@coana-tech/cli 14.12.157 → 14.12.159
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.mjs +3 -2
- package/package.json +1 -1
- package/reachability-analyzers-cli.mjs +6 -4
- package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
- package/repos/coana-tech/javap-service/javap-service.jar +0 -0
- package/repos/coana-tech/jelly-private/dist/bundle/approx.js +3 -3
- package/repos/coana-tech/jelly-private/dist/bundle/{chunk-ODOUARTV.js → chunk-AAKFGMVW.js} +50 -25
- package/repos/coana-tech/jelly-private/dist/bundle/{chunk-3MLCDX4W.js → chunk-AEP2QDUI.js} +2 -2
- package/repos/coana-tech/jelly-private/dist/bundle/{chunk-NIHHHBFM.js → chunk-BV33FESD.js} +2 -2
- package/repos/coana-tech/jelly-private/dist/bundle/{chunk-5V2V4LSG.js → chunk-ID4Q5QL5.js} +2 -2
- package/repos/coana-tech/jelly-private/dist/bundle/hooks.js +3 -3
- package/repos/coana-tech/jelly-private/dist/bundle/jelly.js +199 -51
- package/repos/coana-tech/mambalade/dist/mambalade-0.3.20-py3-none-any.whl +0 -0
package/cli.mjs
CHANGED
|
@@ -234633,6 +234633,7 @@ function isShortestPath(root3, vulnPath) {
|
|
|
234633
234633
|
}
|
|
234634
234634
|
|
|
234635
234635
|
// ../web-compat-utils/src/analysis-error-keys.ts
|
|
234636
|
+
var FAILED_TO_INSTALL_PACKAGE_KEY = "[UNABLE_TO_INSTALL_PACKAGE_ERROR]: ";
|
|
234636
234637
|
var CLI_ANALYSIS_ERROR_MESSAGE = "Sharing log due to analysis error";
|
|
234637
234638
|
var ANALYSIS_LOW_CONFIDENCE_MESSAGE = "Analysis had low confidence in result";
|
|
234638
234639
|
|
|
@@ -235788,7 +235789,7 @@ function displayWorkspaceDiagnosticsSummaryInternal(diagnosticsEntries, vulns) {
|
|
|
235788
235789
|
let category = "general";
|
|
235789
235790
|
if (errorMessageLower.includes(ANALYSIS_LOW_CONFIDENCE_MESSAGE.toLowerCase())) {
|
|
235790
235791
|
category = "lowConfidence";
|
|
235791
|
-
} else if (
|
|
235792
|
+
} else if (errorMessage.startsWith(FAILED_TO_INSTALL_PACKAGE_KEY)) {
|
|
235792
235793
|
category = "install";
|
|
235793
235794
|
} else if (errorMessageLower.includes("timeout") || errorMessageLower.includes("timed out")) {
|
|
235794
235795
|
category = "timeout";
|
|
@@ -250902,7 +250903,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
|
|
|
250902
250903
|
}
|
|
250903
250904
|
|
|
250904
250905
|
// dist/version.js
|
|
250905
|
-
var version3 = "14.12.
|
|
250906
|
+
var version3 = "14.12.159";
|
|
250906
250907
|
|
|
250907
250908
|
// dist/cli-core.js
|
|
250908
250909
|
var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;
|
package/package.json
CHANGED
|
@@ -110902,7 +110902,7 @@ function getExcludes(mainProjectRoot, projectRoot, options) {
|
|
|
110902
110902
|
if (options.excludeDirs?.length) {
|
|
110903
110903
|
const excludeDirsRelativeToProjectRoot = options.excludeDirs.map((d) => relative6(projectRoot, resolve13(mainProjectRoot, d)));
|
|
110904
110904
|
const excludeDirsRelativeToProjectRootWithWildcards = excludeDirsRelativeToProjectRoot.map((d) => `${d}/**`);
|
|
110905
|
-
return [...excludeDirsRelativeToProjectRoot, ...excludeDirsRelativeToProjectRootWithWildcards];
|
|
110905
|
+
return ["--exclude-entries", ...excludeDirsRelativeToProjectRoot, ...excludeDirsRelativeToProjectRootWithWildcards];
|
|
110906
110906
|
}
|
|
110907
110907
|
}
|
|
110908
110908
|
function relativizeSourceLocations(projectDir, paths) {
|
|
@@ -110952,14 +110952,16 @@ var JSCodeAwareVulnerabilityScanner = class _JSCodeAwareVulnerabilityScanner {
|
|
|
110952
110952
|
analysisOptionsFromHeuristic.approx = process.env.JELLY_APPROX === "true" || experiment === "JELLY_APPROX";
|
|
110953
110953
|
const analysisRes = await runJellyAnalysis(this.mainProjectDir, this.projectDir, analysisOptionsFromHeuristic, this.options, timeoutInSeconds, vulnerabilities, experiment, telemetryHandler, analyzerTelemetryHandler);
|
|
110954
110954
|
const { analysisDiagnostics: diagnostics, matches } = analysisRes;
|
|
110955
|
-
const
|
|
110955
|
+
const terminatedEarly = diagnostics.aborted || diagnostics.timeout || diagnostics.lowmemory;
|
|
110956
110956
|
return {
|
|
110957
110957
|
type: "success",
|
|
110958
110958
|
diagnostics,
|
|
110959
|
-
terminatedEarly
|
|
110959
|
+
terminatedEarly,
|
|
110960
110960
|
reachedDependencies: diagnostics.packages > 0,
|
|
110961
110961
|
affectedPurls: analysisRes.affectedPurls,
|
|
110962
|
-
|
|
110962
|
+
// A round of 0 or 1 indicates that at most 1 level of indirections in the calls was resolved,
|
|
110963
|
+
// which is too few for us to confidently trust the results.
|
|
110964
|
+
lowConfidence: diagnostics.round < 2 && terminatedEarly,
|
|
110963
110965
|
computeDetectedOccurrences: ({ url: url2 }) => this.transformSourceLocations(matches[url2] ?? { analysisLevel: "function-level", affectedPackages: [], stacks: [] })
|
|
110964
110966
|
};
|
|
110965
110967
|
} catch (e) {
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
@@ -7,11 +7,11 @@ import "./iterator-helpers-polyfill.js";
|
|
|
7
7
|
import {
|
|
8
8
|
require_hints,
|
|
9
9
|
require_parser
|
|
10
|
-
} from "./chunk-
|
|
10
|
+
} from "./chunk-BV33FESD.js";
|
|
11
11
|
import {
|
|
12
12
|
require_proxy,
|
|
13
13
|
require_sandbox
|
|
14
|
-
} from "./chunk-
|
|
14
|
+
} from "./chunk-ID4Q5QL5.js";
|
|
15
15
|
import {
|
|
16
16
|
__commonJS,
|
|
17
17
|
__name,
|
|
@@ -21,7 +21,7 @@ import {
|
|
|
21
21
|
require_options,
|
|
22
22
|
require_transform,
|
|
23
23
|
require_util
|
|
24
|
-
} from "./chunk-
|
|
24
|
+
} from "./chunk-AAKFGMVW.js";
|
|
25
25
|
|
|
26
26
|
// lib/approx/approx.js
|
|
27
27
|
var require_approx = __commonJS({
|
|
@@ -10871,6 +10871,8 @@ var require_options = __commonJS({
|
|
|
10871
10871
|
reachableJson: void 0,
|
|
10872
10872
|
callstacksJson: void 0,
|
|
10873
10873
|
vulnerabilitiesFull: false,
|
|
10874
|
+
eagerPropagation: false,
|
|
10875
|
+
interops: true,
|
|
10874
10876
|
modulesJson: void 0,
|
|
10875
10877
|
preciseAccessPathTransitions: false,
|
|
10876
10878
|
lazy: false,
|
|
@@ -10958,6 +10960,7 @@ var require_util = __commonJS({
|
|
|
10958
10960
|
exports.mapSetToPairArray = mapSetToPairArray;
|
|
10959
10961
|
exports.addPairArrayToMapSet = addPairArrayToMapSet;
|
|
10960
10962
|
exports.pushAll = pushAll;
|
|
10963
|
+
exports.escapeRegExp = escapeRegExp;
|
|
10961
10964
|
exports.strHash = strHash;
|
|
10962
10965
|
exports.isArrayIndex = isArrayIndex;
|
|
10963
10966
|
exports.percent = percent;
|
|
@@ -11230,6 +11233,10 @@ var require_util = __commonJS({
|
|
|
11230
11233
|
to.push(x);
|
|
11231
11234
|
}
|
|
11232
11235
|
__name(pushAll, "pushAll");
|
|
11236
|
+
function escapeRegExp(s) {
|
|
11237
|
+
return s.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
|
|
11238
|
+
}
|
|
11239
|
+
__name(escapeRegExp, "escapeRegExp");
|
|
11233
11240
|
function strHash(s) {
|
|
11234
11241
|
let h1 = 0, h2 = 17656767856;
|
|
11235
11242
|
for (let i = 0, ch; i < s.length; i++) {
|
|
@@ -11431,6 +11438,7 @@ var require_asthelpers = __commonJS({
|
|
|
11431
11438
|
exports.isMemberRead = isMemberRead;
|
|
11432
11439
|
exports.isIdentifierReference = isIdentifierReference;
|
|
11433
11440
|
exports.getConstructor = getConstructor;
|
|
11441
|
+
exports.getConstantString = getConstantString;
|
|
11434
11442
|
var types_1 = __require("@babel/types");
|
|
11435
11443
|
var assert_1 = __importDefault(__require("assert"));
|
|
11436
11444
|
var util_1 = require_util();
|
|
@@ -11621,6 +11629,23 @@ var require_asthelpers = __commonJS({
|
|
|
11621
11629
|
assert_1.default.fail(`Constructor not found for class ${(0, util_1.locationToStringWithFileAndEnd)(path.node.loc)}`);
|
|
11622
11630
|
}
|
|
11623
11631
|
__name(getConstructor, "getConstructor");
|
|
11632
|
+
function getConstantString(id) {
|
|
11633
|
+
if (id.isStringLiteral())
|
|
11634
|
+
return id.node.value;
|
|
11635
|
+
if (id.isIdentifier()) {
|
|
11636
|
+
const binding = id.scope.getBinding(id.node.name);
|
|
11637
|
+
if (binding && binding.constant && binding.constantViolations.length === 0) {
|
|
11638
|
+
const def = binding.path;
|
|
11639
|
+
if (def.isVariableDeclarator()) {
|
|
11640
|
+
const init = def.node.init;
|
|
11641
|
+
if (init && (0, types_1.isStringLiteral)(init))
|
|
11642
|
+
return init.value;
|
|
11643
|
+
}
|
|
11644
|
+
}
|
|
11645
|
+
}
|
|
11646
|
+
return void 0;
|
|
11647
|
+
}
|
|
11648
|
+
__name(getConstantString, "getConstantString");
|
|
11624
11649
|
}
|
|
11625
11650
|
});
|
|
11626
11651
|
|
|
@@ -11639,7 +11664,8 @@ var require_tokens = __commonJS({
|
|
|
11639
11664
|
static {
|
|
11640
11665
|
__name(this, "Token");
|
|
11641
11666
|
}
|
|
11642
|
-
|
|
11667
|
+
index = -1;
|
|
11668
|
+
hash = void 0;
|
|
11643
11669
|
};
|
|
11644
11670
|
exports.Token = Token;
|
|
11645
11671
|
var FunctionToken = class extends Token {
|
|
@@ -11834,6 +11860,7 @@ var require_ecmascript = __commonJS({
|
|
|
11834
11860
|
var types_1 = __require("@babel/types");
|
|
11835
11861
|
var listeners_1 = require_listeners();
|
|
11836
11862
|
var options_1 = require_options();
|
|
11863
|
+
var asthelpers_1 = require_asthelpers();
|
|
11837
11864
|
exports.OBJECT_PROTOTYPE = "Object.prototype";
|
|
11838
11865
|
exports.ARRAY_PROTOTYPE = "Array.prototype";
|
|
11839
11866
|
exports.FUNCTION_PROTOTYPE = "Function.prototype";
|
|
@@ -12950,7 +12977,8 @@ var require_ecmascript = __commonJS({
|
|
|
12950
12977
|
const args = p.path.node.arguments;
|
|
12951
12978
|
if (args.length < 3)
|
|
12952
12979
|
return;
|
|
12953
|
-
|
|
12980
|
+
const prop = (0, asthelpers_1.getConstantString)(p.path.get("arguments.1"));
|
|
12981
|
+
if (prop === void 0) {
|
|
12954
12982
|
(0, nativehelpers_1.warnNativeUsed)("Object.defineProperty", p, "with dynamic property name");
|
|
12955
12983
|
return;
|
|
12956
12984
|
}
|
|
@@ -12958,7 +12986,7 @@ var require_ecmascript = __commonJS({
|
|
|
12958
12986
|
(0, nativehelpers_1.warnNativeUsed)("Object.defineProperty", p, "with non-expressions?");
|
|
12959
12987
|
return;
|
|
12960
12988
|
}
|
|
12961
|
-
const ivars = (0, nativehelpers_1.prepareDefineProperty)("Object.defineProperty",
|
|
12989
|
+
const ivars = (0, nativehelpers_1.prepareDefineProperty)("Object.defineProperty", prop, p.op.expVar(args[2], p.path), p);
|
|
12962
12990
|
(0, nativehelpers_1.defineProperties)([args[0], listeners_1.TokenListener.NATIVE_OBJECT_DEFINE_PROPERTY], ivars, p);
|
|
12963
12991
|
}, "invoke")
|
|
12964
12992
|
},
|
|
@@ -14455,6 +14483,7 @@ var require_constraintvars = __commonJS({
|
|
|
14455
14483
|
static {
|
|
14456
14484
|
__name(this, "ConstraintVar");
|
|
14457
14485
|
}
|
|
14486
|
+
index = -1;
|
|
14458
14487
|
getKind() {
|
|
14459
14488
|
return this.constructor.name;
|
|
14460
14489
|
}
|
|
@@ -15415,7 +15444,8 @@ var require_nativehelpers = __commonJS({
|
|
|
15415
15444
|
const args = p.path.node.arguments;
|
|
15416
15445
|
if (args.length < 2 || !p.base)
|
|
15417
15446
|
return;
|
|
15418
|
-
|
|
15447
|
+
const prop = (0, asthelpers_1.getConstantString)(p.path.get("arguments.0"));
|
|
15448
|
+
if (prop === void 0) {
|
|
15419
15449
|
warnNativeUsed(`Object.__define${ac === "get" ? "G" : "S"}etter__`, p, "with dynamic property name");
|
|
15420
15450
|
return;
|
|
15421
15451
|
}
|
|
@@ -15425,7 +15455,7 @@ var require_nativehelpers = __commonJS({
|
|
|
15425
15455
|
}
|
|
15426
15456
|
const ivar = p.op.expVar(args[1], p.path);
|
|
15427
15457
|
if (ivar)
|
|
15428
|
-
defineProperties(p.base, [{ prop
|
|
15458
|
+
defineProperties(p.base, [{ prop, ac, ivar }], p);
|
|
15429
15459
|
}
|
|
15430
15460
|
__name(defineGetterSetter, "defineGetterSetter");
|
|
15431
15461
|
}
|
|
@@ -18662,7 +18692,6 @@ var require_packagejson = __commonJS({
|
|
|
18662
18692
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
18663
18693
|
exports.findPackageJson = findPackageJson;
|
|
18664
18694
|
exports.getPackageJsonInfo = getPackageJsonInfo;
|
|
18665
|
-
exports.isInExports = isInExports;
|
|
18666
18695
|
var util_1 = require_util();
|
|
18667
18696
|
var path_1 = __require("path");
|
|
18668
18697
|
var fs_1 = __require("fs");
|
|
@@ -18730,17 +18759,21 @@ var require_packagejson = __commonJS({
|
|
|
18730
18759
|
}
|
|
18731
18760
|
}
|
|
18732
18761
|
if (typeof f === "object" && "exports" in f) {
|
|
18733
|
-
|
|
18734
|
-
|
|
18735
|
-
exports2.push(main);
|
|
18762
|
+
const patterns = [];
|
|
18763
|
+
let valid = true;
|
|
18736
18764
|
const queue = [f.exports];
|
|
18737
18765
|
while (queue.length > 0) {
|
|
18738
18766
|
const exp = queue.pop();
|
|
18739
18767
|
if (typeof exp === "string") {
|
|
18740
|
-
if (exp
|
|
18741
|
-
|
|
18742
|
-
|
|
18743
|
-
|
|
18768
|
+
if (exp === "./") {
|
|
18769
|
+
patterns.length = 0;
|
|
18770
|
+
patterns.push(".*");
|
|
18771
|
+
break;
|
|
18772
|
+
} else if (exp.startsWith("./")) {
|
|
18773
|
+
const path = exp.substring(2);
|
|
18774
|
+
patterns.push(path.endsWith("/") ? (0, util_1.escapeRegExp)(path) + ".*" : (0, util_1.escapeRegExp)(path).replaceAll("\\*", "[^/]*"));
|
|
18775
|
+
} else {
|
|
18776
|
+
valid = false;
|
|
18744
18777
|
logger_1.default.warn(`Warning: Non-relative export (${exp}) found in ${p.packageJson}`);
|
|
18745
18778
|
break;
|
|
18746
18779
|
}
|
|
@@ -18751,11 +18784,13 @@ var require_packagejson = __commonJS({
|
|
|
18751
18784
|
else if (typeof exp === "object")
|
|
18752
18785
|
(0, util_1.pushAll)(Object.values(exp), queue);
|
|
18753
18786
|
else {
|
|
18754
|
-
|
|
18787
|
+
valid = false;
|
|
18755
18788
|
logger_1.default.warn(`Warning: Invalid export (${exp}) found in ${p.packageJson}`);
|
|
18756
18789
|
break;
|
|
18757
18790
|
}
|
|
18758
18791
|
}
|
|
18792
|
+
if (valid)
|
|
18793
|
+
exports2 = new RegExp("^(" + patterns.join("|") + ")$");
|
|
18759
18794
|
}
|
|
18760
18795
|
} else {
|
|
18761
18796
|
name = "<main>";
|
|
@@ -18765,16 +18800,6 @@ var require_packagejson = __commonJS({
|
|
|
18765
18800
|
return { packagekey, name, version, main, dir, exports: exports2 };
|
|
18766
18801
|
}
|
|
18767
18802
|
__name(getPackageJsonInfo, "getPackageJsonInfo");
|
|
18768
|
-
function isInExports(rel, exports2) {
|
|
18769
|
-
for (const path of exports2)
|
|
18770
|
-
if (path.includes("*")) {
|
|
18771
|
-
if (new RegExp(`^${path.replaceAll(/\*/g, ".*")}$`).test(rel))
|
|
18772
|
-
return true;
|
|
18773
|
-
} else if (path === rel)
|
|
18774
|
-
return true;
|
|
18775
|
-
return false;
|
|
18776
|
-
}
|
|
18777
|
-
__name(isInExports, "isInExports");
|
|
18778
18803
|
}
|
|
18779
18804
|
});
|
|
18780
18805
|
|
|
@@ -19885,4 +19910,4 @@ fill-range/index.js:
|
|
|
19885
19910
|
* Licensed under the MIT License.
|
|
19886
19911
|
*)
|
|
19887
19912
|
*/
|
|
19888
|
-
//# sourceMappingURL=chunk-
|
|
19913
|
+
//# sourceMappingURL=chunk-AAKFGMVW.js.map
|
|
@@ -8,7 +8,7 @@ import {
|
|
|
8
8
|
__commonJS,
|
|
9
9
|
__name,
|
|
10
10
|
__require
|
|
11
|
-
} from "./chunk-
|
|
11
|
+
} from "./chunk-AAKFGMVW.js";
|
|
12
12
|
|
|
13
13
|
// node_modules/source-map/lib/base64.js
|
|
14
14
|
var require_base64 = __commonJS({
|
|
@@ -224380,4 +224380,4 @@ typescript/lib/typescript.js:
|
|
|
224380
224380
|
and limitations under the License.
|
|
224381
224381
|
***************************************************************************** *)
|
|
224382
224382
|
*/
|
|
224383
|
-
//# sourceMappingURL=chunk-
|
|
224383
|
+
//# sourceMappingURL=chunk-AEP2QDUI.js.map
|
|
@@ -14,7 +14,7 @@ import {
|
|
|
14
14
|
require_options,
|
|
15
15
|
require_tokens,
|
|
16
16
|
require_util
|
|
17
|
-
} from "./chunk-
|
|
17
|
+
} from "./chunk-AAKFGMVW.js";
|
|
18
18
|
|
|
19
19
|
// lib/parsing/parser.js
|
|
20
20
|
var require_parser = __commonJS({
|
|
@@ -516,4 +516,4 @@ export {
|
|
|
516
516
|
require_patching,
|
|
517
517
|
require_hints
|
|
518
518
|
};
|
|
519
|
-
//# sourceMappingURL=chunk-
|
|
519
|
+
//# sourceMappingURL=chunk-BV33FESD.js.map
|
|
@@ -9,7 +9,7 @@ import {
|
|
|
9
9
|
__name,
|
|
10
10
|
__require,
|
|
11
11
|
require_transform
|
|
12
|
-
} from "./chunk-
|
|
12
|
+
} from "./chunk-AAKFGMVW.js";
|
|
13
13
|
|
|
14
14
|
// lib/approx/proxy.js
|
|
15
15
|
var require_proxy = __commonJS({
|
|
@@ -268,4 +268,4 @@ export {
|
|
|
268
268
|
require_proxy,
|
|
269
269
|
require_sandbox
|
|
270
270
|
};
|
|
271
|
-
//# sourceMappingURL=chunk-
|
|
271
|
+
//# sourceMappingURL=chunk-ID4Q5QL5.js.map
|
|
@@ -6,10 +6,10 @@ import "./iterator-helpers-polyfill.js";
|
|
|
6
6
|
|
|
7
7
|
import {
|
|
8
8
|
require_moduleresolver
|
|
9
|
-
} from "./chunk-
|
|
9
|
+
} from "./chunk-AEP2QDUI.js";
|
|
10
10
|
import {
|
|
11
11
|
require_sandbox
|
|
12
|
-
} from "./chunk-
|
|
12
|
+
} from "./chunk-ID4Q5QL5.js";
|
|
13
13
|
import {
|
|
14
14
|
__commonJS,
|
|
15
15
|
__name,
|
|
@@ -17,7 +17,7 @@ import {
|
|
|
17
17
|
require_files,
|
|
18
18
|
require_options,
|
|
19
19
|
require_transform
|
|
20
|
-
} from "./chunk-
|
|
20
|
+
} from "./chunk-AAKFGMVW.js";
|
|
21
21
|
|
|
22
22
|
// lib/approx/hooks.js
|
|
23
23
|
var require_hooks = __commonJS({
|
|
@@ -9,11 +9,11 @@ import {
|
|
|
9
9
|
require_hints,
|
|
10
10
|
require_parser,
|
|
11
11
|
require_patching
|
|
12
|
-
} from "./chunk-
|
|
12
|
+
} from "./chunk-BV33FESD.js";
|
|
13
13
|
import {
|
|
14
14
|
require_moduleresolver,
|
|
15
15
|
require_typescript
|
|
16
|
-
} from "./chunk-
|
|
16
|
+
} from "./chunk-AEP2QDUI.js";
|
|
17
17
|
import {
|
|
18
18
|
__commonJS,
|
|
19
19
|
__name,
|
|
@@ -37,7 +37,7 @@ import {
|
|
|
37
37
|
require_tokens,
|
|
38
38
|
require_transform,
|
|
39
39
|
require_util
|
|
40
|
-
} from "./chunk-
|
|
40
|
+
} from "./chunk-AAKFGMVW.js";
|
|
41
41
|
|
|
42
42
|
// lib/misc/timer.js
|
|
43
43
|
var require_timer = __commonJS({
|
|
@@ -1200,16 +1200,18 @@ var require_globalstate = __commonJS({
|
|
|
1200
1200
|
canonicalArgumentsVar = /* @__PURE__ */ new WeakMap();
|
|
1201
1201
|
canonicalObjectPropertyVar = /* @__PURE__ */ new WeakMap();
|
|
1202
1202
|
canonicalNodeVars = /* @__PURE__ */ new WeakMap();
|
|
1203
|
+
vars = [];
|
|
1203
1204
|
canonicalTokens = /* @__PURE__ */ new Map();
|
|
1204
1205
|
static canonicalUnknownAccessPathToken = new tokens_1.AccessPathToken(accesspaths_1.UnknownAccessPath.instance);
|
|
1205
1206
|
static canonicalIgnoredAccessPathToken = new tokens_1.AccessPathToken(accesspaths_1.IgnoredAccessPath.instance);
|
|
1206
1207
|
static {
|
|
1207
|
-
for (const t of [this.canonicalUnknownAccessPathToken, this.canonicalIgnoredAccessPathToken])
|
|
1208
|
-
t.hash = (0, util_1.strHash)(t.toString());
|
|
1208
|
+
for (const [i, t] of [this.canonicalUnknownAccessPathToken, this.canonicalIgnoredAccessPathToken].entries())
|
|
1209
|
+
[t.index, t.hash] = [i, (0, util_1.strHash)(t.toString())];
|
|
1209
1210
|
}
|
|
1210
1211
|
canonicalNativeObjectTokens = /* @__PURE__ */ new Map();
|
|
1211
1212
|
canonicalAccessPathTokens = /* @__PURE__ */ new Map();
|
|
1212
1213
|
canonicalAccessPaths = /* @__PURE__ */ new Map();
|
|
1214
|
+
tokens = [_GlobalState.canonicalUnknownAccessPathToken, _GlobalState.canonicalIgnoredAccessPathToken];
|
|
1213
1215
|
packageInfos = /* @__PURE__ */ new Map();
|
|
1214
1216
|
moduleInfosByPath = /* @__PURE__ */ new Map();
|
|
1215
1217
|
moduleInfos = /* @__PURE__ */ new Map();
|
|
@@ -1241,16 +1243,21 @@ var require_globalstate = __commonJS({
|
|
|
1241
1243
|
this.accessPathEdges = v && options_1.options.preciseAccessPathTransitions ? (0, patternloader_1.getPatternGraph)(v.getPatterns()) : void 0;
|
|
1242
1244
|
}
|
|
1243
1245
|
canonicalizeVar(v) {
|
|
1246
|
+
const next = /* @__PURE__ */ __name(() => {
|
|
1247
|
+
v.index = this.vars.length;
|
|
1248
|
+
this.vars.push(v);
|
|
1249
|
+
return v;
|
|
1250
|
+
}, "next");
|
|
1244
1251
|
if (v instanceof constraintvars_1.NodeVar)
|
|
1245
|
-
return (0, util_1.getOrSet)(this.canonicalNodeVars, v.node,
|
|
1252
|
+
return (0, util_1.getOrSet)(this.canonicalNodeVars, v.node, next);
|
|
1246
1253
|
else if (v instanceof constraintvars_1.AncestorsVar)
|
|
1247
|
-
return (0, util_1.getOrSet)(this.canonicalAncestorVars, v.t,
|
|
1254
|
+
return (0, util_1.getOrSet)(this.canonicalAncestorVars, v.t, next);
|
|
1248
1255
|
else if (v instanceof constraintvars_1.FunctionReturnVar)
|
|
1249
|
-
return (0, util_1.getOrSet)(this.canonicalReturnVar, v.fun,
|
|
1256
|
+
return (0, util_1.getOrSet)(this.canonicalReturnVar, v.fun, next);
|
|
1250
1257
|
else if (v instanceof constraintvars_1.ThisVar)
|
|
1251
|
-
return (0, util_1.getOrSet)(this.canonicalThisVar, v.fun,
|
|
1258
|
+
return (0, util_1.getOrSet)(this.canonicalThisVar, v.fun, next);
|
|
1252
1259
|
else if (v instanceof constraintvars_1.ArgumentsVar)
|
|
1253
|
-
return (0, util_1.getOrSet)(this.canonicalArgumentsVar, v.fun,
|
|
1260
|
+
return (0, util_1.getOrSet)(this.canonicalArgumentsVar, v.fun, next);
|
|
1254
1261
|
else if (v instanceof constraintvars_1.ObjectPropertyVar) {
|
|
1255
1262
|
const props = (0, util_1.mapGetMap)(this.canonicalObjectPropertyVar, v.obj);
|
|
1256
1263
|
const m = (0, util_1.getOrSet)(props, v.prop, () => ({
|
|
@@ -1258,12 +1265,17 @@ var require_globalstate = __commonJS({
|
|
|
1258
1265
|
set: void 0,
|
|
1259
1266
|
normal: void 0
|
|
1260
1267
|
}));
|
|
1261
|
-
return m[v.accessor] ??=
|
|
1268
|
+
return m[v.accessor] ??= next();
|
|
1262
1269
|
}
|
|
1263
1270
|
this.numberOfCanonicalizeVarCalls++;
|
|
1264
|
-
return (0, util_1.getOrSet)(this.canonicalConstraintVars, v.toString(),
|
|
1271
|
+
return (0, util_1.getOrSet)(this.canonicalConstraintVars, v.toString(), next);
|
|
1265
1272
|
}
|
|
1266
1273
|
canonicalizeToken(t) {
|
|
1274
|
+
const next = /* @__PURE__ */ __name(() => {
|
|
1275
|
+
t.index = this.tokens.length;
|
|
1276
|
+
this.tokens.push(t);
|
|
1277
|
+
return t;
|
|
1278
|
+
}, "next");
|
|
1267
1279
|
if (t instanceof tokens_1.AccessPathToken) {
|
|
1268
1280
|
if (t.ap === accesspaths_1.UnknownAccessPath.instance)
|
|
1269
1281
|
return _GlobalState.canonicalUnknownAccessPathToken;
|
|
@@ -1271,16 +1283,16 @@ var require_globalstate = __commonJS({
|
|
|
1271
1283
|
return _GlobalState.canonicalIgnoredAccessPathToken;
|
|
1272
1284
|
return (0, util_1.getOrSet)(this.canonicalAccessPathTokens, t.ap, () => {
|
|
1273
1285
|
t.hash = (0, util_1.strHash)(`${t}${t.ap instanceof accesspaths_1.PatternAccessPath ? `;${t.ap.pattern}` : ""}`);
|
|
1274
|
-
return
|
|
1286
|
+
return next();
|
|
1275
1287
|
});
|
|
1276
1288
|
} else if (t instanceof tokens_1.NativeObjectToken && !t.moduleInfo)
|
|
1277
1289
|
return (0, util_1.getOrSet)(this.canonicalNativeObjectTokens, t.name, () => {
|
|
1278
1290
|
t.hash = (0, util_1.strHash)(t.toString());
|
|
1279
|
-
return
|
|
1291
|
+
return next();
|
|
1280
1292
|
});
|
|
1281
1293
|
this.numberOfCanonicalizeTokenCalls++;
|
|
1282
1294
|
const s = t.toString();
|
|
1283
|
-
return (0, util_1.getOrSet)(this.canonicalTokens, s, () => (t.hash = (0, util_1.strHash)(s),
|
|
1295
|
+
return (0, util_1.getOrSet)(this.canonicalTokens, s, () => (t.hash = (0, util_1.strHash)(s), next()));
|
|
1284
1296
|
}
|
|
1285
1297
|
canonicalizeAccessPath(t) {
|
|
1286
1298
|
if (t === accesspaths_1.IgnoredAccessPath.instance || t === accesspaths_1.UnknownAccessPath.instance)
|
|
@@ -1523,6 +1535,96 @@ var require_large_array = __commonJS({
|
|
|
1523
1535
|
}
|
|
1524
1536
|
});
|
|
1525
1537
|
|
|
1538
|
+
// lib/misc/arraymap.js
|
|
1539
|
+
var require_arraymap = __commonJS({
|
|
1540
|
+
"lib/misc/arraymap.js"(exports) {
|
|
1541
|
+
"use strict";
|
|
1542
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
1543
|
+
exports.ArrayMapMap = exports.ArrayMapSet = exports.ArrayMap = void 0;
|
|
1544
|
+
var ArrayMap = class {
|
|
1545
|
+
static {
|
|
1546
|
+
__name(this, "ArrayMap");
|
|
1547
|
+
}
|
|
1548
|
+
dom;
|
|
1549
|
+
a = [];
|
|
1550
|
+
s = 0;
|
|
1551
|
+
constructor(dom) {
|
|
1552
|
+
this.dom = dom;
|
|
1553
|
+
}
|
|
1554
|
+
get size() {
|
|
1555
|
+
return this.s;
|
|
1556
|
+
}
|
|
1557
|
+
get(k) {
|
|
1558
|
+
return this.a[k.index];
|
|
1559
|
+
}
|
|
1560
|
+
set(k, v) {
|
|
1561
|
+
if (this.a[k.index] === void 0)
|
|
1562
|
+
this.s++;
|
|
1563
|
+
this.a[k.index] = v;
|
|
1564
|
+
}
|
|
1565
|
+
delete(k) {
|
|
1566
|
+
if (this.a[k.index] !== void 0)
|
|
1567
|
+
this.s--;
|
|
1568
|
+
this.a[k.index] = void 0;
|
|
1569
|
+
}
|
|
1570
|
+
has(k) {
|
|
1571
|
+
return this.a[k.index] !== void 0;
|
|
1572
|
+
}
|
|
1573
|
+
*keys() {
|
|
1574
|
+
for (const [i, v] of this.a.entries())
|
|
1575
|
+
if (v !== void 0)
|
|
1576
|
+
yield this.dom[i];
|
|
1577
|
+
}
|
|
1578
|
+
*values() {
|
|
1579
|
+
for (const v of this.a)
|
|
1580
|
+
if (v !== void 0)
|
|
1581
|
+
yield v;
|
|
1582
|
+
}
|
|
1583
|
+
*[Symbol.iterator]() {
|
|
1584
|
+
for (const [i, v] of this.a.entries())
|
|
1585
|
+
if (v !== void 0)
|
|
1586
|
+
yield [this.dom[i], v];
|
|
1587
|
+
}
|
|
1588
|
+
};
|
|
1589
|
+
exports.ArrayMap = ArrayMap;
|
|
1590
|
+
var ArrayMapSet = class extends ArrayMap {
|
|
1591
|
+
static {
|
|
1592
|
+
__name(this, "ArrayMapSet");
|
|
1593
|
+
}
|
|
1594
|
+
getSet(k) {
|
|
1595
|
+
let s = this.get(k);
|
|
1596
|
+
if (s === void 0) {
|
|
1597
|
+
s = /* @__PURE__ */ new Set();
|
|
1598
|
+
this.set(k, s);
|
|
1599
|
+
}
|
|
1600
|
+
return s;
|
|
1601
|
+
}
|
|
1602
|
+
};
|
|
1603
|
+
exports.ArrayMapSet = ArrayMapSet;
|
|
1604
|
+
var ArrayMapMap = class extends ArrayMap {
|
|
1605
|
+
static {
|
|
1606
|
+
__name(this, "ArrayMapMap");
|
|
1607
|
+
}
|
|
1608
|
+
getMap(k) {
|
|
1609
|
+
let m = this.get(k);
|
|
1610
|
+
if (m === void 0) {
|
|
1611
|
+
m = /* @__PURE__ */ new Map();
|
|
1612
|
+
this.set(k, m);
|
|
1613
|
+
}
|
|
1614
|
+
return m;
|
|
1615
|
+
}
|
|
1616
|
+
totalSize() {
|
|
1617
|
+
let s = 0;
|
|
1618
|
+
for (const m of this.a.values())
|
|
1619
|
+
if (m !== void 0)
|
|
1620
|
+
s += m.size;
|
|
1621
|
+
return s;
|
|
1622
|
+
}
|
|
1623
|
+
};
|
|
1624
|
+
exports.ArrayMapMap = ArrayMapMap;
|
|
1625
|
+
}
|
|
1626
|
+
});
|
|
1627
|
+
|
|
1526
1628
|
// lib/analysis/fragmentstate.js
|
|
1527
1629
|
var require_fragmentstate = __commonJS({
|
|
1528
1630
|
"lib/analysis/fragmentstate.js"(exports) {
|
|
@@ -1544,27 +1646,28 @@ var require_fragmentstate = __commonJS({
|
|
|
1544
1646
|
var asthelpers_1 = require_asthelpers();
|
|
1545
1647
|
var files_1 = require_files();
|
|
1546
1648
|
var large_array_1 = require_large_array();
|
|
1649
|
+
var arraymap_1 = require_arraymap();
|
|
1547
1650
|
var FragmentState = class _FragmentState {
|
|
1548
1651
|
static {
|
|
1549
1652
|
__name(this, "FragmentState");
|
|
1550
1653
|
}
|
|
1551
1654
|
a;
|
|
1552
1655
|
varProducer;
|
|
1553
|
-
tokens
|
|
1656
|
+
tokens;
|
|
1554
1657
|
vars = /* @__PURE__ */ new Set();
|
|
1555
1658
|
redirections = /* @__PURE__ */ new Map();
|
|
1556
1659
|
numberOfTokens = 0;
|
|
1557
1660
|
numberOfSubsetEdges = 0;
|
|
1558
|
-
subsetEdges
|
|
1559
|
-
reverseSubsetEdges
|
|
1560
|
-
arrayEntries
|
|
1561
|
-
objectProperties
|
|
1562
|
-
tokenListeners
|
|
1563
|
-
tokenListeners2
|
|
1661
|
+
subsetEdges;
|
|
1662
|
+
reverseSubsetEdges;
|
|
1663
|
+
arrayEntries;
|
|
1664
|
+
objectProperties;
|
|
1665
|
+
tokenListeners;
|
|
1666
|
+
tokenListeners2;
|
|
1564
1667
|
listenersProcessed = /* @__PURE__ */ new Map();
|
|
1565
1668
|
externalCallbacksProcessed = /* @__PURE__ */ new Set();
|
|
1566
|
-
arrayEntriesListeners
|
|
1567
|
-
objectPropertiesListeners
|
|
1669
|
+
arrayEntriesListeners;
|
|
1670
|
+
objectPropertiesListeners;
|
|
1568
1671
|
postponedListenerCalls = new large_array_1.LargeArray();
|
|
1569
1672
|
postponedListenerCalls2 = new large_array_1.LargeArray();
|
|
1570
1673
|
nodesWithNewEdges = /* @__PURE__ */ new Set();
|
|
@@ -1610,6 +1713,15 @@ var require_fragmentstate = __commonJS({
|
|
|
1610
1713
|
constructor(s) {
|
|
1611
1714
|
this.a = s.globalState;
|
|
1612
1715
|
this.varProducer = new constraintvarproducer_1.ConstraintVarProducer(s, s.globalState);
|
|
1716
|
+
this.tokens = new arraymap_1.ArrayMap(this.a.vars);
|
|
1717
|
+
this.subsetEdges = new arraymap_1.ArrayMapSet(this.a.vars);
|
|
1718
|
+
this.reverseSubsetEdges = new arraymap_1.ArrayMapSet(this.a.vars);
|
|
1719
|
+
this.tokenListeners = new arraymap_1.ArrayMapMap(this.a.vars);
|
|
1720
|
+
this.tokenListeners2 = new arraymap_1.ArrayMapMap(this.a.vars);
|
|
1721
|
+
this.arrayEntries = new arraymap_1.ArrayMapSet(this.a.tokens);
|
|
1722
|
+
this.objectProperties = new arraymap_1.ArrayMapSet(this.a.tokens);
|
|
1723
|
+
this.arrayEntriesListeners = new arraymap_1.ArrayMapMap(this.a.tokens);
|
|
1724
|
+
this.objectPropertiesListeners = new arraymap_1.ArrayMapMap(this.a.tokens);
|
|
1613
1725
|
}
|
|
1614
1726
|
registerCallEdge(call, from, to, { native, accessor, external } = {}) {
|
|
1615
1727
|
if ((!accessor || options_1.options.callgraphImplicit) && (!native || options_1.options.callgraphNative) && (!external || options_1.options.callgraphExternal)) {
|
|
@@ -2231,7 +2343,6 @@ var require_escaping = __commonJS({
|
|
|
2231
2343
|
var accesspaths_1 = require_accesspaths();
|
|
2232
2344
|
var ecmascript_1 = require_ecmascript();
|
|
2233
2345
|
var options_1 = require_options();
|
|
2234
|
-
var packagejson_1 = require_packagejson();
|
|
2235
2346
|
function findEscapingObjects(ms, solver) {
|
|
2236
2347
|
const a = solver.globalState;
|
|
2237
2348
|
const f = solver.fragmentState;
|
|
@@ -2250,7 +2361,7 @@ var require_escaping = __commonJS({
|
|
|
2250
2361
|
for (const m of Array.isArray(ms) ? ms : [ms])
|
|
2251
2362
|
if (m.packageInfo.isEntry && (m.getPath().includes("node_modules") || options_1.options.library)) {
|
|
2252
2363
|
const pi = a.packageJsonInfos.get(m.packageInfo.dir);
|
|
2253
|
-
if (!pi?.exports ||
|
|
2364
|
+
if (!pi?.exports || pi.exports.test(m.relativePath))
|
|
2254
2365
|
addToWorklist(f.varProducer.objPropVar(a.canonicalizeToken(new tokens_1.NativeObjectToken("module", m)), "exports"));
|
|
2255
2366
|
}
|
|
2256
2367
|
const w2 = [];
|
|
@@ -2539,12 +2650,7 @@ var require_solver = __commonJS({
|
|
|
2539
2650
|
const d = this.diagnostics;
|
|
2540
2651
|
d.functions = a.functionInfos.size;
|
|
2541
2652
|
d.vars = f.getNumberOfVarsWithTokens();
|
|
2542
|
-
d.listeners =
|
|
2543
|
-
f.tokenListeners,
|
|
2544
|
-
f.tokenListeners2,
|
|
2545
|
-
f.arrayEntriesListeners,
|
|
2546
|
-
f.objectPropertiesListeners
|
|
2547
|
-
].reduce((acc, l) => acc + (0, util_2.mapMapSize)(l), 0);
|
|
2653
|
+
d.listeners = f.tokenListeners.totalSize() + f.tokenListeners2.totalSize() + f.arrayEntriesListeners.totalSize() + f.objectPropertiesListeners.totalSize();
|
|
2548
2654
|
d.tokens = f.numberOfTokens;
|
|
2549
2655
|
d.subsetEdges = f.numberOfSubsetEdges;
|
|
2550
2656
|
d.functionToFunctionEdges = f.numberOfFunctionToFunctionEdges;
|
|
@@ -2723,11 +2829,11 @@ var require_solver = __commonJS({
|
|
|
2723
2829
|
addSubsetEdge(fromRep, toRep) {
|
|
2724
2830
|
if (fromRep !== toRep) {
|
|
2725
2831
|
const f = this.fragmentState;
|
|
2726
|
-
const s =
|
|
2832
|
+
const s = f.subsetEdges.getSet(fromRep);
|
|
2727
2833
|
if (!s.has(toRep)) {
|
|
2728
2834
|
s.add(toRep);
|
|
2729
2835
|
f.numberOfSubsetEdges++;
|
|
2730
|
-
|
|
2836
|
+
f.reverseSubsetEdges.getSet(toRep).add(fromRep);
|
|
2731
2837
|
if (logger_1.default.isVerboseEnabled())
|
|
2732
2838
|
(0, assert_1.default)(!f.redirections.has(fromRep) && !f.redirections.has(toRep));
|
|
2733
2839
|
f.vars.add(fromRep);
|
|
@@ -2801,7 +2907,7 @@ var require_solver = __commonJS({
|
|
|
2801
2907
|
}
|
|
2802
2908
|
break;
|
|
2803
2909
|
}
|
|
2804
|
-
const m = (
|
|
2910
|
+
const m = (bound ? f.tokenListeners2 : f.tokenListeners).getMap(vRep);
|
|
2805
2911
|
if (!m.has(id)) {
|
|
2806
2912
|
if (bound)
|
|
2807
2913
|
for (const t of f.getTokens(vRep))
|
|
@@ -2901,7 +3007,7 @@ var require_solver = __commonJS({
|
|
|
2901
3007
|
}
|
|
2902
3008
|
runArrayEntriesListener(t, id, listener) {
|
|
2903
3009
|
const f = this.fragmentState;
|
|
2904
|
-
const m =
|
|
3010
|
+
const m = f.arrayEntriesListeners.getMap(t);
|
|
2905
3011
|
if (!m.has(id)) {
|
|
2906
3012
|
const ps = f.arrayEntries.get(t);
|
|
2907
3013
|
if (ps)
|
|
@@ -2917,7 +3023,7 @@ var require_solver = __commonJS({
|
|
|
2917
3023
|
if (!(0, util_2.isArrayIndex)(prop))
|
|
2918
3024
|
return;
|
|
2919
3025
|
const f = this.fragmentState;
|
|
2920
|
-
const ps =
|
|
3026
|
+
const ps = f.arrayEntries.getSet(a);
|
|
2921
3027
|
if (!ps.has(prop)) {
|
|
2922
3028
|
if (logger_1.default.isDebugEnabled())
|
|
2923
3029
|
logger_1.default.debug(`Adding array entry ${a}[${prop}]`);
|
|
@@ -2942,7 +3048,7 @@ var require_solver = __commonJS({
|
|
|
2942
3048
|
}
|
|
2943
3049
|
runObjectPropertiesListener(t, id, listener) {
|
|
2944
3050
|
const f = this.fragmentState;
|
|
2945
|
-
const m =
|
|
3051
|
+
const m = f.objectPropertiesListeners.getMap(t);
|
|
2946
3052
|
if (!m.has(id)) {
|
|
2947
3053
|
const ps = f.objectProperties.get(t);
|
|
2948
3054
|
if (ps) {
|
|
@@ -2958,7 +3064,7 @@ var require_solver = __commonJS({
|
|
|
2958
3064
|
}
|
|
2959
3065
|
addObjectProperty(a, prop) {
|
|
2960
3066
|
const f = this.fragmentState;
|
|
2961
|
-
const ps =
|
|
3067
|
+
const ps = f.objectProperties.getSet(a);
|
|
2962
3068
|
if (!ps.has(prop)) {
|
|
2963
3069
|
if (logger_1.default.isDebugEnabled())
|
|
2964
3070
|
logger_1.default.debug(`Adding object property ${a}.${prop}`);
|
|
@@ -3000,8 +3106,8 @@ var require_solver = __commonJS({
|
|
|
3000
3106
|
for (const t of f.getTokens(rep))
|
|
3001
3107
|
if (!has(t))
|
|
3002
3108
|
rts.add(t);
|
|
3003
|
-
const repOut =
|
|
3004
|
-
const repIn =
|
|
3109
|
+
const repOut = f.subsetEdges.getSet(rep);
|
|
3110
|
+
const repIn = f.reverseSubsetEdges.getSet(rep);
|
|
3005
3111
|
const vOut = f.subsetEdges.get(v);
|
|
3006
3112
|
if (vOut) {
|
|
3007
3113
|
for (const w of vOut) {
|
|
@@ -3044,7 +3150,7 @@ var require_solver = __commonJS({
|
|
|
3044
3150
|
f.reverseSubsetEdges.delete(rep);
|
|
3045
3151
|
const tr = f.tokenListeners.get(v);
|
|
3046
3152
|
if (tr) {
|
|
3047
|
-
const qr =
|
|
3153
|
+
const qr = f.tokenListeners.getMap(rep);
|
|
3048
3154
|
for (const [k, listener] of tr)
|
|
3049
3155
|
if (!qr.has(k)) {
|
|
3050
3156
|
qr.set(k, listener);
|
|
@@ -3055,7 +3161,7 @@ var require_solver = __commonJS({
|
|
|
3055
3161
|
}
|
|
3056
3162
|
const tr2 = f.tokenListeners2.get(v);
|
|
3057
3163
|
if (tr2) {
|
|
3058
|
-
const qr =
|
|
3164
|
+
const qr = f.tokenListeners2.getMap(rep);
|
|
3059
3165
|
for (const [k, listener] of tr2)
|
|
3060
3166
|
if (!qr.has(k)) {
|
|
3061
3167
|
qr.set(k, listener);
|
|
@@ -3317,9 +3423,9 @@ var require_modulefinder = __commonJS({
|
|
|
3317
3423
|
CallExpression(path) {
|
|
3318
3424
|
const imp = (0, types_1.isImport)(path.node.callee);
|
|
3319
3425
|
if ((imp || isRequire(path.get("callee"))) && path.node.arguments.length >= 1) {
|
|
3320
|
-
const
|
|
3321
|
-
if (
|
|
3322
|
-
loadModule(imp ? "module" : "commonjs",
|
|
3426
|
+
const str = (0, asthelpers_1.getConstantString)(path.get("arguments.0"));
|
|
3427
|
+
if (str)
|
|
3428
|
+
loadModule(imp ? "module" : "commonjs", str, path);
|
|
3323
3429
|
else
|
|
3324
3430
|
f.warnUnsupported(path.node, "Unhandled 'require'");
|
|
3325
3431
|
}
|
|
@@ -4158,7 +4264,22 @@ var require_operations = __commonJS({
|
|
|
4158
4264
|
f.registerCallWithResultMaybeUsedAsPromise(path.node);
|
|
4159
4265
|
f.registerInvokedExpression(path.node.callee);
|
|
4160
4266
|
let strs;
|
|
4161
|
-
const strings = /* @__PURE__ */ __name(() =>
|
|
4267
|
+
const strings = /* @__PURE__ */ __name(() => {
|
|
4268
|
+
if (!strs) {
|
|
4269
|
+
let res;
|
|
4270
|
+
if (args.length >= 1) {
|
|
4271
|
+
const s = (0, asthelpers_1.getConstantString)(path.get("arguments.0"));
|
|
4272
|
+
if (s !== void 0)
|
|
4273
|
+
res = [s];
|
|
4274
|
+
else
|
|
4275
|
+
res = this.getRequireHints(pars);
|
|
4276
|
+
}
|
|
4277
|
+
if (!res)
|
|
4278
|
+
res = [];
|
|
4279
|
+
strs = res;
|
|
4280
|
+
}
|
|
4281
|
+
return strs;
|
|
4282
|
+
}, "strings");
|
|
4162
4283
|
if ((0, types_1.isImport)(p.node)) {
|
|
4163
4284
|
f.registerCall(pars.node, caller, void 0, { native: true });
|
|
4164
4285
|
const v = this.a.canonicalizeVar(new constraintvars_1.IntermediateVar(path.node, "import"));
|
|
@@ -4189,6 +4310,24 @@ var require_operations = __commonJS({
|
|
|
4189
4310
|
f.warnUnsupported(arg, "SpreadElement in arguments");
|
|
4190
4311
|
return void 0;
|
|
4191
4312
|
});
|
|
4313
|
+
if (options_1.options.interops && (0, types_1.isIdentifier)(p.node) && [
|
|
4314
|
+
"__importDefault",
|
|
4315
|
+
"__importStar",
|
|
4316
|
+
"_interopRequireDefault",
|
|
4317
|
+
"_interopRequireWildcard",
|
|
4318
|
+
"_interop_require_default",
|
|
4319
|
+
"_interop_require_wildcard",
|
|
4320
|
+
"getDefaultExportFromCjs",
|
|
4321
|
+
"_interopDefault",
|
|
4322
|
+
"_interopNamespace",
|
|
4323
|
+
"__toESM"
|
|
4324
|
+
].includes(p.node.name)) {
|
|
4325
|
+
if (logger_1.default.isDebugEnabled())
|
|
4326
|
+
logger_1.default.debug(`Interop call: ${p.node.name} at ${(0, util_1.locationToStringWithFile)(path.node.loc)}`);
|
|
4327
|
+
this.solver.addSubsetConstraint(argVars[0], resultVar);
|
|
4328
|
+
f.registerCall(pars.node, caller, void 0);
|
|
4329
|
+
return;
|
|
4330
|
+
}
|
|
4192
4331
|
const handleCall = /* @__PURE__ */ __name((base, t) => {
|
|
4193
4332
|
this.callFunctionBound(base, t, calleeVar, argVars, resultVar, strings, path);
|
|
4194
4333
|
}, "handleCall");
|
|
@@ -4519,13 +4658,14 @@ var require_operations = __commonJS({
|
|
|
4519
4658
|
const encl = this.a.getEnclosingFunctionOrModule(path);
|
|
4520
4659
|
const analyzed = m instanceof infos_1.ModuleInfo && m.isIncluded;
|
|
4521
4660
|
if (!analyzed || options_1.options.vulnerabilities || options_1.options.vulnerabilitiesJson) {
|
|
4522
|
-
let aps = [
|
|
4661
|
+
let aps = [];
|
|
4523
4662
|
const s = (0, infos_1.normalizeModuleName)(str);
|
|
4524
4663
|
const tracked = options_1.options.trackedModules && options_1.options.trackedModules.some((e) => micromatch_1.default.isMatch(m.getOfficialName(), e) || micromatch_1.default.isMatch(s, e));
|
|
4525
4664
|
if (tracked) {
|
|
4526
4665
|
aps = this.a.vulnerabilities && options_1.options.preciseAccessPathTransitions ? new Set(this.a.vulnerabilities.importGlobsToPatterns.values().filter(([isMatch]) => isMatch(m.getOfficialName()) || isMatch(s)).flatMap(([, aps2]) => aps2)).values().map((ap) => new accesspaths_1.ModuleAccessPath(m, s, ap)).toArray() : [new accesspaths_1.ModuleAccessPath(m, s, void 0)];
|
|
4527
4666
|
(0, assert_1.default)(aps.length);
|
|
4528
|
-
}
|
|
4667
|
+
} else if (!analyzed)
|
|
4668
|
+
aps = [accesspaths_1.IgnoredAccessPath.instance];
|
|
4529
4669
|
for (const ap of aps) {
|
|
4530
4670
|
this.solver.addAccessPath(ap, resultVar, path.node, encl);
|
|
4531
4671
|
if ((0, types_1.isExportAllDeclaration)(path.node))
|
|
@@ -5385,6 +5525,7 @@ var require_analyzer = __commonJS({
|
|
|
5385
5525
|
logger_1.default.info(`Loading ${options_1.options.approxLoad}`);
|
|
5386
5526
|
a.approx.add(JSON.parse((0, fs_1.readFileSync)(options_1.options.approxLoad, "utf-8")));
|
|
5387
5527
|
}
|
|
5528
|
+
let prevTokens = 0;
|
|
5388
5529
|
while (a.pendingFiles.isNonEmpty() || a.pendingModulesFull.isNonEmpty()) {
|
|
5389
5530
|
d.analyzerRounds++;
|
|
5390
5531
|
const prevModulesFull = d.modulesFull;
|
|
@@ -5456,6 +5597,13 @@ var require_analyzer = __commonJS({
|
|
|
5456
5597
|
(0, astvisitor_1.visit)(ast, new operations_1.Operations(moduleInfo, solver, (0, nativebuilder_1.buildModuleNatives)(solver, moduleInfo, moduleParams)));
|
|
5457
5598
|
ast.tokens = void 0;
|
|
5458
5599
|
moduleInfo.ast = void 0;
|
|
5600
|
+
if (options_1.options.eagerPropagation) {
|
|
5601
|
+
const t = new timer_1.default();
|
|
5602
|
+
await solver.propagate("Analyzing");
|
|
5603
|
+
solver.updateDiagnostics();
|
|
5604
|
+
logger_1.default.info(`Time: +${(0, timer_1.nanoToMs)(t.elapsed())}, tokens: +${solver.fragmentState.numberOfTokens - prevTokens}${prevTokens > 0 ? ` (+${(0, util_1.percent)((solver.fragmentState.numberOfTokens - prevTokens) / prevTokens)})` : ""}`);
|
|
5605
|
+
prevTokens = solver.fragmentState.numberOfTokens;
|
|
5606
|
+
}
|
|
5459
5607
|
}
|
|
5460
5608
|
}
|
|
5461
5609
|
await solver.propagate("Analyzing");
|
|
@@ -5667,7 +5815,7 @@ var require_analyzer = __commonJS({
|
|
|
5667
5815
|
if (options_1.options.maxWaves !== void 0)
|
|
5668
5816
|
logger_1.default.info(`Fixpoint wave limit reached: ${d.waveLimitReached} time${d.waveLimitReached !== 1 ? "s" : ""}`);
|
|
5669
5817
|
logger_1.default.info(`Constraint vars: ${f.getNumberOfVarsWithTokens()} (${f.vars.size}), tokens: ${d.tokens}, subset edges: ${d.subsetEdges}, max tokens: ${f.getLargestTokenSetSize()}, max subset out: ${f.getLargestSubsetEdgeOutDegree()}, redirections: ${f.redirections.size}`);
|
|
5670
|
-
logger_1.default.info(`Listeners (notifications) token: ${
|
|
5818
|
+
logger_1.default.info(`Listeners (notifications) token: ${f.tokenListeners.totalSize()} (${d.tokenListenerNotifications}), bounded: ${f.tokenListeners2.totalSize()} (${d.tokenListener2Notifications}), array: ${f.arrayEntriesListeners.totalSize()} (${d.arrayEntriesListenerNotifications}), obj: ${f.objectPropertiesListeners.totalSize()} (${d.objectPropertiesListenerNotifications})`);
|
|
5671
5819
|
logger_1.default.info(`Canonicalize vars: ${a.canonicalConstraintVars.size} (${a.numberOfCanonicalizeVarCalls}), tokens: ${a.canonicalTokens.size} (${a.numberOfCanonicalizeTokenCalls}), access paths: ${(0, util_1.mapMapSize)(a.canonicalAccessPaths)} (${a.numberOfCanonicalizeAccessPathCalls})`);
|
|
5672
5820
|
logger_1.default.info(`Propagation: ${(0, timer_1.nanoToMs)(d.totalPropagationTime)}, listeners: ${(0, timer_1.nanoToMs)(d.totalListenerCallTime)}, finalization: ${(0, timer_1.nanoToMs)(d.finalizationTime)}`);
|
|
5673
5821
|
logger_1.default.info(`Patching time escape: ${(0, timer_1.nanoToMs)(d.totalEscapePatchingTime)}, approx: ${(0, timer_1.nanoToMs)(d.totalApproxPatchingTime)}, other: ${(0, timer_1.nanoToMs)(d.totalOtherPatchingTime)}`);
|
|
@@ -13783,7 +13931,7 @@ var require_main = __commonJS({
|
|
|
13783
13931
|
var assert_1 = __importDefault(__require("assert"));
|
|
13784
13932
|
var semver_1 = __importDefault(require_semver2());
|
|
13785
13933
|
var ENGINES_NODE = require_package()?.engines?.node;
|
|
13786
|
-
commander_1.program.name("jelly").version(options_1.VERSION).addHelpText("before", options_1.COPYRIGHT).option("-b, --basedir <directory>", "base directory for files to analyze (default: auto-detect)").option("-f, --logfile <file>", "log to file (default: log to stdout)").option("-l, --loglevel <level>", "log level (debug/verbose/info/warn/error)", "info").option("-i, --timeout <seconds>", "limit analysis time").option("-a, --dataflow-html <file>", "save data-flow graph as HTML file").option("-m, --callgraph-html <file>", "save call graph as HTML file").option("-j, --callgraph-json <file>", "save call graph as JSON file").option("-s, --soundness <file>", "compare with dynamic call graph").option("-n, --graal-home <directory>", "home of graal-nodejs (default: $GRAAL_HOME)").option("-d, --dynamic <file>", "generate call graph dynamically, no static analysis").option("--approx", "enable approximate interpretation").option("--approx-only <file>", "perform approximate interpretation, no static analysis").option("--approx-load <file>", "use pre-computed approximate interpretation results").option("-p, --patterns <file...>", "files containing API usage patterns to detect").option("-v, --vulnerabilities <file>", "report vulnerability matches").option("--vulnerabilities-json <json>", "report vulnerability matches (patterns given as JSON string)").option("--include-packages <package...>", "include only dependencies in this list").option("--exclude-packages <package...>", "exclude dependencies in this list").option("--ignore-dependencies", "don't include dependencies in analysis").option("--ignore-unresolved", "don't report errors about unresolved modules").option("--npm-test <dir>", "run 'npm test' instead of 'node' (use with -d)").option("--callgraph", "report call graph").option("--tokens-json <file>", "save tokens for constraint variables as JSON file").option("--tokens", "report tokens for constraint variables").option("--largest", "report largest token sets and subset relations").option("--no-cycle-elimination", "disable cycle elimination").option("--no-natives", "disable nonessential models of native libraries").option("--test-graal", "test graal-nodejs (use with -d)").option("--no-print-progress", "don't print analysis progress information").option("--no-tty", "don't print solver progress for TTY").option("--warnings-unsupported", "print warnings about unsupported features").option("--gc", "enable garbage collection for more accurate memory usage reporting").option("--typescript", "enable TypeScript type inference (use with -p)").option("--api-usage", "report API usage of external packages (implies --ignore-dependencies)").option("--api-exported", "report API of modules").option("--find-access-paths <location>", "find access paths for source location (file:line)").option("--higher-order-functions", "report higher-order functions").option("--zeros", "report calls with zero callees and functions with zero callers").option("--exclude-entries <glob...>", "files to exclude when specifying entry directories").option("--tracked-modules <glob...>", "modules to track usage of (default: auto-detect)").option("--external-matches", "enable pattern matches from external code").option("--no-callgraph-implicit", "omit implicit calls in call graph").option("--no-callgraph-native", "omit native calls in call graph").option("--no-callgraph-require", "omit module loading in call graph").option("--no-callgraph-external", "omit heuristic external callbacks in call graph").option("--diagnostics", "report internal analysis diagnostics").option("--diagnostics-json <file>", "save analysis diagnostics in JSON file").option("--variable-kinds", "report constraint variable kinds").option("--max-waves <number>", "limit number of fixpoint waves").option("--max-indirections <number>", "limit number of function call and property write indirections").option("--full-indirection-bounding", "enable indirection bounding for method calls and property reads (use with --max-indirections)").option("--typescript-library-usage <file>", "save TypeScript library usage in JSON file, no analysis").option("--modules-only", "report reachable packages and modules only, no analysis").option("--compare-callgraphs", "compare two call graphs given as JSON files, no analysis").option("--reachability", "compare call graph reachability (use with -s or --compare-callgraphs)").option("--library", "assume program is a library (default: true if in node_modules)").option("--skip-tests", "skip files that look like tests").option("--no-patch-escaping", "disable patching using escape analysis").option("--patch-dynamics", "enable dynamic property access patching heuristic").option("--patch-method-calls", "enable method call patching heuristic").option("--no-patch-this", "disable 'this' patching heuristic").option("--proto", "enable model of assignments to the __proto__ property").option("--obj-spread", "enable model of spread syntax for object literals ({...obj})").option("--native-overwrites", "allow overwriting of native object properties").option("--ignore-imprecise-native-calls", "ignore imprecise native calls").option("--matches-json <file>", "save vulnerability pattern matches in JSON file").option("--reachable-json <file>", "save reachable packages and modules in JSON file").option("--callstacks-json <file>", "save vulnerability call stacks in JSON file").option("--vulnerabilities-full", "full report of vulnerabilities").option("--modules-json <file>", "save modules dependencies in JSON file").option("--precise-access-path-transitions", "enable pruning of imprecise access path transitions (uses more unique access path tokens)").addOption(commander_1.program.createOption("--lazy", "lazy analysis of modules").implies({
|
|
13934
|
+
commander_1.program.name("jelly").version(options_1.VERSION).addHelpText("before", options_1.COPYRIGHT).option("-b, --basedir <directory>", "base directory for files to analyze (default: auto-detect)").option("-f, --logfile <file>", "log to file (default: log to stdout)").option("-l, --loglevel <level>", "log level (debug/verbose/info/warn/error)", "info").option("-i, --timeout <seconds>", "limit analysis time").option("-a, --dataflow-html <file>", "save data-flow graph as HTML file").option("-m, --callgraph-html <file>", "save call graph as HTML file").option("-j, --callgraph-json <file>", "save call graph as JSON file").option("-s, --soundness <file>", "compare with dynamic call graph").option("-n, --graal-home <directory>", "home of graal-nodejs (default: $GRAAL_HOME)").option("-d, --dynamic <file>", "generate call graph dynamically, no static analysis").option("--approx", "enable approximate interpretation").option("--approx-only <file>", "perform approximate interpretation, no static analysis").option("--approx-load <file>", "use pre-computed approximate interpretation results").option("-p, --patterns <file...>", "files containing API usage patterns to detect").option("-v, --vulnerabilities <file>", "report vulnerability matches").option("--vulnerabilities-json <json>", "report vulnerability matches (patterns given as JSON string)").option("--include-packages <package...>", "include only dependencies in this list").option("--exclude-packages <package...>", "exclude dependencies in this list").option("--ignore-dependencies", "don't include dependencies in analysis").option("--ignore-unresolved", "don't report errors about unresolved modules").option("--npm-test <dir>", "run 'npm test' instead of 'node' (use with -d)").option("--callgraph", "report call graph").option("--tokens-json <file>", "save tokens for constraint variables as JSON file").option("--tokens", "report tokens for constraint variables").option("--largest", "report largest token sets and subset relations").option("--no-cycle-elimination", "disable cycle elimination").option("--no-natives", "disable nonessential models of native libraries").option("--test-graal", "test graal-nodejs (use with -d)").option("--no-print-progress", "don't print analysis progress information").option("--no-tty", "don't print solver progress for TTY").option("--warnings-unsupported", "print warnings about unsupported features").option("--gc", "enable garbage collection for more accurate memory usage reporting").option("--typescript", "enable TypeScript type inference (use with -p)").option("--api-usage", "report API usage of external packages (implies --ignore-dependencies)").option("--api-exported", "report API of modules").option("--find-access-paths <location>", "find access paths for source location (file:line)").option("--higher-order-functions", "report higher-order functions").option("--zeros", "report calls with zero callees and functions with zero callers").option("--exclude-entries <glob...>", "files to exclude when specifying entry directories").option("--tracked-modules <glob...>", "modules to track usage of (default: auto-detect)").option("--external-matches", "enable pattern matches from external code").option("--no-callgraph-implicit", "omit implicit calls in call graph").option("--no-callgraph-native", "omit native calls in call graph").option("--no-callgraph-require", "omit module loading in call graph").option("--no-callgraph-external", "omit heuristic external callbacks in call graph").option("--diagnostics", "report internal analysis diagnostics").option("--diagnostics-json <file>", "save analysis diagnostics in JSON file").option("--variable-kinds", "report constraint variable kinds").option("--max-waves <number>", "limit number of fixpoint waves").option("--max-indirections <number>", "limit number of function call and property write indirections").option("--full-indirection-bounding", "enable indirection bounding for method calls and property reads (use with --max-indirections)").option("--typescript-library-usage <file>", "save TypeScript library usage in JSON file, no analysis").option("--modules-only", "report reachable packages and modules only, no analysis").option("--compare-callgraphs", "compare two call graphs given as JSON files, no analysis").option("--reachability", "compare call graph reachability (use with -s or --compare-callgraphs)").option("--library", "assume program is a library (default: true if in node_modules)").option("--skip-tests", "skip files that look like tests").option("--no-patch-escaping", "disable patching using escape analysis").option("--patch-dynamics", "enable dynamic property access patching heuristic").option("--patch-method-calls", "enable method call patching heuristic").option("--no-patch-this", "disable 'this' patching heuristic").option("--proto", "enable model of assignments to the __proto__ property").option("--obj-spread", "enable model of spread syntax for object literals ({...obj})").option("--native-overwrites", "allow overwriting of native object properties").option("--ignore-imprecise-native-calls", "ignore imprecise native calls").option("--matches-json <file>", "save vulnerability pattern matches in JSON file").option("--reachable-json <file>", "save reachable packages and modules in JSON file").option("--callstacks-json <file>", "save vulnerability call stacks in JSON file").option("--vulnerabilities-full", "full report of vulnerabilities").option("--eager-propagation", "perform propagation after each module").option("--no-interops", "disable models of common module interop helper functions").option("--modules-json <file>", "save modules dependencies in JSON file").option("--precise-access-path-transitions", "enable pruning of imprecise access path transitions (uses more unique access path tokens)").addOption(commander_1.program.createOption("--lazy", "lazy analysis of modules").implies({
|
|
13787
13935
|
preciseAccessPathTransitions: true
|
|
13788
13936
|
})).option("--lazy-cleanup", "lazily clean up redundant tokens for lazy module analysis").option("--lazy-soft-assert", "assertions for --lazy mode are non-fatal (see diagnostics)").option("--reparse", "reparse by need (use with --lazy)").option("--memory <limit>", "abort if reaching selected fraction of memory limit").usage("[options] [files]").addHelpText("after", `
|
|
13789
13937
|
All modules reachable by require/import from the given files are included in the analysis
|
|
Binary file
|