Create rule S6252: Add JS as covered language (APPSEC-42) (#1093)

rules/S6252/javascript/metadata.json

@@ -0,0 +1,3 @@
+{
+  
+}

rules/S6252/javascript/rule.adoc

@@ -0,0 +1,57 @@
+S3 buckets can be versioned.
+When the S3 bucket is unversioned it means that a new version of an object overwrites an existing one in the S3 bucket.
+
+It can lead to unintentional or intentional information loss.
+
+include::../ask-yourself.adoc[]
+
+include::../recommended.adoc[]
+
+== Sensitive Code Example
+
+[source,javascript]
+----
+const s3 = require('aws-cdk-lib/aws-s3');
+
+new s3.Bucket(this, 'id', {
+    bucketName: 'bucket',
+    versioned: false // Sensitive
+});
+----
+The default value of `versioned` is `false` so the absence of this parameter is also sensitive.
+
+== Compliant Solution
+
+[source,javascript]
+----
+const s3 = require('aws-cdk-lib/aws-s3');
+
+new s3.Bucket(this, 'id', {
+    bucketName: 'bucket',
+    versioned: true
+});
+----
+
+include::../see.adoc[]
+
+* https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html#versioned[AWS CDK version 2] - Using versioning in S3 buckets
+
+ifdef::env-github,rspecator-view[]
+
+'''
+== Implementation Specification
+(visible only on this page)
+
+=== Highlighting
+
+* If the argument is set to false: the argument assignment
+* If the argument is a variable: primary the assignment of the argument, secondary the assignment of the value to the variable
+* If the argument is missing: the constructor of the bucket
+
+=== Message
+
+* If primary: Make sure an unversioned S3 bucket is safe here.
+* If secondary: Propagated setting
+* If missing: Omitting the "versioned" argument disables S3 bucket versioning. Make sure it is safe here.
+
+endif::env-github,rspecator-view[]