UNPKG

@typescript-eslint/eslint-plugin/dist/rules/no-implied-eval.js

Version:

6.93 kBJavaScriptView Raw

1"use strict";
2var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
  if (k2 === undefined) k2 = k;
  Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
5}) : (function(o, m, k, k2) {
  if (k2 === undefined) k2 = k;
  o[k2] = m[k];
8}));
9var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
  Object.defineProperty(o, "default", { enumerable: true, value: v });
11}) : function(o, v) {
  o["default"] = v;
13});
14var __importStar = (this && this.__importStar) || function (mod) {
  if (mod && mod.__esModule) return mod;
  var result = {};
  if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
  __setModuleDefault(result, mod);
  return result;
20};
21Object.defineProperty(exports, "__esModule", { value: true });
22const ts = __importStar(require("typescript"));
23const utils_1 = require("@typescript-eslint/utils");
24const tsutils = __importStar(require("tsutils"));
25const util = __importStar(require("../util"));
26const FUNCTION_CONSTRUCTOR = 'Function';
27const GLOBAL_CANDIDATES = new Set(['global', 'window', 'globalThis']);
28const EVAL_LIKE_METHODS = new Set([
  'setImmediate',
  'setInterval',
  'setTimeout',
  'execScript',
33]);
34exports.default = util.createRule({
  name: 'no-implied-eval',
  meta: {
      docs: {
          description: 'Disallow the use of `eval()`-like methods',
          recommended: 'error',
          extendsBaseRule: true,
          requiresTypeChecking: true,
      },
      messages: {
          noImpliedEvalError: 'Implied eval. Consider passing a function.',
          noFunctionConstructor: 'Implied eval. Do not use the Function constructor to create functions.',
      },
      schema: [],
      type: 'suggestion',
  },
  defaultOptions: [],
  create(context) {
      const parserServices = util.getParserServices(context);
      const program = parserServices.program;
      const checker = parserServices.program.getTypeChecker();
      function getCalleeName(node) {
          if (node.type === utils_1.AST_NODE_TYPES.Identifier) {
              return node.name;
          }
          if (node.type === utils_1.AST_NODE_TYPES.MemberExpression &&
              node.object.type === utils_1.AST_NODE_TYPES.Identifier &&
              GLOBAL_CANDIDATES.has(node.object.name)) {
              if (node.property.type === utils_1.AST_NODE_TYPES.Identifier) {
                  return node.property.name;
              }
              if (node.property.type === utils_1.AST_NODE_TYPES.Literal &&
                  typeof node.property.value === 'string') {
                  return node.property.value;
              }
          }
          return null;
      }
      function isFunctionType(node) {
          var _a;
          const tsNode = parserServices.esTreeNodeToTSNodeMap.get(node);
          const type = checker.getTypeAtLocation(tsNode);
          const symbol = type.getSymbol();
          if (symbol &&
              tsutils.isSymbolFlagSet(symbol, ts.SymbolFlags.Function | ts.SymbolFlags.Method)) {
              return true;
          }
          if (symbol && symbol.escapedName === FUNCTION_CONSTRUCTOR) {
              const declarations = (_a = symbol.getDeclarations()) !== null && _a !== void 0 ? _a : [];
              for (const declaration of declarations) {
                  const sourceFile = declaration.getSourceFile();
                  if (program.isSourceFileDefaultLibrary(sourceFile)) {
                      return true;
                  }
              }
          }
          const signatures = checker.getSignaturesOfType(type, ts.SignatureKind.Call);
          return signatures.length > 0;
      }
      function isBind(node) {
          return node.type === utils_1.AST_NODE_TYPES.MemberExpression
              ? isBind(node.property)
              : node.type === utils_1.AST_NODE_TYPES.Identifier && node.name === 'bind';
      }
      function isFunction(node) {
          switch (node.type) {
              case utils_1.AST_NODE_TYPES.ArrowFunctionExpression:
              case utils_1.AST_NODE_TYPES.FunctionDeclaration:
              case utils_1.AST_NODE_TYPES.FunctionExpression:
                  return true;
              case utils_1.AST_NODE_TYPES.Literal:
              case utils_1.AST_NODE_TYPES.TemplateLiteral:
                  return false;
              case utils_1.AST_NODE_TYPES.CallExpression:
                  return isBind(node.callee) || isFunctionType(node);
              default:
                  return isFunctionType(node);
          }
      }
      function isReferenceToGlobalFunction(calleeName) {
          const ref = context
              .getScope()
              .references.find(ref => ref.identifier.name === calleeName);
          // ensure it's the "global" version
          return !(ref === null || ref === void 0 ? void 0 : ref.resolved) || ref.resolved.defs.length === 0;
      }
      function checkImpliedEval(node) {
          var _a;
          const calleeName = getCalleeName(node.callee);
          if (calleeName === null) {
              return;
          }
          if (calleeName === FUNCTION_CONSTRUCTOR) {
              const tsNode = parserServices.esTreeNodeToTSNodeMap.get(node.callee);
              const type = checker.getTypeAtLocation(tsNode);
              const symbol = type.getSymbol();
              if (symbol) {
                  const declarations = (_a = symbol.getDeclarations()) !== null && _a !== void 0 ? _a : [];
                  for (const declaration of declarations) {
                      const sourceFile = declaration.getSourceFile();
                      if (program.isSourceFileDefaultLibrary(sourceFile)) {
                          context.report({ node, messageId: 'noFunctionConstructor' });
                          return;
                      }
                  }
              }
              else {
                  context.report({ node, messageId: 'noFunctionConstructor' });
                  return;
              }
          }
          if (node.arguments.length === 0) {
              return;
          }
          const [handler] = node.arguments;
          if (EVAL_LIKE_METHODS.has(calleeName) &&
              !isFunction(handler) &&
              isReferenceToGlobalFunction(calleeName)) {
              context.report({ node: handler, messageId: 'noImpliedEvalError' });
          }
      }
      return {
          NewExpression: checkImpliedEval,
          CallExpression: checkImpliedEval,
      };
  },
160});
161//# sourceMappingURL=no-implied-eval.js.map
\No newline at end of file

1	`"use strict";`
2	`var __createBinding = (this && this.__createBinding) \|\| (Object.create ? (function(o, m, k, k2) {`
3	`if (k2 === undefined) k2 = k;`
4	`Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });`
5	`}) : (function(o, m, k, k2) {`
6	`if (k2 === undefined) k2 = k;`
7	`o[k2] = m[k];`
8	`}));`
9	`var __setModuleDefault = (this && this.__setModuleDefault) \|\| (Object.create ? (function(o, v) {`
10	`Object.defineProperty(o, "default", { enumerable: true, value: v });`
11	`}) : function(o, v) {`
12	`o["default"] = v;`
13	`});`
14	`var __importStar = (this && this.__importStar) \|\| function (mod) {`
15	`if (mod && mod.__esModule) return mod;`
16	`var result = {};`
17	`if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);`
18	`__setModuleDefault(result, mod);`
19	`return result;`
20	`};`
21	`Object.defineProperty(exports, "__esModule", { value: true });`
22	`const ts = __importStar(require("typescript"));`
23	`const utils_1 = require("@typescript-eslint/utils");`
24	`const tsutils = __importStar(require("tsutils"));`
25	`const util = __importStar(require("../util"));`
26	`const FUNCTION_CONSTRUCTOR = 'Function';`
27	`const GLOBAL_CANDIDATES = new Set(['global', 'window', 'globalThis']);`
28	`const EVAL_LIKE_METHODS = new Set([`
29	`'setImmediate',`
30	`'setInterval',`
31	`'setTimeout',`
32	`'execScript',`
33	`]);`
34	`exports.default = util.createRule({`
35	`name: 'no-implied-eval',`
36	`meta: {`
37	`docs: {`
38	description: 'Disallow the use of `eval()`-like methods',
39	`recommended: 'error',`
40	`extendsBaseRule: true,`
41	`requiresTypeChecking: true,`
42	`},`
43	`messages: {`
44	`noImpliedEvalError: 'Implied eval. Consider passing a function.',`
45	`noFunctionConstructor: 'Implied eval. Do not use the Function constructor to create functions.',`
46	`},`
47	`schema: [],`
48	`type: 'suggestion',`
49	`},`
50	`defaultOptions: [],`
51	`create(context) {`
52	`const parserServices = util.getParserServices(context);`
53	`const program = parserServices.program;`
54	`const checker = parserServices.program.getTypeChecker();`
55	`function getCalleeName(node) {`
56	`if (node.type === utils_1.AST_NODE_TYPES.Identifier) {`
57	`return node.name;`
58	`}`
59	`if (node.type === utils_1.AST_NODE_TYPES.MemberExpression &&`
60	`node.object.type === utils_1.AST_NODE_TYPES.Identifier &&`
61	`GLOBAL_CANDIDATES.has(node.object.name)) {`
62	`if (node.property.type === utils_1.AST_NODE_TYPES.Identifier) {`
63	`return node.property.name;`
64	`}`
65	`if (node.property.type === utils_1.AST_NODE_TYPES.Literal &&`
66	`typeof node.property.value === 'string') {`
67	`return node.property.value;`
68	`}`
69	`}`
70	`return null;`
71	`}`
72	`function isFunctionType(node) {`
73	`var _a;`
74	`const tsNode = parserServices.esTreeNodeToTSNodeMap.get(node);`
75	`const type = checker.getTypeAtLocation(tsNode);`
76	`const symbol = type.getSymbol();`
77	`if (symbol &&`
78	`tsutils.isSymbolFlagSet(symbol, ts.SymbolFlags.Function \| ts.SymbolFlags.Method)) {`
79	`return true;`
80	`}`
81	`if (symbol && symbol.escapedName === FUNCTION_CONSTRUCTOR) {`
82	`const declarations = (_a = symbol.getDeclarations()) !== null && _a !== void 0 ? _a : [];`
83	`for (const declaration of declarations) {`
84	`const sourceFile = declaration.getSourceFile();`
85	`if (program.isSourceFileDefaultLibrary(sourceFile)) {`
86	`return true;`
87	`}`
88	`}`
89	`}`
90	`const signatures = checker.getSignaturesOfType(type, ts.SignatureKind.Call);`
91	`return signatures.length > 0;`
92	`}`
93	`function isBind(node) {`
94	`return node.type === utils_1.AST_NODE_TYPES.MemberExpression`
95	`? isBind(node.property)`
96	`: node.type === utils_1.AST_NODE_TYPES.Identifier && node.name === 'bind';`
97	`}`
98	`function isFunction(node) {`
99	`switch (node.type) {`
100	`case utils_1.AST_NODE_TYPES.ArrowFunctionExpression:`
101	`case utils_1.AST_NODE_TYPES.FunctionDeclaration:`
102	`case utils_1.AST_NODE_TYPES.FunctionExpression:`
103	`return true;`
104	`case utils_1.AST_NODE_TYPES.Literal:`
105	`case utils_1.AST_NODE_TYPES.TemplateLiteral:`
106	`return false;`
107	`case utils_1.AST_NODE_TYPES.CallExpression:`
108	`return isBind(node.callee) \|\| isFunctionType(node);`
109	`default:`
110	`return isFunctionType(node);`
111	`}`
112	`}`
113	`function isReferenceToGlobalFunction(calleeName) {`
114	`const ref = context`
115	`.getScope()`
116	`.references.find(ref => ref.identifier.name === calleeName);`
117	`// ensure it's the "global" version`
118	`return !(ref === null \|\| ref === void 0 ? void 0 : ref.resolved) \|\| ref.resolved.defs.length === 0;`
119	`}`
120	`function checkImpliedEval(node) {`
121	`var _a;`
122	`const calleeName = getCalleeName(node.callee);`
123	`if (calleeName === null) {`
124	`return;`
125	`}`
126	`if (calleeName === FUNCTION_CONSTRUCTOR) {`
127	`const tsNode = parserServices.esTreeNodeToTSNodeMap.get(node.callee);`
128	`const type = checker.getTypeAtLocation(tsNode);`
129	`const symbol = type.getSymbol();`
130	`if (symbol) {`
131	`const declarations = (_a = symbol.getDeclarations()) !== null && _a !== void 0 ? _a : [];`
132	`for (const declaration of declarations) {`
133	`const sourceFile = declaration.getSourceFile();`
134	`if (program.isSourceFileDefaultLibrary(sourceFile)) {`
135	`context.report({ node, messageId: 'noFunctionConstructor' });`
136	`return;`
137	`}`
138	`}`
139	`}`
140	`else {`
141	`context.report({ node, messageId: 'noFunctionConstructor' });`
142	`return;`
143	`}`
144	`}`
145	`if (node.arguments.length === 0) {`
146	`return;`
147	`}`
148	`const [handler] = node.arguments;`
149	`if (EVAL_LIKE_METHODS.has(calleeName) &&`
150	`!isFunction(handler) &&`
151	`isReferenceToGlobalFunction(calleeName)) {`
152	`context.report({ node: handler, messageId: 'noImpliedEvalError' });`
153	`}`
154	`}`
155	`return {`
156	`NewExpression: checkImpliedEval,`
157	`CallExpression: checkImpliedEval,`
158	`};`
159	`},`
160	`});`
161	`//# sourceMappingURL=no-implied-eval.js.map`
\	No newline at end of file