/**
 * Copyright (c) 2025 Ofri Peretz
 * Licensed under the MIT License. Use of this source code is governed by the
 * MIT license that can be found in the LICENSE file.
 */
/**
 * ESLint Rule: no-improper-sanitization
 * Detects improper sanitization of user input (CWE-94, CWE-79, CWE-116)
 *
 * Improper sanitization occurs when user input is not properly cleaned
 * before use in sensitive contexts. This can lead to injection attacks,
 * XSS, or other security vulnerabilities.
 *
 * False Positive Reduction:
 * This rule uses security utilities to reduce false positives by detecting:
 * - Known safe sanitization patterns
 * - Trusted sanitization libraries
 * - JSDoc annotations (@sanitized, @safe)
 * - Context-aware validation
 */
import type { TSESLint } from '@interlace/eslint-devkit';
import { type SecurityRuleOptions } from '@interlace/eslint-devkit';
type MessageIds = 'improperSanitization' | 'insufficientXssProtection' | 'incompleteHtmlEscaping' | 'unsafeReplaceSanitization' | 'missingContextEncoding' | 'dangerousSanitizerUsage' | 'sqlInjectionSanitization' | 'commandInjectionSanitization' | 'useProperSanitization' | 'validateSanitization' | 'implementContextAware' | 'strategyDefenseInDepth' | 'strategyInputValidation' | 'strategyOutputEncoding';
export interface Options extends SecurityRuleOptions {
    /** Safe sanitization functions */
    safeSanitizers?: string[];
    /** Characters that should be escaped */
    dangerousChars?: string[];
    /** Contexts that require different encoding */
    contexts?: string[];
    /** Trusted sanitization libraries */
    trustedLibraries?: string[];
}
type RuleOptions = [Options?];
export declare const noImproperSanitization: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener> & {
    name: string;
};
export {};