UNPKG

@regele/devtools

Version:

A collection of developer utilities for code processing and text analysis

41 lines (40 loc) 1.45 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
import * as parser from '@babel/parser'; import * as t from '@babel/types'; import { Rule } from '../rule'; import { CategoryType, CodeFinding, SeverityLevel } from '../../types'; /** * Rule to detect unsafe use of eval() and similar functions */ export declare class UnsafeEvalRule extends Rule { readonly id = "security-unsafe-eval"; readonly name = "Unsafe Eval Usage"; readonly description = "Detects potentially dangerous use of eval() and similar functions"; readonly category = CategoryType.Security; readonly defaultSeverity = SeverityLevel.Critical; readonly requiresAST = true; private readonly dangerousFunctions; /** * Apply the rule to the given code * * @param code - Source code * @param ast - Parsed AST * @param filePath - Path to the file * @returns Array of findings */ apply(code: string, ast: parser.ParseResult<t.File>, filePath: string): CodeFinding[]; /** * Generate a suggestion for replacing eval * * @param code - Original code * @returns Suggested code */ protected generateSuggestion(_code: string): string; /** * Generate a suggestion for replacing other dangerous functions * * @param functionName - Name of the dangerous function * @param code - Original code * @returns Suggested code */ protected generateAlternativeSuggestion(functionName: string, _code: string): string; }