github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-22 15:20:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update checked-in dependencies

Browse Source
This commit is contained in:
github-actions[bot]
2021-07-27 16:54:26 +00:00
parent 6b0d45a5c6
commit cc1adb825a
4247 changed files with 144820 additions and 149530 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
node_modules/eslint-plugin-github/lib/rules/array-foreach.js generated vendored
View File

@@ -1,6 +1,10 @@
module.exports = {
meta: {
docs: {},
type: 'suggestion',
docs: {
description: 'enforce `for..of` loops over `Array.forEach`',
url: require('../url')(module)
},
schema: []
},
@@ -8,7 +12,7 @@ module.exports = {
return {
CallExpression(node) {
if (node.callee.property && node.callee.property.name === 'forEach') {
context.report(node, 'Prefer for...of instead of Array.forEach')
context.report({node, message: 'Prefer for...of instead of Array.forEach'})
}
}
}

8
node_modules/eslint-plugin-github/lib/rules/async-currenttarget.js generated vendored
View File

@@ -1,6 +1,10 @@
module.exports = {
meta: {
docs: {},
type: 'problem',
docs: {
description: 'disallow `event.currentTarget` calls inside of async functions',
url: require('../url')(module)
},
schema: []
},
@@ -15,7 +19,7 @@ module.exports = {
if (node.property && node.property.name === 'currentTarget') {
const scope = context.getScope()
if (scope.block.async && scopeDidWait.has(scope)) {
context.report(node, 'event.currentTarget inside an async function is error prone')
context.report({node, message: 'event.currentTarget inside an async function is error prone'})
}
}
}

8
node_modules/eslint-plugin-github/lib/rules/async-preventdefault.js generated vendored
View File

@@ -1,6 +1,10 @@
module.exports = {
meta: {
docs: {},
type: 'problem',
docs: {
description: 'disallow `event.preventDefault` calls inside of async functions',
url: require('../url')(module)
},
schema: []
},
@@ -15,7 +19,7 @@ module.exports = {
if (node.callee.property && node.callee.property.name === 'preventDefault') {
const scope = context.getScope()
if (scope.block.async && scopeDidWait.has(scope)) {
context.report(node, 'event.preventDefault() inside an async function is error prone')
context.report({node, message: 'event.preventDefault() inside an async function is error prone'})
}
}
}

13
node_modules/eslint-plugin-github/lib/rules/authenticity-token.js generated vendored
View File

@@ -1,16 +1,21 @@
module.exports = {
meta: {
docs: {},
type: 'problem',
docs: {
description: 'disallow usage of CSRF tokens in JavaScript',
url: require('../url')(module)
},
schema: []
},
create(context) {
function checkAuthenticityTokenUsage(node, str) {
if (str.includes('authenticity_token')) {
context.report(
context.report({
node,
'Form CSRF tokens (authenticity tokens) should not be created in JavaScript and their values should not be used directly for XHR requests.'
)
message:
'Form CSRF tokens (authenticity tokens) should not be created in JavaScript and their values should not be used directly for XHR requests.'
})
}
}

46
node_modules/eslint-plugin-github/lib/rules/get-attribute.js generated vendored
View File

@@ -17,28 +17,36 @@ function isValidAttribute(name) {
return validSVGAttributeSet.has(name) || (validAttributeName.test(name) && !invalidSVGAttributeSet.has(name))
}
module.exports = function(context) {
return {
CallExpression(node) {
if (!node.callee.property) return
module.exports = {
meta: {
type: 'problem',
docs: {
description: 'disallow wrong usage of attribute names',
url: require('../url')(module)
},
fixable: 'code',
schema: []
},
create(context) {
return {
CallExpression(node) {
if (!node.callee.property) return
const calleeName = node.callee.property.name
if (!attributeCalls.test(calleeName)) return
const calleeName = node.callee.property.name
if (!attributeCalls.test(calleeName)) return
const attributeNameNode = node.arguments[0]
if (!attributeNameNode) return
const attributeNameNode = node.arguments[0]
if (!attributeNameNode) return
if (!isValidAttribute(attributeNameNode.value)) {
context.report({
meta: {
fixable: 'code'
},
node: attributeNameNode,
message: 'Attributes should be lowercase and hyphen separated, or part of the SVG whitelist.',
fix(fixer) {
return fixer.replaceText(attributeNameNode, `'${attributeNameNode.value.toLowerCase()}'`)
}
})
if (!isValidAttribute(attributeNameNode.value)) {
context.report({
node: attributeNameNode,
message: 'Attributes should be lowercase and hyphen separated, or part of the SVG whitelist.',
fix(fixer) {
return fixer.replaceText(attributeNameNode, `'${attributeNameNode.value.toLowerCase()}'`)
}
})
}
}
}
}

10
node_modules/eslint-plugin-github/lib/rules/js-class-name.js generated vendored
View File

@@ -1,6 +1,10 @@
module.exports = {
meta: {
docs: {},
type: 'suggestion',
docs: {
description: 'enforce a naming convention for js- prefixed classes',
url: require('../url')(module)
},
schema: []
},
@@ -13,14 +17,14 @@ module.exports = {
const matches = str.match(allJsClassNameRegexp) || []
for (const match of matches) {
if (!match.match(validJsClassNameRegexp)) {
context.report(node, 'js- class names should be lowercase and only contain dashes.')
context.report({node, message: 'js- class names should be lowercase and only contain dashes.'})
}
}
}
function checkStringEndsWithJSClassName(node, str) {
if (str.match(endWithJsClassNameRegexp)) {
context.report(node, 'js- class names should be statically defined.')
context.report({node, message: 'js- class names should be statically defined.'})
}
}

22
node_modules/eslint-plugin-github/lib/rules/no-blur.js generated vendored
View File

@@ -1,11 +1,19 @@
module.exports = function(context) {
return {
CallExpression(node) {
if (node.callee.property && node.callee.property.name === 'blur') {
context.report(node, 'Do not use element.blur(), instead restore the focus of a previous element.')
module.exports = {
meta: {
type: 'problem',
docs: {
description: 'disallow usage of `Element.prototype.blur()`',
url: require('../url')(module)
},
schema: []
},
create(context) {
return {
CallExpression(node) {
if (node.callee.property && node.callee.property.name === 'blur') {
context.report({node, message: 'Do not use element.blur(), instead restore the focus of a previous element.'})
}
}
}
}
}
module.exports.schema = []

8
node_modules/eslint-plugin-github/lib/rules/no-d-none.js generated vendored
View File

@@ -1,4 +1,12 @@
module.exports = {
meta: {
type: 'problem',
docs: {
description: 'disallow usage the `d-none` CSS class',
url: require('../url')(module)
},
schema: []
},
create(context) {
return {
CallExpression(node) {

8
node_modules/eslint-plugin-github/lib/rules/no-dataset.js generated vendored
View File

@@ -1,6 +1,10 @@
module.exports = {
meta: {
docs: {},
type: 'problem',
docs: {
description: 'enforce usage of `Element.prototype.getAttribute` instead of `Element.prototype.datalist`',
url: require('../url')(module)
},
schema: []
},
@@ -8,7 +12,7 @@ module.exports = {
return {
MemberExpression(node) {
if (node.property && node.property.name === 'dataset') {
context.report(node, "Use getAttribute('data-your-attribute') instead of dataset.")
context.report({node, message: "Use getAttribute('data-your-attribute') instead of dataset."})
}
}
}

8
node_modules/eslint-plugin-github/lib/rules/no-implicit-buggy-globals.js generated vendored
View File

@@ -1,6 +1,10 @@
module.exports = {
meta: {
docs: {},
type: 'problem',
docs: {
description: 'disallow implicit global variables',
url: require('../url')(module)
},
schema: []
},
@@ -21,7 +25,7 @@ module.exports = {
(def.type === 'Variable' && def.parent.kind === 'const') ||
(def.type === 'Variable' && def.parent.kind === 'let')
) {
context.report(def.node, 'Implicit global variable, assign as global property instead.')
context.report({node: def.node, message: 'Implicit global variable, assign as global property instead.'})
}
}
}

9
node_modules/eslint-plugin-github/lib/rules/no-innerText.js generated vendored
View File

@@ -1,7 +1,12 @@
module.exports = {
meta: {
docs: {},
fixable: 'code'
type: 'problem',
docs: {
description: 'disallow `Element.prototype.innerText` in favor of `Element.prototype.textContent`',
url: require('../url')(module)
},
fixable: 'code',
schema: []
},
create(context) {

11
node_modules/eslint-plugin-github/lib/rules/no-then.js generated vendored
View File

@@ -1,15 +1,20 @@
module.exports = {
meta: {
docs: {}
type: 'suggestion',
docs: {
description: 'enforce using `async/await` syntax over Promises',
url: require('../url')(module)
},
schema: []
},
create(context) {
return {
MemberExpression(node) {
if (node.property && node.property.name === 'then') {
context.report(node.property, 'Prefer async/await to Promise.then()')
context.report({node: node.property, message: 'Prefer async/await to Promise.then()'})
} else if (node.property && node.property.name === 'catch') {
context.report(node.property, 'Prefer async/await to Promise.catch()')
context.report({node: node.property, message: 'Prefer async/await to Promise.catch()'})
}
}
}

11
node_modules/eslint-plugin-github/lib/rules/no-useless-passive.js generated vendored
View File

@@ -4,13 +4,18 @@ const propIsPassiveTrue = prop => prop.key && prop.key.name === 'passive' && pro
module.exports = {
meta: {
docs: {},
fixable: 'code'
type: 'suggestion',
docs: {
description: 'disallow marking a event handler as passive when it has no effect',
url: require('../url')(module)
},
fixable: 'code',
schema: []
},
create(context) {
return {
['CallExpression[callee.property.name="addEventListener"]']: function(node) {
['CallExpression[callee.property.name="addEventListener"]']: function (node) {
const [name, listener, options] = node.arguments
if (name.type !== 'Literal') return
if (passiveEventListenerNames.has(name.value)) return

10
node_modules/eslint-plugin-github/lib/rules/prefer-observers.js generated vendored
View File

@@ -4,13 +4,17 @@ const observerMap = {
}
module.exports = {
meta: {
docs: {},
fixable: 'code'
type: 'suggestion',
docs: {
description: 'disallow poorly performing event listeners',
url: require('../url')(module)
},
schema: []
},
create(context) {
return {
['CallExpression[callee.property.name="addEventListener"]']: function(node) {
['CallExpression[callee.property.name="addEventListener"]']: function (node) {
const [name] = node.arguments
if (name.type !== 'Literal') return
if (!(name.value in observerMap)) return

11
node_modules/eslint-plugin-github/lib/rules/require-passive-events.js generated vendored
View File

@@ -4,18 +4,23 @@ const propIsPassiveTrue = prop => prop.key && prop.key.name === 'passive' && pro
module.exports = {
meta: {
docs: {}
type: 'suggestion',
docs: {
description: 'enforce marking high frequency event handlers as passive',
url: require('../url')(module)
},
schema: []
},
create(context) {
return {
['CallExpression[callee.property.name="addEventListener"]']: function(node) {
['CallExpression[callee.property.name="addEventListener"]']: function (node) {
const [name, listener, options] = node.arguments
if (!listener) return
if (name.type !== 'Literal') return
if (!passiveEventListenerNames.has(name.value)) return
if (options && options.type === 'ObjectExpression' && options.properties.some(propIsPassiveTrue)) return
context.report(node, `High Frequency Events like "${name.value}" should be \`passive: true\``)
context.report({node, message: `High Frequency Events like "${name.value}" should be \`passive: true\``})
}
}
}

41
node_modules/eslint-plugin-github/lib/rules/unescaped-html-literal.js generated vendored
View File

@@ -1,24 +1,35 @@
module.exports = function(context) {
const htmlOpenTag = /^<[a-zA-Z]/
const message = 'Unescaped HTML literal. Use html`` tag template literal for secure escaping.'
return {
Literal(node) {
if (!htmlOpenTag.test(node.value)) return
context.report({
node,
message
})
module.exports = {
meta: {
type: 'problem',
docs: {
description: 'disallow unesaped HTML literals',
url: require('../url')(module)
},
TemplateLiteral(node) {
if (!htmlOpenTag.test(node.quasis[0].value.raw)) return
schema: []
},
create(context) {
const htmlOpenTag = /^<[a-zA-Z]/
const message = 'Unescaped HTML literal. Use html`` tag template literal for secure escaping.'
return {
Literal(node) {
if (!htmlOpenTag.test(node.value)) return
if (!node.parent.tag || node.parent.tag.name !== 'html') {
context.report({
node,
message
})
},
TemplateLiteral(node) {
if (!htmlOpenTag.test(node.quasis[0].value.raw)) return
if (!node.parent.tag || node.parent.tag.name !== 'html') {
context.report({
node,
message
})
}
}
}
}