npm - @grafema/core - Versions diffs - 0.1.1-alpha → 0.2.1-beta - Mend

@grafema/core 0.1.1-alpha → 0.2.1-beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (319) hide show

package/dist/Orchestrator.d.ts +7 -0
package/dist/Orchestrator.d.ts.map +1 -1
package/dist/Orchestrator.js +25 -3
package/dist/config/ConfigLoader.d.ts +18 -0
package/dist/config/ConfigLoader.d.ts.map +1 -1
package/dist/config/ConfigLoader.js +65 -3
package/dist/core/FileExplainer.d.ts +101 -0
package/dist/core/FileExplainer.d.ts.map +1 -0
package/dist/core/FileExplainer.js +139 -0
package/dist/core/NodeFactory.d.ts +44 -5
package/dist/core/NodeFactory.d.ts.map +1 -1
package/dist/core/NodeFactory.js +52 -7
package/dist/core/nodes/ArrayLiteralNode.d.ts.map +1 -1
package/dist/core/nodes/ArrayLiteralNode.js +4 -2
package/dist/core/nodes/BranchNode.d.ts +41 -0
package/dist/core/nodes/BranchNode.d.ts.map +1 -0
package/dist/core/nodes/BranchNode.js +82 -0
package/dist/core/nodes/CallSiteNode.d.ts +2 -2
package/dist/core/nodes/CallSiteNode.d.ts.map +1 -1
package/dist/core/nodes/CallSiteNode.js +9 -5
package/dist/core/nodes/CaseNode.d.ts +43 -0
package/dist/core/nodes/CaseNode.d.ts.map +1 -0
package/dist/core/nodes/CaseNode.js +81 -0
package/dist/core/nodes/ClassNode.d.ts +2 -2
package/dist/core/nodes/ClassNode.d.ts.map +1 -1
package/dist/core/nodes/ClassNode.js +8 -4
package/dist/core/nodes/ConstantNode.d.ts +2 -2
package/dist/core/nodes/ConstantNode.d.ts.map +1 -1
package/dist/core/nodes/ConstantNode.js +6 -4
package/dist/core/nodes/ConstructorCallNode.d.ts +51 -0
package/dist/core/nodes/ConstructorCallNode.d.ts.map +1 -0
package/dist/core/nodes/ConstructorCallNode.js +171 -0
package/dist/core/nodes/DatabaseQueryNode.d.ts +3 -2
package/dist/core/nodes/DatabaseQueryNode.d.ts.map +1 -1
package/dist/core/nodes/DatabaseQueryNode.js +5 -2
package/dist/core/nodes/DecoratorNode.d.ts +2 -2
package/dist/core/nodes/DecoratorNode.d.ts.map +1 -1
package/dist/core/nodes/DecoratorNode.js +5 -3
package/dist/core/nodes/EnumNode.d.ts +2 -2
package/dist/core/nodes/EnumNode.d.ts.map +1 -1
package/dist/core/nodes/EnumNode.js +5 -3
package/dist/core/nodes/EventListenerNode.d.ts +4 -4
package/dist/core/nodes/EventListenerNode.d.ts.map +1 -1
package/dist/core/nodes/EventListenerNode.js +7 -4
package/dist/core/nodes/ExportNode.d.ts +2 -2
package/dist/core/nodes/ExportNode.d.ts.map +1 -1
package/dist/core/nodes/ExportNode.js +8 -4
package/dist/core/nodes/ExpressionNode.d.ts +2 -2
package/dist/core/nodes/ExpressionNode.d.ts.map +1 -1
package/dist/core/nodes/ExpressionNode.js +6 -4
package/dist/core/nodes/ExternalModuleNode.d.ts +4 -0
package/dist/core/nodes/ExternalModuleNode.d.ts.map +1 -1
package/dist/core/nodes/ExternalModuleNode.js +10 -2
package/dist/core/nodes/HttpRequestNode.d.ts +4 -4
package/dist/core/nodes/HttpRequestNode.d.ts.map +1 -1
package/dist/core/nodes/HttpRequestNode.js +7 -4
package/dist/core/nodes/ImportNode.d.ts +10 -2
package/dist/core/nodes/ImportNode.d.ts.map +1 -1
package/dist/core/nodes/ImportNode.js +21 -4
package/dist/core/nodes/InterfaceNode.d.ts +2 -2
package/dist/core/nodes/InterfaceNode.d.ts.map +1 -1
package/dist/core/nodes/InterfaceNode.js +5 -3
package/dist/core/nodes/LiteralNode.d.ts +2 -2
package/dist/core/nodes/LiteralNode.d.ts.map +1 -1
package/dist/core/nodes/LiteralNode.js +6 -4
package/dist/core/nodes/MethodCallNode.d.ts +2 -2
package/dist/core/nodes/MethodCallNode.d.ts.map +1 -1
package/dist/core/nodes/MethodCallNode.js +9 -5
package/dist/core/nodes/MethodNode.d.ts +2 -2
package/dist/core/nodes/MethodNode.d.ts.map +1 -1
package/dist/core/nodes/MethodNode.js +8 -4
package/dist/core/nodes/ObjectLiteralNode.d.ts.map +1 -1
package/dist/core/nodes/ObjectLiteralNode.js +4 -2
package/dist/core/nodes/ParameterNode.d.ts +2 -2
package/dist/core/nodes/ParameterNode.d.ts.map +1 -1
package/dist/core/nodes/ParameterNode.js +5 -3
package/dist/core/nodes/TypeNode.d.ts +2 -2
package/dist/core/nodes/TypeNode.d.ts.map +1 -1
package/dist/core/nodes/TypeNode.js +5 -3
package/dist/core/nodes/VariableDeclarationNode.d.ts +2 -2
package/dist/core/nodes/VariableDeclarationNode.d.ts.map +1 -1
package/dist/core/nodes/VariableDeclarationNode.js +9 -5
package/dist/core/nodes/index.d.ts +3 -0
package/dist/core/nodes/index.d.ts.map +1 -1
package/dist/core/nodes/index.js +3 -0
package/dist/data/builtins/BuiltinRegistry.d.ts +78 -0
package/dist/data/builtins/BuiltinRegistry.d.ts.map +1 -0
package/dist/data/builtins/BuiltinRegistry.js +110 -0
package/dist/data/builtins/definitions.d.ts +28 -0
package/dist/data/builtins/definitions.d.ts.map +1 -0
package/dist/data/builtins/definitions.js +250 -0
package/dist/data/builtins/index.d.ts +10 -0
package/dist/data/builtins/index.d.ts.map +1 -0
package/dist/data/builtins/index.js +8 -0
package/dist/data/builtins/jsGlobals.d.ts +18 -0
package/dist/data/builtins/jsGlobals.d.ts.map +1 -0
package/dist/data/builtins/jsGlobals.js +26 -0
package/dist/data/builtins/types.d.ts +34 -0
package/dist/data/builtins/types.d.ts.map +1 -0
package/dist/data/builtins/types.js +7 -0
package/dist/data/globals/definitions.d.ts +27 -0
package/dist/data/globals/definitions.d.ts.map +1 -0
package/dist/data/globals/definitions.js +117 -0
package/dist/data/globals/index.d.ts +36 -0
package/dist/data/globals/index.d.ts.map +1 -0
package/dist/data/globals/index.js +52 -0
package/dist/diagnostics/DiagnosticReporter.d.ts +23 -0
package/dist/diagnostics/DiagnosticReporter.d.ts.map +1 -1
package/dist/diagnostics/DiagnosticReporter.js +88 -0
package/dist/diagnostics/index.d.ts +1 -1
package/dist/diagnostics/index.d.ts.map +1 -1
package/dist/errors/GrafemaError.d.ts +43 -0
package/dist/errors/GrafemaError.d.ts.map +1 -1
package/dist/errors/GrafemaError.js +50 -0
package/dist/index.d.ts +17 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +17 -1
package/dist/plugins/analysis/DatabaseAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/DatabaseAnalyzer.js +3 -2
package/dist/plugins/analysis/ExpressAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/ExpressAnalyzer.js +3 -1
package/dist/plugins/analysis/ExpressResponseAnalyzer.d.ts +148 -0
package/dist/plugins/analysis/ExpressResponseAnalyzer.d.ts.map +1 -0
package/dist/plugins/analysis/ExpressResponseAnalyzer.js +495 -0
package/dist/plugins/analysis/ExpressRouteAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/ExpressRouteAnalyzer.js +53 -18
package/dist/plugins/analysis/FetchAnalyzer.d.ts +40 -0
package/dist/plugins/analysis/FetchAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/FetchAnalyzer.js +163 -15
package/dist/plugins/analysis/JSASTAnalyzer.d.ts +157 -26
package/dist/plugins/analysis/JSASTAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/JSASTAnalyzer.js +2418 -191
package/dist/plugins/analysis/RustAnalyzer.js +4 -4
package/dist/plugins/analysis/SQLiteAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/SQLiteAnalyzer.js +4 -2
package/dist/plugins/analysis/SocketIOAnalyzer.d.ts +9 -0
package/dist/plugins/analysis/SocketIOAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/SocketIOAnalyzer.js +91 -7
package/dist/plugins/analysis/ast/GraphBuilder.d.ts +173 -0
package/dist/plugins/analysis/ast/GraphBuilder.d.ts.map +1 -1
package/dist/plugins/analysis/ast/GraphBuilder.js +1256 -65
package/dist/plugins/analysis/ast/types.d.ts +294 -0
package/dist/plugins/analysis/ast/types.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/ASTVisitor.d.ts +5 -1
package/dist/plugins/analysis/ast/visitors/ASTVisitor.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/CallExpressionVisitor.d.ts +1 -0
package/dist/plugins/analysis/ast/visitors/CallExpressionVisitor.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/CallExpressionVisitor.js +12 -1
package/dist/plugins/analysis/ast/visitors/FunctionVisitor.d.ts +10 -0
package/dist/plugins/analysis/ast/visitors/FunctionVisitor.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/FunctionVisitor.js +62 -0
package/dist/plugins/analysis/ast/visitors/ImportExportVisitor.d.ts +4 -0
package/dist/plugins/analysis/ast/visitors/ImportExportVisitor.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/ImportExportVisitor.js +101 -0
package/dist/plugins/analysis/ast/visitors/VariableVisitor.d.ts +16 -1
package/dist/plugins/analysis/ast/visitors/VariableVisitor.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/VariableVisitor.js +233 -39
package/dist/plugins/discovery/WorkspaceDiscovery.d.ts.map +1 -1
package/dist/plugins/discovery/WorkspaceDiscovery.js +9 -4
package/dist/plugins/enrichment/AliasTracker.d.ts.map +1 -1
package/dist/plugins/enrichment/AliasTracker.js +16 -1
package/dist/plugins/enrichment/ArgumentParameterLinker.d.ts +32 -0
package/dist/plugins/enrichment/ArgumentParameterLinker.d.ts.map +1 -0
package/dist/plugins/enrichment/ArgumentParameterLinker.js +175 -0
package/dist/plugins/enrichment/ClosureCaptureEnricher.d.ts +51 -0
package/dist/plugins/enrichment/ClosureCaptureEnricher.d.ts.map +1 -0
package/dist/plugins/enrichment/ClosureCaptureEnricher.js +205 -0
package/dist/plugins/enrichment/ExternalCallResolver.d.ts +42 -0
package/dist/plugins/enrichment/ExternalCallResolver.d.ts.map +1 -0
package/dist/plugins/enrichment/ExternalCallResolver.js +213 -0
package/dist/plugins/enrichment/FunctionCallResolver.d.ts +58 -0
package/dist/plugins/enrichment/FunctionCallResolver.d.ts.map +1 -0
package/dist/plugins/enrichment/FunctionCallResolver.js +340 -0
package/dist/plugins/enrichment/HTTPConnectionEnricher.d.ts +16 -3
package/dist/plugins/enrichment/HTTPConnectionEnricher.d.ts.map +1 -1
package/dist/plugins/enrichment/HTTPConnectionEnricher.js +64 -20
package/dist/plugins/enrichment/MethodCallResolver.d.ts.map +1 -1
package/dist/plugins/enrichment/MethodCallResolver.js +15 -1
package/dist/plugins/enrichment/MountPointResolver.d.ts +14 -12
package/dist/plugins/enrichment/MountPointResolver.d.ts.map +1 -1
package/dist/plugins/enrichment/MountPointResolver.js +172 -151
package/dist/plugins/enrichment/NodejsBuiltinsResolver.d.ts +44 -0
package/dist/plugins/enrichment/NodejsBuiltinsResolver.d.ts.map +1 -0
package/dist/plugins/enrichment/NodejsBuiltinsResolver.js +271 -0
package/dist/plugins/enrichment/ValueDomainAnalyzer.d.ts +5 -27
package/dist/plugins/enrichment/ValueDomainAnalyzer.d.ts.map +1 -1
package/dist/plugins/enrichment/ValueDomainAnalyzer.js +62 -139
package/dist/plugins/indexing/JSModuleIndexer.d.ts +15 -0
package/dist/plugins/indexing/JSModuleIndexer.d.ts.map +1 -1
package/dist/plugins/indexing/JSModuleIndexer.js +58 -0
package/dist/plugins/indexing/RustModuleIndexer.d.ts +1 -1
package/dist/plugins/indexing/RustModuleIndexer.js +4 -4
package/dist/plugins/validation/BrokenImportValidator.d.ts +31 -0
package/dist/plugins/validation/BrokenImportValidator.d.ts.map +1 -0
package/dist/plugins/validation/BrokenImportValidator.js +249 -0
package/dist/plugins/validation/CallResolverValidator.d.ts +21 -10
package/dist/plugins/validation/CallResolverValidator.d.ts.map +1 -1
package/dist/plugins/validation/CallResolverValidator.js +101 -76
package/dist/plugins/validation/DataFlowValidator.d.ts.map +1 -1
package/dist/plugins/validation/DataFlowValidator.js +49 -41
package/dist/plugins/validation/GraphConnectivityValidator.d.ts.map +1 -1
package/dist/plugins/validation/GraphConnectivityValidator.js +25 -1
package/dist/plugins/validation/SQLInjectionValidator.d.ts.map +1 -1
package/dist/plugins/validation/SQLInjectionValidator.js +2 -3
package/dist/queries/findCallsInFunction.d.ts +52 -0
package/dist/queries/findCallsInFunction.d.ts.map +1 -0
package/dist/queries/findCallsInFunction.js +135 -0
package/dist/queries/findContainingFunction.d.ts +45 -0
package/dist/queries/findContainingFunction.d.ts.map +1 -0
package/dist/queries/findContainingFunction.js +54 -0
package/dist/queries/index.d.ts +14 -0
package/dist/queries/index.d.ts.map +1 -0
package/dist/queries/index.js +11 -0
package/dist/queries/traceValues.d.ts +70 -0
package/dist/queries/traceValues.d.ts.map +1 -0
package/dist/queries/traceValues.js +299 -0
package/dist/queries/types.d.ts +163 -0
package/dist/queries/types.d.ts.map +1 -0
package/dist/queries/types.js +9 -0
package/dist/schema/GraphSchemaExtractor.d.ts +53 -0
package/dist/schema/GraphSchemaExtractor.d.ts.map +1 -0
package/dist/schema/GraphSchemaExtractor.js +124 -0
package/dist/schema/InterfaceSchemaExtractor.d.ts +73 -0
package/dist/schema/InterfaceSchemaExtractor.d.ts.map +1 -0
package/dist/schema/InterfaceSchemaExtractor.js +112 -0
package/dist/schema/index.d.ts +5 -0
package/dist/schema/index.d.ts.map +1 -0
package/dist/schema/index.js +2 -0
package/dist/storage/backends/RFDBServerBackend.d.ts +13 -18
package/dist/storage/backends/RFDBServerBackend.d.ts.map +1 -1
package/dist/storage/backends/RFDBServerBackend.js +47 -51
package/dist/storage/backends/typeValidation.d.ts.map +1 -1
package/dist/storage/backends/typeValidation.js +1 -0
package/package.json +3 -3
package/src/Orchestrator.ts +35 -3
package/src/config/ConfigLoader.ts +94 -3
package/src/core/FileExplainer.ts +179 -0
package/src/core/NodeFactory.ts +72 -8
package/src/core/nodes/ArrayLiteralNode.ts +3 -2
package/src/core/nodes/BranchNode.ts +113 -0
package/src/core/nodes/CallSiteNode.ts +7 -5
package/src/core/nodes/CaseNode.ts +123 -0
package/src/core/nodes/ClassNode.ts +6 -4
package/src/core/nodes/ConstantNode.ts +5 -4
package/src/core/nodes/ConstructorCallNode.ts +217 -0
package/src/core/nodes/DatabaseQueryNode.ts +5 -1
package/src/core/nodes/DecoratorNode.ts +4 -3
package/src/core/nodes/EnumNode.ts +4 -3
package/src/core/nodes/EventListenerNode.ts +7 -4
package/src/core/nodes/ExportNode.ts +6 -4
package/src/core/nodes/ExpressionNode.ts +5 -4
package/src/core/nodes/ExternalModuleNode.ts +11 -2
package/src/core/nodes/HttpRequestNode.ts +7 -4
package/src/core/nodes/ImportNode.ts +31 -4
package/src/core/nodes/InterfaceNode.ts +4 -3
package/src/core/nodes/LiteralNode.ts +5 -4
package/src/core/nodes/MethodCallNode.ts +7 -5
package/src/core/nodes/MethodNode.ts +6 -4
package/src/core/nodes/ObjectLiteralNode.ts +3 -2
package/src/core/nodes/ParameterNode.ts +4 -3
package/src/core/nodes/TypeNode.ts +4 -3
package/src/core/nodes/VariableDeclarationNode.ts +7 -5
package/src/core/nodes/index.ts +3 -0
package/src/data/builtins/BuiltinRegistry.ts +124 -0
package/src/data/builtins/definitions.ts +267 -0
package/src/data/builtins/index.ts +10 -0
package/src/data/builtins/jsGlobals.ts +28 -0
package/src/data/builtins/types.ts +36 -0
package/src/data/globals/definitions.ts +156 -0
package/src/data/globals/index.ts +66 -0
package/src/diagnostics/DiagnosticReporter.ts +120 -0
package/src/diagnostics/index.ts +1 -1
package/src/errors/GrafemaError.ts +65 -0
package/src/index.ts +45 -0
package/src/plugins/analysis/DatabaseAnalyzer.ts +4 -2
package/src/plugins/analysis/ExpressAnalyzer.ts +5 -1
package/src/plugins/analysis/ExpressResponseAnalyzer.ts +636 -0
package/src/plugins/analysis/ExpressRouteAnalyzer.ts +57 -18
package/src/plugins/analysis/FetchAnalyzer.ts +204 -16
package/src/plugins/analysis/JSASTAnalyzer.ts +2958 -260
package/src/plugins/analysis/RustAnalyzer.ts +4 -4
package/src/plugins/analysis/SQLiteAnalyzer.ts +5 -2
package/src/plugins/analysis/SocketIOAnalyzer.ts +121 -7
package/src/plugins/analysis/ast/GraphBuilder.ts +1578 -70
package/src/plugins/analysis/ast/types.ts +387 -0
package/src/plugins/analysis/ast/visitors/ASTVisitor.ts +8 -0
package/src/plugins/analysis/ast/visitors/CallExpressionVisitor.ts +16 -1
package/src/plugins/analysis/ast/visitors/FunctionVisitor.ts +77 -2
package/src/plugins/analysis/ast/visitors/ImportExportVisitor.ts +112 -1
package/src/plugins/analysis/ast/visitors/VariableVisitor.ts +272 -47
package/src/plugins/discovery/WorkspaceDiscovery.ts +11 -4
package/src/plugins/enrichment/AliasTracker.ts +22 -1
package/src/plugins/enrichment/ArgumentParameterLinker.ts +240 -0
package/src/plugins/enrichment/ClosureCaptureEnricher.ts +267 -0
package/src/plugins/enrichment/ExternalCallResolver.ts +262 -0
package/src/plugins/enrichment/FunctionCallResolver.ts +456 -0
package/src/plugins/enrichment/HTTPConnectionEnricher.ts +70 -20
package/src/plugins/enrichment/MethodCallResolver.ts +21 -1
package/src/plugins/enrichment/MountPointResolver.ts +206 -198
package/src/plugins/enrichment/NodejsBuiltinsResolver.ts +365 -0
package/src/plugins/enrichment/ValueDomainAnalyzer.ts +67 -184
package/src/plugins/indexing/JSModuleIndexer.ts +66 -0
package/src/plugins/indexing/RustModuleIndexer.ts +4 -4
package/src/plugins/validation/BrokenImportValidator.ts +325 -0
package/src/plugins/validation/CallResolverValidator.ts +129 -109
package/src/plugins/validation/DataFlowValidator.ts +75 -58
package/src/plugins/validation/GraphConnectivityValidator.ts +39 -1
package/src/plugins/validation/SQLInjectionValidator.ts +2 -5
package/src/queries/README.md +46 -0
package/src/queries/findCallsInFunction.ts +206 -0
package/src/queries/findContainingFunction.ts +83 -0
package/src/queries/index.ts +23 -0
package/src/queries/traceValues.ts +398 -0
package/src/queries/types.ts +187 -0
package/src/schema/GraphSchemaExtractor.ts +177 -0
package/src/schema/InterfaceSchemaExtractor.ts +173 -0
package/src/schema/index.ts +5 -0
package/src/storage/backends/RFDBServerBackend.ts +64 -68
package/src/storage/backends/typeValidation.ts +1 -0

package/dist/plugins/enrichment/NodejsBuiltinsResolver.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"NodejsBuiltinsResolver.d.ts","sourceRoot":"","sources":["../../../src/plugins/enrichment/NodejsBuiltinsResolver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,OAAO,EAAE,MAAM,EAAuB,MAAM,cAAc,CAAC;AAC3D,OAAO,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAsBhF,qBAAa,sBAAuB,SAAQ,MAAM;IAChD,OAAO,CAAC,QAAQ,CAAkB;gBAEtB,MAAM,GAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAM;IAKhD,IAAI,QAAQ,IAAI,cAAc,CAW7B;IAEK,OAAO,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;IA6K5D;;;;OAIG;YACW,gBAAgB;IA2C9B;;;;;;;OAOG;IACH,OAAO,CAAC,kBAAkB;CAsE3B"}

package/dist/plugins/enrichment/NodejsBuiltinsResolver.js ADDED Viewed

@@ -0,0 +1,271 @@
+/**
+ * NodejsBuiltinsResolver - Creates EXTERNAL_FUNCTION nodes for Node.js builtin calls (REG-218)
+ *
+ * This ENRICHMENT plugin:
+ * 1. Queries all CALL nodes
+ * 2. For each call that targets a builtin function:
+ *    - Checks if call's `object` matches a builtin module (fs, path, etc.)
+ *    - Or traces via IMPORT node to find the module source
+ * 3. Creates EXTERNAL_FUNCTION node lazily (if not exists)
+ * 4. Creates CALLS edge from CALL to EXTERNAL_FUNCTION
+ *
+ * Architecture:
+ * - Nodes are created lazily - only when a call is detected
+ * - ID format: EXTERNAL_FUNCTION:fs.readFile
+ * - Metadata includes: isBuiltin:true, security?, pure?
+ *
+ * Also creates:
+ * - EXTERNAL_MODULE nodes for imported builtin modules
+ * - IMPORTS_FROM edges from IMPORT to EXTERNAL_MODULE
+ */
+import { Plugin, createSuccessResult } from '../Plugin.js';
+import { BuiltinRegistry } from '../../data/builtins/BuiltinRegistry.js';
+export class NodejsBuiltinsResolver extends Plugin {
+    registry;
+    constructor(config = {}) {
+        super(config);
+        this.registry = new BuiltinRegistry();
+    }
+    get metadata() {
+        return {
+            name: 'NodejsBuiltinsResolver',
+            phase: 'ENRICHMENT',
+            priority: 45, // After ImportExportLinker (90), before/around MethodCallResolver (50)
+            creates: {
+                nodes: ['EXTERNAL_FUNCTION', 'EXTERNAL_MODULE'],
+                edges: ['CALLS', 'IMPORTS_FROM']
+            },
+            dependencies: ['JSASTAnalyzer', 'ImportExportLinker']
+        };
+    }
+    async execute(context) {
+        const { graph, onProgress } = context;
+        const logger = this.log(context);
+        logger.info('Starting Node.js builtins resolution');
+        const startTime = Date.now();
+        // Track created nodes and edges to avoid duplicates
+        const createdExternalFunctions = new Set();
+        const createdExternalModules = new Set();
+        const createdCallsEdges = new Set();
+        const createdImportsFromEdges = new Set();
+        // Build import index: local name -> {source, imported}
+        // For tracking what module each imported function comes from
+        const importIndex = await this.buildImportIndex(graph);
+        logger.debug('Built import index', { entries: importIndex.size });
+        // Step 1: Create EXTERNAL_MODULE nodes for builtin imports
+        // and IMPORTS_FROM edges
+        let externalModulesCreated = 0;
+        let importsFromEdgesCreated = 0;
+        for (const [, importInfo] of importIndex) {
+            const { source, file, localName, importNodeId, importType } = importInfo;
+            const normalizedSource = this.registry.normalizeModule(source);
+            if (this.registry.isBuiltinModule(normalizedSource)) {
+                // Create EXTERNAL_MODULE node if not exists
+                if (!createdExternalModules.has(normalizedSource)) {
+                    const moduleNodeId = `EXTERNAL_MODULE:${normalizedSource}`;
+                    // Check if node already exists in graph
+                    const existingNode = await graph.getNode(moduleNodeId);
+                    if (!existingNode) {
+                        await graph.addNode({
+                            id: moduleNodeId,
+                            type: 'EXTERNAL_MODULE',
+                            name: normalizedSource,
+                            file: '',
+                            line: 0
+                        });
+                        externalModulesCreated++;
+                    }
+                    createdExternalModules.add(normalizedSource);
+                }
+                // Create IMPORTS_FROM edge from IMPORT to EXTERNAL_MODULE
+                const moduleNodeId = `EXTERNAL_MODULE:${normalizedSource}`;
+                const edgeKey = `${importNodeId}:${moduleNodeId}`;
+                if (!createdImportsFromEdges.has(edgeKey) && importNodeId) {
+                    // Check if edge already exists
+                    const existingEdges = await graph.getOutgoingEdges(importNodeId, ['IMPORTS_FROM']);
+                    const alreadyExists = existingEdges.some(e => e.dst === moduleNodeId);
+                    if (!alreadyExists) {
+                        await graph.addEdge({
+                            type: 'IMPORTS_FROM',
+                            src: importNodeId,
+                            dst: moduleNodeId
+                        });
+                        importsFromEdgesCreated++;
+                    }
+                    createdImportsFromEdges.add(edgeKey);
+                }
+            }
+        }
+        logger.debug('Created EXTERNAL_MODULE nodes', { count: externalModulesCreated });
+        logger.debug('Created IMPORTS_FROM edges', { count: importsFromEdgesCreated });
+        // Step 2: Process all CALL nodes
+        const allCalls = [];
+        for await (const node of graph.queryNodes({ nodeType: 'CALL' })) {
+            allCalls.push(node);
+        }
+        logger.info('Found CALL nodes to process', { count: allCalls.length });
+        let nodesCreated = 0;
+        let edgesCreated = 0;
+        let processed = 0;
+        for (const callNode of allCalls) {
+            processed++;
+            // Progress reporting
+            if (onProgress && processed % 100 === 0) {
+                onProgress({
+                    phase: 'enrichment',
+                    currentPlugin: 'NodejsBuiltinsResolver',
+                    message: `Processing calls ${processed}/${allCalls.length}`,
+                    totalFiles: allCalls.length,
+                    processedFiles: processed
+                });
+            }
+            // Determine module and function name
+            const resolution = this.resolveBuiltinCall(callNode, importIndex);
+            if (!resolution) {
+                continue;
+            }
+            const { moduleName, functionName } = resolution;
+            // Check if this is a known builtin function
+            const funcDef = this.registry.getFunction(moduleName, functionName);
+            if (!funcDef) {
+                continue;
+            }
+            // Create EXTERNAL_FUNCTION node if not exists
+            const externalFuncId = this.registry.createNodeId(moduleName, functionName);
+            if (!createdExternalFunctions.has(externalFuncId)) {
+                // Check if node already exists in graph
+                const existingNode = await graph.getNode(externalFuncId);
+                if (!existingNode) {
+                    await graph.addNode({
+                        id: externalFuncId,
+                        type: 'EXTERNAL_FUNCTION',
+                        name: `${this.registry.normalizeModule(moduleName)}.${functionName}`,
+                        file: '',
+                        line: 0,
+                        isBuiltin: true,
+                        ...(funcDef.security && { security: funcDef.security }),
+                        ...(funcDef.pure !== undefined && { pure: funcDef.pure })
+                    });
+                    nodesCreated++;
+                }
+                createdExternalFunctions.add(externalFuncId);
+            }
+            // Create CALLS edge from CALL to EXTERNAL_FUNCTION
+            const edgeKey = `${callNode.id}:${externalFuncId}`;
+            if (!createdCallsEdges.has(edgeKey)) {
+                // Check if CALLS edge already exists
+                const existingEdges = await graph.getOutgoingEdges(callNode.id, ['CALLS']);
+                const alreadyExists = existingEdges.some(e => e.dst === externalFuncId);
+                if (!alreadyExists) {
+                    await graph.addEdge({
+                        type: 'CALLS',
+                        src: callNode.id,
+                        dst: externalFuncId
+                    });
+                    edgesCreated++;
+                }
+                createdCallsEdges.add(edgeKey);
+            }
+        }
+        const totalTime = ((Date.now() - startTime) / 1000).toFixed(2);
+        const summary = {
+            callsProcessed: processed,
+            externalFunctionsCreated: nodesCreated,
+            externalModulesCreated,
+            callsEdgesCreated: edgesCreated,
+            importsFromEdgesCreated,
+            time: `${totalTime}s`
+        };
+        logger.info('Complete', summary);
+        return createSuccessResult({
+            nodes: nodesCreated + externalModulesCreated,
+            edges: edgesCreated + importsFromEdgesCreated
+        }, summary);
+    }
+    /**
+     * Build index of imports for tracking module sources.
+     *
+     * Maps: file:localName -> {source, imported, importNodeId, importType}
+     */
+    async buildImportIndex(graph) {
+        const index = new Map();
+        for await (const node of graph.queryNodes({ nodeType: 'IMPORT' })) {
+            const importNode = node;
+            if (!importNode.source || !importNode.file)
+                continue;
+            const localName = importNode.name;
+            const imported = importNode.imported || localName;
+            const importType = importNode.importType;
+            // Key: file:localName - for looking up what module a local name comes from
+            const key = `${importNode.file}:${localName}`;
+            index.set(key, {
+                source: importNode.source,
+                imported,
+                localName,
+                file: importNode.file,
+                importNodeId: importNode.id,
+                importType
+            });
+        }
+        return index;
+    }
+    /**
+     * Resolve a CALL node to its builtin module and function.
+     *
+     * Handles:
+     * 1. Method calls: fs.readFile() -> {module: 'fs', function: 'readFile'}
+     * 2. Direct calls from imports: readFile() -> trace to import source
+     * 3. Aliased imports: rf() where rf = readFile from 'fs'
+     */
+    resolveBuiltinCall(callNode, importIndex) {
+        const file = callNode.file;
+        if (!file)
+            return null;
+        // Case 1: Method call - obj.method()
+        if (callNode.object && callNode.method) {
+            const objectName = callNode.object;
+            const methodName = callNode.method;
+            // Check if objectName is a namespace import (import * as fs from 'fs')
+            const importKey = `${file}:${objectName}`;
+            const importInfo = importIndex.get(importKey);
+            if (importInfo) {
+                // Object is an imported namespace or module
+                const normalizedSource = this.registry.normalizeModule(importInfo.source);
+                if (this.registry.isBuiltinModule(normalizedSource)) {
+                    return {
+                        moduleName: normalizedSource,
+                        functionName: methodName
+                    };
+                }
+            }
+            // Check if objectName directly matches a builtin module
+            // (for cases like: const fs = require('fs'); fs.readFile())
+            if (this.registry.isBuiltinModule(objectName)) {
+                return {
+                    moduleName: this.registry.normalizeModule(objectName),
+                    functionName: methodName
+                };
+            }
+            return null;
+        }
+        // Case 2: Direct call - funcName()
+        const calleeName = callNode.name || callNode.callee;
+        if (!calleeName)
+            return null;
+        // Look up in import index
+        const importKey = `${file}:${calleeName}`;
+        const importInfo = importIndex.get(importKey);
+        if (importInfo) {
+            const normalizedSource = this.registry.normalizeModule(importInfo.source);
+            if (this.registry.isBuiltinModule(normalizedSource)) {
+                // Use the original imported name, not the alias
+                const originalName = importInfo.imported || calleeName;
+                return {
+                    moduleName: normalizedSource,
+                    functionName: originalName
+                };
+            }
+        }
+        return null;
+    }
+}

package/dist/plugins/enrichment/ValueDomainAnalyzer.d.ts CHANGED Viewed

@@ -16,21 +16,8 @@ import { Plugin } from '../Plugin.js';
 import type { PluginMetadata, PluginContext, PluginResult } from '../Plugin.js';
 import type { NodeRecord } from '@grafema/types';
 import type { EdgeRecord } from '@grafema/types';
-interface ExpressionNode {
-    id: string;
-    type: string;
-    name?: string;
-    file?: string;
-    line?: number;
-    expressionType?: string;
-    object?: string;
-    property?: string;
-    attrs?: {
-        expressionType?: string;
-        object?: string;
-        property?: string;
-    };
-}
+import { NONDETERMINISTIC_PATTERNS, NONDETERMINISTIC_OBJECTS } from '../../queries/traceValues.js';
+export { NONDETERMINISTIC_PATTERNS, NONDETERMINISTIC_OBJECTS };
 interface Constraint {
     variable?: string;
     operator?: string;
@@ -48,10 +35,6 @@ interface ValueSetAtNodeResult extends ValueSetResult {
     globalValues: unknown[];
     globalHasUnknown: boolean;
 }
-interface NondeterministicPattern {
-    object: string;
-    property: string;
-}
 interface Graph {
     queryNodes(filter: {
         nodeType: string;
@@ -69,8 +52,6 @@ interface Graph {
 }
 export declare class ValueDomainAnalyzer extends Plugin {
     static MAX_DEPTH: number;
-    static NONDETERMINISTIC_PATTERNS: NondeterministicPattern[];
-    static NONDETERMINISTIC_OBJECTS: string[];
     get metadata(): PluginMetadata;
     execute(context: PluginContext): Promise<PluginResult>;
     /**
@@ -99,13 +80,10 @@ export declare class ValueDomainAnalyzer extends Plugin {
      */
     applySingleConstraint(valueSet: ValueSetResult, constraint: Constraint, variableName: string): ValueSetResult;
     /**
-     * Check if an EXPRESSION node represents a nondeterministic source
-     */
-    isNondeterministicExpression(node: ExpressionNode): boolean;
-    /**
-     * Recursive value set tracing through ASSIGNED_FROM edges
+     * Recursive value set tracing through ASSIGNED_FROM edges.
+     * Delegates to shared traceValues utility (REG-244).
      */
-    traceValueSet(node: NodeRecord, graph: Graph, visited: Set<string>, depth: number): Promise<ValueSetResult>;
+    traceValueSet(node: NodeRecord, graph: Graph, _visited: Set<string>, depth: number): Promise<ValueSetResult>;
     /**
      * Find method by object name and method name
      */

package/dist/plugins/enrichment/ValueDomainAnalyzer.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ValueDomainAnalyzer.d.ts","sourceRoot":"","sources":["../../../src/plugins/enrichment/ValueDomainAnalyzer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,MAAM,EAAuB,MAAM,cAAc,CAAC;AAC3D,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAChF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;~~AA0BjD~~,~~UAAU~~,~~cAAc;IACtB~~,~~EAAE~~,~~EAAE~~,~~MAAM~~,~~CAAC;IACX~~,~~IAAI,EAAE,~~MAAM,~~CAAC;IACb~~,~~IAAI,~~CAAC~~,EAAE,MAAM,CAAC~~;~~IACd~~,~~IAAI~~,~~CAAC,~~EAAE,~~MAAM~~,~~CAAC;IACd,IAAI,CAAC,~~EAAE,~~MAAM~~,~~CAAC;IACd,cAAc,CAAC,~~EAAE,~~MAAM,~~CAAC;~~IACxB~~,~~MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE;QACN,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,CAAC;CACH;AAaD,~~UAAU,UAAU;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,EAAE,CAAC;IACnB,IAAI,CAAC,EAAE,IAAI,GAAG,KAAK,CAAC;IACpB,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;CAC5B;AAED,UAAU,cAAc;IACtB,MAAM,EAAE,OAAO,EAAE,CAAC;IAClB,UAAU,EAAE,OAAO,CAAC;CACrB;AAED,UAAU,oBAAqB,SAAQ,cAAc;IACnD,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,YAAY,EAAE,OAAO,EAAE,CAAC;IACxB,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAED,UAAU,~~uBAAuB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,UAAU,~~KAAK;IACb,UAAU,CAAC,MAAM,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;IACpE,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;IAChD,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;IACxD,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;IACxD,OAAO,CAAC,IAAI,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;IACpH,UAAU,CAAC,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACpE;AAYD,qBAAa,mBAAoB,SAAQ,MAAM;IAC7C,MAAM,CAAC,SAAS,SAAM;~~IAItB~~,~~MAAM,CAAC,yBAAyB,EAAE,uBAAuB,EAAE,CAiBzD;IAGF,MAAM,CAAC,wBAAwB,EAAE,MAAM,EAAE,CAOvC;IAEF,~~IAAI,QAAQ,IAAI,cAAc,CAU7B;IAEK,OAAO,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;IAiH5D;;OAEG;IACG,WAAW,CAAC,YAAY,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,GAAG,OAAO,CAAC,cAAc,CAAC;IAoD5F;;;OAGG;IACG,iBAAiB,CACrB,YAAY,EAAE,MAAM,EACpB,IAAI,EAAE,UAAU,GAAG;QAAE,aAAa,CAAC,EAAE,MAAM,CAAA;KAAE,EAC7C,KAAK,EAAE,KAAK,GACX,OAAO,CAAC,oBAAoB,CAAC;IA2BhC;;OAEG;IACG,sBAAsB,CAC1B,IAAI,EAAE,UAAU,GAAG;QAAE,aAAa,CAAC,EAAE,MAAM,CAAA;KAAE,EAC7C,KAAK,EAAE,KAAK,GACX,OAAO,CAAC,UAAU,EAAE,CAAC;IAiCxB;;OAEG;IACH,gBAAgB,CACd,QAAQ,EAAE,cAAc,EACxB,WAAW,EAAE,UAAU,EAAE,EACzB,YAAY,EAAE,MAAM,GACnB,cAAc;IAiBjB;;OAEG;IACH,qBAAqB,CACnB,QAAQ,EAAE,cAAc,EACxB,UAAU,EAAE,UAAU,EACtB,YAAY,EAAE,MAAM,GACnB,cAAc;IA2EjB~~;;OAEG~~;~~IACH,4BAA4B,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO;IA+B3D;;OAEG;~~IACG,aAAa,CACjB,IAAI,EAAE,UAAU,EAChB,KAAK,EAAE,KAAK,EACZ,~~OAAO~~,EAAE,GAAG,CAAC,MAAM,CAAC,~~EACpB~~,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,cAAc,CAAC;~~IA0F1B~~;;OAEG;IACG,UAAU,CACd,UAAU,EAAE,MAAM,EAClB,UAAU,EAAE,MAAM,EAClB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,KAAK,GACX,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;~~IAkC7B~~;;;;;;;OAOG;IACG,wBAAwB,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC;QACzF,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;QACpB,gBAAgB,EAAE,MAAM,CAAC;QACzB,cAAc,EAAE,MAAM,CAAC;QACvB,iBAAiB,EAAE,MAAM,CAAC;QAC1B,KAAK,EAAE,MAAM,CAAC;KACf,CAAC;~~CAsHH~~;AAED,eAAe,mBAAmB,CAAC"}
1	+ {"version":3,"file":"ValueDomainAnalyzer.d.ts","sourceRoot":"","sources":["../../../src/plugins/enrichment/ValueDomainAnalyzer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,MAAM,EAAuB,MAAM,cAAc,CAAC;AAC3D,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAChF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAGL,yBAAyB,EACzB,wBAAwB,EACzB,MAAM,8BAA8B,CAAC;AAGtC,OAAO,EAAE,yBAAyB,EAAE,wBAAwB,EAAE,CAAC;AAqC/D,UAAU,UAAU;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,EAAE,CAAC;IACnB,IAAI,CAAC,EAAE,IAAI,GAAG,KAAK,CAAC;IACpB,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;CAC5B;AAED,UAAU,cAAc;IACtB,MAAM,EAAE,OAAO,EAAE,CAAC;IAClB,UAAU,EAAE,OAAO,CAAC;CACrB;AAED,UAAU,oBAAqB,SAAQ,cAAc;IACnD,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,YAAY,EAAE,OAAO,EAAE,CAAC;IACxB,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAED,UAAU,KAAK;IACb,UAAU,CAAC,MAAM,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;IACpE,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;IAChD,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;IACxD,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;IACxD,OAAO,CAAC,IAAI,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;IACpH,UAAU,CAAC,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACpE;AAYD,qBAAa,mBAAoB,SAAQ,MAAM;IAC7C,MAAM,CAAC,SAAS,SAAM;IAEtB,IAAI,QAAQ,IAAI,cAAc,CAU7B;IAEK,OAAO,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;IAiH5D;;OAEG;IACG,WAAW,CAAC,YAAY,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,GAAG,OAAO,CAAC,cAAc,CAAC;IAoD5F;;;OAGG;IACG,iBAAiB,CACrB,YAAY,EAAE,MAAM,EACpB,IAAI,EAAE,UAAU,GAAG;QAAE,aAAa,CAAC,EAAE,MAAM,CAAA;KAAE,EAC7C,KAAK,EAAE,KAAK,GACX,OAAO,CAAC,oBAAoB,CAAC;IA2BhC;;OAEG;IACG,sBAAsB,CAC1B,IAAI,EAAE,UAAU,GAAG;QAAE,aAAa,CAAC,EAAE,MAAM,CAAA;KAAE,EAC7C,KAAK,EAAE,KAAK,GACX,OAAO,CAAC,UAAU,EAAE,CAAC;IAiCxB;;OAEG;IACH,gBAAgB,CACd,QAAQ,EAAE,cAAc,EACxB,WAAW,EAAE,UAAU,EAAE,EACzB,YAAY,EAAE,MAAM,GACnB,cAAc;IAiBjB;;OAEG;IACH,qBAAqB,CACnB,QAAQ,EAAE,cAAc,EACxB,UAAU,EAAE,UAAU,EACtB,YAAY,EAAE,MAAM,GACnB,cAAc;IA2EjB;;;OAGG;IACG,aAAa,CACjB,IAAI,EAAE,UAAU,EAChB,KAAK,EAAE,KAAK,EACZ,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,EACrB,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,cAAc,CAAC;IAyD1B;;OAEG;IACG,UAAU,CACd,UAAU,EAAE,MAAM,EAClB,UAAU,EAAE,MAAM,EAClB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,KAAK,GACX,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IA8B7B;;;;;;;OAOG;IACG,wBAAwB,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC;QACzF,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;QACpB,gBAAgB,EAAE,MAAM,CAAC;QACzB,cAAc,EAAE,MAAM,CAAC;QACvB,iBAAiB,EAAE,MAAM,CAAC;QAC1B,KAAK,EAAE,MAAM,CAAC;KACf,CAAC;CAkHH;AAED,eAAe,mBAAmB,CAAC"}

package/dist/plugins/enrichment/ValueDomainAnalyzer.js CHANGED Viewed

@@ -13,37 +13,11 @@
  * - CALL -> CALLS -> METHOD (with isConditional: true for conditional calls)
  */
 import { Plugin, createSuccessResult } from '../Plugin.js';
+import { traceValues, aggregateValues, NONDETERMINISTIC_PATTERNS, NONDETERMINISTIC_OBJECTS, } from '../../queries/traceValues.js';
+// Re-export for backward compatibility
+export { NONDETERMINISTIC_PATTERNS, NONDETERMINISTIC_OBJECTS };
 export class ValueDomainAnalyzer extends Plugin {
     static MAX_DEPTH = 10; // Maximum depth for tracing
-    // Nondeterministic MemberExpression patterns
-    // object.property patterns that are external/user input
-    static NONDETERMINISTIC_PATTERNS = [
-        // Environment variables
-        { object: 'process', property: 'env' },
-        // HTTP request data (Express.js patterns)
-        { object: 'req', property: 'body' },
-        { object: 'req', property: 'query' },
-        { object: 'req', property: 'params' },
-        { object: 'req', property: 'headers' },
-        { object: 'req', property: 'cookies' },
-        { object: 'request', property: 'body' },
-        { object: 'request', property: 'query' },
-        { object: 'request', property: 'params' },
-        // Context patterns (Koa, etc.)
-        { object: 'ctx', property: 'request' },
-        { object: 'ctx', property: 'body' },
-        { object: 'ctx', property: 'query' },
-        { object: 'ctx', property: 'params' },
-    ];
-    // Nondeterministic object prefixes (any property access is nondeterministic)
-    static NONDETERMINISTIC_OBJECTS = [
-        'process.env', // process.env.ANY_VAR
-        'req.body', // req.body.userId
-        'req.query', // req.query.filter
-        'req.params', // req.params.id
-        'request.body',
-        'ctx.request',
-    ];
     get metadata() {
         return {
             name: 'ValueDomainAnalyzer',
@@ -327,107 +301,63 @@ export class ValueDomainAnalyzer extends Plugin {
         }
     }
     /**
-     * Check if an EXPRESSION node represents a nondeterministic source
+     * Recursive value set tracing through ASSIGNED_FROM edges.
+     * Delegates to shared traceValues utility (REG-244).
      */
-    isNondeterministicExpression(node) {
-        const expressionType = node.expressionType || node.attrs?.expressionType;
-        if (expressionType !== 'MemberExpression') {
-            return false;
-        }
-        const object = node.object || node.attrs?.object;
-        const property = node.property || node.attrs?.property;
-        if (!object || !property) {
-            return false;
-        }
-        // Check exact patterns (object.property)
-        for (const pattern of ValueDomainAnalyzer.NONDETERMINISTIC_PATTERNS) {
-            if (object === pattern.object && property === pattern.property) {
-                return true;
-            }
-        }
-        // Check if object is a known nondeterministic prefix
-        // e.g., process.env.VAR where object is 'process.env'
-        for (const prefix of ValueDomainAnalyzer.NONDETERMINISTIC_OBJECTS) {
-            if (object === prefix || object.startsWith(prefix + '.')) {
-                return true;
-            }
-        }
-        return false;
-    }
-    /**
-     * Recursive value set tracing through ASSIGNED_FROM edges
-     */
-    async traceValueSet(node, graph, visited, depth) {
-        const result = { values: [], hasUnknown: false };
-        // Cycle protection
-        if (visited.has(node.id)) {
-            return result;
-        }
-        visited.add(node.id);
-        // Depth protection
-        if (depth > ValueDomainAnalyzer.MAX_DEPTH) {
-            result.hasUnknown = true;
-            return result;
-        }
-        // Support both fields: nodeType (from getNode) and type (alias)
-        const nodeType = node.nodeType ||
-            node.type;
-        // If it's a LITERAL - add value
-        if (nodeType === 'LITERAL') {
-            const value = node.value;
-            if (value !== undefined && value !== null) {
-                result.values.push(value);
-            }
-            return result;
-        }
-        // If it's a PARAMETER or nondeterministic source
-        if (nodeType === 'PARAMETER') {
-            result.hasUnknown = true;
-            return result;
-        }
-        // If it's a CALL - consider nondeterministic (for now)
-        if (nodeType === 'CALL') {
-            result.hasUnknown = true;
-            return result;
-        }
-        // If it's an EXPRESSION - check nondeterministic patterns
-        if (nodeType === 'EXPRESSION') {
-            if (this.isNondeterministicExpression(node)) {
-                result.hasUnknown = true;
-                return result;
-            }
-        }
-        // Follow ASSIGNED_FROM and DERIVES_FROM edges
-        // DERIVES_FROM is used for template literals and other composite expressions
-        const outgoing = await graph.getOutgoingEdges(node.id);
-        // edgeType (from getOutgoingEdges) or edge_type (from other APIs)
-        const dataFlowEdges = outgoing.filter(e => {
-            const edgeType = e.edgeType ||
-                e.edge_type;
-            return edgeType === 'ASSIGNED_FROM' || edgeType === 'DERIVES_FROM';
+    async traceValueSet(node, graph, _visited, depth) {
+        // Create adapter from Graph interface to TraceValuesGraphBackend
+        const backend = {
+            getNode: async (id) => {
+                const n = await graph.getNode(id);
+                if (!n)
+                    return null;
+                return {
+                    id: n.id,
+                    type: n.type,
+                    nodeType: n.nodeType,
+                    value: n.value,
+                    file: n.file,
+                    line: n.line,
+                    expressionType: n.expressionType,
+                    object: n.object,
+                    property: n.property,
+                };
+            },
+            getOutgoingEdges: async (nodeId, edgeTypes) => {
+                const edges = await graph.getOutgoingEdges(nodeId);
+                const filtered = edgeTypes === null
+                    ? edges
+                    : edges.filter(e => edgeTypes.includes(e.type));
+                return filtered.map(e => ({
+                    src: e.src ||
+                        e.source_id || '',
+                    dst: e.dst ||
+                        e.target_id || '',
+                    type: e.type,
+                }));
+            },
+            // REG-334: getIncomingEdges required for Promise tracing
+            getIncomingEdges: async (nodeId, edgeTypes) => {
+                const edges = await graph.getIncomingEdges(nodeId);
+                const filtered = edgeTypes === null
+                    ? edges
+                    : edges.filter(e => edgeTypes.includes(e.type));
+                return filtered.map(e => ({
+                    src: e.src ||
+                        e.source_id || '',
+                    dst: e.dst ||
+                        e.target_id || '',
+                    type: e.type,
+                }));
+            },
+        };
+        // Use shared utility
+        const traced = await traceValues(backend, node.id, {
+            maxDepth: ValueDomainAnalyzer.MAX_DEPTH - depth,
+            followDerivesFrom: true,
+            detectNondeterministic: true,
         });
-        if (dataFlowEdges.length === 0) {
-            // No sources - unknown
-            result.hasUnknown = true;
-            return result;
-        }
-        // Recursively trace each source
-        for (const edge of dataFlowEdges) {
-            // dst (from getOutgoingEdges) or target_id (from other APIs)
-            const targetId = edge.dst ||
-                edge.target_id;
-            if (!targetId)
-                continue;
-            const sourceNode = await graph.getNode(targetId);
-            if (!sourceNode)
-                continue;
-            const sourceResult = await this.traceValueSet(sourceNode, graph, visited, depth + 1);
-            sourceResult.values.forEach(v => result.values.push(v));
-            if (sourceResult.hasUnknown) {
-                result.hasUnknown = true;
-            }
-        }
-        return result;
+        return aggregateValues(traced);
     }
     /**
      * Find method by object name and method name
@@ -440,11 +370,7 @@ export class ValueDomainAnalyzer extends Plugin {
                 // Check if this is a method of the right object
                 // Simplified: check via incoming CONTAINS edges from CLASS
                 const incoming = await graph.getIncomingEdges(node.id);
-                const containsEdges = incoming.filter(e => {
-                    const edgeType = e.edgeType ||
-                        e.edge_type;
-                    return edgeType === 'CONTAINS';
-                });
+                const containsEdges = incoming.filter(e => e.type === 'CONTAINS');
                 for (const edge of containsEdges) {
                     const sourceId = edge.src ||
                         edge.source_id;
@@ -486,17 +412,14 @@ export class ValueDomainAnalyzer extends Plugin {
         const processNodeEdges = async (node) => {
             const outgoing = await graph.getOutgoingEdges(node.id);
             for (const edge of outgoing) {
-                const edgeType = edge.edgeType ||
-                    edge.edge_type ||
-                    edge.type;
-                if (edgeType !== 'FLOWS_INTO')
+                if (edge.type !== 'FLOWS_INTO')
                     continue;
                 const edgeKey = `${edge.src}->${edge.dst}:FLOWS_INTO`;
                 if (processedEdges.has(edgeKey))
                     continue;
                 processedEdges.add(edgeKey);
-                const mutationType = edge.mutationType;
-                const computedPropertyVar = edge.computedPropertyVar;
+                const mutationType = edge.metadata?.mutationType;
+                const computedPropertyVar = edge.metadata?.computedPropertyVar;
                 if (mutationType !== 'computed' || !computedPropertyVar)
                     continue;
                 stats.total++;

package/dist/plugins/indexing/JSModuleIndexer.d.ts CHANGED Viewed

@@ -9,11 +9,26 @@ export declare class JSModuleIndexer extends Plugin {
     private cache;
     private testPatterns;
     private markTestFiles;
+    private includePatterns?;
+    private excludePatterns?;
+    private projectPath;
     constructor();
     /**
      * Check if file is a test file based on path patterns
      */
     private isTestFile;
+    /**
+     * Check if a file should be skipped based on include/exclude patterns.
+     *
+     * Logic:
+     * 1. If file matches any exclude pattern -> SKIP
+     * 2. If include patterns specified AND file doesn't match any -> SKIP
+     * 3. Otherwise -> PROCESS
+     *
+     * @param absolutePath - Absolute path to the file
+     * @returns true if file should be skipped, false if it should be processed
+     */
+    private shouldSkipFile;
     get metadata(): PluginMetadata;
     private calculateFileHash;
     /**

package/dist/plugins/indexing/JSModuleIndexer.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"JSModuleIndexer.d.ts","sourceRoot":"","sources":["../../../src/plugins/indexing/JSModuleIndexer.ts"],"names":[],"mappings":"AAAA;;;GAGG;~~AAKH~~,OAAO,EAAE,MAAM,EAAqB,MAAM,cAAc,CAAC;AACzD,OAAO,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAgEhF,qBAAa,eAAgB,SAAQ,MAAM;IACzC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,KAAK,CAAgC;IAC7C,OAAO,CAAC,YAAY,CAAW;IAC/B,OAAO,CAAC,aAAa,CAAU~~;;IAY~~/B;;OAEG;IACH,OAAO,CAAC,UAAU;IAKlB,IAAI,QAAQ,IAAI,cAAc,CAU7B;IAED,OAAO,CAAC,iBAAiB;IASzB;;;;;;OAMG;IACH,OAAO,CAAC,WAAW;IAuEnB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAiBnB,OAAO,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;~~CAqM7D~~"}
1	+ {"version":3,"file":"JSModuleIndexer.d.ts","sourceRoot":"","sources":["../../../src/plugins/indexing/JSModuleIndexer.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,EAAE,MAAM,EAAqB,MAAM,cAAc,CAAC;AACzD,OAAO,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAgEhF,qBAAa,eAAgB,SAAQ,MAAM;IACzC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,KAAK,CAAgC;IAC7C,OAAO,CAAC,YAAY,CAAW;IAC/B,OAAO,CAAC,aAAa,CAAU;IAE/B,OAAO,CAAC,eAAe,CAAC,CAAW;IACnC,OAAO,CAAC,eAAe,CAAC,CAAW;IACnC,OAAO,CAAC,WAAW,CAAc;;IAYjC;;OAEG;IACH,OAAO,CAAC,UAAU;IAKlB;;;;;;;;;;OAUG;IACH,OAAO,CAAC,cAAc;IA0BtB,IAAI,QAAQ,IAAI,cAAc,CAU7B;IAED,OAAO,CAAC,iBAAiB;IASzB;;;;;;OAMG;IACH,OAAO,CAAC,WAAW;IAuEnB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAiBnB,OAAO,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;CA6N7D"}