Enhance exported warnings to include i18n token

README.md

@@ -73,6 +73,38 @@ The analysis will return: `http` (in try), `crypto`, `util` and `fs`.
 
 > ⚠️ There is also a lot of suspicious code example in the root cases directory. Feel free to try the tool on these files.
 
+## Warnings
+
+This section describes how use `warnings` export.
+
+The structure of the `warnings` is as follows:
+```
+/**
+ * @property {object}  warnings                         - The default values for Constants.
+ * @property {string}  warnings[name]                   - The default warning name (parsingError, unsafeImport etc...).
+ * @property {string}  warnings[name].i18n              - i18n token.
+ * @property {string}  warnings[name].code              - Used to perform unit tests.
+ */
+
+export const warnings = Object.freeze({
+    parsingError: {
+      i18n: "sast_warnings.ast_error"
+      code: "ast-error",
+    },
+    ...otherWarnings
+  });
+```
+
+We make a call to `i18n` through the package `NodeSecure/i18n` to get the translation.
+
+```
+import * as jsxray from "@nodesecure/js-x-ray";
+import * as i18n from "@nodesecure/i18n";
+
+console.log(i18n.getToken(jsxray.warnings.parsingError.i18n));
+
+```
+
 ## Warnings Legends (v2.0+)
 
 > Node-secure versions equal or lower than 0.7.0 are no longer compatible with the warnings table below.

index.d.ts

@@ -55,15 +55,42 @@ declare namespace JSXRay {
   }
 
   interface WarningsNames {
-    parsingError: "parsing-error",
-    unsafeImport: "unsafe-import",
-    unsafeStmt: "unsafe-stmt",
-    unsafeRegex: "unsafe-regex",
-    unsafeAssign: "unsafe-assign",
-    encodedLiteral: "encoded-literal",
-    shortIdentifiers: "short-identifiers",
-    suspiciousLiteral: "suspicious-literal",
-    obfuscatedCode: "obfuscated-code"
+    parsingError: {
+      code: "ast-error",
+      i18n: "sast_warnings.ast_error"
+    },
+    unsafeImport: {
+      code: "unsafe-import",
+      i18n: "sast_warnings.unsafe_import"
+    },
+    unsafeRegex: {
+      code: "unsafe-regex",
+      i18n: "sast_warnings.unsafe_regex"
+    },
+    unsafeStmt: {
+      code: "unsafe-stmt",
+      i18n: "sast_warnings.unsafe_stmt"
+    },
+    unsafeAssign: {
+      code: "unsafe-assign",
+      i18n: "sast_warnings.unsafe_assign"
+    },
+    encodedLiteral: {
+      code: "encoded-literal",
+      i18n: "sast_warnings.encoded_literal"
+    },
+    shortIdentifiers: {
+      code: "short-identifiers",
+      i18n: "sast_warnings.short_identifiers"
+    },
+    suspiciousLiteral: {
+      code: "suspicious-literal",
+      i18n: "sast_warnings.suspicious_literal"
+    },
+    obfuscatedCode: {
+      code: "obfuscated-code",
+      i18n: "sast_warnings.obfuscated_code"
+    }
   }
 
   interface RuntimeOptions {
@@ -90,9 +117,7 @@ declare namespace JSXRay {
 
   export function runASTAnalysisOnFile(pathToFile: string, options?: RuntimeFileOptions): Promise<ReportOnFile>;
 
-  export namespace CONSTANTS {
-    export const Warnings: WarningsNames;
-  }
+  export const warnings: WarningsNames;
 }
 
 export = JSXRay;

index.js

@@ -83,16 +83,43 @@ export async function runASTAnalysisOnFile(pathToFile, options = {}) {
   }
 }
 
-export const CONSTANTS = {
-  Warnings: Object.freeze({
-    parsingError: "ast-error",
-    unsafeImport: "unsafe-import",
-    unsafeRegex: "unsafe-regex",
-    unsafeStmt: "unsafe-stmt",
-    unsafeAssign: "unsafe-assign",
-    encodedLiteral: "encoded-literal",
-    shortIdentifiers: "short-identifiers",
-    suspiciousLiteral: "suspicious-literal",
-    obfuscatedCode: "obfuscated-code"
-  })
-};
+export const warnings = Object.freeze({
+  parsingError: {
+    code: "ast-error",
+    i18n: "sast_warnings.ast_error"
+  },
+  unsafeImport: {
+    code: "unsafe-import",
+    i18n: "sast_warnings.unsafe_import"
+  },
+  unsafeRegex: {
+    code: "unsafe-regex",
+    i18n: "sast_warnings.unsafe_regex"
+  },
+  unsafeStmt: {
+    code: "unsafe-stmt",
+    i18n: "sast_warnings.unsafe_stmt"
+  },
+  unsafeAssign: {
+    code: "unsafe-assign",
+    i18n: "sast_warnings.unsafe_assign"
+  },
+  encodedLiteral: {
+    code: "encoded-literal",
+    i18n: "sast_warnings.encoded_literal"
+  },
+  shortIdentifiers: {
+    code: "short-identifiers",
+    i18n: "sast_warnings.short_identifiers"
+  },
+  suspiciousLiteral: {
+    code: "suspicious-literal",
+    i18n: "sast_warnings.suspicious_literal"
+  },
+  obfuscatedCode: {
+    code: "obfuscated-code",
+    i18n: "sast_warnings.obfuscated_code"
+  }
+});
+
+

test/obfuscated.spec.js

@@ -7,11 +7,11 @@ import { join, dirname } from "path";
 import test from "tape";
 
 // Import Internal Dependencies
-import { runASTAnalysis, CONSTANTS, runASTAnalysisOnFile } from "../index.js";
+import { runASTAnalysis, warnings, runASTAnalysisOnFile } from "../index.js";
 import { getWarningKind } from "./utils/index.js";
 
 // CONSTANTS
-const { Warnings } = CONSTANTS;
+const { obfuscatedCode, encodedLiteral } = warnings;
 const __dirname = dirname(fileURLToPath(import.meta.url));
 const FIXTURE_PATH = join(__dirname, "fixtures/obfuscated");
 
@@ -20,7 +20,7 @@ test("should detect 'jsfuck' obfuscation", (tape) => {
   const { warnings } = runASTAnalysis(trycatch);
 
   tape.strictEqual(warnings.length, 1);
-  tape.deepEqual(getWarningKind(warnings), [Warnings.obfuscatedCode].sort());
+  tape.deepEqual(getWarningKind(warnings), [obfuscatedCode.code].sort());
   tape.strictEqual(warnings[0].value, "jsfuck");
   tape.end();
 });
@@ -30,7 +30,7 @@ test("should detect 'jsfuck' obfuscation", (tape) => {
 //   const { warnings } = runASTAnalysis(trycatch);
 
 //   tape.strictEqual(warnings.length, 1);
-//   tape.deepEqual(getWarningKind(warnings), [Warnings.obfuscatedCode].sort());
+//   tape.deepEqual(getWarningKind(warnings), [obfuscatedCode.code].sort());
 //   tape.strictEqual(warnings[0].value, "morse");
 //   tape.end();
 // });
@@ -40,7 +40,7 @@ test("should detect 'jjencode' obfuscation", (tape) => {
   const { warnings } = runASTAnalysis(trycatch);
 
   tape.strictEqual(warnings.length, 1);
-  tape.deepEqual(getWarningKind(warnings), [Warnings.obfuscatedCode].sort());
+  tape.deepEqual(getWarningKind(warnings), [obfuscatedCode.code].sort());
   tape.strictEqual(warnings[0].value, "jjencode");
   tape.end();
 });
@@ -51,7 +51,7 @@ test("should detect 'freejsobfuscator' obfuscation", (tape) => {
 
   tape.strictEqual(warnings.length, 3);
   tape.deepEqual(getWarningKind(warnings), [
-    Warnings.encodedLiteral, Warnings.encodedLiteral, Warnings.obfuscatedCode
+    encodedLiteral.code, encodedLiteral.code, obfuscatedCode.code
   ].sort());
   tape.strictEqual(warnings[2].value, "freejsobfuscator");
   tape.end();
@@ -63,7 +63,7 @@ test("should detect 'obfuscator.io' obfuscation (with hexadecimal generator)", (
 
   tape.strictEqual(warnings.length, 1);
   tape.deepEqual(getWarningKind(warnings), [
-    Warnings.obfuscatedCode
+    obfuscatedCode.code
   ].sort());
   tape.strictEqual(warnings[0].value, "obfuscator.io");
   tape.end();
@@ -84,7 +84,7 @@ test("should detect 'trojan-source' when there is one unsafe unicode control cha
   `);
 
   tape.strictEqual(warnings.length, 1);
-  tape.deepEqual(getWarningKind(warnings), [Warnings.obfuscatedCode]);
+  tape.deepEqual(getWarningKind(warnings), [obfuscatedCode.code]);
   tape.deepEqual(warnings[0].value, "trojan-source");
   tape.end();
 });
@@ -93,7 +93,7 @@ test("should detect 'trojan-source' when there is atleast one unsafe unicode con
   const { warnings } = await runASTAnalysisOnFile(join(FIXTURE_PATH, "unsafe-unicode-chars.js"));
 
   tape.strictEqual(warnings.length, 1);
-  tape.deepEqual(getWarningKind(warnings), [Warnings.obfuscatedCode]);
+  tape.deepEqual(getWarningKind(warnings), [obfuscatedCode.code]);
   tape.deepEqual(warnings[0].value, "trojan-source");
   tape.end();
 });