circle-ir 3.42.0 → 3.44.0

package/dist/core/circle-ir-core.js

@@ -6030,11 +6030,22 @@ function inferJSTypeFromReceiver(receiver) {
 function buildResolutionContext(tree, cache) {
   const context = {
     className: null,
+    packageName: null,
     methodNames: /* @__PURE__ */ new Set(),
     fieldTypes: /* @__PURE__ */ new Map(),
     localVarTypes: /* @__PURE__ */ new Map(),
-    imports: /* @__PURE__ */ new Set()
+    paramTypes: /* @__PURE__ */ new Map(),
+    imports: /* @__PURE__ */ new Map(),
+    wildcardImports: []
   };
+  const packages = getNodesFromCache(tree.rootNode, "package_declaration", cache);
+  if (packages.length > 0) {
+    const text = getNodeText(packages[0]);
+    const match = text.match(/package\s+([a-zA-Z0-9_.]+)/);
+    if (match) {
+      context.packageName = match[1];
+    }
+  }
   const classes = getNodesFromCache(tree.rootNode, "class_declaration", cache);
   if (classes.length > 0) {
     const nameNode = classes[0].childForFieldName("name");
@@ -6048,6 +6059,17 @@ function buildResolutionContext(tree, cache) {
     if (nameNode) {
       context.methodNames.add(getNodeText(nameNode));
     }
+    const paramsNode = method.childForFieldName("parameters");
+    if (paramsNode) {
+      collectParameterTypes(paramsNode, context.paramTypes);
+    }
+  }
+  const constructors = getNodesFromCache(tree.rootNode, "constructor_declaration", cache);
+  for (const ctor of constructors) {
+    const paramsNode = ctor.childForFieldName("parameters");
+    if (paramsNode) {
+      collectParameterTypes(paramsNode, context.paramTypes);
+    }
   }
   const fields = getNodesFromCache(tree.rootNode, "field_declaration", cache);
   for (const field of fields) {
@@ -6080,14 +6102,106 @@ function buildResolutionContext(tree, cache) {
   const imports = getNodesFromCache(tree.rootNode, "import_declaration", cache);
   for (const imp of imports) {
     const text = getNodeText(imp);
-    const match = text.match(/import\s+(?:static\s+)?([a-zA-Z0-9_.]+)/);
-    if (match) {
-      const parts2 = match[1].split(".");
-      context.imports.add(parts2[parts2.length - 1]);
+    const match = text.match(/import\s+(?:static\s+)?([a-zA-Z0-9_.]+)(\.\*)?/);
+    if (!match) continue;
+    const fqn = match[1];
+    const isWildcard = match[2] === ".*";
+    if (isWildcard) {
+      context.wildcardImports.push(fqn);
+    } else {
+      const parts2 = fqn.split(".");
+      const simple = parts2[parts2.length - 1];
+      context.imports.set(simple, fqn);
     }
   }
   return context;
 }
+function collectParameterTypes(paramsNode, out2) {
+  for (let i2 = 0; i2 < paramsNode.childCount; i2++) {
+    const child = paramsNode.child(i2);
+    if (!child) continue;
+    if (child.type !== "formal_parameter" && child.type !== "spread_parameter") {
+      continue;
+    }
+    const typeNode = child.childForFieldName("type");
+    const nameNode = child.childForFieldName("name");
+    if (typeNode && nameNode) {
+      out2.set(getNodeText(nameNode), getNodeText(typeNode));
+    }
+  }
+}
+function stripGenerics(type) {
+  const ltIdx = type.indexOf("<");
+  return ltIdx === -1 ? type : type.substring(0, ltIdx);
+}
+function resolveReceiverType(receiver, context) {
+  if (!receiver) return { simpleName: null, fqn: null };
+  if (receiver === "this") {
+    return resolveFqn(context.className, context);
+  }
+  if (receiver.startsWith("this.")) {
+    const fieldName = receiver.substring("this.".length);
+    const fieldType = context.fieldTypes.get(fieldName);
+    if (fieldType) return resolveFqn(stripGenerics(fieldType), context);
+    return { simpleName: null, fqn: null };
+  }
+  if (receiver === "super") return { simpleName: null, fqn: null };
+  const declaredType = context.localVarTypes.get(receiver) ?? context.paramTypes.get(receiver) ?? context.fieldTypes.get(receiver);
+  if (declaredType) {
+    return resolveFqn(stripGenerics(declaredType), context);
+  }
+  if (/^[A-Z]/.test(receiver)) {
+    const simple = receiver.includes(".") ? receiver.substring(receiver.lastIndexOf(".") + 1) : receiver;
+    if (/^[A-Z][A-Za-z0-9_]*$/.test(simple)) {
+      return resolveFqn(simple, context);
+    }
+  }
+  return { simpleName: null, fqn: null };
+}
+function resolveFqn(simpleName, context) {
+  if (!simpleName) return { simpleName: null, fqn: null };
+  const importedFqn = context.imports.get(simpleName);
+  if (importedFqn) {
+    return { simpleName, fqn: importedFqn };
+  }
+  if (context.className === simpleName && context.packageName) {
+    return { simpleName, fqn: `${context.packageName}.${simpleName}` };
+  }
+  if (JAVA_LANG_TYPES.has(simpleName)) {
+    return { simpleName, fqn: `java.lang.${simpleName}` };
+  }
+  return { simpleName, fqn: null };
+}
+var JAVA_LANG_TYPES = /* @__PURE__ */ new Set([
+  "String",
+  "StringBuilder",
+  "StringBuffer",
+  "Object",
+  "Class",
+  "Integer",
+  "Long",
+  "Double",
+  "Float",
+  "Boolean",
+  "Character",
+  "Byte",
+  "Short",
+  "Number",
+  "Math",
+  "System",
+  "Thread",
+  "Runnable",
+  "Throwable",
+  "Exception",
+  "RuntimeException",
+  "Error",
+  "Process",
+  "ProcessBuilder",
+  "Iterable",
+  "Comparable",
+  "CharSequence",
+  "Enum"
+]);
 function extractCallInfo(node, context) {
   const nameNode = node.childForFieldName("name");
   const methodName = nameNode ? getNodeText(nameNode) : "unknown";
@@ -6097,9 +6211,12 @@ function extractCallInfo(node, context) {
   const args2 = argsNode ? extractArguments(argsNode) : [];
   const enclosingMethod = findEnclosingMethod(node);
   const { resolved, resolution } = resolveMethodCall(methodName, receiver, context);
+  const { simpleName, fqn } = resolveReceiverType(receiver, context);
   return {
     method_name: methodName,
     receiver,
+    receiver_type: simpleName,
+    receiver_type_fqn: fqn,
     arguments: args2,
     location: {
       line: node.startPosition.row + 1,
@@ -6121,10 +6238,14 @@ function extractObjectCreation(node, context) {
     status: "resolved",
     target: `${typeName}.<init>`
   };
+  const simpleType = stripGenerics(typeName);
+  const { simpleName, fqn } = resolveFqn(simpleType, context);
   return {
     method_name: typeName,
     // Constructor name is the class name
     receiver: null,
+    receiver_type: simpleName,
+    receiver_type_fqn: fqn,
     arguments: args2,
     location: {
       line: node.startPosition.row + 1,
@@ -11921,6 +12042,14 @@ function isKnownSafeReceiverForMethod(receiver, method, sinkType) {
   }
   return false;
 }
+var SINK_FQN_EXCLUSIONS = {
+  sql_injection: [
+    // JSqlParser AST library: Statement.execute(StatementVisitor),
+    // Select.accept(SelectVisitor), Insert/Update/Delete.execute(...),
+    // Expression.accept(ExpressionVisitor), etc.
+    "net.sf.jsqlparser."
+  ]
+};
 function matchesSinkPattern(call, pattern, typeHierarchy, language) {
   if (pattern.languages && pattern.languages.length > 0 && language !== void 0) {
     if (!pattern.languages.includes(language)) {
@@ -11937,6 +12066,16 @@ function matchesSinkPattern(call, pattern, typeHierarchy, language) {
   if (!methodMatches) {
     return false;
   }
+  if (call.receiver_type_fqn) {
+    const exclusions = SINK_FQN_EXCLUSIONS[pattern.type];
+    if (exclusions) {
+      for (const prefix of exclusions) {
+        if (call.receiver_type_fqn.startsWith(prefix)) {
+          return false;
+        }
+      }
+    }
+  }
   if (pattern.class) {
     if (pattern.class === "constructor") {
       return true;

package/dist/core/extractors/calls.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"calls.d.ts","sourceRoot":"","sources":["../../../src/core/extractors/calls.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAQ,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,KAAK,EAAE,QAAQ,EAAgC,MAAM,sBAAsB,CAAC;AACnF,OAAO,EAA2D,KAAK,SAAS,EAAE,MAAM,cAAc,CAAC;AAkEvG;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,QAAQ,EAAE,CAgDzF"}
+{"version":3,"file":"calls.d.ts","sourceRoot":"","sources":["../../../src/core/extractors/calls.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAQ,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,KAAK,EAAE,QAAQ,EAAgC,MAAM,sBAAsB,CAAC;AACnF,OAAO,EAA2D,KAAK,SAAS,EAAE,MAAM,cAAc,CAAC;AA8EvG;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,QAAQ,EAAE,CAgDzF"}

package/dist/core/extractors/calls.js

@@ -499,11 +499,23 @@ function inferJSTypeFromReceiver(receiver) {
 function buildResolutionContext(tree, cache) {
     const context = {
         className: null,
+        packageName: null,
         methodNames: new Set(),
         fieldTypes: new Map(),
         localVarTypes: new Map(),
-        imports: new Set(),
+        paramTypes: new Map(),
+        imports: new Map(),
+        wildcardImports: [],
     };
+    // Find package declaration (java grammar: `package_declaration`)
+    const packages = getNodesFromCache(tree.rootNode, 'package_declaration', cache);
+    if (packages.length > 0) {
+        const text = getNodeText(packages[0]);
+        const match = text.match(/package\s+([a-zA-Z0-9_.]+)/);
+        if (match) {
+            context.packageName = match[1];
+        }
+    }
     // Find class name
     const classes = getNodesFromCache(tree.rootNode, 'class_declaration', cache);
     if (classes.length > 0) {
@@ -512,13 +524,25 @@ function buildResolutionContext(tree, cache) {
             context.className = getNodeText(nameNode);
         }
     }
-    // Collect method names from the class
+    // Collect method names + parameter types from the class
     const methods = getNodesFromCache(tree.rootNode, 'method_declaration', cache);
     for (const method of methods) {
         const nameNode = method.childForFieldName('name');
         if (nameNode) {
             context.methodNames.add(getNodeText(nameNode));
         }
+        const paramsNode = method.childForFieldName('parameters');
+        if (paramsNode) {
+            collectParameterTypes(paramsNode, context.paramTypes);
+        }
+    }
+    // Also collect parameters from constructors
+    const constructors = getNodesFromCache(tree.rootNode, 'constructor_declaration', cache);
+    for (const ctor of constructors) {
+        const paramsNode = ctor.childForFieldName('parameters');
+        if (paramsNode) {
+            collectParameterTypes(paramsNode, context.paramTypes);
+        }
     }
     // Collect field types
     const fields = getNodesFromCache(tree.rootNode, 'field_declaration', cache);
@@ -550,19 +574,137 @@ function buildResolutionContext(tree, cache) {
             }
         }
     }
-    // Collect imports
+    // Collect imports — map simple class name to FQN
     const imports = getNodesFromCache(tree.rootNode, 'import_declaration', cache);
     for (const imp of imports) {
         const text = getNodeText(imp);
-        // Extract class name from import (last part)
-        const match = text.match(/import\s+(?:static\s+)?([a-zA-Z0-9_.]+)/);
-        if (match) {
-            const parts = match[1].split('.');
-            context.imports.add(parts[parts.length - 1]);
+        // Match `import [static] some.qualified.Name;` (with optional trailing `.*`)
+        const match = text.match(/import\s+(?:static\s+)?([a-zA-Z0-9_.]+)(\.\*)?/);
+        if (!match)
+            continue;
+        const fqn = match[1];
+        const isWildcard = match[2] === '.*';
+        if (isWildcard) {
+            context.wildcardImports.push(fqn);
+        }
+        else {
+            const parts = fqn.split('.');
+            const simple = parts[parts.length - 1];
+            context.imports.set(simple, fqn);
         }
     }
     return context;
 }
+/**
+ * Collect `paramName → typeName` from a `formal_parameters` node.
+ * Handles formal_parameter and spread_parameter; receiver_parameter (Java
+ * inner-class `this` reference) is skipped because it has no `name`.
+ */
+function collectParameterTypes(paramsNode, out) {
+    for (let i = 0; i < paramsNode.childCount; i++) {
+        const child = paramsNode.child(i);
+        if (!child)
+            continue;
+        if (child.type !== 'formal_parameter' && child.type !== 'spread_parameter') {
+            continue;
+        }
+        const typeNode = child.childForFieldName('type');
+        const nameNode = child.childForFieldName('name');
+        if (typeNode && nameNode) {
+            out.set(getNodeText(nameNode), getNodeText(typeNode));
+        }
+    }
+}
+/**
+ * Strip generic parameters from a Java type expression.
+ * `List<String>` → `List`, `Map<String, User>` → `Map`, `User` → `User`.
+ */
+function stripGenerics(type) {
+    const ltIdx = type.indexOf('<');
+    return ltIdx === -1 ? type : type.substring(0, ltIdx);
+}
+/**
+ * Resolve the receiver expression to its declared simple type and (if
+ * available) fully-qualified name. Returns `{ simpleName: null, fqn: null }`
+ * for receivers that cannot be statically resolved — dynamic dispatch,
+ * complex chained expressions, and missing declarations all fall back to
+ * the conservative null result so downstream consumers can choose their
+ * own heuristic (substring matching, hierarchy walk, etc.).
+ */
+function resolveReceiverType(receiver, context) {
+    if (!receiver)
+        return { simpleName: null, fqn: null };
+    // `this` and `this.field` — current class methods/fields
+    if (receiver === 'this') {
+        return resolveFqn(context.className, context);
+    }
+    if (receiver.startsWith('this.')) {
+        const fieldName = receiver.substring('this.'.length);
+        const fieldType = context.fieldTypes.get(fieldName);
+        if (fieldType)
+            return resolveFqn(stripGenerics(fieldType), context);
+        return { simpleName: null, fqn: null };
+    }
+    // `super` — defer; cannot determine parent class without hierarchy
+    if (receiver === 'super')
+        return { simpleName: null, fqn: null };
+    // Local variable, parameter, or field declared in this file
+    const declaredType = context.localVarTypes.get(receiver) ??
+        context.paramTypes.get(receiver) ??
+        context.fieldTypes.get(receiver);
+    if (declaredType) {
+        return resolveFqn(stripGenerics(declaredType), context);
+    }
+    // Receiver starts with uppercase letter — likely a static class reference.
+    // Strip dotted prefix (`com.example.Foo` → `Foo`) and look up imports.
+    if (/^[A-Z]/.test(receiver)) {
+        const simple = receiver.includes('.')
+            ? receiver.substring(receiver.lastIndexOf('.') + 1)
+            : receiver;
+        if (/^[A-Z][A-Za-z0-9_]*$/.test(simple)) {
+            return resolveFqn(simple, context);
+        }
+    }
+    return { simpleName: null, fqn: null };
+}
+/**
+ * Look up the FQN of a simple type name in the file's imports map.
+ * Falls back to same-package resolution when the type was declared in
+ * the file's package, or `null` when only wildcards / external types
+ * exist (the simple name is still surfaced).
+ */
+function resolveFqn(simpleName, context) {
+    if (!simpleName)
+        return { simpleName: null, fqn: null };
+    // Explicit import wins
+    const importedFqn = context.imports.get(simpleName);
+    if (importedFqn) {
+        return { simpleName, fqn: importedFqn };
+    }
+    // Type declared in this file → use the file's package
+    if (context.className === simpleName && context.packageName) {
+        return { simpleName, fqn: `${context.packageName}.${simpleName}` };
+    }
+    // java.lang.* is implicitly imported
+    if (JAVA_LANG_TYPES.has(simpleName)) {
+        return { simpleName, fqn: `java.lang.${simpleName}` };
+    }
+    // Wildcard imports — cannot disambiguate, return simple name only
+    return { simpleName, fqn: null };
+}
+/**
+ * Common types from `java.lang` that are implicitly imported in every
+ * compilation unit. Not exhaustive; kept to the subset most likely to
+ * appear as call receivers (String, Object, Class, Thread, …) so we
+ * can answer the FQN for the common cases without false-positive risk.
+ */
+const JAVA_LANG_TYPES = new Set([
+    'String', 'StringBuilder', 'StringBuffer', 'Object', 'Class',
+    'Integer', 'Long', 'Double', 'Float', 'Boolean', 'Character', 'Byte', 'Short',
+    'Number', 'Math', 'System', 'Thread', 'Runnable', 'Throwable', 'Exception',
+    'RuntimeException', 'Error', 'Process', 'ProcessBuilder',
+    'Iterable', 'Comparable', 'CharSequence', 'Enum',
+]);
 /**
  * Extract call information from a method_invocation node.
  */
@@ -580,9 +722,13 @@ function extractCallInfo(node, context) {
     const enclosingMethod = findEnclosingMethod(node);
     // Resolve the call
     const { resolved, resolution } = resolveMethodCall(methodName, receiver, context);
+    // Resolve the receiver's declared type and FQN
+    const { simpleName, fqn } = resolveReceiverType(receiver, context);
     return {
         method_name: methodName,
         receiver,
+        receiver_type: simpleName,
+        receiver_type_fqn: fqn,
         arguments: args,
         location: {
             line: node.startPosition.row + 1,
@@ -612,9 +758,16 @@ function extractObjectCreation(node, context) {
         status: 'resolved',
         target: `${typeName}.<init>`,
     };
+    // For a constructor `new Foo(...)`, the call site already names the class —
+    // surface that as receiver_type/receiver_type_fqn so downstream consumers
+    // see consistent type info regardless of dispatch shape.
+    const simpleType = stripGenerics(typeName);
+    const { simpleName, fqn } = resolveFqn(simpleType, context);
     return {
         method_name: typeName, // Constructor name is the class name
         receiver: null,
+        receiver_type: simpleName,
+        receiver_type_fqn: fqn,
         arguments: args,
         location: {
             line: node.startPosition.row + 1,