oxlint-plugin-react-doctor 0.2.14-dev.ac3ca1a → 0.2.14-dev.b612664
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +12 -0
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -20758,6 +20758,17 @@ const SECRET_PATTERNS = [
|
|
|
20758
20758
|
/^xox[bporas]-/,
|
|
20759
20759
|
/^sk-[a-zA-Z0-9]{32,}$/
|
|
20760
20760
|
];
|
|
20761
|
+
const PUBLIC_CLIENT_KEY_PATTERNS = [
|
|
20762
|
+
/^appl_/,
|
|
20763
|
+
/^goog_/,
|
|
20764
|
+
/^amzn_/,
|
|
20765
|
+
/^strp_/,
|
|
20766
|
+
/^pk_(?:live|test)_/,
|
|
20767
|
+
/^sb_publishable_/,
|
|
20768
|
+
/^phc_/,
|
|
20769
|
+
/^public-token-(?:live|test)-/,
|
|
20770
|
+
/^pk\.eyJ/
|
|
20771
|
+
];
|
|
20761
20772
|
const SECRET_VARIABLE_PATTERN = /(?:api_?key|secret|token|password|credential|auth)/i;
|
|
20762
20773
|
const SECRET_TOOLING_FILE_PATTERN = /(?:^|\/)[^/]+\.config\.[cm]?[jt]s$/;
|
|
20763
20774
|
const SECRET_TOOLING_RC_FILE_PATTERN = /(?:^|\/)(?:\.[a-z-]+rc|[a-z-]+\.rc)\.[cm]?[jt]s$/;
|
|
@@ -21070,6 +21081,7 @@ const noSecretsInClientCode = defineRule({
|
|
|
21070
21081
|
if (!isNodeOfType(node.init, "Literal") || typeof node.init.value !== "string") return;
|
|
21071
21082
|
const variableName = node.id.name;
|
|
21072
21083
|
const literalValue = node.init.value;
|
|
21084
|
+
if (PUBLIC_CLIENT_KEY_PATTERNS.some((pattern) => pattern.test(literalValue))) return;
|
|
21073
21085
|
const isServerOnlyScope = isInsideServerOnlyScope(node);
|
|
21074
21086
|
const trailingSuffix = getIdentifierTrailingWord(variableName);
|
|
21075
21087
|
const isUiConstant = SECRET_FALSE_POSITIVE_SUFFIXES.has(trailingSuffix);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "oxlint-plugin-react-doctor",
|
|
3
|
-
"version": "0.2.14-dev.
|
|
3
|
+
"version": "0.2.14-dev.b612664",
|
|
4
4
|
"description": "oxlint plugin for React Doctor: diagnose React codebases for security, performance, correctness, accessibility, bundle-size, and architecture issues",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"accessibility",
|