UNPKG

tslint-config-security

Version:

TSLint security rules

github.com/webschik/tslint-config-security

webschik/tslint-config-security

66 lines (65 loc) 2.98 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); var tslib_1 = require("tslib"); var Lint = require("tslint"); var ts = require("typescript"); var node_kind_1 = require("../node-kind"); var Rule = (function (_super) { tslib_1.__extends(Rule, _super); function Rule() { return _super !== null && _super.apply(this, arguments) || this; } Rule.prototype.apply = function (sourceFile) { return this.applyWithFunction(sourceFile, walk); }; Rule.metadata = { ruleName: 'tsr-detect-child-process', description: 'Warns when child_process.exec() with non-literal first argument is used', descriptionDetails: Lint.Utils.dedent(templateObject_1 || (templateObject_1 = tslib_1.__makeTemplateObject(["Any usage of child_process.exec()\n with non-literal first argument will trigger a warning.\n See https://github.com/webschik/tslint-config-security#tsr-detect-child-process"], ["Any usage of child_process.exec()\n with non-literal first argument will trigger a warning.\n See https://github.com/webschik/tslint-config-security#tsr-detect-child-process"]))), optionsDescription: '', options: null, type: 'functionality', requiresTypeInfo: false, typescriptOnly: false }; return Rule; }(Lint.Rules.AbstractRule)); exports.Rule = Rule; function walk(ctx) { var names = []; function visitNode(node) { switch (node.kind) { case ts.SyntaxKind.CallExpression: { var _a = node, expression = _a.expression, args = _a.arguments; var firstArgument = args && args[0]; if (firstArgument && expression && node_kind_1.stringLiteralKinds.includes(firstArgument.kind) && firstArgument.text === 'child_process' && expression.text === 'require') { var parent = node.parent; names.length = 0; if (parent && parent.kind === ts.SyntaxKind.VariableDeclaration) { names.push(parent.name.text); } ctx.addFailureAtNode(node, 'Found require("child_process")'); } break; } case ts.SyntaxKind.PropertyAccessExpression: { var _b = node, name = _b.name, expression = _b.expression; if (name && expression && name.text === 'exec' && names.indexOf(expression.text) >= 0) { ctx.addFailureAtNode(node, 'Found child_process.exec() with non StringLiteral first argument'); } break; } default: } return ts.forEachChild(node, visitNode); } return ts.forEachChild(ctx.sourceFile, visitNode); } var templateObject_1;