- part of https://github.com/oxc-project/oxc/issues/5416
This pull request includes significant improvements to the `no_hex_escape` rule in the `oxc_linter` crate. The changes enhance the detection and replacement of hexadecimal escapes within regular expressions by introducing a more comprehensive AST traversal.
- Implemented a new `visit_terms` function and its helper functions to traverse the regex AST and apply checks on individual terms.
- Introduced the `check_character` function to replace hexadecimal escapes with Unicode escapes within regex patterns.
- Updated snapshots to reflect the new diagnostic messages and replacements for hexadecimal escapes in regex patterns.
- part of https://github.com/oxc-project/oxc/issues/5416
Uses the parsed regular expression patterns for detecting empty character classes. This is more robust than the handwritten pattern matching from before and allows us to provide more accurate diagnostics and actually point to the empty character class in the literal.
## What This PR does
Adds a new `oxc-security/api-key` rule that scans for hard-coded API keys.
It is broken up into "secret rules", where each one is responsible for finding a different kind of key. It is architecturally identical to how lint rules themselves. This PR also includes the first of these rules, for AWS access key IDs.
Logic and rules are based on [keyhunter](https://github.com/Donisaac/keyhunter). I've licensed that repo under GNU GPLv3, but it's my code and I can do what I want with it 😈 (read: I'm fine with it being MIT for oxc).
This PR is a complete feature in its own right, but does not represent the end of this work. See https://github.com/oxc-project/backlog/issues/116 to track overall progress.
- part of https://github.com/oxc-project/oxc/issues/5416
Replaces the handwritten regex parsing logic with the `oxc_regular_expression` parser, which should be more accurate and enables support for unicode sets.
- part of https://github.com/oxc-project/oxc/issues/5416
Use the `oxc_regular_expression` parser to make these checks more robust. a few snapshots are updated because they now output more accurate diagnostics based on the regex AST. for example, `/ ?/` now correctly only highlights two spaces rather than three (because the last one is part of a quantifier)
- part of https://github.com/oxc-project/oxc/issues/5416
This change enhances the accuracy of the `prefer_string_starts_ends_with` rule by using the parsed regex patterns for analysis. It allows for more precise detection of patterns that can be replaced with `startsWith()` and `endsWith()` methods, reducing false positives and improving the overall effectiveness of the linter.
### What changed?
- Replaced the simple string-based regex analysis with a more robust AST-based approach.
- Removed the `is_simple_string` function as it's no longer needed.
Fix tiny bug in arrow function transform.
Similar to #5828 - cannot assume that other transforms haven't altered AST between `enter_*` and `exit_*`. In this case, pushing/popping to the stack cannot depend on `func.body.is_some()`, as that could change in between `enter_function` and `exit_function`.
I initially added `inside_arrow_function_stack` as we haven't got `TraverseCtx` in `Transformer`. Now we can use `ctx.current_scope_flags().is_arrow()` directly instead
- part of https://github.com/oxc-project/oxc/issues/479
The bulk of this rule is closely based on the logic from the original ESLint rule. One major difference between this implementation and the original though is the lack of a tokenizer. ESLint uses a proper tokenizer to find identifers, parentheses, brackets, and other tokens. For this rule, I opted to just manually search for the characters we might expect to find. I'm not sure how this will hold up in the real world, I expect it could lead to some missing cases potentially, but it at least works for all of the given test cases.
