securesauce / precaution-beta

Precaution provides a simple, automated code review for GitHub projects by running code linters with a security focus on pull requests.
Other
1 stars 0 forks source link

Add support for TSLint reference links #185

Closed MVrachev closed 5 years ago

MVrachev commented 5 years ago

Add support for TSLint reference links

Because TSLint doesn't provide us with reference links and doesn't have an API for such metadata as explained by the developer of tslint-config-security: webschik/tslint-config-security#17

All rules are documented as part of the README for tslint-config-security on GitHub, therefore we can use this documentation to provide reference links.

Another thing we should check is if every rule has a documentation on the project webpage and do we point to that documentation.

Signed-off-by: Martin Vrachev mvrachev@vmware.com

MVrachev commented 5 years ago

I really like this change. I'm a little worried that one day those entries will be removed from the upstream README... Can we add a test to check that resolving those links actually generates some content (not receiving an error page would probably be enough?)

That's a good point. I will add a unit test for that in this pr.

MVrachev commented 5 years ago

I added a unit test checking the status code of the doc website.

joshuagl commented 5 years ago

Typo in the commit message for the first patch:

Having documentation or JavaScript/TypeScript issues will educate the people on how to prevent future mistakes

Having documentation of JavaScript/TypeScript issues...

The commit message for the second patch needs tweaking also, includes:

It's also important to keep an eye to the exact reference links we are giving as documentation that's why I am checking if every reference link we are going to give as output is valid.

Perhaps: "Check every reference link we may give as output is valid" ?

MVrachev commented 5 years ago

Typo in the commit message for the first patch:

Having documentation or JavaScript/TypeScript issues will educate the people on how to prevent future mistakes

Having documentation of JavaScript/TypeScript issues...

The commit message for the second patch needs tweaking also, includes:

It's also important to keep an eye to the exact reference links we are giving as documentation that's why I am checking if every reference link we are going to give as output is valid.

Perhaps: "Check every reference link we may give as output is valid" ?

I fixed both of them. Do you think it's okay now?

joshuagl commented 5 years ago

2nd commit has a typo in the commit message, otherwise this LGTM.

It's important to keep an eye on the TSLint plugin GitHub age. age -> page