From 621b86ece42bf930c86dfdc76adeb57de69c2b61 Mon Sep 17 00:00:00 2001 From: Lucas Date: Wed, 4 Dec 2019 19:35:39 -0300 Subject: [PATCH] feat(js-cli) eslint work by nothingismagick --- cli/tauri.js/.eslintrc.js | 31 +++++++++++++++++++---- cli/tauri.js/bin/tauri-init.js | 4 --- cli/tauri.js/bin/tauri.js | 1 + cli/tauri.js/helpers/copy-templates.js | 14 +++++------ cli/tauri.js/helpers/tauricon.js | 6 ++--- cli/tauri.js/package.json | 7 ++++-- cli/tauri.js/template.js | 4 +-- cli/tauri.js/yarn.lock | 35 +++++++++++++++++++++++--- 8 files changed, 76 insertions(+), 26 deletions(-) diff --git a/cli/tauri.js/.eslintrc.js b/cli/tauri.js/.eslintrc.js index baea75aaf..13553201a 100644 --- a/cli/tauri.js/.eslintrc.js +++ b/cli/tauri.js/.eslintrc.js @@ -5,11 +5,19 @@ module.exports = { }, extends: [ - "standard", - "plugin:lodash-template/recommended" + 'standard', + 'plugin:lodash-template/recommended', + 'plugin:node/recommended' ], - plugins: [], + 'parserOptions': { + 'ecmaVersion': 2020 + }, + + 'plugins': [ + 'node', + 'security' + ], globals: { __statics: true, @@ -19,8 +27,21 @@ module.exports = { // add your custom rules here rules: { // allow console.log during development only - "no-console": process.env.NODE_ENV === "production" ? "error" : "off", + 'no-console': process.env.NODE_ENV === 'production' ? 'error' : 'off', // allow debugger during development only - "no-debugger": process.env.NODE_ENV === "production" ? "error" : "off" + 'no-debugger': process.env.NODE_ENV === 'production' ? 'error' : 'off', + 'no-process-exit': 'off', + 'security/detect-non-literal-fs-filename': 'warn', + 'security/detect-unsafe-regex': 'error', + 'security/detect-buffer-noassert': 'error', + 'security/detect-child-process': 'warn', + 'security/detect-disable-mustache-escape': 'error', + 'security/detect-eval-with-expression': 'error', + 'security/detect-no-csrf-before-method-override': 'error', + 'security/detect-non-literal-regexp': 'error', + 'security/detect-non-literal-require': 'warn', + 'security/detect-object-injection': 'warn', + 'security/detect-possible-timing-attacks': 'error', + 'security/detect-pseudoRandomBytes': 'error' } } diff --git a/cli/tauri.js/bin/tauri-init.js b/cli/tauri.js/bin/tauri-init.js index 8666b69b1..a97dd490f 100644 --- a/cli/tauri.js/bin/tauri-init.js +++ b/cli/tauri.js/bin/tauri-init.js @@ -1,8 +1,4 @@ const parseArgs = require('minimist') -const appPaths = require('../helpers/app-paths') -const logger = require('../helpers/logger') -const log = logger('app:tauri') -const warn = logger('app:tauri (init)', 'red') /** * @type {object} diff --git a/cli/tauri.js/bin/tauri.js b/cli/tauri.js/bin/tauri.js index c0a9a3743..60af2333d 100755 --- a/cli/tauri.js/bin/tauri.js +++ b/cli/tauri.js/bin/tauri.js @@ -23,6 +23,7 @@ const tauri = function (command) { --help, -h Displays this message `) process.exit(0) + // eslint-disable-next-line no-unreachable return false// do this for node consumers and tests } if (cmds.includes(command)) { diff --git a/cli/tauri.js/helpers/copy-templates.js b/cli/tauri.js/helpers/copy-templates.js index 928287936..fc4b20328 100644 --- a/cli/tauri.js/helpers/copy-templates.js +++ b/cli/tauri.js/helpers/copy-templates.js @@ -1,11 +1,11 @@ // forked from https://github.com/quasarframework/quasar/blob/master/app/lib/app-extension/Extension.js -function renderFolders({ source, target, scope }) { +function renderFolders ({ source, target, scope }) { const - fs = require('fs-extra'), - { join, resolve } = require('path') - fglob = require('fast-glob'), - isBinary = require('isbinaryfile').isBinaryFileSync, - compileTemplate = require('lodash.template') + fs = require('fs-extra') + const { join, resolve } = require('path') + const fglob = require('fast-glob') + const isBinary = require('isbinaryfile').isBinaryFileSync + const compileTemplate = require('lodash.template') const files = fglob.sync(['**/*'], { cwd: source @@ -34,7 +34,7 @@ function renderFolders({ source, target, scope }) { } else { const rawContent = fs.readFileSync(sourcePath, 'utf-8') const template = compileTemplate(rawContent, { - 'interpolate': /<%=([\s\S]+?)%>/g + interpolate: /<%=([\s\S]+?)%>/g }) fs.writeFileSync(targetPath, template(scope), 'utf-8') } diff --git a/cli/tauri.js/helpers/tauricon.js b/cli/tauri.js/helpers/tauricon.js index 5137b9028..6600a7d3c 100644 --- a/cli/tauri.js/helpers/tauricon.js +++ b/cli/tauri.js/helpers/tauricon.js @@ -27,7 +27,7 @@ const warn = logger('app:spawn', 'red') const settings = require('./tauricon.config.js') let image = false -let spinnerInterval = false +const spinnerInterval = false const { access, @@ -172,7 +172,7 @@ const tauricon = exports.tauricon = { return typeof image === 'object' }, version: function () { - return require('../../package.json').version + return require('../package.json').version }, /** * @@ -184,7 +184,7 @@ const tauricon = exports.tauricon = { make: async function (src, target, strategy, options) { const spinnerInterval = spinner() options = options || settings.options.tauri - const valid = await this.validate(src, target) + await this.validate(src, target) progress('Building Tauri icns and ico') await this.icns(src, target, options, strategy) progress('Building Tauri png icons') diff --git a/cli/tauri.js/package.json b/cli/tauri.js/package.json index fe1786fb6..d4ae0b8cd 100644 --- a/cli/tauri.js/package.json +++ b/cli/tauri.js/package.json @@ -12,8 +12,9 @@ "scripts": { "test": "jest --runInBand --no-cache", "test:mac-local": "jest --runInBand", - "lint-fix": "eslint --ext .js mode --fix", - "build:tauri[rust]": "cd ../tauri && TAURI_DIST_DIR=../../test/fixture/dist TAURI_CONFIG_DIR=../test/fixture cargo publish --dry-run --allow-dirty" + "lint-fix": "eslint --fix ./bin/*.js ./*.js ./helpers/*.js", + "lint:lockfile": "lockfile-lint --path yarn.lock --type yarn --validate-https --allowed-hosts npm yarn", + "build:tauri[rust]": "cd ../tauri && TAURI_DIST_DIR=../../test/fixture/dist TAURI_DIR=../test/fixture cargo publish --dry-run --allow-dirty" }, "repository": { "type": "git", @@ -70,11 +71,13 @@ "eslint-plugin-lodash-template": "0.15.0", "eslint-plugin-node": "10.0.0", "eslint-plugin-promise": "4.2.1", + "eslint-plugin-security": "1.4.0", "eslint-plugin-standard": "4.0.1", "husky": "3.1.0", "jest": "24.9.0", "jest-mock-process": "1.2.0", "lint-staged": "9.5.0", + "lockfile-lint": "2.0.1", "promise": "8.0.3" }, "husky": { diff --git a/cli/tauri.js/template.js b/cli/tauri.js/template.js index d238dbfc2..3a723164d 100644 --- a/cli/tauri.js/template.js +++ b/cli/tauri.js/template.js @@ -1,4 +1,4 @@ -const { copySync, existsSync, removeSync, readFileSync } = require('fs-extra') +const { copySync, existsSync, removeSync } = require('fs-extra') const { resolve, join, normalize } = require('path') const copyTemplates = require('./helpers/copy-templates') @@ -33,7 +33,7 @@ Run \`tauri init --force template\` to overwrite.`) if (!force) return false } - let tauriDep = tauriPath ? `{ path = "${join('..', tauriPath, 'tauri')}" }` : null + const tauriDep = tauriPath ? `{ path = "${join('..', tauriPath, 'tauri')}" }` : null try { removeSync(dir) diff --git a/cli/tauri.js/yarn.lock b/cli/tauri.js/yarn.lock index d748d317b..bb49f16b4 100644 --- a/cli/tauri.js/yarn.lock +++ b/cli/tauri.js/yarn.lock @@ -435,6 +435,11 @@ dependencies: "@types/yargs-parser" "*" +"@yarnpkg/lockfile@^1.1.0": + version "1.1.0" + resolved "https://registry.yarnpkg.com/@yarnpkg/lockfile/-/lockfile-1.1.0.tgz#e77a97fbd345b76d83245edcd17d393b1b41fb31" + integrity sha512-GpSwvyXOcOOlV70vbnzjj4fW5xW/FdUF6nQEt1ENy7m4ZCczi1+/buVUPAqmGfqznsORNFzUMjctTIp8a9tuCQ== + abab@^2.0.0: version "2.0.3" resolved "https://registry.npmjs.org/abab/-/abab-2.0.3.tgz#623e2075e02eb2d3f2475e49f99c91846467907a" @@ -1728,9 +1733,9 @@ eslint-plugin-import@2.18.2: read-pkg-up "^2.0.0" resolve "^1.11.0" -eslint-plugin-lodash-template@^0.15.0: +eslint-plugin-lodash-template@0.15.0: version "0.15.0" - resolved "https://registry.npmjs.org/eslint-plugin-lodash-template/-/eslint-plugin-lodash-template-0.15.0.tgz#649265456a3ad5345d5bb3a3eeb8995d1d31c877" + resolved "https://registry.yarnpkg.com/eslint-plugin-lodash-template/-/eslint-plugin-lodash-template-0.15.0.tgz#649265456a3ad5345d5bb3a3eeb8995d1d31c877" integrity sha512-OXfUJz3udNAbhOJknp2RGJp1xf3A3CrwHoP31B0sWWrsKEK1fGcoTN8KtUvEenni+oNWe0RFw3sT1cl+/A0oRw== dependencies: esquery "^1.0.1" @@ -1753,6 +1758,13 @@ eslint-plugin-promise@4.2.1: resolved "https://registry.npmjs.org/eslint-plugin-promise/-/eslint-plugin-promise-4.2.1.tgz#845fd8b2260ad8f82564c1222fce44ad71d9418a" integrity sha512-VoM09vT7bfA7D+upt+FjeBO5eHIJQBUWki1aPvB+vbNiHS3+oGIJGIeyBtKQTME6UPXXy3vV07OL1tHd3ANuDw== +eslint-plugin-security@1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-security/-/eslint-plugin-security-1.4.0.tgz#d4f314484a80b1b613b8c8886e84f52efe1526c2" + integrity sha512-xlS7P2PLMXeqfhyf3NpqbvbnW04kN8M9NtmhpR3XGyOvt/vNKS7XPXT5EDbwKW9vCjWH4PpfQvgD/+JgN0VJKA== + dependencies: + safe-regex "^1.1.0" + eslint-plugin-standard@4.0.1: version "4.0.1" resolved "https://registry.npmjs.org/eslint-plugin-standard/-/eslint-plugin-standard-4.0.1.tgz#ff0519f7ffaff114f76d1bd7c3996eef0f6e20b4" @@ -3851,6 +3863,23 @@ locate-path@^5.0.0: dependencies: p-locate "^4.1.0" +lockfile-lint-api@^2.0.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/lockfile-lint-api/-/lockfile-lint-api-2.3.0.tgz#c200de37f07bee35eca2a52a8e560f013c87910c" + integrity sha512-4jp8ULItLgsaPgPjxm/nuupIiBbxWf/nA05gRGMtvJQxGoSOOYA1LxSunY5p1b4kw7u6ZW5TZNgcIs4cFvp9lw== + dependencies: + "@yarnpkg/lockfile" "^1.1.0" + debug "^4.1.0" + +lockfile-lint@2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/lockfile-lint/-/lockfile-lint-2.0.1.tgz#b2ccd71530f2861a433cfec3b9deb18b01a2c5e0" + integrity sha512-hT6Nrx2ewTtmZ/N3KjaEpLaXujHmIjcKU32pcuX20JhGgkTVWBlU3bDkIh+Lob7NG6zD96ASOUL6t/dQUa89WQ== + dependencies: + debug "^4.1.0" + lockfile-lint-api "^2.0.0" + yargs "^13.2.4" + lodash._reinterpolate@^3.0.0: version "3.0.0" resolved "https://registry.npmjs.org/lodash._reinterpolate/-/lodash._reinterpolate-3.0.0.tgz#0ccf2d89166af03b3663c796538b75ac6e114d9d" @@ -6446,7 +6475,7 @@ yargs-parser@^13.1.1: camelcase "^5.0.0" decamelize "^1.2.0" -yargs@^13.3.0: +yargs@^13.2.4, yargs@^13.3.0: version "13.3.0" resolved "https://registry.npmjs.org/yargs/-/yargs-13.3.0.tgz#4c657a55e07e5f2cf947f8a366567c04a0dedc83" integrity sha512-2eehun/8ALW8TLoIl7MVaRUrg+yCnenu8B4kBlRxj3GJGDKU1Og7sMXPNm1BYyM1DOJmTZ4YeN/Nwxv+8XJsUA==