/
no-new-func.js
85 lines (68 loc) · 2.86 KB
/
no-new-func.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
/**
* @fileoverview Rule to flag when using new Function
* @author Ilya Volodin
*/
"use strict";
//------------------------------------------------------------------------------
// Requirements
//------------------------------------------------------------------------------
const astUtils = require("./utils/ast-utils");
//------------------------------------------------------------------------------
// Helpers
//------------------------------------------------------------------------------
const callMethods = new Set(["apply", "bind", "call"]);
//------------------------------------------------------------------------------
// Rule Definition
//------------------------------------------------------------------------------
module.exports = {
meta: {
type: "suggestion",
docs: {
description: "disallow `new` operators with the `Function` object",
recommended: false,
url: "https://eslint.org/docs/rules/no-new-func"
},
schema: [],
messages: {
noFunctionConstructor: "The Function constructor is eval."
}
},
create(context) {
return {
"Program:exit"() {
const globalScope = context.getScope();
const variable = globalScope.set.get("Function");
if (variable && variable.defs.length === 0) {
variable.references.forEach(ref => {
const node = ref.identifier;
const { parent } = node;
let evalNode;
if (parent) {
if (node === parent.callee && (
parent.type === "NewExpression" ||
parent.type === "CallExpression"
)) {
evalNode = parent;
} else if (
parent.type === "MemberExpression" &&
node === parent.object &&
callMethods.has(astUtils.getStaticPropertyName(parent))
) {
const maybeCallee = parent.parent.type === "ChainExpression" ? parent.parent : parent;
if (maybeCallee.parent.type === "CallExpression" && maybeCallee.parent.callee === maybeCallee) {
evalNode = maybeCallee.parent;
}
}
}
if (evalNode) {
context.report({
node: evalNode,
messageId: "noFunctionConstructor"
});
}
});
}
}
};
}
};