codtracker-js/node_modules/eslint/lib/rules/no-new-func.js

/**
 * @fileoverview Rule to flag when using new Function
 * @author Ilya Volodin
 */

'use strict';

//------------------------------------------------------------------------------
// Requirements
//------------------------------------------------------------------------------

const astUtils = require('./utils/ast-utils');

//------------------------------------------------------------------------------
// Helpers
//------------------------------------------------------------------------------

const callMethods = new Set(['apply', 'bind', 'call']);

//------------------------------------------------------------------------------
// Rule Definition
//------------------------------------------------------------------------------

/** @type {import('../types').Rule.RuleModule} */
module.exports = {
  meta: {
    type: 'suggestion',

    docs: {
      description: 'Disallow `new` operators with the `Function` object',
      recommended: false,
      url: 'https://eslint.org/docs/latest/rules/no-new-func',
    },

    schema: [],

    messages: {
      noFunctionConstructor: 'The Function constructor is eval.',
    },
  },

  create(context) {
    const sourceCode = context.sourceCode;

    return {
      'Program:exit'(node) {
        const globalScope = sourceCode.getScope(node);
        const variable = globalScope.set.get('Function');

        if (variable && variable.defs.length === 0) {
          variable.references.forEach((ref) => {
            const idNode = ref.identifier;
            const { parent } = idNode;
            let evalNode;

            if (parent) {
              if (
                idNode === parent.callee &&
                (parent.type === 'NewExpression' ||
                  parent.type === 'CallExpression')
              ) {
                evalNode = parent;
              } else if (
                parent.type === 'MemberExpression' &&
                idNode === parent.object &&
                callMethods.has(astUtils.getStaticPropertyName(parent))
              ) {
                const maybeCallee =
                  parent.parent.type === 'ChainExpression' ?
                    parent.parent
                  : parent;

                if (
                  maybeCallee.parent.type === 'CallExpression' &&
                  maybeCallee.parent.callee === maybeCallee
                ) {
                  evalNode = maybeCallee.parent;
                }
              }
            }

            if (evalNode) {
              context.report({
                node: evalNode,
                messageId: 'noFunctionConstructor',
              });
            }
          });
        }
      },
    };
  },
};