Comments (5)
From v1.16.0 each rule contains a property metadata
, e.g. https://github.com/webschik/tslint-config-security/blob/master/src/rules/tsrDetectBufferNoassertRule.ts#L39
from tslint-config-security.
I don't see the "descriptionDetails" property or "description" property.
What I get in normal output is:
I thought that I will have this in the JSON output but I don't:
[
{
"endPosition":{
"character":40,
"line":11,
"position":307
},
"failure":"eval with argument of type BinaryExpression",
"name":"test/fixtures/typescript/vulnerable.js",
"ruleName":"tsr-detect-eval-with-expression",
"ruleSeverity":"ERROR",
"startPosition":{
"character":9,
"line":11,
"position":276
}
},
{
"endPosition":{
"character":11,
"line":17,
"position":465
},
"failure":"Found fs.open with non-literal argument at index 0",
"name":"test/fixtures/typescript/vulnerable.js",
"ruleName":"tsr-detect-non-literal-fs-filename",
"ruleSeverity":"ERROR",
"startPosition":{
"character":4,
"line":17,
"position":458
}
},
{
"endPosition":{
"character":58,
"line":5,
"position":172
},
"failure":"Found possible SQL injection",
"name":"test/fixtures/typescript/vulnerable.js",
"ruleName":"tsr-detect-sql-literal-injection",
"ruleSeverity":"ERROR",
"startPosition":{
"character":16,
"line":5,
"position":130
}
}
]
Where do I access and see that data?
from tslint-config-security.
Hi @MVrachev ,
My mistake, metadata
property is used only to generate documentation - https://palantir.github.io/tslint/develop/docs/
To the JSON output https://palantir.github.io/tslint/formatters/json/ I can pass only a failure
string or the fix
object (TSLint API)
from tslint-config-security.
So, that means that still, we can't access the "descriptionDetails" property from the command line?
One solution I think will be to pass "descriptionDetails" string into the failure string.
from tslint-config-security.
Yes
from tslint-config-security.
Related Issues (19)
- tsr-detect-non-literal-fs-filename: TypeError when Linted Function Name Exists on Object.prototype HOT 2
- Commit c5e22f78e9c5a3b70c88e20d1f5600b0c290ea01 moves typescript to devDependency but it's used as a dependency HOT 1
- Question: Is disabling linter rules for one file or a line of code possible? HOT 1
- tsr-detect-non-literal-fs-filename gets triggered when __dirname is used HOT 2
- What is the future of the plugin? HOT 3
- Can I use this plugin to scan Javascript?
- [New Feature] Confidence level for the issues HOT 4
- missing dependency on tslib and typescript in package json HOT 1
- [New feature] Add documentation webpage for every rule
- [New feature] Rule for hardcoded credentials
- Publish Version 2.0 HOT 1
- Please support typescript v4
- [bug] tsr-detect-html-injection false positives HOT 1
- TypeScript 3.x Support HOT 1
- [bug] tsr-detect-non-literal-fs-filename false positives HOT 1
- Typescript 3.x Support HOT 1
- Automatic Git hook installation is confusing and breaks Git related tooling. HOT 3
- Commit c5e22f78e9c5a3b70c88e20d1f5600b0c290ea01 did remove dependency on tslib but it is still needed HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tslint-config-security.