Module javascript
Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.
Import path
import javascript
Predicates
abstractValueOfType |
Gets a definite abstract value with the given type. |
capitalize |
Gets the capitalization of |
definitionReaches |
Holds if the definition of |
describeExpression |
Gets a string that describes |
document |
DEPRECATED: Use DOM::documentRef() instead. Gets a reference to the ‘document’ object. |
findNodeModulesFolder |
Holds if |
getAStandardLoggerMethodName |
Gets a log level name that is used in RFC5424, |
isDocument |
DEPRECATED: Use DOM::documentRef() instead. Holds if |
isDocumentUrl |
DEPRECATED: Use DOM::locationSource() instead. Holds if |
isDomNode |
Holds if |
isDomRootType |
Holds if |
isDomValue |
DEPRECATED: Use |
isInterpretedAsRegExp |
Holds if |
isLocation |
DEPRECATED: Use |
isLocationNode |
Holds if |
isSafeLocationProperty |
DEPRECATED. In most cases, a sanitizer based on this predicate can be removed, as taint tracking no longer step through the properties of the location object by default. |
localDefinitionOverwrites |
Holds if the |
localDefinitionReaches |
Holds if the definition of local variable |
pluralize |
Gets the pluralization for |
react |
Gets a reference to the ‘React’ object. |
truncate |
Gets |
Classes
AbstractArguments |
An abstract value representing an |
AbstractBoolean |
An abstract value representing a Boolean value. |
AbstractCallable |
An abstract value representing a function or class. |
AbstractClass |
An abstract value representing an individual class. |
AbstractDate |
An abstract value representing a |
AbstractEmpty |
An abstract value representing the empty string. |
AbstractExportsObject |
An abstract value representing a CommonJS |
AbstractFunction |
An abstract value representing an individual function. |
AbstractGlobalObject |
An abstract value representing the global object. |
AbstractInstance |
An abstract value representing all instances of a class or function |
AbstractModuleObject |
An abstract value representing a CommonJS |
AbstractNonZero |
An abstract value representing a non-zero number. |
AbstractNull |
An abstract value representing |
AbstractNumString |
An abstract value representing a numeric string, that is, a string |
AbstractObjectLiteral |
An abstract value representing all objects arising from an object literal expression (allocation site abstraction). |
AbstractOtherObject |
An abstract value representing an object not covered by the other abstract values. |
AbstractOtherString |
An abstract value representing a non-empty, non-numeric string. |
AbstractProperty |
An abstract representation of a set of concrete properties, characterized by a base object (which is an abstract value for which properties are tracked) and a property name. |
AbstractProtoProperty |
An abstract representation of the |
AbstractRegExp |
An abstract value representing a regular expression. |
AbstractUndefined |
An abstract value representing |
AbstractValue |
An abstract value inferred by the flow analysis, representing a set of concrete values. |
AbstractZero |
An abstract value representing the number zero. |
AccessorMethodDeclaration |
An accessor method declaration in a class or interface, either a concrete definition or a signature without a body. |
AccessorMethodDefinition |
A concrete accessor method definition in a class, that is, an accessor method with a function body. |
AccessorMethodSignature |
An accessor method signature declared in a class or interface, that is, an accessor method without a function body. |
AddExpr |
An addition or string-concatenation expression. |
AggregateES2015PromiseDefinition |
An aggregated promise produced either by |
AmdModule |
An AMD-style module. |
AmdModuleDefinition |
An AMD |
AnalyzedConditionGuard |
A refinement node where the guard is a condition. |
AnalyzedExternalModuleReference |
A special TypeScript |
AnalyzedFunction |
A function for which analysis results are available. |
AnalyzedModule |
A module for which analysis results are available. |
AnalyzedNegativeConditionGuard |
A refinement for a condition guard with an outcome of |
AnalyzedNode |
A data flow node for which analysis results are available. |
AnalyzedPositiveConditionGuard |
A refinement for a condition guard with an outcome of |
AnalyzedPropertyRead |
An analyzed property read, either explicitly ( |
AnalyzedPropertyWrite |
An analyzed property write, including exports (which are modeled as assignments to |
AnalyzedRefinement |
An analyzed refinement node. |
AnalyzedRequireCall |
A call to |
AnalyzedSsaDefinition |
An SSA definitions that has been analyzed. |
AnalyzedValueNode |
A value node for which analysis results are available. |
AnalyzedVarDef |
A vardef with helper predicates for flow analysis. |
AnonymousInterfaceType |
An anonymous interface type, such as |
AnsiColorsStep |
A step through the |
AnsiToHtmlStep |
A step through the |
AnyType |
The predefined |
ArgumentsVariable |
An |
ArithmeticExpr |
A binary arithmetic expression using |
ArrayComprehensionExpr |
An array comprehension expression. |
ArrayExpr |
An array literal. |
ArrayExternal |
The externs definition for the Array object. |
ArrayPattern |
An array pattern. |
ArrayType |
A type that describes a JavaScript |
ArrayTypeExpr |
An array type, such as |
ArrowFunctionExpr |
An arrow function expression. |
AsTypeAssertion |
A type assertion specifically of the form |
AsmJSDirective |
An asm.js directive. |
AssignAddExpr |
A compound add-assign expression. |
AssignAndExpr |
A compound bitwise-‘and’-assign expression. |
AssignDivExpr |
A compound divide-assign expression. |
AssignExpExpr |
A compound exponentiate-assign expression. |
AssignExpr |
A simple assignment expression. |
AssignLShiftExpr |
A compound left-shift-assign expression. |
AssignLogAndExpr |
A logical-‘and’-assign expression. |
AssignLogOrExpr |
A logical-‘or’-assign expression. |
AssignModExpr |
A compound modulo-assign expression. |
AssignMulExpr |
A compound multiply-assign expression. |
AssignNullishCoalescingExpr |
A ‘nullish-coalescing’-assign expression. |
AssignOrExpr |
A compound bitwise-‘or’-assign expression. |
AssignRShiftExpr |
A compound right-shift-assign expression. |
AssignSubExpr |
A compound subtract-assign expression. |
AssignURShiftExpr |
A compound unsigned-right-shift-assign expression. |
AssignXOrExpr |
A compound exclusive-‘or’-assign expression. |
Assignment |
An assignment expression, either compound or simple. |
AstNode |
A program element corresponding to JavaScript code, such as an expression or a statement. |
AuthorizationCall |
A call that may perform authorization. |
AwaitExpr |
An |
BabelDirective |
A Babel directive. |
BasicBlock |
A basic block, that is, a maximal straight-line sequence of control flow nodes without branches or joins. |
BigIntLiteral |
A BigInt literal. |
BigIntLiteralType |
A bigint literal as a static type. |
BigIntLiteralTypeExpr |
A bigint literal used as a TypeScript type annotation. |
BigIntType |
The predefined |
BinaryExpr |
An expression with a binary operator. |
BindingPattern |
A binding pattern, that is, either an identifier or a destructuring pattern. |
BitAndExpr |
A bitwise ‘and’ expression. |
BitNotExpr |
A bitwise negation expression. |
BitOrExpr |
A bitwise ‘or’ expression. |
BitwiseBinaryExpr |
A bitwise binary expression, that is, either a bitwise ‘and’, a bitwise ‘or’, or an exclusive ‘or’ expression. |
BitwiseExpr |
A bitwise expression using |
BlockComment |
A block comment (which may be a JSDoc comment). |
BlockScope |
A scope induced by a block of statements. |
BlockStmt |
A block of statements. |
BooleanLikeType |
The |
BooleanLiteral |
A Boolean literal, that is, either |
BooleanLiteralToken |
A Boolean literal token. |
BooleanLiteralType |
The boolean literal type |
BooleanLiteralTypeExpr |
A boolean literal used as a type. |
BooleanType |
The |
BreakOrContinueStmt |
A break or continue statement. |
BreakStmt |
A |
BugTrackerInfo |
A representation of bug tracker information for an NPM package. |
BulkImportDeclaration |
A bulk import that imports an entire module as a namespace. |
BulkReExportDeclaration |
A bulk re-export declaration of the form |
BundleDirective |
A |
CallExpr |
A function call expression. |
CallSignature |
A call signature declared in an interface. |
CallSignatureType |
A function or constructor signature in a TypeScript type. |
CallToObjectDefineProperty |
A call to |
CallWithAnalyzedReturnFlow |
A call with inter-procedural type inference for the return value. |
CallWithNonLocalAnalyzedReturnFlow |
A call with inter-procedural type inference for the return value. |
CanonicalFunctionName |
The canonical name for a function. |
CanonicalName |
A fully qualified name relative to a specific root, usually referring to a TypeScript namespace or type. |
CanonicalTypeVariableType |
A type that refers to a type variable declared on a class, interface or function. |
Case |
A |
CatchClause |
A |
CatchScope |
A scope induced by a catch clause. |
ChalkStep |
A step through the |
Chokidar |
A call to the library |
ClassDeclScope |
A scope induced by a class declaration with type parameters. |
ClassDeclStmt |
A class declaration statement. |
ClassDefinition |
An ECMAScript 2015 or TypeScript class definition, that is, either a class declaration statement or a class expression. |
ClassExpr |
A class expression. |
ClassExprScope |
A scope induced by a named class expression or class expression with type parameters. |
ClassOrInterface |
An ECMAScript 2015/TypeScript class definition or a TypeScript interface definition, including both declarations and expressions. |
ClassType |
A type that refers to a class, possibly with type arguments. |
CleartextPasswordExpr |
An expression that might contain a clear-text password. |
CliColorStep |
A step through the |
CliHighlightStep |
A step through the |
ClientRequest |
A call that performs a request to a URL. |
ClientSideRemoteFlowKind |
A type of remote flow source that is specific to the browser environment. |
ClientSideRemoteFlowSource |
A source of remote input in a web browser environment. |
CodeInAttribute |
A code snippet originating from an HTML attribute value. |
ColoretteStep |
A step through the |
ColorsStep |
A step through the |
Comment |
A JavaScript source-code comment. |
Comparison |
A comparison expression, that is, either an equality test ( |
CompoundAssignExpr |
A compound assign expression. |
ComprehensionBlock |
A comprehension block in a comprehension expression. |
ComprehensionBlockScope |
A scope induced by a comprehension block. |
ComprehensionExpr |
A comprehension expression, that is, either an array comprehension expression or a generator expression. |
ConcreteControlFlowNode |
A CFG node corresponding to a program element, that is, a CFG node that is not a |
ConditionGuardNode |
A guard node recording that some condition is known to be truthy or falsy at this point in the program. |
ConditionalExpr |
A conditional expression. |
ConditionalTypeExpr |
A conditional type annotation, such as |
ConditionalTypeScope |
A scope induced by a conditional type expression whose |
ConstDeclStmt |
A |
ConstantExpr |
An expression that evaluates to a constant primitive value. |
ConstantString |
An expression that evaluates to a constant string. |
Constructor |
A constructor defined in a class. |
ConstructorCallSignature |
A constructor call signature declared in an interface. |
ConstructorCallSignatureType |
A constructor call signature in a type, that is, a signature with the |
ConstructorDeclaration |
A constructor declaration in a class, either a concrete definition or a signature without a body. |
ConstructorDefinition |
The concrete constructor definition of a class, possibly a synthetic constructor if the class did not declare any constructors. |
ConstructorSignature |
A constructor signature declared in a class, that is, a constructor without a function body. |
ConstructorTag |
A |
ConstructorTypeExpr |
A constructor type, such as |
Container |
A file or folder. |
ContinueStmt |
A |
ContributorInfo |
A representation of contributor information for an NPM package. |
ControlFlowEntryNode |
A synthetic CFG node marking the entry point of a function or toplevel script. |
ControlFlowExitNode |
A synthetic CFG node marking the exit of a function or toplevel script. |
ControlFlowNode |
A node in the control flow graph, which is an expression, a statement, or a synthetic node. |
ControlStmt |
A control statement, that is, is a loop, an if statement, a switch statement, a with statement, a try statement, or a catch clause. |
CredentialsExpr |
DEPRECATED: Use |
CredentialsFunctionName |
A method that might return sensitive data, based on the name. |
CredentialsNode |
An expression whose value is used to supply credentials such as a user name, a password, or a key. |
CryptographicKey |
A key used in a cryptographic algorithm. |
CryptographicKeyCreation |
The creation of a cryptographic key. |
CryptographicKeyCredentialsExpr |
A key used in a cryptographic algorithm, viewed as a |
CryptographicOperation |
A data-flow node that is an application of a cryptographic algorithm. For example, encryption, decryption, signature-validation. |
CustomAbstractValue |
A custom abstract value corresponding to an abstract value tag. |
CustomAbstractValueDefinition |
A data-flow node that induces an analysis-specific abstract value. |
CustomAbstractValueFromDefinition |
An abstract representation of an analysis-specific value. |
CustomAbstractValueFromDefinitionNode |
Flow analysis for custom abstract values. |
CustomAbstractValueTag |
A string tag corresponding to a custom abstract value. |
DatabaseAccess |
A data flow node that performs a database access. |
DebuggerStmt |
A |
DecExpr |
A (pre or post) decrement expression. |
DeclStmt |
A declaration statement, that is, a |
DeclarationSpace |
A string representing one of the three TypeScript declaration spaces: |
Decoratable |
A program element to which decorators can be applied, that is, a class, a property or a member definition. |
Decorator |
A decorator applied to a class, property or member definition. |
DefiniteAbstractValue |
A definite abstract value, that is, an abstract value that is not affected by analysis incompleteness. |
DeleteExpr |
A |
DestructuringPattern |
A destructuring pattern, that is, either an array pattern or an object pattern. |
DirectEval |
A direct call to |
Directive |
A directive: string literal expression statement in the beginning of a statement container. |
DivExpr |
A division expression. |
DoWhileStmt |
A |
DocComment |
A JSDoc comment. |
Documentable |
A program element that can have a JSDoc comment. |
DomGlobalVariable |
A global variable whose declared type extends a DOM root type. |
DomMethodCallExpr |
DEPRECATED: Use |
DomMethodCallNode |
A call to a DOM method. |
DomPropWriteNode |
DEPRECATED: Use |
DomPropertyWrite |
An assignment to a property of a DOM object. |
DotExpr |
A dot expression. |
DynamicImportExpr |
A dynamic import expression. |
EOFToken |
An end-of-file token. |
ES2015Component |
A React component implemented as a class |
ES2015Module |
An ECMAScript 2015 module. |
ES2015PromiseAllDefinition |
An aggregated promise created using |
ES5Component |
A legacy React component implemented using |
EmailSender |
An operation that sends an email. |
EmptyStmt |
An empty statement. |
EnhancedForLoop |
A |
EntryBasicBlock |
An entry basic block, that is, a basic block whose first node is the entry node of a statement container. |
EnumDeclaration |
A TypeScript enum declaration, such as the following declaration: |
EnumLiteralType |
A type that refers to the value of an enum member. |
EnumMember |
A member of a TypeScript enum declaration, such as |
EnumScope |
A scope induced by an enum declaration, containing the names of its enum members. |
EnumType |
A type that refers to an enum. |
EqExpr |
An equality test using |
EqualityTest |
An equality test using |
Error |
An error encountered during extraction. |
EventDispatch |
A dispatch of an event on an EventEmitter. |
EventEmitter |
An EventEmitter instance that implements the EventEmitter API. Extend EventEmitter::Range to mark something as being an EventEmitter. |
EventHandlerCode |
A code snippet originating from an event handler attribute. |
EventRegistration |
A registration of an event handler on an EventEmitter. |
ExpExpr |
An exponentiation expression. |
ExportAsNamespaceDeclaration |
A TypeScript export of form |
ExportAssignDeclaration |
A TypeScript “export-assign” declaration. |
ExportDeclaration |
An export declaration. |
ExportDefaultDeclaration |
A default export declaration. |
ExportDefaultSpecifier |
A default export specifier. |
ExportNamedDeclaration |
A named export declaration. * Examples: |
ExportNamespaceSpecifier |
A namespace export specifier, that is |
ExportSpecifier |
An export specifier in an export declaration. |
ExportVarAccess |
An identifier that occurs in a named export declaration. |
Expr |
An expression. |
ExprOrStmt |
A program element that is either an expression or a statement. |
ExprOrType |
A program element that is either an expression or a type annotation. |
ExprOrVarDecl |
An expression or a variable declaration statement. |
ExprStmt |
An expression statement. |
ExpressionWithTypeArguments |
An expression with type arguments, occurring as the super-class expression of a class, for example: |
ExtendCall |
A call to an |
ExtendsTag |
An |
ExternalConstructor |
A constructor function defined in an externs file. |
ExternalDecl |
A declaration in an externs file. |
ExternalEntity |
A function or object defined in an externs file. |
ExternalFunction |
A function defined in an externs file. |
ExternalGlobalDecl |
A global declaration of a function or variable in an externs file. |
ExternalGlobalFunctionDecl |
A global function declaration in an externs file. |
ExternalGlobalVarDecl |
A global variable declaration in an externs file. |
ExternalInstanceMemberDecl |
An instance member variable declaration in an externs file. |
ExternalInterface |
An interface function defined in an externs file. |
ExternalMemberDecl |
A member variable declaration in an externs file. |
ExternalModuleDeclaration |
A TypeScript declaration of form |
ExternalModuleReference |
A |
ExternalModuleScope |
A scope induced by a declaration of form |
ExternalScript |
A stand-alone file or an external script originating from an HTML |
ExternalStaticMemberDecl |
A static member variable declaration in an externs file. |
ExternalType |
A constructor or interface function defined in an externs file. |
ExternalTypeTag |
A |
ExternalTypedef |
A typedef declaration in an externs file. |
ExternalVarDecl |
A variable or function declaration in an externs file. |
Externs |
A toplevel syntactic entity containing Closure-style externs definitions. |
FieldDeclaration |
A field declaration in a class or interface, either a concrete definition or an abstract or ambient field signature. |
FieldDefinition |
A concrete field definition in a class. |
FieldParameter |
A constructor parameter that induces a field in its class. |
FieldSignature |
A field signature declared in a class or interface, that is, an abstract or ambient field declaration. |
File |
A file. |
FileNameSource |
A data flow node that contains a file name or an array of file names from the local file system. |
FileSystemAccess |
A data flow node that performs a file system access (read, write, copy, permissions, stats, etc). |
FileSystemReadAccess |
A data flow node that reads data from the file system. |
FileSystemWriteAccess |
A data flow node that writes data to the file system. |
FileType |
A file type. |
Folder |
A folder. |
ForEachStmt |
A |
ForInComprehensionBlock |
A |
ForInScope |
A scope induced by a |
ForInStmt |
A |
ForOfComprehensionBlock |
A |
ForOfStmt |
A |
ForScope |
A scope induced by a |
ForStmt |
A |
FormatRegisterDirective |
A SystemJS |
Function |
A function as defined either by a function declaration or a function expression. |
FunctionBindExpr |
A function-bind expression. |
FunctionCallSignature |
A function call signature declared in an interface. |
FunctionCallSignatureType |
A function call signature in a type, that is, a signature without the |
FunctionCompositionCall |
A call to a function that constructs a function composition |
FunctionDeclStmt |
A function declaration statement. |
FunctionExpr |
A (non-arrow) function expression. |
FunctionExternal |
The externs definition for the Function object. |
FunctionScope |
A scope induced by a function. |
FunctionSentExpr |
A |
FunctionTypeExpr |
A TypeScript function type, such as |
FunctionWithAnalyzedParameters |
A function with inter-procedural type inference for its parameters. |
FunctionalComponent |
A React component implemented as a plain function. |
GEExpr |
A greater-than-or-equal expression. |
GTExpr |
A greater-than expression. |
GeneratedCodeExpr |
A placeholder for some code generated by a templating engine, speculatively parsed as an expression. |
GeneratorExpr |
A generator expression. |
GenericTypeExpr |
A type consisting of a name and at least one type argument, such as |
GetterMethodDeclaration |
A getter method declaration in a class or interface, either a concrete definition or a signature without a function body. |
GetterMethodDefinition |
A concrete getter method definition in a class, that is, a getter method with a function body. |
GetterMethodSignature |
A getter method signature declared in a class or interface, that is, a getter method without a function body. |
GlobalAugmentationDeclaration |
A TypeScript declaration of form |
GlobalScope |
The global scope. |
GlobalVarAccess |
An identifier that refers to a global variable. |
GlobalVarDecl |
An identifier that declares a global variable. |
GlobalVariable |
A global variable. |
GuardControlFlowNode |
A synthetic CFG node recording that some condition is known to hold at this point in the program. |
HasOwnPropertyCall |
A call to |
HtmlCommentEnd |
An HTML comment end token interpreted as a line comment. |
HtmlCommentStart |
An HTML comment start token interpreted as a line comment. |
HtmlLineComment |
An HTML comment start/end token interpreted as a line comment. |
HtmlSanitizerCall |
A call that sanitizes HTML in a string, either by replacing meta characters with their HTML entities, or by removing certain HTML tags entirely. |
Identifier |
An identifier. |
IdentifierToken |
An identifier token. |
IfStmt |
An |
ImmediatelyInvokedFunctionExpr |
An immediately invoked function expression (IIFE). |
ImplementsTag |
An |
Import |
An import in a module, which may be an ECMAScript 2015-style |
ImportDeclaration |
An import declaration. |
ImportDefaultSpecifier |
A default import specifier. |
ImportEqualsDeclaration |
A TypeScript “import-equals” declaration. |
ImportMetaExpr |
An |
ImportNamespaceAccess |
An import used in the context of a namespace inside a type annotation, such as in |
ImportNamespaceSpecifier |
A namespace import specifier. |
ImportSpecifier |
An import specifier in an import declaration. |
ImportTypeAccess |
An import used in the context of a type, such as in |
ImportTypeExpr |
An import inside a type annotation, such as in |
ImportVarTypeAccess |
An import used in the context of a variable type, such as in |
InExpr |
An |
IncExpr |
A (pre or post) increment expression. |
InclusionTest |
An expression that checks if an element is contained in an array or is a substring of another string. |
IndefiniteAbstractValue |
An indefinite abstract value representing an unknown value. |
IndefiniteFunctionOrClass |
An indefinite abstract value representing an unknown function or class. |
IndefiniteObject |
An indefinite abstract value representing an unknown object. |
IndexExpr |
An index expression (also known as computed property access). |
IndexSignature |
An index signature declared in an interface. |
IndexedAccessTypeExpr |
A type of form |
InferTypeExpr |
A type annotation of form |
InfiniteRepetitionQuantifier |
A regular expression term that permits unlimited repetitions. |
InlineScript |
A script embedded inline in an HTML |
InstanceofExpr |
An |
InterfaceDeclaration |
A TypeScript interface declaration. |
InterfaceDefinition |
A TypeScript interface declaration, inline interface type, or function type. |
InterfaceScope |
A scope induced by an interface declaration, containing the type parameters declared on the interface. |
InterfaceType |
A type that refers to an interface, possibly with type arguents. |
InterfaceTypeExpr |
An inline TypeScript interface type, such as |
IntersectionType |
An intersection type, such as |
IntersectionTypeExpr |
A type of form |
InvokeExpr |
An invocation expression, that is, either a function call or a |
IsTypeExpr |
A function return type of form |
JSDoc |
A JSDoc comment. |
JSDocAnyTypeExpr |
An |
JSDocAppliedTypeExpr |
An applied type expression. |
JSDocArrayTypeExpr |
An array type expression. |
JSDocError |
An error encountered while parsing a JSDoc comment. |
JSDocFunctionTypeExpr |
A function type expression. |
JSDocNamedTypeExpr |
A type expression referring to a named type. |
JSDocNonNullableTypeExpr |
A non-nullable type expression. |
JSDocNullTypeExpr |
A null type expression. |
JSDocNullableTypeExpr |
A nullable type expression. |
JSDocOptionalParameterTypeExpr |
An optional parameter type. |
JSDocParamTag |
A |
JSDocRecordTypeExpr |
A record type expression. |
JSDocRestParameterTypeExpr |
A rest parameter type. |
JSDocTag |
A JSDoc tag. |
JSDocTypeExpr |
A JSDoc type expression. |
JSDocTypeExprParent |
A syntactic element that a JSDoc type expression may be nested in, that is, either a JSDoc tag or another JSDoc type expression. |
JSDocUndefinedTypeExpr |
A type expression representing the type of |
JSDocUnionTypeExpr |
A union type expression. |
JSDocUnknownTypeExpr |
A type expression representing an unknown type. |
JSDocVoidTypeExpr |
A type expression representing the void type. |
JSLintDirective |
A JSLint directive. |
JSLintExplicitGlobal |
A JSLint |
JSLintGlobal |
A JSLint directive declaring global variables. |
JSLintOptions |
A JSLint options directive. |
JSLintProperties |
A JSLint |
JSParseError |
A JavaScript parse error encountered during extraction. |
JavaScriptUrl |
A code snippet originating from a URL with the |
Json2CsvTaintStep |
A taint step through the |
JsonArray |
A JSON-encoded array. |
JsonBoolean |
A JSON-encoded Boolean value. |
JsonNull |
A JSON-encoded null value. |
JsonNumber |
A JSON-encoded number. |
JsonObject |
A JSON-encoded object. |
JsonParseError |
An error reported by the JSON parser. |
JsonParserCall |
A call to a JSON parser such as |
JsonPrimitiveValue |
A JSON-encoded primitive value. |
JsonString |
A JSON-encoded string value. |
JsonStringifyCall |
A call to a JSON stringifier such as |
JsonValue |
A JSON-encoded value, which may be a primitive value, an array or an object. |
JsxAttribute |
An attribute of a JSX element, including spread attributes. |
JsxElement |
A JSX element. |
JsxEmptyExpr |
An interpolating expression that interpolates nothing. |
JsxFragment |
A JSX fragment. |
JsxName |
A name of an JSX element or attribute (which is always an identifier, a dot expression, or a qualified namespace name). |
JsxNode |
A JSX element or fragment. |
JsxPragma |
A legacy |
JsxQualifiedName |
A namespace-qualified name such as |
JsxSpreadAttribute |
A spread attribute of a JSX element. |
JumpStmt |
A statement that disrupts structured control flow, that is, a |
KeyofTypeExpr |
A type of form |
KeywordToken |
A keyword token. |
KleurStep |
A step through the |
KnownDirective |
A known directive, such as a strict mode declaration. |
LEExpr |
A less-than-or-equal expression. |
LShiftExpr |
A left-shift expression using |
LTExpr |
A less-than expression. |
LValue |
A variable reference or property access that is written to. |
Label |
A statement or property label, that is, an identifier that does not refer to a variable. |
LabeledStmt |
A labeled statement. |
LegacyLetExpr |
An old-style |
LegacyLetStmt |
A legacy |
LetStmt |
A |
LexicalAccess |
An identifier that refers to a variable, type, or namespace, or a combination of these, in a non-declaring position. |
LexicalDecl |
An identifier that declares a variable, type, or namespace, or a combination of these. |
LexicalName |
A name that is declared in a particular scope. |
LexicalRef |
An identifier that refers to a variable, type, or namespace, or a combination of these. |
LexicalTypeVariableType |
A type that refers to a type variable without a canonical name. |
Line |
A line of text (code, comment, or whitespace) in a source file. |
LineComment |
A line comment, that is, either an HTML comment or a |
Literal |
A literal. |
LiteralType |
A boolean, number, or string literal type. |
LiteralTypeExpr |
A string, number, or boolean literal used as a type. |
LocalFunction |
A function that only is used locally, making it amenable to type inference. |
LocalNamespaceAccess |
An identifier that refers to a namespace from inside a type annotation. |
LocalNamespaceDecl |
An identifier that declares a local name for a namespace, that is, the name of an actual namespace declaration or the local name of an import. |
LocalNamespaceName |
The local name for a namespace in a particular scope. |
LocalScope |
A local scope, that is, a scope that is not the global scope. |
LocalTypeAccess |
An identifier that is used as part of a type, such as |
LocalTypeName |
The local name for a type in a particular scope. |
LocalVarTypeAccess |
An identifier that refers to a variable from inside a type. |
LocalVariable |
A local variable or a parameter. |
Locatable |
A program element with a location. |
Location |
A location as given by a file, a start line, a start column, an end line, and an end column. |
LogAndExpr |
A logical ‘and’ expression. |
LogNotExpr |
A logical negation expression. |
LogOrExpr |
A logical ‘or’ expression. |
LoggerCall |
A call to a logging mechanism. |
LogicalBinaryExpr |
A short-circuiting logical binary expression, that is, a logical ‘or’ expression, a logical ‘and’ expression, or a nullish-coalescing expression. |
LogicalExpr |
A logical expression using |
LoopStmt |
A loop, that is, a while loop, a do-while loop, a for loop, or a for-in loop. |
MappedTypeExpr |
A type of form |
MappedTypeScope |
A scope induced by a mapped type expression, containing the type parameter declared as part of the type. |
MemberDeclaration |
A member declaration in a class or interface, that is, either a method declaration or a field declaration. |
MemberDefinition |
A concrete member of a class, that is, a non-abstract, non-ambient field or method with a body. |
MemberSignature |
A member signature declared in a class or interface, that is, an abstract or ambient field or method without a function body. |
MembershipCandidate |
An expression that is tested for membership of a collection. |
Method |
A method defined in a class or object expression. |
MethodCallExpr |
A method call expression. |
MethodDeclaration |
A method declaration in a class or interface, either a concrete definition or a signature without a body. |
MethodDefinition |
A concrete method definition in a class. |
MethodSignature |
A method signature declared in a class or interface, that is, a method without a function body. |
ModExpr |
A modulo expression. |
Module |
A module, which may either be an ECMAScript 2015-style module, a CommonJS module, or an AMD module. |
ModuleAccess |
A reference to the special |
ModuleScope |
A scope induced by a Node.js or ES2015 module |
MulExpr |
A multiplication expression. |
NEqExpr |
An inequality test using |
NamedExportSpecifier |
A named export specifier. |
NamedImportSpecifier |
A named import specifier. |
Namespace |
The canonical name for a namespace. |
NamespaceAccess |
A possibly qualified name that refers to a namespace from inside a type annotation. |
NamespaceDeclaration |
A TypeScript namespace declaration. |
NamespaceDefinition |
A statement that defines a namespace, that is, a namespace declaration or enum declaration. |
NamespaceRef |
A possibly qualified identifier that refers to or declares a local name for a namespace. |
NamespaceScope |
The lexical scope induced by a TypeScript namespace declaration. |
NegExpr |
An arithmetic negation expression (also known as unary minus). |
NeverType |
The |
NewExpr |
A |
NewTargetExpr |
A |
NgInjectDirective |
A |
NodeModule |
A Node.js module. |
NonNullAssertion |
A TypeScript expression of form |
NonStrictEqualityTest |
A non-strict equality test using |
NpmPackage |
An NPM package. |
NullLiteral |
A |
NullLiteralToken |
A null literal token. |
NullType |
The |
NullishCoalescingExpr |
A nullish coalescing ‘??’ expression. |
NumberLikeType |
The |
NumberLiteral |
A numeric literal. |
NumberLiteralType |
A number literal as a static type. |
NumberLiteralTypeExpr |
A number literal used as a type. |
NumberType |
The predefined |
NumericLiteralToken |
A numeric literal token. |
ObjectExpr |
An object literal, containing zero or more property definitions. |
ObjectExternal |
The externs definition for the Object object. |
ObjectKeywordType |
The |
ObjectPattern |
An object pattern. |
OptionalChainRoot |
INTERNAL: This class should not be used by queries. |
OptionalTypeExpr |
An optional type element in a tuple type, such as |
OptionalUse |
A call or member access that evaluates to |
OriginalExportDeclaration |
An export declaration that exports zero or more declarations from the module it appears in. |
PackageDependencies |
A representation of package dependencies for an NPM package. |
PackageJson |
A |
ParExpr |
A parenthesized expression. |
Parameter |
A parameter declaration in a function or catch clause. |
ParameterField |
A field induced by an initializing constructor parameter. |
Parameterized |
A program element that declares parameters, that is, either a function or a catch clause. |
ParenthesizedTypeExpr |
A type expression enclosed in parentheses. |
Path |
An absolute file system path referenced in the program, which may (but does not have to) correspond to a file or folder included in the snapshot. |
PathExpr |
An expression whose value represents a (relative or absolute) file system path. |
PathExprCandidate |
An expression that appears in a syntactic position where it may represent a path. |
PathString |
A string value that represents a (relative or absolute) file system path. |
PersistentReadAccess |
A data flow node that reads persistent data. |
PersistentWriteAccess |
A data flow node that writes persistent data. |
PlainArrayType |
An array type such as |
PlainFunctionTypeExpr |
A function type that is not a constructor type, such as |
PlainSymbolType |
The |
PlusExpr |
A unary plus expression. |
PostDecExpr |
A postfix decrement expression. |
PostIncExpr |
A postfix increment expression. |
PostMessageEventHandler |
An event handler that handles |
PreDecExpr |
A prefix decrement expression. |
PreIncExpr |
A prefix increment expression. |
PreactComponent |
A Preact component. |
PredefinedTypeExpr |
A use of the predefined type |
PredicateTypeExpr |
A function return type that refines the type of one of its parameters or |
PrefixTypeAssertion |
A type assertion specifically of the form |
PrettyJsonTaintStep |
A step through the |
PrimitiveAbstractValue |
A definite abstract value that represents only primitive concrete values. |
PrintfStyleCall |
A printf-style call that substitutes the embedded format specifiers of a format string for the format arguments. |
PromiseAllCreation |
A promise that is created using a |
PromiseCandidate |
A call that looks like a Promise. |
PromiseCreationCall |
A promise that is created and resolved with one or more value. |
PromiseDefinition |
A definition of a |
PromiseType |
A type such as |
PropAccess |
A property access, that is, either a dot expression of the form |
Property |
A property definition in an object literal, which may be either a value property, a property getter, or a property setter. |
PropertyAccessor |
A property getter or setter in an object literal. |
PropertyGetter |
A property getter in an object literal. |
PropertyPattern |
A property pattern in an object pattern. |
PropertyProjection |
A property projection call such as |
PropertySetter |
A property setter in an object literal. |
ProtectCall |
A call to a function whose name suggests that it encodes or encrypts its arguments. |
PunctuatorToken |
A punctuator token. |
PurelyLocalVariable |
A local variable that is not captured. |
QualifiedNamespaceAccess |
A qualified name that refers to a namespace from inside a type annotation. |
QualifiedTypeAccess |
A qualified name that is used as part of a type, such as |
QualifiedVarTypeAccess |
A qualified name that refers to a variable from inside a type. |
RShiftExpr |
A right-shift expression using |
RValue |
A variable reference or property access that is read from. |
ReExportDeclaration |
An export declaration that re-exports declarations from another module. |
ReExportDefaultSpecifier |
A default export specifier in a re-export declaration. |
ReachableBasicBlock |
A basic block that is reachable from an entry basic block. |
ReachableJoinBlock |
A reachable basic block with more than one predecessor. |
ReactComponent |
An object that implements the React component interface. |
ReactElementDefinition |
A DOM element created by a React function. |
ReadonlyArrayType |
A read-only array type such as |
ReadonlyTypeExpr |
A type of form |
RefExpr |
An expression that can be evaluated to a reference, that is, a variable reference or a property access. |
ReferenceImport |
A TypeScript comment of one of the two forms: |
ReferencePathImport |
A TypeScript comment of the form: |
ReferenceTypesImport |
A TypeScript comment of the form: |
RegExpAlt |
An alternative term, that is, a term of the form |
RegExpAnchor |
A dollar |
RegExpBackRef |
A back reference, that is, a term of the form |
RegExpCaret |
A caret assertion |
RegExpCharEscape |
A character escape in a regular expression. |
RegExpCharacterClass |
A character class in a regular expression. |
RegExpCharacterClassEscape |
A character class escape in a regular expression. |
RegExpCharacterRange |
A character range in a character class in a regular expression. |
RegExpConstant |
A constant regular expression term, that is, a regular expression term matching a single string. |
RegExpControlEscape |
A control character escape in a regular expression. |
RegExpDecimalEscape |
A decimal character escape in a regular expression. |
RegExpDollar |
A dollar assertion |
RegExpDot |
A dot regular expression. |
RegExpEscape |
An escaped regular expression term, that is, a regular expression term starting with a backslash. |
RegExpGroup |
A grouped regular expression. |
RegExpHexEscape |
A hexadecimal character escape in a regular expression. |
RegExpIdentityEscape |
An identity escape, that is, an escaped character in a regular expression that just represents itself. |
RegExpLiteral |
A regular expression literal. |
RegExpLookahead |
A zero-width lookahead assertion. |
RegExpLookbehind |
A zero-width lookbehind assertion. |
RegExpNegativeLookahead |
A negative-lookahead assertion. |
RegExpNegativeLookbehind |
A negative-lookbehind assertion. |
RegExpNonWordBoundary |
A non-word boundary assertion. |
RegExpNormalConstant |
A sequence of normal characters without special meaning in a regular expression. |
RegExpOctalEscape |
An octal character escape in a regular expression. |
RegExpOpt |
An optional term. |
RegExpParent |
An element containing a regular expression term, that is, either a regular expression literal, a string literal (parsed as a regular expression), or another regular expression term. |
RegExpParseError |
A parse error encountered while processing a regular expression literal. |
RegExpPatternSource |
A node whose value may flow to a position where it is interpreted as a part of a regular expression. |
RegExpPlus |
A plus-quantified term. |
RegExpPositiveLookahead |
A positive-lookahead assertion. |
RegExpPositiveLookbehind |
A positive-lookbehind assertion. |
RegExpQuantifier |
A quantified regular expression term. |
RegExpRange |
A range-quantified term |
RegExpSequence |
A sequence term. |
RegExpStar |
A star-quantified term. |
RegExpSubPattern |
A zero-width lookahead or lookbehind assertion. |
RegExpTerm |
A regular expression term, that is, a syntactic part of a regular expression. |
RegExpUnicodeEscape |
A unicode character escape in a regular expression. |
RegExpUnicodePropertyEscape |
A Unicode property escape in a regular expression. |
RegExpWordBoundary |
A word boundary assertion. |
RegularExpressionToken |
A regular expression literal token. |
RelationalComparison |
A relational comparison using |
RemoteFlowSource |
A data flow source of remote user input. |
RepositoryInfo |
A representation of repository information for an NPM package. |
Require |
A |
ResolvedES2015PromiseDefinition |
A resolved promise created by the standard ECMAScript 2015 |
ResolvedPromiseDefinition |
A promise that is created using a |
RestTypeExpr |
A rest element in a tuple type, such as |
ReturnStmt |
A |
SatisfiesExpr |
A satisfies type asserion of the form |
Scope |
A scope in which variables can be declared. |
ScopeElement |
A program element that induces a scope. |
Script |
A stand-alone file or script originating from an HTML |
SelectiveImportDeclaration |
A selective import that imports zero or more declarations. |
SelectiveReExportDeclaration |
A named export declaration that re-exports symbols imported from another module. |
SensitiveAction |
A sensitive action, such as transfer of sensitive data. |
SensitiveCall |
A function call that might produce sensitive data. |
SensitiveDataClassification |
A classification of different kinds of sensitive data: |
SensitiveDataFunctionName |
A function name that suggests it may produce sensitive data. |
SensitiveExpr |
DEPRECATED: Use |
SensitiveFunctionName |
A function name that suggests it may be sensitive. |
SensitiveNode |
An expression that might contain sensitive data. |
SensitiveVariableAccess |
An access to a variable or property that might contain sensitive data. |
SensitiveWrite |
A write to a location that might contain sensitive data. |
SeqExpr |
A sequence expression (also known as comma expression). |
SetterMethodDeclaration |
A setter method declaration in a class or interface, either a concrete definition or a signature without a body. |
SetterMethodDefinition |
A concrete setter method definition in a class, that is, a setter method with a function body |
SetterMethodSignature |
A setter method signature declared in a class or interface, that is, a setter method without a function body. |
ShiftExpr |
A shift expression. |
SignatureKind |
A value indicating if a signature is a function or constructor signature. |
SimpleParameter |
A parameter declaration that is not an object or array pattern. |
SixToFiveDirective |
A legacy 6to5 directive. |
SlashSlashComment |
A |
SlashStarComment |
A C-style block comment which is not a JSDoc comment. |
SliceAnsiStep |
A step through the |
SpreadElement |
A spread element. |
SpreadProperty |
A spread property in an object literal. |
SsaDefinition |
An SSA definition. |
SsaExplicitDefinition |
An SSA definition that corresponds to an explicit assignment or other variable definition. |
SsaImplicitDefinition |
An SSA definition that does not correspond to an explicit variable definition. |
SsaImplicitInit |
An SSA definition representing the implicit initialization of a variable at the beginning of its scope. |
SsaPhiNode |
An SSA phi node, that is, a pseudo-definition for a variable at a point in the flow graph where otherwise two or more definitions for the variable would be visible. |
SsaPseudoDefinition |
An SSA definition that has no actual semantics, but simply serves to merge or filter data flow. |
SsaRefinementNode |
A refinement node, that is, a pseudo-definition for a variable at a point in the flow graph where additional information about this variable becomes available that may restrict its possible set of values. |
SsaSourceVariable |
A variable that can be SSA converted, that is, a local variable. |
SsaVariable |
An SSA variable. |
SsaVariableCapture |
An SSA definition representing the capturing of an SSA-convertible variable in the closure of a nested function. |
StaticInitializer |
A static initializer in a class. |
Stmt |
A statement. |
StmtContainer |
A program element that contains statements, but isn’t itself a statement, in other words a toplevel or a function. |
StrictEqExpr |
A strict equality test using |
StrictEqualityTest |
A strict equality test using |
StrictModeDecl |
A strict mode declaration. |
StrictNEqExpr |
A strict inequality test using |
StringLikeType |
The |
StringLiteral |
A string literal, either single-quoted or double-quoted. |
StringLiteralToken |
A string literal token. |
StringLiteralType |
A string literal as a static type. |
StringLiteralTypeExpr |
A string literal used as a type. |
StringReplaceCall |
A call to |
StringSplitCall |
A call to |
StringType |
The predefined |
StripAnsiStep |
A step through the |
SubExpr |
A subtraction expression. |
SuperCall |
A |
SuperExpr |
A |
SuperPropAccess |
A property access on |
SwitchStmt |
A |
SymbolType |
The |
SyntheticConstructor |
A function generated by the extractor to implement a synthetic default constructor. |
SyntheticControlFlowNode |
A synthetic CFG node that does not correspond to a statement or expression; examples include guard nodes and entry/exit nodes. |
SystemCommandExecution |
A data flow node that executes an operating system command, for instance by spawning a new process. |
SystemJSDepsDirective |
A SystemJS |
SystemJSFormatDirective |
A SystemJS |
TSGlobalDeclImport |
A reference to a global variable for which there is a TypeScript type annotation suggesting that it contains the namespace object of a module. |
TaggedTemplateExpr |
A tagged template literal expression. |
TemplateElement |
A constant template element. |
TemplateLiteral |
A template literal. |
TemplateLiteralTypeExpr |
A template literal used as a type. |
ThisExpr |
A |
ThisType |
A |
ThisTypeExpr |
A use of the |
ThisVarTypeAccess |
A |
ThrowStmt |
A |
Token |
A token occurring in a piece of JavaScript source code. |
TopLevel |
A toplevel syntactic unit; that is, a stand-alone script, an inline script embedded in an HTML |
TryStmt |
A |
TupleType |
A tuple type, such as |
TupleTypeExpr |
A tuple type such as |
Type |
A static type in the TypeScript type system. |
TypeAccess |
A possibly qualified name that is used as part of a type, such as |
TypeAliasDeclaration |
A type alias declaration, that is, a statement of form |
TypeAliasReference |
A type that refers to a type alias. |
TypeAliasScope |
A scope induced by a type alias declaration, containing the type parameters declared the the alias. |
TypeAnnotation |
A type annotation, either in the form of a TypeScript type or a JSDoc comment. |
TypeAssertion |
A type assertion, also known as an unchecked type cast, is a TypeScript expression of form |
TypeDecl |
An identifier declaring a type name, that is, the name of a class, interface, type parameter, or import. |
TypeDefinition |
A statement that defines a named type, that is, a class, interface, type alias, or enum declaration. |
TypeExpr |
A type expression, that is, an AST node that is part of a TypeScript type annotation. |
TypeName |
The canonical name for a type. |
TypeParameter |
A type parameter declared on a class, interface, function, or type alias. |
TypeParameterized |
A program element that supports type parameters, that is, a function, class, interface, type alias, mapped type, or |
TypeRef |
A possibly qualified identifier that declares or refers to a type. |
TypeReference |
A type that refers to a class, interface, enum, or enum member. |
TypeRootFolder |
A folder where TypeScript finds declaration files for imported modules. |
TypeVariableType |
A type that refers to a type variable. |
TypeofExpr |
A |
TypeofType |
The type of a named value, |
TypeofTypeExpr |
A type of form |
URShiftExpr |
An unsigned right-shift expression using |
UnaryExpr |
An expression with a unary operator. |
UndefinedType |
The |
UnionOrIntersectionType |
A union type or intersection type, such as |
UnionOrIntersectionTypeExpr |
A union or intersection type, such as |
UnionType |
A union type, such as |
UnionTypeExpr |
A union type, such as |
UniqueSymbolType |
A |
Unit |
The trivial type with a single element. |
UnknownType |
The predefined |
UnreachableBlock |
An unreachable basic block, that is, a basic block whose first node is unreachable. |
UpdateExpr |
An update expression, that is, an increment or decrement expression. |
ValueProperty |
A value property definition in an object literal. |
VarAccess |
An identifier that refers to a variable in a non-declaring position. |
VarDecl |
An identifier that declares a variable. |
VarDeclStmt |
A |
VarDef |
A ControlFlowNode that defines (that is, initializes or updates) variables or properties. |
VarRef |
An identifier that refers to a variable, either in a declaration or in a variable access. |
VarTypeAccess |
A possibly qualified name that refers to a variable from inside a type. |
VarUse |
A ControlFlowNode that uses (that is, reads from) a single variable. |
Variable |
A variable declared in a scope. |
VariableDeclarator |
A variable declarator declaring a local or global variable. |
VoidExpr |
A |
VoidType |
The |
WebStorageWrite |
A value written to web storage, like |
WhileStmt |
A |
WithStmt |
A |
WrapAnsiStep |
A step through the |
XOrExpr |
An exclusive ‘or’ expression. |
XUnitAnnotation |
An xUnit.js annotation, such as |
XUnitAttribute |
An xUnit.js attribute appearing in an annotation. |
XUnitFact |
An xUnit.js fact. |
XUnitFactAnnotation |
An xUnit.js |
XUnitFixture |
An xUnit.js fixture. |
XUnitFixtureAnnotation |
An xUnit.js |
XUnitTarget |
A declaration or definition that can serve as the target of an xUnit.js annotation: a function declaration, a variable declaration, or an assignment. |
XmlAttribute |
An attribute that occurs inside an XML element. |
XmlCharacters |
A sequence of characters that occurs between opening and closing tags of an XML element, excluding other elements. |
XmlComment |
A comment in an XML file. |
XmlDtd |
An XML document type definition (DTD). |
XmlElement |
An XML element in an XML file. |
XmlFile |
An XML file. |
XmlLocatable |
An XML element that has a location. |
XmlNamespace |
A namespace used in an XML file. |
XmlParent |
An |
YieldExpr |
A |
YuiDirective |
A YUI compressor directive. |
Datatypes
TAbstractValue |
An abstract value inferred by the flow analysis. |
Modules
API |
Provides classes and predicates for working with the API boundary between the current codebase and external libraries. |
AST |
Provides a class |
AWS | |
AbstractInstance | |
AccessPath |
Provides predicates for associating access paths with data flow nodes. |
Angular2 |
Provides classes for working with Angular (also known as Angular 2.x) applications. |
AngularJS |
Provides classes for working with AngularJS (also known as Angular 1.x) applications. |
ArrayTaintTracking |
Classes and predicates for modeling TaintTracking steps for arrays. |
AsyncPackage | |
Azure | |
Babel | |
Base64 | |
Bluebird |
Provides classes for working with the |
Cheerio | |
ClassValidator |
Provides predicates for reasoning about sanitization via the |
ClientRequest | |
ClientWebSocket |
Provides classes that model WebSockets clients. |
Closure | |
ClosureLibrary | |
Connect | |
CookieWrites |
Classes and predicates for reasoning about writes to cookies. |
CredentialsExpr |
Companion module to the |
Cryptography |
Provides models for cryptographic things. |
D3 |
Provides classes and predicates modeling aspects of the |
DOM | |
DataFlow | |
DeclarationSpace |
Module containing the |
DigitalOcean | |
E4X | |
ESLint | |
Electron | |
EventDispatch | |
EventEmitter | |
EventRegistration | |
Express | |
ExpressLibraries | |
Fastify |
Provides classes for working with Fastify applications. |
FileUpload |
Provides classes for working with the |
Firebase | |
FunctionCompositionCall |
Companion module to the |
GraphQL |
Provides classes modeling concepts of GraphQL connectors. |
HTML | |
Handlebars | |
Hapi | |
HeuristicNames |
INTERNAL: Do not use. |
History |
Provides classes modeling the |
Http | |
InclusionTest | |
JQuery | |
JSDoc | |
JsonSchema |
Provides classes and predicates for working with JSON schema libraries. |
Knex |
Provides classes and predicates for working with knex. |
Koa | |
LazyCache | |
LdapJS |
A module providing sinks and sanitizers for LDAP injection. |
Linting | |
LodashUnderscore |
Provides a unified model of lodash and underscore. |
Markdown |
A module providing taint-steps for common markdown parsers and generators. |
MembershipCandidate |
Provides classes for recognizing membership candidates. |
MooTools |
Classes and predicates for working with MooTools code. |
NestJS |
Provides classes and predicates for reasoning about Nest. |
NextJS |
Provides classes and predicates modeling Next.js. |
NoSql |
Provides classes for modeling NoSql query sinks. |
NodeJSLib | |
ParseTorrent |
Provides classes for working with parse-torrent code. |
PasswordHeuristics |
Provides heuristics for classifying passwords. |
PkgCloud | |
PromiseFlow |
This module defines how data-flow propagates into and out of a Promise. The data-flow is based on pseudo-properties rather than tainting the Promise object (which is what |
PromiseTypeTracking |
A module for supporting promises in type-tracking predicates. The |
Promises |
Common predicates shared between type-tracking and data-flow for promises. |
Promisify |
Provides classes modeling libraries implementing |
PropertyProjection | |
Punycode |
Provides classes for working with punycode code. |
Puppeteer |
Classes and predicates modeling the puppeteer library. |
Q |
Provides classes for working with the |
Querydashstring |
Provides classes for working with query-string code. |
Querystring |
Provides classes for working with querystring code. |
Querystringify |
Provides classes for working with querystringify code. |
RangeAnalysis |
Contains predicates for reasoning about the relative numeric value of expressions. |
ReactNative | |
Redux |
Provides classes and predicates for reasoning about data flow through the redux package. |
RegExp | |
RegExpPatterns |
Provides utility predicates related to regular expressions. |
Request | |
Restify |
Provides classes for working with Restify servers. |
Routing |
A model of routing trees, describing the composition of route handlers and middleware functions in a web server application. See |
SQL | |
SensitiveDataClassification |
Provides predicates to select the different kinds of sensitive data we support. |
ServerWebSocket |
Provides classes that model WebSocket servers. |
ShellJS | |
SignatureKind | |
SocketIO |
Provides classes for working with server-side socket.io code (npm package |
SocketIOClient |
Provides classes for working with client-side socket.io code (npm package |
Spife |
Provides classes for working with Spife applications. |
Ssa | |
StringConcatenation | |
StringOps | |
SyntacticConstants |
Provides classes for expressions that evaluate to constant values according to a bottom-up syntactic analysis. |
TaintTracking |
Provides classes for modeling taint propagation. |
Templating | |
TrustedTypes |
Module for working with uses of the Trusted Types API. |
Typeahead | |
Uridashjs |
Provides classes for working with uri-js code. |
Urijs |
Provides classes for working with urijs code. |
Url |
Provides classes for working with url code. |
UrlParse |
Provides classes for working with url-parse code. |
Vue | |
Vuex |
Provides classes and predicates for working with the |
XML |
Aliases
ASMJSDirective |
DEPRECATED: Alias for AsmJSDirective |
ASTNode |
DEPRECATED: Alias for AstNode |
AndBitwiseExpr |
A bitwise ‘and’ expression. |
AndLogicalExpr |
A logical ‘and’ expression. |
ArrayAccess |
An index expression (also known as computed property access). |
AssignOp |
A compound assign expression. |
BlockMode |
A cryptographic block cipher mode of operation. This can be used to encrypt data of arbitrary length using a block encryption algorithm. |
BoolLiteral |
A Boolean literal, that is, either |
CaseStmt |
A |
ComparisonOperation |
A comparison expression, that is, either an equality test ( |
CryptographicAlgorithm |
A cryptographic algorithm. |
CryptographicOperation |
Provides classes for modeling new applications of a cryptographic algorithms. |
DOMGlobalVariable |
DEPRECATED: Alias for DomGlobalVariable |
DoStmt |
A |
EncryptionAlgorithm |
An encryption algorithm such as |
EqualityOperation |
An equality test using |
FieldAccess |
A dot expression. |
HTTP |
DEPRECATED: Alias for Http |
HashingAlgorithm |
A hashing algorithm such as |
InstanceOfExpr |
An |
JSON2CSVTaintStep |
DEPRECATED: Alias for Json2CsvTaintStep |
JSONArray |
DEPRECATED: Alias for JsonArray |
JSONBoolean |
DEPRECATED: Alias for JsonBoolean |
JSONNull |
DEPRECATED: Alias for JsonNull |
JSONNumber |
DEPRECATED: Alias for JsonNumber |
JSONObject |
DEPRECATED: Alias for JsonObject |
JSONParseError |
DEPRECATED: Alias for JsonParseError |
JSONPrimitiveValue |
DEPRECATED: Alias for JsonPrimitiveValue |
JSONString |
DEPRECATED: Alias for JsonString |
JSONValue |
DEPRECATED: Alias for JsonValue |
JSXAttribute |
DEPRECATED: Alias for JsxAttribute |
JSXElement |
DEPRECATED: Alias for JsxElement |
JSXEmptyExpr |
DEPRECATED: Alias for JsxEmptyExpr |
JSXFragment |
DEPRECATED: Alias for JsxFragment |
JSXName |
DEPRECATED: Alias for JsxName |
JSXNode |
DEPRECATED: Alias for JsxNode |
JSXPragma |
DEPRECATED: Alias for JsxPragma |
JSXQualifiedName |
DEPRECATED: Alias for JsxQualifiedName |
JSXSpreadAttribute |
DEPRECATED: Alias for JsxSpreadAttribute |
JavaScriptURL |
DEPRECATED: Alias for JavaScriptUrl |
LabelStmt |
A labeled statement. |
LogicalAndExpr |
A logical ‘and’ expression. |
LogicalNotExpr |
A logical negation expression. |
LogicalOrExpr |
A logical ‘or’ expression. |
Loop |
A loop, that is, a while loop, a do-while loop, a for loop, or a for-in loop. |
ModelInput |
Module containing hooks for providing input data to be interpreted as a model. |
ModelOutput |
Module providing access to the imported models in terms of API graph nodes. |
MultilineComment |
A block comment (which may be a JSDoc comment). |
NPMPackage |
DEPRECATED: Alias for NpmPackage |
NoSQL |
DEPRECATED: Alias for NoSql |
OrBitwiseExpr |
A bitwise ‘or’ expression. |
OrLogicalExpr |
A logical ‘or’ expression. |
PackageJSON |
DEPRECATED: Alias for PackageJson |
ParenthesisExpr |
A parenthesized expression. |
ParenthesizedExpr |
A parenthesized expression. |
PasswordHashingAlgorithm |
A password hashing algorithm such as |
PrettyJSONTaintStep |
DEPRECATED: Alias for PrettyJsonTaintStep |
RFC |
Provides default sources, sinks and sanitizers for reasoning about request forgery, as well as extension points for adding your own. |
RelationalOperation |
A relational comparison using |
RemExpr |
A modulo expression. |
SSA |
DEPRECATED: Alias for Ssa |
SingleLineComment |
A line comment, that is, either an HTML comment or a |
SuperAccess |
A |
SwitchCase |
A |
ThisAccess |
A |
VariableAccess |
An identifier that refers to a variable in a non-declaring position. |
XMLAttribute |
DEPRECATED: Alias for XmlAttribute |
XMLCharacters |
DEPRECATED: Alias for XmlCharacters |
XMLComment |
DEPRECATED: Alias for XmlComment |
XMLDTD |
DEPRECATED: Alias for XmlDtd |
XMLElement |
DEPRECATED: Alias for XmlElement |
XMLFile |
DEPRECATED: Alias for XmlFile |
XMLLocatable |
DEPRECATED: Alias for XmlLocatable |
XMLNamespace |
DEPRECATED: Alias for XmlNamespace |
XMLParent |
DEPRECATED: Alias for XmlParent |
XorBitwiseExpr |
An exclusive ‘or’ expression. |
YAMLAliasNode |
DEPRECATED: Alias for YamlAliasNode |
YAMLBool |
DEPRECATED: Alias for YamlBool |
YAMLCollection |
DEPRECATED: Alias for YamlCollection |
YAMLDocument |
DEPRECATED: Alias for YamlDocument |
YAMLFloat |
DEPRECATED: Alias for YamlFloat |
YAMLInclude |
DEPRECATED: Alias for YamlInclude |
YAMLInteger |
DEPRECATED: Alias for YamlInteger |
YAMLMapping |
DEPRECATED: Alias for YamlMapping |
YAMLMappingLikeNode |
DEPRECATED: Alias for YamlMappingLikeNode |
YAMLMergeKey |
DEPRECATED: Alias for YamlMergeKey |
YAMLNode |
DEPRECATED: Alias for YamlNode |
YAMLNull |
DEPRECATED: Alias for YamlNull |
YAMLParseError |
DEPRECATED: Alias for YamlParseError |
YAMLScalar |
DEPRECATED: Alias for YamlScalar |
YAMLSequence |
DEPRECATED: Alias for YamlSequence |
YAMLString |
DEPRECATED: Alias for YamlString |
YAMLTimestamp |
DEPRECATED: Alias for YamlTimestamp |
YAMLValue |
DEPRECATED: Alias for YamlValue |
isDocumentURL |
DEPRECATED: Alias for isDocumentUrl |
jquery |
Gets a data flow node that may refer to the jQuery |
punycode |
DEPRECATED: Alias for |
querydashstring |
DEPRECATED: Alias for |
querystring |
DEPRECATED: Alias for |
querystringify |
DEPRECATED: Alias for |
uridashjs |
DEPRECATED: Alias for |
urijs |
DEPRECATED: Alias for |
url |
DEPRECATED: Alias for |
urlParse |
DEPRECATED: Alias for |