fix: update execScript message in no-implied-eval rule (#19937)

TKDev7 · web-flow · commit 317330552e2d · 2025-07-15T06:07:19.000+02:00
diff --git a/lib/rules/no-implied-eval.js b/lib/rules/no-implied-eval.js
@@ -32,6 +32,7 @@ module.exports = {
 		messages: {
 			impliedEval:
 				"Implied eval. Consider passing a function instead of a string.",
+			execScript: "Implied eval. Do not use execScript().",
 		},
 	},
 
@@ -85,9 +86,14 @@ module.exports = {
 					isStaticString || isEvaluatedString(firstArgument);
 
 				if (isString) {
+					const calleeName =
+						node.callee.type === "Identifier"
+							? node.callee.name
+							: astUtils.getStaticPropertyName(node.callee);
+					const isExecScript = calleeName === "execScript";
 					context.report({
 						node,
-						messageId: "impliedEval",
+						messageId: isExecScript ? "execScript" : "impliedEval",
 					});
 				}
 			}
diff --git a/tests/lib/rules/no-implied-eval.js b/tests/lib/rules/no-implied-eval.js
@@ -267,7 +267,10 @@ ruleTester.run("no-implied-eval", rule, {
 		{ code: 'setTimeout("x = 1;");', errors: [expectedError] },
 		{ code: 'setTimeout("x = 1;", 100);', errors: [expectedError] },
 		{ code: 'setInterval("x = 1;");', errors: [expectedError] },
-		{ code: 'execScript("x = 1;");', errors: [expectedError] },
+		{
+			code: 'execScript("x = 1;");',
+			errors: [{ messageId: "execScript", type: "CallExpression" }],
+		},
 
 		{
 			code: "const s = 'x=1'; setTimeout(s, 100);",
@@ -291,6 +294,11 @@ ruleTester.run("no-implied-eval", rule, {
 			languageOptions: { globals: globals.browser },
 			errors: [expectedError],
 		},
+		{
+			code: "window.execScript('foo')",
+			languageOptions: { globals: globals.browser },
+			errors: [{ messageId: "execScript", type: "CallExpression" }],
+		},
 		{
 			code: "window['setTimeout']('foo')",
 			languageOptions: { globals: globals.browser },
@@ -306,11 +314,26 @@ ruleTester.run("no-implied-eval", rule, {
 			languageOptions: { ecmaVersion: 6, globals: globals.browser },
 			errors: [expectedError],
 		},
+		{
+			code: "window['execScript']('foo')",
+			languageOptions: { globals: globals.browser },
+			errors: [{ messageId: "execScript", type: "CallExpression" }],
+		},
+		{
+			code: "window[`execScript`]('foo')",
+			languageOptions: { ecmaVersion: 6, globals: globals.browser },
+			errors: [{ messageId: "execScript", type: "CallExpression" }],
+		},
 		{
 			code: "window.window['setInterval']('foo')",
 			languageOptions: { globals: globals.browser },
 			errors: [expectedError],
 		},
+		{
+			code: "window.window['execScript']('foo')",
+			languageOptions: { globals: globals.browser },
+			errors: [{ messageId: "execScript", type: "CallExpression" }],
+		},
 		{
 			code: "global.setTimeout('foo')",
 			languageOptions: { sourceType: "commonjs" },
@@ -321,6 +344,11 @@ ruleTester.run("no-implied-eval", rule, {
 			languageOptions: { sourceType: "commonjs" },
 			errors: [expectedError],
 		},
+		{
+			code: "global.execScript('foo')",
+			languageOptions: { sourceType: "commonjs" },
+			errors: [{ messageId: "execScript", type: "CallExpression" }],
+		},
 		{
 			code: "global['setTimeout']('foo')",
 			languageOptions: { sourceType: "commonjs" },
@@ -336,11 +364,26 @@ ruleTester.run("no-implied-eval", rule, {
 			languageOptions: { ecmaVersion: 6, sourceType: "commonjs" },
 			errors: [expectedError],
 		},
+		{
+			code: "global['execScript']('foo')",
+			languageOptions: { sourceType: "commonjs" },
+			errors: [{ messageId: "execScript", type: "CallExpression" }],
+		},
+		{
+			code: "global[`execScript`]('foo')",
+			languageOptions: { ecmaVersion: 6, sourceType: "commonjs" },
+			errors: [{ messageId: "execScript", type: "CallExpression" }],
+		},
 		{
 			code: "global.global['setInterval']('foo')",
 			languageOptions: { sourceType: "commonjs" },
 			errors: [expectedError],
 		},
+		{
+			code: "global.global['execScript']('foo')",
+			languageOptions: { sourceType: "commonjs" },
+			errors: [{ messageId: "execScript", type: "CallExpression" }],
+		},
 		{
 			code: "globalThis.setTimeout('foo')",
 			languageOptions: { ecmaVersion: 2020 },
@@ -351,6 +394,11 @@ ruleTester.run("no-implied-eval", rule, {
 			languageOptions: { ecmaVersion: 2020 },
 			errors: [expectedError],
 		},
+		{
+			code: "globalThis.execScript('foo')",
+			languageOptions: { ecmaVersion: 2020 },
+			errors: [{ messageId: "execScript", type: "CallExpression" }],
+		},
 
 		// template literals
 		{
@@ -456,7 +504,7 @@ ruleTester.run("no-implied-eval", rule, {
 
 				// no error on line 2
 				{
-					messageId: "impliedEval",
+					messageId: "execScript",
 					type: "CallExpression",
 					line: 3,
 				},
@@ -479,7 +527,7 @@ ruleTester.run("no-implied-eval", rule, {
 
 				// no error on line 2
 				{
-					messageId: "impliedEval",
+					messageId: "execScript",
 					type: "CallExpression",
 					line: 3,
 				},
@@ -502,7 +550,7 @@ ruleTester.run("no-implied-eval", rule, {
 
 				// no error on line 2
 				{
-					messageId: "impliedEval",
+					messageId: "execScript",
 					type: "CallExpression",
 					line: 3,
 				},
@@ -526,5 +574,21 @@ ruleTester.run("no-implied-eval", rule, {
 			},
 			errors: [{ messageId: "impliedEval" }],
 		},
+		{
+			code: "window?.execScript('code')",
+			languageOptions: {
+				ecmaVersion: 2020,
+				globals: { window: "readonly" },
+			},
+			errors: [{ messageId: "execScript" }],
+		},
+		{
+			code: "(window?.execScript)('code')",
+			languageOptions: {
+				ecmaVersion: 2020,
+				globals: { window: "readonly" },
+			},
+			errors: [{ messageId: "execScript" }],
+		},
 	],
 });
