From 6e1e9f105dce298f40a0a232505b1e910e706ca1 Mon Sep 17 00:00:00 2001 From: Josh Goldberg Date: Tue, 18 Dec 2018 09:00:13 -0800 Subject: [PATCH 1/9] Deprecated now-duplicate rules from TSLint 5.12.0 (bumped devDependency to 5.12.0) Fixes #684. Fixes #685. --- README.md | 1 + additional_rule_metadata.json | 55 ++++++++++++++ build-tasks/validate-config.js | 3 + package-lock.json | 72 +++++-------------- package.json | 2 +- recommended_ruleset.js | 14 +++- ...noFunctionConstructorWithStringArgsRule.ts | 10 +++ src/noIncrementDecrementRule.ts | 10 +++ src/noUnnecessaryBindRule.ts | 10 +++ src/noUnnecessaryOverrideRule.ts | 4 +- src/utils/BaseFormatter.ts | 4 +- src/utils/Utils.ts | 4 +- src/validTypeofRule.ts | 4 +- tslint-warnings.csv | 15 ++-- tslint.json | 6 +- 15 files changed, 140 insertions(+), 74 deletions(-) diff --git a/README.md b/README.md index 256413942..0db172413 100644 --- a/README.md +++ b/README.md @@ -450,6 +450,7 @@ We recommend you specify exact versions of lint libraries, including `tslint-mic no-increment-decrement + Deprecated - This rule is in the TSLint product as increment-decrement. Avoid use of increment and decrement operators particularly as part of complicated expressions. 0.0.1 diff --git a/additional_rule_metadata.json b/additional_rule_metadata.json index 7ddf7cbf5..f075cec91 100644 --- a/additional_rule_metadata.json +++ b/additional_rule_metadata.json @@ -25,6 +25,13 @@ "group": "Configurable", "recommendation": "false, // only enable this if you have some code pattern that you want to ban" }, + "ban-ts-ignore": { + "issueClass": "Ignored", + "issueType": "Error", + "severity": "Critical", + "level": "Opportunity for Excellence", + "group": "Configurable" + }, "class-name": { "issueClass": "Non-SDL", "issueType": "Error", @@ -41,6 +48,14 @@ "group": "Clarity", "commonWeaknessEnumeration": "398, 710" }, + "comment-type": { + "issueClass": "Non-SDL", + "issueType": "Warning", + "severity": "Low", + "level": "Opportunity for Excellence", + "group": "Clarity", + "commonWeaknessEnumeration": "398, 710" + }, "curly": { "issueClass": "Non-SDL", "issueType": "Warning", @@ -617,6 +632,22 @@ "recommendation": "false,", "commonWeaknessEnumeration": "398, 710" }, + "unnecessary-bind": { + "issueClass": "Non-SDL", + "issueType": "Warning", + "severity": "Moderate", + "level": "Opportunity for Excellence", + "group": "Correctness", + "commonWeaknessEnumeration": "398" + }, + "unnecessary-constructor": { + "issueClass": "Non-SDL", + "issueType": "Warning", + "severity": "Moderate", + "level": "Opportunity for Excellence", + "group": "Correctness", + "commonWeaknessEnumeration": "398" + }, "use-isnan": { "issueClass": "Non-SDL", "issueType": "Error", @@ -688,6 +719,14 @@ "recommendation": "false, // enable this rule only if you are legally required to add a file header", "level": "Opportunity for Excellence" }, + "function-constructor": { + "issueClass": "Non-SDL", + "issueType": "Warning", + "severity": "Moderate", + "level": "Opportunity for Excellence", + "group": "Correctness", + "commonWeaknessEnumeration": "398" + }, "max-classes-per-file": { "issueClass": "Non-SDL", "issueType": "Warning", @@ -744,6 +783,14 @@ "recommendation": "true,", "level": "Opportunity for Excellence" }, + "increment-decrement": { + "issueClass": "Non-SDL", + "issueType": "Warning", + "severity": "Moderate", + "level": "Opportunity for Excellence", + "group": "Correctness", + "commonWeaknessEnumeration": "398" + }, "interface-over-type-literal": { "issueClass": "Ignored", "issueType": "Warning", @@ -946,6 +993,14 @@ "group": "Whitespace", "commonWeaknessEnumeration": "710" }, + "no-default-import": { + "issueClass": "Non-SDL", + "issueType": "Warning", + "severity": "Moderate", + "level": "Opportunity for Excellence", + "group": "Correctness", + "commonWeaknessEnumeration": "398" + }, "no-duplicate-super": { "issueClass": "Non-SDL", "issueType": "Warning", diff --git a/build-tasks/validate-config.js b/build-tasks/validate-config.js index 4391bd6f6..7cdadfc0d 100644 --- a/build-tasks/validate-config.js +++ b/build-tasks/validate-config.js @@ -25,11 +25,14 @@ const disabledRules = new Set([ 'no-duplicate-case', 'no-empty-interfaces', 'no-empty-line-after-opening-brace', + 'no-function-constructor-with-string-args', + 'no-increment-decrement', 'no-multiline-string', 'no-reserved-keywords', 'no-relative-imports', 'no-stateless-class', 'no-unexternalized-strings', + 'no-unnecessary-bind', 'no-unnecessary-semicolons', 'no-var-self', 'react-tsx-curly-spacing', diff --git a/package-lock.json b/package-lock.json index 7ecbae031..923343c99 100644 --- a/package-lock.json +++ b/package-lock.json @@ -213,7 +213,7 @@ }, "chalk": { "version": "1.1.3", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", + "resolved": "http://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", "integrity": "sha1-qBFcVeSnAv5NFQq9OHKCKn4J/Jg=", "dev": true, "requires": { @@ -905,9 +905,9 @@ } }, "diff": { - "version": "3.3.1", - "resolved": "https://registry.npmjs.org/diff/-/diff-3.3.1.tgz", - "integrity": "sha512-MKPHZDMB0o6yHyDryUOScqZibp914ksXwAMYMTHj6KO8UeKsRYNJD3oNCKjTqZon+V488P7N/HzXF8t7ZR95ww==", + "version": "3.5.0", + "resolved": "https://registry.npmjs.org/diff/-/diff-3.5.0.tgz", + "integrity": "sha512-A46qtFgd+g7pDZinpnwiRJtxbC1hpgf0uzP3iG89scHk0AUC7A1TGxf5OiiOUv/JMZR8GOt8hL900hV0bOy5xA==", "dev": true }, "dir-glob": { @@ -3516,7 +3516,7 @@ }, "readable-stream": { "version": "2.3.6", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz", + "resolved": "http://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz", "integrity": "sha512-tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw==", "dev": true, "requires": { @@ -3568,6 +3568,15 @@ "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc=", "dev": true }, + "resolve": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.9.0.tgz", + "integrity": "sha512-TZNye00tI67lwYvzxCxHGjwTNlUV70io54/Ed4j6PscB8xVfuBJpRenI/o6dVk0cY0PYTY27AgCoGGxRnYuItQ==", + "dev": true, + "requires": { + "path-parse": "^1.0.6" + } + }, "resolve-url": { "version": "0.2.1", "resolved": "https://registry.npmjs.org/resolve-url/-/resolve-url-0.2.1.tgz", @@ -4112,9 +4121,9 @@ "integrity": "sha512-4krF8scpejhaOgqzBEcGM7yDIEfi0/8+8zDRZhNZZ2kjmHJ4hv3zCbQWxoJGz1iw5U0Jl0nma13xzHXcncMavQ==" }, "tslint": { - "version": "5.11.0", - "resolved": "https://registry.npmjs.org/tslint/-/tslint-5.11.0.tgz", - "integrity": "sha1-mPMMAurjzecAYgHkwzywi0hYHu0=", + "version": "5.12.0", + "resolved": "https://registry.npmjs.org/tslint/-/tslint-5.12.0.tgz", + "integrity": "sha512-CKEcH1MHUBhoV43SA/Jmy1l24HJJgI0eyLbBNSRyFlsQvb9v6Zdq+Nz2vEOH00nC5SUx4SneJ59PZUS/ARcokQ==", "dev": true, "requires": { "babel-code-frame": "^6.22.0", @@ -4129,53 +4138,6 @@ "semver": "^5.3.0", "tslib": "^1.8.0", "tsutils": "^2.27.2" - }, - "dependencies": { - "commander": { - "version": "2.17.1", - "resolved": "https://registry.npmjs.org/commander/-/commander-2.17.1.tgz", - "integrity": "sha512-wPMUt6FnH2yzG95SA6mzjQOEKUU3aLaDEmzs1ti+1E9h+CsrZghRlqEM/EJ4KscsQVG8uNN4uVreUeT8+drlgg==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "glob": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz", - "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "js-yaml": { - "version": "3.12.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.12.0.tgz", - "integrity": "sha512-PIt2cnwmPfL4hKNwqeiuz4bKfnzHTBv6HyVgjahA6mPLwPDzjDWrplJBMjHUFxku/N3FlmrbyPclad+I+4mJ3A==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "resolve": { - "version": "1.8.1", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.8.1.tgz", - "integrity": "sha512-AicPrAC7Qu1JxPCZ9ZgCZlY35QgFnNqc+0LtbRNxnVw4TXvjQ72wnuL9JQcEBgXkI9JM8MsT9kaQoHcpCRJOYA==", - "dev": true, - "requires": { - "path-parse": "^1.0.5" - } - } } }, "tslint-config-prettier": { diff --git a/package.json b/package.json index a75921444..103a2c6d7 100644 --- a/package.json +++ b/package.json @@ -92,7 +92,7 @@ "prettier": "1.15.0", "rimraf": "^2.6.2", "strip-json-comments": "^2.0.1", - "tslint": "^5.11.0", + "tslint": "^5.12.0", "tslint-config-prettier": "^1.15.0", "typescript": "3.1.1", "underscore": "1.9.1" diff --git a/recommended_ruleset.js b/recommended_ruleset.js index 0a5a62a43..f6e60fbfe 100644 --- a/recommended_ruleset.js +++ b/recommended_ruleset.js @@ -17,7 +17,7 @@ module.exports = { 'no-document-write': true, 'no-eval': true, 'no-exec-script': true, - 'no-function-constructor-with-string-args': true, + 'no-function-constructor-with-string-args': false, // use tslint function-constructor rule intsead 'no-http-string': [true, 'http://www.example.com/?.*', 'http://localhost:?.*'], 'no-inner-html': true, 'no-octal-literal': true, @@ -37,6 +37,8 @@ module.exports = { */ 'await-promise': true, 'forin': true, + 'function-constructor': true, + 'increment-decrement': true, 'jquery-deferred-must-complete': true, 'label-position': true, 'match-default-export-name': true, @@ -51,6 +53,7 @@ module.exports = { 'no-constant-condition': true, 'no-control-regex': true, 'no-debugger': true, + 'no-default-import': true, 'no-duplicate-super': true, 'no-duplicate-switch-case': true, 'no-duplicate-variable': true, @@ -59,7 +62,7 @@ module.exports = { 'no-for-in-array': true, 'no-implicit-dependencies': true, 'no-import-side-effect': true, - 'no-increment-decrement': true, + 'no-increment-decrement': false, // use tslint increment-decrement rule instead 'no-invalid-regexp': true, 'no-invalid-template-strings': true, 'no-invalid-this': true, @@ -74,7 +77,7 @@ module.exports = { 'no-string-literal': true, 'no-string-throw': true, 'no-submodule-imports': true, - 'no-unnecessary-bind': true, + 'no-unnecessary-bind': false, // use tslint unnecessary-bind rule instead 'no-unnecessary-callback-wrapper': true, 'no-unnecessary-initializer': true, 'no-unnecessary-override': true, @@ -93,6 +96,8 @@ module.exports = { 'switch-default': true, 'switch-final-break': true, 'triple-equals': [true, 'allow-null-check'], + 'unnecessary-bind': true, + 'unnecessary-constructor': true, 'use-isnan': true, 'use-named-parameter': true, 'use-simple-attributes': true, @@ -111,6 +116,7 @@ module.exports = { 'chai-vague-errors': true, 'class-name': true, 'comment-format': true, + 'comment-type': true, 'completed-docs': [true, 'classes'], 'export-name': true, 'file-name-casing': true, @@ -180,6 +186,7 @@ module.exports = { * Accessibility. The following rules should be turned on to guarantee the best user * experience for keyboard and screen reader users. */ + 'react-a11y-accessible-headings': true, 'react-a11y-anchors': true, 'react-a11y-aria-unsupported-elements': true, 'react-a11y-event-has-role': true, @@ -232,6 +239,7 @@ module.exports = { * Controversial/Configurable rules. */ 'ban': false, // only enable this if you have some code pattern that you want to ban + 'ban-ts-ignore': true, 'ban-types': true, 'cyclomatic-complexity': true, 'deprecation': false, // deprecated APIs are sometimes unavoidable diff --git a/src/noFunctionConstructorWithStringArgsRule.ts b/src/noFunctionConstructorWithStringArgsRule.ts index b6263e85d..fce22c7c6 100644 --- a/src/noFunctionConstructorWithStringArgsRule.ts +++ b/src/noFunctionConstructorWithStringArgsRule.ts @@ -16,13 +16,23 @@ export class Rule extends Lint.Rules.AbstractRule { issueType: 'Error', severity: 'Critical', level: 'Mandatory', + recommendation: 'false, // use tslint function-constructor rule intsead', group: 'Security', commonWeaknessEnumeration: '95, 676, 242, 116' }; public static FAILURE_STRING: string = 'forbidden: Function constructor with string arguments '; + private static isWarningShown: boolean = false; + public apply(sourceFile: ts.SourceFile): Lint.RuleFailure[] { + if (Rule.isWarningShown === false) { + console.warn( + 'Warning: no-function-constructor-with-string-args rule is deprecated. Replace your usage with the TSLint function-constructor rule.' + ); + Rule.isWarningShown = true; + } + return this.applyWithWalker(new NoFunctionConstructorWithStringArgsWalker(sourceFile, this.getOptions())); } } diff --git a/src/noIncrementDecrementRule.ts b/src/noIncrementDecrementRule.ts index 330cb27ed..284852232 100644 --- a/src/noIncrementDecrementRule.ts +++ b/src/noIncrementDecrementRule.ts @@ -29,11 +29,21 @@ export class Rule extends Lint.Rules.AbstractRule { issueType: 'Warning', severity: 'Low', level: 'Opportunity for Excellence', + recommendation: 'false, // use tslint increment-decrement rule instead', group: 'Correctness', commonWeaknessEnumeration: '398, 710' }; + private static isWarningShown: boolean = false; + public apply(sourceFile: ts.SourceFile): Lint.RuleFailure[] { + if (Rule.isWarningShown === false) { + console.warn( + 'Warning: no-increment-decrement rule is deprecated. Replace your usage with the TSLint no-increment-decrement rule.' + ); + Rule.isWarningShown = true; + } + return this.applyWithWalker(new NoIncrementDecrementWalker(sourceFile, this.getOptions())); } } diff --git a/src/noUnnecessaryBindRule.ts b/src/noUnnecessaryBindRule.ts index 2091cef13..4ed99e482 100644 --- a/src/noUnnecessaryBindRule.ts +++ b/src/noUnnecessaryBindRule.ts @@ -16,6 +16,7 @@ export class Rule extends Lint.Rules.AbstractRule { issueType: 'Warning', severity: 'Important', level: 'Opportunity for Excellence', + recommendation: 'false, // use tslint unnecessary-bind rule instead', group: 'Correctness', commonWeaknessEnumeration: '398, 710' }; @@ -51,7 +52,16 @@ export class Rule extends Lint.Rules.AbstractRule { ]; public static UNDERSCORE_TERNARY_FUNCTION_NAMES: string[] = ['foldl', 'foldr', 'inject', 'reduce', 'reduceRight']; + private static isWarningShown: boolean = false; + public apply(sourceFile: ts.SourceFile): Lint.RuleFailure[] { + if (Rule.isWarningShown === false) { + console.warn( + 'Warning: no-increment-decrement rule is deprecated. Replace your usage with the TSLint no-increment-decrement rule.' + ); + Rule.isWarningShown = true; + } + return this.applyWithWalker(new NoUnnecessaryBindRuleWalker(sourceFile, this.getOptions())); } } diff --git a/src/noUnnecessaryOverrideRule.ts b/src/noUnnecessaryOverrideRule.ts index 98c476b02..e293f4ae9 100644 --- a/src/noUnnecessaryOverrideRule.ts +++ b/src/noUnnecessaryOverrideRule.ts @@ -59,9 +59,9 @@ class NoUnnecessaryOverrideRuleWalker extends Lint.RuleWalker { } const allParameters: ReadonlyArray = node.parameters; - /* tslint:disable:no-increment-decrement */ + /* tslint:disable:increment-decrement */ for (let i = 0; i < allParameters.length; i++) { - /* tslint:enable:no-increment-decrement */ + /* tslint:enable:increment-decrement */ const parameter: ts.ParameterDeclaration = allParameters[i]; const argument: ts.Expression = call.arguments[i]; if (argument.kind !== ts.SyntaxKind.Identifier) { diff --git a/src/utils/BaseFormatter.ts b/src/utils/BaseFormatter.ts index 41ba648a4..4364a7258 100644 --- a/src/utils/BaseFormatter.ts +++ b/src/utils/BaseFormatter.ts @@ -17,9 +17,9 @@ export class BaseFormatter extends Formatters.AbstractFormatter { } public format(allFailures: RuleFailure[]): string { - /* tslint:disable:no-increment-decrement */ + /* tslint:disable:increment-decrement */ for (let index = allFailures.length - 1; index >= 0; index--) { - /* tslint:enable:no-increment-decrement */ + /* tslint:enable:increment-decrement */ const failure = allFailures[index]; if (failure.getRuleName() === this.ruleName) { this.applyFix(failure); diff --git a/src/utils/Utils.ts b/src/utils/Utils.ts index d58fdb192..9cee3098b 100644 --- a/src/utils/Utils.ts +++ b/src/utils/Utils.ts @@ -3,7 +3,7 @@ import * as path from 'path'; /** * Control flow functions. */ -/* tslint:disable:no-increment-decrement */ +/* tslint:disable:increment-decrement */ export namespace Utils { /** * Logical 'any' or 'exists' function. @@ -76,4 +76,4 @@ export namespace Utils { return path.basename(relativePath); } } -/* tslint:enable:no-increment-decrement */ +/* tslint:enable:increment-decrement */ diff --git a/src/validTypeofRule.ts b/src/validTypeofRule.ts index f245109f1..ffd3ce683 100644 --- a/src/validTypeofRule.ts +++ b/src/validTypeofRule.ts @@ -82,7 +82,7 @@ class ValidTypeofRuleWalker extends Lint.RuleWalker { /** * Inspired from: https://gist.github.com/andrei-m/982927 */ - /* tslint:disable:no-increment-decrement */ + /* tslint:disable:increment-decrement */ private levenshteinDistance(a: string, b: string): number { if (a.length === 0) { return b.length; @@ -120,5 +120,5 @@ class ValidTypeofRuleWalker extends Lint.RuleWalker { return matrix[b.length][a.length]; } - /* tslint:enable:no-increment-decrement */ + /* tslint:enable:increment-decrement */ } diff --git a/tslint-warnings.csv b/tslint-warnings.csv index 11a0756fa..ee2966e07 100644 --- a/tslint-warnings.csv +++ b/tslint-warnings.csv @@ -15,6 +15,8 @@ class-name,Enforces PascalCased class and interface names.,TSLINT65UF71,tslint,N CWE 710 - Coding Standards Violation" comment-format,Enforces formatting rules for single-line comments.,TSLINT1T6OE84,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" +comment-type,Allows a limited set of comment types,TSLINT78JBS7,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality +CWE 710 - Coding Standards Violation" completed-docs,Enforces JSDoc comments for important items be filled out.,TSLINTTVUOIS,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, curly,Enforces braces for `if`/`for`/`do`/`while` statements.,TSLINTT90EOE,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"483, 710","CWE 483 - Incorrect Block Delimitation CWE 710 - Coding Standards Violation" @@ -25,9 +27,11 @@ file-name-casing,Enforces a consistent file naming convention,TSLINTGCPLQ3,tslin CWE 710 - Coding Standards Violation" forin,Requires a `for ... in` statement to be filtered with an `if` statement.,TSLINTTBFHNF,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" +function-constructor,Prevents using the built-in Function constructor. ,TSLINT7Q9QUS,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,398,"CWE 398 - Indicator of Poor Code Quality" function-name,Applies a naming convention to function names and method names,TSLINTN7VHIV,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" import-spacing,Ensures proper spacing between import statement keywords,TSLINTUMSN06,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, +increment-decrement,Enforces using explicit += 1 or -= 1 operators.,TSLINTB4BS9M,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,398,"CWE 398 - Indicator of Poor Code Quality" indent,Enforces indentation with tabs or spaces.,TSLINTGKM7CB,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" informative-docs,Enforces that comments do more than just reiterate names of objects.,TSLINT1PL9SJL,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, @@ -84,6 +88,7 @@ CWE 565 - Reliance on Cookies without Validation and Integrity Checking CWE 614 - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute" no-debugger,Disallows `debugger` statements.,TSLINT2KSM9E,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" +no-default-import,Disallows importing default members from certain ES6-style modules.,TSLINTL8SKVU,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,398,"CWE 398 - Indicator of Poor Code Quality" no-delete-expression,Do not delete expressions. Only properties should be deleted,TSLINTM33ICD,tslint,SDL,Error,Critical,Mandatory,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, no-disable-auto-sanitization,Do not disable auto-sanitization of HTML because this opens up your page to an XSS attack. ,TSLINT1915L5R,tslint,SDL,Error,Critical,Mandatory,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"157, 159, 75, 79, 85, 749, 676","CWE 157 - Failure to Sanitize Paired Delimiters CWE 159 - Failure to Sanitize Special Element @@ -139,7 +144,7 @@ CWE 710 - Coding Standards Violation" no-misused-new,Warns on apparent attempts to define constructors for interfaces or `new` for classes.,TSLINTL96MA6,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, no-multiline-string,Do not declare multiline strings,TSLINT10K5P9U,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" no-non-null-assertion,Disallows non-null assertions using the `!` postfix operator.,TSLINTNO75FN,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" -no-object-literal-type-assertion,Forbids an object literal to appear in a type assertion expression. Casting to `any` is still allowed.,TSLINT1EVNJ3E,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" +no-object-literal-type-assertion,Forbids an object literal to appear in a type assertion expression. Casting to `any` or to `unknown` is still allowed.,TSLINT1EVNJ3E,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" no-octal-literal,Do not use octal literals or escaped octal sequences,TSLINT1F5BIM0,tslint,SDL,Error,Critical,Mandatory,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, no-parameter-properties,Disallows parameter properties in class constructors.,TSLINT1FFCD4S,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, no-parameter-reassignment,Disallows reassigning parameters.,TSLINTHAE9PH,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" @@ -239,7 +244,7 @@ CWE 705 - Incorrect Control Flow Scoping CWE 710 - Coding Standards Violation" prefer-for-of,Recommends a 'for-of' loop over a standard 'for' loop if the index is only used to access the array being iterated.,TSLINT51MHG7,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, prefer-method-signature,Prefer `foo(): void` over `foo: () => void` in interfaces and types.,TSLINT1LVIQFA,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, -prefer-object-spread,Enforces the use of the ES2015 object spread operator over `Object.assign()` where appropriate.,TSLINT10K16KT,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" +prefer-object-spread,Enforces the use of the ES2018 object spread operator over `Object.assign()` where appropriate.,TSLINT10K16KT,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" prefer-readonly,Requires that private variables are marked as `readonly` if they're never modified outside of the constructor.,TSLINTUCQG50,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" prefer-switch,Prefer a `switch` statement to an `if` statement with simple `===` comparisons.,TSLINT682PUI,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" @@ -248,7 +253,7 @@ prefer-while,Prefer `while` loops instead of `for` loops without an initializer CWE 710 - Coding Standards Violation" promise-function-async,Requires any function or method that returns a promise to be marked async.,TSLINT1L1TRF8,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, promise-must-complete,"When a Promise instance is created, then either the reject() or resolve() parameter must be called on it within all code branches in the scope.",TSLINT4SIARK,tslint,Non-SDL,Error,Critical,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, -quotemark,Requires single or double quotes for string literals.,TSLINTU8MMGA,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality +quotemark,Enforces quote character for string literals.,TSLINTU8MMGA,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" radix,Requires the radix parameter to be specified when calling `parseInt`.,TSLINTTLKJQ5,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" react-a11y-accessible-headings,"For accessibility of your website, there should be no more than 2 H1 heading elements, HTML heading elements must be concise, shouldn't increase by more then one level consecutively and non-empty.",TSLINT1QBGB30,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, @@ -287,7 +292,7 @@ return-undefined,Prefer `return;` in void functions and `return undefined;` in v semicolon,Enforces consistent semicolon usage at the end of every statement.,TSLINT1L591RI,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" space-within-parens,Enforces spaces within parentheses or disallow them. Empty parentheses () are always allowed.,TSLINT1E89MLR,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" -strict-boolean-expressions,"Restricts the types allowed in boolean expressions. By default only booleans are allowed. +strict-boolean-expressions,"Restricts the types allowed in boolean expressions. By default only booleans are allowed. The following nodes are checked: * Arguments to the `!`, `&&`, and `||` operators @@ -308,6 +313,8 @@ CWE 710 - Coding Standards Violation" underscore-consistent-invocation,Enforce a consistent usage of the _ functions,TSLINT5C2409,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" unified-signatures,Warns for any two overloads that could be unified into one by using a union or an optional/rest parameter.,TSLINT1I85C1L,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, +unnecessary-bind,Prevents unnecessary and/or misleading scope bindings on functions.,TSLINT1LICM7J,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,398,"CWE 398 - Indicator of Poor Code Quality" +unnecessary-constructor,"Prevents blank constructors, as they are redundant.",TSLINT38S2K4,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,398,"CWE 398 - Indicator of Poor Code Quality" use-default-type-parameter,Warns if an explicitly specified type argument is the default for that type parameter.,TSLINTLMNGTP,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" use-isnan,Enforces use of the `isNaN()` function to check for NaN references instead of a comparison to the `NaN` constant.,TSLINTPUV7LC,tslint,Non-SDL,Error,Critical,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,398,"CWE 398 - Indicator of Poor Code Quality" use-named-parameter,"Do not reference the arguments object by numerical index; instead, use a named parameter.",TSLINTKPEHQG,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" diff --git a/tslint.json b/tslint.json index 38374da8a..a289b4b3e 100644 --- a/tslint.json +++ b/tslint.json @@ -84,11 +84,9 @@ "no-duplicate-switch-case": true, "no-exec-script": true, "no-for-in": true, - "no-function-constructor-with-string-args": true, "no-function-expression": true, "no-http-string": true, "no-implicit-dependencies": true, - "no-increment-decrement": true, "no-inner-html": true, "no-invalid-regexp": true, "no-jquery-raw-elements": true, @@ -108,7 +106,6 @@ "no-suspicious-comment": true, "no-this-assignment": true, "no-typeof-undefined": true, - "no-unnecessary-bind": true, "no-unnecessary-class": true, "no-unnecessary-field-initialization": true, "no-unnecessary-local-variable": true, @@ -161,11 +158,14 @@ "no-duplicate-case": false, "no-empty-interfaces": false, "no-empty-line-after-opening-brace": false, + "no-function-constructor-with-string-args": false, + "no-increment-decrement": false, "no-multiline-string": false, "no-relative-imports": false, "no-reserved-keywords": false, "no-stateless-class": false, "no-unexternalized-strings": false, + "no-unnecessary-bind": false, "no-var-self": false, "react-tsx-curly-spacing": false, "valid-typeof": false From 254fe8decfa03f1f1ce82781523b66148343dd47 Mon Sep 17 00:00:00 2001 From: Josh Goldberg Date: Tue, 18 Dec 2018 12:23:32 -0800 Subject: [PATCH 2/9] Added missing deprecation notices in README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 0db172413..ea6689a38 100644 --- a/README.md +++ b/README.md @@ -416,6 +416,7 @@ We recommend you specify exact versions of lint libraries, including `tslint-mic no-function-constructor-with-string-args + Deprecated - This rule is in the TSLint product as function-constructor. Do not use the version of the Function constructor that accepts a string argument to define the body of the function. 0.0.1 @@ -656,6 +657,7 @@ We recommend you specify exact versions of lint libraries, including `tslint-mic no-unnecessary-bind + Deprecated - This rule is in the TSLint product as unnecessary-bind. Do not bind 'this' as the context for a function literal or lambda expression. If you bind 'this' as the context to a function literal, then you should just use a lambda without the bind. If you bind 'this' as the context to a lambda, then you can remove the bind call because 'this' is already the context for lambdas. From acccedbb5cf3a54f7ea6bff4231c308c2f11d4c6 Mon Sep 17 00:00:00 2001 From: Josh Goldberg Date: Tue, 18 Dec 2018 12:24:43 -0800 Subject: [PATCH 3/9] Update noUnnecessaryBindRule.ts --- src/noUnnecessaryBindRule.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/noUnnecessaryBindRule.ts b/src/noUnnecessaryBindRule.ts index 4ed99e482..a2455b0f6 100644 --- a/src/noUnnecessaryBindRule.ts +++ b/src/noUnnecessaryBindRule.ts @@ -57,7 +57,7 @@ export class Rule extends Lint.Rules.AbstractRule { public apply(sourceFile: ts.SourceFile): Lint.RuleFailure[] { if (Rule.isWarningShown === false) { console.warn( - 'Warning: no-increment-decrement rule is deprecated. Replace your usage with the TSLint no-increment-decrement rule.' + 'Warning: no-unnecessary-bind rule is deprecated. Replace your usage with the TSLint unnecessary-bind rule.' ); Rule.isWarningShown = true; } From 020a2f8e0deee4b3f9f2a95fe75e40726331ddd7 Mon Sep 17 00:00:00 2001 From: Josh Goldberg Date: Thu, 20 Dec 2018 15:02:16 -0800 Subject: [PATCH 4/9] Corrected changes in package-lock.json and metadata --- additional_rule_metadata.json | 20 ++++++++++---------- package-lock.json | 4 ++-- src/noIncrementDecrementRule.ts | 2 +- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/additional_rule_metadata.json b/additional_rule_metadata.json index f075cec91..84b5d6cb2 100644 --- a/additional_rule_metadata.json +++ b/additional_rule_metadata.json @@ -635,10 +635,10 @@ "unnecessary-bind": { "issueClass": "Non-SDL", "issueType": "Warning", - "severity": "Moderate", + "severity": "Warning", "level": "Opportunity for Excellence", "group": "Correctness", - "commonWeaknessEnumeration": "398" + "commonWeaknessEnumeration": "398, 710" }, "unnecessary-constructor": { "issueClass": "Non-SDL", @@ -720,12 +720,12 @@ "level": "Opportunity for Excellence" }, "function-constructor": { - "issueClass": "Non-SDL", - "issueType": "Warning", - "severity": "Moderate", - "level": "Opportunity for Excellence", - "group": "Correctness", - "commonWeaknessEnumeration": "398" + "issueClass": "SDL", + "issueType": "Error", + "severity": "Critical", + "level": "Mandatory", + "group": "Security", + "commonWeaknessEnumeration": "95, 676, 242, 116" }, "max-classes-per-file": { "issueClass": "Non-SDL", @@ -786,10 +786,10 @@ "increment-decrement": { "issueClass": "Non-SDL", "issueType": "Warning", - "severity": "Moderate", + "severity": "Low", "level": "Opportunity for Excellence", "group": "Correctness", - "commonWeaknessEnumeration": "398" + "commonWeaknessEnumeration": "398, 710" }, "interface-over-type-literal": { "issueClass": "Ignored", diff --git a/package-lock.json b/package-lock.json index 923343c99..dec380380 100644 --- a/package-lock.json +++ b/package-lock.json @@ -213,7 +213,7 @@ }, "chalk": { "version": "1.1.3", - "resolved": "http://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", "integrity": "sha1-qBFcVeSnAv5NFQq9OHKCKn4J/Jg=", "dev": true, "requires": { @@ -3516,7 +3516,7 @@ }, "readable-stream": { "version": "2.3.6", - "resolved": "http://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz", "integrity": "sha512-tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw==", "dev": true, "requires": { diff --git a/src/noIncrementDecrementRule.ts b/src/noIncrementDecrementRule.ts index 284852232..999446190 100644 --- a/src/noIncrementDecrementRule.ts +++ b/src/noIncrementDecrementRule.ts @@ -39,7 +39,7 @@ export class Rule extends Lint.Rules.AbstractRule { public apply(sourceFile: ts.SourceFile): Lint.RuleFailure[] { if (Rule.isWarningShown === false) { console.warn( - 'Warning: no-increment-decrement rule is deprecated. Replace your usage with the TSLint no-increment-decrement rule.' + 'Warning: no-increment-decrement rule is deprecated. Replace your usage with the TSLint increment-decrement rule.' ); Rule.isWarningShown = true; } From f473dadfa07df39232f1723d27198124d439f189 Mon Sep 17 00:00:00 2001 From: Josh Goldberg Date: Tue, 25 Dec 2018 23:06:52 -0500 Subject: [PATCH 5/9] Fixed recommended ruleset and tslint warnings --- recommended_ruleset.js | 2 +- tslint-warnings.csv | 19 ++++++++++++------- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/recommended_ruleset.js b/recommended_ruleset.js index f6e60fbfe..04c759764 100644 --- a/recommended_ruleset.js +++ b/recommended_ruleset.js @@ -8,6 +8,7 @@ module.exports = { * Security Rules. The following rules should be turned on because they find security issues * or are recommended in the Microsoft Secure Development Lifecycle (SDL) */ + 'function-constructor': true, 'insecure-random': true, 'no-banned-terms': true, 'no-cookies': true, @@ -37,7 +38,6 @@ module.exports = { */ 'await-promise': true, 'forin': true, - 'function-constructor': true, 'increment-decrement': true, 'jquery-deferred-must-complete': true, 'label-position': true, diff --git a/tslint-warnings.csv b/tslint-warnings.csv index ee2966e07..282b263d4 100644 --- a/tslint-warnings.csv +++ b/tslint-warnings.csv @@ -27,11 +27,15 @@ file-name-casing,Enforces a consistent file naming convention,TSLINTGCPLQ3,tslin CWE 710 - Coding Standards Violation" forin,Requires a `for ... in` statement to be filtered with an `if` statement.,TSLINTTBFHNF,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" -function-constructor,Prevents using the built-in Function constructor. ,TSLINT7Q9QUS,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,398,"CWE 398 - Indicator of Poor Code Quality" +function-constructor,Prevents using the built-in Function constructor. ,TSLINT7Q9QUS,tslint,SDL,Error,Critical,Mandatory,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"95, 676, 242, 116","CWE 95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') +CWE 676 - Use of Potentially Dangerous Function +CWE 242 - Use of Inherently Dangerous Function +CWE 116 - Improper Encoding or Escaping of Output" function-name,Applies a naming convention to function names and method names,TSLINTN7VHIV,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" import-spacing,Ensures proper spacing between import statement keywords,TSLINTUMSN06,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, -increment-decrement,Enforces using explicit += 1 or -= 1 operators.,TSLINTB4BS9M,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,398,"CWE 398 - Indicator of Poor Code Quality" +increment-decrement,Enforces using explicit += 1 or -= 1 operators.,TSLINTB4BS9M,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality +CWE 710 - Coding Standards Violation" indent,Enforces indentation with tabs or spaces.,TSLINTGKM7CB,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" informative-docs,Enforces that comments do more than just reiterate names of objects.,TSLINT1PL9SJL,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, @@ -268,9 +272,9 @@ react-a11y-no-onchange,"For accessibility of your website, enforce usage of onBl react-a11y-props,Enforce all `aria-*` attributes are valid. Elements cannot use an invalid `aria-*` attribute.,TSLINT1682S78,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, react-a11y-proptypes,Enforce ARIA state and property values are valid.,TSLINT1DLB1JE,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, react-a11y-required,Enforce that required input elements must have aria-required set to true,TSLINTNF1C97,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, -react-a11y-role,"Elements with aria roles must use a **valid**, **non-abstract** aria role.",TSLINTQ0A2FU,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, +react-a11y-role,"Elements with aria roles must use a **valid**, **non-abstract** aria role. A reference to role definitions can be found at [WAI-ARIA roles](https://www.w3.org/TR/wai-aria/roles#role_definitions).",TSLINTQ0A2FU,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, react-a11y-role-has-required-aria-props,Elements with aria roles must have all required attributes according to the role.,TSLINT1R1B60O,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, -react-a11y-role-supports-aria-props,Enforce that elements with explicit or implicit roles defined contain only `aria-*` properties supported by that `role`.,TSLINT1IFADTQ,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, +react-a11y-role-supports-aria-props,"Enforce that elements with explicit or implicit roles defined contain only `aria-*` properties supported by that `role`.Many aria attributes (states and properties) can only be used on elements with particular roles.Some elements have implicit roles, such as ``, which will be resolved to `role='link'`.A reference for the implicit roles can be found at [Default Implicit ARIA Semantics](https://www.w3.org/TR/html-aria/#sec-strong-native-semantics).",TSLINT1IFADTQ,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, react-a11y-tabindex-no-positive,Enforce tabindex value is **not greater than zero**.,TSLINTEO7FKT,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, react-a11y-titles,"For accessibility of your website, HTML title elements must be concise and non-empty.",TSLINT1506S53,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, react-anchor-blank-noopener,Anchor tags with target="_blank" should also include rel="noreferrer",TSLINT1GKPCB4,tslint,SDL,Error,Critical,Mandatory,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"242,676","CWE 242 - Use of Inherently Dangerous Function @@ -292,7 +296,7 @@ return-undefined,Prefer `return;` in void functions and `return undefined;` in v semicolon,Enforces consistent semicolon usage at the end of every statement.,TSLINT1L591RI,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" space-within-parens,Enforces spaces within parentheses or disallow them. Empty parentheses () are always allowed.,TSLINT1E89MLR,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" -strict-boolean-expressions,"Restricts the types allowed in boolean expressions. By default only booleans are allowed. +strict-boolean-expressions,"Restricts the types allowed in boolean expressions. By default only booleans are allowed. The following nodes are checked: * Arguments to the `!`, `&&`, and `||` operators @@ -313,7 +317,8 @@ CWE 710 - Coding Standards Violation" underscore-consistent-invocation,Enforce a consistent usage of the _ functions,TSLINT5C2409,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" unified-signatures,Warns for any two overloads that could be unified into one by using a union or an optional/rest parameter.,TSLINT1I85C1L,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, -unnecessary-bind,Prevents unnecessary and/or misleading scope bindings on functions.,TSLINT1LICM7J,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,398,"CWE 398 - Indicator of Poor Code Quality" +unnecessary-bind,Prevents unnecessary and/or misleading scope bindings on functions.,TSLINT1LICM7J,tslint,Non-SDL,Warning,Warning,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality +CWE 710 - Coding Standards Violation" unnecessary-constructor,"Prevents blank constructors, as they are redundant.",TSLINT38S2K4,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,398,"CWE 398 - Indicator of Poor Code Quality" use-default-type-parameter,Warns if an explicitly specified type argument is the default for that type parameter.,TSLINTLMNGTP,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" use-isnan,Enforces use of the `isNaN()` function to check for NaN references instead of a comparison to the `NaN` constant.,TSLINTPUV7LC,tslint,Non-SDL,Error,Critical,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,398,"CWE 398 - Indicator of Poor Code Quality" @@ -323,4 +328,4 @@ valid-typeof,Ensures that the results of typeof are compared against a valid str variable-name,Checks variable names for various errors.,TSLINT1CIV7K3,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" whitespace,Enforces whitespace style conventions.,TSLINTC35UUS,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality -CWE 710 - Coding Standards Violation" +CWE 710 - Coding Standards Violation" \ No newline at end of file From 2674938160c06cede9dc8efc23f1593ce619ddfc Mon Sep 17 00:00:00 2001 From: Josh Goldberg Date: Tue, 25 Dec 2018 23:11:23 -0500 Subject: [PATCH 6/9] Removed breaking rule changes --- additional_rule_metadata.json | 7 +++++-- recommended_ruleset.js | 2 -- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/additional_rule_metadata.json b/additional_rule_metadata.json index 84b5d6cb2..a3459201f 100644 --- a/additional_rule_metadata.json +++ b/additional_rule_metadata.json @@ -28,6 +28,7 @@ "ban-ts-ignore": { "issueClass": "Ignored", "issueType": "Error", + "recommendation": "false", "severity": "Critical", "level": "Opportunity for Excellence", "group": "Configurable" @@ -54,7 +55,8 @@ "severity": "Low", "level": "Opportunity for Excellence", "group": "Clarity", - "commonWeaknessEnumeration": "398, 710" + "commonWeaknessEnumeration": "398, 710", + "recommendation": "false" }, "curly": { "issueClass": "Non-SDL", @@ -999,7 +1001,8 @@ "severity": "Moderate", "level": "Opportunity for Excellence", "group": "Correctness", - "commonWeaknessEnumeration": "398" + "commonWeaknessEnumeration": "398", + "recommendation": "false" }, "no-duplicate-super": { "issueClass": "Non-SDL", diff --git a/recommended_ruleset.js b/recommended_ruleset.js index 04c759764..02a8422f4 100644 --- a/recommended_ruleset.js +++ b/recommended_ruleset.js @@ -53,7 +53,6 @@ module.exports = { 'no-constant-condition': true, 'no-control-regex': true, 'no-debugger': true, - 'no-default-import': true, 'no-duplicate-super': true, 'no-duplicate-switch-case': true, 'no-duplicate-variable': true, @@ -186,7 +185,6 @@ module.exports = { * Accessibility. The following rules should be turned on to guarantee the best user * experience for keyboard and screen reader users. */ - 'react-a11y-accessible-headings': true, 'react-a11y-anchors': true, 'react-a11y-aria-unsupported-elements': true, 'react-a11y-event-has-role': true, From 63140109fcc7d4709e02108c49c98a4f1a30ef44 Mon Sep 17 00:00:00 2001 From: Josh Goldberg Date: Tue, 25 Dec 2018 23:21:08 -0500 Subject: [PATCH 7/9] Fixed recommendation typos --- additional_rule_metadata.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/additional_rule_metadata.json b/additional_rule_metadata.json index a3459201f..9a3e299b5 100644 --- a/additional_rule_metadata.json +++ b/additional_rule_metadata.json @@ -28,7 +28,7 @@ "ban-ts-ignore": { "issueClass": "Ignored", "issueType": "Error", - "recommendation": "false", + "recommendation": "false,", "severity": "Critical", "level": "Opportunity for Excellence", "group": "Configurable" @@ -56,7 +56,7 @@ "level": "Opportunity for Excellence", "group": "Clarity", "commonWeaknessEnumeration": "398, 710", - "recommendation": "false" + "recommendation": "false," }, "curly": { "issueClass": "Non-SDL", @@ -1002,7 +1002,7 @@ "level": "Opportunity for Excellence", "group": "Correctness", "commonWeaknessEnumeration": "398", - "recommendation": "false" + "recommendation": "false," }, "no-duplicate-super": { "issueClass": "Non-SDL", From b0672b3edf4dc7a35591c73229329e587cf9d0f6 Mon Sep 17 00:00:00 2001 From: Josh Goldberg Date: Wed, 26 Dec 2018 14:09:29 -0500 Subject: [PATCH 8/9] Updated metadata files --- additional_rule_metadata.json | 2 +- recommended_ruleset.js | 6 ++++-- tslint-warnings.csv | 2 +- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/additional_rule_metadata.json b/additional_rule_metadata.json index 9a3e299b5..2fa485b96 100644 --- a/additional_rule_metadata.json +++ b/additional_rule_metadata.json @@ -637,7 +637,7 @@ "unnecessary-bind": { "issueClass": "Non-SDL", "issueType": "Warning", - "severity": "Warning", + "severity": "Important", "level": "Opportunity for Excellence", "group": "Correctness", "commonWeaknessEnumeration": "398, 710" diff --git a/recommended_ruleset.js b/recommended_ruleset.js index 02a8422f4..5b4b2e06c 100644 --- a/recommended_ruleset.js +++ b/recommended_ruleset.js @@ -53,6 +53,7 @@ module.exports = { 'no-constant-condition': true, 'no-control-regex': true, 'no-debugger': true, + 'no-default-import': false, 'no-duplicate-super': true, 'no-duplicate-switch-case': true, 'no-duplicate-variable': true, @@ -115,7 +116,7 @@ module.exports = { 'chai-vague-errors': true, 'class-name': true, 'comment-format': true, - 'comment-type': true, + 'comment-type': false, 'completed-docs': [true, 'classes'], 'export-name': true, 'file-name-casing': true, @@ -185,6 +186,7 @@ module.exports = { * Accessibility. The following rules should be turned on to guarantee the best user * experience for keyboard and screen reader users. */ + 'react-a11y-accessible-headings': false, 'react-a11y-anchors': true, 'react-a11y-aria-unsupported-elements': true, 'react-a11y-event-has-role': true, @@ -237,7 +239,7 @@ module.exports = { * Controversial/Configurable rules. */ 'ban': false, // only enable this if you have some code pattern that you want to ban - 'ban-ts-ignore': true, + 'ban-ts-ignore': false, 'ban-types': true, 'cyclomatic-complexity': true, 'deprecation': false, // deprecated APIs are sometimes unavoidable diff --git a/tslint-warnings.csv b/tslint-warnings.csv index 282b263d4..a99f4db3e 100644 --- a/tslint-warnings.csv +++ b/tslint-warnings.csv @@ -317,7 +317,7 @@ CWE 710 - Coding Standards Violation" underscore-consistent-invocation,Enforce a consistent usage of the _ functions,TSLINT5C2409,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" unified-signatures,Warns for any two overloads that could be unified into one by using a union or an optional/rest parameter.,TSLINT1I85C1L,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,, -unnecessary-bind,Prevents unnecessary and/or misleading scope bindings on functions.,TSLINT1LICM7J,tslint,Non-SDL,Warning,Warning,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality +unnecessary-bind,Prevents unnecessary and/or misleading scope bindings on functions.,TSLINT1LICM7J,tslint,Non-SDL,Warning,Important,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,"398, 710","CWE 398 - Indicator of Poor Code Quality CWE 710 - Coding Standards Violation" unnecessary-constructor,"Prevents blank constructors, as they are redundant.",TSLINT38S2K4,tslint,Non-SDL,Warning,Moderate,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,398,"CWE 398 - Indicator of Poor Code Quality" use-default-type-parameter,Warns if an explicitly specified type argument is the default for that type parameter.,TSLINTLMNGTP,tslint,Non-SDL,Warning,Low,Opportunity for Excellence,See description on the tslint or tslint-microsoft-contrib website,TSLint Procedure,710,"CWE 710 - Coding Standards Violation" From 5bff9dfb2354df1e301af7e02d5fa2e257c5ab3e Mon Sep 17 00:00:00 2001 From: Josh Goldberg Date: Thu, 27 Dec 2018 09:57:29 -0500 Subject: [PATCH 9/9] Reverted react-a11y-accessible-headings line --- recommended_ruleset.js | 1 - 1 file changed, 1 deletion(-) diff --git a/recommended_ruleset.js b/recommended_ruleset.js index 5b4b2e06c..54c10a04b 100644 --- a/recommended_ruleset.js +++ b/recommended_ruleset.js @@ -186,7 +186,6 @@ module.exports = { * Accessibility. The following rules should be turned on to guarantee the best user * experience for keyboard and screen reader users. */ - 'react-a11y-accessible-headings': false, 'react-a11y-anchors': true, 'react-a11y-aria-unsupported-elements': true, 'react-a11y-event-has-role': true,