@coana-tech/cli 14.12.134 → 14.12.136
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.mjs +465 -63
- package/package.json +1 -1
- package/reachability-analyzers-cli.mjs +1579 -1572
- package/repos/coana-tech/cocoa/release/Coana.Cocoa.dll +0 -0
- package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
- package/repos/coana-tech/javap-service/javap-service.jar +0 -0
- package/repos/coana-tech/jelly-private/dist/bundle/approx.js +3 -3
- package/repos/coana-tech/jelly-private/dist/bundle/{chunk-QPIPGSUC.js → chunk-4VFJ6VRH.js} +2 -2
- package/repos/coana-tech/jelly-private/dist/bundle/{chunk-K5LIJ7OH.js → chunk-BDEOKPLQ.js} +2 -1
- package/repos/coana-tech/jelly-private/dist/bundle/{chunk-PYSMGG45.js → chunk-IEQ4BC6O.js} +2 -2
- package/repos/coana-tech/jelly-private/dist/bundle/{chunk-MZDUAIIH.js → chunk-IK6PDI7V.js} +2 -2
- package/repos/coana-tech/jelly-private/dist/bundle/hooks.js +3 -3
- package/repos/coana-tech/jelly-private/dist/bundle/jelly.js +77 -54
- package/repos/coana-tech/mambalade/dist/{mambalade-0.3.16-py3-none-any.whl → mambalade-0.3.18-py3-none-any.whl} +0 -0
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
@@ -7,11 +7,11 @@ import "./iterator-helpers-polyfill.js";
|
|
|
7
7
|
import {
|
|
8
8
|
require_hints,
|
|
9
9
|
require_parser
|
|
10
|
-
} from "./chunk-
|
|
10
|
+
} from "./chunk-4VFJ6VRH.js";
|
|
11
11
|
import {
|
|
12
12
|
require_proxy,
|
|
13
13
|
require_sandbox
|
|
14
|
-
} from "./chunk-
|
|
14
|
+
} from "./chunk-IK6PDI7V.js";
|
|
15
15
|
import {
|
|
16
16
|
__commonJS,
|
|
17
17
|
__name,
|
|
@@ -21,7 +21,7 @@ import {
|
|
|
21
21
|
require_options,
|
|
22
22
|
require_transform,
|
|
23
23
|
require_util
|
|
24
|
-
} from "./chunk-
|
|
24
|
+
} from "./chunk-BDEOKPLQ.js";
|
|
25
25
|
|
|
26
26
|
// lib/approx/approx.js
|
|
27
27
|
var require_approx = __commonJS({
|
|
@@ -14,7 +14,7 @@ import {
|
|
|
14
14
|
require_options,
|
|
15
15
|
require_tokens,
|
|
16
16
|
require_util
|
|
17
|
-
} from "./chunk-
|
|
17
|
+
} from "./chunk-BDEOKPLQ.js";
|
|
18
18
|
|
|
19
19
|
// lib/parsing/parser.js
|
|
20
20
|
var require_parser = __commonJS({
|
|
@@ -516,4 +516,4 @@ export {
|
|
|
516
516
|
require_patching,
|
|
517
517
|
require_hints
|
|
518
518
|
};
|
|
519
|
-
//# sourceMappingURL=chunk-
|
|
519
|
+
//# sourceMappingURL=chunk-4VFJ6VRH.js.map
|
|
@@ -10874,6 +10874,7 @@ var require_options = __commonJS({
|
|
|
10874
10874
|
modulesJson: void 0,
|
|
10875
10875
|
lazy: false,
|
|
10876
10876
|
lazyCleanup: false,
|
|
10877
|
+
lazySoftAssert: false,
|
|
10877
10878
|
reparse: false,
|
|
10878
10879
|
memory: void 0
|
|
10879
10880
|
};
|
|
@@ -19871,4 +19872,4 @@ fill-range/index.js:
|
|
|
19871
19872
|
* Licensed under the MIT License.
|
|
19872
19873
|
*)
|
|
19873
19874
|
*/
|
|
19874
|
-
//# sourceMappingURL=chunk-
|
|
19875
|
+
//# sourceMappingURL=chunk-BDEOKPLQ.js.map
|
|
@@ -8,7 +8,7 @@ import {
|
|
|
8
8
|
__commonJS,
|
|
9
9
|
__name,
|
|
10
10
|
__require
|
|
11
|
-
} from "./chunk-
|
|
11
|
+
} from "./chunk-BDEOKPLQ.js";
|
|
12
12
|
|
|
13
13
|
// node_modules/source-map/lib/base64.js
|
|
14
14
|
var require_base64 = __commonJS({
|
|
@@ -224380,4 +224380,4 @@ typescript/lib/typescript.js:
|
|
|
224380
224380
|
and limitations under the License.
|
|
224381
224381
|
***************************************************************************** *)
|
|
224382
224382
|
*/
|
|
224383
|
-
//# sourceMappingURL=chunk-
|
|
224383
|
+
//# sourceMappingURL=chunk-IEQ4BC6O.js.map
|
|
@@ -9,7 +9,7 @@ import {
|
|
|
9
9
|
__name,
|
|
10
10
|
__require,
|
|
11
11
|
require_transform
|
|
12
|
-
} from "./chunk-
|
|
12
|
+
} from "./chunk-BDEOKPLQ.js";
|
|
13
13
|
|
|
14
14
|
// lib/approx/proxy.js
|
|
15
15
|
var require_proxy = __commonJS({
|
|
@@ -268,4 +268,4 @@ export {
|
|
|
268
268
|
require_proxy,
|
|
269
269
|
require_sandbox
|
|
270
270
|
};
|
|
271
|
-
//# sourceMappingURL=chunk-
|
|
271
|
+
//# sourceMappingURL=chunk-IK6PDI7V.js.map
|
|
@@ -6,10 +6,10 @@ import "./iterator-helpers-polyfill.js";
|
|
|
6
6
|
|
|
7
7
|
import {
|
|
8
8
|
require_moduleresolver
|
|
9
|
-
} from "./chunk-
|
|
9
|
+
} from "./chunk-IEQ4BC6O.js";
|
|
10
10
|
import {
|
|
11
11
|
require_sandbox
|
|
12
|
-
} from "./chunk-
|
|
12
|
+
} from "./chunk-IK6PDI7V.js";
|
|
13
13
|
import {
|
|
14
14
|
__commonJS,
|
|
15
15
|
__name,
|
|
@@ -17,7 +17,7 @@ import {
|
|
|
17
17
|
require_files,
|
|
18
18
|
require_options,
|
|
19
19
|
require_transform
|
|
20
|
-
} from "./chunk-
|
|
20
|
+
} from "./chunk-BDEOKPLQ.js";
|
|
21
21
|
|
|
22
22
|
// lib/approx/hooks.js
|
|
23
23
|
var require_hooks = __commonJS({
|
|
@@ -9,11 +9,11 @@ import {
|
|
|
9
9
|
require_hints,
|
|
10
10
|
require_parser,
|
|
11
11
|
require_patching
|
|
12
|
-
} from "./chunk-
|
|
12
|
+
} from "./chunk-4VFJ6VRH.js";
|
|
13
13
|
import {
|
|
14
14
|
require_moduleresolver,
|
|
15
15
|
require_typescript
|
|
16
|
-
} from "./chunk-
|
|
16
|
+
} from "./chunk-IEQ4BC6O.js";
|
|
17
17
|
import {
|
|
18
18
|
__commonJS,
|
|
19
19
|
__name,
|
|
@@ -37,7 +37,7 @@ import {
|
|
|
37
37
|
require_tokens,
|
|
38
38
|
require_transform,
|
|
39
39
|
require_util
|
|
40
|
-
} from "./chunk-
|
|
40
|
+
} from "./chunk-BDEOKPLQ.js";
|
|
41
41
|
|
|
42
42
|
// lib/misc/timer.js
|
|
43
43
|
var require_timer = __commonJS({
|
|
@@ -1075,6 +1075,8 @@ var require_diagnostics = __commonJS({
|
|
|
1075
1075
|
totalOtherPatchingTime = 0n;
|
|
1076
1076
|
finalizationTime = 0n;
|
|
1077
1077
|
patternMatchingTime = 0n;
|
|
1078
|
+
lazyTime = 0n;
|
|
1079
|
+
lazyErrors;
|
|
1078
1080
|
unhandledDynamicPropertyWrites = 0;
|
|
1079
1081
|
unhandledDynamicPropertyReads = 0;
|
|
1080
1082
|
vulnerabilities;
|
|
@@ -1299,7 +1301,6 @@ var require_lazy = __commonJS({
|
|
|
1299
1301
|
exports.isLazyAPActive = isLazyAPActive;
|
|
1300
1302
|
exports.assertLazyAPActive = assertLazyAPActive;
|
|
1301
1303
|
exports.getExportedFunctionsByModule = getExportedFunctionsByModule;
|
|
1302
|
-
var node_assert_1 = __importDefault(__require("node:assert"));
|
|
1303
1304
|
var bitset_1 = require_bitset();
|
|
1304
1305
|
var scc_1 = require_scc();
|
|
1305
1306
|
var util_1 = require_util();
|
|
@@ -1348,12 +1349,13 @@ var require_lazy = __commonJS({
|
|
|
1348
1349
|
return !a.reachedModulesFull.has(ap.moduleInfo);
|
|
1349
1350
|
}
|
|
1350
1351
|
__name(isLazyAPActive, "isLazyAPActive");
|
|
1351
|
-
function assertLazyAPActive(ap,
|
|
1352
|
+
function assertLazyAPActive(ap, s) {
|
|
1353
|
+
const { globalState: a } = s;
|
|
1352
1354
|
if (ap.dependents) {
|
|
1353
1355
|
if (ap.moduleInfo.directDependents.values().every((m) => a.reachedModulesFull.has(m)))
|
|
1354
|
-
|
|
1356
|
+
s.assertLazy`Lazy access path ${ap} is irrelevant, all dependents are already reached`;
|
|
1355
1357
|
} else if (a.reachedModulesFull.has(ap.moduleInfo))
|
|
1356
|
-
|
|
1358
|
+
s.assertLazy`Lazy access path ${ap} is irrelevant, module ${ap.moduleInfo} is already reached`;
|
|
1357
1359
|
}
|
|
1358
1360
|
__name(assertLazyAPActive, "assertLazyAPActive");
|
|
1359
1361
|
function getExportedFunctionsByModule(ms, solver) {
|
|
@@ -1382,7 +1384,10 @@ var require_lazy = __commonJS({
|
|
|
1382
1384
|
const exportedFunctionsByModule = /* @__PURE__ */ new Map();
|
|
1383
1385
|
for (const rep of sccs.reverse()) {
|
|
1384
1386
|
const bs = bitsets.get(rep);
|
|
1385
|
-
|
|
1387
|
+
if (bs.isEmpty()) {
|
|
1388
|
+
solver.assertLazy`Unexpected empty bitset for representative ${rep}`;
|
|
1389
|
+
continue;
|
|
1390
|
+
}
|
|
1386
1391
|
for (const t of sets.get(rep)) {
|
|
1387
1392
|
const es = graph.get(t);
|
|
1388
1393
|
if (es?.size)
|
|
@@ -1448,12 +1453,13 @@ var require_solver = __commonJS({
|
|
|
1448
1453
|
};
|
|
1449
1454
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
1450
1455
|
exports.AbortedException = void 0;
|
|
1456
|
+
var assert_1 = __importDefault(__require("assert"));
|
|
1457
|
+
var util_1 = __require("util");
|
|
1451
1458
|
var constraintvars_1 = require_constraintvars();
|
|
1452
1459
|
var logger_1 = __importStar(require_logger());
|
|
1453
1460
|
var tokens_1 = require_tokens();
|
|
1454
1461
|
var globalstate_1 = require_globalstate();
|
|
1455
|
-
var
|
|
1456
|
-
var assert_1 = __importDefault(__require("assert"));
|
|
1462
|
+
var util_2 = require_util();
|
|
1457
1463
|
var accesspaths_1 = require_accesspaths();
|
|
1458
1464
|
var types_1 = __require("@babel/types");
|
|
1459
1465
|
var fragmentstate_1 = require_fragmentstate();
|
|
@@ -1506,7 +1512,7 @@ var require_solver = __commonJS({
|
|
|
1506
1512
|
f.tokenListeners2,
|
|
1507
1513
|
f.arrayEntriesListeners,
|
|
1508
1514
|
f.objectPropertiesListeners
|
|
1509
|
-
].reduce((acc, l) => acc + (0,
|
|
1515
|
+
].reduce((acc, l) => acc + (0, util_2.mapMapSize)(l), 0);
|
|
1510
1516
|
d.tokens = f.numberOfTokens;
|
|
1511
1517
|
d.subsetEdges = f.numberOfSubsetEdges;
|
|
1512
1518
|
d.functionToFunctionEdges = f.numberOfFunctionToFunctionEdges;
|
|
@@ -1561,7 +1567,7 @@ var require_solver = __commonJS({
|
|
|
1561
1567
|
}
|
|
1562
1568
|
if (!ws)
|
|
1563
1569
|
ws = this.unprocessedTokens.get(toRep);
|
|
1564
|
-
ws = (0,
|
|
1570
|
+
ws = (0, util_2.pushArraySingle)(this.unprocessedTokens, toRep, t, ws);
|
|
1565
1571
|
this.diagnostics.unprocessedTokensSize++;
|
|
1566
1572
|
if (this.diagnostics.unprocessedTokensSize % 100 === 0)
|
|
1567
1573
|
this.printDiagnostics();
|
|
@@ -1581,13 +1587,13 @@ var require_solver = __commonJS({
|
|
|
1581
1587
|
if (!(ap2 instanceof accesspaths_1.UnknownAccessPath || ap2 instanceof accesspaths_1.IgnoredAccessPath || ap2 instanceof accesspaths_1.LazyAccessPath) && (to instanceof constraintvars_1.NodeVar || to instanceof constraintvars_1.IntermediateVar && to.label === "import")) {
|
|
1582
1588
|
(0, assert_1.default)(node !== void 0 && encl !== void 0);
|
|
1583
1589
|
if (ap2 instanceof accesspaths_1.ModuleAccessPath)
|
|
1584
|
-
(0,
|
|
1590
|
+
(0, util_2.mapGetMap)(f.moduleAccessPaths, ap2).set(node, encl);
|
|
1585
1591
|
else if (ap2 instanceof accesspaths_1.PropertyAccessPath)
|
|
1586
|
-
(0,
|
|
1592
|
+
(0, util_2.mapGetMap)((0, util_2.mapGetMap)(asn ? f.propertyWriteAccessPaths : f.propertyReadAccessPaths, subap), ap2.prop).set(node, { bp: ap2, sub: ap2.base, encl });
|
|
1587
1593
|
else if (ap2 instanceof accesspaths_1.CallResultAccessPath)
|
|
1588
|
-
(0,
|
|
1594
|
+
(0, util_2.mapGetMap)(f.callResultAccessPaths, subap).set(node, { bp: ap2, sub: ap2.caller, encl });
|
|
1589
1595
|
else if (ap2 instanceof accesspaths_1.ComponentAccessPath)
|
|
1590
|
-
(0,
|
|
1596
|
+
(0, util_2.mapGetMap)(f.componentAccessPaths, subap).set(node, { bp: ap2, sub: ap2.component, encl });
|
|
1591
1597
|
else
|
|
1592
1598
|
assert_1.default.fail("Unexpected AccessPath");
|
|
1593
1599
|
}
|
|
@@ -1617,11 +1623,11 @@ var require_solver = __commonJS({
|
|
|
1617
1623
|
addSubsetEdge(fromRep, toRep) {
|
|
1618
1624
|
if (fromRep !== toRep) {
|
|
1619
1625
|
const f = this.fragmentState;
|
|
1620
|
-
const s = (0,
|
|
1626
|
+
const s = (0, util_2.mapGetSet)(f.subsetEdges, fromRep);
|
|
1621
1627
|
if (!s.has(toRep)) {
|
|
1622
1628
|
s.add(toRep);
|
|
1623
1629
|
f.numberOfSubsetEdges++;
|
|
1624
|
-
(0,
|
|
1630
|
+
(0, util_2.mapGetSet)(f.reverseSubsetEdges, toRep).add(fromRep);
|
|
1625
1631
|
if (logger_1.default.isVerboseEnabled())
|
|
1626
1632
|
(0, assert_1.default)(!f.redirections.has(fromRep) && !f.redirections.has(toRep));
|
|
1627
1633
|
f.vars.add(fromRep);
|
|
@@ -1642,7 +1648,7 @@ var require_solver = __commonJS({
|
|
|
1642
1648
|
const x = this.listeners.get(id);
|
|
1643
1649
|
if (x) {
|
|
1644
1650
|
if (x.l !== key.l || x.n !== key.n || x.t !== key.t || x.s !== key.s) {
|
|
1645
|
-
const format = /* @__PURE__ */ __name((x2) => `(${listeners_1.TokenListener[x2.l] ?? ""}${x2.t ?? ""},${x2.s ?? ""},${x2.n ? (0,
|
|
1651
|
+
const format = /* @__PURE__ */ __name((x2) => `(${listeners_1.TokenListener[x2.l] ?? ""}${x2.t ?? ""},${x2.s ?? ""},${x2.n ? (0, util_2.nodeToString)(x2.n) : ""},${x2.n ? ` at ${(0, util_2.locationToStringWithFileAndEnd)(x2.n.loc)}` : ""}`, "format");
|
|
1646
1652
|
logger_1.default.error(`Error: Hash collision in getListenerID ${id}: ${format(x)} != ${format(key)}`);
|
|
1647
1653
|
}
|
|
1648
1654
|
} else
|
|
@@ -1655,9 +1661,9 @@ var require_solver = __commonJS({
|
|
|
1655
1661
|
id += BigInt(key.t.hash);
|
|
1656
1662
|
}
|
|
1657
1663
|
if (key.n)
|
|
1658
|
-
id += (0,
|
|
1664
|
+
id += (0, util_2.getNodeHash)(key.n);
|
|
1659
1665
|
if (key.s)
|
|
1660
|
-
id ^= BigInt((0,
|
|
1666
|
+
id ^= BigInt((0, util_2.strHash)(key.s));
|
|
1661
1667
|
id = id << 16n | BigInt(key.l);
|
|
1662
1668
|
this.checkListenerIDCollision(id, key);
|
|
1663
1669
|
return id;
|
|
@@ -1669,7 +1675,7 @@ var require_solver = __commonJS({
|
|
|
1669
1675
|
const vRep = f.getRepresentative(v);
|
|
1670
1676
|
const lkey = { l: key, ...(0, types_1.isNode)(opts) ? { n: opts } : opts };
|
|
1671
1677
|
if (logger_1.default.isDebugEnabled())
|
|
1672
|
-
logger_1.default.debug(`Adding universally quantified constraint #${listeners_1.TokenListener[key]} to ${vRep} at ${lkey.n ? (0,
|
|
1678
|
+
logger_1.default.debug(`Adding universally quantified constraint #${listeners_1.TokenListener[key]} to ${vRep} at ${lkey.n ? (0, util_2.locationToStringWithFileAndEnd)(lkey.n.loc) : lkey.t}`);
|
|
1673
1679
|
this.addForAllTokensConstraintPrivate(vRep, this.getListenerID(lkey), key, listener);
|
|
1674
1680
|
}
|
|
1675
1681
|
addForAllTokensConstraintPrivate(vRep, id, key, listener) {
|
|
@@ -1695,7 +1701,7 @@ var require_solver = __commonJS({
|
|
|
1695
1701
|
}
|
|
1696
1702
|
break;
|
|
1697
1703
|
}
|
|
1698
|
-
const m = (0,
|
|
1704
|
+
const m = (0, util_2.mapGetMap)(bound ? f.tokenListeners2 : f.tokenListeners, vRep);
|
|
1699
1705
|
if (!m.has(id)) {
|
|
1700
1706
|
if (bound)
|
|
1701
1707
|
for (const t of f.getTokens(vRep))
|
|
@@ -1710,7 +1716,7 @@ var require_solver = __commonJS({
|
|
|
1710
1716
|
return false;
|
|
1711
1717
|
}
|
|
1712
1718
|
callTokenListener(id, listener, t, now) {
|
|
1713
|
-
const s = (0,
|
|
1719
|
+
const s = (0, util_2.mapGetSet)(this.fragmentState.listenersProcessed, id);
|
|
1714
1720
|
if (!s.has(t)) {
|
|
1715
1721
|
s.add(t);
|
|
1716
1722
|
if (now)
|
|
@@ -1722,7 +1728,7 @@ var require_solver = __commonJS({
|
|
|
1722
1728
|
}
|
|
1723
1729
|
}
|
|
1724
1730
|
callTokenListener2(id, listener, t) {
|
|
1725
|
-
const s = (0,
|
|
1731
|
+
const s = (0, util_2.mapGetSet)(this.fragmentState.listenersProcessed, id);
|
|
1726
1732
|
if (!s.has(t)) {
|
|
1727
1733
|
s.add(t);
|
|
1728
1734
|
this.enqueueListenerCall2([listener, t]);
|
|
@@ -1731,7 +1737,7 @@ var require_solver = __commonJS({
|
|
|
1731
1737
|
}
|
|
1732
1738
|
addForAllAncestorsConstraint(t, key, opts, listener) {
|
|
1733
1739
|
if (logger_1.default.isDebugEnabled())
|
|
1734
|
-
logger_1.default.debug(`Adding ancestors constraint to ${t} ${opts.n ? `at ${(0,
|
|
1740
|
+
logger_1.default.debug(`Adding ancestors constraint to ${t} ${opts.n ? `at ${(0, util_2.nodeToString)(opts.n)}` : `${listeners_1.TokenListener[key]} ${opts.s}`}`);
|
|
1735
1741
|
const id = this.getListenerID({ ...opts, l: key, t });
|
|
1736
1742
|
const anc = this.fragmentState.getRepresentative(this.varProducer.ancestorsVar(t));
|
|
1737
1743
|
if (this.addForAllTokensConstraintPrivate(anc, id, key, listener)) {
|
|
@@ -1795,7 +1801,7 @@ var require_solver = __commonJS({
|
|
|
1795
1801
|
}
|
|
1796
1802
|
runArrayEntriesListener(t, id, listener) {
|
|
1797
1803
|
const f = this.fragmentState;
|
|
1798
|
-
const m = (0,
|
|
1804
|
+
const m = (0, util_2.mapGetMap)(f.arrayEntriesListeners, t);
|
|
1799
1805
|
if (!m.has(id)) {
|
|
1800
1806
|
const ps = f.arrayEntries.get(t);
|
|
1801
1807
|
if (ps)
|
|
@@ -1808,10 +1814,10 @@ var require_solver = __commonJS({
|
|
|
1808
1814
|
return false;
|
|
1809
1815
|
}
|
|
1810
1816
|
addArrayEntry(a, prop) {
|
|
1811
|
-
if (!(0,
|
|
1817
|
+
if (!(0, util_2.isArrayIndex)(prop))
|
|
1812
1818
|
return;
|
|
1813
1819
|
const f = this.fragmentState;
|
|
1814
|
-
const ps = (0,
|
|
1820
|
+
const ps = (0, util_2.mapGetSet)(f.arrayEntries, a);
|
|
1815
1821
|
if (!ps.has(prop)) {
|
|
1816
1822
|
if (logger_1.default.isDebugEnabled())
|
|
1817
1823
|
logger_1.default.debug(`Adding array entry ${a}[${prop}]`);
|
|
@@ -1836,7 +1842,7 @@ var require_solver = __commonJS({
|
|
|
1836
1842
|
}
|
|
1837
1843
|
runObjectPropertiesListener(t, id, listener) {
|
|
1838
1844
|
const f = this.fragmentState;
|
|
1839
|
-
const m = (0,
|
|
1845
|
+
const m = (0, util_2.mapGetMap)(f.objectPropertiesListeners, t);
|
|
1840
1846
|
if (!m.has(id)) {
|
|
1841
1847
|
const ps = f.objectProperties.get(t);
|
|
1842
1848
|
if (ps) {
|
|
@@ -1852,7 +1858,7 @@ var require_solver = __commonJS({
|
|
|
1852
1858
|
}
|
|
1853
1859
|
addObjectProperty(a, prop) {
|
|
1854
1860
|
const f = this.fragmentState;
|
|
1855
|
-
const ps = (0,
|
|
1861
|
+
const ps = (0, util_2.mapGetSet)(f.objectProperties, a);
|
|
1856
1862
|
if (!ps.has(prop)) {
|
|
1857
1863
|
if (logger_1.default.isDebugEnabled())
|
|
1858
1864
|
logger_1.default.debug(`Adding object property ${a}.${prop}`);
|
|
@@ -1894,8 +1900,8 @@ var require_solver = __commonJS({
|
|
|
1894
1900
|
for (const t of f.getTokens(rep))
|
|
1895
1901
|
if (!has(t))
|
|
1896
1902
|
rts.add(t);
|
|
1897
|
-
const repOut = (0,
|
|
1898
|
-
const repIn = (0,
|
|
1903
|
+
const repOut = (0, util_2.mapGetSet)(f.subsetEdges, rep);
|
|
1904
|
+
const repIn = (0, util_2.mapGetSet)(f.reverseSubsetEdges, rep);
|
|
1899
1905
|
const vOut = f.subsetEdges.get(v);
|
|
1900
1906
|
if (vOut) {
|
|
1901
1907
|
for (const w of vOut) {
|
|
@@ -1938,7 +1944,7 @@ var require_solver = __commonJS({
|
|
|
1938
1944
|
f.reverseSubsetEdges.delete(rep);
|
|
1939
1945
|
const tr = f.tokenListeners.get(v);
|
|
1940
1946
|
if (tr) {
|
|
1941
|
-
const qr = (0,
|
|
1947
|
+
const qr = (0, util_2.mapGetMap)(f.tokenListeners, rep);
|
|
1942
1948
|
for (const [k, listener] of tr)
|
|
1943
1949
|
if (!qr.has(k)) {
|
|
1944
1950
|
qr.set(k, listener);
|
|
@@ -1949,7 +1955,7 @@ var require_solver = __commonJS({
|
|
|
1949
1955
|
}
|
|
1950
1956
|
const tr2 = f.tokenListeners2.get(v);
|
|
1951
1957
|
if (tr2) {
|
|
1952
|
-
const qr = (0,
|
|
1958
|
+
const qr = (0, util_2.mapGetMap)(f.tokenListeners2, rep);
|
|
1953
1959
|
for (const [k, listener] of tr2)
|
|
1954
1960
|
if (!qr.has(k)) {
|
|
1955
1961
|
qr.set(k, listener);
|
|
@@ -2146,6 +2152,15 @@ var require_solver = __commonJS({
|
|
|
2146
2152
|
}
|
|
2147
2153
|
}
|
|
2148
2154
|
}
|
|
2155
|
+
assertLazy(strings, ...values) {
|
|
2156
|
+
const template = strings.join("%s");
|
|
2157
|
+
if (options_1.options.lazySoftAssert) {
|
|
2158
|
+
const errs = (this.diagnostics.lazyErrors ??= {})[template] ??= { messages: [], count: 0 };
|
|
2159
|
+
if (++errs.count <= 5)
|
|
2160
|
+
errs.messages.push((0, util_1.format)(template, ...values));
|
|
2161
|
+
} else
|
|
2162
|
+
assert_1.default.fail((0, util_1.format)(template, ...values));
|
|
2163
|
+
}
|
|
2149
2164
|
};
|
|
2150
2165
|
exports.default = Solver;
|
|
2151
2166
|
}
|
|
@@ -4364,11 +4379,14 @@ var require_analyzer = __commonJS({
|
|
|
4364
4379
|
const funs = /* @__PURE__ */ new Map();
|
|
4365
4380
|
for (const [vs, fun] of a.vulnerabilities.patternMatch(solver.fragmentState, void 0, solver.diagnostics).values())
|
|
4366
4381
|
(0, util_1.addAll)(vs, (0, util_1.mapGetSet)(funs, fun));
|
|
4382
|
+
let t;
|
|
4367
4383
|
const reachingFunctions = /* @__PURE__ */ new Set();
|
|
4368
4384
|
if (funs.size) {
|
|
4369
4385
|
(0, finalization_1.finalizeCallEdges)(solver);
|
|
4386
|
+
t = new timer_1.default();
|
|
4370
4387
|
(0, util_1.addAll)(a.vulnerabilities.findFunctionsThatMayReachVulnerableFunctions(funs, f2).keys(), reachingFunctions);
|
|
4371
|
-
}
|
|
4388
|
+
} else
|
|
4389
|
+
t = new timer_1.default();
|
|
4372
4390
|
if (logger_1.default.isVerboseEnabled())
|
|
4373
4391
|
logger_1.default.verbose(`Lazy: Functions that may reach vulnerable functions: ${reachingFunctions.size}`);
|
|
4374
4392
|
const isCandidate = /* @__PURE__ */ __name((m) => m.directDependents.values().some((d2) => !a.reachedModulesFull.has(d2)), "isCandidate");
|
|
@@ -4393,20 +4411,24 @@ var require_analyzer = __commonJS({
|
|
|
4393
4411
|
}
|
|
4394
4412
|
for (const [m, ts] of (0, lazy_1.getExportedFunctionsByModule)(candidateModules, solver)) {
|
|
4395
4413
|
const ap = new accesspaths_1.LazyAccessPath(m, true);
|
|
4396
|
-
for (const
|
|
4397
|
-
for (const param of
|
|
4414
|
+
for (const t2 of ts) {
|
|
4415
|
+
for (const param of t2.fun.params)
|
|
4398
4416
|
if ((0, types_1.isIdentifier)(param))
|
|
4399
4417
|
solver.addAccessPath(ap, f2.varProducer.nodeVar(param));
|
|
4400
|
-
if (f2.functionsWithThis.has(
|
|
4401
|
-
solver.addAccessPath(ap, f2.varProducer.thisVar(
|
|
4402
|
-
if (f2.functionsWithArguments.has(
|
|
4403
|
-
solver.addAccessPath(ap, f2.varProducer.argumentsVar(
|
|
4418
|
+
if (f2.functionsWithThis.has(t2.fun))
|
|
4419
|
+
solver.addAccessPath(ap, f2.varProducer.thisVar(t2.fun));
|
|
4420
|
+
if (f2.functionsWithArguments.has(t2.fun))
|
|
4421
|
+
solver.addAccessPath(ap, f2.varProducer.argumentsVar(t2.fun));
|
|
4404
4422
|
}
|
|
4405
4423
|
}
|
|
4406
|
-
|
|
4424
|
+
{
|
|
4425
|
+
const t2 = new timer_1.default();
|
|
4426
|
+
await solver.propagate("Lazy loading");
|
|
4427
|
+
d.lazyTime -= t2.elapsed();
|
|
4428
|
+
}
|
|
4407
4429
|
for (const m of candidateModules) {
|
|
4408
4430
|
const ap = a.canonicalizeAccessPath(new accesspaths_1.LazyAccessPath(m, true));
|
|
4409
|
-
(0, lazy_1.assertLazyAPActive)(ap,
|
|
4431
|
+
(0, lazy_1.assertLazyAPActive)(ap, solver);
|
|
4410
4432
|
const v = f2.varProducer.objPropVar(a.canonicalizeToken(new tokens_1.NativeObjectToken("module", m)), "exports");
|
|
4411
4433
|
(0, util_1.mapGetSet)(f2.lazyEscaping, ap).add(v);
|
|
4412
4434
|
}
|
|
@@ -4424,25 +4446,25 @@ var require_analyzer = __commonJS({
|
|
|
4424
4446
|
lazyEscapingTokens.set(ap, ts);
|
|
4425
4447
|
}
|
|
4426
4448
|
const [graph] = (0, lazy_1.constructTokenReachabilityGraph)(roots, solver);
|
|
4427
|
-
const vulnTokens = graph.keys().filter((
|
|
4449
|
+
const vulnTokens = graph.keys().filter((t2) => t2 instanceof tokens_1.AccessPathToken && !(t2.ap instanceof accesspaths_1.UnknownAccessPath || t2.ap instanceof accesspaths_1.IgnoredAccessPath || t2.ap instanceof accesspaths_1.LazyAccessPath) || t2 instanceof tokens_1.FunctionToken && reachingFunctions.has(a.functionInfos.get(t2.fun))).toArray();
|
|
4428
4450
|
if (vulnTokens.length) {
|
|
4429
4451
|
const rGraph = (0, util_1.getReverseGraph)(graph);
|
|
4430
4452
|
const worklist = vulnTokens;
|
|
4431
4453
|
const visited = new Set(worklist);
|
|
4432
4454
|
while (worklist.length) {
|
|
4433
|
-
const
|
|
4434
|
-
const es = rGraph.get(
|
|
4455
|
+
const t2 = worklist.pop();
|
|
4456
|
+
const es = rGraph.get(t2);
|
|
4435
4457
|
if (es) {
|
|
4436
|
-
for (const
|
|
4437
|
-
if (!visited.has(
|
|
4438
|
-
visited.add(
|
|
4439
|
-
worklist.push(
|
|
4458
|
+
for (const t22 of es)
|
|
4459
|
+
if (!visited.has(t22)) {
|
|
4460
|
+
visited.add(t22);
|
|
4461
|
+
worklist.push(t22);
|
|
4440
4462
|
}
|
|
4441
4463
|
}
|
|
4442
4464
|
}
|
|
4443
4465
|
for (const [ap, ts] of lazyEscapingTokens)
|
|
4444
|
-
for (const
|
|
4445
|
-
if (visited.has(
|
|
4466
|
+
for (const t2 of ts)
|
|
4467
|
+
if (visited.has(t2)) {
|
|
4446
4468
|
if (ap.dependents) {
|
|
4447
4469
|
if (logger_1.default.isVerboseEnabled())
|
|
4448
4470
|
logger_1.default.verbose(`Lazy: Including ${ap.moduleInfo.directDependents.size} dependents of ${ap.moduleInfo}`);
|
|
@@ -4456,6 +4478,7 @@ var require_analyzer = __commonJS({
|
|
|
4456
4478
|
break;
|
|
4457
4479
|
}
|
|
4458
4480
|
}
|
|
4481
|
+
d.lazyTime += t.elapsed();
|
|
4459
4482
|
solver.updateDiagnostics();
|
|
4460
4483
|
}
|
|
4461
4484
|
}
|
|
@@ -13461,7 +13484,7 @@ var require_main = __commonJS({
|
|
|
13461
13484
|
var assert_1 = __importDefault(__require("assert"));
|
|
13462
13485
|
var semver_1 = __importDefault(require_semver2());
|
|
13463
13486
|
var ENGINES_NODE = require_package()?.engines?.node;
|
|
13464
|
-
commander_1.program.name("jelly").version(options_1.VERSION).addHelpText("before", options_1.COPYRIGHT).option("-b, --basedir <directory>", "base directory for files to analyze (default: auto-detect)").option("-f, --logfile <file>", "log to file (default: log to stdout)").option("-l, --loglevel <level>", "log level (debug/verbose/info/warn/error)", "info").option("-i, --timeout <seconds>", "limit analysis time").option("-a, --dataflow-html <file>", "save data-flow graph as HTML file").option("-m, --callgraph-html <file>", "save call graph as HTML file").option("-j, --callgraph-json <file>", "save call graph as JSON file").option("-s, --soundness <file>", "compare with dynamic call graph").option("-n, --graal-home <directory>", "home of graal-nodejs (default: $GRAAL_HOME)").option("-d, --dynamic <file>", "generate call graph dynamically, no static analysis").option("--approx", "enable approximate interpretation").option("--approx-only <file>", "perform approximate interpretation, no static analysis").option("--approx-load <file>", "use pre-computed approximate interpretation results").option("-p, --patterns <file...>", "files containing API usage patterns to detect").option("-v, --vulnerabilities <file>", "report vulnerability matches").option("--vulnerabilities-json <json>", "report vulnerability matches (patterns given as JSON string)").option("--include-packages <package...>", "include only dependencies in this list").option("--exclude-packages <package...>", "exclude dependencies in this list").option("--ignore-dependencies", "don't include dependencies in analysis").option("--ignore-unresolved", "don't report errors about unresolved modules").option("--npm-test <dir>", "run 'npm test' instead of 'node' (use with -d)").option("--callgraph", "report call graph").option("--tokens-json <file>", "save tokens for constraint variables as JSON file").option("--tokens", "report tokens for constraint variables").option("--largest", "report largest token sets and subset relations").option("--no-cycle-elimination", "disable cycle elimination").option("--no-natives", "disable nonessential models of native libraries").option("--test-graal", "test graal-nodejs (use with -d)").option("--no-print-progress", "don't print analysis progress information").option("--no-tty", "don't print solver progress for TTY").option("--warnings-unsupported", "print warnings about unsupported features").option("--gc", "enable garbage collection for more accurate memory usage reporting").option("--typescript", "enable TypeScript type inference (use with -p)").option("--api-usage", "report API usage of external packages (implies --ignore-dependencies)").option("--api-exported", "report API of modules").option("--find-access-paths <location>", "find access paths for source location (file:line)").option("--higher-order-functions", "report higher-order functions").option("--zeros", "report calls with zero callees and functions with zero callers").option("--exclude-entries <glob...>", "files to exclude when specifying entry directories").option("--tracked-modules <glob...>", "modules to track usage of (default: auto-detect)").option("--external-matches", "enable pattern matches from external code").option("--no-callgraph-implicit", "omit implicit calls in call graph").option("--no-callgraph-native", "omit native calls in call graph").option("--no-callgraph-require", "omit module loading in call graph").option("--no-callgraph-external", "omit heuristic external callbacks in call graph").option("--diagnostics", "report internal analysis diagnostics").option("--diagnostics-json <file>", "save analysis diagnostics in JSON file").option("--variable-kinds", "report constraint variable kinds").option("--max-waves <number>", "limit number of fixpoint waves").option("--max-indirections <number>", "limit number of function call and property write indirections").option("--full-indirection-bounding", "enable indirection bounding for method calls and property reads (use with --max-indirections)").option("--typescript-library-usage <file>", "save TypeScript library usage in JSON file, no analysis").option("--modules-only", "report reachable packages and modules only, no analysis").option("--compare-callgraphs", "compare two call graphs given as JSON files, no analysis").option("--reachability", "compare call graph reachability (use with -s or --compare-callgraphs)").option("--library", "assume program is a library (default: true if in node_modules)").option("--skip-tests", "skip files that look like tests").option("--no-patch-escaping", "disable patching using escape analysis").option("--patch-dynamics", "enable dynamic property access patching heuristic").option("--patch-method-calls", "enable method call patching heuristic").option("--no-patch-this", "disable 'this' patching heuristic").option("--proto", "enable model of assignments to the __proto__ property").option("--obj-spread", "enable model of spread syntax for object literals ({...obj})").option("--native-overwrites", "allow overwriting of native object properties").option("--ignore-imprecise-native-calls", "ignore imprecise native calls").option("--matches-json <file>", "save vulnerability pattern matches in JSON file").option("--reachable-json <file>", "save reachable packages and modules in JSON file").option("--callstacks-json <file>", "save vulnerability call stacks in JSON file").option("--vulnerabilities-full", "full report of vulnerabilities").option("--modules-json <file>", "save modules dependencies in JSON file").option("--lazy", "lazy analysis of modules").option("--lazy-cleanup", "lazily clean up redundant tokens for lazy module analysis").option("--reparse", "reparse by need (use with --lazy)").option("--memory <limit>", "abort if reaching selected fraction of memory limit").usage("[options] [files]").addHelpText("after", `
|
|
13487
|
+
commander_1.program.name("jelly").version(options_1.VERSION).addHelpText("before", options_1.COPYRIGHT).option("-b, --basedir <directory>", "base directory for files to analyze (default: auto-detect)").option("-f, --logfile <file>", "log to file (default: log to stdout)").option("-l, --loglevel <level>", "log level (debug/verbose/info/warn/error)", "info").option("-i, --timeout <seconds>", "limit analysis time").option("-a, --dataflow-html <file>", "save data-flow graph as HTML file").option("-m, --callgraph-html <file>", "save call graph as HTML file").option("-j, --callgraph-json <file>", "save call graph as JSON file").option("-s, --soundness <file>", "compare with dynamic call graph").option("-n, --graal-home <directory>", "home of graal-nodejs (default: $GRAAL_HOME)").option("-d, --dynamic <file>", "generate call graph dynamically, no static analysis").option("--approx", "enable approximate interpretation").option("--approx-only <file>", "perform approximate interpretation, no static analysis").option("--approx-load <file>", "use pre-computed approximate interpretation results").option("-p, --patterns <file...>", "files containing API usage patterns to detect").option("-v, --vulnerabilities <file>", "report vulnerability matches").option("--vulnerabilities-json <json>", "report vulnerability matches (patterns given as JSON string)").option("--include-packages <package...>", "include only dependencies in this list").option("--exclude-packages <package...>", "exclude dependencies in this list").option("--ignore-dependencies", "don't include dependencies in analysis").option("--ignore-unresolved", "don't report errors about unresolved modules").option("--npm-test <dir>", "run 'npm test' instead of 'node' (use with -d)").option("--callgraph", "report call graph").option("--tokens-json <file>", "save tokens for constraint variables as JSON file").option("--tokens", "report tokens for constraint variables").option("--largest", "report largest token sets and subset relations").option("--no-cycle-elimination", "disable cycle elimination").option("--no-natives", "disable nonessential models of native libraries").option("--test-graal", "test graal-nodejs (use with -d)").option("--no-print-progress", "don't print analysis progress information").option("--no-tty", "don't print solver progress for TTY").option("--warnings-unsupported", "print warnings about unsupported features").option("--gc", "enable garbage collection for more accurate memory usage reporting").option("--typescript", "enable TypeScript type inference (use with -p)").option("--api-usage", "report API usage of external packages (implies --ignore-dependencies)").option("--api-exported", "report API of modules").option("--find-access-paths <location>", "find access paths for source location (file:line)").option("--higher-order-functions", "report higher-order functions").option("--zeros", "report calls with zero callees and functions with zero callers").option("--exclude-entries <glob...>", "files to exclude when specifying entry directories").option("--tracked-modules <glob...>", "modules to track usage of (default: auto-detect)").option("--external-matches", "enable pattern matches from external code").option("--no-callgraph-implicit", "omit implicit calls in call graph").option("--no-callgraph-native", "omit native calls in call graph").option("--no-callgraph-require", "omit module loading in call graph").option("--no-callgraph-external", "omit heuristic external callbacks in call graph").option("--diagnostics", "report internal analysis diagnostics").option("--diagnostics-json <file>", "save analysis diagnostics in JSON file").option("--variable-kinds", "report constraint variable kinds").option("--max-waves <number>", "limit number of fixpoint waves").option("--max-indirections <number>", "limit number of function call and property write indirections").option("--full-indirection-bounding", "enable indirection bounding for method calls and property reads (use with --max-indirections)").option("--typescript-library-usage <file>", "save TypeScript library usage in JSON file, no analysis").option("--modules-only", "report reachable packages and modules only, no analysis").option("--compare-callgraphs", "compare two call graphs given as JSON files, no analysis").option("--reachability", "compare call graph reachability (use with -s or --compare-callgraphs)").option("--library", "assume program is a library (default: true if in node_modules)").option("--skip-tests", "skip files that look like tests").option("--no-patch-escaping", "disable patching using escape analysis").option("--patch-dynamics", "enable dynamic property access patching heuristic").option("--patch-method-calls", "enable method call patching heuristic").option("--no-patch-this", "disable 'this' patching heuristic").option("--proto", "enable model of assignments to the __proto__ property").option("--obj-spread", "enable model of spread syntax for object literals ({...obj})").option("--native-overwrites", "allow overwriting of native object properties").option("--ignore-imprecise-native-calls", "ignore imprecise native calls").option("--matches-json <file>", "save vulnerability pattern matches in JSON file").option("--reachable-json <file>", "save reachable packages and modules in JSON file").option("--callstacks-json <file>", "save vulnerability call stacks in JSON file").option("--vulnerabilities-full", "full report of vulnerabilities").option("--modules-json <file>", "save modules dependencies in JSON file").option("--lazy", "lazy analysis of modules").option("--lazy-cleanup", "lazily clean up redundant tokens for lazy module analysis").option("--lazy-soft-assert", "assertions for --lazy mode are non-fatal (see diagnostics)").option("--reparse", "reparse by need (use with --lazy)").option("--memory <limit>", "abort if reaching selected fraction of memory limit").usage("[options] [files]").addHelpText("after", `
|
|
13465
13488
|
All modules reachable by require/import from the given files are included in the analysis
|
|
13466
13489
|
(except when using --ignore-dependencies, --include-packages or --exclude-packages).
|
|
13467
13490
|
If specifying directories instead of files, the files in the directories and their
|
|
index 35a0462..6cfd84f 100644
|
|
|
Binary file
|