mirror of
https://github.com/github/codeql.git
synced 2026-05-03 04:39:29 +02:00
Merge remote-tracking branch 'origin/main' into criemen/pytest-swift
This commit is contained in:
Cornelius Riemenschneider
@@ -1,3 +1,2 @@
|
||||
from create_database_utils import *
|
||||
|
||||
run_codeql_database_create([], lang="csharp")
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create()
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
import subprocess
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
import commands
|
||||
|
||||
subprocess.check_call(["dotnet", "build", "test.sln", "/bl:test.binlog"])
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none", "-Obinlog=test.binlog"])
|
||||
check_diagnostics()
|
||||
|
||||
def test(codeql, csharp):
|
||||
commands.run(["dotnet", "build", "test.sln", "/bl:test.binlog"])
|
||||
codeql.database.create(build_mode="none", extractor_option="binlog=test.binlog")
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
from create_database_utils import *
|
||||
import os
|
||||
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_OPTION_TRAP_COMPRESSION"] = "none"
|
||||
|
||||
run_codeql_database_create(['dotnet build /p:DefineConstants=A', 'dotnet build /p:DefineConstants=B'], lang="csharp")
|
||||
def test(codeql, csharp):
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_OPTION_TRAP_COMPRESSION"] = "none"
|
||||
codeql.database.create(
|
||||
command=["dotnet build /p:DefineConstants=A", "dotnet build /p:DefineConstants=B"]
|
||||
)
|
||||
|
||||
@@ -1,3 +1,2 @@
|
||||
from create_database_utils import *
|
||||
|
||||
run_codeql_database_create(['dotnet build'], lang="csharp")
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(command="dotnet build")
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
| Program.cs |
|
||||
| Views/Home/Index.cshtml |
|
||||
| _semmle_code_target_codeql_csharp_integration_tests_ql_csharp_ql_integration_tests_all_platforms_cshtml_standalone_Views_Home_Index_cshtml.g.cs |
|
||||
| _ql_csharp_ql_integration_tests_all_platforms_cshtml_standalone_test_test_Views_Home_Index_cshtml.g.cs |
|
||||
| test-db/working/implicitUsings/GlobalUsings.g.cs |
|
||||
|
||||
@@ -2,15 +2,12 @@ import csharp
|
||||
|
||||
private string getPath(File f) {
|
||||
result = f.getRelativePath() and
|
||||
not exists(
|
||||
result
|
||||
.indexOf("_semmle_code_target_codeql_csharp_integration_tests_ql_csharp_ql_integration_tests_all_platforms_cshtml_standalone_")
|
||||
)
|
||||
not exists(result.indexOf("_ql_csharp_ql_integration_tests_all_platforms_cshtml_standalone_"))
|
||||
or
|
||||
exists(int index |
|
||||
index =
|
||||
f.getRelativePath()
|
||||
.indexOf("_semmle_code_target_codeql_csharp_integration_tests_ql_csharp_ql_integration_tests_all_platforms_cshtml_standalone_") and
|
||||
.indexOf("_ql_csharp_ql_integration_tests_all_platforms_cshtml_standalone_") and
|
||||
result = f.getRelativePath().substring(index, f.getRelativePath().length())
|
||||
)
|
||||
}
|
||||
|
||||
@@ -1,4 +1,2 @@
|
||||
import os
|
||||
from create_database_utils import *
|
||||
|
||||
run_codeql_database_create(lang="csharp", extra_args=["--build-mode=none"])
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
import os
|
||||
from create_database_utils import *
|
||||
|
||||
os.environ['CODEQL_EXTRACTOR_CSHARP_BUILDLESS_EXTRACT_WEB_VIEWS'] = 'false'
|
||||
run_codeql_database_create(lang="csharp", extra_args=["--build-mode=none"])
|
||||
|
||||
def test(codeql, csharp):
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_EXTRACT_WEB_VIEWS"] = "false"
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,4 +1,2 @@
|
||||
import os
|
||||
from create_database_utils import *
|
||||
|
||||
run_codeql_database_create(lang="csharp", extra_args=["--build-mode=none"])
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
| Program.cs |
|
||||
| Views/Home/Index.cshtml |
|
||||
| _semmle_code_target_codeql_csharp_integration_tests_ql_csharp_ql_integration_tests_all_platforms_cshtml_standalone_net6_Views_Home_Index_cshtml.g.cs |
|
||||
| _ql_csharp_ql_integration_tests_all_platforms_cshtml_standalone_net6_test_test_Views_Home_Index_cshtml.g.cs |
|
||||
| test-db/working/implicitUsings/GlobalUsings.g.cs |
|
||||
|
||||
@@ -2,15 +2,12 @@ import csharp
|
||||
|
||||
private string getPath(File f) {
|
||||
result = f.getRelativePath() and
|
||||
not exists(
|
||||
result
|
||||
.indexOf("_semmle_code_target_codeql_csharp_integration_tests_ql_csharp_ql_integration_tests_all_platforms_cshtml_standalone_")
|
||||
)
|
||||
not exists(result.indexOf("_ql_csharp_ql_integration_tests_all_platforms_cshtml_standalone_"))
|
||||
or
|
||||
exists(int index |
|
||||
index =
|
||||
f.getRelativePath()
|
||||
.indexOf("_semmle_code_target_codeql_csharp_integration_tests_ql_csharp_ql_integration_tests_all_platforms_cshtml_standalone_") and
|
||||
.indexOf("_ql_csharp_ql_integration_tests_all_platforms_cshtml_standalone_") and
|
||||
result = f.getRelativePath().substring(index, f.getRelativePath().length())
|
||||
)
|
||||
}
|
||||
|
||||
@@ -1,4 +1,2 @@
|
||||
import os
|
||||
from create_database_utils import *
|
||||
|
||||
run_codeql_database_create(lang="csharp", extra_args=["--build-mode=none"])
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,5 +1,2 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
|
||||
run_codeql_database_create([], db=None, lang="csharp", runFunction=runUnsuccessfully)
|
||||
check_diagnostics()
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(_assert_failure=True)
|
||||
|
||||
@@ -1,5 +1,2 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
|
||||
run_codeql_database_create([], db=None, lang="csharp", runFunction=runUnsuccessfully)
|
||||
check_diagnostics()
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(_assert_failure=True)
|
||||
|
||||
@@ -1,5 +1,2 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
|
||||
run_codeql_database_create([], db=None, lang="csharp", runFunction=runUnsuccessfully)
|
||||
check_diagnostics()
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(_assert_failure=True)
|
||||
|
||||
@@ -1,3 +1,2 @@
|
||||
from create_database_utils import *
|
||||
|
||||
run_codeql_database_create(['dotnet build'], lang="csharp")
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(command="dotnet build")
|
||||
|
||||
@@ -1,16 +1,21 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
|
||||
def check_build_out(msg, s):
|
||||
if "[build-stdout] " + msg not in s:
|
||||
raise Exception("The C# tracer did not interpret the dotnet path-to-application command correctly.")
|
||||
assert (
|
||||
"[build-stdout] " + msg in s
|
||||
), f"The C# tracer did not interpret the dotnet path-to-application command correctly."
|
||||
|
||||
|
||||
def test1(codeql, csharp):
|
||||
codeql.database.create(command="dotnet build")
|
||||
|
||||
run_codeql_database_create(['dotnet build'], test_db="test1-db", lang="csharp")
|
||||
check_diagnostics(test_db="test1-db")
|
||||
|
||||
# This test checks that we don't inject any flags when running the application using `dotnet`
|
||||
my_dir = "my_program"
|
||||
my_abs_path = os.path.abspath(f"{my_dir}/dotnet_build.dll")
|
||||
s = run_codeql_database_create_stdout(['dotnet clean', 'rm -rf test1-db', 'dotnet build -o my_program', f'dotnet {my_abs_path} build is not a subcommand'], "test2-db", "csharp")
|
||||
check_build_out("<arguments>build,is,not,a,subcommand</arguments>", s)
|
||||
check_diagnostics(test_db="test2-db")
|
||||
def test2(codeql, csharp, cwd):
|
||||
s = codeql.database.create(
|
||||
command=[
|
||||
"dotnet build -o my_program",
|
||||
f"dotnet {cwd / 'my_program'}/dotnet_build.dll build is not a subcommand",
|
||||
],
|
||||
_capture="stdout",
|
||||
)
|
||||
|
||||
check_build_out("<arguments>build,is,not,a,subcommand</arguments>", s)
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
|
||||
# the tracer configuration should not inject the extra command-line arguments for these commands
|
||||
# and they should therefore run successfully
|
||||
run_codeql_database_init(lang="csharp")
|
||||
# this command fails on Windows for some reason, so we comment it out for now
|
||||
# run_codeql_database_trace_command(['dotnet', 'tool', 'search', 'publish'])
|
||||
run_codeql_database_trace_command(['dotnet', 'new', 'console', '--force', '--name', 'build', '--output', '.'])
|
||||
def test(codeql, csharp):
|
||||
codeql.database.init("test-db", source_root=".")
|
||||
# the tracer configuration should not inject the extra command-line arguments for these commands
|
||||
# and they should therefore run successfully
|
||||
# this command fails on Windows for some reason, so we comment it out for now
|
||||
# run_codeql_database_trace_command(['dotnet', 'tool', 'search', 'publish'])
|
||||
codeql.database.trace_command(
|
||||
"test-db", "dotnet", "new", "console", "--force", "--name", "build", "--output", "."
|
||||
)
|
||||
|
||||
@@ -1,11 +1,8 @@
|
||||
import os
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
|
||||
run_codeql_database_create(['dotnet pack -o nugetpackage'], db=None, lang="csharp")
|
||||
|
||||
## Check that the NuGet package is created.
|
||||
if not os.path.isfile("nugetpackage/dotnet_pack.1.0.0.nupkg"):
|
||||
raise Exception("The NuGet package was not created.")
|
||||
|
||||
check_diagnostics()
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(command="dotnet pack -o nugetpackage")
|
||||
assert os.path.isfile(
|
||||
"nugetpackage/dotnet_pack.1.0.0.nupkg"
|
||||
), "The NuGet package was not created."
|
||||
|
||||
@@ -1,12 +1,7 @@
|
||||
import os
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
|
||||
artifacts = 'bin/Temp'
|
||||
run_codeql_database_create([f"dotnet publish -o {artifacts}"], db=None, lang="csharp")
|
||||
|
||||
## Check that the publish folder is created.
|
||||
if not os.path.isdir(artifacts):
|
||||
raise Exception("The publish artifact folder was not created.")
|
||||
|
||||
check_diagnostics()
|
||||
def test(codeql, csharp):
|
||||
artifacts = "bin/Temp"
|
||||
codeql.database.create(command=f"dotnet publish -o {artifacts}")
|
||||
assert os.path.isdir(artifacts), "The publish artifact folder was not created."
|
||||
|
||||
@@ -1,57 +1,69 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
|
||||
def check_build_out(msg, s):
|
||||
if "[build-stdout] " + msg not in s:
|
||||
raise Exception("The C# tracer did not interpret the 'dotnet run' command correctly")
|
||||
assert (
|
||||
"[build-stdout] " + msg in s
|
||||
), "The C# tracer did not interpret the 'dotnet run' command correctly"
|
||||
|
||||
|
||||
# no arguments
|
||||
s = run_codeql_database_create_stdout(['dotnet run'], "test-db", "csharp")
|
||||
check_build_out("Default reply", s)
|
||||
check_diagnostics()
|
||||
def test_no_args(codeql, csharp):
|
||||
s = codeql.database.create(command="dotnet run", _capture="stdout")
|
||||
check_build_out("Default reply", s)
|
||||
|
||||
|
||||
# no arguments, but `--`
|
||||
s = run_codeql_database_create_stdout(['dotnet clean', 'rm -rf test-db', 'dotnet run --'], "test2-db", "csharp")
|
||||
check_build_out("Default reply", s)
|
||||
check_diagnostics(test_db="test2-db")
|
||||
def test_no_arg_dash_dash(codeql, csharp):
|
||||
s = codeql.database.create(command="dotnet run --", _capture="stdout")
|
||||
check_build_out("Default reply", s)
|
||||
|
||||
|
||||
# one argument, no `--`
|
||||
s = run_codeql_database_create_stdout(['dotnet clean', 'rm -rf test2-db', 'dotnet run hello'], "test3-db", "csharp")
|
||||
check_build_out("Default reply", s)
|
||||
check_diagnostics(test_db="test3-db")
|
||||
def test_one_arg_no_dash_dash(codeql, csharp):
|
||||
s = codeql.database.create(command="dotnet run hello", _capture="stdout")
|
||||
check_build_out("Default reply", s)
|
||||
|
||||
|
||||
# one argument, but `--`
|
||||
s = run_codeql_database_create_stdout(['dotnet clean', 'rm -rf test3-db', 'dotnet run -- hello'], "test4-db", "csharp")
|
||||
check_build_out("Default reply", s)
|
||||
check_diagnostics(test_db="test4-db")
|
||||
def test_one_arg_dash_dash(codeql, csharp):
|
||||
s = codeql.database.create(command="dotnet run -- hello", _capture="stdout")
|
||||
check_build_out("Default reply", s)
|
||||
|
||||
|
||||
# two arguments, no `--`
|
||||
s = run_codeql_database_create_stdout(['dotnet clean', 'rm -rf test4-db', 'dotnet run hello world'], "test5-db", "csharp")
|
||||
check_build_out("hello, world", s)
|
||||
check_diagnostics(test_db="test5-db")
|
||||
def test_two_args_no_dash_dash(codeql, csharp):
|
||||
s = codeql.database.create(command="dotnet run hello world", _capture="stdout")
|
||||
check_build_out("hello, world", s)
|
||||
|
||||
|
||||
# two arguments, and `--`
|
||||
s = run_codeql_database_create_stdout(['dotnet clean', 'rm -rf test5-db', 'dotnet run -- hello world'], "test6-db", "csharp")
|
||||
check_build_out("hello, world", s)
|
||||
check_diagnostics(test_db="test6-db")
|
||||
def test_two_args_dash_dash(codeql, csharp):
|
||||
s = codeql.database.create(command="dotnet run -- hello world", _capture="stdout")
|
||||
check_build_out("hello, world", s)
|
||||
|
||||
|
||||
# shared compilation enabled; tracer should override by changing the command
|
||||
# to `dotnet run -p:UseSharedCompilation=true -p:UseSharedCompilation=false -- hello world`
|
||||
s = run_codeql_database_create_stdout(['dotnet clean', 'rm -rf test6-db', 'dotnet run -p:UseSharedCompilation=true -- hello world'], "test7-db", "csharp")
|
||||
check_build_out("hello, world", s)
|
||||
check_diagnostics(test_db="test7-db")
|
||||
def test_shared_compilation(codeql, csharp):
|
||||
s = codeql.database.create(
|
||||
command="dotnet run -p:UseSharedCompilation=true -- hello world", _capture="stdout"
|
||||
)
|
||||
check_build_out("hello, world", s)
|
||||
|
||||
|
||||
# option passed into `dotnet run`
|
||||
s = run_codeql_database_create_stdout(['dotnet clean', 'rm -rf test7-db', 'dotnet build', 'dotnet run --no-build hello world'], "test8-db", "csharp")
|
||||
check_build_out("hello, world", s)
|
||||
check_diagnostics(test_db="test8-db")
|
||||
def test_option(codeql, csharp):
|
||||
s = codeql.database.create(
|
||||
command=["dotnet build", "dotnet run --no-build hello world"], _capture="stdout"
|
||||
)
|
||||
check_build_out("hello, world", s)
|
||||
|
||||
|
||||
# two arguments, no '--' (first argument quoted)
|
||||
s = run_codeql_database_create_stdout(['dotnet clean', 'rm -rf test8-db', 'dotnet run "hello world part1" part2'], "test9-db", "csharp")
|
||||
check_build_out("hello world part1, part2", s)
|
||||
check_diagnostics(test_db="test9-db")
|
||||
def test_two_args_no_dash_dash_quote_first(codeql, csharp):
|
||||
s = codeql.database.create(command='dotnet run "hello world" part2', _capture="stdout")
|
||||
check_build_out("hello world, part2", s)
|
||||
|
||||
|
||||
# two arguments, no '--' (second argument quoted) and using dotnet to execute dotnet
|
||||
s = run_codeql_database_create_stdout(['dotnet clean', 'rm -rf test9-db', 'dotnet dotnet run part1 "hello world part2"'], "test10-db", "csharp")
|
||||
check_build_out("part1, hello world part2", s)
|
||||
check_diagnostics(test_db="test10-db")
|
||||
def test_two_args_no_dash_dash_quote_second(codeql, csharp):
|
||||
s = codeql.database.create(command='dotnet dotnet run hello "world part2"', _capture="stdout")
|
||||
check_build_out("hello, world part2", s)
|
||||
|
||||
@@ -1,6 +1,3 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
|
||||
# force CodeQL to use MSBuild by setting `LGTM_INDEX_MSBUILD_TARGET`
|
||||
run_codeql_database_create([], db=None, lang="csharp", extra_env={ 'LGTM_INDEX_MSBUILD_TARGET': 'Build' })
|
||||
check_diagnostics()
|
||||
def test(codeql, csharp):
|
||||
# force CodeQL to use MSBuild by setting `LGTM_INDEX_MSBUILD_TARGET`
|
||||
codeql.database.create(_env={"LGTM_INDEX_MSBUILD_TARGET": "Build"})
|
||||
|
||||
@@ -1,3 +1,2 @@
|
||||
from create_database_utils import *
|
||||
|
||||
run_codeql_database_create(['dotnet build'], lang="csharp")
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(command="dotnet build")
|
||||
|
||||
@@ -1,9 +1,7 @@
|
||||
import os
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
|
||||
os.environ['CODEQL_EXTRACTOR_CSHARP_OPTION_COMPILER_DIAGNOSTIC_LIMIT'] = '2'
|
||||
os.environ['CODEQL_EXTRACTOR_CSHARP_OPTION_MESSAGE_LIMIT'] = '5'
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
|
||||
check_diagnostics()
|
||||
def test(codeql, csharp):
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_OPTION_COMPILER_DIAGNOSTIC_LIMIT"] = "2"
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_OPTION_MESSAGE_LIMIT"] = "5"
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,8 +1,6 @@
|
||||
import os
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
|
||||
os.environ['CODEQL_EXTRACTOR_CSHARP_OPTION_BUILDLESS'] = 'true'
|
||||
run_codeql_database_create([], lang="csharp")
|
||||
|
||||
check_diagnostics()
|
||||
def test(codeql, csharp):
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_OPTION_BUILDLESS"] = "true"
|
||||
codeql.database.create()
|
||||
|
||||
@@ -1,3 +1,2 @@
|
||||
from create_database_utils import *
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,6 +1,2 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
|
||||
run_codeql_database_create([], db=None, lang="csharp", extra_args=["--build-mode=none"], runFunction=runUnsuccessfully)
|
||||
|
||||
check_diagnostics()
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none", _assert_failure=True)
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
import os
|
||||
from create_database_utils import *
|
||||
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_EXTRACT_RESOURCES"] = "true"
|
||||
|
||||
run_codeql_database_create(lang="csharp", extra_args=["--build-mode=none"])
|
||||
def test(codeql, csharp):
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_EXTRACT_RESOURCES"] = "true"
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,3 +1,2 @@
|
||||
from create_database_utils import *
|
||||
|
||||
run_codeql_database_create(lang="csharp", extra_args=["--build-mode=none"])
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
These tests are still run with the legacy test runner
|
||||
@@ -183,25 +183,19 @@
|
||||
| 182 | /warnaserror- |
|
||||
| 183 | /utf8output |
|
||||
| 184 | /deterministic+ |
|
||||
| 185 | /sourcelink:obj/Debug/net8.0/test.sourcelink.json |
|
||||
| 186 | /langversion:12.0 |
|
||||
| 187 | /embed:Program.cs |
|
||||
| 188 | /embed:obj/Debug/net8.0/test.GlobalUsings.g.cs |
|
||||
| 189 | /embed:"obj/Debug/net8.0/.NETCoreApp,Version=v8.0.AssemblyAttributes.cs" |
|
||||
| 190 | /embed:obj/Debug/net8.0/test.AssemblyInfo.cs |
|
||||
| 191 | /analyzerconfig:/home/runner/work/semmle-code/semmle-code/.editorconfig |
|
||||
| 192 | /analyzerconfig:obj/Debug/net8.0/test.GeneratedMSBuildEditorConfig.editorconfig |
|
||||
| 193 | /analyzerconfig:[...]/8.0.101/Sdks/Microsoft.NET.Sdk/analyzers/build/config/analysislevel_8_default.globalconfig |
|
||||
| 194 | /analyzer:[...]/8.0.101/Sdks/Microsoft.NET.Sdk/targets/../analyzers/Microsoft.CodeAnalysis.CSharp.NetAnalyzers.dll |
|
||||
| 195 | /analyzer:[...]/8.0.101/Sdks/Microsoft.NET.Sdk/targets/../analyzers/Microsoft.CodeAnalysis.NetAnalyzers.dll |
|
||||
| 196 | /analyzer:[...]/8.0.1/analyzers/dotnet/cs/Microsoft.Interop.ComInterfaceGenerator.dll |
|
||||
| 197 | /analyzer:[...]/8.0.1/analyzers/dotnet/cs/Microsoft.Interop.JavaScript.JSImportGenerator.dll |
|
||||
| 198 | /analyzer:[...]/8.0.1/analyzers/dotnet/cs/Microsoft.Interop.LibraryImportGenerator.dll |
|
||||
| 199 | /analyzer:[...]/8.0.1/analyzers/dotnet/cs/Microsoft.Interop.SourceGeneration.dll |
|
||||
| 200 | /analyzer:[...]/8.0.1/analyzers/dotnet/cs/System.Text.Json.SourceGeneration.dll |
|
||||
| 201 | /analyzer:[...]/8.0.1/analyzers/dotnet/cs/System.Text.RegularExpressions.Generator.dll |
|
||||
| 202 | Program.cs |
|
||||
| 203 | obj/Debug/net8.0/test.GlobalUsings.g.cs |
|
||||
| 204 | obj/Debug/net8.0/.NETCoreApp,Version=v8.0.AssemblyAttributes.cs |
|
||||
| 205 | obj/Debug/net8.0/test.AssemblyInfo.cs |
|
||||
| 206 | /warnaserror+:NU1605,SYSLIB0011 |
|
||||
| 185 | /langversion:12.0 |
|
||||
| 186 | /analyzerconfig:obj/Debug/net8.0/test.GeneratedMSBuildEditorConfig.editorconfig |
|
||||
| 187 | /analyzerconfig:[...]/8.0.101/Sdks/Microsoft.NET.Sdk/analyzers/build/config/analysislevel_8_default.globalconfig |
|
||||
| 188 | /analyzer:[...]/8.0.101/Sdks/Microsoft.NET.Sdk/targets/../analyzers/Microsoft.CodeAnalysis.CSharp.NetAnalyzers.dll |
|
||||
| 189 | /analyzer:[...]/8.0.101/Sdks/Microsoft.NET.Sdk/targets/../analyzers/Microsoft.CodeAnalysis.NetAnalyzers.dll |
|
||||
| 190 | /analyzer:[...]/8.0.1/analyzers/dotnet/cs/Microsoft.Interop.ComInterfaceGenerator.dll |
|
||||
| 191 | /analyzer:[...]/8.0.1/analyzers/dotnet/cs/Microsoft.Interop.JavaScript.JSImportGenerator.dll |
|
||||
| 192 | /analyzer:[...]/8.0.1/analyzers/dotnet/cs/Microsoft.Interop.LibraryImportGenerator.dll |
|
||||
| 193 | /analyzer:[...]/8.0.1/analyzers/dotnet/cs/Microsoft.Interop.SourceGeneration.dll |
|
||||
| 194 | /analyzer:[...]/8.0.1/analyzers/dotnet/cs/System.Text.Json.SourceGeneration.dll |
|
||||
| 195 | /analyzer:[...]/8.0.1/analyzers/dotnet/cs/System.Text.RegularExpressions.Generator.dll |
|
||||
| 196 | Program.cs |
|
||||
| 197 | obj/Debug/net8.0/test.GlobalUsings.g.cs |
|
||||
| 198 | obj/Debug/net8.0/.NETCoreApp,Version=v8.0.AssemblyAttributes.cs |
|
||||
| 199 | obj/Debug/net8.0/test.AssemblyInfo.cs |
|
||||
| 200 | /warnaserror+:NU1605,SYSLIB0011 |
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
from create_database_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create([], lang="csharp")
|
||||
|
||||
@runs_on.linux
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create()
|
||||
|
||||
@@ -1,8 +1,10 @@
|
||||
from create_database_utils import *
|
||||
import runs_on
|
||||
|
||||
path = b'\xd2abcd.cs'
|
||||
|
||||
with open(path, 'w') as file:
|
||||
file.write('class X { }\n')
|
||||
@runs_on.linux
|
||||
def test(codeql, csharp):
|
||||
path = b"\xd2abcd.cs"
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
with open(path, "w") as file:
|
||||
file.write("class X { }\n")
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create([], db=None, lang="csharp", runFunction=runUnsuccessfully)
|
||||
check_diagnostics()
|
||||
|
||||
@runs_on.posix
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(_assert_failure=True)
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create([], db=None, lang="csharp", runFunction=runUnsuccessfully)
|
||||
check_diagnostics()
|
||||
|
||||
@runs_on.posix
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(_assert_failure=True)
|
||||
|
||||
@@ -1,15 +1,19 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
import runs_on
|
||||
|
||||
# Implicitly build and then run tests.
|
||||
run_codeql_database_create(['dotnet test'], test_db="test-db", lang="csharp")
|
||||
check_diagnostics()
|
||||
|
||||
# Explicitly build and then run tests.
|
||||
run_codeql_database_create(['dotnet clean', 'rm -rf test-db', 'dotnet build -o myout', 'dotnet test myout/dotnet_test.dll'], test_db="test2-db", lang="csharp")
|
||||
check_diagnostics(test_db="test2-db")
|
||||
@runs_on.posix
|
||||
def test_implicit_build_then_run(codeql, csharp):
|
||||
codeql.database.create(command="dotnet test")
|
||||
|
||||
|
||||
@runs_on.posix
|
||||
def test_explicit_build_then_run(codeql, csharp):
|
||||
codeql.database.create(command=["dotnet build -o myout", "dotnet test myout/dotnet_test.dll"])
|
||||
|
||||
|
||||
thisDir = os.path.abspath(os.getcwd())
|
||||
# Explicit build and then run tests using the absolute path.
|
||||
run_codeql_database_create(['dotnet clean', 'rm -rf test2-db', 'dotnet build -o myout', f'dotnet test {thisDir}/myout/dotnet_test.dll'], test_db="test3-db", lang="csharp")
|
||||
check_diagnostics(test_db="test3-db")
|
||||
@runs_on.posix
|
||||
def test_explicit_build_then_run_abs_path(codeql, csharp, cwd):
|
||||
codeql.database.create(
|
||||
command=["dotnet build -o myout", f"dotnet test {cwd}/myout/dotnet_test.dll"]
|
||||
)
|
||||
|
||||
@@ -1,14 +1,19 @@
|
||||
import platform
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
import runs_on
|
||||
|
||||
# Implicitly build and then run tests.
|
||||
run_codeql_database_create(['dotnet test'], test_db="test-db", lang="csharp")
|
||||
check_diagnostics()
|
||||
|
||||
# Fix `dotnet test` picking `x64` on arm-based macOS
|
||||
architecture = '-a arm64' if platform.machine() == 'arm64' else ''
|
||||
@runs_on.posix
|
||||
def test_implicit_build_and_test(codeql, csharp):
|
||||
codeql.database.create(command="dotnet test")
|
||||
|
||||
|
||||
# Explicitly build and then run tests.
|
||||
run_codeql_database_create(['dotnet clean', 'rm -rf test-db', 'dotnet build -o myout --os win', 'dotnet test myout/dotnet_test_mstest.exe ' + architecture], test_db="test2-db", lang="csharp")
|
||||
check_diagnostics(test_db="test2-db")
|
||||
@runs_on.posix
|
||||
def test_explicit_build_and_test(codeql, csharp):
|
||||
# Fix `dotnet test` picking `x64` on arm-based macOS
|
||||
architecture = "-a arm64" if runs_on.arm64 else ""
|
||||
codeql.database.create(
|
||||
command=[
|
||||
"dotnet build -o myout --os win",
|
||||
f"dotnet test myout/dotnet_test_mstest.exe {architecture}",
|
||||
]
|
||||
)
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
import os
|
||||
import runs_on
|
||||
|
||||
os.environ["PROJECT_TO_BUILD"] = "proj.csproj.no_auto"
|
||||
|
||||
run_codeql_database_create([], db=None, lang="csharp")
|
||||
check_diagnostics()
|
||||
@runs_on.posix
|
||||
def test(codeql, csharp):
|
||||
os.environ["PROJECT_TO_BUILD"] = "proj.csproj.no_auto"
|
||||
codeql.database.create()
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
from create_database_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
|
||||
@runs_on.posix
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
from create_database_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
|
||||
@runs_on.posix
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
from create_database_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
|
||||
@runs_on.posix
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
from create_database_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
|
||||
@runs_on.posix
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
Skipping the test on the ARM runners, as we're running into trouble with Mono and nuget.
|
||||
@@ -1,5 +1,12 @@
|
||||
from create_database_utils import *
|
||||
import runs_on
|
||||
import pytest
|
||||
import os
|
||||
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_DOTNET_FRAMEWORK_REFERENCES"] = "/non-existent-path"
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
|
||||
# Skipping the test on the ARM runners, as we're running into trouble with Mono and nuget.
|
||||
@pytest.mark.only_if(runs_on.linux or (runs_on.macos and runs_on.x86_64))
|
||||
def test(codeql, csharp):
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_DOTNET_FRAMEWORK_REFERENCES"] = (
|
||||
"/non-existent-path"
|
||||
)
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
Skipping the test on the ARM runners, as we're running into trouble with Mono and nuget.
|
||||
@@ -1,8 +1,12 @@
|
||||
from create_database_utils import *
|
||||
import os
|
||||
import runs_on
|
||||
import pytest
|
||||
|
||||
# making sure we're not doing any fallback restore:
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_FALLBACK_TIMEOUT"] = "1"
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_FALLBACK_LIMIT"] = "1"
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
# Skipping the test on the ARM runners, as we're running into trouble with Mono and nuget.
|
||||
@pytest.mark.only_if(runs_on.linux or (runs_on.macos and runs_on.x86_64))
|
||||
def test(codeql, csharp):
|
||||
# making sure we're not doing any fallback restore:
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_FALLBACK_TIMEOUT"] = "1"
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_FALLBACK_LIMIT"] = "1"
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
Skipping the test on the ARM runners, as we're running into trouble with Mono and nuget.
|
||||
@@ -1,3 +1,8 @@
|
||||
from create_database_utils import *
|
||||
import runs_on
|
||||
import pytest
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
|
||||
# Skipping the test on the ARM runners, as we're running into trouble with Mono and nuget.
|
||||
@pytest.mark.only_if(runs_on.linux or (runs_on.macos and runs_on.x86_64))
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
from create_database_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
|
||||
@runs_on.posix
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,17 +1,26 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
import os
|
||||
import runs_on
|
||||
|
||||
# os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK"] = "true" # Nuget feed check is enabled by default
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_TIMEOUT"] = "1" # 1ms, the GET request should fail with such short timeout
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_LIMIT"] = "1" # Limit the count of checks to 1
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_EXCLUDED"] = "https://abc.de:8000/packages/" # Exclude this feed from check
|
||||
|
||||
# Making sure the reachability test of `nuget.org` succeeds:
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_FALLBACK_TIMEOUT"] = "1000"
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_FALLBACK_LIMIT"] = "5"
|
||||
# The second feed is ignored in the fallback restore, because of network issues:
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_FALLBACK"] = "https://api.nuget.org/v3/index.json https://abc.def:8000/packages/"
|
||||
@runs_on.posix
|
||||
def test(codeql, csharp):
|
||||
# os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK"] = "true" # Nuget feed check is enabled by default
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_TIMEOUT"] = (
|
||||
"1" # 1ms, the GET request should fail with such short timeout
|
||||
)
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_LIMIT"] = (
|
||||
"1" # Limit the count of checks to 1
|
||||
)
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_EXCLUDED"] = (
|
||||
"https://abc.de:8000/packages/" # Exclude this feed from check
|
||||
)
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
check_diagnostics()
|
||||
# Making sure the reachability test of `nuget.org` succeeds:
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_FALLBACK_TIMEOUT"] = "1000"
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_FALLBACK_LIMIT"] = "5"
|
||||
# The second feed is ignored in the fallback restore, because of network issues:
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_FALLBACK"] = (
|
||||
"https://api.nuget.org/v3/index.json https://abc.def:8000/packages/"
|
||||
)
|
||||
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,14 +1,20 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
import os
|
||||
import runs_on
|
||||
|
||||
# os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK"] = "true" # Nuget feed check is enabled by default
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_TIMEOUT"] = "1" # 1ms, the GET request should fail with such short timeout
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_LIMIT"] = "1" # Limit the count of checks to 1
|
||||
|
||||
# Making sure the reachability test succeeds when doing a fallback restore:
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_FALLBACK_TIMEOUT"] = "1000"
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_FALLBACK_LIMIT"] = "5"
|
||||
@runs_on.posix
|
||||
def test(codeql, csharp):
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
check_diagnostics()
|
||||
# os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK"] = "true" # Nuget feed check is enabled by default
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_TIMEOUT"] = (
|
||||
"1" # 1ms, the GET request should fail with such short timeout
|
||||
)
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_LIMIT"] = (
|
||||
"1" # Limit the count of checks to 1
|
||||
)
|
||||
|
||||
# Making sure the reachability test succeeds when doing a fallback restore:
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_FALLBACK_TIMEOUT"] = "1000"
|
||||
os.environ["CODEQL_EXTRACTOR_CSHARP_BUILDLESS_NUGET_FEEDS_CHECK_FALLBACK_LIMIT"] = "5"
|
||||
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
Skipping the test on the ARM runners, as we're running into trouble with Mono and nuget.
|
||||
@@ -1,3 +1,8 @@
|
||||
from create_database_utils import *
|
||||
import runs_on
|
||||
import pytest
|
||||
|
||||
run_codeql_database_create([], source="proj", lang="csharp", extra_args=["--build-mode=none"])
|
||||
|
||||
# Skipping the test on the ARM runners, as we're running into trouble with Mono and nuget.
|
||||
@pytest.mark.only_if(runs_on.linux or (runs_on.macos and runs_on.x86_64))
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(source_root="proj", build_mode="none")
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
from create_database_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
|
||||
@runs_on.posix
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
import os
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create(["./build.sh"], lang="csharp")
|
||||
|
||||
check_diagnostics()
|
||||
@runs_on.posix
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(command="./build.sh")
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
dependencies:
|
||||
codeql/csharp-all: '*'
|
||||
codeql/csharp-queries: '*'
|
||||
warnOnImplicitThis: true
|
||||
@@ -1,5 +1,6 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create([], db=None, lang="csharp", runFunction=runUnsuccessfully)
|
||||
check_diagnostics()
|
||||
|
||||
@runs_on.windows
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(_assert_failure=True)
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
from create_database_utils import *
|
||||
from diagnostics_test_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create([], db=None, lang="csharp", runFunction=runUnsuccessfully)
|
||||
check_diagnostics()
|
||||
|
||||
@runs_on.windows
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(_assert_failure=True)
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
from create_database_utils import *
|
||||
import runs_on
|
||||
|
||||
run_codeql_database_create([], lang="csharp", extra_args=["--build-mode=none"])
|
||||
|
||||
@runs_on.windows
|
||||
def test(codeql, csharp):
|
||||
codeql.database.create(build_mode="none")
|
||||
|
||||
@@ -3547,7 +3547,19 @@ public class Parser {
|
||||
|
||||
SourceLocation loc = new SourceLocation(this.startLoc);
|
||||
Identifier local = this.parseIdent(this.type == TokenType._default);
|
||||
Identifier exported = this.eatContextual("as") ? this.parseIdent(true) : local;
|
||||
Identifier exported;
|
||||
if (!this.eatContextual("as")) {
|
||||
exported = local;
|
||||
} else {
|
||||
if (this.type == TokenType.string) {
|
||||
// e.g. `export { Foo_new as "Foo::new" }`
|
||||
Expression string = this.parseExprAtom(null);
|
||||
String str = ((Literal)string).getStringValue();
|
||||
exported = this.finishNode(new Identifier(loc, str));
|
||||
} else {
|
||||
exported = this.parseIdent(true);
|
||||
}
|
||||
}
|
||||
checkExport(exports, exported.getName(), exported.getLoc().getStart());
|
||||
nodes.add(this.finishNode(new ExportSpecifier(loc, local, exported)));
|
||||
}
|
||||
@@ -3629,7 +3641,22 @@ public class Parser {
|
||||
|
||||
protected ImportSpecifier parseImportSpecifier() {
|
||||
SourceLocation loc = new SourceLocation(this.startLoc);
|
||||
Identifier imported = this.parseIdent(true), local;
|
||||
Identifier imported, local;
|
||||
|
||||
if (this.type == TokenType.string) {
|
||||
// Arbitrary Module Namespace Identifiers
|
||||
// e.g. `import { "Foo::new" as Foo_new } from "./foo.wasm"`
|
||||
Expression string = this.parseExprAtom(null);
|
||||
String str = ((Literal)string).getStringValue();
|
||||
imported = this.finishNode(new Identifier(loc, str));
|
||||
// only makes sense if there is a local identifier
|
||||
if (!this.isContextual("as")) {
|
||||
this.raiseRecoverable(this.start, "Unexpected string");
|
||||
}
|
||||
} else {
|
||||
imported = this.parseIdent(true);
|
||||
}
|
||||
|
||||
if (this.eatContextual("as")) {
|
||||
local = this.parseIdent(false);
|
||||
} else {
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
import { "foo" } from "foo"; // syntax-error, but it shouldn't crash the extractor
|
||||
@@ -0,0 +1,143 @@
|
||||
#10000=@"/arbitaryModuleSpecifier.js;sourcefile"
|
||||
files(#10000,"/arbitaryModuleSpecifier.js")
|
||||
#10001=@"/;folder"
|
||||
folders(#10001,"/")
|
||||
containerparent(#10001,#10000)
|
||||
#10002=@"loc,{#10000},0,0,0,0"
|
||||
locations_default(#10002,#10000,0,0,0,0)
|
||||
hasLocation(#10000,#10002)
|
||||
#20000=@"global_scope"
|
||||
scopes(#20000,0)
|
||||
#20001=@"script;{#10000},1,1"
|
||||
#20002=*
|
||||
comments(#20002,0,#20001," syntax-error, but it shouldn't crash the extractor","// synt ... tractor")
|
||||
#20003=@"loc,{#10000},1,30,1,82"
|
||||
locations_default(#20003,#10000,1,30,1,82)
|
||||
hasLocation(#20002,#20003)
|
||||
#20004=*
|
||||
lines(#20004,#20001,"import { ""foo"" } from ""foo""; // syntax-error, but it shouldn't crash the extractor","
|
||||
")
|
||||
#20005=@"loc,{#10000},1,1,1,82"
|
||||
locations_default(#20005,#10000,1,1,1,82)
|
||||
hasLocation(#20004,#20005)
|
||||
numlines(#20001,1,1,1)
|
||||
#20006=*
|
||||
tokeninfo(#20006,7,#20001,0,"import")
|
||||
#20007=@"loc,{#10000},1,1,1,6"
|
||||
locations_default(#20007,#10000,1,1,1,6)
|
||||
hasLocation(#20006,#20007)
|
||||
#20008=*
|
||||
tokeninfo(#20008,8,#20001,1,"{")
|
||||
#20009=@"loc,{#10000},1,8,1,8"
|
||||
locations_default(#20009,#10000,1,8,1,8)
|
||||
hasLocation(#20008,#20009)
|
||||
#20010=*
|
||||
tokeninfo(#20010,4,#20001,2,"""foo""")
|
||||
#20011=@"loc,{#10000},1,10,1,14"
|
||||
locations_default(#20011,#10000,1,10,1,14)
|
||||
hasLocation(#20010,#20011)
|
||||
#20012=*
|
||||
tokeninfo(#20012,8,#20001,3,"}")
|
||||
#20013=@"loc,{#10000},1,16,1,16"
|
||||
locations_default(#20013,#10000,1,16,1,16)
|
||||
hasLocation(#20012,#20013)
|
||||
#20014=*
|
||||
tokeninfo(#20014,6,#20001,4,"from")
|
||||
#20015=@"loc,{#10000},1,18,1,21"
|
||||
locations_default(#20015,#10000,1,18,1,21)
|
||||
hasLocation(#20014,#20015)
|
||||
#20016=*
|
||||
tokeninfo(#20016,4,#20001,5,"""foo""")
|
||||
#20017=@"loc,{#10000},1,23,1,27"
|
||||
locations_default(#20017,#10000,1,23,1,27)
|
||||
hasLocation(#20016,#20017)
|
||||
#20018=*
|
||||
tokeninfo(#20018,8,#20001,6,";")
|
||||
#20019=@"loc,{#10000},1,28,1,28"
|
||||
locations_default(#20019,#10000,1,28,1,28)
|
||||
hasLocation(#20018,#20019)
|
||||
#20020=*
|
||||
tokeninfo(#20020,0,#20001,7,"")
|
||||
#20021=@"loc,{#10000},2,1,2,0"
|
||||
locations_default(#20021,#10000,2,1,2,0)
|
||||
hasLocation(#20020,#20021)
|
||||
next_token(#20002,#20020)
|
||||
toplevels(#20001,0)
|
||||
#20022=@"loc,{#10000},1,1,2,0"
|
||||
locations_default(#20022,#10000,1,1,2,0)
|
||||
hasLocation(#20001,#20022)
|
||||
#20023=@"module;{#10000},1,1"
|
||||
scopes(#20023,3)
|
||||
scopenodes(#20001,#20023)
|
||||
scopenesting(#20023,#20000)
|
||||
is_module(#20001)
|
||||
is_es2015_module(#20001)
|
||||
#20024=@"var;{foo};{#20023}"
|
||||
variables(#20024,"foo",#20023)
|
||||
#20025=@"local_type_name;{foo};{#20023}"
|
||||
local_type_names(#20025,"foo",#20023)
|
||||
#20026=@"local_namespace_name;{foo};{#20023}"
|
||||
local_namespace_names(#20026,"foo",#20023)
|
||||
variables(#20024,"foo",#20023)
|
||||
local_type_names(#20025,"foo",#20023)
|
||||
local_namespace_names(#20026,"foo",#20023)
|
||||
#20027=*
|
||||
stmts(#20027,27,#20001,0,"import ... ""foo"";")
|
||||
#20028=@"loc,{#10000},1,1,1,28"
|
||||
locations_default(#20028,#10000,1,1,1,28)
|
||||
hasLocation(#20027,#20028)
|
||||
stmt_containers(#20027,#20001)
|
||||
#20029=*
|
||||
exprs(#20029,4,#20027,-1,"""foo""")
|
||||
hasLocation(#20029,#20017)
|
||||
enclosing_stmt(#20029,#20027)
|
||||
expr_containers(#20029,#20001)
|
||||
literals("foo","""foo""",#20029)
|
||||
#20030=*
|
||||
regexpterm(#20030,14,#20029,0,"foo")
|
||||
#20031=@"loc,{#10000},1,24,1,26"
|
||||
locations_default(#20031,#10000,1,24,1,26)
|
||||
hasLocation(#20030,#20031)
|
||||
regexp_const_value(#20030,"foo")
|
||||
#20032=*
|
||||
exprs(#20032,83,#20027,0,"""foo""")
|
||||
hasLocation(#20032,#20011)
|
||||
enclosing_stmt(#20032,#20027)
|
||||
expr_containers(#20032,#20001)
|
||||
#20033=*
|
||||
exprs(#20033,0,#20032,0,"""foo""")
|
||||
hasLocation(#20033,#20011)
|
||||
enclosing_stmt(#20033,#20027)
|
||||
expr_containers(#20033,#20001)
|
||||
literals("foo","foo",#20033)
|
||||
#20034=*
|
||||
exprs(#20034,78,#20032,1,"""foo""")
|
||||
hasLocation(#20034,#20011)
|
||||
enclosing_stmt(#20034,#20027)
|
||||
expr_containers(#20034,#20001)
|
||||
literals("foo","foo",#20034)
|
||||
decl(#20034,#20024)
|
||||
typedecl(#20034,#20025)
|
||||
namespacedecl(#20034,#20026)
|
||||
#20035=*
|
||||
entry_cfg_node(#20035,#20001)
|
||||
#20036=@"loc,{#10000},1,1,1,0"
|
||||
locations_default(#20036,#10000,1,1,1,0)
|
||||
hasLocation(#20035,#20036)
|
||||
#20037=*
|
||||
exit_cfg_node(#20037,#20001)
|
||||
hasLocation(#20037,#20021)
|
||||
successor(#20027,#20037)
|
||||
successor(#20032,#20027)
|
||||
successor(#20035,#20032)
|
||||
#20038=*
|
||||
js_parse_errors(#20038,#20001,"Error: Unexpected string","import { ""foo"" } from ""foo""; // syntax-error, but it shouldn't crash the extractor
|
||||
")
|
||||
hasLocation(#20038,#20013)
|
||||
#20039=*
|
||||
lines(#20039,#20001,"import { ""foo"" } from ""foo""; // syntax-error, but it shouldn't crash the extractor","
|
||||
")
|
||||
hasLocation(#20039,#20005)
|
||||
numlines(#20001,1,0,0)
|
||||
numlines(#10000,1,1,1)
|
||||
filetype(#10000,"javascript")
|
||||
@@ -12,7 +12,7 @@ import javascript
|
||||
abstract class CredentialsNode extends DataFlow::Node {
|
||||
/**
|
||||
* Gets a description of the kind of credential this expression is used as,
|
||||
* such as `"user name"`, `"password"`, `"key"`.
|
||||
* such as `"user name"`, `"password"`, `"key"`, `"jwt key"`.
|
||||
*/
|
||||
abstract string getCredentialsKind();
|
||||
}
|
||||
|
||||
@@ -40,11 +40,111 @@ private module JsonWebToken {
|
||||
}
|
||||
|
||||
/**
|
||||
* The private key for a JWT as a `CredentialsNode`.
|
||||
* The secret or PrivateKey for a JWT as a `CredentialsNode`.
|
||||
*/
|
||||
private class JwtKey extends CredentialsNode {
|
||||
JwtKey() { this = DataFlow::moduleMember("jsonwebtoken", "sign").getACall().getArgument(1) }
|
||||
JwtKey() {
|
||||
this =
|
||||
API::moduleImport("jsonwebtoken").getMember(["sign", "verify"]).getParameter(1).asSink()
|
||||
}
|
||||
|
||||
override string getCredentialsKind() { result = "key" }
|
||||
override string getCredentialsKind() { result = "jwt key" }
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Provides classes and predicates modeling the `jose` library.
|
||||
*/
|
||||
private module Jose {
|
||||
/**
|
||||
* The asymmetric key or symmetric secret for verifying a JWT as a `CredentialsNode`.
|
||||
*/
|
||||
private class JwtVerifyKey extends CredentialsNode {
|
||||
JwtVerifyKey() {
|
||||
this = API::moduleImport("jose").getMember("jwtVerify").getParameter(1).asSink()
|
||||
}
|
||||
|
||||
override string getCredentialsKind() { result = "jwt key" }
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Provides classes and predicates modeling the `jwt-simple` library.
|
||||
*/
|
||||
private module JwtSimple {
|
||||
/**
|
||||
* The asymmetric key or symmetric secret for a JWT as a `CredentialsNode`.
|
||||
*/
|
||||
private class JwtKey extends CredentialsNode {
|
||||
JwtKey() { this = API::moduleImport("jwt-simple").getMember("decode").getParameter(1).asSink() }
|
||||
|
||||
override string getCredentialsKind() { result = "jwt key" }
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Provides classes and predicates modeling the `koa-jwt` library.
|
||||
*/
|
||||
private module KoaJwt {
|
||||
/**
|
||||
* The shared secret for a JWT as a `CredentialsNode`.
|
||||
*/
|
||||
private class SharedSecret extends CredentialsNode {
|
||||
SharedSecret() {
|
||||
this = API::moduleImport("koa-jwt").getParameter(0).getMember("secret").asSink()
|
||||
}
|
||||
|
||||
override string getCredentialsKind() { result = "jwt key" }
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Provides classes and predicates modeling the `express-jwt` library.
|
||||
*/
|
||||
private module ExpressJwt {
|
||||
/**
|
||||
* The shared secret for a JWT as a `CredentialsNode`.
|
||||
*/
|
||||
private class SharedSecret extends CredentialsNode {
|
||||
SharedSecret() {
|
||||
this =
|
||||
API::moduleImport("express-jwt")
|
||||
.getMember("expressjwt")
|
||||
.getParameter(0)
|
||||
.getMember("secret")
|
||||
.asSink()
|
||||
}
|
||||
|
||||
override string getCredentialsKind() { result = "jwt key" }
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Provides classes and predicates modeling the `passport-jwt` library.
|
||||
*/
|
||||
private module PassportJwt {
|
||||
/**
|
||||
* The secret (symmetric) or PEM-encoded public key (asymmetric) for a JWT as a `CredentialsNode`.
|
||||
*/
|
||||
private class JwtKey extends CredentialsNode {
|
||||
JwtKey() {
|
||||
this =
|
||||
API::moduleImport("passport-jwt")
|
||||
.getMember("Strategy")
|
||||
.getParameter(0)
|
||||
.getMember("secretOrKey")
|
||||
.asSink()
|
||||
or
|
||||
this =
|
||||
API::moduleImport("passport-jwt")
|
||||
.getMember("Strategy")
|
||||
.getParameter(0)
|
||||
.getMember("secretOrKeyProvider")
|
||||
.getParameter(2)
|
||||
.getParameter(1)
|
||||
.asSink()
|
||||
}
|
||||
|
||||
override string getCredentialsKind() { result = "jwt key" }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -255,4 +255,20 @@ module NextJS {
|
||||
.getMember("router")
|
||||
.asSource()
|
||||
}
|
||||
|
||||
/**
|
||||
* Provides classes and predicates modeling the `next-auth` library.
|
||||
*/
|
||||
private module NextAuth {
|
||||
/**
|
||||
* A random string used to hash tokens, sign cookies and generate cryptographic keys as a `CredentialsNode`.
|
||||
*/
|
||||
private class SecretKey extends CredentialsNode {
|
||||
SecretKey() {
|
||||
this = API::moduleImport("next-auth").getParameter(0).getMember("secret").asSink()
|
||||
}
|
||||
|
||||
override string getCredentialsKind() { result = "jwt key" }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* own.
|
||||
*/
|
||||
|
||||
import semmle.javascript.filters.ClassifyFiles
|
||||
import javascript
|
||||
private import semmle.javascript.security.SensitiveActions
|
||||
|
||||
@@ -38,5 +39,9 @@ module HardcodedCredentials {
|
||||
*/
|
||||
class DefaultCredentialsSink extends Sink instanceof CredentialsNode {
|
||||
override string getKind() { result = super.getCredentialsKind() }
|
||||
|
||||
DefaultCredentialsSink() {
|
||||
not (super.getCredentialsKind() = "jwt key" and isTestFile(this.getFile()))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -35,5 +35,43 @@ class Configuration extends DataFlow::Configuration {
|
||||
trg = bufferFrom and
|
||||
src = bufferFrom.getArgument(0)
|
||||
)
|
||||
or
|
||||
exists(API::Node n |
|
||||
n = API::moduleImport("jose").getMember(["importSPKI", "importPKCS8", "importX509"])
|
||||
|
|
||||
src = n.getACall().getArgument(0) and
|
||||
trg = n.getReturn().getPromised().asSource()
|
||||
)
|
||||
or
|
||||
exists(API::Node n |
|
||||
n = API::moduleImport("jose").getMember(["importSPKI", "importPKCS8", "importX509"])
|
||||
|
|
||||
src = n.getACall().getArgument(0) and
|
||||
trg = n.getReturn().getPromised().asSource()
|
||||
)
|
||||
or
|
||||
exists(API::Node n | n = API::moduleImport("jose").getMember("importJWK") |
|
||||
src = n.getParameter(0).getMember(["x", "y", "n"]).asSink() and
|
||||
trg = n.getReturn().getPromised().asSource()
|
||||
)
|
||||
or
|
||||
exists(DataFlow::CallNode n |
|
||||
n = DataFlow::globalVarRef("TextEncoder").getAnInstantiation().getAMemberCall("encode")
|
||||
|
|
||||
src = n.getArgument(0) and
|
||||
trg = n
|
||||
)
|
||||
or
|
||||
exists(DataFlow::CallNode n | n = DataFlow::globalVarRef("Buffer").getAMemberCall("from") |
|
||||
src = n.getArgument(0) and
|
||||
trg = [n, n.getAChainedMethodCall(["toString", "toJSON"])]
|
||||
)
|
||||
or
|
||||
exists(API::Node n |
|
||||
n = API::moduleImport("jose").getMember("base64url").getMember(["decode", "encode"])
|
||||
|
|
||||
src = n.getACall().getArgument(0) and
|
||||
trg = n.getACall()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
import { "Foo::new" as Foo_new } from "./foo.wasm"
|
||||
|
||||
const foo = Foo_new()
|
||||
|
||||
export { Foo_new as "Foo::new" }
|
||||
@@ -3,6 +3,7 @@ test_BulkReExportDeclarations
|
||||
test_ExportDeclarations
|
||||
| a.js:1:1:3:1 | export ... n 23;\\n} |
|
||||
| a.js:5:1:5:32 | export ... } = o; |
|
||||
| arbitarySpecifier.js:5:1:5:32 | export ... :new" } |
|
||||
| b.js:5:1:5:18 | export { f as g }; |
|
||||
| b.js:7:1:7:21 | export ... './a'; |
|
||||
| d.js:4:1:4:20 | export * from 'm/c'; |
|
||||
@@ -18,6 +19,7 @@ test_ExportDefaultDeclarations
|
||||
| a.js:1:1:3:1 | export ... n 23;\\n} |
|
||||
| es2015_require.js:3:1:3:25 | export ... ss C {} |
|
||||
test_ExportSpecifiers
|
||||
| arbitarySpecifier.js:5:10:5:30 | Foo_new ... o::new" | arbitarySpecifier.js:5:10:5:16 | Foo_new | arbitarySpecifier.js:5:10:5:30 | Foo_new ... o::new" |
|
||||
| b.js:5:10:5:15 | f as g | b.js:5:10:5:10 | f | b.js:5:15:5:15 | g |
|
||||
| e.js:2:10:2:10 | x | e.js:2:10:2:10 | x | e.js:2:10:2:10 | x |
|
||||
| e.js:2:13:2:13 | y | e.js:2:13:2:13 | y | e.js:2:13:2:13 | y |
|
||||
@@ -41,6 +43,7 @@ test_ImportNamespaceSpecifier
|
||||
| exports.js:1:8:1:17 | * as dummy |
|
||||
| m/c.js:1:8:1:13 | * as b |
|
||||
test_ImportSpecifiers
|
||||
| arbitarySpecifier.js:1:10:1:30 | "Foo::n ... Foo_new | arbitarySpecifier.js:1:24:1:30 | Foo_new |
|
||||
| b.js:1:8:1:8 | f | b.js:1:8:1:8 | f |
|
||||
| d.js:1:10:1:21 | default as g | d.js:1:21:1:21 | g |
|
||||
| d.js:1:24:1:29 | x as y | d.js:1:29:1:29 | y |
|
||||
@@ -55,6 +58,7 @@ test_ImportSpecifiers
|
||||
| tst.html:5:10:5:10 | f | tst.html:5:10:5:10 | f |
|
||||
| unresolved.js:1:8:1:8 | f | unresolved.js:1:8:1:8 | f |
|
||||
test_Imports
|
||||
| arbitarySpecifier.js:1:1:1:50 | import ... o.wasm" | arbitarySpecifier.js:1:39:1:50 | "./foo.wasm" | 1 |
|
||||
| b.js:1:1:1:20 | import f from './a'; | b.js:1:15:1:19 | './a' | 1 |
|
||||
| d.js:1:1:1:43 | import ... './a'; | d.js:1:38:1:42 | './a' | 2 |
|
||||
| d.js:2:1:2:13 | import './b'; | d.js:2:8:2:12 | './b' | 0 |
|
||||
@@ -72,6 +76,7 @@ test_Module_exports
|
||||
| a.js:1:1:5:32 | <toplevel> | default | a.js:1:16:3:1 | functio ... n 23;\\n} |
|
||||
| a.js:1:1:5:32 | <toplevel> | x | a.js:5:18:5:20 | f() |
|
||||
| a.js:1:1:5:32 | <toplevel> | y | a.js:5:25:5:25 | y |
|
||||
| arbitarySpecifier.js:1:1:5:32 | <toplevel> | Foo::new | arbitarySpecifier.js:5:10:5:16 | Foo_new |
|
||||
| b.js:1:1:8:0 | <toplevel> | f2 | a.js:1:16:3:1 | functio ... n 23;\\n} |
|
||||
| b.js:1:1:8:0 | <toplevel> | g | b.js:5:10:5:10 | f |
|
||||
| e.js:1:1:4:0 | <toplevel> | g | a.js:1:16:3:1 | functio ... n 23;\\n} |
|
||||
@@ -84,6 +89,7 @@ test_Module_exports
|
||||
| reExportNamespace.js:1:1:2:0 | <toplevel> | ns | reExportNamespace.js:1:8:1:14 | * as ns |
|
||||
| tst.html:4:23:8:0 | <toplevel> | y | tst.html:7:20:7:21 | 42 |
|
||||
test_NamedImportSpecifier
|
||||
| arbitarySpecifier.js:1:10:1:30 | "Foo::n ... Foo_new |
|
||||
| d.js:1:10:1:21 | default as g |
|
||||
| d.js:1:24:1:29 | x as y |
|
||||
| g.ts:1:9:1:11 | foo |
|
||||
@@ -111,6 +117,7 @@ test_getAnImportedModule
|
||||
| library-tests/Modules/m/c.js | library-tests/Modules/b.js |
|
||||
| library-tests/Modules/reExportNamespaceClient.js | library-tests/Modules/reExportNamespace.js |
|
||||
test_getExportedName
|
||||
| arbitarySpecifier.js:5:10:5:30 | Foo_new ... o::new" | Foo::new |
|
||||
| b.js:5:10:5:15 | f as g | g |
|
||||
| b.js:7:8:7:9 | f2 | f2 |
|
||||
| e.js:2:10:2:10 | x | x |
|
||||
@@ -119,6 +126,7 @@ test_getExportedName
|
||||
| m/c.js:5:10:5:15 | g as h | h |
|
||||
| reExportNamespace.js:1:8:1:14 | * as ns | ns |
|
||||
test_getImportedName
|
||||
| arbitarySpecifier.js:1:10:1:30 | "Foo::n ... Foo_new | Foo::new |
|
||||
| b.js:1:8:1:8 | f | default |
|
||||
| d.js:1:10:1:21 | default as g | default |
|
||||
| d.js:1:24:1:29 | x as y | x |
|
||||
@@ -131,6 +139,7 @@ test_getImportedName
|
||||
| tst.html:5:10:5:10 | f | default |
|
||||
| unresolved.js:1:8:1:8 | f | default |
|
||||
test_getLocalName
|
||||
| arbitarySpecifier.js:5:10:5:30 | Foo_new ... o::new" | Foo_new |
|
||||
| b.js:5:10:5:15 | f as g | f |
|
||||
| b.js:7:8:7:9 | f2 | default |
|
||||
| e.js:2:10:2:10 | x | x |
|
||||
@@ -141,6 +150,7 @@ test_getSourceNode
|
||||
| a.js:1:1:3:1 | export ... n 23;\\n} | default | a.js:1:16:3:1 | functio ... n 23;\\n} |
|
||||
| a.js:5:1:5:32 | export ... } = o; | x | a.js:5:18:5:20 | f() |
|
||||
| a.js:5:1:5:32 | export ... } = o; | y | a.js:5:25:5:25 | y |
|
||||
| arbitarySpecifier.js:5:1:5:32 | export ... :new" } | Foo::new | arbitarySpecifier.js:5:10:5:16 | Foo_new |
|
||||
| b.js:5:1:5:18 | export { f as g }; | g | b.js:5:10:5:10 | f |
|
||||
| b.js:7:1:7:21 | export ... './a'; | f2 | a.js:1:16:3:1 | functio ... n 23;\\n} |
|
||||
| e.js:2:1:2:16 | export { x, y }; | x | e.js:2:10:2:10 | x |
|
||||
|
||||
@@ -213,6 +213,11 @@ nodes
|
||||
| HardcodedCredentials.js:245:22:245:44 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:246:42:246:51 | privateKey |
|
||||
| HardcodedCredentials.js:246:42:246:51 | privateKey |
|
||||
| HardcodedCredentials.js:248:9:248:42 | publicKey |
|
||||
| HardcodedCredentials.js:248:21:248:42 | "myHard ... licKey" |
|
||||
| HardcodedCredentials.js:248:21:248:42 | "myHard ... licKey" |
|
||||
| HardcodedCredentials.js:249:23:249:31 | publicKey |
|
||||
| HardcodedCredentials.js:249:23:249:31 | publicKey |
|
||||
| HardcodedCredentials.js:260:30:260:40 | `Basic foo` |
|
||||
| HardcodedCredentials.js:260:30:260:40 | `Basic foo` |
|
||||
| HardcodedCredentials.js:260:30:260:40 | `Basic foo` |
|
||||
@@ -283,6 +288,62 @@ nodes
|
||||
| HardcodedCredentials.js:302:44:302:69 | 'iubfew ... ybgera' |
|
||||
| HardcodedCredentials.js:302:44:302:69 | 'iubfew ... ybgera' |
|
||||
| HardcodedCredentials.js:302:44:302:69 | 'iubfew ... ybgera' |
|
||||
| HardcodedCredentials.js:308:9:308:44 | privateKey |
|
||||
| HardcodedCredentials.js:308:22:308:44 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:308:22:308:44 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:309:34:309:43 | privateKey |
|
||||
| HardcodedCredentials.js:309:34:309:43 | privateKey |
|
||||
| HardcodedCredentials.js:316:9:316:44 | privateKey |
|
||||
| HardcodedCredentials.js:316:22:316:44 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:316:22:316:44 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:317:27:317:62 | new Tex ... ateKey) |
|
||||
| HardcodedCredentials.js:317:27:317:62 | new Tex ... ateKey) |
|
||||
| HardcodedCredentials.js:317:52:317:61 | privateKey |
|
||||
| HardcodedCredentials.js:319:11:321:29 | spki |
|
||||
| HardcodedCredentials.js:319:18:321:29 | `-----B ... Y-----` |
|
||||
| HardcodedCredentials.js:319:18:321:29 | `-----B ... Y-----` |
|
||||
| HardcodedCredentials.js:322:9:322:56 | publicKey |
|
||||
| HardcodedCredentials.js:322:21:322:56 | await j ... RS256') |
|
||||
| HardcodedCredentials.js:322:43:322:46 | spki |
|
||||
| HardcodedCredentials.js:323:27:323:35 | publicKey |
|
||||
| HardcodedCredentials.js:323:27:323:35 | publicKey |
|
||||
| HardcodedCredentials.js:328:12:328:55 | 'whYOFK ... -6f...' |
|
||||
| HardcodedCredentials.js:328:12:328:55 | 'whYOFK ... -6f...' |
|
||||
| HardcodedCredentials.js:331:5:331:46 | publicKey |
|
||||
| HardcodedCredentials.js:331:17:331:46 | await j ... k, alg) |
|
||||
| HardcodedCredentials.js:335:31:335:39 | publicKey |
|
||||
| HardcodedCredentials.js:335:31:335:39 | publicKey |
|
||||
| HardcodedCredentials.js:344:9:344:43 | secretKey |
|
||||
| HardcodedCredentials.js:344:21:344:43 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:344:21:344:43 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:349:21:349:29 | secretKey |
|
||||
| HardcodedCredentials.js:349:21:349:29 | secretKey |
|
||||
| HardcodedCredentials.js:360:21:360:52 | Buffer. ... ase64") |
|
||||
| HardcodedCredentials.js:360:21:360:52 | Buffer. ... ase64") |
|
||||
| HardcodedCredentials.js:360:33:360:41 | secretKey |
|
||||
| HardcodedCredentials.js:375:9:375:43 | secretKey |
|
||||
| HardcodedCredentials.js:375:21:375:43 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:375:21:375:43 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:378:24:378:32 | secretKey |
|
||||
| HardcodedCredentials.js:378:24:378:32 | secretKey |
|
||||
| HardcodedCredentials.js:385:31:385:39 | secretKey |
|
||||
| HardcodedCredentials.js:385:31:385:39 | secretKey |
|
||||
| HardcodedCredentials.js:396:9:396:43 | secretKey |
|
||||
| HardcodedCredentials.js:396:21:396:43 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:396:21:396:43 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:399:17:399:25 | secretKey |
|
||||
| HardcodedCredentials.js:399:17:399:25 | secretKey |
|
||||
| HardcodedCredentials.js:414:9:414:43 | secretKey |
|
||||
| HardcodedCredentials.js:414:21:414:43 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:414:21:414:43 | "myHard ... ateKey" |
|
||||
| HardcodedCredentials.js:416:27:416:35 | secretKey |
|
||||
| HardcodedCredentials.js:416:27:416:35 | secretKey |
|
||||
| __tests__/HardcodedCredentialsDemo.js:5:15:5:22 | 'dbuser' |
|
||||
| __tests__/HardcodedCredentialsDemo.js:5:15:5:22 | 'dbuser' |
|
||||
| __tests__/HardcodedCredentialsDemo.js:5:15:5:22 | 'dbuser' |
|
||||
| __tests__/HardcodedCredentialsDemo.js:8:19:8:28 | 'hgfedcba' |
|
||||
| __tests__/HardcodedCredentialsDemo.js:8:19:8:28 | 'hgfedcba' |
|
||||
| __tests__/HardcodedCredentialsDemo.js:8:19:8:28 | 'hgfedcba' |
|
||||
edges
|
||||
| HardcodedCredentials.js:5:15:5:22 | 'dbuser' | HardcodedCredentials.js:5:15:5:22 | 'dbuser' |
|
||||
| HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' | HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' |
|
||||
@@ -384,10 +445,15 @@ edges
|
||||
| HardcodedCredentials.js:237:35:237:91 | Buffer. ... ase64') | HardcodedCredentials.js:237:24:237:91 | 'Basic ... ase64') |
|
||||
| HardcodedCredentials.js:237:47:237:54 | username | HardcodedCredentials.js:237:47:237:71 | usernam ... assword |
|
||||
| HardcodedCredentials.js:237:47:237:71 | usernam ... assword | HardcodedCredentials.js:237:35:237:72 | Buffer. ... ssword) |
|
||||
| HardcodedCredentials.js:237:47:237:71 | usernam ... assword | HardcodedCredentials.js:237:35:237:91 | Buffer. ... ase64') |
|
||||
| HardcodedCredentials.js:245:9:245:44 | privateKey | HardcodedCredentials.js:246:42:246:51 | privateKey |
|
||||
| HardcodedCredentials.js:245:9:245:44 | privateKey | HardcodedCredentials.js:246:42:246:51 | privateKey |
|
||||
| HardcodedCredentials.js:245:22:245:44 | "myHard ... ateKey" | HardcodedCredentials.js:245:9:245:44 | privateKey |
|
||||
| HardcodedCredentials.js:245:22:245:44 | "myHard ... ateKey" | HardcodedCredentials.js:245:9:245:44 | privateKey |
|
||||
| HardcodedCredentials.js:248:9:248:42 | publicKey | HardcodedCredentials.js:249:23:249:31 | publicKey |
|
||||
| HardcodedCredentials.js:248:9:248:42 | publicKey | HardcodedCredentials.js:249:23:249:31 | publicKey |
|
||||
| HardcodedCredentials.js:248:21:248:42 | "myHard ... licKey" | HardcodedCredentials.js:248:9:248:42 | publicKey |
|
||||
| HardcodedCredentials.js:248:21:248:42 | "myHard ... licKey" | HardcodedCredentials.js:248:9:248:42 | publicKey |
|
||||
| HardcodedCredentials.js:260:30:260:40 | `Basic foo` | HardcodedCredentials.js:260:30:260:40 | `Basic foo` |
|
||||
| HardcodedCredentials.js:268:33:268:56 | foo ? ' ... 'OAuth' | HardcodedCredentials.js:268:30:268:73 | `${foo ... Token}` |
|
||||
| HardcodedCredentials.js:268:33:268:56 | foo ? ' ... 'OAuth' | HardcodedCredentials.js:268:30:268:73 | `${foo ... Token}` |
|
||||
@@ -415,6 +481,50 @@ edges
|
||||
| HardcodedCredentials.js:300:44:300:56 | 'SampleToken' | HardcodedCredentials.js:300:44:300:56 | 'SampleToken' |
|
||||
| HardcodedCredentials.js:301:44:301:55 | 'MyPassword' | HardcodedCredentials.js:301:44:301:55 | 'MyPassword' |
|
||||
| HardcodedCredentials.js:302:44:302:69 | 'iubfew ... ybgera' | HardcodedCredentials.js:302:44:302:69 | 'iubfew ... ybgera' |
|
||||
| HardcodedCredentials.js:308:9:308:44 | privateKey | HardcodedCredentials.js:309:34:309:43 | privateKey |
|
||||
| HardcodedCredentials.js:308:9:308:44 | privateKey | HardcodedCredentials.js:309:34:309:43 | privateKey |
|
||||
| HardcodedCredentials.js:308:22:308:44 | "myHard ... ateKey" | HardcodedCredentials.js:308:9:308:44 | privateKey |
|
||||
| HardcodedCredentials.js:308:22:308:44 | "myHard ... ateKey" | HardcodedCredentials.js:308:9:308:44 | privateKey |
|
||||
| HardcodedCredentials.js:316:9:316:44 | privateKey | HardcodedCredentials.js:317:52:317:61 | privateKey |
|
||||
| HardcodedCredentials.js:316:22:316:44 | "myHard ... ateKey" | HardcodedCredentials.js:316:9:316:44 | privateKey |
|
||||
| HardcodedCredentials.js:316:22:316:44 | "myHard ... ateKey" | HardcodedCredentials.js:316:9:316:44 | privateKey |
|
||||
| HardcodedCredentials.js:317:52:317:61 | privateKey | HardcodedCredentials.js:317:27:317:62 | new Tex ... ateKey) |
|
||||
| HardcodedCredentials.js:317:52:317:61 | privateKey | HardcodedCredentials.js:317:27:317:62 | new Tex ... ateKey) |
|
||||
| HardcodedCredentials.js:319:11:321:29 | spki | HardcodedCredentials.js:322:43:322:46 | spki |
|
||||
| HardcodedCredentials.js:319:18:321:29 | `-----B ... Y-----` | HardcodedCredentials.js:319:11:321:29 | spki |
|
||||
| HardcodedCredentials.js:319:18:321:29 | `-----B ... Y-----` | HardcodedCredentials.js:319:11:321:29 | spki |
|
||||
| HardcodedCredentials.js:322:9:322:56 | publicKey | HardcodedCredentials.js:323:27:323:35 | publicKey |
|
||||
| HardcodedCredentials.js:322:9:322:56 | publicKey | HardcodedCredentials.js:323:27:323:35 | publicKey |
|
||||
| HardcodedCredentials.js:322:21:322:56 | await j ... RS256') | HardcodedCredentials.js:322:9:322:56 | publicKey |
|
||||
| HardcodedCredentials.js:322:43:322:46 | spki | HardcodedCredentials.js:322:21:322:56 | await j ... RS256') |
|
||||
| HardcodedCredentials.js:328:12:328:55 | 'whYOFK ... -6f...' | HardcodedCredentials.js:331:17:331:46 | await j ... k, alg) |
|
||||
| HardcodedCredentials.js:328:12:328:55 | 'whYOFK ... -6f...' | HardcodedCredentials.js:331:17:331:46 | await j ... k, alg) |
|
||||
| HardcodedCredentials.js:331:5:331:46 | publicKey | HardcodedCredentials.js:335:31:335:39 | publicKey |
|
||||
| HardcodedCredentials.js:331:5:331:46 | publicKey | HardcodedCredentials.js:335:31:335:39 | publicKey |
|
||||
| HardcodedCredentials.js:331:17:331:46 | await j ... k, alg) | HardcodedCredentials.js:331:5:331:46 | publicKey |
|
||||
| HardcodedCredentials.js:344:9:344:43 | secretKey | HardcodedCredentials.js:349:21:349:29 | secretKey |
|
||||
| HardcodedCredentials.js:344:9:344:43 | secretKey | HardcodedCredentials.js:349:21:349:29 | secretKey |
|
||||
| HardcodedCredentials.js:344:9:344:43 | secretKey | HardcodedCredentials.js:360:33:360:41 | secretKey |
|
||||
| HardcodedCredentials.js:344:21:344:43 | "myHard ... ateKey" | HardcodedCredentials.js:344:9:344:43 | secretKey |
|
||||
| HardcodedCredentials.js:344:21:344:43 | "myHard ... ateKey" | HardcodedCredentials.js:344:9:344:43 | secretKey |
|
||||
| HardcodedCredentials.js:360:33:360:41 | secretKey | HardcodedCredentials.js:360:21:360:52 | Buffer. ... ase64") |
|
||||
| HardcodedCredentials.js:360:33:360:41 | secretKey | HardcodedCredentials.js:360:21:360:52 | Buffer. ... ase64") |
|
||||
| HardcodedCredentials.js:375:9:375:43 | secretKey | HardcodedCredentials.js:378:24:378:32 | secretKey |
|
||||
| HardcodedCredentials.js:375:9:375:43 | secretKey | HardcodedCredentials.js:378:24:378:32 | secretKey |
|
||||
| HardcodedCredentials.js:375:9:375:43 | secretKey | HardcodedCredentials.js:385:31:385:39 | secretKey |
|
||||
| HardcodedCredentials.js:375:9:375:43 | secretKey | HardcodedCredentials.js:385:31:385:39 | secretKey |
|
||||
| HardcodedCredentials.js:375:21:375:43 | "myHard ... ateKey" | HardcodedCredentials.js:375:9:375:43 | secretKey |
|
||||
| HardcodedCredentials.js:375:21:375:43 | "myHard ... ateKey" | HardcodedCredentials.js:375:9:375:43 | secretKey |
|
||||
| HardcodedCredentials.js:396:9:396:43 | secretKey | HardcodedCredentials.js:399:17:399:25 | secretKey |
|
||||
| HardcodedCredentials.js:396:9:396:43 | secretKey | HardcodedCredentials.js:399:17:399:25 | secretKey |
|
||||
| HardcodedCredentials.js:396:21:396:43 | "myHard ... ateKey" | HardcodedCredentials.js:396:9:396:43 | secretKey |
|
||||
| HardcodedCredentials.js:396:21:396:43 | "myHard ... ateKey" | HardcodedCredentials.js:396:9:396:43 | secretKey |
|
||||
| HardcodedCredentials.js:414:9:414:43 | secretKey | HardcodedCredentials.js:416:27:416:35 | secretKey |
|
||||
| HardcodedCredentials.js:414:9:414:43 | secretKey | HardcodedCredentials.js:416:27:416:35 | secretKey |
|
||||
| HardcodedCredentials.js:414:21:414:43 | "myHard ... ateKey" | HardcodedCredentials.js:414:9:414:43 | secretKey |
|
||||
| HardcodedCredentials.js:414:21:414:43 | "myHard ... ateKey" | HardcodedCredentials.js:414:9:414:43 | secretKey |
|
||||
| __tests__/HardcodedCredentialsDemo.js:5:15:5:22 | 'dbuser' | __tests__/HardcodedCredentialsDemo.js:5:15:5:22 | 'dbuser' |
|
||||
| __tests__/HardcodedCredentialsDemo.js:8:19:8:28 | 'hgfedcba' | __tests__/HardcodedCredentialsDemo.js:8:19:8:28 | 'hgfedcba' |
|
||||
#select
|
||||
| HardcodedCredentials.js:5:15:5:22 | 'dbuser' | HardcodedCredentials.js:5:15:5:22 | 'dbuser' | HardcodedCredentials.js:5:15:5:22 | 'dbuser' | The hard-coded value "dbuser" is used as $@. | HardcodedCredentials.js:5:15:5:22 | 'dbuser' | user name |
|
||||
| HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' | HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' | HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' | The hard-coded value "hgfedcba" is used as $@. | HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' | password |
|
||||
@@ -477,7 +587,20 @@ edges
|
||||
| HardcodedCredentials.js:214:18:214:25 | 'sdsdag' | HardcodedCredentials.js:214:18:214:25 | 'sdsdag' | HardcodedCredentials.js:221:37:221:51 | `Basic ${AUTH}` | The hard-coded value "sdsdag" is used as $@. | HardcodedCredentials.js:221:37:221:51 | `Basic ${AUTH}` | authorization header |
|
||||
| HardcodedCredentials.js:215:18:215:25 | 'sdsdag' | HardcodedCredentials.js:215:18:215:25 | 'sdsdag' | HardcodedCredentials.js:221:37:221:51 | `Basic ${AUTH}` | The hard-coded value "sdsdag" is used as $@. | HardcodedCredentials.js:221:37:221:51 | `Basic ${AUTH}` | authorization header |
|
||||
| HardcodedCredentials.js:231:22:231:29 | 'sdsdag' | HardcodedCredentials.js:231:22:231:29 | 'sdsdag' | HardcodedCredentials.js:237:24:237:91 | 'Basic ... ase64') | The hard-coded value "sdsdag" is used as $@. | HardcodedCredentials.js:237:24:237:91 | 'Basic ... ase64') | authorization header |
|
||||
| HardcodedCredentials.js:245:22:245:44 | "myHard ... ateKey" | HardcodedCredentials.js:245:22:245:44 | "myHard ... ateKey" | HardcodedCredentials.js:246:42:246:51 | privateKey | The hard-coded value "myHardCodedPrivateKey" is used as $@. | HardcodedCredentials.js:246:42:246:51 | privateKey | key |
|
||||
| HardcodedCredentials.js:245:22:245:44 | "myHard ... ateKey" | HardcodedCredentials.js:245:22:245:44 | "myHard ... ateKey" | HardcodedCredentials.js:246:42:246:51 | privateKey | The hard-coded value "myHardCodedPrivateKey" is used as $@. | HardcodedCredentials.js:246:42:246:51 | privateKey | jwt key |
|
||||
| HardcodedCredentials.js:248:21:248:42 | "myHard ... licKey" | HardcodedCredentials.js:248:21:248:42 | "myHard ... licKey" | HardcodedCredentials.js:249:23:249:31 | publicKey | The hard-coded value "myHardCodedPublicKey" is used as $@. | HardcodedCredentials.js:249:23:249:31 | publicKey | jwt key |
|
||||
| HardcodedCredentials.js:292:37:292:57 | `Basic ... sdsdag` | HardcodedCredentials.js:292:37:292:57 | `Basic ... sdsdag` | HardcodedCredentials.js:292:37:292:57 | `Basic ... sdsdag` | The hard-coded value "Basic sdsdag:sdsdag" is used as $@. | HardcodedCredentials.js:292:37:292:57 | `Basic ... sdsdag` | authorization header |
|
||||
| HardcodedCredentials.js:294:37:294:70 | `Basic ... gbbbbb` | HardcodedCredentials.js:294:37:294:70 | `Basic ... gbbbbb` | HardcodedCredentials.js:294:37:294:70 | `Basic ... gbbbbb` | The hard-coded value "Basic sdsdag:aaaiuogrweuibgbbbbb" is used as $@. | HardcodedCredentials.js:294:37:294:70 | `Basic ... gbbbbb` | authorization header |
|
||||
| HardcodedCredentials.js:302:44:302:69 | 'iubfew ... ybgera' | HardcodedCredentials.js:302:44:302:69 | 'iubfew ... ybgera' | HardcodedCredentials.js:302:44:302:69 | 'iubfew ... ybgera' | The hard-coded value "iubfewiaaweiybgaeuybgera" is used as $@. | HardcodedCredentials.js:302:44:302:69 | 'iubfew ... ybgera' | key |
|
||||
| HardcodedCredentials.js:308:22:308:44 | "myHard ... ateKey" | HardcodedCredentials.js:308:22:308:44 | "myHard ... ateKey" | HardcodedCredentials.js:309:34:309:43 | privateKey | The hard-coded value "myHardCodedPrivateKey" is used as $@. | HardcodedCredentials.js:309:34:309:43 | privateKey | jwt key |
|
||||
| HardcodedCredentials.js:316:22:316:44 | "myHard ... ateKey" | HardcodedCredentials.js:316:22:316:44 | "myHard ... ateKey" | HardcodedCredentials.js:317:27:317:62 | new Tex ... ateKey) | The hard-coded value "myHardCodedPrivateKey" is used as $@. | HardcodedCredentials.js:317:27:317:62 | new Tex ... ateKey) | jwt key |
|
||||
| HardcodedCredentials.js:319:18:321:29 | `-----B ... Y-----` | HardcodedCredentials.js:319:18:321:29 | `-----B ... Y-----` | HardcodedCredentials.js:323:27:323:35 | publicKey | The hard-coded value "-----BEGIN PUBLIC KEY-----\n MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhYOFK2Ocbbpb/zVypi9...\n -----END PUBLIC KEY-----" is used as $@. | HardcodedCredentials.js:323:27:323:35 | publicKey | jwt key |
|
||||
| HardcodedCredentials.js:328:12:328:55 | 'whYOFK ... -6f...' | HardcodedCredentials.js:328:12:328:55 | 'whYOFK ... -6f...' | HardcodedCredentials.js:335:31:335:39 | publicKey | The hard-coded value "whYOFK2Ocbbpb_zVypi9SeKiNUqKQH0zTKN1-6f..." is used as $@. | HardcodedCredentials.js:335:31:335:39 | publicKey | jwt key |
|
||||
| HardcodedCredentials.js:344:21:344:43 | "myHard ... ateKey" | HardcodedCredentials.js:344:21:344:43 | "myHard ... ateKey" | HardcodedCredentials.js:349:21:349:29 | secretKey | The hard-coded value "myHardCodedPrivateKey" is used as $@. | HardcodedCredentials.js:349:21:349:29 | secretKey | jwt key |
|
||||
| HardcodedCredentials.js:344:21:344:43 | "myHard ... ateKey" | HardcodedCredentials.js:344:21:344:43 | "myHard ... ateKey" | HardcodedCredentials.js:360:21:360:52 | Buffer. ... ase64") | The hard-coded value "myHardCodedPrivateKey" is used as $@. | HardcodedCredentials.js:360:21:360:52 | Buffer. ... ase64") | jwt key |
|
||||
| HardcodedCredentials.js:375:21:375:43 | "myHard ... ateKey" | HardcodedCredentials.js:375:21:375:43 | "myHard ... ateKey" | HardcodedCredentials.js:378:24:378:32 | secretKey | The hard-coded value "myHardCodedPrivateKey" is used as $@. | HardcodedCredentials.js:378:24:378:32 | secretKey | jwt key |
|
||||
| HardcodedCredentials.js:375:21:375:43 | "myHard ... ateKey" | HardcodedCredentials.js:375:21:375:43 | "myHard ... ateKey" | HardcodedCredentials.js:385:31:385:39 | secretKey | The hard-coded value "myHardCodedPrivateKey" is used as $@. | HardcodedCredentials.js:385:31:385:39 | secretKey | jwt key |
|
||||
| HardcodedCredentials.js:396:21:396:43 | "myHard ... ateKey" | HardcodedCredentials.js:396:21:396:43 | "myHard ... ateKey" | HardcodedCredentials.js:399:17:399:25 | secretKey | The hard-coded value "myHardCodedPrivateKey" is used as $@. | HardcodedCredentials.js:399:17:399:25 | secretKey | jwt key |
|
||||
| HardcodedCredentials.js:414:21:414:43 | "myHard ... ateKey" | HardcodedCredentials.js:414:21:414:43 | "myHard ... ateKey" | HardcodedCredentials.js:416:27:416:35 | secretKey | The hard-coded value "myHardCodedPrivateKey" is used as $@. | HardcodedCredentials.js:416:27:416:35 | secretKey | jwt key |
|
||||
| __tests__/HardcodedCredentialsDemo.js:5:15:5:22 | 'dbuser' | __tests__/HardcodedCredentialsDemo.js:5:15:5:22 | 'dbuser' | __tests__/HardcodedCredentialsDemo.js:5:15:5:22 | 'dbuser' | The hard-coded value "dbuser" is used as $@. | __tests__/HardcodedCredentialsDemo.js:5:15:5:22 | 'dbuser' | user name |
|
||||
| __tests__/HardcodedCredentialsDemo.js:8:19:8:28 | 'hgfedcba' | __tests__/HardcodedCredentialsDemo.js:8:19:8:28 | 'hgfedcba' | __tests__/HardcodedCredentialsDemo.js:8:19:8:28 | 'hgfedcba' | The hard-coded value "hgfedcba" is used as $@. | __tests__/HardcodedCredentialsDemo.js:8:19:8:28 | 'hgfedcba' | password |
|
||||
@@ -300,4 +300,118 @@
|
||||
require('crypto').createHmac('sha256', 'SampleToken'); // OK
|
||||
require('crypto').createHmac('sha256', 'MyPassword'); // OK
|
||||
require('crypto').createHmac('sha256', 'iubfewiaaweiybgaeuybgera'); // NOT OK
|
||||
})();
|
||||
|
||||
(function () {
|
||||
const jwt_simple = require("jwt-simple");
|
||||
|
||||
var privateKey = "myHardCodedPrivateKey";
|
||||
jwt_simple.decode(UserToken, privateKey); // NOT OK
|
||||
})();
|
||||
|
||||
|
||||
(async function () {
|
||||
const jose = require("jose");
|
||||
|
||||
var privateKey = "myHardCodedPrivateKey";
|
||||
jose.jwtVerify(token, new TextEncoder().encode(privateKey)) // NOT OK
|
||||
|
||||
const spki = `-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhYOFK2Ocbbpb/zVypi9...
|
||||
-----END PUBLIC KEY-----`
|
||||
let publicKey = await jose.importSPKI(spki, 'RS256')
|
||||
jose.jwtVerify(token, publicKey) // NOT OK
|
||||
|
||||
const alg = 'RS256'
|
||||
const jwk = {
|
||||
kty: 'RSA',
|
||||
n: 'whYOFK2Ocbbpb_zVypi9SeKiNUqKQH0zTKN1-6f...',
|
||||
e: 'AQAB',
|
||||
}
|
||||
publicKey = await jose.importJWK(jwk, alg)
|
||||
const jwt =
|
||||
'eyJhbGciOiJSUzI1NiJ9.eyJ1cm46ZXhhbXBsZTpjbGFpbSI6dHJ1ZSwiaWF0IjoxNjY5MDU2NDg4LCJpc3MiOiJ1cm46ZXhhbXBsZTppc3N1ZXIiLCJhdWQiOiJ1cm46ZXhhbXBsZTphdWRpZW5jZSJ9.gXrPZ3yM_60dMXGE69dusbpzYASNA-XIOwsb5D5xYnSxyj6_D6OR_uR_1vqhUm4AxZxcrH1_-XJAve9HCw8az_QzHcN-nETt-v6stCsYrn6Bv1YOc-mSJRZ8ll57KVqLbCIbjKwerNX5r2_Qg2TwmJzQdRs-AQDhy-s_DlJd8ql6wR4n-kDZpar-pwIvz4fFIN0Fj57SXpAbLrV6Eo4Byzl0xFD8qEYEpBwjrMMfxCZXTlAVhAq6KCoGlDTwWuExps342-0UErEtyIqDnDGcrfNWiUsoo8j-29IpKd-w9-C388u-ChCxoHz--H8WmMSZzx3zTXsZ5lXLZ9IKfanDKg'
|
||||
|
||||
await jose.jwtVerify(jwt, publicKey, { // NOT OK
|
||||
issuer: 'urn:example:issuer',
|
||||
audience: 'urn:example:audience',
|
||||
})
|
||||
})();
|
||||
|
||||
(function () {
|
||||
const expressjwt = require("express-jwt");
|
||||
|
||||
var secretKey = "myHardCodedPrivateKey";
|
||||
|
||||
app.get(
|
||||
"/protected",
|
||||
expressjwt.expressjwt({
|
||||
secret: secretKey, algorithms: ["HS256"] // NOT OK
|
||||
}),
|
||||
function (req, res) {
|
||||
if (!req.auth.admin) return res.sendStatus(401);
|
||||
res.sendStatus(200);
|
||||
}
|
||||
);
|
||||
|
||||
app.get(
|
||||
"/protected",
|
||||
expressjwt.expressjwt({
|
||||
secret: Buffer.from(secretKey, "base64"), // NOT OK
|
||||
algorithms: ["RS256"],
|
||||
}),
|
||||
function (req, res) {
|
||||
if (!req.auth.admin) return res.sendStatus(401);
|
||||
res.sendStatus(200);
|
||||
}
|
||||
);
|
||||
|
||||
})();
|
||||
|
||||
(function () {
|
||||
const JwtStrategy = require('passport-jwt').Strategy;
|
||||
const passport = require('passport')
|
||||
|
||||
var secretKey = "myHardCodedPrivateKey";
|
||||
|
||||
const opts = {}
|
||||
opts.secretOrKey = secretKey; // NOT OK
|
||||
passport.use(new JwtStrategy(opts, function (jwt_payload, done) {
|
||||
return done(null, false);
|
||||
}));
|
||||
|
||||
passport.use(new JwtStrategy({
|
||||
secretOrKeyProvider: function (request, rawJwtToken, done) {
|
||||
return done(null, secretKey) // NOT OK
|
||||
}
|
||||
}, function (jwt_payload, done) {
|
||||
return done(null, false);
|
||||
}));
|
||||
})();
|
||||
|
||||
(function () {
|
||||
import NextAuth from "next-auth"
|
||||
import AppleProvider from "next-auth/providers/apple"
|
||||
|
||||
var secretKey = "myHardCodedPrivateKey";
|
||||
|
||||
NextAuth({
|
||||
secret: secretKey, // NOT OK
|
||||
providers: [
|
||||
AppleProvider({
|
||||
clientId: process.env.APPLE_ID,
|
||||
clientSecret: process.env.APPLE_SECRET,
|
||||
}),
|
||||
],
|
||||
})
|
||||
})();
|
||||
|
||||
(function () {
|
||||
const Koa = require('koa');
|
||||
const jwt = require('koa-jwt');
|
||||
const app = new Koa();
|
||||
|
||||
var secretKey = "myHardCodedPrivateKey";
|
||||
|
||||
app.use(jwt({ secret: secretKey })); // NOT OK
|
||||
})();
|
||||
@@ -0,0 +1,33 @@
|
||||
(function () {
|
||||
const pg = require('pg');
|
||||
|
||||
const client = new pg.Client({
|
||||
user: 'dbuser', // OK
|
||||
host: 'database.server.com',
|
||||
database: 'mydb',
|
||||
password: 'hgfedcba', // OK
|
||||
port: 3211,
|
||||
});
|
||||
client.connect();
|
||||
})();
|
||||
|
||||
(function () {
|
||||
const JwtStrategy = require('passport-jwt').Strategy;
|
||||
const passport = require('passport')
|
||||
|
||||
var secretKey = "myHardCodedPrivateKey";
|
||||
|
||||
const opts = {}
|
||||
opts.secretOrKey = secretKey; // NOT OK
|
||||
passport.use(new JwtStrategy(opts, function (jwt_payload, done) {
|
||||
return done(null, false);
|
||||
}));
|
||||
|
||||
passport.use(new JwtStrategy({
|
||||
secretOrKeyProvider: function (request, rawJwtToken, done) {
|
||||
return done(null, secretKey) // NOT OK
|
||||
}
|
||||
}, function (jwt_payload, done) {
|
||||
return done(null, false);
|
||||
}));
|
||||
})();
|
||||
Reference in New Issue
Block a user