Documentation
¶
Overview ¶
cspell:ignore sctx
cspell:ignore unshadowed logicals recognises pname
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var NoImpliedEvalRule = rule.Rule{ Name: "no-implied-eval", Run: func(ctx rule.RuleContext, options any) rule.RuleListeners { sctx := newStrCtx(ctx) return rule.RuleListeners{ ast.KindCallExpression: func(node *ast.Node) { call := node.AsCallExpression() if call == nil { return } callee := ast.SkipOuterExpressions(call.Expression, calleeOuterKinds) if callee == nil { return } var calleeName string switch callee.Kind { case ast.KindIdentifier: name := callee.AsIdentifier().Text if !slices.Contains(evalLikeFunctions, name) { return } if utils.IsShadowed(callee, name) { return } calleeName = name case ast.KindPropertyAccessExpression, ast.KindElementAccessExpression: name, ok := utils.AccessExpressionStaticName(callee) if !ok || !slices.Contains(evalLikeFunctions, name) { return } if !isGlobalCandidateChain(utils.AccessExpressionObject(callee)) { return } calleeName = name default: return } if call.Arguments == nil || len(call.Arguments.Nodes) == 0 { return } firstArg := call.Arguments.Nodes[0] if !sctx.isString(firstArg) { return } if calleeName == "execScript" { ctx.ReportNode(node, buildExecScriptMessage()) } else { ctx.ReportNode(node, buildImpliedEvalMessage()) } }, } }, }
Functions ¶
This section is empty.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.