npm - @eagleoutice/flowr - Versions diffs - 2.9.14 → 2.10.1 - Mend

@eagleoutice/flowr 2.9.14 → 2.10.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (110) hide show

package/dataflow/graph/graph.js CHANGED Viewed

@@ -68,18 +68,36 @@ exports.FunctionArgument = {
         return arg !== r_function_call_1.EmptyArgument;
     },
     /**
-     * Returns the reference of a non-empty argument.
+     * Returns the id of a non-empty argument.
      * @example
      * ```r
-     * foo(a=3, 2) # returns the node id of either `3` or `2`, but skips a
+     * foo(a=3, 2) # returns the node id of either `a` or `2`
      * ```
+     * @see {@link FunctionArgument.getReference}
      */
-    getReference(arg) {
+    getId(arg) {
         if (arg !== r_function_call_1.EmptyArgument) {
             return arg?.nodeId;
         }
         return undefined;
     },
+    /**
+     * Returns the reference of a non-empty argument.
+     * @example
+     * ```r
+     * foo(a=3, 2) # returns the node id of either `3` or `2`, but skips a
+     * ```
+     * @see {@link FunctionArgument.getId}
+     */
+    getReference(arg) {
+        if (arg === r_function_call_1.EmptyArgument) {
+            return undefined;
+        }
+        else if (arg.name === undefined) {
+            return arg.nodeId;
+        }
+        return arg.valueId;
+    },
     /**
      * Checks whether the given argument is a named argument with the specified name.
      * Please note that this only checks whether the name is exactly identical and not whether
@@ -369,8 +387,9 @@ class DataflowGraph {
     /**
      * Marks a vertex in the graph to be a definition
      * @param reference - The reference to the vertex to mark as definition
+     * @param sourceIds - The id of the source vertex of the def, if available
      */
-    setDefinitionOfVertex(reference) {
+    setDefinitionOfVertex(reference, sourceIds) {
         const vertex = this.getVertex(reference.nodeId);
         (0, assert_1.guard)(vertex !== undefined, () => `node must be defined for ${JSON.stringify(reference)} to set reference`);
         if (vertex.tag === vertex_1.VertexType.FunctionDefinition || vertex.tag === vertex_1.VertexType.VariableDefinition) {
@@ -379,6 +398,9 @@ class DataflowGraph {
         else {
             const oldTag = vertex.tag;
             vertex.tag = vertex_1.VertexType.VariableDefinition;
+            if (sourceIds) {
+                vertex.source = sourceIds;
+            }
             this.types.set(oldTag, (this.types.get(oldTag) ?? []).filter(id => id !== reference.nodeId));
             this.types.set(vertex_1.VertexType.VariableDefinition, (this.types.get(vertex_1.VertexType.VariableDefinition) ?? []).concat([reference.nodeId]));
         }

package/dataflow/graph/vertex.d.ts CHANGED Viewed

@@ -123,6 +123,8 @@ export interface DataflowGraphVertexVariableDefinition extends DataflowGraphVert
     readonly environment?: undefined;
     /** Indicates whether the variable definition is a *partial* definition (e.g,. in `x[a] <- b`) */
     readonly par?: true;
+    /** Points to the source ids of the "value" if there is one, this is more of a best-effort flag and not guaranteed to be there */
+    readonly source?: readonly NodeId[];
 }
 /**
  * Arguments required to construct a vertex which represents the definition of a function in the {@link DataflowGraph|dataflow graph}.

package/dataflow/internal/process/functions/call/built-in/built-in-apply.js CHANGED Viewed

@@ -98,6 +98,7 @@ function processApply(name, args, rootId, data, config) {
         if (arg && counterpart !== r_function_call_1.EmptyArgument) {
             return {
                 name: counterpart.name?.content,
+                valueId: counterpart.value?.info.id,
                 cds: data.cds,
                 type: identifier_1.ReferenceType.Argument,
                 nodeId: arg.entryPoint

package/dataflow/internal/process/functions/call/built-in/built-in-assignment.js CHANGED Viewed

@@ -297,7 +297,7 @@ function checkTargetReferenceType(sourceInfo, fnModes) {
  */
 function markAsAssignment(information, nodeToDefine, sourceIds, rootIdOfAssignment, data, assignmentConfig) {
     information.environment = (0, define_1.define)(nodeToDefine, assignmentConfig?.superAssignment, information.environment);
-    information.graph.setDefinitionOfVertex(nodeToDefine);
+    information.graph.setDefinitionOfVertex(nodeToDefine, sourceIds);
     const nid = nodeToDefine.nodeId;
     if (!assignmentConfig?.quoteSource) {
         for (const sourceId of sourceIds) {

package/dataflow/internal/process/functions/call/built-in/built-in-for-loop.js CHANGED Viewed

@@ -60,7 +60,7 @@ function processForLoop(name, args, rootId, data) {
     const nameIdShares = (0, linker_1.produceNameSharedIdMap)((0, linker_1.findNonLocalReads)(nextGraph, writtenIds));
     for (const write of writtenVariable) {
         nextGraph.addEdge(write.nodeId, vector.entryPoint, edge_1.EdgeType.DefinedBy);
-        nextGraph.setDefinitionOfVertex(write);
+        nextGraph.setDefinitionOfVertex(write, [vector.entryPoint]);
     }
     (0, reference_to_maybe_1.applyCdToReferences)(body.out, cd);
     const outgoing = variable.out.concat(writtenVariable, body.out);

package/dataflow/internal/process/functions/call/built-in/built-in-function-definition.js CHANGED Viewed

@@ -99,10 +99,10 @@ function processFunctionDefinition(name, args, rootId, data) {
             return r_function_call_1.EmptyArgument;
         }
         else if (!p.name && p.value && p.value.type === type_1.RType.Parameter) {
-            return { type: identifier_1.ReferenceType.Argument, cds: data.cds, nodeId: p.value.name.info.id, name: p.value.name.content };
+            return { type: identifier_1.ReferenceType.Argument, cds: data.cds, nodeId: p.value.name.info.id, name: p.value.name.content, valueId: p.value.defaultValue?.info.id };
         }
         else if (p.name) {
-            return { type: identifier_1.ReferenceType.Argument, cds: data.cds, nodeId: p.name.info.id, name: p.name.content };
+            return { type: identifier_1.ReferenceType.Argument, valueId: p.value?.info.id, cds: data.cds, nodeId: p.name.info.id, name: p.name.content };
         }
         else {
             return r_function_call_1.EmptyArgument;

package/dataflow/internal/process/functions/call/common.js CHANGED Viewed

@@ -69,6 +69,7 @@ function convertFnArgument(arg) {
     else {
         return {
             nodeId: arg.info.id,
+            valueId: arg.value?.info.id,
             name: arg.name.content,
             cds: undefined,
             type: identifier_1.ReferenceType.Argument
@@ -134,7 +135,7 @@ function processAllArguments({ functionName, args, data, finalGraph, functionRoo
             callArgs.push({ nodeId: processed.entryPoint, cds: undefined, type: identifier_1.ReferenceType.Argument });
         }
         else {
-            callArgs.push({ nodeId: processed.entryPoint, name: arg.name.content, cds: undefined, type: identifier_1.ReferenceType.Argument });
+            callArgs.push({ nodeId: processed.entryPoint, valueId: arg.value?.info.id, name: arg.name.content, cds: undefined, type: identifier_1.ReferenceType.Argument });
         }
         finalGraph.addEdge(functionRootId, processed.entryPoint, edge_1.EdgeType.Argument);
     }

package/dataflow/internal/process/functions/process-parameter.js CHANGED Viewed

@@ -23,7 +23,7 @@ function processFunctionParameter(parameter, data) {
     for (const writtenNode of writtenNodes) {
         const wid = writtenNode.nodeId;
         (0, log_1.expensiveTrace)(log_1.log, () => `parameter ${writtenNode.name} (${wid}) is defined at id ${writtenNode.definedAt} with ${defaultValue === undefined ? 'no default value' : ' a default value'}`);
-        graph.setDefinitionOfVertex(writtenNode);
+        graph.setDefinitionOfVertex(writtenNode, defaultValue?.entryPoint ? [defaultValue?.entryPoint] : []);
         environment = (0, define_1.define)(writtenNode, false, environment);
         if (defaultValue !== undefined) {
             if (r_function_definition_1.RFunctionDefinition.is(parameter.defaultValue)) {

package/documentation/doc-readme.js CHANGED Viewed

@@ -282,7 +282,8 @@ We welcome every contribution! Please check out the ${ctx.linkPage('wiki/Onboard
 *flowr* is actively developed by [Florian Sihler](https://eagleoutice.github.io/portfolio/) and (since October 1st 2025) [Oliver Gerstl](https://www.linkedin.com/in/oliver-gerstl) under the
 [GPLv3 License](LICENSE).\\
-It is partially supported by the German Research Foundation (DFG) under the grant [504226141](https://gepris.dfg.de/gepris/projekt/504226141) ("CodeInspector").
+It is partially supported by the German Research Foundation (DFG) under the grant [504226141](https://gepris.dfg.de/gepris/projekt/504226141) ("CodeInspector")
+and received an unrestricted gift from [Posit](https://posit.co/), the open-source data science company.
 ----

package/documentation/wiki-linter.js CHANGED Viewed

@@ -123,6 +123,11 @@ df[6, "value"]
     rule(knownParser, 'dead-code', 'DeadCodeConfig', 'DEAD_CODE', 'lint-dead-code', 'if(TRUE) 1 else 2', tagTypes);
     rule(knownParser, 'useless-loop', 'UselessLoopConfig', 'USELESS_LOOP', 'lint-useless-loop', 'for(i in c(1)) { print(i) }', tagTypes);
     rule(knownParser, 'stop-call', 'StopWithCallConfig', 'STOP_WITH_CALL_ARG', 'lint-stop-call', 'stop(42)', tagTypes);
+    rule(knownParser, 'problematic-eval', 'ProblematicEvalConfig', 'PROBLEMATIC_EVAL', 'lint-problematic-eval', `
+function(x) {
+	eval(x)
+}
+`, tagTypes);
     function rule(parser, name, configType, ruleType, testfile, example, types) {
         const rule = linter_rules_1.LintingRules[name];
         const tags = rule.info.tags.toSorted((a, b) => {

package/linter/linter-rules.d.ts CHANGED Viewed

@@ -281,6 +281,31 @@ export declare const LintingRules: {
             };
         };
     };
+    readonly 'problematic-eval': {
+        readonly createSearch: (config: import("./rules/problematic-eval").ProblematicEvalConfig) => import("../search/flowr-search-builder").FlowrSearchBuilder<"from-query", [], import("../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation, import("../search/flowr-search").FlowrSearchElements<import("../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation, import("../search/flowr-search").FlowrSearchElement<import("../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation>[]>>;
+        readonly processSearchResult: (elements: import("../search/flowr-search").FlowrSearchElements<import("../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation, import("../search/flowr-search").FlowrSearchElement<import("../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation>[]>, _config: import("./rules/problematic-eval").ProblematicEvalConfig, data: {
+            normalize: import("../r-bridge/lang-4.x/ast/model/processing/decorate").NormalizedAst;
+            dataflow: import("../dataflow/info").DataflowInformation;
+            cfg: import("../control-flow/control-flow-graph").ControlFlowInformation;
+            analyzer: import("../project/flowr-analyzer").ReadonlyFlowrAnalysisProvider;
+        }) => Promise<{
+            results: import("./rules/problematic-eval").ProblematicEvalResult[];
+            ".meta": import("./rules/problematic-eval").ProblematicEvalMetadata;
+        }>;
+        readonly prettyPrint: {
+            readonly query: (result: import("./rules/problematic-eval").ProblematicEvalResult) => string;
+            readonly full: (result: import("./rules/problematic-eval").ProblematicEvalResult) => string;
+        };
+        readonly info: {
+            readonly name: "Problematic eval";
+            readonly description: "Detects uses of eval-like functions whose inputs are not statically constant. Prints the computed input-sources for the eval and flags usages that depend on non-constant/trusted inputs.";
+            readonly tags: readonly [import("./linter-tags").LintingRuleTag.Security, import("./linter-tags").LintingRuleTag.Smell, import("./linter-tags").LintingRuleTag.Readability, import("./linter-tags").LintingRuleTag.Performance];
+            readonly certainty: import("./linter-format").LintingRuleCertainty.BestEffort;
+            readonly defaultConfig: {
+                readonly considerAsEval: "^eval$";
+            };
+        };
+    };
     readonly 'stop-call': {
         readonly createSearch: () => import("../search/flowr-search-builder").FlowrSearchBuilder<"get", ["filter"], import("../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation, Promise<import("../search/flowr-search").FlowrSearchElements<import("../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation, [] | import("../search/flowr-search").FlowrSearchElement<import("../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation>[]>>>;
         readonly processSearchResult: (elements: import("../search/flowr-search").FlowrSearchElements<import("../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation, import("../search/flowr-search").FlowrSearchElement<import("../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation>[]>, _config: import("../util/objects").MergeableRecord, { dataflow, analyzer }: {

package/linter/linter-rules.js CHANGED Viewed

@@ -12,6 +12,7 @@ const dataframe_access_validation_1 = require("./rules/dataframe-access-validati
 const useless_loop_1 = require("./rules/useless-loop");
 const network_functions_1 = require("./rules/network-functions");
 const stop_with_call_arg_1 = require("./rules/stop-with-call-arg");
+const problematic_eval_1 = require("./rules/problematic-eval");
 /**
  * The registry of currently supported linting rules.
  * A linting rule can be executed on a dataflow pipeline result using {@link executeLintingRule}.
@@ -27,6 +28,7 @@ exports.LintingRules = {
     'dataframe-access-validation': dataframe_access_validation_1.DATA_FRAME_ACCESS_VALIDATION,
     'dead-code': dead_code_1.DEAD_CODE,
     'useless-loop': useless_loop_1.USELESS_LOOP,
+    'problematic-eval': problematic_eval_1.PROBLEMATIC_EVAL,
     'stop-call': stop_with_call_arg_1.STOP_WITH_CALL_ARG
 };
 //# sourceMappingURL=linter-rules.js.map

package/linter/rules/problematic-eval.d.ts ADDED Viewed

@@ -0,0 +1,44 @@
+import { type LintingResult, LintingRuleCertainty } from '../linter-format';
+import type { MergeableRecord } from '../../util/objects';
+import { SourceLocation } from '../../util/range';
+import { LintingRuleTag } from '../linter-tags';
+import type { InputSources } from '../../queries/catalog/input-sources-query/simple-input-classifier';
+/**
+ * Describes a linting result for a problematic eval usage, including the location of the eval call and the computed input sources that lead to it.
+ */
+export interface ProblematicEvalResult extends LintingResult {
+    loc: SourceLocation;
+    sources: InputSources;
+}
+export interface ProblematicEvalConfig extends MergeableRecord {
+    /**
+     * All calls that should be considered to be valid eval entry points, this will be interpreted as a Regex!
+     */
+    considerAsEval: string;
+}
+export type ProblematicEvalMetadata = MergeableRecord;
+export declare const PROBLEMATIC_EVAL: {
+    readonly createSearch: (config: ProblematicEvalConfig) => import("../../search/flowr-search-builder").FlowrSearchBuilder<"from-query", [], import("../../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation, import("../../search/flowr-search").FlowrSearchElements<import("../../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation, import("../../search/flowr-search").FlowrSearchElement<import("../../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation>[]>>;
+    readonly processSearchResult: (elements: import("../../search/flowr-search").FlowrSearchElements<import("../../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation, import("../../search/flowr-search").FlowrSearchElement<import("../../r-bridge/lang-4.x/ast/model/processing/decorate").ParentInformation>[]>, _config: ProblematicEvalConfig, data: {
+        normalize: import("../../r-bridge/lang-4.x/ast/model/processing/decorate").NormalizedAst;
+        dataflow: import("../../dataflow/info").DataflowInformation;
+        cfg: import("../../control-flow/control-flow-graph").ControlFlowInformation;
+        analyzer: import("../../project/flowr-analyzer").ReadonlyFlowrAnalysisProvider;
+    }) => Promise<{
+        results: ProblematicEvalResult[];
+        ".meta": ProblematicEvalMetadata;
+    }>;
+    readonly prettyPrint: {
+        readonly query: (result: ProblematicEvalResult) => string;
+        readonly full: (result: ProblematicEvalResult) => string;
+    };
+    readonly info: {
+        readonly name: "Problematic eval";
+        readonly description: "Detects uses of eval-like functions whose inputs are not statically constant. Prints the computed input-sources for the eval and flags usages that depend on non-constant/trusted inputs.";
+        readonly tags: readonly [LintingRuleTag.Security, LintingRuleTag.Smell, LintingRuleTag.Readability, LintingRuleTag.Performance];
+        readonly certainty: LintingRuleCertainty.BestEffort;
+        readonly defaultConfig: {
+            readonly considerAsEval: "^eval$";
+        };
+    };
+};

package/linter/rules/problematic-eval.js ADDED Viewed

@@ -0,0 +1,83 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PROBLEMATIC_EVAL = void 0;
+const linter_format_1 = require("../linter-format");
+const flowr_search_builder_1 = require("../../search/flowr-search-builder");
+const range_1 = require("../../util/range");
+const linter_tags_1 = require("../linter-tags");
+const simple_input_classifier_1 = require("../../queries/catalog/input-sources-query/simple-input-classifier");
+const query_1 = require("../../queries/query");
+const parse_1 = require("../../slicing/criterion/parse");
+/**
+ * Format a list of input sources either as a single-line string (inline) or a block.
+ * - inline: returns a semicolon-separated single-line summary
+ * - block: returns an array of lines (to be joined with newlines by the caller)
+ */
+function formatInputSources(inputs, inline = true) {
+    if (!inputs || inputs.length === 0) {
+        return inline ? '' : [];
+    }
+    if (inline) {
+        return inputs.map(s => `${s.id} (type: ${Array.isArray(s.type) ? '[' + s.type.join(',') + ']' : s.type}, trace: ${s.trace}${s.cds ? ', cds: [' + s.cds.join(',') + ']' : ''})`).join('; ');
+    }
+    return inputs.map(s => `- ${s.id}: type=${Array.isArray(s.type) ? '[' + s.type.join(',') + ']' : s.type}, trace=${s.trace}${s.cds ? ', cds=[' + s.cds.join(',') + ']' : ''}`);
+}
+exports.PROBLEMATIC_EVAL = {
+    /* create a search that finds calls that look like eval-like functions */
+    createSearch: config => flowr_search_builder_1.Q.fromQuery({
+        type: 'call-context',
+        callName: config.considerAsEval,
+        callNameExact: false
+    }),
+    processSearchResult: async (elements, _config, data) => {
+        const results = [];
+        for (const element of elements.getElements()) {
+            const nid = element.node.info.id;
+            // run an input-sources query for this eval-like call
+            const criterion = parse_1.SlicingCriterion.fromId(nid);
+            const q = { type: 'input-sources', criterion };
+            const all = await (0, query_1.executeQueries)({ analyzer: data.analyzer }, [q]);
+            const inputSourcesResult = all['input-sources'];
+            const sources = inputSourcesResult?.results?.[criterion] ?? [];
+            // if any input is not a constant or derived constant, flag it
+            const problematic = sources.some(s => Array.isArray(s.type)
+                ? s.type.some(t => t !== simple_input_classifier_1.InputType.Constant && t !== simple_input_classifier_1.InputType.DerivedConstant)
+                : (s.type !== simple_input_classifier_1.InputType.Constant && s.type !== simple_input_classifier_1.InputType.DerivedConstant));
+            if (problematic) {
+                results.push({
+                    involvedId: nid,
+                    certainty: sources.some(s => Array.isArray(s.type) ? s.type.includes(simple_input_classifier_1.InputType.Unknown) : s.type === simple_input_classifier_1.InputType.Unknown) ? linter_format_1.LintingResultCertainty.Uncertain : linter_format_1.LintingResultCertainty.Certain,
+                    loc: range_1.SourceLocation.fromNode(element.node) ?? range_1.SourceLocation.invalid(),
+                    sources
+                });
+            }
+        }
+        return {
+            results,
+            '.meta': {}
+        };
+    },
+    /* helper to format input sources for pretty printing */
+    prettyPrint: {
+        [linter_format_1.LintingPrettyPrintContext.Query]: result => {
+            const inputs = result.sources ?? [];
+            const srcStr = formatInputSources(inputs, true);
+            return `Use of eval-like function at ${range_1.SourceLocation.format(result.loc)}${srcStr ? `; inputs: ${srcStr}` : ''}`;
+        },
+        [linter_format_1.LintingPrettyPrintContext.Full]: result => {
+            const inputs = result.sources ?? [];
+            const srcLines = formatInputSources(inputs, false);
+            return `Use of eval-like function at ${range_1.SourceLocation.format(result.loc)} is potentially problematic${srcLines.length ? '\nInputs:\n' + srcLines.join('\n') : ''}`;
+        }
+    },
+    info: {
+        name: 'Problematic eval',
+        description: 'Detects uses of eval-like functions whose inputs are not statically constant. Prints the computed input-sources for the eval and flags usages that depend on non-constant/trusted inputs.',
+        tags: [linter_tags_1.LintingRuleTag.Security, linter_tags_1.LintingRuleTag.Smell, linter_tags_1.LintingRuleTag.Readability, linter_tags_1.LintingRuleTag.Performance],
+        certainty: linter_format_1.LintingRuleCertainty.BestEffort,
+        defaultConfig: {
+            considerAsEval: '^eval$'
+        }
+    }
+};
+//# sourceMappingURL=problematic-eval.js.map

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@eagleoutice/flowr",
-  "version": "2.9.14",
+  "version": "2.10.1",
   "description": "Static Dataflow Analyzer and Program Slicer for the R Programming Language",
   "types": "dist/src/index.d.ts",
   "repository": {
@@ -165,8 +165,8 @@
     }
   },
   "devDependencies": {
-    "@commitlint/cli": "^19.7.1",
-    "@commitlint/config-angular": "^19.7.1",
+    "@commitlint/cli": "^20.5.0",
+    "@commitlint/config-angular": "^20.5.0",
     "@eagleoutice/eslint-config-flowr": "^1.0.36",
     "@eslint/eslintrc": "^3.3.3",
     "@eslint/js": "^9.39.2",
@@ -191,11 +191,11 @@
     "npm-run-all": "^4.1.5",
     "release-it": "^19.2.3",
     "ts-node": "^10.9.2",
-    "typedoc": "^0.27.7",
-    "typedoc-plugin-missing-exports": "^3.1.0",
-    "typedoc-theme-hierarchy": "^5.0.4",
+    "typedoc": "^0.28.17",
+    "typedoc-plugin-missing-exports": "^4.1.2",
+    "typedoc-theme-hierarchy": "^6.0.0",
     "typedoc-umlclass": "^0.10.2",
-    "typescript": "^5.7.3",
+    "typescript": "^5.9.3",
     "vitest": "^3.2.4"
   },
   "dependencies": {

package/queries/catalog/df-shape-query/df-shape-query-executor.js CHANGED Viewed

@@ -39,7 +39,7 @@ async function executeDfShapeQuery({ analyzer }, queries) {
             continue;
         }
         try {
-            const nodeId = parse_1.SingleSlicingCriterion.parse(query.criterion, ast.idMap);
+            const nodeId = parse_1.SlicingCriterion.parse(query.criterion, ast.idMap);
             const node = ast.idMap.get(nodeId);
             const value = inference.getAbstractValue(node?.info.id);
             result.set(query.criterion, value);

package/queries/catalog/df-shape-query/df-shape-query-format.d.ts CHANGED Viewed

@@ -3,17 +3,17 @@ import type { DataFrameDomain } from '../../../abstract-interpretation/data-fram
 import type { StateAbstractDomain } from '../../../abstract-interpretation/domains/state-abstract-domain';
 import type { ReplOutput } from '../../../cli/repl/commands/repl-main';
 import type { FlowrConfig } from '../../../config';
-import type { SingleSlicingCriterion } from '../../../slicing/criterion/parse';
+import type { SlicingCriterion } from '../../../slicing/criterion/parse';
 import type { BaseQueryFormat, BaseQueryResult } from '../../base-query-format';
 import type { ParsedQueryLine } from '../../query';
 import { executeDfShapeQuery } from './df-shape-query-executor';
 /** Infer the shape of data frames using abstract interpretation. */
 export interface DfShapeQuery extends BaseQueryFormat {
     readonly type: 'df-shape';
-    readonly criterion?: SingleSlicingCriterion;
+    readonly criterion?: SlicingCriterion;
 }
 export interface DfShapeQueryResult extends BaseQueryResult {
-    domains: StateAbstractDomain<DataFrameDomain> | Map<SingleSlicingCriterion, DataFrameDomain | undefined>;
+    domains: StateAbstractDomain<DataFrameDomain> | Map<SlicingCriterion, DataFrameDomain | undefined>;
 }
 declare function dfShapeQueryLineParser(_output: ReplOutput, line: readonly string[], _config: FlowrConfig): ParsedQueryLine<'df-shape'>;
 export declare const DfShapeQueryDefinition: {

package/queries/catalog/does-call-query/does-call-query-executor.js CHANGED Viewed

@@ -19,7 +19,7 @@ async function executeDoesCallQuery({ analyzer }, queries) {
             log_1.log.warn(`Duplicate query id '${id}' in does-call queries, SKIP.`);
             continue;
         }
-        const nodeId = parse_1.SingleSlicingCriterion.tryParse(query.call, idMap);
+        const nodeId = parse_1.SlicingCriterion.tryParse(query.call, idMap);
         if (!nodeId) {
             results[id] = false;
             continue;

package/queries/catalog/does-call-query/does-call-query-format.d.ts CHANGED Viewed

@@ -3,7 +3,7 @@ import Joi from 'joi';
 import type { ParsedQueryLine } from '../../query';
 import { executeDoesCallQuery } from './does-call-query-executor';
 import { type NodeId } from '../../../r-bridge/lang-4.x/ast/model/processing/node-id';
-import type { SingleSlicingCriterion } from '../../../slicing/criterion/parse';
+import type { SlicingCriterion } from '../../../slicing/criterion/parse';
 import type { ReplOutput } from '../../../cli/repl/commands/repl-main';
 import type { FlowrConfig } from '../../../config';
 interface CallsIdConstraint {
@@ -30,7 +30,7 @@ export type CallsConstraint = CallsIdConstraint | CallsWithNameConstraint | Call
 export interface DoesCallQuery extends BaseQueryFormat {
     readonly type: 'does-call';
     readonly queryId?: string;
-    readonly call: SingleSlicingCriterion;
+    readonly call: SlicingCriterion;
     readonly calls: CallsConstraint;
 }
 export interface FindAllCallsResult {

package/queries/catalog/happens-before-query/happens-before-query-executor.js CHANGED Viewed

@@ -22,8 +22,8 @@ async function executeHappensBefore({ analyzer }, queries) {
             log_1.log.warn('Duplicate happens-before query', query, 'ignoring');
         }
         try {
-            const resolvedA = parse_1.SingleSlicingCriterion.parse(a, ast.idMap);
-            const resolvedB = parse_1.SingleSlicingCriterion.parse(b, ast.idMap);
+            const resolvedA = parse_1.SlicingCriterion.parse(a, ast.idMap);
+            const resolvedB = parse_1.SlicingCriterion.parse(b, ast.idMap);
             results[fingerprint] = (0, happens_before_1.happensBefore)(cfg.graph, resolvedA, resolvedB);
         }
         catch (e) {

package/queries/catalog/happens-before-query/happens-before-query-format.d.ts CHANGED Viewed

@@ -1,12 +1,12 @@
 import type { BaseQueryFormat, BaseQueryResult } from '../../base-query-format';
 import Joi from 'joi';
 import { executeHappensBefore } from './happens-before-query-executor';
-import type { SingleSlicingCriterion } from '../../../slicing/criterion/parse';
+import type { SlicingCriterion } from '../../../slicing/criterion/parse';
 import type { Ternary } from '../../../util/logic';
 export interface HappensBeforeQuery extends BaseQueryFormat {
     readonly type: 'happens-before';
-    readonly a: SingleSlicingCriterion;
-    readonly b: SingleSlicingCriterion;
+    readonly a: SlicingCriterion;
+    readonly b: SlicingCriterion;
 }
 export interface HappensBeforeQueryResult extends BaseQueryResult {
     readonly results: Record<string, Ternary>;

package/queries/catalog/input-sources-query/input-sources-query-executor.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import type { BasicQueryData } from '../../base-query-format';
+import type { InputSourcesQuery, InputSourcesQueryResult } from './input-sources-query-format';
+/**
+ * Execute an input sources query
+ */
+export declare function executeInputSourcesQuery({ analyzer }: BasicQueryData, queries: readonly InputSourcesQuery[]): Promise<InputSourcesQueryResult>;

package/queries/catalog/input-sources-query/input-sources-query-executor.js ADDED Viewed

@@ -0,0 +1,66 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.executeInputSourcesQuery = executeInputSourcesQuery;
+const log_1 = require("../../../util/log");
+const parse_1 = require("../../../slicing/criterion/parse");
+const r_function_definition_1 = require("../../../r-bridge/lang-4.x/ast/model/nodes/r-function-definition");
+const model_1 = require("../../../r-bridge/lang-4.x/ast/model/model");
+const df_helper_1 = require("../../../dataflow/graph/df-helper");
+const simple_input_classifier_1 = require("./simple-input-classifier");
+const network_functions_1 = require("../../../linter/rules/network-functions");
+const seeded_randomness_1 = require("../../../linter/rules/seeded-randomness");
+const read_functions_1 = require("../dependencies-query/function-info/read-functions");
+/**
+ * Execute an input sources query
+ */
+async function executeInputSourcesQuery({ analyzer }, queries) {
+    const start = Date.now();
+    const results = {};
+    const nast = await analyzer.normalize();
+    const df = await analyzer.dataflow();
+    for (const query of queries) {
+        const key = query.criterion;
+        if (results[key]) {
+            log_1.log.warn(`Duplicate key for input-sources query: ${key}, skipping...`);
+        }
+        const criterionId = parse_1.SlicingCriterion.tryParse(key, nast.idMap) ?? key;
+        const provenanceNode = nast.idMap.get(criterionId);
+        const fdef = r_function_definition_1.RFunctionDefinition.rootFunctionDefinition(provenanceNode, nast.idMap);
+        const provenance = df_helper_1.Dataflow.provenanceGraph(criterionId, df.graph, fdef ? model_1.RNode.collectAllIds(fdef) : undefined);
+        results[key] = (0, simple_input_classifier_1.classifyInput)(criterionId, provenance, {
+            networkFns: query.config?.networkFns ?? network_functions_1.NETWORK_FUNCTIONS.info.defaultConfig.fns,
+            randomFns: query.config?.randomFns ?? seeded_randomness_1.SEEDED_RANDOMNESS.info.defaultConfig.randomnessConsumers,
+            pureFns: query.config?.pureFns ?? ['paste', 'paste0', 'parse', '+', '-', '*',
+                '/', '^', '%%', '%/%', '&', '|', '!', '&&', '||',
+                '<', '>', '<=', '>=', '==', '!=', ':',
+                'abs', 'sign', 'sqrt', 'exp', 'log', 'log10', 'log2',
+                'sin', 'cos', 'tan', 'asin', 'acos', 'atan',
+                'length', 'nchar', 'dim', 'nrow', 'ncol',
+                'c', 'list', 'data.frame',
+                'ifelse', 'switch', 'factor', 'as.factor',
+                'round', 'floor', 'ceiling', 'trunc',
+                'substr', 'substring', 'strsplit',
+                'min', 'max', 'range', 'sum', 'prod', 'mean', 'median', 'var', 'sd',
+                'head', 'tail', 'seq', 'rep',
+                'apply', 'lapply', 'sapply', 'vapply', 'tapply',
+                'matrix', 'array', 'substitute', 'quote', 'bquote', 'enquote', 'enexpr', 'enexprs', 'enquo', 'enquos',
+                'expression', 'call', 'as.call', 'as.expression',
+                'rownames', 'colnames',
+                'list.files', 'tolower', 'toupper', 'printf',
+                '<-', '->', '=', '<<-', '->>', 'assign', 'get',
+                '[', '[[', '$', 'length<-', 'dim<-', 'names<-', 'colnames<-', 'rownames<-',
+                'as.character', 'as.numeric', 'as.logical', 'as.list', 'as.data.frame', 'as.matrix', 'as.array',
+                'identity', 'invisible', 'return', 'force', 'missing',
+                'print', 'cat', 'message', 'warning', 'stop'
+            ],
+            readFileFns: query.config?.readFileFns ?? read_functions_1.ReadFunctions.map(f => f.name)
+        });
+    }
+    return {
+        '.meta': {
+            timing: Date.now() - start
+        },
+        results
+    };
+}
+//# sourceMappingURL=input-sources-query-executor.js.map

package/queries/catalog/input-sources-query/input-sources-query-format.d.ts ADDED Viewed

@@ -0,0 +1,36 @@
+import type { BaseQueryFormat, BaseQueryResult } from '../../base-query-format';
+import type { SlicingCriterion } from '../../../slicing/criterion/parse';
+import type { ParsedQueryLine } from '../../query';
+import Joi from 'joi';
+import type { NodeId } from '../../../r-bridge/lang-4.x/ast/model/processing/node-id';
+import type { InputClassifierConfig, InputSources } from './simple-input-classifier';
+import type { ReplOutput } from '../../../cli/repl/commands/repl-main';
+import type { FlowrConfig } from '../../../config';
+import { executeInputSourcesQuery } from './input-sources-query-executor';
+export type InputSourcesQueryConfig = InputClassifierConfig;
+/**
+ * Calculates provenance for all inputs and their transformations
+ * based on the `provenance` of a given function.
+ */
+export interface InputSourcesQuery extends BaseQueryFormat {
+    readonly type: 'input-sources';
+    /**
+     * This takes a criterion (or a numerical id works too)
+     * {@link SlicingCriterion.fromId}
+     */
+    readonly criterion: SlicingCriterion;
+    readonly config?: InputSourcesQueryConfig;
+}
+export interface InputSourcesQueryResult extends BaseQueryResult {
+    /** For each query key, a list of classified input sources (each with id and all traces) */
+    results: Record<string, InputSources>;
+}
+declare function inputSourcesQueryLineParser(output: ReplOutput, line: readonly string[], _config: FlowrConfig): ParsedQueryLine<'input-sources'>;
+export declare const InputSourcesDefinition: {
+    readonly executor: typeof executeInputSourcesQuery;
+    readonly asciiSummarizer: (formatter: import("../../../util/text/ansi").OutputFormatter, analyzer: import("../../../project/flowr-analyzer").ReadonlyFlowrAnalysisProvider<import("../../../r-bridge/parser").KnownParser>, queryResults: BaseQueryResult, result: string[]) => Promise<boolean>;
+    readonly fromLine: typeof inputSourcesQueryLineParser;
+    readonly schema: Joi.ObjectSchema<any>;
+    readonly flattenInvolvedNodes: (queryResults: BaseQueryResult) => NodeId[];
+};
+export {};