// Require Internal Dependencies import { parseScript, getSastAnalysis, getWarningOnAnalysisResult } from "../utils/index.js"; import isUnsafeCallee from "../../src/probes/isUnsafeCallee.js"; // Require Third-party dependencies import test from "tape"; // Require Node.js Dependencies import { dirname, join } from "path"; import { fileURLToPath } from "url"; import { readFileSync } from "fs"; const __dirname = dirname(fileURLToPath(import.meta.url)); const FIXTURE_PATH = join(__dirname, "fixtures/unsafeCallee"); const warningUnsafeStmt = "unsafe-stmt"; test("should detect eval", (tape) => { const str = readFileSync(join(FIXTURE_PATH, "1-unsafeCallee.js"), "utf-8"); const ast = parseScript(str); const analysis = getSastAnalysis(str, ast.body, isUnsafeCallee); const result = getWarningOnAnalysisResult(analysis, warningUnsafeStmt); tape.equal(result.kind, warningUnsafeStmt); tape.equal(result.value, "eval"); tape.end(); }); test("should detect Function", (tape) => { const str = readFileSync(join(FIXTURE_PATH, "2-unsafeCallee.js"), "utf-8"); const ast = parseScript(str); const analysis = getSastAnalysis(str, ast.body, isUnsafeCallee); const result = getWarningOnAnalysisResult(analysis, warningUnsafeStmt); tape.equal(result.kind, warningUnsafeStmt); tape.equal(result.value, "Function"); tape.end(); }); test("should not detect Function", (tape) => { const str = readFileSync(join(FIXTURE_PATH, "3-unsafeCallee.js"), "utf-8"); const ast = parseScript(str); const analysis = getSastAnalysis(str, ast.body, isUnsafeCallee); const result = getWarningOnAnalysisResult(analysis, warningUnsafeStmt); tape.equal(result, undefined); tape.end(); });