Run markdown-spellcheck against README and docs
This commit is contained in:
Родитель
a021f7a7b7
Коммит
c5ff023aeb
|
@ -0,0 +1,42 @@
|
|||
_or_
|
||||
1.x
|
||||
addon-linter
|
||||
addons-linter
|
||||
addons.mozilla.org
|
||||
amo-validator
|
||||
AngularJS
|
||||
content_security_policy
|
||||
default_locale
|
||||
eg
|
||||
env
|
||||
ESLint
|
||||
FLUENT_INVALID
|
||||
fluent.js
|
||||
jQuery
|
||||
js
|
||||
json
|
||||
langpack
|
||||
Linter
|
||||
linter
|
||||
manifest_json
|
||||
manifest_version
|
||||
manifest.json
|
||||
messages.json
|
||||
Node.js
|
||||
npm
|
||||
nvm
|
||||
openDialog
|
||||
opensearch
|
||||
pino
|
||||
semver
|
||||
Sinon
|
||||
standalone
|
||||
strict_max_version
|
||||
TravisCI
|
||||
truthy
|
||||
unadvised
|
||||
unsafe-eval
|
||||
unsanitized
|
||||
update_url
|
||||
v8
|
||||
WebExtensions
|
24
README.md
24
README.md
|
@ -12,7 +12,7 @@ You can find more information about the linter and it's implemented rules in our
|
|||
|
||||
### Command Line
|
||||
|
||||
You need node.js to use the add-ons linter.
|
||||
You need Node.js to use the add-ons linter.
|
||||
|
||||
To validate your add-on locally, install the linter from [npm](http://nodejs.org/):
|
||||
|
||||
|
@ -99,11 +99,11 @@ linter.run()
|
|||
|
||||
## Development
|
||||
|
||||
If you'd like to help us develop the addons-linter, that's great! It's pretty easy to get started, you just need node.js installed on your machine.
|
||||
If you'd like to help us develop the addons-linter, that's great! It's pretty easy to get started, you just need Node.js installed on your machine.
|
||||
|
||||
### Quick Start
|
||||
|
||||
If you have node.js installed, here's the quick start to getting your development dependencies installed and running the tests
|
||||
If you have Node.js installed, here's the quick start to getting your development dependencies installed and running the tests
|
||||
|
||||
```sh
|
||||
git clone https://github.com/mozilla/addons-linter.git
|
||||
|
@ -123,11 +123,11 @@ npm run build
|
|||
bin/addons-linter my-addon.zip
|
||||
```
|
||||
|
||||
### Required node version
|
||||
### Required Node version
|
||||
|
||||
addons-linter requires node.js v8 or greater. Have a look at our `.travis.yml` file which node.js versions we officially test.
|
||||
addons-linter requires Node.js v8 or greater. Have a look at our `.travis.yml` file which Node.js versions we officially test.
|
||||
|
||||
Using nvm is probably the easiest way to manage multiple node versions side by side. See [nvm on github](https://github.com/creationix/nvm) for more details.
|
||||
Using nvm is probably the easiest way to manage multiple Node versions side by side. See [nvm on GitHub](https://github.com/creationix/nvm) for more details.
|
||||
|
||||
### Install dependencies
|
||||
|
||||
|
@ -147,11 +147,11 @@ Dependencies are automatically kept up-to-date using [greenkeeper](http://greenk
|
|||
| npm [run] build | Builds the lib (used by Travis) |
|
||||
| npm run test-coverage | Runs the tests with coverage (watches for changes) |
|
||||
| npm run test-once | Runs the tests once |
|
||||
| npm run lint | Runs eslint |
|
||||
| npm run lint | Runs ESLint |
|
||||
| npm run test-coverage-once | Runs the tests once with coverage |
|
||||
| npm run test-integration-linter | Runs our integration test-suite |
|
||||
| npm run prettier | Automatically format the whole code-base with Prettier |
|
||||
| npm run prettier-dev | Automatically compare and format modified source files against the master branch |
|
||||
| npm run prettier-dev | Automatically compare and format modified source files against the master branch |
|
||||
|
||||
### Building
|
||||
|
||||
|
@ -169,7 +169,7 @@ We're looking to maintain coverage at 100%. Use the coverage data in the test ou
|
|||
|
||||
#### Assertions and testing APIs
|
||||
|
||||
We are using using sinon for assertions, mocks, stubs and more [see the Sinon docs for the API available](http://sinonjs.org/).
|
||||
We are using using Sinon for assertions, mocks, stubs and more [see the Sinon docs for the API available](http://sinonjs.org/).
|
||||
|
||||
[Jest](https://facebook.github.io/jest/) is being used as a test-runner but also provides helpful tools. Please make sure you read their documentation for more details.
|
||||
|
||||
|
@ -179,7 +179,7 @@ We use [pino](https://github.com/pinojs/pino) for logging:
|
|||
|
||||
- By default logging is off (level is set to 'fatal') .
|
||||
- Logging in tests can be enabled using an env var e.g: `LOG_LEVEL=debug jest test`
|
||||
- Logging on the cli can be enabled with `--log-level [level]`.
|
||||
- Logging on the CLI can be enabled with `--log-level [level]`.
|
||||
|
||||
### Prettier
|
||||
|
||||
|
@ -189,11 +189,11 @@ We use [Prettier](https://prettier.io/) to automatically format our JavaScript c
|
|||
|
||||
In a nutshell the way the linter works is to take an add-on package, extract the metadata from the xpi (zip) format and then process the files it finds through various content scanners.
|
||||
|
||||
We are heavily relying on [Eslint](https://eslint.org/) for JavaScript linting, [cheerio](https://github.com/cheeriojs/cheerio) for HTML parsing as well as [fluent.js](https://github.com/projectfluent/fluent.js) for parsing language packs.
|
||||
We are heavily relying on [ESLint](https://eslint.org/) for JavaScript linting, [cheerio](https://github.com/cheeriojs/cheerio) for HTML parsing as well as [fluent.js](https://github.com/projectfluent/fluent.js) for parsing language packs.
|
||||
|
||||
### Scanners
|
||||
|
||||
Each file-type has a scanner. For example: CSS files use `CSSScanner`; Javascript files use `JavaScriptScanner`. Each scanner looks at relevant files and passes each file through a parser which then hands off to a set of rules that look for specific things.
|
||||
Each file-type has a scanner. For example: CSS files use `CSSScanner`; JavaScript files use `JavaScriptScanner`. Each scanner looks at relevant files and passes each file through a parser which then hands off to a set of rules that look for specific things.
|
||||
|
||||
### Rules
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# Linter Rules
|
||||
|
||||
This document is automatically published on [github pages](http://mozilla.github.io/addons-linter/). To update it edit `docs/rules.md` in the [github repo](https://github.com/mozilla/addons-linter).
|
||||
This document is automatically published on [GitHub pages](http://mozilla.github.io/addons-linter/). To update it edit `docs/rules.md` in the [GitHub repo](https://github.com/mozilla/addons-linter).
|
||||
|
||||
Rules are sorted by severity.
|
||||
|
||||
|
@ -9,75 +9,75 @@ Rules are sorted by severity.
|
|||
| Message code | Severity | Description |
|
||||
| ------------------------- | -------- | ---------------------------------------------------------------- |
|
||||
| `KNOWN_LIBRARY` | notice | This is version of a JS library is known and generally accepted. |
|
||||
| `OPENDIALOG_NONLIT_URI` | notice | openDialog called with non-literal parameter |
|
||||
| `EVENT_LISTENER_FOURTH` | notice | `addEventListener` called with truthy fourth argument |
|
||||
| `UNEXPECTED_GLOGAL_ARG` | warning | Unexpected global passed as an argument |
|
||||
| `NO_IMPLIED_EVAL` | warning | disallow the use of `eval()`-like methods |
|
||||
| `OPENDIALOG_REMOTE_URI` | warning | openDialog called with non-local URI |
|
||||
| `OPENDIALOG_NONLIT_URI` | notice | openDialog called with non-literal parameter. |
|
||||
| `EVENT_LISTENER_FOURTH` | notice | `addEventListener` called with truthy fourth argument. |
|
||||
| `UNEXPECTED_GLOGAL_ARG` | warning | Unexpected global passed as an argument. |
|
||||
| `NO_IMPLIED_EVAL` | warning | disallow the use of `eval()`-like methods. |
|
||||
| `OPENDIALOG_REMOTE_URI` | warning | openDialog called with non-local URI. |
|
||||
| `NO_DOCUMENT_WRITE` | warning | Use of `document.write` strongly discouraged. |
|
||||
| `JS_SYNTAX_ERROR` | warning | JavaScript compile-time error |
|
||||
| `JS_SYNTAX_ERROR` | warning | JavaScript compile-time error. |
|
||||
| `UNADVISED_LIBRARY` | warning | This version of a JS library is not recommended. |
|
||||
| `TABS_GETSELECTED` | warning | Deprecated API tabs.getSelected |
|
||||
| `TABS_SENDREQUEST` | warning | Deprecated API tabs.sendRequest |
|
||||
| `TABS_GETALLINWINDOW` | warning | Deprecated API tabs.getAllInWindow |
|
||||
| `TABS_ONSELECTIONCHANGED` | warning | Deprecated API tabs.onSelectionChanged |
|
||||
| `TABS_ONACTIVECHANGED` | warning | Deprecated API tabs.onActiveChanged |
|
||||
| `EXT_SENDREQUEST` | warning | Deprecated API extension.sendRequest |
|
||||
| `EXT_ONREQUESTEXTERNAL` | warning | Deprecated API extension.onRequestExternal |
|
||||
| `EXT_ONREQUEST` | warning | Deprecated API extension.onRequest |
|
||||
| `APP_GETDETAILS` | warning | Deprecated API app.getDetails |
|
||||
| `STORAGE_LOCAL` | warning | Temporary IDs can cause issues with storage.local |
|
||||
| `STORAGE_SYNC` | warning | Temporary IDs can cause issues with storage.sync |
|
||||
| `IDENTITY_GETREDIRECTURL` | warning | Temporary IDs can cause issues with identity.getRedirectURL |
|
||||
| `TABS_GETSELECTED` | warning | Deprecated API `tabs.getSelected`. |
|
||||
| `TABS_SENDREQUEST` | warning | Deprecated API `tabs.sendRequest`. |
|
||||
| `TABS_GETALLINWINDOW` | warning | Deprecated API `tabs.getAllInWindow`. |
|
||||
| `TABS_ONSELECTIONCHANGED` | warning | Deprecated API `tabs.onSelectionChanged`. |
|
||||
| `TABS_ONACTIVECHANGED` | warning | Deprecated API `tabs.onActiveChanged`. |
|
||||
| `EXT_SENDREQUEST` | warning | Deprecated API `extension.sendRequest`. |
|
||||
| `EXT_ONREQUESTEXTERNAL` | warning | Deprecated API `extension.onRequestExternal`. |
|
||||
| `EXT_ONREQUEST` | warning | Deprecated API `extension.onRequest`. |
|
||||
| `APP_GETDETAILS` | warning | Deprecated API `app.getDetails`. |
|
||||
| `STORAGE_LOCAL` | warning | Temporary IDs can cause issues with `storage.local`. |
|
||||
| `STORAGE_SYNC` | warning | Temporary IDs can cause issues with `storage.sync`. |
|
||||
| `IDENTITY_GETREDIRECTURL` | warning | Temporary IDs can cause issues with `identity.getRedirectURL`. |
|
||||
| `BANNED_LIBRARY` | error | This version of a JS library is banned for security reasons. |
|
||||
|
||||
## Markup
|
||||
|
||||
### CSS
|
||||
|
||||
| Message code | Severity | Description |
|
||||
| -------------------------- | -------- | ---------------------------------- |
|
||||
| `CSS_SYNTAX_ERROR` | error | A CSS syntax error was detected |
|
||||
| `INVALID_SELECTOR_NESTING` | error | CSS selectors should not be nested |
|
||||
| Message code | Severity | Description |
|
||||
| -------------------------- | -------- | ----------------------------------- |
|
||||
| `CSS_SYNTAX_ERROR` | error | A CSS syntax error was detected. |
|
||||
| `INVALID_SELECTOR_NESTING` | error | CSS selectors should not be nested. |
|
||||
|
||||
### HTML
|
||||
|
||||
| Message code | Severity | Description |
|
||||
| --------------- | -------- | ----------------------------------------------------- |
|
||||
| `INLINE_SCRIPT` | warning | Inline script is disallowed by CSP |
|
||||
| `REMOTE_SCRIPT` | warning | Remote scripts are not allowed as per Add-on Policies |
|
||||
| Message code | Severity | Description |
|
||||
| --------------- | -------- | ------------------------------------------------------ |
|
||||
| `INLINE_SCRIPT` | warning | Inline script is disallowed by CSP. |
|
||||
| `REMOTE_SCRIPT` | warning | Remote scripts are not allowed as per Add-on Policies. |
|
||||
|
||||
## Content
|
||||
|
||||
| Message code | Severity | Description |
|
||||
| -------------- | -------- | ---------------------- |
|
||||
| `HIDDEN_FILE` | warning | Hidden file flagged |
|
||||
| `FLAGGED_FILE` | warning | Flagged filename found |
|
||||
| `HIDDEN_FILE` | warning | Hidden file flagged. |
|
||||
| `FLAGGED_FILE` | warning | Flagged filename found. |
|
||||
|
||||
## Package layout
|
||||
|
||||
| Message code | Severity | Description |
|
||||
| -------------------------- | -------- | -------------------------------------------------- |
|
||||
| `MOZILLA_COND_OF_USE` | notice | Mozilla conditions of use violation |
|
||||
| `FLAGGED_FILE_TYPE` | notice | (Binary) Flagged file type found |
|
||||
| `FLAGGED_FILE_EXTENSION` | warning | Flagged file extensions found |
|
||||
| `DUPLICATE_XPI_ENTRY` | warning | Package contains duplicate entries |
|
||||
| `ALREADY_SIGNED` | warning | Already signed |
|
||||
| `COINMINER_USAGE_DETECTED` | warning | Firefox add-ons are not allowed to run coin miners |
|
||||
| `BAD_ZIPFILE` | error | Bad zip file |
|
||||
| `FILE_TOO_LARGE` | error | File is too large to parse |
|
||||
| Message code | Severity | Description |
|
||||
| -------------------------- | -------- | --------------------------------------------------- |
|
||||
| `MOZILLA_COND_OF_USE` | notice | Mozilla conditions of use violation. |
|
||||
| `FLAGGED_FILE_TYPE` | notice | (Binary) Flagged file type found. |
|
||||
| `FLAGGED_FILE_EXTENSION` | warning | Flagged file extensions found |
|
||||
| `DUPLICATE_XPI_ENTRY` | warning | Package contains duplicate entries |
|
||||
| `ALREADY_SIGNED` | warning | Already signed |
|
||||
| `COINMINER_USAGE_DETECTED` | warning | Firefox add-ons are not allowed to run coin miners. |
|
||||
| `BAD_ZIPFILE` | error | Bad zip file |
|
||||
| `FILE_TOO_LARGE` | error | File is too large to parse |
|
||||
|
||||
## Type detection
|
||||
|
||||
| Message code | Severity | Description |
|
||||
| ----------------------- | -------- | ----------------------------------------------- |
|
||||
| `TYPE_NO_MANIFEST_JSON` | notice | Add-on missing manifest_json for type detection |
|
||||
| Message code | Severity | Description |
|
||||
| ----------------------- | -------- | ------------------------------------------------ |
|
||||
| `TYPE_NO_MANIFEST_JSON` | notice | Add-on missing manifest_json for type detection. |
|
||||
|
||||
## Language packs
|
||||
|
||||
| Message code | Severity | Description |
|
||||
| -------------- | -------- | ---------------------------- |
|
||||
| FLUENT_INVALID | warning | Invalid fluent template file |
|
||||
| Message code | Severity | Description |
|
||||
| -------------- | -------- | --------------------------- |
|
||||
| FLUENT_INVALID | warning | Invalid fluent template file. |
|
||||
|
||||
## Web Extensions / manifest.json
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# Add-on Type Support [DRAFT]
|
||||
|
||||
Going forward the amo-validator will continue to be the linter for legacy addo-ns. This document lists what types of addons the addon-linter will support and provides somde details as to the scope of the features needed.
|
||||
Going forward the amo-validator will continue to be the linter for legacy add-ons. This document lists what types of add-ons the addon-linter will support and provides some details as to the scope of the features needed.
|
||||
|
||||
- Web Extensions
|
||||
- Dictionaries
|
||||
|
@ -11,10 +11,10 @@ Going forward the amo-validator will continue to be the linter for legacy addo-n
|
|||
|
||||
Required features for linting:
|
||||
|
||||
- Validation of the `manifest.json`. Swtich to JSON scheme for this.
|
||||
- Validation of the `manifest.json`. Switch to JSON scheme for this.
|
||||
- Look into rules for to guard against inadvertent privilege escalation holes. This type of issue would come from a site exploiting an extension.
|
||||
- js validation of content scripts (Rules need TBD)
|
||||
- Flag un-approved libs based on file name that match libs
|
||||
- Flag unapproved libs based on file name that match libs
|
||||
- Skip JS linting on libs that match the approved list.
|
||||
- Rules for specific APIs.
|
||||
|
||||
|
@ -39,10 +39,10 @@ Docs: https://developer.mozilla.org/docs/Creating_a_spell_check_dictionary_add-o
|
|||
|
||||
Docs appear to be a bit thin on the ground for these. They need looking into further and we should look at the existing rules.
|
||||
|
||||
## Search Addons
|
||||
## Search Add-ons
|
||||
|
||||
What's needed?
|
||||
|
||||
- Validation of the opensearch xml
|
||||
- Validation of the opensearch XML
|
||||
|
||||
Old code is here https://github.com/mozilla/amo-validator/blob/master/validator/opensearch.py
|
||||
|
|
Загрузка…
Ссылка в новой задаче