4"
+    "node": ">=20"
+  },
+  "files": [
+    "index.js",
+    "rules"
+  ],
+  "publishConfig": {
+    "access": "public"
   },
   "scripts": {
-    "changelog": "github_changelog_generator --header-label '# Changelog' --no-issues --no-verbose --future-release=$npm_config_future_release && sed -i '' -e :a -e '$d;N;2,3ba' -e 'P;D' CHANGELOG.md",
-    "test": "mocha --recursive",
-    "version": "npm run changelog --future-release=$npm_package_version && git add -A CHANGELOG.md"
+    "lint": "eslint .",
+    "release": "release-it",
+    "test": "mocha test --recursive"
   },
   "devDependencies": {
-    "eslint": "^3.6.1",
-    "mocha": "^3.1.0"
+    "@eslint/js": "^9.12.0",
+    "@uphold/github-changelog-generator": "^3.4.0",
+    "eslint": "^9.12.0",
+    "eslint-config-prettier": "^9.1.0",
+    "eslint-plugin-prettier": "^5.2.1",
+    "mocha": "^10.7.3",
+    "prettier": "^3.3.3",
+    "release-it": "^17.9.0"
+  },
+  "peerDependencies": {
+    "eslint": ">=9"
   }
 }

package/rules/no-unsafe-query.js CHANGED Viewed

@@ -17,6 +17,8 @@ function isSqlQuery(literal) {
   try {
     parser.parse(literal);
+    // eslint-disable-next-line no-unused-vars
   } catch (error) {
     return false;
   }
@@ -41,7 +43,10 @@ function validate(node, context) {
     const literal = node.quasis.map(quasi => quasi.value.raw).join('x');
     if (isSqlQuery(literal)) {
-      context.report(node, 'Use the `sql` tagged template literal for raw queries');
+      context.report({
+        node,
+        message: 'Use the `sql` tagged template literal for raw queries'
+      });
     }
   }
 }
@@ -50,11 +55,24 @@ function validate(node, context) {
  * Export `no-unsafe-query`.
  */
-module.exports = context => ({
-  CallExpression(node) {
-    node.arguments.forEach(argument => validate(argument, context));
+module.exports = {
+  meta: {
+    type: 'suggestion',
+    docs: {
+      description: 'disallow unsafe SQL queries',
+      recommended: false,
+      url: 'https://github.com/uphold/eslint-plugin-sql-template#rules'
+    },
+    schema: [] // no options
   },
-  VariableDeclaration(node) {
-    node.declarations.forEach(declaration => validate(declaration.init, context));
+  create(context) {
+    return {
+      CallExpression(node) {
+        node.arguments.forEach(argument => validate(argument, context));
+      },
+      VariableDeclaration(node) {
+        node.declarations.forEach(declaration => validate(declaration.init, context));
+      }
+    };
   }
-});
+};

package/.npmignore DELETED Viewed

@@ -1,37 +0,0 @@
-# Logs
-logs
-*.log
-npm-debug.log*
-# Runtime data
-pids
-*.pid
-*.seed
-# Directory for instrumented libs generated by jscoverage/JSCover
-lib-cov
-# Coverage directory used by tools like istanbul
-coverage
-# nyc test coverage
-.nyc_output
-# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
-.grunt
-# node-waf configuration
-.lock-wscript
-# Compiled binary addons (http://nodejs.org/api/addons.html)
-build/Release
-# Dependency directories
-node_modules
-jspm_packages
-# Optional npm cache directory
-.npm
-# Optional REPL history
-.node_repl_history

package/.travis.yml DELETED Viewed

@@ -1,7 +0,0 @@
-language: node_js
-node_js:
-  - 4
-  - 6
-sudo: false

package/CHANGELOG.md DELETED Viewed

@@ -1,10 +0,0 @@
-# Changelog
-## [2.0.0](https://github.com/uphold/eslint-plugin-sql-template/tree/2.0.0) (2016-10-03)
-**Merged pull requests:**
-- Remove lodash dependency [\#4](https://github.com/uphold/eslint-plugin-sql-template/pull/4) ([kurayama](https://github.com/kurayama))
-- Use mocha --recursive flag [\#3](https://github.com/uphold/eslint-plugin-sql-template/pull/3) ([kurayama](https://github.com/kurayama))
-- Update README [\#2](https://github.com/uphold/eslint-plugin-sql-template/pull/2) ([kurayama](https://github.com/kurayama))
-- Create project with `no-unsafe-query` rule [\#1](https://github.com/uphold/eslint-plugin-sql-template/pull/1) ([rplopes](https://github.com/rplopes))

package/test/rules/no-unsafe-query_test.js DELETED Viewed

@@ -1,54 +0,0 @@
-'use strict';
-/**
- * Module dependencies.
- */
-const RuleTester = require('eslint').RuleTester;
-const rule = require('../../rules/no-unsafe-query');
-RuleTester.setDefaultConfig({
-  parserOptions: {
-    ecmaVersion: 6
-  }
-});
-/**
- * Test `no-unsafe-query`.
- */
-const ruleTester = new RuleTester();
-ruleTester.run('no-unsafe-query', rule, {
-  invalid: [{
-    code: 'const column = "*"; foo.query(`SELECT ${column} FROM foobar`);',
-    errors: [{
-      message: 'Use the `sql` tagged template literal for raw queries'
-    }]
-  }, {
-    code: 'const column = "*"; const query = `SELECT ${column} FROM foobar`; foo.query(query);',
-    errors: [{
-      message: 'Use the `sql` tagged template literal for raw queries'
-    }]
-  }, {
-    code: 'const column = "*"; foo.query(foobar`SELECT ${column} FROM foobar`);',
-    errors: [{
-      message: 'Use the `sql` tagged template literal for raw queries'
-    }]
-  }, {
-    code: 'const column = "*"; const query = foobar`SELECT ${column} FROM foobar`; foo.query(query);',
-    errors: [{
-      message: 'Use the `sql` tagged template literal for raw queries'
-    }]
-  }],
-  valid: [
-    'const column = "*"; foo.query(sql`SELECT ${column} FROM foobar`);',
-    'const column = "*"; const query = sql`SELECT ${column} FROM foobar`; foo.query(query);',
-    'foo.query(`SELECT column FROM foobar`);',
-    'const query = `SELECT column FROM foobar`; foo.query(query);',
-    'const foo = "bar"; baz.greet(`hello ${foo}`);',
-    'const foo = "bar"; const baz = `hello ${foo}`; qux.greet(baz);',
-    'foo.greet(`hello`);',
-    'const foo = `bar`; baz.greet(foo);'
-  ]
-});