🚀. Socket Launch Week Day 3:Socket Firewall Now Blocks Malicious VS Code and Open VSX Extensions.Learn more
Sign In

@endo/eslint-plugin

Package Overview
Dependencies
Maintainers
5
Versions
53
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@endo/eslint-plugin - npm Package Compare versions

Comparing version
2.3.2
 to
2.4.0
+87
lib/configs/ses.js
// Some additional rules to ensure that SES and its dependencies are less
// vulnerable to corruption due to misbehavior of so-called vetted dependencies
// between initialization and lockdown.
// We forbid consulting globalThis after initialization, to the extent that is
// possible with a list of disallowed globals.
// We would much prefer to forbid accessing any free variables if we found a
// mechanism to do that in eslint.
// We also forbid method invocation on intrinsics, since these can be
// overridden between initialization and lockdown.
// We would forbid invoking any method or using syntax that has an internal
// polymorphic protocol if we practically could.
module.exports = {
extends: ['plugin:@endo/internal'],
rules: {
'no-restricted-globals': [
'error',
'AggregateError',
'Array',
'ArrayBuffer',
'Atomics',
'BigInt',
'BigInt64Array',
'BigUint64Array',
'Boolean',
'Compartment',
'DataView',
'Date',
'Error',
'EvalError',
'Float32Array',
'Float64Array',
'Function',
'HandledPromise',
'Int16Array',
'Int32Array',
'Int8Array',
'JSON',
'Map',
'Math',
'Number',
'Object',
'Promise',
'Proxy',
'RangeError',
'ReferenceError',
'Reflect',
'RegExp',
'Set',
'SharedArrayBuffer',
'String',
'Symbol',
'SyntaxError',
'TypeError',
'URIError',
'Uint16Array',
'Uint32Array',
'Uint8Array',
'Uint8ClampedArray',
'WeakMap',
'WeakSet',
'assert',
'decodeURI',
'decodeURIComponent',
'encodeURI',
'encodeURIComponent',
'escape',
'eval',
'globalThis',
'isFinite',
'isNaN',
'lockdown',
'parseFloat',
'parseInt',
'unescape',
],
'@endo/no-polymorphic-call': 'error',
},
overrides: [
{
files: ['test/**/*.js', 'demos/**/*.js', 'scripts/**/*.js'],
rules: {
'no-restricted-globals': 'off',
'@endo/no-polymorphic-call': 'off',
},
},
],
};
+0
-1
lib/configs/internal.js
/* eslint-env node */
const path = require('path');
const process = require('process');

@@ -5,0 +4,0 @@ const dynamicConfig = {

+4
-3
lib/index.js

@@ -5,2 +5,3 @@ /**

*/
'use strict';

@@ -12,3 +13,3 @@

var requireIndex = require('requireindex');
const requireIndex = require('requireindex');

@@ -20,3 +21,3 @@ //------------------------------------------------------------------------------

// import all rules in lib/rules
module.exports.rules = requireIndex(__dirname + '/rules');
module.exports.configs = requireIndex(__dirname + '/configs');
module.exports.rules = requireIndex(`${__dirname}/rules`);
module.exports.configs = requireIndex(`${__dirname}/configs`);
+6
-2
lib/rules/assert-fail-as-throw.js

@@ -0,1 +1,4 @@

/* eslint-disable global-require */
/* eslint-disable import/no-dynamic-require */
/* eslint-disable no-use-before-define */
/**

@@ -8,2 +11,3 @@ * @author Toru Nagashima

*/
'use strict';

@@ -62,3 +66,3 @@

// Fires leaving events.
for (i = 0; i < end; ++i) {
for (i = 0; i < end; i += 1) {
currentSegment = currentSegments[i];

@@ -78,3 +82,3 @@ headSegment = headSegments[i];

// Fires entering events.
for (i = 0; i < end; ++i) {
for (i = 0; i < end; i += 1) {
currentSegment = currentSegments[i];

@@ -81,0 +85,0 @@ headSegment = headSegments[i];

+6
-5
lib/rules/harden-exports.js

@@ -0,1 +1,2 @@

/* eslint-disable func-names */
/**

@@ -31,7 +32,7 @@ * @module Ensure each named export is followed by a call to `harden` function

* @param {Rule.RuleContext} context - The rule context.
* @returns {Object} The visitor object.
* @returns {object} The visitor object.
*/
create(context) {
/** @type {Array<ESTree.ExportNamedDeclaration & Rule.NodeParentExtension>} */
let exportNodes = [];
const exportNodes = [];

@@ -43,3 +44,3 @@ return {

},
'Program:exit'() {
'Program:exit': function () {
const sourceCode = context.getSourceCode();

@@ -49,3 +50,3 @@

/** @type {string[]} */
let exportNames = [];
const exportNames = [];
if (exportNode.declaration) {

@@ -101,3 +102,3 @@ // @ts-expect-error xxx typedef

message: `Named ${noun} '${missingHardenCalls.join(', ')}' should be followed by a call to 'harden'.`,
fix: function (fixer) {
fix(fixer) {
const hardenCalls = missingHardenCalls

@@ -104,0 +105,0 @@ .map(name => `harden(${name});`)

+2
-0
lib/rules/no-polymorphic-call.js

@@ -0,1 +1,3 @@

/* eslint-disable no-use-before-define */
'use strict';

@@ -2,0 +4,0 @@ 

+17
-16
lib/rules/restrict-comparison-operands.js

@@ -7,3 +7,2 @@ /* eslint-env node */

const ts = require('typescript');
const tsutils = require('tsutils');
const { ESLintUtils } = require('@typescript-eslint/utils');

@@ -13,11 +12,4 @@

const NONCOMPARABLE = Symbol('non-comparable type');
const NO_NODE_MAP = Symbol('unknown');
const getTypeFlags = type => {
let flags = 0;
for (const subType of tsutils.unionTypeParts(type)) {
flags |= subType.flags;
}
return flags;
};
const createRule = ESLintUtils.RuleCreator(

@@ -34,8 +26,4 @@ name =>

'require both operands of a comparison operator (`<`, `>`, `<=`, `>=`) to be compatible types, either both primitive strings or both primitive numerics (number or bigint)',
category: 'Possible Errors',
recommended: true,
requiresTypeChecking: true,
},
type: 'problem',
fixable: null,
messages: {

@@ -66,5 +54,10 @@ mismatch: 'Comparison of mismatched types',

const { parserServices } = context;
const typeChecker = parserServices?.program.getTypeChecker();
const { parserServices } = context.sourceCode;
const typeChecker = parserServices?.program?.getTypeChecker();
if (!typeChecker) {
// broken parserservices
return {};
}
const comparableTypeOf = type => {

@@ -111,3 +104,6 @@ if (type.flags & ts.TypeFlags.EnumLike) {

const comparableTypeOfASTNode = node => {
let typedNode = parserServices.esTreeNodeToTSNodeMap.get(node);
let typedNode = parserServices?.esTreeNodeToTSNodeMap?.get(node);
if (!typedNode) {
return NO_NODE_MAP;
}
for (

@@ -132,2 +128,7 @@ let wrapper = typedNode.parent;

if (leftType === NO_NODE_MAP || rightType === NO_NODE_MAP) {
// broken parserServices
return;
}
if (leftType === NONCOMPARABLE || rightType === NONCOMPARABLE) {

@@ -134,0 +135,0 @@ context.report({ node, messageId: 'invalidType' });

+20
-3
package.json
{
"name": "@endo/eslint-plugin",
"version": "2.3.2",
"version": "2.4.0",
"description": "ESLint plugin for using Endo",

@@ -16,3 +16,6 @@ "keywords": [

"build": "exit 0",
"lint-fix": "exit 0",
"lint": "yarn lint:types && yarn lint:eslint",
"lint-fix": "eslint --fix .",
"lint:eslint": "eslint .",
"lint:types": "tsc",
"postpack": "git clean -fX \"*.d.ts*\" \"*.d.cts*\" \"*.d.mts*\" \"*.tsbuildinfo\""

@@ -52,3 +55,17 @@ },

],
"gitHead": "03b92fc383da5d8bb4ea993b90149a0db5799d0b"
"eslintConfig": {
"extends": [
"plugin:@endo/internal"
],
"parserOptions": {
"sourceType": "script"
},
"rules": {
"import/extensions": "off"
},
"env": {
"node": true
}
},
"gitHead": "9815aea9541f241389d2135c6097a7442bdffa17"
}