Add docs urls to rules

lib/rules/detect-absence-of-name-option-in-exrpress-session.js

@@ -3,6 +3,8 @@
  * @author Gkouziik
  */
 'use strict'
+const { getDocsUrl } = require('../utils')
+
 module.exports = {
   meta: {
     type: 'suggestion',
@@ -12,7 +14,8 @@ module.exports = {
     docs: {
       description: 'Detect the absence of name option in express session',
       category: 'Possible Errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('detect-absence-of-name-option-in-exrpress-session')
     },
     fixable: null
   },

lib/rules/detect-buffer-unsafe-allocation.js

@@ -4,6 +4,7 @@
  */
 
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -14,7 +15,8 @@ module.exports = {
     docs: {
       description: 'Buffer.allocUnsafe(size) is not safe and should not be used',
       category: 'Possible Errors',
-      recommended: false
+      recommended: false,
+      url: getDocsUrl('detect-buffer-unsafe-allocation')
     },
     fixable: 'null'
   },

lib/rules/detect-child-process.js

@@ -4,6 +4,7 @@
  */
 
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -16,7 +17,8 @@ module.exports = {
     docs: {
       description: 'detect exec with non Literal argument',
       category: 'possible errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('detect-child-process')
     },
     fixable: null
   },

lib/rules/detect-crlf.js

@@ -3,6 +3,7 @@
  * @author Gkouziik
  */
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -13,7 +14,8 @@ module.exports = {
     docs: {
       description: 'detect log forging attack ',
       category: 'Possible Errors',
-      recommended: false
+      recommended: false,
+      url: getDocsUrl('detect-crlf')
     },
     fixable: null
   },

lib/rules/detect-dangerous-redirects.js

@@ -4,6 +4,7 @@
  */
 
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -14,7 +15,8 @@ module.exports = {
     docs: {
       description: 'detect dangerous redirects',
       category: 'Possible Errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('detect-dangerous-redirects')
     },
     fixable: null
   },

lib/rules/detect-eval-with-expr.js

@@ -3,6 +3,7 @@
  * @author Gkouziik
  */
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -13,7 +14,8 @@ module.exports = {
     docs: {
       description: 'detect eval with string concatenation',
       category: 'Possible Errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('detect-eval-with-expr')
     },
     fixable: null
   },

lib/rules/detect-html-injection.js

@@ -4,6 +4,7 @@
  */
 
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -14,7 +15,8 @@ module.exports = {
     docs: {
       description: 'Detect html injection',
       category: 'Possible Errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('detect-html-injection')
     },
     fixable: null
   },

lib/rules/detect-insecure-randomness.js

@@ -4,6 +4,7 @@
  */
 
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -14,7 +15,8 @@ module.exports = {
     docs: {
       description: 'detect insecure randomness via Math.random()',
       category: 'Possible Errros',
-      recommended: false
+      recommended: false,
+      url: getDocsUrl('detect-insecure-randomness')
     },
     fixable: null
   },

lib/rules/detect-non-literal-require-calls.js

@@ -3,6 +3,7 @@
  * @author gkouziik
  */
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -13,7 +14,8 @@ module.exports = {
     docs: {
       description: 'Non literal require calls may cause an attack',
       category: 'Possible Errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('detect-non-literal-require-calls')
     },
     fixable: null
   },

lib/rules/detect-nosql-injection.js

@@ -4,6 +4,7 @@
  */
 
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -14,7 +15,8 @@ module.exports = {
     docs: {
       description: 'detect NOsql injection',
       category: 'Possible Errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('detect-nosql-injection')
     },
     fixable: null
 

lib/rules/detect-option-multiplestatements-in-mysql.js

@@ -3,6 +3,7 @@
  * @author Gkouziik
  */
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -13,7 +14,8 @@ module.exports = {
     docs: {
       description: 'detect option mulitpleStatements:true in createConnection method of mysql',
       category: 'Possible Errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('detect-option-multiplestatements-in-mysql')
     },
     fixable: null
   },

lib/rules/detect-option-rejectunauthorized-in-nodejs-httpsrequest.js

@@ -3,6 +3,7 @@
  * @author Gkouziik
  */
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -13,7 +14,8 @@ module.exports = {
     docs: {
       description: 'detect option rejectUnauthorized:false in Nodejs https request method',
       category: 'possible errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('detect-option-rejectunauthorized-in-nodejs-httpsrequest')
     },
     fixable: null
   },

lib/rules/detect-option-unsafe-in-serialize-javascript-npm-package.js

@@ -3,6 +3,7 @@
  * @author Gkouziik
  */
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -13,7 +14,8 @@ module.exports = {
     docs: {
       description: 'detect opion:unsafe in serialize method in serialize-javasript npm package',
       category: 'Possible errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('detect-option-unsafe-in-serialize-javascript-npm-package')
     },
     fixable: null
   },

lib/rules/detect-possible-timing-attacks.js

@@ -3,6 +3,7 @@
  * @author gkouziik
  */
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -14,7 +15,8 @@ module.exports = {
     docs: {
       description: 'detect possible timing attacks',
       category: 'Possible Errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('detect-possible-timing-attacks')
     },
     fixable: null
 

lib/rules/detect-runinthiscontext-method-in-nodes-vm.js

@@ -4,6 +4,7 @@
  */
 
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -14,7 +15,8 @@ module.exports = {
     docs: {
       description: 'detect vm.runInThisContext() method in nodes vm with non Literal argument',
       category: 'Possible Errors',
-      recommended: false
+      recommended: false,
+      url: getDocsUrl('detect-runinthiscontext-method-in-nodes-vm')
     },
     fixable: 'null'
   },

lib/rules/detect-security-missconfiguration-cookie.js

@@ -4,6 +4,7 @@
  */
 
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -14,7 +15,8 @@ module.exports = {
     docs: {
       description: 'detect security missconfiguration in express cookie',
       category: 'Possible Errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('detect-security-missconfiguration-cookie')
     },
     fixable: null
   },

lib/rules/detect-sql-injection.js

@@ -3,6 +3,7 @@
  * @author Gkouziik
  */
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -13,7 +14,8 @@ module.exports = {
     docs: {
       description: 'detect SQL injection',
       category: 'Possible Errors',
-      recommended: false
+      recommended: false,
+      url: getDocsUrl('detect-sql-injection')
     },
     fixable: null
   },

lib/rules/disable-ssl-across-node-server.js

@@ -3,6 +3,7 @@
  * @author Gkouziik
  */
 'use strict'
+const { getDocsUrl } = require('../utils')
 
 module.exports = {
   meta: {
@@ -13,7 +14,8 @@ module.exports = {
     docs: {
       description: "process.env.NODE_TLS_REJECT_UNAUTHORIZED='0' disables SSL across node server!",
       category: 'Possible Errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('disable-ssl-across-node-server')
     },
     fixable: null
   },

lib/rules/non-literal-reg-expr.js

@@ -3,6 +3,8 @@
  * @author Gkouziik
  */
 'use strict'
+const { getDocsUrl } = require('../utils')
+
 module.exports = {
   meta: {
     type: 'suggestion',
@@ -12,7 +14,8 @@ module.exports = {
     docs: {
       description: 'Non literal regural expressions may cause possible attack',
       category: 'Possible Errors',
-      recommended: true
+      recommended: true,
+      url: getDocsUrl('non-literal-reg-expr')
     },
     fixable: null
   },

lib/utils.js

@@ -0,0 +1,7 @@
+function getDocsUrl (ruleName) {
+  return 'https://github.com/gkouziik/eslint-plugin-security-node/blob/master/docs/rules/' + ruleName + '.md'
+}
+
+module.exports = {
+  getDocsUrl
+}