@pkgdeps/secretlint-rule-checksum/esm/index.js

secretlint rule that check if checking checksum.

// Bundled with Packemon: https://packemon.dev
// Platform: browser, Support: stable, Format: esm
import { collectExecutableCommands } from '@pkgdeps/checksum-collector';

const isShellScript = content => {
  return /^#!\/.*\/(sh|bash|zsh|tsh|)/.test(content);
};

const messages = {
  FOUND_UNVERIFIED_BINARY: {
    en: props => `found unverified binary: ${props.binary}`,
    ja: props => `チェックサムのチェックがされていないバイナリ(${props.binary})がみつかりました`
  }
};

const hasVerifiedComment = (text, binaryName) => {
  // # {binaryName} is verified
  const match = text.match(/#(.*?)verified/);

  if (match) {
    return match[1].includes(binaryName);
  }

  return match;
};

const creator = {
  messages,
  meta: {
    id: "@pkgdeps/secretlint-rule-checksum",
    recommended: true,
    type: "scanner",
    supportedContentTypes: ["text"],
    docs: {
      url: "https://github.com/pkgdeps/unverified-checksum-checker/blob/master/packages/secretlint-rule-checksum/README.md"
    }
  },

  create(context, options) {
    const t = context.createTranslator(messages);
    return {
      file(source) {
        if (!isShellScript(source.content)) {
          return;
        }

        try {
          const commands = collectExecutableCommands(source.content);
          commands.forEach(command => {
            var _options$allowBinaryN;

            if (command.checked) {
              return;
            }

            if ((_options$allowBinaryN = options.allowBinaryNames) !== null && _options$allowBinaryN !== void 0 && _options$allowBinaryN.includes(command.binary)) {
              return;
            }

            const currentLine = source.rangeToLocation(command.range);
            const ignoreCommentRange = source.locationToRange({
              start: {
                line: currentLine.start.line - 1,
                column: 0
              },
              end: {
                line: currentLine.end.line + 1,
                column: 0
              }
            });
            const commentText = source.content.slice(ignoreCommentRange[0], ignoreCommentRange[1] + 1);

            if (hasVerifiedComment(commentText, command.binary)) {
              return;
            }

            context.report({
              message: t("FOUND_UNVERIFIED_BINARY", {
                binary: command.binary
              }),
              range: command.range
            });
          });
        } catch (error) {
          console.error("parse error", error, source);
        }
      }

    };
  }

};
export { creator, messages };
//# sourceMappingURL=index.js.map