Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add config recommended-legacy #132

Merged
merged 2 commits into from
Dec 15, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .eslint-doc-generatorrc.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ const prettierRC = require('./.prettierrc.json');

/** @type {import('eslint-doc-generator').GenerateOptions} */
const config = {
ignoreConfig: ['recommended-legacy'],
postprocess: (doc) => format(doc, { ...prettierRC, parser: 'markdown' }),
};

Expand Down
12 changes: 12 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ yarn add --dev eslint-plugin-security

## Usage

### Flat config (requires eslint >= v8.23.0)

Add the following to your `eslint.config.js` file:

```js
Expand All @@ -28,6 +30,16 @@ const pluginSecurity = require('eslint-plugin-security');
module.exports = [pluginSecurity.configs.recommended];
```

### eslintrc config (deprecated)

Add the following to your `.eslintrc` file:

```js
module.exports = {
extends: ['plugin:security/recommended-legacy'],
};
```

## Developer guide

- Use [GitHub pull requests](https://help.github.com/articles/using-pull-requests).
Expand Down
10 changes: 9 additions & 1 deletion index.js
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,14 @@ const recommended = {
},
};

Object.assign(plugin.configs, { recommended });
const recommendedLegacy = {
plugins: ['security'],
rules: recommended.rules,
};

Object.assign(plugin.configs, {
recommended,
'recommended-legacy': recommendedLegacy
});

module.exports = plugin;
16 changes: 16 additions & 0 deletions test/configs/index.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
'use strict';
const plugin = require('../../index.js');
const assert = require('assert').strict;

describe('export plugin object', () => {
it('should export rules', () => {
assert(plugin.rules);
assert(typeof plugin.rules['detect-unsafe-regex'] === 'object');
});

it('should export configs', () => {
assert(plugin.configs);
assert(plugin.configs['recommended']);
assert(plugin.configs['recommended-legacy']);
});
});
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ const RuleTester = require('eslint').RuleTester;
const tester = new RuleTester();

const ruleName = 'detect-bidi-characters';
const Rule = require(`../rules/${ruleName}`);
const Rule = require(`../../rules/${ruleName}`);

tester.run(ruleName, Rule, {
valid: [
Expand Down Expand Up @@ -54,7 +54,7 @@ tester.run(`${ruleName} in comment-line`, Rule, {
console.log("You are an admin.");
/* end admins only ‮
⁦*/
/* end admins only ‮
/* end admins only ‮
{ ⁦*/
`,
errors: [
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ const RuleTester = require('eslint').RuleTester;
const tester = new RuleTester();

const ruleName = 'detect-buffer-noassert';
const rule = require(`../rules/${ruleName}`);
const rule = require(`../../rules/${ruleName}`);

const allMethodNames = [...rule.meta.__methodsToCheck.read, ...rule.meta.__methodsToCheck.write];

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ const tester = new RuleTester({
});

const ruleName = 'detect-child-process';
const rule = require(`../rules/${ruleName}`);
const rule = require(`../../rules/${ruleName}`);

tester.run(ruleName, rule, {
valid: [
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ const tester = new RuleTester();

const ruleName = 'detect-disable-mustache-escape';

tester.run(ruleName, require(`../rules/${ruleName}`), {
tester.run(ruleName, require(`../../rules/${ruleName}`), {
valid: [{ code: 'escapeMarkup = false' }],
invalid: [
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ const tester = new RuleTester();

const ruleName = 'detect-eval-with-expression';

tester.run(ruleName, require(`../rules/${ruleName}`), {
tester.run(ruleName, require(`../../rules/${ruleName}`), {
valid: [{ code: "eval('alert()')" }],
invalid: [
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ const tester = new RuleTester();
const ruleName = 'detect-new-buffer';
const invalid = 'var a = new Buffer(c)';

tester.run(ruleName, require(`../rules/${ruleName}`), {
tester.run(ruleName, require(`../../rules/${ruleName}`), {
valid: [{ code: "var a = new Buffer('test')" }],
invalid: [
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ const tester = new RuleTester();

const ruleName = 'detect-no-csrf-before-method-override';

tester.run(ruleName, require(`../rules/${ruleName}`), {
tester.run(ruleName, require(`../../rules/${ruleName}`), {
valid: [{ code: 'express.methodOverride();express.csrf()' }],
invalid: [
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ const tester = new RuleTester({

const ruleName = 'detect-non-literal-fs-filename';

tester.run(ruleName, require(`../rules/${ruleName}`), {
tester.run(ruleName, require(`../../rules/${ruleName}`), {
valid: [
{
code: `var fs = require('fs');
Expand All @@ -29,7 +29,7 @@ tester.run(ruleName, require(`../rules/${ruleName}`), {
import { promises as fsp } from 'fs';
import fs from 'fs';
import path from 'path';

const index = await fsp.readFile(path.resolve(__dirname, './index.html'), 'utf-8');
const key = fs.readFileSync(path.join(__dirname, './ssl.key'));
await fsp.writeFile(path.resolve(__dirname, './sitemap.xml'), sitemap);`,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ const tester = new RuleTester();
const ruleName = 'detect-non-literal-regexp';
const invalid = "var a = new RegExp(c, 'i')";

tester.run(ruleName, require(`../rules/${ruleName}`), {
tester.run(ruleName, require(`../../rules/${ruleName}`), {
valid: [
{ code: "var a = new RegExp('ab+c', 'i')" },
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ const tester = new RuleTester({ parserOptions: { ecmaVersion: 6 } });

const ruleName = 'detect-non-literal-require';

tester.run(ruleName, require(`../rules/${ruleName}`), {
tester.run(ruleName, require(`../../rules/${ruleName}`), {
valid: [
{ code: "var a = require('b')" },
{ code: 'var a = require(`b`)' },
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ const tester = new RuleTester();

const ruleName = 'detect-object-injection';

const Rule = require(`../rules/${ruleName}`);
const Rule = require(`../../rules/${ruleName}`);

const valid = 'var a = {};';
// const invalidVariable = "TODO";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ const RuleTester = require('eslint').RuleTester;
const tester = new RuleTester();

const ruleName = 'detect-possible-timing-attacks';
const Rule = require(`../rules/${ruleName}`);
const Rule = require(`../../rules/${ruleName}`);

const valid = 'if (age === 5) {}';
const invalidLeft = "if (password === 'mypass') {}";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ const tester = new RuleTester();
const ruleName = 'detect-pseudoRandomBytes';
const invalid = 'crypto.pseudoRandomBytes';

tester.run(ruleName, require(`../rules/${ruleName}`), {
tester.run(ruleName, require(`../../rules/${ruleName}`), {
valid: [{ code: 'crypto.randomBytes' }],
invalid: [
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ const RuleTester = require('eslint').RuleTester;
const tester = new RuleTester();

const ruleName = 'detect-unsafe-regex';
const Rule = require(`../rules/${ruleName}`);
const Rule = require(`../../rules/${ruleName}`);

tester.run(ruleName, Rule, {
valid: [{ code: '/^d+1337d+$/' }],
Expand Down