Merge pull request #20360 from asgerf/js/remove-angularjs-string-special-case

JS: Remove special treatment of strings in AngularJS code
2025-12-16 16:53:25 +01:00 · 2025-09-08 22:48:23 +02:00
parent b5045b3407 4926d278a2
commit 0752dbea9b
3 changed files with 3 additions and 40 deletions
--- a/javascript/ql/lib/semmle/javascript/dataflow/Sources.qll
+++ b/javascript/ql/lib/semmle/javascript/dataflow/Sources.qll
@@ -334,6 +334,7 @@ module SourceNode {
        astNode instanceof Templating::PipeRefExpr or
        astNode instanceof Templating::TemplateVarRefExpr or
        astNode instanceof StringLiteral or
+        astNode instanceof TemplateLiteral or
        astNode instanceof TypeAssertion or
        astNode instanceof SatisfiesExpr
      )
--- a/javascript/ql/lib/semmle/javascript/frameworks/AngularJS/AngularJSCore.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/AngularJS/AngularJSCore.qll
@@ -23,46 +23,6 @@ DataFlow::SourceNode angular() {
  result = DataFlow::moduleImport("angular")
 }

-/**
- * Holds if `tl` appears to be a top-level using the AngularJS library.
- *
- * Should not depend on the `SourceNode` class.
- */
-pragma[nomagic]
-private predicate isAngularTopLevel(TopLevel tl) {
-  exists(Import imprt |
-    imprt.getTopLevel() = tl and
-    imprt.getImportedPathString() = "angular"
-  )
-  or
-  exists(GlobalVarAccess global |
-    global.getName() = "angular" and
-    global.getTopLevel() = tl
-  )
-}
-
-/**
- * Holds if `s` is a string in a top-level using the AngularJS library.
- *
- * Should not depend on the `SourceNode` class.
- */
-pragma[nomagic]
-private predicate isAngularString(Expr s) {
-  isAngularTopLevel(s.getTopLevel()) and
-  (
-    s instanceof StringLiteral or
-    s instanceof TemplateLiteral
-  )
-}
-
-/**
- * String literals in Angular code are often used as identifiers or references, so we
- * want to track them.
- */
-private class TrackStringsInAngularCode extends DataFlow::SourceNode::Range, DataFlow::ValueNode {
-  TrackStringsInAngularCode() { isAngularString(astNode) }
-}
-
 /**
 * Holds if `m` is of the form `angular.module("name", ...)`.
 */
--- a/javascript/ql/test/library-tests/DataFlow/tests.expected
+++ b/javascript/ql/test/library-tests/DataFlow/tests.expected
@@ -1564,8 +1564,10 @@ sources
 | tst.js:50:14:53:3 | () {\\n   ... et`\\n  } |
 | tst.js:50:14:53:3 | return of constructor of class A |
 | tst.js:51:5:51:13 | super(42) |
+| tst.js:57:1:57:9 | `x: ${x}` |
 | tst.js:58:1:58:3 | tag |
 | tst.js:58:1:58:13 | tag `x: ${x}` |
+| tst.js:58:5:58:13 | `x: ${x}` |
 | tst.js:61:1:61:5 | ::o.m |
 | tst.js:61:3:61:5 | o.m |
 | tst.js:62:1:62:4 | o::g |