@nodesecure/js-x-ray/dist/warnings.js

JavaScript AST XRay analysis

// Import Internal Dependencies
import { notNullOrUndefined } from "./utils/notNullOrUndefined.js";
import { rootLocation, toArrayLocation } from "./utils/toArrayLocation.js";
export const warnings = Object.freeze({
    "parsing-error": {
        i18n: "sast_warnings.parsing_error",
        severity: "Information",
        experimental: false
    },
    "unsafe-import": {
        i18n: "sast_warnings.unsafe_import",
        severity: "Warning",
        experimental: false
    },
    "unsafe-regex": {
        i18n: "sast_warnings.unsafe_regex",
        severity: "Warning",
        experimental: false
    },
    "unsafe-stmt": {
        i18n: "sast_warnings.unsafe_stmt",
        severity: "Warning",
        experimental: false
    },
    "encoded-literal": {
        i18n: "sast_warnings.encoded_literal",
        severity: "Information",
        experimental: false
    },
    "short-identifiers": {
        i18n: "sast_warnings.short_identifiers",
        severity: "Warning",
        experimental: false
    },
    "suspicious-literal": {
        i18n: "sast_warnings.suspicious_literal",
        severity: "Warning",
        experimental: false
    },
    "suspicious-file": {
        i18n: "sast_warnings.suspicious_file",
        severity: "Critical",
        experimental: false
    },
    "obfuscated-code": {
        i18n: "sast_warnings.obfuscated_code",
        severity: "Critical",
        experimental: true
    },
    "weak-crypto": {
        i18n: "sast_warnings.weak_crypto",
        severity: "Information",
        experimental: false
    },
    "shady-link": {
        i18n: "sast_warnings.shady_link",
        severity: "Warning",
        experimental: false
    },
    "unsafe-command": {
        i18n: "sast_warnings.unsafe_command",
        severity: "Warning",
        experimental: true
    },
    "synchronous-io": {
        i18n: "sast_warnings.synchronous_io",
        severity: "Warning",
        experimental: true
    },
    "serialize-environment": {
        i18n: "sast_warnings.serialize_environment",
        severity: "Warning",
        experimental: false
    },
    "data-exfiltration": {
        i18n: "sast_warnings.data_exfiltration",
        severity: "Warning",
        experimental: false
    },
    "log-usage": {
        i18n: "sast_warnings.log_usage",
        severity: "Information",
        experimental: false
    },
    "sql-injection": {
        i18n: "sast_warnings.sql_injection",
        severity: "Warning",
        experimental: false
    },
    "monkey-patch": {
        i18n: "sast_warnings.monkey_patch",
        severity: "Warning",
        experimental: false
    },
    "insecure-random": {
        i18n: "sast_warnings.insecure_random",
        severity: "Information",
        experimental: false
    },
    "prototype-pollution": {
        i18n: "sast_warnings.prototype_pollution",
        severity: "Warning",
        experimental: false
    }
});
export function generateWarning(kind, options) {
    const { file = null, value, source = "JS-X-Ray", severity = warnings[kind].severity } = options;
    const location = options.location ?? rootLocation();
    if (kind === "encoded-literal") {
        return {
            kind,
            value,
            location: [toArrayLocation(location)],
            source,
            ...warnings[kind]
        };
    }
    return {
        kind,
        location: toArrayLocation(location),
        source,
        ...warnings[kind],
        severity,
        ...(notNullOrUndefined(file) ? { file } : {}),
        ...(notNullOrUndefined(value) ? { value } : { value: null })
    };
}
//# sourceMappingURL=warnings.js.map