feat(linter): add oxc-security/api-keys
#5906
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Your org has enabled the Graphite merge queue for merging into mainAdd the label “0-merge” to the PR and Graphite will automatically add it to the merge queue when it’s ready to merge. Or use the label “hotfix” to add to the merge queue as a hot fix. You must have a Graphite account and log in to Graphite in order to use the merge queue. Sign up using this link. |
This stack of pull requests is managed by Graphite. Learn more about stacking. |
DonIsaac
added
the
C-enhancement
Graphite App
CodSpeed Performance ReportMerging #5906 will not alter performanceComparing Summary
|
DonIsaac
force-pushed
the
don/09-19-feat_linter_add_oxc-security_api-keys_
branch
from
78bb45a to
997064a
Compare
DonIsaac
changed the base branch from
don/09-19-feat_linter_add_oxc-security_plugin
to
main
DonIsaac
force-pushed
the
don/09-19-feat_linter_add_oxc-security_api-keys_
branch
4 times, most recently
from
7f91349 to
cdfd804
Compare
10 tasks
This was referenced Sep 20, 2024
DonIsaac
force-pushed
the
don/09-19-feat_linter_add_oxc-security_api-keys_
branch
from
5201623 to
fc95223
Compare
camc314
reviewed
Sep 21, 2024
camc314
reviewed
Sep 21, 2024
camc314
reviewed
Sep 21, 2024
camc314
approved these changes
Sep 21, 2024
DonIsaac
force-pushed
the
don/09-19-feat_linter_add_oxc-security_api-keys_
branch
from
fc95223 to
20068ec
Compare
Merge activity
|
## What This PR does Adds a new `oxc-security/api-key` rule that scans for hard-coded API keys. It is broken up into "secret rules", where each one is responsible for finding a different kind of key. It is architecturally identical to how lint rules themselves. This PR also includes the first of these rules, for AWS access key IDs. Logic and rules are based on [keyhunter](https://github.com/Donisaac/keyhunter). I've licensed that repo under GNU GPLv3, but it's my code and I can do what I want with it 😈 (read: I'm fine with it being MIT for oxc). This PR is a complete feature in its own right, but does not represent the end of this work. See oxc-project/backlog#116 to track overall progress.
DonIsaac
force-pushed
the
don/09-19-feat_linter_add_oxc-security_api-keys_
branch
from
5e0c384 to
d24985e
Compare
graphite-app
bot
deleted the
don/09-19-feat_linter_add_oxc-security_api-keys_
branch
Boshen
added a commit
that referenced
this pull request
Sep 23, 2024
## [0.9.7] - 2024-09-23 ### Features - d24985e linter: Add `oxc-security/api-keys` (#5906) (DonIsaac) - f9b44c5 linter: Add unicode sets support to `no-useless-escape` rule (#5974) (camchenry) - 0f19848 linter: Implement `no-unexpected-multiline` rule (#5911) (camchenry) - 16fe383 linter: Implement `no-extend-native` rule (#5867) (Cam McHenry) ### Bug Fixes - eed9ac7 linter: Include actual span size in `no-regex-spaces` diagnostic (#5957) (camchenry) - 40c89c2 linter: Move `promise/avoid-new` to style category (#5961) (DonIsaac) ### Performance - 608d637 linter: Use `aho-corasick` instead of `regex` for string matching in `jsx-a11y/img-redundant-alt` (#5892) (camchenry) - 3148d4b linter: Check file path after checking node kind for `nextjs/no-head-element` (#5868) (Cam McHenry) ### Refactor - 0a5a4a9 linter: Use parsed patterns for `unicorn/no-hex-escape` (#5985) (camchenry) - 2cf2edd linter: Use parsed patterns in `no-empty-character-class` rule (#5980) (camchenry) - a9a8e2a linter: Use regex parser in `eslint/no-regex-spaces` (#5952) (camchenry) - 05f592b linter: Use parsed patterns in `unicorn/prefer-string-starts-ends-with` (#5949) (camchenry) - 3273b64 linter: Use parsed patterns for `unicorn/prefer-string-replace-all` rule (#5943) (camchenry) - ba7b01f linter: Add `LinterBuilder` (#5714) (DonIsaac) - db4f16a semantic: Call `with_trivias` before `build_with_jsdoc` (#5875) (Boshen) - 3d13c6d semantic: Impl `IntoIterator` for `&AstNodes` (#5873) (DonIsaac) ### Testing - b681c9a linter: Import test cases for `no-empty-character-class` (#5981) (camchenry) - 767602b linter: Add regression test for #5227 (#5975) (camchenry) --------- Co-authored-by: Boshen <1430279+Boshen@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What This PR does
Adds a new
oxc-security/api-keyrule that scans for hard-coded API keys.It is broken up into "secret rules", where each one is responsible for finding a different kind of key. It is architecturally identical to how lint rules themselves. This PR also includes the first of these rules, for AWS access key IDs.
Logic and rules are based on keyhunter. I've licensed that repo under GNU GPLv3, but it's my code and I can do what I want with it 😈 (read: I'm fine with it being MIT for oxc).
This PR is a complete feature in its own right, but does not represent the end of this work. See oxc-project/backlog#116 to track overall progress.