eslint-plugin-sonarjs
Version:
SonarJS rules for ESLint
50 lines (49 loc) • 2.06 kB
JavaScript
;
/*
* SonarQube JavaScript Plugin
* Copyright (C) 2011-2025 SonarSource SA
* mailto:info AT sonarsource DOT com
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the Sonar Source-Available License Version 1, as published by SonarSource SA.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the Sonar Source-Available License for more details.
*
* You should have received a copy of the Sonar Source-Available License
* along with this program; if not, see https://sonarsource.com/license/ssal/
*/
// https://sonarsource.github.io/rspec/#/rspec/S5547/javascript
Object.defineProperty(exports, "__esModule", { value: true });
exports.rule = void 0;
const index_js_1 = require("../helpers/index.js");
const meta_js_1 = require("./meta.js");
const WEAK_CIPHERS = ['bf', 'blowfish', 'des', 'rc2', 'rc4'];
exports.rule = {
meta: (0, index_js_1.generateMeta)(meta_js_1.meta, {
messages: {
strongerCipher: 'Use a strong cipher algorithm.',
},
}),
create(context) {
return {
CallExpression(node) {
const callExpression = node;
if ((0, index_js_1.getFullyQualifiedName)(context, callExpression) === 'crypto.createCipheriv') {
const algorithm = (0, index_js_1.getValueOfExpression)(context, callExpression.arguments[0], 'Literal');
const algorithmValue = algorithm?.value?.toString().toLowerCase();
if (algorithm &&
algorithmValue &&
WEAK_CIPHERS.findIndex(cipher => algorithmValue.startsWith(cipher)) >= 0) {
context.report({
messageId: 'strongerCipher',
node: algorithm,
});
}
}
},
};
},
};