-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathcred-class-field-type-options-password-missing.ts
81 lines (67 loc) · 2.12 KB
/
cred-class-field-type-options-password-missing.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
import { utils } from "../ast/utils";
import { getters } from "../ast/getters";
import {
CRED_SENSITIVE_CLASS_FIELDS,
FALSE_POSITIVE_CRED_SENSITIVE_CLASS_FIELDS,
} from "../constants";
const isFalsePositive = (fieldName: string) => {
if (fieldName.endsWith("Url")) return true;
return FALSE_POSITIVE_CRED_SENSITIVE_CLASS_FIELDS.includes(fieldName);
};
const isSensitive = (fieldName: string) => {
if (isFalsePositive(fieldName)) return false;
return CRED_SENSITIVE_CLASS_FIELDS.some((sensitiveField) =>
fieldName.toLowerCase().includes(sensitiveField.toLowerCase())
);
};
const sensitiveStrings = CRED_SENSITIVE_CLASS_FIELDS.map(
(i) => `\`${i}\``
).join(",");
export default utils.createRule({
name: utils.getRuleName(module),
meta: {
type: "problem",
docs: {
description: `In a sensitive string-type field, \`typeOptions.password\` must be set to \`true\` to obscure the input. A field name is sensitive if it contains the strings: ${sensitiveStrings}. See exceptions in source.`,
recommended: "strict",
},
fixable: "code",
schema: [],
messages: {
addPasswordAutofixable:
"Add `typeOptions.password` with `true` [autofixable]",
addPasswordNonAutofixable:
"Add `typeOptions.password` with `true` [non-autofixable]",
},
},
defaultOptions: [],
create(context) {
return {
ObjectExpression(node) {
const name = getters.nodeParam.getName(node);
if (!name || !isSensitive(name.value)) return;
const type = getters.nodeParam.getType(node);
if (!type || type.value !== "string") return;
const typeOptions = getters.nodeParam.getTypeOptions(node);
if (typeOptions?.value.password === true) return;
if (typeOptions) {
return context.report({
messageId: "addPasswordNonAutofixable",
node: typeOptions.ast,
// @TODO: Autofix this case
});
}
const { indentation, range } = utils.getInsertionArgs(type);
context.report({
messageId: "addPasswordAutofixable",
node: type.ast,
fix: (fixer) =>
fixer.insertTextAfterRange(
range,
`\n${indentation}typeOptions: { password: true },`
),
});
},
};
},
});