Module EndpointNaming
Provides predicates for generating names for classes and functions that are part of the public API of a library.
When possible, we try to use the qualified name by which a class/function can be accessed from client code.
However, there are cases where classes and functions can be exposed to client code without being accessible as a qualified name. For example;
// 'Foo' is internal, but clients can call its methods, e.g. `getFoo().m()`
class Foo {
m() {}
}
export function getFoo() {
return new Foo();
}
// Clients can call m() via getObj().m()
export function getObj() {
return {
m() {}
}
}
In these cases, we try to make up human-readable names for the endpoints. We make an effort to make these unambiguous in practice, though this is not always guaranteed.
Import path
import semmle.javascript.endpoints.EndpointNaming
Predicates
aliasDefinition | Holds if |
functionHasPrimaryName | Holds if |
isPrivateLike | Holds if |
nodeReachingSink | Gets a source node that can flow to |
renderName | Converts a |
sinkHasPrimaryName | Holds if |
Modules
Debug | Contains query predicates for emitting debugging information about endpoint naming. |