new security rule: detect-child-process

[HamletDRC]

https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-child-process.js

[jasperdanan]

I'd like to help, how can I contribute @JoshuaKGoldberg ?

I assume it's an implementation of an ESLint functionality to TSLint?

[JoshuaKGoldberg]

Heya @jasperdanan, glad to have you contribute!

Correct. The eslint-plugin-security rule looks good and we'd like to have an equivalent in tslint-microsoft-contrib so that TSLint users can get the same rule benefits.

This isn't quite a copy & paste job, since the ASTs for ESLint and TSLint are different, but the functionality should be about the same.

Is that enough info to go off of?

[jasperdanan]

Yep!
I'll try figuring out the code first.

Though I'm wondering if this https://github.com/Microsoft/tslint-microsoft-contrib/blob/master/src/nonLiteralRequireRule.ts is an implimentatiion of https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-non-literal-require.js ?

Just so I can draw a parallel between the two Linter rules.

Where should I put the new rule? Under/src/ ?

[JoshuaKGoldberg]

if this https://github.com/Microsoft/tslint-microsoft-contrib/blob/master/src/nonLiteralRequireRule.ts is an implimentatiion of https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-non-literal-require.js

Yup, that's correct. It looks like ours is checking for arrays passed to require, but otherwise they're roughly the same.

Where should I put the new rule? Under/src/ ?

Yup! #543 is a good example of what you'll want to add:

• New rule under src/
• Corresponding new test file under src/tests
• New entry in README.md describing the rule
• New line in tslint.json enabling the rule locally

The recommended_ruleset.js and tslint-warnings.csv should be auto-generated by some tasks within grunt all once you have a passing build.

Let me know if that's not the right or not enough information to go off of!