-
-
Notifications
You must be signed in to change notification settings - Fork 107
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: extend detect non literal fs filename (#92)
* feat: rewritten detect-non-literal-fs-filename rule * detects multiple cases of possible imports of fs methods * many tests added to cover that cases * refactor: extract searching for ImportDeclaration and VariableDeclaration in utils * chore: added JSdoc, inlined fsPackagesNames, renamed sink terminology * chore: changed report params to object * chore: rename 'sink', remove '?.' for node 12 Co-authored-by: Bastian Gebhardt <Bastian Gebhardtgithub@buzz-t.eu>
- Loading branch information
Showing
4 changed files
with
440 additions
and
30 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
/** | ||
* Returns the ImportDeclaration for the import of the methodName from one of the packageNames | ||
* import { methodName as a } from 'packageName'; | ||
* | ||
* @param {Object} param0 | ||
* @param {string} param0.methodName | ||
* @param {string[]} param0.packageNames | ||
* @param {Object} param0.program The AST program object | ||
* @returns The ImportDeclaration for the import of the methodName from one of the packageNames | ||
*/ | ||
module.exports.getImportDeclaration = ({ methodName, packageNames, program }) => | ||
program.body.find((entry) => entry.type === 'ImportDeclaration' && packageNames.includes(entry.source.value) && entry.specifiers.some((s) => s.local.name === methodName)); | ||
|
||
/** | ||
* Returns the VariableDeclaration for a require based import | ||
* | ||
* @param {Object} param0 | ||
* @param {Function} param0.condition Optional function to check additional conditions on the resulting VariableDeclaration | ||
* @param {boolean} param0.hasObject Whether the information is received by declaration.init or declaration.init.object | ||
* @param {string[]} param0.packageNames The interesting packages the method is imported from | ||
* @param {Object} param0.program The AST program object | ||
* @returns | ||
*/ | ||
module.exports.getVariableDeclaration = ({ condition, hasObject, packageNames, program }) => | ||
program.body | ||
// a node import is a variable declaration | ||
.filter((entry) => entry.type === 'VariableDeclaration') | ||
// one var/let/const may contain multiple declarations, separated by comma, after the "=" sign | ||
.flatMap((d) => d.declarations) | ||
.find((d) => { | ||
const init = hasObject ? d.init.object : d.init; | ||
|
||
return ( | ||
init && | ||
init.callee && | ||
init.callee.name === 'require' && | ||
init.arguments[0].type === 'Literal' && | ||
packageNames.includes(init.arguments[0].value) && | ||
(!condition || condition(d)) | ||
); | ||
}); |
Oops, something went wrong.