Skip to content

Commit 06cf078

Browse files
author
Sakshis
committed
modification in node-sequelize-hardcoded-secret-argument-javascript
1 parent cb79ed3 commit 06cf078

File tree

2 files changed

+53
-47
lines changed

2 files changed

+53
-47
lines changed

rules/javascript/security/node-sequelize-hardcoded-secret-argument-javascript.yml

Lines changed: 53 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -39,37 +39,59 @@ utils:
3939
has:
4040
stopBy: end
4141
kind: string_fragment
42-
- any:
43-
- follows:
44-
stopBy: end
45-
kind: lexical_declaration
46-
has:
47-
stopBy: end
48-
kind: variable_declarator
49-
has:
50-
stopBy: end
51-
kind: identifier
52-
pattern: $E
53-
- follows:
54-
stopBy: end
55-
kind: import_statement
56-
has:
57-
stopBy: end
58-
kind: import_clause
59-
has:
60-
stopBy: end
61-
kind: identifier
62-
pattern: $E
63-
- follows:
42+
- follows:
43+
stopBy: end
44+
any:
45+
- pattern: const $E = require('sequelize')
46+
- pattern: import $E from 'sequelize'
47+
- pattern: import * as $E from 'sequelize'
48+
- pattern: import {$E} from 'sequelize'
49+
MATCH_BLANK_PASSWORD_with_instance:
50+
kind: identifier
51+
pattern: $W
52+
inside:
53+
stopBy: end
54+
kind: lexical_declaration
55+
all:
56+
- has:
57+
stopBy: end
58+
kind: new_expression
59+
all:
60+
- has:
61+
stopBy: end
62+
kind: identifier
63+
pattern: $E
64+
- has:
65+
stopBy: end
66+
kind: arguments
67+
nthChild: 2
68+
has:
6469
stopBy: end
65-
kind: import_statement
66-
has:
67-
stopBy: end
68-
kind: import_clause
69-
has:
70-
stopBy: end
71-
kind: identifier
72-
pattern: $E
70+
kind: identifier
71+
nthChild: 3
72+
pattern: $W
73+
- follows:
74+
stopBy: end
75+
any:
76+
- pattern: const $E = require('sequelize')
77+
- pattern: import $E from 'sequelize'
78+
- pattern: import * as $E from 'sequelize'
79+
- pattern: import {$E} from 'sequelize'
80+
- follows:
81+
stopBy: end
82+
any:
83+
- pattern: $W = $R
84+
- pattern: let $W = $R
7385
rule:
86+
any:
87+
- kind: string
88+
matches: MATCH_BLANK_PASSWORD
89+
- kind: identifier
90+
matches: MATCH_BLANK_PASSWORD_with_instance
91+
constraints:
92+
R:
7493
kind: string
75-
matches: MATCH_BLANK_PASSWORD
94+
has:
95+
stopBy: neighbor
96+
kind: string_fragment
97+

tests/__snapshots__/node-sequelize-hardcoded-secret-argument-javascript-snapshot.yml

Lines changed: 0 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -42,14 +42,6 @@ snapshots:
4242
style: secondary
4343
start: 58
4444
end: 165
45-
- source: Sequelize
46-
style: secondary
47-
start: 6
48-
end: 15
49-
- source: Sequelize = require('sequelize')
50-
style: secondary
51-
start: 6
52-
end: 38
5345
- source: const Sequelize = require('sequelize');
5446
style: secondary
5547
start: 0
@@ -91,14 +83,6 @@ snapshots:
9183
style: secondary
9284
start: 59
9385
end: 117
94-
- source: Sequelize
95-
style: secondary
96-
start: 6
97-
end: 15
98-
- source: Sequelize = require('sequelize')
99-
style: secondary
100-
start: 6
101-
end: 38
10286
- source: const Sequelize = require('sequelize');
10387
style: secondary
10488
start: 0

0 commit comments

Comments
 (0)