@sap/eslint-plugin-cds
Advanced tools
Comparing version 2.6.3 to 2.6.4
@@ -9,2 +9,14 @@ # Changelog | ||
## [2.6.4] - 2023-11-02 | ||
### Added | ||
- New `auth-restrict-grant-service` rule that validates events on restricted services. | ||
### Fixed | ||
- In _no-join-on-draft_, do not run check if there is no valid query. | ||
- In _auth-valid-restrict-where_, do not consider when missing expression references. | ||
## [2.6.3] - 2023-02-13 | ||
@@ -11,0 +23,0 @@ |
@@ -7,2 +7,3 @@ 'use strict' | ||
'@sap/cds/auth-use-requires': 2, | ||
'@sap/cds/auth-restrict-grant-service': 2, | ||
'@sap/cds/auth-valid-restrict-grant': 2, | ||
@@ -9,0 +10,0 @@ '@sap/cds/auth-valid-restrict-keys': 2, |
@@ -7,2 +7,3 @@ 'use strict' | ||
'@sap/cds/auth-use-requires': 1, | ||
'@sap/cds/auth-restrict-grant-service': 2, | ||
'@sap/cds/auth-valid-restrict-grant': 1, | ||
@@ -9,0 +10,0 @@ '@sap/cds/auth-valid-restrict-keys': 1, |
@@ -127,3 +127,3 @@ /** | ||
let name = obj.name | ||
if (['entity', 'service'].includes(obj.kind)) { | ||
if (['action', 'entity', 'function', 'service'].includes(obj.kind)) { | ||
name = splitDefName(obj).name | ||
@@ -130,0 +130,0 @@ } |
const cds = require('@sap/cds') | ||
const VALID_PSEUDO_ROLES = ['authenticated-user', 'system-user', 'any'] | ||
module.exports = { | ||
@@ -53,3 +51,2 @@ meta: { | ||
}) | ||
const ROLES = USER_ROLES.concat(VALID_PSEUDO_ROLES) | ||
@@ -62,5 +59,4 @@ if (e['@restrict']) { | ||
if (whereValues && typeof whereValues === 'string') { | ||
let cxn | ||
try { | ||
cxn = cds.parse.expr(entry.where) | ||
cds.parse.expr(entry.where) | ||
} catch (err) { | ||
@@ -73,16 +69,2 @@ context.report({ | ||
} | ||
if (cxn && cxn.xpr) { | ||
const operator = cxn.xpr[1] | ||
const role = cxn.xpr[2].ref | ||
if (operator === '=') { | ||
const isValidRole = role === '$user' || ROLES.includes(role) | ||
if (!isValidRole) { | ||
context.report({ | ||
message: `Invalid \`where\` expression, role ${role} not found.`, | ||
node, | ||
file | ||
}) | ||
} | ||
} | ||
} | ||
} | ||
@@ -89,0 +71,0 @@ } |
@@ -8,2 +8,3 @@ const Cache = require('../utils/Cache') | ||
'auth-use-requires': () => createRule(require('./auth-use-requires')), | ||
'auth-restrict-grant-service': () => createRule(require('./auth-restrict-grant-service')), | ||
'auth-valid-restrict-grant': () => createRule(require('./auth-valid-restrict-grant')), | ||
@@ -10,0 +11,0 @@ 'auth-valid-restrict-keys': () => createRule(require('./auth-valid-restrict-keys')), |
@@ -0,1 +1,3 @@ | ||
const { dirname } = require('path') | ||
const cds = require('@sap/cds') | ||
@@ -14,3 +16,6 @@ | ||
create (context) { | ||
const { db = { kind: 'sql' } } = cds.env.requires | ||
let dir = context.getFilename() | ||
dir = dirname(dir) | ||
const { requires } = cds.env.for('cds', dir) | ||
if (requires.db?.kind !== 'sqlite') return | ||
@@ -30,3 +35,3 @@ return { | ||
context.report({ | ||
message: `'${d.name}' is a reserved keyword in ${db.kind.toUpperCase()}`, | ||
message: `'${d.name}' is a reserved keyword in SQLite`, | ||
node: context.getNode(d), | ||
@@ -33,0 +38,0 @@ file: d.$location.file |
@@ -17,3 +17,3 @@ module.exports = { | ||
if (e['@odata.draft.enabled']) { | ||
if (e.query.SELECT.from.join) { | ||
if (e?.query?.SELECT?.from?.join) { | ||
context.report({ | ||
@@ -20,0 +20,0 @@ message: 'Do not use draft-enabled entities in views that make use of `JOIN`.', |
@@ -214,4 +214,5 @@ /** | ||
const cdscontext = Object.create(Object.getPrototypeOf(context), descriptors) | ||
const { parserServices } = context.sourceCode || context | ||
cdscontext.getModel = | ||
meta.model === 'inferred' ? context.parserServices.getInferredCsn : context.parserServices.getParsedCsn | ||
meta.model === 'inferred' ? parserServices.getInferredCsn : parserServices.getParsedCsn | ||
cdscontext.getEnvironment = () => { | ||
@@ -221,4 +222,4 @@ const options = context.options | ||
} | ||
cdscontext.getLocation = context.parserServices.getLocation | ||
cdscontext.getNode = Object.keys(context.parserServices).length > 0 ? context.parserServices.getNode : () => node | ||
cdscontext.getLocation = parserServices.getLocation | ||
cdscontext.getNode = Object.keys(parserServices).length > 0 ? parserServices.getNode : () => node | ||
return cdscontext | ||
@@ -225,0 +226,0 @@ } |
@@ -16,2 +16,3 @@ const fs = require('fs') | ||
const constants = require('../constants') | ||
const LOG = process.env.SILENT ? undefined : constants.log | ||
@@ -49,3 +50,3 @@ /** | ||
if (versionInternal) { | ||
console.log(`Updating internal rules from v>=${versionInternal}:\n${registry}\n`) | ||
LOG?.(`Updating internal rules from v>=${versionInternal}:\n${registry}\n`) | ||
const rulesInternal = getRules(docsPath, rulePath, testPath, versionInternal) | ||
@@ -60,3 +61,3 @@ genDocFiles(rulesInternal, docsPath) | ||
if (versionExternal) { | ||
console.log(`Updating external rules from v>=${versionExternal}:\n${npmRegistry}\n`) | ||
LOG?.(`Updating external rules from v>=${versionExternal}:\n${npmRegistry}\n`) | ||
const rulesExternal = getRules(docsPath, rulePath, testPath, versionExternal, release) | ||
@@ -70,3 +71,3 @@ genDocFiles(rulesExternal, docsPath, release) | ||
} | ||
console.log('Done!') | ||
LOG?.('Done!') | ||
} | ||
@@ -173,3 +174,3 @@ | ||
} catch (err) { | ||
console.log(`Failed to connect to ${registry} - check your connection and try again.`) | ||
LOG?.(`Failed to connect to ${registry} - check your connection and try again.`) | ||
exit(0) | ||
@@ -179,3 +180,3 @@ } | ||
if (!version) { | ||
console.log(`Failed to get latest plugin version from ${registry} - check your connection and try again.`) | ||
LOG?.(`Failed to get latest plugin version from ${registry} - check your connection and try again.`) | ||
exit(0) | ||
@@ -207,3 +208,3 @@ } | ||
if ((release && semver.satisfies(version, `<=${versionRequired}`)) || !release) { | ||
console.log(`${fileNumber}> preparing docs for ${ruleTestPath}`) | ||
LOG?.(`${fileNumber}> preparing docs for ${ruleTestPath}`) | ||
@@ -221,3 +222,3 @@ const details = ruleMeta.docs.description | ||
underConstruction = 'š§' | ||
console.log(` > š§ Rule '${rule}' still under construction.\n`) | ||
LOG?.(` > š§ Rule '${rule}' still under construction.\n`) | ||
} | ||
@@ -224,0 +225,0 @@ |
{ | ||
"name": "@sap/eslint-plugin-cds", | ||
"version": "2.6.3", | ||
"description": "ESLint plugin including recommended SAP Cloud Application Programming model and environment rules", | ||
"homepage": "https://cap.cloud.sap/", | ||
"keywords": [ | ||
"eslint", | ||
"eslint-plugin", | ||
"cds", | ||
"cds-lint", | ||
"cds-lint-plugin" | ||
], | ||
"author": "SAP SE (https://www.sap.com)", | ||
"license": "See LICENSE file", | ||
"main": "lib/index.js", | ||
"files": [ | ||
"lib/", | ||
"CHANGELOG.md", | ||
"LICENSE", | ||
"README.md" | ||
], | ||
"dependencies": { | ||
"@sap/cds": ">=5.6.0", | ||
"semver": "^7.3.4" | ||
}, | ||
"eslintConfig": { | ||
"extends": [ | ||
"eslint:recommended", | ||
"standard" | ||
] | ||
}, | ||
"peerDependencies": { | ||
"eslint": ">=7" | ||
}, | ||
"engines": { | ||
"node": ">=14" | ||
} | ||
} | ||
"name": "@sap/eslint-plugin-cds", | ||
"version": "2.6.4", | ||
"description": "ESLint plugin including recommended SAP Cloud Application Programming model and environment rules", | ||
"homepage": "https://cap.cloud.sap/", | ||
"keywords": [ | ||
"eslint", | ||
"eslint-plugin", | ||
"cds", | ||
"cds-lint", | ||
"cds-lint-plugin" | ||
], | ||
"author": "SAP SE (https://www.sap.com)", | ||
"license": "See LICENSE file", | ||
"main": "lib/index.js", | ||
"files": [ | ||
"lib/", | ||
"CHANGELOG.md", | ||
"LICENSE", | ||
"README.md" | ||
], | ||
"dependencies": { | ||
"@sap/cds": ">=5.6.0", | ||
"semver": "^7.3.4" | ||
}, | ||
"eslintConfig": { | ||
"extends": [ | ||
"eslint:recommended", | ||
"standard" | ||
] | ||
}, | ||
"peerDependencies": { | ||
"eslint": ">=7" | ||
}, | ||
"engines": { | ||
"node": ">=18" | ||
} | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Potential vulnerability
Supply chain riskInitial human review suggests the presence of a vulnerability in this package. It is pending further analysis and confirmation.
Found 1 instance in 1 package
112524
44
2561
2
14