Skip to content

Commit fdfe37d

Browse files
ota-meshiota-meshi
authored
fix(detect-child-process): false positives for destructuring spawn (#103)
1 parent 263bed9 commit fdfe37d

File tree

2 files changed

+22
-11
lines changed

2 files changed

+22
-11
lines changed

rules/detect-child-process.js

+9-3
Original file line numberDiff line numberDiff line change
@@ -47,12 +47,18 @@ module.exports = {
4747
if (node.callee.name === 'require') {
4848
const args = node.arguments[0];
4949
if (args && args.type === 'Literal' && args.value === 'child_process') {
50+
let pattern;
5051
if (node.parent.type === 'VariableDeclarator') {
51-
extractChildProcessIdentifiers(node.parent.id);
52+
pattern = node.parent.id;
5253
} else if (node.parent.type === 'AssignmentExpression' && node.parent.operator === '=') {
53-
extractChildProcessIdentifiers(node.parent.left);
54+
pattern = node.parent.left;
55+
}
56+
if (pattern) {
57+
extractChildProcessIdentifiers(pattern);
58+
}
59+
if (!pattern || pattern.type === 'Identifier') {
60+
return context.report({ node: node, message: 'Found require("child_process")' });
5461
}
55-
return context.report({ node: node, message: 'Found require("child_process")' });
5662
}
5763
}
5864
},

test/detect-child-process.js

+13-8
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,19 @@ const ruleName = 'detect-child-process';
77
const rule = require(`../rules/${ruleName}`);
88

99
tester.run(ruleName, rule, {
10-
valid: ["child_process.exec('ls')"],
10+
valid: [
11+
"child_process.exec('ls')",
12+
{
13+
code: `
14+
var {} = require('child_process');
15+
var result = /hello/.exec(str);`,
16+
parserOptions: { ecmaVersion: 6 },
17+
},
18+
{
19+
code: "var { spawn } = require('child_process'); spawn(str);",
20+
parserOptions: { ecmaVersion: 6 },
21+
},
22+
],
1123
invalid: [
1224
{
1325
code: "require('child_process')",
@@ -25,13 +37,6 @@ tester.run(ruleName, rule, {
2537
code: "var child = sinon.stub(require('child_process')); child.exec.returns({});",
2638
errors: [{ message: 'Found require("child_process")' }],
2739
},
28-
{
29-
code: `
30-
var {} = require('child_process');
31-
var result = /hello/.exec(str);`,
32-
parserOptions: { ecmaVersion: 6 },
33-
errors: [{ message: 'Found require("child_process")', line: 2 }],
34-
},
3540
{
3641
code: `
3742
var foo = require('child_process');

0 commit comments

Comments
 (0)