eslint-community
diff --git a/‎package-lock.json
+922-1,451 b/‎package-lock.json
+922-1,451
diff --git a/‎package.json
+2-1 b/‎package.json
+2-1
diff --git a/‎rules/detect-buffer-noassert.js
+51-51 b/‎rules/detect-buffer-noassert.js
+51-51
diff --git a/‎rules/detect-child-process.js
+27-26 b/‎rules/detect-child-process.js
+27-26
diff --git a/‎rules/detect-disable-mustache-escape.js
+14-12 b/‎rules/detect-disable-mustache-escape.js
+14-12
diff --git a/‎rules/detect-eval-with-expression.js
+9-9 b/‎rules/detect-eval-with-expression.js
+9-9
diff --git a/‎rules/detect-new-buffer.js
+14-12 b/‎rules/detect-new-buffer.js
+14-12
diff --git a/‎rules/detect-no-csrf-before-method-override.js
+24-24 b/‎rules/detect-no-csrf-before-method-override.js
+24-24
@@ -7,6 +7,7 @@
     "changelog": "changelog eslint-plugin-security all > CHANGELOG.md",
     "test": "npx mocha test/**/*",
     "lint": "npx eslint .",
+    "lint:fix": "npx eslint --fix .",
     "cont-int": "npm test && npm run-script lint"
   },
   "repository": {
@@ -29,7 +30,7 @@
   },
   "devDependencies": {
     "changelog": "1.3.0",
-    "eslint": "^2.10.1",
+    "eslint": "^8.11.0",
     "eslint-config-nodesecurity": "^1.3.1",
     "mocha": "^9.2.2"
   }
 
@@ -1,69 +1,69 @@
 /**
  * Tries to detect buffer read / write calls that use noAssert set to true
- * @author Adam Baldwin 
+ * @author Adam Baldwin
  */
 
+'use strict';
+
 //------------------------------------------------------------------------------
 // Rule Definition
 //------------------------------------------------------------------------------
 
-var names = [];
+const names = [];
 
 module.exports = function(context) {
 
-    "use strict";
+  const read = [
+    'readUInt8',
+    'readUInt16LE',
+    'readUInt16BE',
+    'readUInt32LE',
+    'readUInt32BE',
+    'readInt8',
+    'readInt16LE',
+    'readInt16BE',
+    'readInt32LE',
+    'readInt32BE',
+    'readFloatLE',
+    'readFloatBE',
+    'readDoubleL',
+    'readDoubleBE'
+  ];
 
-    var read = [
-        "readUInt8",
-        "readUInt16LE",
-        "readUInt16BE",
-        "readUInt32LE",
-        "readUInt32BE",
-        "readInt8",
-        "readInt16LE",
-        "readInt16BE",
-        "readInt32LE",
-        "readInt32BE",
-        "readFloatLE",
-        "readFloatBE",
-        "readDoubleL",
-        "readDoubleBE"
-    ];
+  const write = [
+    'writeUInt8',
+    'writeUInt16LE',
+    'writeUInt16BE',
+    'writeUInt32LE',
+    'writeUInt32BE',
+    'writeInt8',
+    'writeInt16LE',
+    'writeInt16BE',
+    'writeInt32LE',
+    'writeInt32BE',
+    'writeFloatLE',
+    'writeFloatBE',
+    'writeDoubleLE',
+    'writeDoubleBE'
+  ];
 
-    var write = [
-        "writeUInt8",
-        "writeUInt16LE",
-        "writeUInt16BE",
-        "writeUInt32LE",
-        "writeUInt32BE",
-        "writeInt8",
-        "writeInt16LE",
-        "writeInt16BE",
-        "writeInt32LE",
-        "writeInt32BE",
-        "writeFloatLE",
-        "writeFloatBE",
-        "writeDoubleLE",
-        "writeDoubleBE"
-    ];
+  return {
+    'MemberExpression': function (node) {
+      let index;
+      if (read.indexOf(node.property.name) !== -1) {
+        index = 1;
+      }
+      else if (write.indexOf(node.property.name) !== -1) {
+        index = 2;
+      }
 
-    return {
-        "MemberExpression": function (node) {
-            var index;
-            if (read.indexOf(node.property.name) !== -1) {
-                index = 1;
-            } else if (write.indexOf(node.property.name) !== -1) {
-                index = 2;
-            }
+      if (index && node.parent && node.parent.arguments && node.parent.arguments[index] &&  node.parent.arguments[index].value) {
+        const token = context.getTokens(node)[0];
+        return context.report(node, `Found Buffer.${  node.property.name  } with noAssert flag set true`);
 
-            if (index && node.parent && node.parent.arguments && node.parent.arguments[index] &&  node.parent.arguments[index].value) {
-                var token = context.getTokens(node)[0];
-                return context.report(node, 'Found Buffer.' + node.property.name + ' with noAssert flag set true');
-                
-            }
-        }
+      }
+    }
 
-    };
+  };
 
 };
-
@@ -3,40 +3,41 @@
  * @author Adam Baldwin
  */
 
+'use strict';
+
 //------------------------------------------------------------------------------
 // Rule Definition
 //------------------------------------------------------------------------------
 
-var names = [];
+const names = [];
 
 module.exports = function(context) {
 
-    "use strict";
-
-    return {
-        "CallExpression": function (node) {
-            var token = context.getTokens(node)[0];
-            if (node.callee.name === 'require') {
-                var args = node.arguments[0];
-                if (args && args.type === 'Literal' && args.value === 'child_process') {
-                    if (node.parent.type === 'VariableDeclarator') {
-                        names.push(node.parent.id.name);
-                    } else if (node.parent.type === 'AssignmentExpression' && node.parent.operator === '=') {
-                        names.push(node.parent.left.name);
-                    }
-                    return context.report(node, 'Found require("child_process")');
-                }
-            }
-        },
-        "MemberExpression": function (node) {
-            var token = context.getTokens(node)[0];
-            if (node.property.name === 'exec' && names.indexOf(node.object.name) > -1) {
-                if (node.parent && node.parent.arguments  && node.parent.arguments[0].type !== 'Literal') {
-                    return context.report(node, 'Found child_process.exec() with non Literal first argument');
-                }
-            }
+  return {
+    'CallExpression': function (node) {
+      const token = context.getTokens(node)[0];
+      if (node.callee.name === 'require') {
+        const args = node.arguments[0];
+        if (args && args.type === 'Literal' && args.value === 'child_process') {
+          if (node.parent.type === 'VariableDeclarator') {
+            names.push(node.parent.id.name);
+          }
+          else if (node.parent.type === 'AssignmentExpression' && node.parent.operator === '=') {
+            names.push(node.parent.left.name);
+          }
+          return context.report(node, 'Found require("child_process")');
+        }
+      }
+    },
+    'MemberExpression': function (node) {
+      const token = context.getTokens(node)[0];
+      if (node.property.name === 'exec' && names.indexOf(node.object.name) > -1) {
+        if (node.parent && node.parent.arguments  && node.parent.arguments[0].type !== 'Literal') {
+          return context.report(node, 'Found child_process.exec() with non Literal first argument');
         }
+      }
+    }
 
-    };
+  };
 
 };
@@ -1,18 +1,20 @@
+
+'use strict';
+
 module.exports = function(context) {
 
-    "use strict";
-    return {
-        "AssignmentExpression": function(node) {
-            if (node.operator === '=') {
-                if (node.left.property) {
-                    if (node.left.property.name == 'escapeMarkup') {
-                        if (node.right.value == false) {
-                            context.report(node, 'Markup escaping disabled.')
-                        }
-                    }
-                }
+  return {
+    'AssignmentExpression': function(node) {
+      if (node.operator === '=') {
+        if (node.left.property) {
+          if (node.left.property.name === 'escapeMarkup') {
+            if (node.right.value === false) {
+              context.report(node, 'Markup escaping disabled.');
             }
+          }
         }
+      }
     }
+  };
 
-}
+};
@@ -3,19 +3,19 @@
  * @author Adam Baldwin
  */
 
+'use strict';
+
 //------------------------------------------------------------------------------
 // Rule Definition
 //------------------------------------------------------------------------------
 
 module.exports = function(context) {
 
-    "use strict";
-
-    return {
-        "CallExpression": function(node) {
-            if (node.callee.name === "eval" && node.arguments[0].type !== 'Literal') {
-                context.report(node, "eval with argument of type " + node.arguments[0].type);
-            }
-        }
-    };
+  return {
+    'CallExpression': function(node) {
+      if (node.callee.name === 'eval' && node.arguments[0].type !== 'Literal') {
+        context.report(node, `eval with argument of type ${  node.arguments[0].type}`);
+      }
+    }
+  };
 };
@@ -1,19 +1,21 @@
+'use strict';
+
+
 module.exports = function (context) {
-    // Detects instances of new Buffer(argument)
-    // where argument is any non literal value.
-    return {
-      "NewExpression": function (node) {
-        if (node.callee.name === 'Buffer' &&
+  // Detects instances of new Buffer(argument)
+  // where argument is any non literal value.
+  return {
+    'NewExpression': function (node) {
+      if (node.callee.name === 'Buffer' &&
           node.arguments[0] &&
-          node.arguments[0].type != 'Literal') {
-
-          return context.report(node, "Found new Buffer");
-        }
+          node.arguments[0].type !== 'Literal') {
 
+        return context.report(node, 'Found new Buffer');
+      }
 
 
-      }
-    };
 
-}
+    }
+  };
 
+};
@@ -3,37 +3,37 @@
  * @author Adam Baldwin
  */
 
+'use strict';
+
 //------------------------------------------------------------------------------
 // Rule Definition
 //------------------------------------------------------------------------------
 
 
 module.exports = function(context) {
 
-    "use strict";
-    var csrf = false;
-
-    return {
-        "CallExpression": function(node) {
-            var token = context.getTokens(node)[0],
-                nodeType = token.type,
-                nodeValue = token.value;
-
-            if (nodeValue === "express") {
-                if (!node.callee || !node.callee.property) {
-                    return;
-                }
-
-                if (node.callee.property.name === "methodOverride" && csrf) {
-                    context.report(node, "express.csrf() middleware found before express.methodOverride()");
-                }
-                if (node.callee.property.name === "csrf") {
-                    // Keep track of found CSRF
-                    csrf = true;
-                }
-            }
+  let csrf = false;
+
+  return {
+    'CallExpression': function(node) {
+      const token = context.getTokens(node)[0];
+      const nodeType = token.type;
+      const nodeValue = token.value;
+
+      if (nodeValue === 'express') {
+        if (!node.callee || !node.callee.property) {
+          return;
         }
-    };
 
-};
+        if (node.callee.property.name === 'methodOverride' && csrf) {
+          context.report(node, 'express.csrf() middleware found before express.methodOverride()');
+        }
+        if (node.callee.property.name === 'csrf') {
+          // Keep track of found CSRF
+          csrf = true;
+        }
+      }
+    }
+  };
 
+};