hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-29 15:16:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4768 from github/query-and-library-links

Browse Source 
Update query and library links for new locations
This commit is contained in:
James Fletcher
2020-12-07 12:47:24 +00:00
committed by GitHub
parent 2484941330 45a4d5beb9
commit ebdb3e25aa
53 changed files with 2644 additions and 1914 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
docs/codeql/_templates/layout.html
View File

@@ -38,7 +38,7 @@
{%- block content %}
<header class="Header">
<div class="Header-item--full">
<a href="{{ pathto(master_doc) }}" class="Header-link f2 d-flex flex-items-center">
<a href="https://codeql.github.com/docs" class="Header-link f2 d-flex flex-items-center">
<!-- <%= octicon "mark-github", class: "mr-2", height: 32 %> -->
<svg height="32" class="octicon octicon-mark-github mr-2" viewBox="0 0 16 16" version="1.1" width="32"
aria-hidden="true">
@@ -46,19 +46,11 @@
d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0 0 16 8c0-4.42-3.58-8-8-8z">
</path>
</svg>
<span class="hide-sm">{{ project }}</span>
<span class="hide-sm">CodeQL documentation</span>
</a>
</div>
<div class="Header-item hide-sm hide-md">
<form class="search" action="{{ pathto('search') }}" method="get">
<input class="form-control input-dark" type="text" name="q" placeholder="Search" />
<input class="btn" type="submit" value="Search" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
<script type="text/javascript">$('#searchbox').show(0);</script>
<div class="clearer"></div>
<script src="https://addsearch.com/js/?key=93b4d287e2fc079a4089412b669785d5&categories=!0xhelp.semmle.com,0xcodeql.github.com,1xdocs,1xcodeql-standard-libraries,1xcodeql-query-help"></script>
</div>
<div class="Header-item">
@@ -69,20 +61,30 @@
</summary>
<ul class="dropdown-menu dropdown-menu-se dropdown-menu-dark">
<li><a class="dropdown-item" href="https://codeql.github.com/docs/codeql-overview">CodeQL overview</a></li>
<li class="dropdown-divider" role="separator"></li>
<div class="dropdown-header">
Help docs
CodeQL tools
</div>
<li><a class="dropdown-item" href="https://help.semmle.com/QL/learn-ql/">Learn CodeQL</a></li>
<li><a class="dropdown-item" href="https://help.semmle.com/codeql/codeql-tools.html">CodeQL tools</a>
<li><a class="dropdown-item" href="https://codeql.github.com/docs/codeql-for-visual-studio-code">CodeQL for VS Code</a>
<li><a class="dropdown-item" href="https://codeql.github.com/docs/codeql-cli">CodeQL CLI</a>
</li>
<li class="dropdown-divider" role="separator"></li>
<div class="dropdown-header">
CodeQL guides
</div>
<li><a class="dropdown-item" href="https://codeql.github.com/docs/writing-codeql-queries">Writing CodeQL queries</a></li>
<li><a class="dropdown-item" href="https://codeql.github.com/docs/codeql-language-guides">CodeQL language guides</a>
<li class="dropdown-divider" role="separator"></li>
<div class="dropdown-header">
Reference docs
</div>
<li><a class="dropdown-item" href="https://help.semmle.com/QL/ql-handbook/">QL language reference</a>
<li><a class="dropdown-item" href="https://help.semmle.com/QL/ql-libraries.html">CodeQL libraries</a>
<li><a class="dropdown-item" href="https://help.semmle.com/QL/ql-built-in-queries.html">CodeQL
queries</a>
<li><a class="dropdown-item" href="https://codeql.github.com/docs/ql-language-reference/">QL language
reference</a>
<li><a class="dropdown-item" href="https://codeql.github.com/codeql-standard-libraries">CodeQL
standard-libraries</a>
<li><a class="dropdown-item" href="https://codeql.github.com/codeql-query-help">CodeQL
query help</a>
<li class="dropdown-divider" role="separator"></li>
<div class="dropdown-header">
Source files

2
docs/codeql/codeql-cli/about-the-codeql-cli.rst
View File

@@ -26,4 +26,4 @@ command line. To run a command, use::
codeql [command] [subcommand]
To view the reference documentation for a command, add the ``--help`` flag, or visit the
"`CodeQL CLI manual <../../codeql-cli-manual>`__."
"`CodeQL CLI manual <../manual>`__."

4
docs/codeql/codeql-cli/analyzing-databases-with-the-codeql-cli.rst
View File

@@ -49,7 +49,7 @@ You must specify:
<sarif-file>`, and graph formats. For more information about CSV and SARIF,
see `Results <#results>`__. To find out which other results formats are
supported, see the `database analyze reference
<../codeql-cli-manual/database-analyze.html>`__.
<../manual/database-analyze>`__.
- ``--output``: the output path of the results file generated during analysis.
@@ -70,7 +70,7 @@ You can also specify:
<upgrading-codeql-databases>`."
For full details of all the options you can use when analyzing databases, see
the `database analyze reference documentation <../codeql-cli-manual/database-analyze.html>`__.
the `database analyze reference documentation <../manual/database-analyze>`__.
.. _database-analyze-examples:

2
docs/codeql/codeql-cli/codeql-cli-reference.rst
View File

@@ -28,4 +28,4 @@ CodeQL CLI manual
-----------------
To view detailed information about each CodeQL CLI command,
including its usage and options, add the ``--help`` flag or visit the "`CodeQL CLI manual <../codeql-cli-manual>`__."
including its usage and options, add the ``--help`` flag or visit the "`CodeQL CLI manual <../manual>`__."

2
docs/codeql/codeql-cli/creating-codeql-databases.rst
View File

@@ -50,7 +50,7 @@ the language you want to analyze:
detect the build system automatically, using a built-in autobuilder.
For full details of all the options you can use when creating databases,
see the `database create reference documentation <../codeql-cli-manual/database-create.html>`__.
see the `database create reference documentation <../manual/database-create>`__.
Progress and results
--------------------

2
docs/codeql/codeql-cli/creating-codeql-query-suites.rst
View File

@@ -234,7 +234,7 @@ instruction::
- description: <name-of-query-suite>
This value is displayed when you run `codeql resolve queries
<../codeql-cli-manual/resolve-queries.html>`__, if the suite is added to a "well-known"
<../manual/resolve-queries>`__, if the suite is added to a "well-known"
directory. For more information, see "`Specifying well-known query suites
<#specifying-well-known-query-suites>`__."

4
docs/codeql/codeql-cli/exit-codes.rst
View File

@@ -16,7 +16,7 @@ Success, normal termination.
The command successfully determined that the answer to your question is "no".
This exit code is only used by a few commands, such as `codeql test run <../codeql-cli-manual/test-run.html>`__, `codeql database check <../codeql-cli-manual/dataset-check.html>`__, `codeql query format <../codeql-cli-manual/query-format.html>`__,and `codeql resolve extractor <../codeql-cli-manual/resolve-extractor.html>`__.
This exit code is only used by a few commands, such as `codeql test run <../manual/test-run>`__, `codeql database check <../manual/dataset-check>`__, `codeql query format <../manual/query-format>`__,and `codeql resolve extractor <../manual/resolve-extractor>`__.
For more details, see the documentation for those commands.
2
@@ -37,7 +37,7 @@ In this case, the launcher can't start the Java code for the CodeQL CLI at all.
32
---
The extractor didn't find any code to analyze when running `codeql database create <../codeql-cli-manual/database-create.html>`__ or `codeql database finalize <../codeql-cli-manual/database-finalize.html>`__.
The extractor didn't find any code to analyze when running `codeql database create <../manual/database-create>`__ or `codeql database finalize <../manual/database-finalize>`__.
33
---

2
docs/codeql/codeql-cli/getting-started-with-the-codeql-cli.rst
View File

@@ -184,7 +184,7 @@ executable in a couple of ways:
can run the executable as just ``codeql``.
At this point, you can execute CodeQL commands. For a full list of the CodeQL
CLI commands, see the "`CodeQL CLI manual <../../codeql-cli-manual>`__."
CLI commands, see the "`CodeQL CLI manual <../manual>`__."
.. pull-quote:: Note

2
docs/codeql/codeql-cli/index.rst
View File

@@ -10,7 +10,7 @@ CodeQL CLI
- :ref:`CodeQL CLI reference <codeql-cli-reference>`: Learn more about the files you can use when running CodeQL processes and the results format and exit codes that CodeQL generates.
- `CodeQL CLI manual <../codeql-cli-manual>`__: Detailed information about all the commands available with the CodeQL CLI.
- `CodeQL CLI manual <manual>`__: Detailed information about all the commands available with the CodeQL CLI.
.. toctree::
:titlesonly:

2
docs/codeql/codeql-cli/sarif-output.rst
View File

@@ -11,7 +11,7 @@ considered "optional". This document details the output produced when using the
format type ``sarifv2.1.0``, which corresponds to the SARIF v2.1.0.csd1
specification.
For more information on selecting a file format for your analysis results, see
the `database analyze reference <../codeql-cli-manual/database-analyze.html>`__.
the `database analyze reference <../manual/database-analyze>`__.
SARIF specification and schema
------------------------------

2
docs/codeql/codeql-cli/testing-custom-queries.rst
View File

@@ -130,7 +130,7 @@ You can also specify:
- .. include:: ../reusables/threads-query-execution.rst
For full details of all the options you can use when testing queries,
see the `test run reference documentation <../codeql-cli-manual/test-run.html>`__.
see the `test run reference documentation <../manual/test-run>`__.
Example
-------

4
docs/codeql/codeql-cli/testing-query-help-files.rst
View File

@@ -54,7 +54,7 @@ The ``--output`` option defines a file path where the rendered query help will b
For full details of all the options you can use when testing query help files,
see the `generate query-help reference documentation
<codeql-cli-manual:generate-query-help>`__.
<../manual/generate-query-help>`__.
Results
-------
@@ -73,7 +73,7 @@ By default, the CodeQL CLI will print a warning message if:
as an accompanying ``.qhelp`` file
You can tell the CodeQL CLI how to handle these warnings by including a ``--warnings`` option in your command.
For more information, see the `generate query-help reference documentation <../codeql-cli-manual/generate-query-help.html#cmdoption-codeql-generate-query-help-warnings>`__.
For more information, see the `generate query-help reference documentation <../manual/generate-query-help#cmdoption-codeql-generate-query-help-warnings>`__.
Further reading
---------------

2
docs/codeql/codeql-cli/upgrading-codeql-databases.rst
View File

@@ -40,7 +40,7 @@ where ``<database>``, the path to the CodeQL database you
want to upgrade, must be specified.
For full details of all the options you can use when upgrading databases,
see the "`database upgrade <../codeql-cli-manual/database-upgrade.html>`__" reference documentation.
see the "`database upgrade <../manual/database-upgrade>`__" reference documentation.
Progress and results
--------------------

2
docs/codeql/codeql-cli/using-custom-queries-with-the-codeql-cli.rst
View File

@@ -7,7 +7,7 @@ You can customize your CodeQL analyses by writing your own queries to highlight
specific vulnerabilities or errors.
This topic is specifically about writing
queries to use with the `database analyze <../codeql-cli-manual/database-analyze.html>`__
queries to use with the `database analyze <../manual/database-analyze>`__
command to produce :ref:`interpreted results <interpret-query-results>`.
.. include:: ../reusables/advanced-query-execution.rst

2
docs/codeql/codeql-for-visual-studio-code/analyzing-your-projects.rst
View File

@@ -137,7 +137,7 @@ To use standard code navigation features in the source code, you can right-click
If you're using an older database, code navigation commands such as **Go to Definition** and **Go to References** may not work.
To use code navigation, try unzipping the database and running ``codeql database cleanup <database>`` on the unzipped database using the CodeQL CLI. Then, re-add the database to Visual Studio Code.
For more information, see the `database cleanup <../codeql-cli/codeql-cli-manual/database-cleanup.html>`__ reference documentation.
For more information, see the `database cleanup <../../codeql-cli/manual/database-cleanup>`__ reference documentation.
Comparing query results
------------------------

870
docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-go-programs.rst
View File

@@ -10,374 +10,273 @@ CodeQL has a large selection of classes for representing the abstract syntax tre
Statement classes
-----------------
This table lists all subclasses of `Stmt <https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html>`__.
This table lists all subclasses of Stmt_.
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Statement syntax | CodeQL class | Superclasses | Remarks |
+===================================================================================================================+===================================================================================================================+===============================================================================================================+===================================================================================================================+
| ``;`` | EmptyStmt_ | | |
| | | | |
| | .. _EmptyStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$EmptyStmt.html | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ | ExprStmt_ | | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _ExprStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$ExprStmt.html | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``{`` Stmt_ ``...`` ``}`` | BlockStmt_ | | |
| | | | |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | .. _BlockStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BlockStmt.html | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``if`` Expr_ BlockStmt_ | IfStmt_ | | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _IfStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$IfStmt.html | | |
| .. _BlockStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BlockStmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``if`` Expr_ BlockStmt_ ``else`` Stmt_ | | | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | | |
| .. _BlockStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BlockStmt.html | | | |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``if`` Stmt_\ ``;`` Expr_ BlockStmt_ | | | |
| | | | |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | | |
| .. _BlockStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BlockStmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``for`` Expr_ BlockStmt_ | ForStmt_ | LoopStmt_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _ForStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$ForStmt.html | .. _LoopStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$LoopStmt.html | |
| .. _BlockStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BlockStmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``for`` Stmt_\ ``;`` Expr_\ ``;`` Stmt_ BlockStmt_ | | | |
| | | | |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | | |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
| .. _BlockStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BlockStmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``for`` Expr_ ``...`` ``=`` ``range`` Expr_ BlockStmt_ | RangeStmt_ | LoopStmt_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _RangeStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$RangeStmt.html | .. _LoopStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$LoopStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | | |
| .. _BlockStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BlockStmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``switch`` Expr_ ``{`` CaseClause_ ``...`` ``}`` | ExpressionSwitchStmt_ | SwitchStmt_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _ExpressionSwitchStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$ExpressionSwitchStmt.html | .. _SwitchStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$SwitchStmt.html | |
| .. _CaseClause: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CaseClause.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``switch`` Stmt_\ ``;`` Expr_ ``{`` CaseClause_ ``...`` ``}`` | | | |
| | | | |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | | |
| .. _CaseClause: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CaseClause.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``switch`` Expr_\ ``.(type)`` ``{`` CaseClause_ ``...`` ``}`` | TypeSwitchStmt_ | SwitchStmt_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _TypeSwitchStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$TypeSwitchStmt.html | .. _SwitchStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$SwitchStmt.html | |
| .. _CaseClause: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CaseClause.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``switch`` SimpleAssignStmt_\ ``.(type)`` ``{`` CaseClause_ ``...`` ``}`` | | | |
| | | | |
| .. _SimpleAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$SimpleAssignStmt.html | | | |
| .. _CaseClause: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CaseClause.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``switch`` Stmt_\ ``;`` Expr_\ ``.(type)`` ``{`` CaseClause_ ``...`` ``}`` | | | |
| | | | |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | | |
| .. _CaseClause: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CaseClause.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``select`` ``{`` CommClause_ ``...`` ``}`` | SelectStmt_ | | |
| | | | |
| .. _CommClause: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CommClause.html | .. _SelectStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$SelectStmt.html | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``return`` | ReturnStmt_ | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``return`` Expr_ ``...`` | .. _ReturnStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$ReturnStmt.html | | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``break`` | BreakStmt_ | BranchStmt_ | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``break`` LabelName_ | .. _BreakStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BreakStmt.html | .. _BranchStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BranchStmt.html | |
| | | | |
| .. _LabelName: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$LabelName.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``continue`` | ContinueStmt_ | BranchStmt_ | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``continue`` LabelName_ | .. _ContinueStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$ContinueStmt.html | .. _BranchStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BranchStmt.html | |
| | | | |
| .. _LabelName: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$LabelName.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``goto`` LabelName_ | GotoStmt_ | BranchStmt_ | |
| | | | |
| .. _LabelName: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$LabelName.html | .. _GotoStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$GotoStmt.html | .. _BranchStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BranchStmt.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``fallthrough`` | FallthroughStmt_ | BranchStmt_ | can only occur as final non-empty child of a CaseClause_ in an ExpressionSwitchStmt_ |
| | | | |
| | .. _FallthroughStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$FallthroughStmt.html | .. _BranchStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BranchStmt.html | .. _CaseClause: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CaseClause.html |
| | | | .. _ExpressionSwitchStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$ExpressionSwitchStmt.html |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| LabelName_\ ``:`` Stmt_ | LabeledStmt_ | | |
| | | | |
| .. _LabelName: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$LabelName.html | .. _LabeledStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$LabeledStmt.html | | |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``var`` VariableName_ TypeName_ | DeclStmt_ | | |
| | | | |
| .. _VariableName: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$VariableName.html | .. _DeclStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$DeclStmt.html | | |
| .. _TypeName: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeName.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``const`` VariableName_ ``=`` Expr_ | | | |
| | | | |
| .. _VariableName: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$VariableName.html | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``type`` TypeName_ TypeExpr_ | | | |
| | | | |
| .. _TypeName: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeName.html | | | |
| .. _TypeExpr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``type`` TypeName_ ``=`` TypeExpr_ | | | |
| | | | |
| .. _TypeName: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeName.html | | | |
| .. _TypeExpr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``...`` ``=`` Expr_ ``...`` | AssignStmt_ | SimpleAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _AssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$AssignStmt.html | .. _SimpleAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$SimpleAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| VariableName_ ``...`` ``:=`` Expr_ ``...`` | DefineStmt_ | SimpleAssignStmt_, Assignment_ | |
| | | | |
| .. _VariableName: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$VariableName.html | .. _DefineStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$DefineStmt.html | .. _SimpleAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$SimpleAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``+=`` Expr_ | AddAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _AddAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$AddAssignStmt.html | .. _CompoundAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``-=`` Expr_ | SubAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _SubAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$SubAssignStmt.html | .. _CompoundAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``*=`` Expr_ | MulAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _MulAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$MulAssignStmt.html | .. _CompoundAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``/=`` Expr_ | QuoAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _QuoAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$QuoAssignStmt.html | .. _CompoundAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``%=`` Expr_ | RemAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _RemAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$RemAssignStmt.html | .. _CompoundAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``*=`` Expr_ | MulAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _MulAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$MulAssignStmt.html | .. _CompoundAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``&=`` Expr_ | AndAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _AndAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$AndAssignStmt.html | .. _CompoundAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``|=`` Expr_ | OrAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _OrAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$OrAssignStmt.html | .. _CompoundAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``^=`` Expr_ | XorAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _XorAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$XorAssignStmt.html | .. _CompoundAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``<<=`` Expr_ | ShlAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _ShlAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$ShlAssignStmt.html | .. _CompoundAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``>>=`` Expr_ | ShrAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _ShrAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$ShrAssignStmt.html | .. _CompoundAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``&^=`` Expr_ | AndNotAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _AndNotAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$AndNotAssignStmt.html | .. _CompoundAssignStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | .. _Assignment: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``++`` | IncStmt_ | IncDecStmt_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _IncStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$IncStmt.html | .. _IncDecStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$IncDecStmt.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``--`` | DecStmt_ | IncDecStmt_ | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _DecStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$DecStmt.html | .. _IncDecStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$IncDecStmt.html | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``go`` CallExpr_ | GoStmt_ | | |
| | | | |
| .. _CallExpr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$CallExpr.html | .. _GoStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$GoStmt.html | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``defer`` CallExpr_ | DeferStmt_ | | |
| | | | |
| .. _CallExpr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$CallExpr.html | .. _DeferStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$DeferStmt.html | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``<-`` Expr_ | SendStmt_ | | |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _SendStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$SendStmt.html | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``case`` Expr_ ``...``\ ``:`` Stmt_ ``...`` | CaseClause_ | | can only occur as child of a SwitchStmt_ |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _CaseClause: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CaseClause.html | | .. _SwitchStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$SwitchStmt.html |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``case`` TypeExpr_ ``...``\ ``:`` Stmt_ ``...`` | | | |
| | | | |
| .. _TypeExpr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html | | | |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``default:`` Stmt_ ``...`` | | | |
| | | | |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| ``case`` SendStmt_\ ``:`` Stmt_ ``...`` | CommClause_ | | can only occur as child of a SelectStmt_ |
| | | | |
| .. _SendStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$SendStmt.html | .. _CommClause: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CommClause.html | | .. _SelectStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$SelectStmt.html |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``case`` RecvStmt_\ ``:`` Stmt_ ``...`` | | | |
| | | | |
| .. _RecvStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$RecvStmt.html | | | |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| ``default:`` Stmt_ ``...`` | | | |
| | | | |
| .. _Stmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| Expr_ ``...`` ``=`` RecvExpr_ | RecvStmt_ | | can only occur as child of a CommClause_ |
| | | | |
| .. _Expr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html | .. _RecvStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$RecvStmt.html | | .. _CommClause: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$CommClause.html |
| .. _RecvExpr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$RecvExpr.html | | | |
+-------------------------------------------------------------------------------------------------------------------+ | | |
| VariableName_ ``...`` ``:=`` RecvExpr_ | | | |
| | | | |
| .. _VariableName: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$VariableName.html | | | |
| .. _RecvExpr: https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$RecvExpr.html | | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
| (anything unparseable) | BadStmt_ | | |
| | | | |
| | .. _BadStmt: https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$BadStmt.html | | |
+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Statement syntax | CodeQL class | Superclasses | Remarks |
+===============================================================================+=======================+==================================+===================================================+
| ``;`` | EmptyStmt_ | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ | ExprStmt_ | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``{`` Stmt_ ``...`` ``}`` | BlockStmt_ | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``if`` Expr_ BlockStmt_ | IfStmt_ | | |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``if`` Expr_ BlockStmt_ ``else`` Stmt_ | | | |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``if`` Stmt_\ ``;`` Expr_ BlockStmt_ | | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``for`` Expr_ BlockStmt_ | ForStmt_ | LoopStmt_ | |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``for`` Stmt_\ ``;`` Expr_\ ``;`` Stmt_ BlockStmt_ | | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``for`` Expr_ ``...`` ``=`` ``range`` Expr_ BlockStmt_ | RangeStmt_ | LoopStmt_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``switch`` Expr_ ``{`` CaseClause_ ``...`` ``}`` | ExpressionSwitchStmt_ | SwitchStmt_ | |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``switch`` Stmt_\ ``;`` Expr_ ``{`` CaseClause_ ``...`` ``}`` | | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``switch`` Expr_\ ``.(type)`` ``{`` CaseClause_ ``...`` ``}`` | TypeSwitchStmt_ | SwitchStmt_ | |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``switch`` SimpleAssignStmt_\ ``.(type)`` ``{`` CaseClause_ ``...`` ``}`` | | | |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``switch`` Stmt_\ ``;`` Expr_\ ``.(type)`` ``{`` CaseClause_ ``...`` ``}`` | | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``select`` ``{`` CommClause_ ``...`` ``}`` | SelectStmt_ | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``return`` | ReturnStmt_ | | |
+-------------------------------------------------------------------------------+ | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``break`` | BreakStmt_ | BranchStmt_ | |
+-------------------------------------------------------------------------------+ | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``continue`` | ContinueStmt_ | BranchStmt_ | |
+-------------------------------------------------------------------------------+ | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``goto`` LabelName_ | GotoStmt_ | BranchStmt_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``fallthrough`` | FallthroughStmt_ | BranchStmt_ | can only occur as final non-empty child of |
| | | | a CaseClause_ in an ExpressionSwitchStmt_ |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| LabelName_\ ``:`` Stmt_ | LabeledStmt_ | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``var`` VariableName_ TypeName_ | DeclStmt_ | | |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``const`` VariableName_ ``=`` Expr_ | | | |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``type`` TypeName_ TypeExpr_ | | | |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``type`` TypeName_ ``=`` TypeExpr_ | | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``...`` ``=`` Expr_ ``...`` | AssignStmt_ | SimpleAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| VariableName_ ``...`` ``:=`` Expr_ ``...`` | DefineStmt_ | SimpleAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``+=`` Expr_ | AddAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``-=`` Expr_ | SubAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``*=`` Expr_ | MulAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``/=`` Expr_ | QuoAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``%=`` Expr_ | RemAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``*=`` Expr_ | MulAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``&=`` Expr_ | AndAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``|=`` Expr_ | OrAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``^=`` Expr_ | XorAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``<<=`` Expr_ | ShlAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``>>=`` Expr_ | ShrAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``&^=`` Expr_ | AndNotAssignStmt_ | CompoundAssignStmt_, Assignment_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``++`` | IncStmt_ | IncDecStmt_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``--`` | DecStmt_ | IncDecStmt_ | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``go`` CallExpr_ | GoStmt_ | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``defer`` CallExpr_ | DeferStmt_ | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``<-`` Expr_ | SendStmt_ | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``case`` Expr_ ``...``\ ``:`` Stmt_ ``...`` | CaseClause_ | | can only occur as child of a SwitchStmt_ |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``case`` TypeExpr_ ``...``\ ``:`` Stmt_ ``...`` | | | |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``default:`` Stmt_ ``...`` | | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| ``case`` SendStmt_\ ``:`` Stmt_ ``...`` | CommClause_ | | can only occur as child of a SelectStmt_ |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``case`` RecvStmt_\ ``:`` Stmt_ ``...`` | | | |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| ``default:`` Stmt_ ``...`` | | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| Expr_ ``...`` ``=`` RecvExpr_ | RecvStmt_ | | can only occur as child of a CommClause_ |
| | | | |
+-------------------------------------------------------------------------------+ | | |
| VariableName_ ``...`` ``:=`` RecvExpr_ | | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
| (anything unparseable) | BadStmt_ | | |
| | | | |
+-------------------------------------------------------------------------------+-----------------------+----------------------------------+---------------------------------------------------+
Expression classes
------------------
There are many expression classes, so we present them by category.
All classes in this section are subclasses of
`Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__.
Expr_.
Literals
~~~~~~~~
+-----------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| Expression syntax example | CodeQL class | Superclass |
+=========================================+==============================================================================================+====================================================================================================+
| ``23`` | `IntLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$IntLit.html>`__ | `BasicLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BasicLit.html>`__ |
+-----------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``4.2`` | `FloatLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$FloatLit.html>`__ | `BasicLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BasicLit.html>`__ |
+-----------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``4.2 + 2.7i`` | `ImagLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ImagLit.html>`__ | `BasicLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BasicLit.html>`__ |
+-----------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``'a'`` | `CharLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$CharLit.html>`__ | `BasicLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BasicLit.html>`__ |
+-----------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``"Hello"`` | `StringLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$StringLit.html>`__ | `BasicLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BasicLit.html>`__ |
+-----------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``func(x, y int) int { return x + y }`` | `FuncLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$FuncLit.html>`__ | `FuncDef <https://help.semmle.com/qldoc/go/semmle/go/Decls.qll/type.Decls$FuncDef.html>`__ |
+-----------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``map[string]int{"A": 1, "B": 2}`` | `MapLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$MapLit.html>`__ | `CompositeLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$CompositeLit.html>`__ |
+-----------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``Point3D{0.5, -0.5, 0.5}`` | `StructLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$StructLit.html>`__ | `CompositeLit <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$CompositeLit.html>`__ |
+-----------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
+-----------------------------------------+--------------+---------------+
| Expression syntax example | CodeQL class | Superclass |
+=========================================+==============+===============+
| ``23`` | IntLit_ | BasicLit_ |
+-----------------------------------------+--------------+---------------+
| ``4.2`` | FloatLit_ | BasicLit_ |
+-----------------------------------------+--------------+---------------+
| ``4.2 + 2.7i`` | ImagLit_ | BasicLit_ |
+-----------------------------------------+--------------+---------------+
| ``'a'`` | CharLit_ | BasicLit_ |
+-----------------------------------------+--------------+---------------+
| ``"Hello"`` | StringLit_ | BasicLit_ |
+-----------------------------------------+--------------+---------------+
| ``func(x, y int) int { return x + y }`` | FuncLit_ | FuncDef_ |
+-----------------------------------------+--------------+---------------+
| ``map[string]int{"A": 1, "B": 2}`` | MapLit_ | CompositeLit_ |
+-----------------------------------------+--------------+---------------+
| ``Point3D{0.5, -0.5, 0.5}`` | StructLit_ | CompositeLit_ |
+-----------------------------------------+--------------+---------------+
Unary expressions
~~~~~~~~~~~~~~~~~
All classes in this subsection are subclasses of
`UnaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$UnaryExpr.html>`__.
UnaryExpr_.
+--------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class | Superclasses |
+============================================================================================+========================================================================================================+==================================================================================================================+
| ``+``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `PlusExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$PlusExpr.html>`__ | `ArithmeticUnaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ArithmeticUnaryExpr.html>`__ |
+--------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------+
| ``-``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `MinusExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$MinusExpr.html>`__ | `ArithmeticUnaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ArithmeticUnaryExpr.html>`__ |
+--------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------+
| ``!``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `NotExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$NotExpr.html>`__ | `LogicalUnaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$LogicalUnaryExpr.html>`__ |
+--------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------+
| ``^``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `ComplementExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ComplementExpr.html>`__ | `BitwiseUnaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BitwiseUnaryExpr.html>`__ |
+--------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------+
| ``&``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `AddressExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$AddressExpr.html>`__ | |
+--------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------+
| ``<-``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `RecvExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$RecvExpr.html>`__ | |
+--------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------+
+-------------------+-----------------+----------------------+
| Expression syntax | CodeQL class | Superclasses |
+===================+=================+======================+
| ``+``\ Expr_ | PlusExpr_ | ArithmeticUnaryExpr_ |
+-------------------+-----------------+----------------------+
| ``-``\ Expr_ | MinusExpr_ | ArithmeticUnaryExpr_ |
+-------------------+-----------------+----------------------+
| ``!``\ Expr_ | NotExpr_ | LogicalUnaryExpr_ |
+-------------------+-----------------+----------------------+
| ``^``\ Expr_ | ComplementExpr_ | BitwiseUnaryExpr_ |
+-------------------+-----------------+----------------------+
| ``&``\ Expr_ | AddressExpr_ | |
+-------------------+-----------------+----------------------+
| ``<-``\ Expr_ | RecvExpr_ | |
+-------------------+-----------------+----------------------+
Binary expressions
~~~~~~~~~~~~~~~~~~
All classes in this subsection are subclasses of
`BinaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BinaryExpr.html>`__.
BinaryExpr_.
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class | Superclasses |
+==============================================================================================================================================================================+================================================================================================+============================================================================================================================+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``*`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `MulExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$MulExpr.html>`__ | `ArithmeticBinaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ArithmeticBinaryExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``/`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `QuoExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$QuoExpr.html>`__ | `ArithmeticBinaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ArithmeticBinaryExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``%`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `RemExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$RemExpr.html>`__ | `ArithmeticBinaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ArithmeticBinaryExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``+`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `AddExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$AddExpr.html>`__ | `ArithmeticBinaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ArithmeticBinaryExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``-`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `SubExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$SubExpr.html>`__ | `ArithmeticBinaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ArithmeticBinaryExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``<<`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `ShlExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ShlExpr.html>`__ | `ShiftExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ShiftExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``>>`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `ShrExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ShrExpr.html>`__ | `ShiftExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ShiftExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``&&`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `LandExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$LandExpr.html>`__ | `LogicalBinaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$LogicalBinaryExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``||`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `LorExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$LorExpr.html>`__ | `LogicalBinaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$LogicalBinaryExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``<`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `LssExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$LssExpr.html>`__ | `RelationalComparisonExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$RelationalComparisonExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``>`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `GtrExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$GtrExpr.html>`__ | `RelationalComparisonExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$RelationalComparisonExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``<=`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `LeqExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$LeqExpr.html>`__ | `RelationalComparisonExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$RelationalComparisonExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``>=`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `GeqExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$GeqExpr.html>`__ | `RelationalComparisonExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$RelationalComparisonExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``==`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `EqlExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$EqlExpr.html>`__ | `EqualityTestExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$EqualityTestExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``!=`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `NeqExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$NeqExpr.html>`__ | `EqualityTestExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$EqualityTestExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``&`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `AndExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$AndExpr.html>`__ | `BitwiseBinaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BitwiseBinaryExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``|`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `OrExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$OrExpr.html>`__ | `BitwiseBinaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BitwiseBinaryExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``^`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `XorExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$XorExpr.html>`__ | `BitwiseBinaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BitwiseBinaryExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ ``&^`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `AndNotExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$AndNotExpr.html>`__ | `BitwiseBinaryExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BitwiseBinaryExpr.html>`__ |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
+--------------------+--------------+---------------------------+
| Expression syntax | CodeQL class | Superclasses |
+====================+==============+===========================+
| Expr_ ``*`` Expr_ | MulExpr_ | ArithmeticBinaryExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``/`` Expr_ | QuoExpr_ | ArithmeticBinaryExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``%`` Expr_ | RemExpr_ | ArithmeticBinaryExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``+`` Expr_ | AddExpr_ | ArithmeticBinaryExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``-`` Expr_ | SubExpr_ | ArithmeticBinaryExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``<<`` Expr_ | ShlExpr_ | ShiftExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``>>`` Expr_ | ShrExpr_ | ShiftExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``&&`` Expr_ | LandExpr_ | LogicalBinaryExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``||`` Expr_ | LorExpr_ | LogicalBinaryExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``<`` Expr_ | LssExpr_ | RelationalComparisonExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``>`` Expr_ | GtrExpr_ | RelationalComparisonExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``<=`` Expr_ | LeqExpr_ | RelationalComparisonExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``>=`` Expr_ | GeqExpr_ | RelationalComparisonExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``==`` Expr_ | EqlExpr_ | EqualityTestExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``!=`` Expr_ | NeqExpr_ | EqualityTestExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``&`` Expr_ | AndExpr_ | BitwiseBinaryExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``|`` Expr_ | OrExpr_ | BitwiseBinaryExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``^`` Expr_ | XorExpr_ | BitwiseBinaryExpr_ |
+--------------------+--------------+---------------------------+
| Expr_ ``&^`` Expr_ | AndNotExpr_ | BitwiseBinaryExpr_ |
+--------------------+--------------+---------------------------+
Type expressions
~~~~~~~~~~~~~~~~
@@ -385,101 +284,236 @@ Type expressions
These classes represent different expressions for types. They do
not have a common superclass.
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class | Superclasses |
+=========================================================================================================================================================================================================+====================================================================================================================+====================================================================================================+
| ``[``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__\ ``]`` `TypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html>`__ | `ArrayTypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ArrayTypeExpr.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``struct { ... }`` | `StructTypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$StructTypeExpr.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``func`` `FunctionName <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$FunctionName.html>`__\ ``(...) (...)`` | `FuncTypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$FuncTypeExpr.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``interface { ... }`` | `InterfaceTypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$InterfaceTypeExpr.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``map[``\ `TypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html>`__\ ``]``\ `TypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html>`__ | `MapTypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$MapTypeExpr.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``chan<-`` `TypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html>`__ | `SendChanTypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$SendChanTypeExpr.html>`__ | `ChanTypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ChanTypeExpr.html>`__ |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``<-chan`` `TypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html>`__ | `RecvChanTypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$RecvChanTypeExpr.html>`__ | `ChanTypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ChanTypeExpr.html>`__ |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| ``chan`` `TypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html>`__ | `SendRecvChanTypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$SendRecvChanTypeExpr.html>`__ | `ChanTypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ChanTypeExpr.html>`__ |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
+-----------------------------------------+-----------------------+---------------+
| Expression syntax | CodeQL class | Superclasses |
+=========================================+=======================+===============+
| ``[``\ Expr_\ ``]`` TypeExpr_ | ArrayTypeExpr_ | |
+-----------------------------------------+-----------------------+---------------+
| ``struct { ... }`` | StructTypeExpr_ | |
+-----------------------------------------+-----------------------+---------------+
| ``func`` FunctionName_\ ``(...) (...)`` | FuncTypeExpr_ | |
+-----------------------------------------+-----------------------+---------------+
| ``interface { ... }`` | InterfaceTypeExpr_ | |
+-----------------------------------------+-----------------------+---------------+
| ``map[``\ TypeExpr_\ ``]``\ TypeExpr_ | MapTypeExpr_ | |
+-----------------------------------------+-----------------------+---------------+
| ``chan<-`` TypeExpr_ | SendChanTypeExpr_ | ChanTypeExpr_ |
+-----------------------------------------+-----------------------+---------------+
| ``<-chan`` TypeExpr_ | RecvChanTypeExpr_ | ChanTypeExpr_ |
+-----------------------------------------+-----------------------+---------------+
| ``chan`` TypeExpr_ | SendRecvChanTypeExpr_ | ChanTypeExpr_ |
+-----------------------------------------+-----------------------+---------------+
Name expressions
~~~~~~~~~~~~~~~~
All classes in this subsection are subclasses of
`Name <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Name.html>`__.
Name_.
The following classes relate to the structure of the name.
+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class | Superclasses |
+===================================================================================================================================================================================+======================================================================================================+====================================================================================================+
| `Ident <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Ident.html>`__ | `SimpleName <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$SimpleName.html>`__ | `Ident <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Ident.html>`__ |
+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
| `Ident <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Ident.html>`__\ ``.``\ `Ident <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Ident.html>`__ | `QualifiedName <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$QualifiedName.html>`__ | `SelectorExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$SelectorExpr.html>`__ |
+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------+
+-----------------------+----------------+---------------+
| Expression syntax | CodeQL class | Superclasses |
+=======================+================+===============+
| Ident_ | SimpleName_ | Ident_ |
+-----------------------+----------------+---------------+
| Ident_\ ``.``\ Ident_ | QualifiedName_ | SelectorExpr_ |
+-----------------------+----------------+---------------+
The following classes relate to what sort of entity the name refers to.
- `PackageName <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$PackageName.html>`__
- `TypeName <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeName.html>`__
- `LabelName <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$LabelName.html>`__
- `ValueName <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ValueName.html>`__
- PackageName_
- TypeName_
- LabelName_
- ValueName_
- `ConstantName <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ConstantName.html>`__
- `VariableName <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$VariableName.html>`__
- `FunctionName <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$FunctionName.html>`__
- ConstantName_
- VariableName_
- FunctionName_
Miscellaneous
~~~~~~~~~~~~~
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class | Superclasses | Remarks |
+============================================================================================================================================================================================================================================================================================================================================================================+========================================================================================================+====================================================================================================================+==========================================================================================================================================================================================================================+
| ``foo`` | `Ident <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Ident.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``_`` | `BlankIdent <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BlankIdent.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``...`` | `Ellipsis <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Ellipsis.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``(``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__\ ``)`` | `ParenExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ParenExpr.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Ident <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Ident.html>`__\ ``.``\ `Ident <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Ident.html>`__ | `SelectorExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$SelectorExpr.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__\ ``[``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__\ ``]`` | `IndexExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$IndexExpr.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__\ ``[``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__\ ``:``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__\ ``:``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__\ ``]`` | `SliceExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$SliceExpr.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__\ ``.(``\ `TypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html>`__\ ``)`` | `TypeAssertExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeAssertExpr.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``*``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `StarExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$StarExpr.html>`__ | | can be a `ValueExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ValueExpr.html>`__ or `TypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html>`__ depending on context |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__\ ``:`` `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__ | `KeyValueExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$KeyValueExpr.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `TypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html>`__\ ``(``\ `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__\ ``)`` | `ConversionExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ConversionExpr.html>`__ | `CallOrConversionExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$CallOrConversionExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__\ ``(...)`` | `CallExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$CallExpr.html>`__ | `CallOrConversionExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$CallOrConversionExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| (anything unparseable) | `BadExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BadExpr.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| Expression syntax | CodeQL class | Superclasses | Remarks |
+========================================================+=================+=======================+=======================================================+
| ``foo`` | Ident_ | | |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| ``_`` | BlankIdent_ | | |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| ``...`` | Ellipsis_ | | |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| ``(``\ Expr_\ ``)`` | ParenExpr_ | | |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| Ident_\ ``.``\ Ident_ | SelectorExpr_ | | |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| Expr_\ ``[``\ Expr_\ ``]`` | IndexExpr_ | | |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| Expr_\ ``[``\ Expr_\ ``:``\ Expr_\ ``:``\ Expr_\ ``]`` | SliceExpr_ | | |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| Expr_\ ``.(``\ TypeExpr_\ ``)`` | TypeAssertExpr_ | | |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| ``*``\ Expr_ | StarExpr_ | | can be a ValueExpr_ or TypeExpr_ depending on context |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| Expr_\ ``:`` Expr_ | KeyValueExpr_ | | |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| TypeExpr_\ ``(``\ Expr_\ ``)`` | ConversionExpr_ | CallOrConversionExpr_ | |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| Expr_\ ``(...)`` | CallExpr_ | CallOrConversionExpr_ | |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
| (anything unparseable) | BadExpr_ | | |
+--------------------------------------------------------+-----------------+-----------------------+-------------------------------------------------------+
The following classes organize expressions by the kind of entity they refer to.
+------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| CodeQL class | Explanation |
+======================================================================================================+=========================================================================================================================================================================================================================================================+
| `TypeExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html>`__ | an expression that denotes a type |
+------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `ReferenceExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ReferenceExpr.html>`__ | an expression that refers to a variable, a constant, a function, a field, or an element of an array or a slice |
+------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `ValueExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$BadExpr.html>`__ | an expression that can be evaluated to a value (as opposed to expressions that refer to a package, a type, or a statement label). This generalizes `ReferenceExpr <https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$ReferenceExpr.html>`__ |
+------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
+----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| CodeQL class | Explanation |
+================+===================================================================================================================================================================+
| TypeExpr_ | an expression that denotes a type |
+----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ReferenceExpr_ | an expression that refers to a variable, a constant, a function, a field, or an element of an array or a slice |
+----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ValueExpr_ | an expression that can be evaluated to a value (as opposed to expressions that refer to a package, a type, or a statement label). This generalizes ReferenceExpr_ |
+----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Further reading
---------------
.. include:: ../reusables/go-further-reading.rst
.. include:: ../reusables/codeql-ref-tools-further-reading.rst
.. include:: ../reusables/codeql-ref-tools-further-reading.rst
.. Links used in tables. For information about using these links, see
https://www.sphinx-doc.org/en/master/usage/restructuredtext/basics.html#hyperlinks.
.. _Stmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html
.. _Expr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$Expr.html
.. _IntLit: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$IntLit.html
.. _BasicLit: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$BasicLit.html
.. _FloatLit: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$FloatLit.html
.. _ImagLit: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ImagLit.html
.. _CharLit: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$CharLit.html
.. _StringLit: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$StringLit.html
.. _FuncLit: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$FuncLit.html
.. _FuncDef: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Decls.qll/type.Decls$FuncDef.html
.. _MapLit: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$MapLit.html
.. _CompositeLit: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$CompositeLit.html
.. _StructLit: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$StructLit.html
.. _UnaryExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$UnaryExpr.html
.. _PlusExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$PlusExpr.html
.. _ArithmeticUnaryExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ArithmeticUnaryExpr.html
.. _MinusExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$MinusExpr.html
.. _NotExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$NotExpr.html
.. _LogicalUnaryExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$LogicalUnaryExpr.html
.. _ComplementExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ComplementExpr.html
.. _BitwiseUnaryExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$BitwiseUnaryExpr.html
.. _AddressExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$AddressExpr.html
.. _RecvExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$RecvExpr.html
.. _BinaryExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$BinaryExpr.html
.. _MulExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$MulExpr.html
.. _ArithmeticBinaryExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ArithmeticBinaryExpr.html
.. _QuoExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$QuoExpr.html
.. _RemExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$RemExpr.html
.. _AddExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$AddExpr.html
.. _SubExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$SubExpr.html
.. _ShlExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ShlExpr.html
.. _ShiftExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ShiftExpr.html
.. _ShrExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ShrExpr.html
.. _LandExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$LandExpr.html
.. _LogicalBinaryExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$LogicalBinaryExpr.html
.. _LorExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$LorExpr.html
.. _LssExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$LssExpr.html
.. _RelationalComparisonExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$RelationalComparisonExpr.html
.. _GtrExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$GtrExpr.html
.. _LeqExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$LeqExpr.html
.. _GeqExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$GeqExpr.html
.. _EqlExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$EqlExpr.html
.. _EqualityTestExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$EqualityTestExpr.html
.. _NeqExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$NeqExpr.html
.. _AndExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$AndExpr.html
.. _BitwiseBinaryExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$BitwiseBinaryExpr.html
.. _OrExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$OrExpr.html
.. _XorExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$XorExpr.html
.. _AndNotExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$AndNotExpr.html
.. _TypeExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$TypeExpr.html
.. _ArrayTypeExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ArrayTypeExpr.html
.. _StructTypeExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$StructTypeExpr.html
.. _FunctionName: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$FunctionName.html
.. _FuncTypeExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$FuncTypeExpr.html
.. _InterfaceTypeExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$InterfaceTypeExpr.html
.. _MapTypeExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$MapTypeExpr.html
.. _SendChanTypeExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$SendChanTypeExpr.html
.. _ChanTypeExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ChanTypeExpr.html
.. _RecvChanTypeExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$RecvChanTypeExpr.html
.. _SendRecvChanTypeExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$SendRecvChanTypeExpr.html
.. _Name: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$Name.html
.. _Ident: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$Ident.html
.. _SimpleName: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$SimpleName.html
.. _QualifiedName: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$QualifiedName.html
.. _SelectorExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$SelectorExpr.html
.. _PackageName: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$PackageName.html
.. _TypeName: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$TypeName.html
.. _LabelName: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$LabelName.html
.. _ValueName: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ValueName.html
.. _ConstantName: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ConstantName.html
.. _VariableName: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$VariableName.html
.. _BlankIdent: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$BlankIdent.html
.. _Ellipsis: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$Ellipsis.html
.. _ParenExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ParenExpr.html
.. _IndexExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$IndexExpr.html
.. _SliceExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$SliceExpr.html
.. _TypeAssertExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$TypeAssertExpr.html
.. _StarExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$StarExpr.html
.. _ValueExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ValueExpr.html
.. _KeyValueExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$KeyValueExpr.html
.. _ConversionExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ConversionExpr.html
.. _CallOrConversionExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$CallOrConversionExpr.html
.. _CallExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$CallExpr.html
.. _BadExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$BadExpr.html
.. _ReferenceExpr: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$ReferenceExpr.html
.. _EmptyStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$EmptyStmt.html
.. _ExprStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$ExprStmt.html
.. _BlockStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$BlockStmt.html
.. _IfStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$IfStmt.html
.. _ForStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$ForStmt.html
.. _LoopStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$LoopStmt.html
.. _RangeStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$RangeStmt.html
.. _ExpressionSwitchStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$ExpressionSwitchStmt.html
.. _SwitchStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$SwitchStmt.html
.. _CaseClause: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$CaseClause.html
.. _TypeSwitchStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$TypeSwitchStmt.html
.. _SimpleAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$SimpleAssignStmt.html
.. _CommClause: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$CommClause.html
.. _SelectStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$SelectStmt.html
.. _ReturnStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$ReturnStmt.html
.. _BreakStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$BreakStmt.html
.. _BranchStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$BranchStmt.html
.. _ContinueStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$ContinueStmt.html
.. _GotoStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$GotoStmt.html
.. _FallthroughStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$FallthroughStmt.html
.. _LabeledStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$LabeledStmt.html
.. _DeclStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$DeclStmt.html
.. _AssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$AssignStmt.html
.. _Assignment: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$Assignment.html
.. _DefineStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$DefineStmt.html
.. _AddAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$AddAssignStmt.html
.. _CompoundAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$CompoundAssignStmt.html
.. _SubAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$SubAssignStmt.html
.. _MulAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$MulAssignStmt.html
.. _QuoAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$QuoAssignStmt.html
.. _RemAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$RemAssignStmt.html
.. _AndAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$AndAssignStmt.html
.. _OrAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$OrAssignStmt.html
.. _XorAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$XorAssignStmt.html
.. _ShlAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$ShlAssignStmt.html
.. _ShrAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$ShrAssignStmt.html
.. _AndNotAssignStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$AndNotAssignStmt.html
.. _IncStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$IncStmt.html
.. _IncDecStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$IncDecStmt.html
.. _DecStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$DecStmt.html
.. _GoStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$GoStmt.html
.. _DeferStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$DeferStmt.html
.. _SendStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$SendStmt.html
.. _RecvStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$RecvStmt.html
.. _BadStmt: https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$BadStmt.html

476
docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-java-programs.rst
View File

@@ -12,80 +12,80 @@ Statement classes
This table lists all subclasses of `Stmt`_.
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| Statement syntax | CodeQL class | Superclasses | Remarks |
+============================================================================+===========================================================================================================================================================+=================================+============================================+
| ``;`` | `EmptyStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$EmptyStmt.html>`__ | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| `Expr`_ ``;`` | `ExprStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$ExprStmt.html>`__ | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``{`` `Stmt`_ ``... }`` | `Block <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$Block.html>`__ | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``if (`` `Expr`_ ``)`` `Stmt`_ ``else`` `Stmt`_ | `IfStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$IfStmt.html>`__ | `ConditionalStmt`_ | |
+----------------------------------------------------------------------------+ | | |
| ``if (`` `Expr`_ ``)`` `Stmt`_ | | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``while (`` `Expr`_ ``)`` `Stmt`_ | `WhileStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$WhileStmt.html>`__ | `ConditionalStmt`_, `LoopStmt`_ | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``do`` `Stmt`_ ``while (`` `Expr`_ ``)`` | `DoStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$DoStmt.html>`__ | `ConditionalStmt`_, `LoopStmt`_ | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``for (`` `Expr`_ ``;`` `Expr`_ ``;`` `Expr`_ ``)`` `Stmt`_ | `ForStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$ForStmt.html>`__ | `ConditionalStmt`_, `LoopStmt`_ | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``for (`` `VarAccess`_ ``:`` `Expr`_ ``)`` `Stmt`_ | `EnhancedForStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$EnhancedForStmt.html>`__ | `LoopStmt`_ | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``switch (`` `Expr`_ ``) {`` `SwitchCase`_ ``... }`` | `SwitchStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$SwitchStmt.html>`__ | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``try {`` `Stmt`_ ``... } finally {`` `Stmt`_ ``... }`` | `TryStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$TryStmt.html>`__ | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``return`` `Expr`_ ``;`` | `ReturnStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$ReturnStmt.html>`__ | | |
+----------------------------------------------------------------------------+ | | |
| ``return ;`` | | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``throw`` `Expr`_ ``;`` | `ThrowStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$ThrowStmt.html>`__ | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``break ;`` | `BreakStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$BreakStmt.html>`__ | `JumpStmt`_ | |
+----------------------------------------------------------------------------+ | | |
| ``break label ;`` | | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``continue ;`` | `ContinueStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$ContinueStmt.html>`__ | `JumpStmt`_ | |
+----------------------------------------------------------------------------+ | | |
| ``continue label ;`` | | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``label :`` `Stmt`_ | `LabeledStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$LabeledStmt.html>`__ | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``synchronized (`` `Expr`_ ``)`` `Stmt`_ | `SynchronizedStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$SynchronizedStmt.html>`__ | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``assert`` `Expr`_ ``:`` `Expr`_ ``;`` | `AssertStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$AssertStmt.html>`__ | | |
+----------------------------------------------------------------------------+ | | |
| ``assert`` `Expr`_ ``;`` | | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| `TypeAccess`_ ``name ;`` | `LocalVariableDeclStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$LocalVariableDeclStmt.html>`__ | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``class name {`` `Member`_ ``... } ;`` | `LocalClassDeclStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$LocalClassDeclStmt.html>`__ | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``this (`` `Expr`_ ``, ... ) ;`` | `ThisConstructorInvocationStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$ThisConstructorInvocationStmt.html>`__ | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``super (`` `Expr`_ ``, ... ) ;`` | `SuperConstructorInvocationStmt <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$SuperConstructorInvocationStmt.html>`__ | | |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``catch (`` `TypeAccess`_ ``name ) {`` `Stmt`_ ``... }`` | `CatchClause <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$CatchClause.html>`__ | | can only occur as child of a `TryStmt`_ |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``case`` `Literal`_ ``:`` `Stmt`_ ``...`` | `ConstCase <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$ConstCase.html>`__ | | can only occur as child of a `SwitchStmt`_ |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
| ``default :`` `Stmt`_ ``...`` | `DefaultCase <https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$DefaultCase.html>`__ | | can only occur as child of a `SwitchStmt`_ |
+----------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------+--------------------------------------------+
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| Statement syntax | CodeQL class | Superclasses | Remarks |
+====================================================================================+=================================+=================================+============================================+
| ``;`` | EmptyStmt_ | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| `Expr`_ ``;`` | ExprStmt_ | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``{`` `Stmt`_ ``... }`` | Block_ | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``if (`` `Expr`_ ``)`` `Stmt`_ ``else`` `Stmt`_ | IfStmt_ | `ConditionalStmt`_ | |
+------------------------------------------------------------------------------------+ | | |
| ``if (`` `Expr`_ ``)`` `Stmt`_ | | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``while (`` `Expr`_ ``)`` `Stmt`_ | WhileStmt_ | `ConditionalStmt`_, `LoopStmt`_ | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``do`` `Stmt`_ ``while (`` `Expr`_ ``)`` | DoStmt_ | `ConditionalStmt`_, `LoopStmt`_ | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``for (`` `Expr`_ ``;`` `Expr`_ ``;`` `Expr`_ ``)`` `Stmt`_ | ForStmt_ | `ConditionalStmt`_, `LoopStmt`_ | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``for (`` `VarAccess`_ ``:`` `Expr`_ ``)`` `Stmt`_ | EnhancedForStmt_ | `LoopStmt`_ | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``switch (`` `Expr`_ ``) {`` `SwitchCase`_ ``... }`` | SwitchStmt_ | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``try {`` `Stmt`_ ``... } finally {`` `Stmt`_ ``... }`` | TryStmt_ | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``return`` `Expr`_ ``;`` | ReturnStmt_ | | |
+------------------------------------------------------------------------------------+ | | |
| ``return ;`` | | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``throw`` `Expr`_ ``;`` | ThrowStmt_ | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``break ;`` | BreakStmt_ | `JumpStmt`_ | |
+------------------------------------------------------------------------------------+ | | |
| ``break label ;`` | | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``continue ;`` | ContinueStmt_ | `JumpStmt`_ | |
+------------------------------------------------------------------------------------+ | | |
| ``continue label ;`` | | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``label :`` `Stmt`_ | LabeledStmt_ | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``synchronized (`` `Expr`_ ``)`` `Stmt`_ | SynchronizedStmt_ | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``assert`` `Expr`_ ``:`` `Expr`_ ``;`` | AssertStmt_ | | |
+------------------------------------------------------------------------------------+ | | |
| ``assert`` `Expr`_ ``;`` | | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| `TypeAccess`_ ``name ;`` | LocalVariableDeclStmt_ | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``class name {`` `Member`_ ``... } ;`` | LocalClassDeclStmt_ | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``this (`` `Expr`_ ``, ... ) ;`` | ThisConstructorInvocationStmt_ | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``super (`` `Expr`_ ``, ... ) ;`` | SuperConstructorInvocationStmt_ | | |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``catch (`` `TypeAccess`_ ``name ) {`` `Stmt`_ ``... }`` | CatchClause_ | | can only occur as child of a `TryStmt`_ |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``case`` `Literal`_ ``:`` `Stmt`_ ``...`` | ConstCase_ | | can only occur as child of a `SwitchStmt`_ |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
| ``default :`` `Stmt`_ ``...`` | DefaultCase_ | | can only occur as child of a `SwitchStmt`_ |
+------------------------------------------------------------------------------------+---------------------------------+---------------------------------+--------------------------------------------+
Expression classes
------------------
There are many expression classes, so we present them by category. All classes in this section are subclasses of `Expr <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$Expr.html>`__.
There are many expression classes, so we present them by category. All classes in this section are subclasses of Expr_.
Literals
~~~~~~~~
All classes in this subsection are subclasses of `Literal <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$Literal.html>`__.
All classes in this subsection are subclasses of Literal_.
+---------------------------+-------------------------+
| Expression syntax example | CodeQL class |
| Expression syntax example | CodeQL class |
+===========================+=========================+
| ``true`` | `BooleanLiteral`_ |
+---------------------------+-------------------------+
@@ -107,10 +107,10 @@ All classes in this subsection are subclasses of `Literal <https://help.semmle.c
Unary expressions
~~~~~~~~~~~~~~~~~
All classes in this subsection are subclasses of `UnaryExpr <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$UnaryExpr.html>`__.
All classes in this subsection are subclasses of UnaryExpr_.
+-------------------+----------------+--------------------+--------------------------------------------------+
| Expression syntax | CodeQL class | Superclasses | Remarks |
| Expression syntax | CodeQL class | Superclasses | Remarks |
+===================+================+====================+==================================================+
| `Expr`_\ ``++`` | `PostIncExpr`_ | `UnaryAssignExpr`_ | |
+-------------------+----------------+--------------------+--------------------------------------------------+
@@ -132,10 +132,10 @@ All classes in this subsection are subclasses of `UnaryExpr <https://help.semmle
Binary expressions
~~~~~~~~~~~~~~~~~~
All classes in this subsection are subclasses of `BinaryExpr <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$BinaryExpr.html>`__.
All classes in this subsection are subclasses of BinaryExpr_.
+-------------------------+-------------------+-------------------+
| Expression syntax | CodeQL class | Superclasses |
| Expression syntax | CodeQL class | Superclasses |
+=========================+===================+===================+
| `Expr`_ ``*`` `Expr`_ | `MulExpr`_ | |
+-------------------------+-------------------+-------------------+
@@ -155,7 +155,7 @@ All classes in this subsection are subclasses of `BinaryExpr <https://help.semml
+-------------------------+-------------------+-------------------+
| `Expr`_ ``&&`` `Expr`_ | `AndLogicalExpr`_ | `LogicExpr`_ |
+-------------------------+-------------------+-------------------+
| `Expr`_ ``||`` `Expr`_ | `OrLogicalExpr`_ | `LogicExpr`_ |
| `Expr`_ ``||`` `Expr`_ | `OrLogicalExpr`_ | `LogicExpr`_ |
+-------------------------+-------------------+-------------------+
| `Expr`_ ``<`` `Expr`_ | `LTExpr`_ | `ComparisonExpr`_ |
+-------------------------+-------------------+-------------------+
@@ -179,97 +179,97 @@ All classes in this subsection are subclasses of `BinaryExpr <https://help.semml
Assignment expressions
~~~~~~~~~~~~~~~~~~~~~~
All classes in this table are subclasses of `Assignment <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$Assignment.html>`__.
All classes in this table are subclasses of Assignment_.
+--------------------------+----------------------+--------------+
| Expression syntax | CodeQL class | Superclasses |
+==========================+======================+==============+
| `Expr`_ ``=`` `Expr`_ | `AssignExpr`_ | |
+--------------------------+----------------------+--------------+
| `Expr`_ ``+=`` `Expr`_ | `AssignAddExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+--------------+
| `Expr`_ ``-=`` `Expr`_ | `AssignSubExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+--------------+
| `Expr`_ ``*=`` `Expr`_ | `AssignMulExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+--------------+
| `Expr`_ ``/=`` `Expr`_ | `AssignDivExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+--------------+
| `Expr`_ ``%=`` `Expr`_ | `AssignRemExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+--------------+
| `Expr`_ ``&=`` `Expr`_ | `AssignAndExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+--------------+
| `Expr`_ ``|=`` `Expr`_ | `AssignOrExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+--------------+
| `Expr`_ ``^=`` `Expr`_ | `AssignXorExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+--------------+
| `Expr`_ ``<<=`` `Expr`_ | `AssignLShiftExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+--------------+
| `Expr`_ ``>>=`` `Expr`_ | `AssignRShiftExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+--------------+
| `Expr`_ ``>>>=`` `Expr`_ | `AssignURShiftExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+--------------+
+--------------------------+----------------------+-----------------+
| Expression syntax | CodeQL class | Superclasses |
+==========================+======================+=================+
| `Expr`_ ``=`` `Expr`_ | `AssignExpr`_ | |
+--------------------------+----------------------+-----------------+
| `Expr`_ ``+=`` `Expr`_ | `AssignAddExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+-----------------+
| `Expr`_ ``-=`` `Expr`_ | `AssignSubExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+-----------------+
| `Expr`_ ``*=`` `Expr`_ | `AssignMulExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+-----------------+
| `Expr`_ ``/=`` `Expr`_ | `AssignDivExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+-----------------+
| `Expr`_ ``%=`` `Expr`_ | `AssignRemExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+-----------------+
| `Expr`_ ``&=`` `Expr`_ | `AssignAndExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+-----------------+
| `Expr`_ ``|=`` `Expr`_ | `AssignOrExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+-----------------+
| `Expr`_ ``^=`` `Expr`_ | `AssignXorExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+-----------------+
| `Expr`_ ``<<=`` `Expr`_ | `AssignLShiftExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+-----------------+
| `Expr`_ ``>>=`` `Expr`_ | `AssignRShiftExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+-----------------+
| `Expr`_ ``>>>=`` `Expr`_ | `AssignURShiftExpr`_ | `AssignOp`_ |
+--------------------------+----------------------+-----------------+
Accesses
~~~~~~~~
+--------------------------------------+-------------------------------------------------------------------------------------------------------------------------+
| Expression syntax examples | CodeQL class |
+======================================+=========================================================================================================================+
| ``this`` | `ThisAccess <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$ThisAccess.html>`__ |
+--------------------------------------+ +
| ``Outer.this`` | |
+--------------------------------------+-------------------------------------------------------------------------------------------------------------------------+
| ``super`` | `SuperAccess <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$SuperAccess.html>`__ |
+--------------------------------------+ +
| ``Outer.super`` | |
+--------------------------------------+-------------------------------------------------------------------------------------------------------------------------+
| ``x`` | `VarAccess <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$VarAccess.html>`__ |
+--------------------------------------+ +
| ``e.f`` | |
+--------------------------------------+-------------------------------------------------------------------------------------------------------------------------+
| ``a[i]`` | `ArrayAccess <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$ArrayAccess.html>`__ |
+--------------------------------------+-------------------------------------------------------------------------------------------------------------------------+
| ``f(...)`` | `MethodAccess <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$MethodAccess.html>`__ |
+--------------------------------------+ +
| ``e.m(...)`` | |
+--------------------------------------+-------------------------------------------------------------------------------------------------------------------------+
| ``String`` | `TypeAccess <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$TypeAccess.html>`__ |
+--------------------------------------+ +
| ``java.lang.String`` | |
+--------------------------------------+-------------------------------------------------------------------------------------------------------------------------+
| ``? extends Number`` | `WildcardTypeAccess <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$WildcardTypeAccess.html>`__ |
+--------------------------------------+ +
| ``? super Double`` | |
+--------------------------------------+-------------------------------------------------------------------------------------------------------------------------+
+--------------------------------+---------------------+
| Expression syntax examples | CodeQL class |
+================================+=====================+
| ``this`` | ThisAccess_ |
+--------------------------------+ |
| ``Outer.this`` | |
+--------------------------------+---------------------+
| ``super`` | SuperAccess_ |
+--------------------------------+ |
| ``Outer.super`` | |
+--------------------------------+---------------------+
| ``x`` | VarAccess_ |
+--------------------------------+ |
| ``e.f`` | |
+--------------------------------+---------------------+
| ``a[i]`` | ArrayAccess_ |
+--------------------------------+---------------------+
| ``f(...)`` | MethodAccess_ |
+--------------------------------+ |
| ``e.m(...)`` | |
+--------------------------------+---------------------+
| ``String`` | TypeAccess_ |
+--------------------------------+ |
| ``java.lang.String`` | |
+--------------------------------+---------------------+
| ``? extends Number`` | WildcardTypeAccess_ |
+--------------------------------+ |
| ``? super Double`` | |
+--------------------------------+---------------------+
A `VarAccess <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$VarAccess.html>`__ that refers to a field is a `FieldAccess <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$FieldAccess.html>`__.
A VarAccess_ that refers to a field is a FieldAccess_.
Miscellaneous
~~~~~~~~~~~~~
+------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------+
| Expression syntax examples | CodeQL class | Remarks |
+==================================================================+=======================================================================================================================+=============================================================================+
| ``(int) f`` | `CastExpr <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$CastExpr.html>`__ | |
+------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------+
| ``(23 + 42)`` | `ParExpr <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$ParExpr.html>`__ | |
+------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------+
| ``o instanceof String`` | `InstanceOfExpr <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$InstanceOfExpr.html>`__ | |
+------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------+
| `Expr`_ ``?`` `Expr`_ ``:`` `Expr`_ | `ConditionalExpr <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$ConditionalExpr.html>`__ | |
+------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------+
| ``String. class`` | `TypeLiteral <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$TypeLiteral.html>`__ | |
+------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------+
| ``new A()`` | `ClassInstanceExpr <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$ClassInstanceExpr.html>`__ | |
+------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------+
| ``new String[3][2]`` | `ArrayCreationExpr <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$ArrayCreationExpr.html>`__ | |
+------------------------------------------------------------------+ + +
| ``new int[] { 23, 42 }`` | | |
+------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------+
| ``{ 23, 42 }`` | `ArrayInit <https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$ArrayInit.html>`__ | can only appear as an initializer or as a child of an `ArrayCreationExpr`_ |
+------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------+
| ``@Annot(key=val)`` | `Annotation <https://help.semmle.com/qldoc/java/semmle/code/java/Annotation.qll/type.Annotation$Annotation.html>`__ |   |
+------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------+
+-------------------------------------+--------------------+----------------------------------------------------------------------------+
| Expression syntax examples | CodeQL class | Remarks |
+=====================================+====================+============================================================================+
| ``(int) f`` | CastExpr_ | |
+-------------------------------------+--------------------+----------------------------------------------------------------------------+
| ``(23 + 42)`` | ParExpr_ | |
+-------------------------------------+--------------------+----------------------------------------------------------------------------+
| ``o instanceof String`` | InstanceOfExpr_ | |
+-------------------------------------+--------------------+----------------------------------------------------------------------------+
| `Expr`_ ``?`` `Expr`_ ``:`` `Expr`_ | ConditionalExpr_ | |
+-------------------------------------+--------------------+----------------------------------------------------------------------------+
| ``String. class`` | TypeLiteral_ | |
+-------------------------------------+--------------------+----------------------------------------------------------------------------+
| ``new A()`` | ClassInstanceExpr_ | |
+-------------------------------------+--------------------+----------------------------------------------------------------------------+
| ``new String[3][2]`` | ArrayCreationExpr_ | |
+-------------------------------------+ | |
| ``new int[] { 23, 42 }`` | | |
+-------------------------------------+--------------------+----------------------------------------------------------------------------+
| ``{ 23, 42 }`` | ArrayInit_ | can only appear as an initializer or as a child of an `ArrayCreationExpr`_ |
+-------------------------------------+--------------------+----------------------------------------------------------------------------+
| ``@Annot(key=val)`` | Annotation_ | |
+-------------------------------------+--------------------+----------------------------------------------------------------------------+
Further reading
---------------
@@ -277,71 +277,111 @@ Further reading
.. include:: ../reusables/java-further-reading.rst
.. include:: ../reusables/codeql-ref-tools-further-reading.rst
.. _Expr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$Expr.html
.. _Stmt: https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$Stmt.html
.. _VarAccess: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$VarAccess.html
.. _SwitchCase: https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$SwitchCase.html
.. _TypeAccess: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$TypeAccess.html
.. _Member: https://help.semmle.com/qldoc/java/semmle/code/java/Member.qll/type.Member$Member.html
.. _Literal: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$Literal.html
.. _ConditionalStmt: https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$ConditionalStmt.html
.. _LoopStmt: https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$LoopStmt.html
.. _JumpStmt: https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$JumpStmt.html
.. _TryStmt: https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$TryStmt.html
.. _SwitchStmt: https://help.semmle.com/qldoc/java/semmle/code/java/Statement.qll/type.Statement$SwitchStmt.html
.. _BooleanLiteral: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$BooleanLiteral.html
.. _IntegerLiteral: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$IntegerLiteral.html
.. _LongLiteral: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$LongLiteral.html
.. _FloatingPointLiteral: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$FloatingPointLiteral.html
.. _DoubleLiteral: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$DoubleLiteral.html
.. _CharacterLiteral: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$CharacterLiteral.html
.. _StringLiteral: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$StringLiteral.html
.. _NullLiteral: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$NullLiteral.html
.. _PostIncExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$PostIncExpr.html
.. _PostDecExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$PostDecExpr.html
.. _PreIncExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$PreIncExpr.html
.. _PreDecExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$PreDecExpr.html
.. _BitNotExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$BitNotExpr.html
.. _MinusExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$MinusExpr.html
.. _PlusExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$PlusExpr.html
.. _LogNotExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$LogNotExpr.html
.. _UnaryAssignExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$UnaryAssignExpr.html
.. _BitwiseExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$BitwiseExpr.html
.. _LogicExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$LogicExpr.html
.. _MulExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$MulExpr.html
.. _DivExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$DivExpr.html
.. _RemExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$RemExpr.html
.. _AddExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AddExpr.html
.. _SubExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$SubExpr.html
.. _LShiftExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$LShiftExpr.html
.. _RShiftExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$RShiftExpr.html
.. _URShiftExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$URShiftExpr.html
.. _AndLogicalExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AndLogicalExpr.html
.. _OrLogicalExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$OrLogicalExpr.html
.. _LTExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$LTExpr.html
.. _GTExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$GTExpr.html
.. _LEExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$LEExpr.html
.. _GEExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$GEExpr.html
.. _EQExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$EQExpr.html
.. _NEExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$NEExpr.html
.. _AndBitwiseExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AndBitwiseExpr.html
.. _OrBitwiseExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$OrBitwiseExpr.html
.. _XorBitwiseExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$XorBitwiseExpr.html
.. _LogicExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$LogicExpr.html
.. _ComparisonExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$ComparisonExpr.html
.. _EqualityTest: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$EqualityTest.html
.. _BitwiseExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$BitwiseExpr.html
.. _AssignExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignExpr.html
.. _AssignAddExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignAddExpr.html
.. _AssignSubExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignSubExpr.html
.. _AssignMulExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignMulExpr.html
.. _AssignDivExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignDivExpr.html
.. _AssignRemExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignRemExpr.html
.. _AssignAndExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignAndExpr.html
.. _AssignOrExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignOrExpr.html
.. _AssignXorExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignXorExpr.html
.. _AssignLShiftExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignLShiftExpr.html
.. _AssignRShiftExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignRShiftExpr.html
.. _AssignURShiftExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignURShiftExpr.html
.. _AssignOp: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$AssignOp.html
.. _ArrayCreationExpr: https://help.semmle.com/qldoc/java/semmle/code/java/Expr.qll/type.Expr$ArrayCreationExpr.html
.. Links used in tables. For information about using these links, see
https://www.sphinx-doc.org/en/master/usage/restructuredtext/basics.html#hyperlinks.
.. _Expr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$Expr.html
.. _Stmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$Stmt.html
.. _VarAccess: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$VarAccess.html
.. _SwitchCase: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$SwitchCase.html
.. _TypeAccess: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$TypeAccess.html
.. _Member: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Member.qll/type.Member$Member.html
.. _Literal: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$Literal.html
.. _ConditionalStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$ConditionalStmt.html
.. _LoopStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$LoopStmt.html
.. _JumpStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$JumpStmt.html
.. _TryStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$TryStmt.html
.. _SwitchStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$SwitchStmt.html
.. _BooleanLiteral: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$BooleanLiteral.html
.. _IntegerLiteral: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$IntegerLiteral.html
.. _LongLiteral: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$LongLiteral.html
.. _FloatingPointLiteral: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$FloatingPointLiteral.html
.. _DoubleLiteral: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$DoubleLiteral.html
.. _CharacterLiteral: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$CharacterLiteral.html
.. _StringLiteral: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$StringLiteral.html
.. _NullLiteral: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$NullLiteral.html
.. _PostIncExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$PostIncExpr.html
.. _PostDecExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$PostDecExpr.html
.. _PreIncExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$PreIncExpr.html
.. _PreDecExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$PreDecExpr.html
.. _BitNotExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$BitNotExpr.html
.. _MinusExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$MinusExpr.html
.. _PlusExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$PlusExpr.html
.. _LogNotExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$LogNotExpr.html
.. _UnaryAssignExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$UnaryAssignExpr.html
.. _BitwiseExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$BitwiseExpr.html
.. _LogicExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$LogicExpr.html
.. _MulExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$MulExpr.html
.. _DivExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$DivExpr.html
.. _RemExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$RemExpr.html
.. _AddExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AddExpr.html
.. _SubExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$SubExpr.html
.. _LShiftExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$LShiftExpr.html
.. _RShiftExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$RShiftExpr.html
.. _URShiftExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$URShiftExpr.html
.. _AndLogicalExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AndLogicalExpr.html
.. _OrLogicalExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$OrLogicalExpr.html
.. _LTExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$LTExpr.html
.. _GTExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$GTExpr.html
.. _LEExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$LEExpr.html
.. _GEExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$GEExpr.html
.. _EQExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$EQExpr.html
.. _NEExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$NEExpr.html
.. _AndBitwiseExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AndBitwiseExpr.html
.. _OrBitwiseExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$OrBitwiseExpr.html
.. _XorBitwiseExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$XorBitwiseExpr.html
.. _ComparisonExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$ComparisonExpr.html
.. _EqualityTest: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$EqualityTest.html
.. _AssignExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignExpr.html
.. _AssignAddExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignAddExpr.html
.. _AssignSubExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignSubExpr.html
.. _AssignMulExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignMulExpr.html
.. _AssignDivExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignDivExpr.html
.. _AssignRemExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignRemExpr.html
.. _AssignAndExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignAndExpr.html
.. _AssignOrExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignOrExpr.html
.. _AssignXorExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignXorExpr.html
.. _AssignLShiftExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignLShiftExpr.html
.. _AssignRShiftExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignRShiftExpr.html
.. _AssignURShiftExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignURShiftExpr.html
.. _AssignOp: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$AssignOp.html
.. _ArrayCreationExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$ArrayCreationExpr.html
.. _EmptyStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$EmptyStmt.html
.. _ExprStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$ExprStmt.html
.. _Block: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$Block.html
.. _IfStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$IfStmt.html
.. _WhileStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$WhileStmt.html
.. _DoStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$DoStmt.html
.. _ForStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$ForStmt.html
.. _EnhancedForStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$EnhancedForStmt.html
.. _ReturnStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$ReturnStmt.html
.. _ThrowStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$ThrowStmt.html
.. _BreakStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$BreakStmt.html
.. _ContinueStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$ContinueStmt.html
.. _LabeledStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$LabeledStmt.html
.. _SynchronizedStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$SynchronizedStmt.html
.. _AssertStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$AssertStmt.html
.. _LocalVariableDeclStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$LocalVariableDeclStmt.html
.. _LocalClassDeclStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$LocalClassDeclStmt.html
.. _ThisConstructorInvocationStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$ThisConstructorInvocationStmt.html
.. _SuperConstructorInvocationStmt: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$SuperConstructorInvocationStmt.html
.. _CatchClause: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$CatchClause.html
.. _ConstCase: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$ConstCase.html
.. _DefaultCase: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Statement.qll/type.Statement$DefaultCase.html
.. _UnaryExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$UnaryExpr.html
.. _BinaryExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$BinaryExpr.html
.. _Assignment: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$Assignment.html
.. _ThisAccess: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$ThisAccess.html
.. _SuperAccess: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$SuperAccess.html
.. _ArrayAccess: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$ArrayAccess.html
.. _MethodAccess: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$MethodAccess.html
.. _WildcardTypeAccess: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$WildcardTypeAccess.html
.. _FieldAccess: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$FieldAccess.html
.. _CastExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$CastExpr.html
.. _ParExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$ParExpr.html
.. _InstanceOfExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$InstanceOfExpr.html
.. _ConditionalExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$ConditionalExpr.html
.. _TypeLiteral: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$TypeLiteral.html
.. _ClassInstanceExpr: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$ClassInstanceExpr.html
.. _ArrayInit: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Expr.qll/type.Expr$ArrayInit.html
.. _Annotation: https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Annotation.qll/type.Annotation$Annotation.html

728
docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-javascript-and-typescript-programs.rst
View File

@@ -10,131 +10,131 @@ CodeQL has a large selection of classes for representing the abstract syntax tre
Statement classes
-----------------
This table lists subclasses of `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ representing ECMAScript and TypeScript statements.
This table lists subclasses of Stmt_ representing ECMAScript and TypeScript statements.
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Statement syntax | CodeQL class | Superclasses | Remarks |
+=============================================================================================================================================================================================================================================================================================================================================================================================================================================+==================================================================================================================================================================+==========================================================================================================================================================================================================================================================================================================================================================================================================================+===================================================================================================================================================================================================+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``;`` | `ExprStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ExprStmt.html>`__ | | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Label <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Label.html>`__ ``:`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ | `LabeledStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$LabeledStmt.html>`__ | | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``;`` | `EmptyStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$EmptyStmt.html>`__ | | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``break`` `Label <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Label.html>`__ ``;`` | `BreakStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$BreakStmt.html>`__ | `JumpStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$JumpStmt.html>`__, `BreakOrContinueStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$BreakOrContinueStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``case`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``:`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... | `Case <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Case.html>`__ | | can only occur as child of a `SwitchStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$SwitchStmt.html>`__ |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``catch(`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``)`` ``{`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... ``}`` | `CatchClause <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$CatchClause.html>`__ | `ControlStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html>`__ | can only occur as child of a `TryStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$TryStmt.html>`__ |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``class`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``extends`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``{`` `MemberDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$MemberDeclaration.html>`__... ``}`` | `ClassDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ClassDeclStmt.html>`__ | `ClassDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ClassDefinition.html>`__, `ClassOrInterface <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ClassOrInterface.html>`__, `TypeParameterized <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeParameterized.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``const`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``;`` | `ConstDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ConstDeclStmt.html>`__ | `DeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$DeclStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``continue`` `Label <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Label.html>`__ ``;`` | `ContinueStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ContinueStmt.html>`__ | `JumpStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$JumpStmt.html>`__, `BreakOrContinueStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$BreakOrContinueStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``debugger;`` | `DebuggerStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$DebuggerStmt.html>`__ | | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``declare`` ``global`` ``{`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... ``}`` | `GlobalAugmentationDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$GlobalAugmentationDeclaration.html>`__ | | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``declare`` ``module`` `StringLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$StringLiteral.html>`__ ``{`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... ``}`` | `ExternalModuleDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExternalModuleDeclaration.html>`__ | | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``default:`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... | `Case <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Case.html>`__ | | can only occur as child of a `SwitchStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$SwitchStmt.html>`__; use `isDefault` to distinguish `default` from `case` |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``do`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ ``while`` ``(`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``)`` | `DoWhileStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$DoWhileStmt.html>`__ | `ControlStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html>`__, `LoopStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$LoopStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``enum`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``{`` `MemberDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$MemberDeclaration.html>`__... ``}`` | `EnumDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$EnumDeclaration.html>`__ | `NamespaceDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceDefinition.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``export * from`` `StringLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$StringLiteral.html>`__ | `BulkReExportDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$BulkReExportDeclaration.html>`__ | `ReExportDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ReExportDeclaration.html>`__, `ExportDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportDeclaration.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``export default`` `ClassDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ClassDeclStmt.html>`__ | `ExportDefaultDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportDefaultDeclaration.html>`__ | `ExportDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportDeclaration.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``export default`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``;`` | `ExportDefaultDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportDefaultDeclaration.html>`__ | `ExportDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportDeclaration.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``export default`` `FunctionDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$FunctionDeclStmt.html>`__ | `ExportDefaultDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportDefaultDeclaration.html>`__ | `ExportDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportDeclaration.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``export {`` `ExportSpecifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportSpecifier.html>`__... ``};`` | `ExportNamedDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportNamedDeclaration.html>`__ | `ExportDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportDeclaration.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``export`` `DeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$DeclStmt.html>`__ | `ExportNamedDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportNamedDeclaration.html>`__ | `ExportDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportDeclaration.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``export`` ``=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``;`` | `ExportAssignDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExportAssignDeclaration.html>`__ | | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``export`` ``as`` ``namespace`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``;`` | `ExportAsNamespaceDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExportAsNamespaceDeclaration.html>`__ | | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``for`` ``(`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``;`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``;`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``)`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ | `ForStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ForStmt.html>`__ | `ControlStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html>`__, `LoopStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$LoopStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``for`` ``(`` `VarAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html>`__ ``in`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``)`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ | `ForInStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ForInStmt.html>`__ | `ControlStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html>`__, `LoopStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$LoopStmt.html>`__, `EnhancedForLoop <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$EnhancedForLoop.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``for`` ``(`` `VarAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html>`__ ``of`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``)`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ | `ForOfStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ForOfStmt.html>`__ | `ControlStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html>`__, `LoopStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$LoopStmt.html>`__, `EnhancedForLoop <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$EnhancedForLoop.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``function`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``(`` `Parameter <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Parameter.html>`__... ``)`` ``{`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... ``}`` | `FunctionDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$FunctionDeclStmt.html>`__ | `Function <https://help.semmle.com/qldoc/javascript/semmle/javascript/Functions.qll/type.Functions$Function.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``if`` ``(`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``)`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ ``else`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ | `IfStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$IfStmt.html>`__ | `ControlStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``import {`` `ImportSpecifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ImportSpecifier.html>`__... ``from`` `StringLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$StringLiteral.html>`__ | `ImportDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ImportDeclaration.html>`__ | `Import <https://help.semmle.com/qldoc/javascript/semmle/javascript/Modules.qll/type.Modules$Import.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``import`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``;`` | `ImportEqualsDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ImportEqualsDeclaration.html>`__ | | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``interface`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``{`` `MemberDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$MemberDeclaration.html>`__... ``}`` | `InterfaceDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$InterfaceDeclaration.html>`__ | `InterfaceDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$InterfaceDefinition.html>`__, `ClassOrInterface <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ClassOrInterface.html>`__, `TypeParameterized <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeParameterized.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``let`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``;`` | `LetStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$LetStmt.html>`__ | `DeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$DeclStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``namespace`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``{`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... ``}`` | `NamespaceDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceDeclaration.html>`__ | `NamespaceDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceDefinition.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``return`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``;`` | `ReturnStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ReturnStmt.html>`__ | `JumpStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$JumpStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``switch`` ``(`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``) {`` `Case <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Case.html>`__... ``}`` | `SwitchStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$SwitchStmt.html>`__ | `ControlStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``throw`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``;`` | `ThrowStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ThrowStmt.html>`__ | `JumpStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$JumpStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``try`` ``{`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... ``}`` `CatchClause <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$CatchClause.html>`__... ``finally`` ``{`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... ``}`` | `TryStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$TryStmt.html>`__ | `ControlStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``type`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``=`` `TypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeExpr.html>`__ ``;`` | `TypeAliasDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAliasDeclaration.html>`__ | `TypeParameterized <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeParameterized.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``var`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``;`` | `VarDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$VarDeclStmt.html>`__ | `DeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$DeclStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``while`` ``(`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``)`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ | `WhileStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$WhileStmt.html>`__ | `ControlStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html>`__, `LoopStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$LoopStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``with`` ``(`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``)`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ | `WithStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$WithStmt.html>`__ | `ControlStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``{`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... ``}`` | `BlockStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$BlockStmt.html>`__ | | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| Statement syntax | CodeQL class | Superclasses | Remarks |
+===============================================================================+================================+=============================================================+================================================================================================+
| Expr_ ``;`` | ExprStmt_ | | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| Label_ ``:`` Stmt_ | LabeledStmt_ | | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``;`` | EmptyStmt_ | | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``break`` Label_ ``;`` | BreakStmt_ | JumpStmt_, BreakOrContinueStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``case`` Expr_ ``:`` Stmt_... | Case_ | | can only occur as child of a SwitchStmt_ |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``catch(`` Identifier_ ``)`` ``{`` Stmt_... ``}`` | CatchClause_ | ControlStmt_ | can only occur as child of a TryStmt_ |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``class`` Identifier_ ``extends`` Expr_ ``{`` MemberDeclaration_... ``}`` | ClassDeclStmt_ | ClassDefinition_, ClassOrInterface_, TypeParameterized_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``const`` Identifier_ ``=`` Expr_ ``;`` | ConstDeclStmt_ | DeclStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``continue`` Label_ ``;`` | ContinueStmt_ | JumpStmt_, BreakOrContinueStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``debugger;`` | DebuggerStmt_ | | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``declare`` ``global`` ``{`` Stmt_... ``}`` | GlobalAugmentationDeclaration_ | | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``declare`` ``module`` StringLiteral_ ``{`` Stmt_... ``}`` | ExternalModuleDeclaration_ | | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``default:`` Stmt_... | Case_ | | can only occur as child of a SwitchStmt_; use `isDefault` to distinguish `default` from `case` |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``do`` Stmt_ ``while`` ``(`` Expr_ ``)`` | DoWhileStmt_ | ControlStmt_, LoopStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``enum`` Identifier_ ``{`` MemberDeclaration_... ``}`` | EnumDeclaration_ | NamespaceDefinition_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``export * from`` StringLiteral_ | BulkReExportDeclaration_ | ReExportDeclaration_, ExportDeclaration_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``export default`` ClassDeclStmt_ | ExportDefaultDeclaration_ | ExportDeclaration_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``export default`` Expr_ ``;`` | ExportDefaultDeclaration_ | ExportDeclaration_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``export default`` FunctionDeclStmt_ | ExportDefaultDeclaration_ | ExportDeclaration_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``export {`` ExportSpecifier_... ``};`` | ExportNamedDeclaration_ | ExportDeclaration_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``export`` DeclStmt_ | ExportNamedDeclaration_ | ExportDeclaration_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``export`` ``=`` Expr_ ``;`` | ExportAssignDeclaration_ | | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``export`` ``as`` ``namespace`` Identifier_ ``;`` | ExportAsNamespaceDeclaration_ | | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``for`` ``(`` Expr_ ``;`` Expr_ ``;`` Expr_ ``)`` Stmt_ | ForStmt_ | ControlStmt_, LoopStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``for`` ``(`` VarAccess_ ``in`` Expr_ ``)`` Stmt_ | ForInStmt_ | ControlStmt_, LoopStmt_, EnhancedForLoop_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``for`` ``(`` VarAccess_ ``of`` Expr_ ``)`` Stmt_ | ForOfStmt_ | ControlStmt_, LoopStmt_, EnhancedForLoop_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``function`` Identifier_ ``(`` Parameter_... ``)`` ``{`` Stmt_... ``}`` | FunctionDeclStmt_ | Function_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``if`` ``(`` Expr_ ``)`` Stmt_ ``else`` Stmt_ | IfStmt_ | ControlStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``import {`` ImportSpecifier_... ``from`` StringLiteral_ | ImportDeclaration_ | Import_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``import`` Identifier_ ``=`` Expr_ ``;`` | ImportEqualsDeclaration_ | | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``interface`` Identifier_ ``{`` MemberDeclaration_... ``}`` | InterfaceDeclaration_ | InterfaceDefinition_, ClassOrInterface_, TypeParameterized_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``let`` Identifier_ ``=`` Expr_ ``;`` | LetStmt_ | DeclStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``namespace`` Identifier_ ``{`` Stmt_... ``}`` | NamespaceDeclaration_ | NamespaceDefinition_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``return`` Expr_ ``;`` | ReturnStmt_ | JumpStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``switch`` ``(`` Expr_ ``) {`` Case_... ``}`` | SwitchStmt_ | ControlStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``throw`` Expr_ ``;`` | ThrowStmt_ | JumpStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``try`` ``{`` Stmt_... ``}`` CatchClause_... ``finally`` ``{`` Stmt_... ``}`` | TryStmt_ | ControlStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``type`` Identifier_ ``=`` TypeExpr_ ``;`` | TypeAliasDeclaration_ | TypeParameterized_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``var`` Identifier_ ``=`` Expr_ ``;`` | VarDeclStmt_ | DeclStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``while`` ``(`` Expr_ ``)`` Stmt_ | WhileStmt_ | ControlStmt_, LoopStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``with`` ``(`` Expr_ ``)`` Stmt_ | WithStmt_ | ControlStmt_ | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
| ``{`` Stmt_... ``}`` | BlockStmt_ | | |
+-------------------------------------------------------------------------------+--------------------------------+-------------------------------------------------------------+------------------------------------------------------------------------------------------------+
Expression classes
------------------
There is a large number of expression classes, so we present them by category. All classes in this section are subclasses of `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__, except where noted otherwise.
There is a large number of expression classes, so we present them by category. All classes in this section are subclasses of Expr_, except where noted otherwise.
Literals
~~~~~~~~
All classes in this subsection are subclasses of `Literal <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Literal.html>`__.
All classes in this subsection are subclasses of Literal_.
+-------------------+------------------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class |
+===================+========================================================================================================================+
| ``true`` | `BooleanLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$BooleanLiteral.html>`__ |
+-------------------+------------------------------------------------------------------------------------------------------------------------+
| ``23`` | `NumberLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$NumberLiteral.html>`__ |
+-------------------+------------------------------------------------------------------------------------------------------------------------+
| ``4.2`` | `NumberLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$NumberLiteral.html>`__ |
+-------------------+------------------------------------------------------------------------------------------------------------------------+
| ``"Hello"`` | `StringLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$StringLiteral.html>`__ |
+-------------------+------------------------------------------------------------------------------------------------------------------------+
| ``/ab*c?/`` | `RegExpLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$RegExpLiteral.html>`__ |
+-------------------+------------------------------------------------------------------------------------------------------------------------+
| ``null`` | `NullLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$NullLiteral.html>`__ |
+-------------------+------------------------------------------------------------------------------------------------------------------------+
+-------------------+-----------------+
| Expression syntax | CodeQL class |
+===================+=================+
| ``true`` | BooleanLiteral_ |
+-------------------+-----------------+
| ``23`` | NumberLiteral_ |
+-------------------+-----------------+
| ``4.2`` | NumberLiteral_ |
+-------------------+-----------------+
| ``"Hello"`` | StringLiteral_ |
+-------------------+-----------------+
| ``/ab*c?/`` | RegExpLiteral_ |
+-------------------+-----------------+
| ``null`` | NullLiteral_ |
+-------------------+-----------------+
Identifiers
~~~~~~~~~~~
All identifiers are represented by the class `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__, which has subclasses to represent specific kinds of identifiers:
All identifiers are represented by the class Identifier_, which has subclasses to represent specific kinds of identifiers:
- `VarAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html>`__: an identifier that refers to a variable
- `VarDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarDecl.html>`__: an identifier that declares a variable, for example ``x`` in ``var x = "hi"`` or in ``function(x) { }``
- `VarRef <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarRef.html>`__: a `VarAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html>`__ or a `VarDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarDecl.html>`__
- `Label <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Label.html>`__: an identifier that refers to a statement label or a property, not a variable; in the following examples, ``l`` and ``p`` are labels:
- VarAccess_: an identifier that refers to a variable
- VarDecl_: an identifier that declares a variable, for example ``x`` in ``var x = "hi"`` or in ``function(x) { }``
- VarRef_: a VarAccess_ or a VarDecl_
- Label_: an identifier that refers to a statement label or a property, not a variable; in the following examples, ``l`` and ``p`` are labels:
- ``break l;``
- ``l: for(;;) {}``
@@ -145,224 +145,382 @@ All identifiers are represented by the class `Identifier <https://help.semmle.co
Primary expressions
~~~~~~~~~~~~~~~~~~~
All classes in this subsection are subclasses of `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__.
All classes in this subsection are subclasses of Expr_.
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class | Superclasses | Remarks |
+======================================================================================================================================================================================================================================================================+==========================================================================================================================================+======================================================================================================================+================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================+
| ``this`` | `ThisExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ThisExpr.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``[`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__... ``]`` | `ArrayExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ArrayExpr.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``{`` `Property <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Property.html>`__... ``}`` | `ObjectExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ObjectExpr.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``function`` ``(`` `Parameter <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Parameter.html>`__... ``)`` ``{`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... ``}`` | `FunctionExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$FunctionExpr.html>`__ | `Function <https://help.semmle.com/qldoc/javascript/semmle/javascript/Functions.qll/type.Functions$Function.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``(`` `Parameter <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Parameter.html>`__... ``)`` ``=>`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `ArrowFunctionExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ArrowFunctionExpr.html>`__ | `Function <https://help.semmle.com/qldoc/javascript/semmle/javascript/Functions.qll/type.Functions$Function.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``(`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``)`` | `ParExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ParExpr.html>`__ | | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ````` ... ````` | `TemplateLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Templates.qll/type.Templates$TemplateLiteral.html>`__ | | an element in a `TemplateLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Templates.qll/type.Templates$TemplateLiteral.html>`__ is either a `TemplateElement <https://help.semmle.com/qldoc/javascript/semmle/javascript/Templates.qll/type.Templates$TemplateElement.html>`__ representing a constant template element, or some other expression representing an interpolated expression of the form ``${`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``}`` |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ````` ... ````` | `TaggedTemplateExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Templates.qll/type.Templates$TaggedTemplateExpr.html>`__ | | an element in a `TaggedTemplateExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Templates.qll/type.Templates$TaggedTemplateExpr.html>`__ is either a `TemplateElement <https://help.semmle.com/qldoc/javascript/semmle/javascript/Templates.qll/type.Templates$TemplateElement.html>`__ representing a constant template element, or some other expression representing an interpolated expression of the form ``${`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``}`` |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
+-------------------------------------------------------------+---------------------+--------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class | Superclasses | Remarks |
+=============================================================+=====================+==============+============================================================================================================================================================================================================+
| ``this`` | ThisExpr_ | | |
+-------------------------------------------------------------+---------------------+--------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``[`` Expr_... ``]`` | ArrayExpr_ | | |
+-------------------------------------------------------------+---------------------+--------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``{`` Property_... ``}`` | ObjectExpr_ | | |
+-------------------------------------------------------------+---------------------+--------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``function`` ``(`` Parameter_... ``)`` ``{`` Stmt_... ``}`` | FunctionExpr_ | Function_ | |
+-------------------------------------------------------------+---------------------+--------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``(`` Parameter_... ``)`` ``=>`` Expr_ | ArrowFunctionExpr_ | Function_ | |
+-------------------------------------------------------------+---------------------+--------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``(`` Expr_ ``)`` | ParExpr_ | | |
+-------------------------------------------------------------+---------------------+--------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ````` ... ````` | TemplateLiteral_ | | an element in a TemplateLiteral_ is either a TemplateElement_ representing a constant template element, or some other expression representing an interpolated expression of the form ``${`` Expr_ ``}`` |
+-------------------------------------------------------------+---------------------+--------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Expr_ ````` ... ````` | TaggedTemplateExpr_ | | an element in a TaggedTemplateExpr_ is either a TemplateElement_ representing a constant template element, or some other expression representing an interpolated expression of the form ``${`` Expr_ ``}`` |
+-------------------------------------------------------------+---------------------+--------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Properties
~~~~~~~~~~
All classes in this subsection are subclasses of `Property <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Property.html>`__. Note that `Property <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Property.html>`__ is not a subclass of `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__.
All classes in this subsection are subclasses of Property_. Note that Property_ is not a subclass of Expr_.
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| Property syntax | CodeQL class | Superclasses |
+=====================================================================================================================================================================================================================================================================================================================================================================+========================================================================================================================+============================================================================================================================+
| `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``:`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `ValueProperty <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ValueProperty.html>`__ | |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| ``get`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``()`` ``{`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... ``}`` | `PropertyGetter <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyGetter.html>`__ | `PropertyAccessor <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyAccessor.html>`__ |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
| ``set`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``(`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``)`` ``{`` `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__... ``}`` | `PropertySetter <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PropertySetter.html>`__ | `PropertyAccessor <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyAccessor.html>`__ |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------+
+------------------------------------------------------------------+-----------------+-------------------+
| Property syntax | CodeQL class | Superclasses |
+==================================================================+=================+===================+
| Identifier_ ``:`` Expr_ | ValueProperty_ | |
+------------------------------------------------------------------+-----------------+-------------------+
| ``get`` Identifier_ ``()`` ``{`` Stmt_... ``}`` | PropertyGetter_ | PropertyAccessor_ |
+------------------------------------------------------------------+-----------------+-------------------+
| ``set`` Identifier_ ``(`` Identifier_ ``)`` ``{`` Stmt_... ``}`` | PropertySetter_ | PropertyAccessor_ |
+------------------------------------------------------------------+-----------------+-------------------+
Property accesses
~~~~~~~~~~~~~~~~~
All classes in this subsection are subclasses of `PropAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PropAccess.html>`__.
All classes in this subsection are subclasses of PropAccess_.
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class |
+=========================================================================================================================================================================================================================+==============================================================================================================+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``.`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ | `DotExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$DotExpr.html>`__ |
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``[`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``]`` | `IndexExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$IndexExpr.html>`__ |
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------+
+-------------------------+--------------+
| Expression syntax | CodeQL class |
+=========================+==============+
| Expr_ ``.`` Identifier_ | DotExpr_ |
+-------------------------+--------------+
| Expr_ ``[`` Expr_ ``]`` | IndexExpr_ |
+-------------------------+--------------+
Function calls and ``new``
~~~~~~~~~~~~~~~~~~~~~~~~~~
All classes in this subsection are subclasses of `InvokeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$InvokeExpr.html>`__.
All classes in this subsection are subclasses of InvokeExpr_.
+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class | Remarks |
+============================================================================================================================================================================================================================================================================================================================================+========================================================================================================================+==========================================================================================================================================================================================================================================================================================================================================================================+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``(`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__... ``)`` | `CallExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CallExpr.html>`__ | |
+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``.`` `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ ``(`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__... ``)`` | `MethodCallExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$MethodCallExpr.html>`__ | this also includes calls of the form `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``[`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``]`` ``(`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__... ``)`` |
+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ``new`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``(`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__... ``)`` | `NewExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$NewExpr.html>`__ | |
+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
+-----------------------------------------------+-----------------+-----------------------------------------------------------------------------------+
| Expression syntax | CodeQL class | Remarks |
+===============================================+=================+===================================================================================+
| Expr_ ``(`` Expr_... ``)`` | CallExpr_ | |
+-----------------------------------------------+-----------------+-----------------------------------------------------------------------------------+
| Expr_ ``.`` Identifier_ ``(`` Expr_... ``)`` | MethodCallExpr_ | this also includes calls of the form Expr_ ``[`` Expr_ ``]`` ``(`` Expr_... ``)`` |
+-----------------------------------------------+-----------------+-----------------------------------------------------------------------------------+
| ``new`` Expr_ ``(`` Expr_... ``)`` | NewExpr_ | |
+-----------------------------------------------+-----------------+-----------------------------------------------------------------------------------+
Unary expressions
~~~~~~~~~~~~~~~~~
All classes in this subsection are subclasses of `UnaryExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$UnaryExpr.html>`__.
All classes in this subsection are subclasses of UnaryExpr_.
+---------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class |
+===============================================================================================================+======================================================================================================================+
| ``~`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `BitNotExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$BitNotExpr.html>`__ |
+---------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+
| ``-`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `NegExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$NegExpr.html>`__ |
+---------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+
| ``+`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `PlusExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PlusExpr.html>`__ |
+---------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+
| ``!`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `LogNotExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$LogNotExpr.html>`__ |
+---------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+
| ``typeof`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `TypeofExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$TypeofExpr.html>`__ |
+---------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+
| ``void`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `VoidExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$VoidExpr.html>`__ |
+---------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+
| ``delete`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `DeleteExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$DeleteExpr.html>`__ |
+---------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+
| ``...`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `SpreadElement <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$SpreadElement.html>`__ |
+---------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------+
+-------------------+----------------+
| Expression syntax | CodeQL class |
+===================+================+
| ``~`` Expr_ | BitNotExpr_ |
+-------------------+----------------+
| ``-`` Expr_ | NegExpr_ |
+-------------------+----------------+
| ``+`` Expr_ | PlusExpr_ |
+-------------------+----------------+
| ``!`` Expr_ | LogNotExpr_ |
+-------------------+----------------+
| ``typeof`` Expr_ | TypeofExpr_ |
+-------------------+----------------+
| ``void`` Expr_ | VoidExpr_ |
+-------------------+----------------+
| ``delete`` Expr_ | DeleteExpr_ |
+-------------------+----------------+
| ``...`` Expr_ | SpreadElement_ |
+-------------------+----------------+
Binary expressions
~~~~~~~~~~~~~~~~~~
All classes in this subsection are subclasses of `BinaryExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$BinaryExpr.html>`__.
All classes in this subsection are subclasses of BinaryExpr_.
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class | Superclasses |
+======================================================================================================================================================================================================================+========================================================================================================================+====================================================================================================================================================================================================================================+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``*`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `MulExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$MulExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``/`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `DivExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$DivExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``%`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `ModExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ModExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``**`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `ExpExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ExpExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``+`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AddExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AddExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``-`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `SubExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$SubExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``<<`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `LShiftExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$LShiftExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``>>`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `RShiftExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$RShiftExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``>>>`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `URShiftExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$URShiftExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``&&`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `LogAndExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$LogAndExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``||`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `LogOrExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$LogOrExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``<`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `LTExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$LTExpr.html>`__ | `Comparison <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Comparison.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``>`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `GTExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$GTExpr.html>`__ | `Comparison <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Comparison.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``<=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `LEExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$LEExpr.html>`__ | `Comparison <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Comparison.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``>=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `GEExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$GEExpr.html>`__ | `Comparison <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Comparison.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``==`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `EqExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$EqExpr.html>`__ | `EqualityTest <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$EqualityTest.html>`__, `Comparison <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Comparison.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``!=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `NEqExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$NEqExpr.html>`__ | `EqualityTest <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$EqualityTest.html>`__, `Comparison <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Comparison.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``===`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `StrictEqExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$StrictEqExpr.html>`__ | `EqualityTest <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$EqualityTest.html>`__, `Comparison <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Comparison.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``!==`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `StrictNEqExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$StrictNEqExpr.html>`__ | `EqualityTest <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$EqualityTest.html>`__, `Comparison <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Comparison.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``&`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `BitAndExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$BitAndExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``|`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `BitOrExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$BitOrExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``^`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `XOrExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$XOrExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``in`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `InExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$InExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``instanceof`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `InstanceofExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$InstanceofExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
+----------------------------+-----------------+----------------------------+
| Expression syntax | CodeQL class | Superclasses |
+============================+=================+============================+
| Expr_ ``*`` Expr_ | MulExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``/`` Expr_ | DivExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``%`` Expr_ | ModExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``**`` Expr_ | ExpExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``+`` Expr_ | AddExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``-`` Expr_ | SubExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``<<`` Expr_ | LShiftExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``>>`` Expr_ | RShiftExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``>>>`` Expr_ | URShiftExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``&&`` Expr_ | LogAndExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``||`` Expr_ | LogOrExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``<`` Expr_ | LTExpr_ | Comparison_ |
+----------------------------+-----------------+----------------------------+
| Expr_ ``>`` Expr_ | GTExpr_ | Comparison_ |
+----------------------------+-----------------+----------------------------+
| Expr_ ``<=`` Expr_ | LEExpr_ | Comparison_ |
+----------------------------+-----------------+----------------------------+
| Expr_ ``>=`` Expr_ | GEExpr_ | Comparison_ |
+----------------------------+-----------------+----------------------------+
| Expr_ ``==`` Expr_ | EqExpr_ | EqualityTest_, Comparison_ |
+----------------------------+-----------------+----------------------------+
| Expr_ ``!=`` Expr_ | NEqExpr_ | EqualityTest_, Comparison_ |
+----------------------------+-----------------+----------------------------+
| Expr_ ``===`` Expr_ | StrictEqExpr_ | EqualityTest_, Comparison_ |
+----------------------------+-----------------+----------------------------+
| Expr_ ``!==`` Expr_ | StrictNEqExpr_ | EqualityTest_, Comparison_ |
+----------------------------+-----------------+----------------------------+
| Expr_ ``&`` Expr_ | BitAndExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``|`` Expr_ | BitOrExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``^`` Expr_ | XOrExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``in`` Expr_ | InExpr_ | |
+----------------------------+-----------------+----------------------------+
| Expr_ ``instanceof`` Expr_ | InstanceofExpr_ | |
+----------------------------+-----------------+----------------------------+
Assignment expressions
~~~~~~~~~~~~~~~~~~~~~~
All classes in this table are subclasses of `Assignment <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Assignment.html>`__.
All classes in this table are subclasses of Assignment_.
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class | Superclasses |
+================================================================================================================================================================================================================+==============================================================================================================================+================================================================================================================================+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignExpr.html>`__ | |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``+=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignAddExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignAddExpr.html>`__ | `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``-=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignSubExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignSubExpr.html>`__ | `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``*=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignMulExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignMulExpr.html>`__ | `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``**=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignExpExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignExpExpr.html>`__ | `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``/=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignDivExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignDivExpr.html>`__ | `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``%=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignModExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignModExpr.html>`__ | `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``&=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignAndExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignAndExpr.html>`__ | `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``|=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignOrExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignOrExpr.html>`__ | `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``^=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignXOrExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignXOrExpr.html>`__ | `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``<<=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignLShiftExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignLShiftExpr.html>`__ | `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``>>=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignRShiftExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignRShiftExpr.html>`__ | `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``>>>=`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AssignURShiftExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignURShiftExpr.html>`__ | `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+
+----------------------+--------------------+---------------------+
| Expression syntax | CodeQL class | Superclasses |
+======================+====================+=====================+
| Expr_ ``=`` Expr_ | AssignExpr_ | |
+----------------------+--------------------+---------------------+
| Expr_ ``+=`` Expr_ | AssignAddExpr_ | CompoundAssignExpr_ |
+----------------------+--------------------+---------------------+
| Expr_ ``-=`` Expr_ | AssignSubExpr_ | CompoundAssignExpr_ |
+----------------------+--------------------+---------------------+
| Expr_ ``*=`` Expr_ | AssignMulExpr_ | CompoundAssignExpr_ |
+----------------------+--------------------+---------------------+
| Expr_ ``**=`` Expr_ | AssignExpExpr_ | CompoundAssignExpr_ |
+----------------------+--------------------+---------------------+
| Expr_ ``/=`` Expr_ | AssignDivExpr_ | CompoundAssignExpr_ |
+----------------------+--------------------+---------------------+
| Expr_ ``%=`` Expr_ | AssignModExpr_ | CompoundAssignExpr_ |
+----------------------+--------------------+---------------------+
| Expr_ ``&=`` Expr_ | AssignAndExpr_ | CompoundAssignExpr_ |
+----------------------+--------------------+---------------------+
| Expr_ ``|=`` Expr_ | AssignOrExpr_ | CompoundAssignExpr_ |
+----------------------+--------------------+---------------------+
| Expr_ ``^=`` Expr_ | AssignXOrExpr_ | CompoundAssignExpr_ |
+----------------------+--------------------+---------------------+
| Expr_ ``<<=`` Expr_ | AssignLShiftExpr_ | CompoundAssignExpr_ |
+----------------------+--------------------+---------------------+
| Expr_ ``>>=`` Expr_ | AssignRShiftExpr_ | CompoundAssignExpr_ |
+----------------------+--------------------+---------------------+
| Expr_ ``>>>=`` Expr_ | AssignURShiftExpr_ | CompoundAssignExpr_ |
+----------------------+--------------------+---------------------+
Update expressions
~~~~~~~~~~~~~~~~~~
All classes in this table are subclasses of `UpdateExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$UpdateExpr.html>`__.
All classes in this table are subclasses of UpdateExpr_.
+-----------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class |
+===========================================================================================================+==================================================================================================================+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``++`` | `PostIncExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PostIncExpr.html>`__ |
+-----------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``--`` | `PostDecExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PostDecExpr.html>`__ |
+-----------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------+
| ``++`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `PreIncExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PreIncExpr.html>`__ |
+-----------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------+
| ``--`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `PreDecExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PreDecExpr.html>`__ |
+-----------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------+
+-------------------+--------------+
| Expression syntax | CodeQL class |
+===================+==============+
| Expr_ ``++`` | PostIncExpr_ |
+-------------------+--------------+
| Expr_ ``--`` | PostDecExpr_ |
+-------------------+--------------+
| ``++`` Expr_ | PreIncExpr_ |
+-------------------+--------------+
| ``--`` Expr_ | PreDecExpr_ |
+-------------------+--------------+
Miscellaneous
~~~~~~~~~~~~~
All classes in this table are subclasses of `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__.
All classes in this table are subclasses of Expr_.
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------+
| Expression syntax | CodeQL class |
+======================================================================================================================================================================================================================================================================================================================+==========================================================================================================================+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``?`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``:`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `ConditionalExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ConditionalExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------+
| `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ ``,`` ... ``,`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `SeqExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$SeqExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------+
| ``await`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `AwaitExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AwaitExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------+
| ``yield`` `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ | `YieldExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$YieldExpr.html>`__ |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------+
+-------------------------------+------------------+
| Expression syntax | CodeQL class |
+===============================+==================+
| Expr_ ``?`` Expr_ ``:`` Expr_ | ConditionalExpr_ |
+-------------------------------+------------------+
| Expr_ ``,`` ... ``,`` Expr_ | SeqExpr_ |
+-------------------------------+------------------+
| ``await`` Expr_ | AwaitExpr_ |
+-------------------------------+------------------+
| ``yield`` Expr_ | YieldExpr_ |
+-------------------------------+------------------+
Further reading
---------------
.. include:: ../reusables/javascript-further-reading.rst
.. include:: ../reusables/codeql-ref-tools-further-reading.rst
.. include:: ../reusables/codeql-ref-tools-further-reading.rst
.. Links used in tables. For information about using these links, see
https://www.sphinx-doc.org/en/master/usage/restructuredtext/basics.html#hyperlinks.
.. _Stmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html
.. _Expr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html
.. _ExprStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ExprStmt.html
.. _Label: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Label.html
.. _LabeledStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$LabeledStmt.html
.. _EmptyStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$EmptyStmt.html
.. _BreakStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$BreakStmt.html
.. _JumpStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$JumpStmt.html
.. _BreakOrContinueStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$BreakOrContinueStmt.html
.. _Case: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$Case.html
.. _SwitchStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$SwitchStmt.html
.. _Identifier: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html
.. _CatchClause: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$CatchClause.html
.. _ControlStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html
.. _TryStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$TryStmt.html
.. _MemberDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$MemberDeclaration.html
.. _ClassDeclStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$ClassDeclStmt.html
.. _ClassDefinition: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$ClassDefinition.html
.. _ClassOrInterface: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$ClassOrInterface.html
.. _TypeParameterized: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeParameterized.html
.. _ConstDeclStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ConstDeclStmt.html
.. _DeclStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$DeclStmt.html
.. _ContinueStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ContinueStmt.html
.. _DebuggerStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$DebuggerStmt.html
.. _GlobalAugmentationDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$GlobalAugmentationDeclaration.html
.. _StringLiteral: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$StringLiteral.html
.. _ExternalModuleDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExternalModuleDeclaration.html
.. _DoWhileStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$DoWhileStmt.html
.. _LoopStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$LoopStmt.html
.. _EnumDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$EnumDeclaration.html
.. _NamespaceDefinition: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceDefinition.html
.. _BulkReExportDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$BulkReExportDeclaration.html
.. _ReExportDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ReExportDeclaration.html
.. _ExportDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportDeclaration.html
.. _ExportDefaultDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportDefaultDeclaration.html
.. _FunctionDeclStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$FunctionDeclStmt.html
.. _ExportSpecifier: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportSpecifier.html
.. _ExportNamedDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ExportNamedDeclaration.html
.. _ExportAssignDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExportAssignDeclaration.html
.. _ExportAsNamespaceDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExportAsNamespaceDeclaration.html
.. _ForStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ForStmt.html
.. _VarAccess: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html
.. _ForInStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ForInStmt.html
.. _EnhancedForLoop: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$EnhancedForLoop.html
.. _ForOfStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ForOfStmt.html
.. _Parameter: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Parameter.html
.. _Function: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Functions.qll/type.Functions$Function.html
.. _IfStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$IfStmt.html
.. _ImportSpecifier: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ImportSpecifier.html
.. _ImportDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ImportDeclaration.html
.. _Import: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Modules.qll/type.Modules$Import.html
.. _ImportEqualsDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ImportEqualsDeclaration.html
.. _InterfaceDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$InterfaceDeclaration.html
.. _InterfaceDefinition: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$InterfaceDefinition.html
.. _LetStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$LetStmt.html
.. _NamespaceDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceDeclaration.html
.. _ReturnStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ReturnStmt.html
.. _ThrowStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ThrowStmt.html
.. _TypeExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeExpr.html
.. _TypeAliasDeclaration: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAliasDeclaration.html
.. _VarDeclStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$VarDeclStmt.html
.. _WhileStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$WhileStmt.html
.. _WithStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$WithStmt.html
.. _BlockStmt: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$BlockStmt.html
.. _Literal: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Literal.html
.. _BooleanLiteral: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$BooleanLiteral.html
.. _NumberLiteral: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$NumberLiteral.html
.. _RegExpLiteral: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$RegExpLiteral.html
.. _NullLiteral: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$NullLiteral.html
.. _VarDecl: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$VarDecl.html
.. _VarRef: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$VarRef.html
.. _ThisExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ThisExpr.html
.. _ArrayExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ArrayExpr.html
.. _Property: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Property.html
.. _ObjectExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ObjectExpr.html
.. _FunctionExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$FunctionExpr.html
.. _ArrowFunctionExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ArrowFunctionExpr.html
.. _ParExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ParExpr.html
.. _TemplateLiteral: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Templates.qll/type.Templates$TemplateLiteral.html
.. _TemplateElement: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Templates.qll/type.Templates$TemplateElement.html
.. _TaggedTemplateExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Templates.qll/type.Templates$TaggedTemplateExpr.html
.. _ValueProperty: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ValueProperty.html
.. _PropertyGetter: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyGetter.html
.. _PropertyAccessor: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyAccessor.html
.. _PropertySetter: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PropertySetter.html
.. _PropAccess: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PropAccess.html
.. _DotExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$DotExpr.html
.. _IndexExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$IndexExpr.html
.. _InvokeExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$InvokeExpr.html
.. _CallExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$CallExpr.html
.. _MethodCallExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$MethodCallExpr.html
.. _NewExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$NewExpr.html
.. _UnaryExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$UnaryExpr.html
.. _BitNotExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$BitNotExpr.html
.. _NegExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$NegExpr.html
.. _PlusExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PlusExpr.html
.. _LogNotExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$LogNotExpr.html
.. _TypeofExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$TypeofExpr.html
.. _VoidExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$VoidExpr.html
.. _DeleteExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$DeleteExpr.html
.. _SpreadElement: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$SpreadElement.html
.. _BinaryExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$BinaryExpr.html
.. _MulExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$MulExpr.html
.. _DivExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$DivExpr.html
.. _ModExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ModExpr.html
.. _ExpExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ExpExpr.html
.. _AddExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AddExpr.html
.. _SubExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$SubExpr.html
.. _LShiftExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$LShiftExpr.html
.. _RShiftExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$RShiftExpr.html
.. _URShiftExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$URShiftExpr.html
.. _LogAndExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$LogAndExpr.html
.. _LogOrExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$LogOrExpr.html
.. _LTExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$LTExpr.html
.. _Comparison: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Comparison.html
.. _GTExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$GTExpr.html
.. _LEExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$LEExpr.html
.. _GEExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$GEExpr.html
.. _EqExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$EqExpr.html
.. _EqualityTest: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$EqualityTest.html
.. _NEqExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$NEqExpr.html
.. _StrictEqExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$StrictEqExpr.html
.. _StrictNEqExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$StrictNEqExpr.html
.. _BitAndExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$BitAndExpr.html
.. _BitOrExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$BitOrExpr.html
.. _XOrExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$XOrExpr.html
.. _InExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$InExpr.html
.. _InstanceofExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$InstanceofExpr.html
.. _Assignment: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Assignment.html
.. _AssignExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignExpr.html
.. _AssignAddExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignAddExpr.html
.. _CompoundAssignExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html
.. _AssignSubExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignSubExpr.html
.. _AssignMulExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignMulExpr.html
.. _AssignExpExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignExpExpr.html
.. _AssignDivExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignDivExpr.html
.. _AssignModExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignModExpr.html
.. _AssignAndExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignAndExpr.html
.. _AssignOrExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignOrExpr.html
.. _AssignXOrExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignXOrExpr.html
.. _AssignLShiftExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignLShiftExpr.html
.. _AssignRShiftExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignRShiftExpr.html
.. _AssignURShiftExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignURShiftExpr.html
.. _UpdateExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$UpdateExpr.html
.. _PostIncExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PostIncExpr.html
.. _PostDecExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PostDecExpr.html
.. _PreIncExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PreIncExpr.html
.. _PreDecExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PreDecExpr.html
.. _ConditionalExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ConditionalExpr.html
.. _SeqExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$SeqExpr.html
.. _AwaitExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AwaitExpr.html
.. _YieldExpr: https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$YieldExpr.html

12
docs/codeql/codeql-language-guides/analyzing-data-flow-and-tracking-tainted-data-in-python.rst
View File

@@ -25,20 +25,20 @@ For further information on data flow and taint tracking with CodeQL, see ":ref:`
Fundamentals of taint tracking using data flow analysis
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The taint tracking library is in the `TaintTracking <https://help.semmle.com/qldoc/python/semmle/python/dataflow/TaintTracking.qll/module.TaintTracking.html>`__ module.
The taint tracking library is in the `TaintTracking <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/dataflow/TaintTracking.qll/module.TaintTracking.html>`__ module.
Any taint tracking or data flow analysis query has three explicit components, one of which is optional, and an implicit component.
The explicit components are:
1. One or more ``sources`` of potentially insecure or unsafe data, represented by the `TaintTracking::Source <https://help.semmle.com/qldoc/python/semmle/python/dataflow/TaintTracking.qll/type.TaintTracking$TaintSource.html>`__ class.
2. One or more ``sinks``, to where the data or taint may flow, represented by the `TaintTracking::Sink <https://help.semmle.com/qldoc/python/semmle/python/dataflow/TaintTracking.qll/type.TaintTracking$TaintSink.html>`__ class.
3. Zero or more ``sanitizers``, represented by the `Sanitizer <https://help.semmle.com/qldoc/python/semmle/python/dataflow/TaintTracking.qll/type.TaintTracking$Sanitizer.html>`__ class.
1. One or more ``sources`` of potentially insecure or unsafe data, represented by the `TaintTracking::Source <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/dataflow/TaintTracking.qll/type.TaintTracking$TaintSource.html>`__ class.
2. One or more ``sinks``, to where the data or taint may flow, represented by the `TaintTracking::Sink <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/dataflow/TaintTracking.qll/type.TaintTracking$TaintSink.html>`__ class.
3. Zero or more ``sanitizers``, represented by the `Sanitizer <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/dataflow/TaintTracking.qll/type.TaintTracking$Sanitizer.html>`__ class.
A taint tracking or data flow query gives results when there is the flow of data from a source to a sink, which is not blocked by a sanitizer.
These three components are bound together using a `TaintTracking::Configuration <https://help.semmle.com/qldoc/python/semmle/python/dataflow/Configuration.qll/type.Configuration$TaintTracking$Configuration.html>`__.
These three components are bound together using a `TaintTracking::Configuration <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/dataflow/Configuration.qll/type.Configuration$TaintTracking$Configuration.html>`__.
The purpose of the configuration is to specify exactly which sources and sinks are relevant to the specific query.
The final, implicit component is the "kind" of taint, represented by the `TaintKind <https://help.semmle.com/qldoc/python/semmle/python/dataflow/TaintTracking.qll/type.TaintTracking$TaintKind.html>`__ class.
The final, implicit component is the "kind" of taint, represented by the `TaintKind <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/dataflow/TaintTracking.qll/type.TaintTracking$TaintKind.html>`__ class.
The kind of taint determines which non-value-preserving steps are possible, in addition to value-preserving steps that are built into the analysis.
In the above example ``dir = path + "/"``, taint flows from ``path`` to ``dir`` if the taint represents a string, but not if the taint is ``None``.

2
docs/codeql/codeql-language-guides/analyzing-data-flow-in-javascript.rst
View File

@@ -175,7 +175,7 @@ There are two points worth making about the source node API:
2. Strings are not source nodes and cannot be tracked using this API. You can, however, use the ``mayHaveStringValue`` predicate on class ``DataFlow::Node``
to reason about the possible string values flowing into a data flow node.
For a full description of the ``DataFlow::SourceNode`` API, see the `JavaScript standard library <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__.
For a full description of the ``DataFlow::SourceNode`` API, see the `JavaScript standard library <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__.
Exercises
~~~~~~~~~

1175
docs/codeql/codeql-language-guides/codeql-library-for-cpp.rst
View File

File diff suppressed because it is too large Load Diff

22
docs/codeql/codeql-language-guides/codeql-library-for-csharp.rst
View File

@@ -54,7 +54,7 @@ This overview omits some of the less important or intermediate classes from the
Each class has predicates, which are logical propositions about that class. They also define navigable relationships between classes. Predicates are inherited, so for example the ``AddExpr`` class inherits the predicates ``getLeftOperand()`` and ``getRightOperand()`` from ``BinaryArithmeticOperation``, and ``getType()`` from class ``Expr``. This is similar to how methods are inherited in object-oriented programming languages.
In this overview, we present the most common and useful predicates. For the complete list of predicates available on each class, you can look in the CodeQL source code, use autocomplete in the editor, or see the `C# reference <https://help.semmle.com/qldoc/csharp>`__.
In this overview, we present the most common and useful predicates. For the complete list of predicates available on each class, you can look in the CodeQL source code, use autocomplete in the editor, or see the `C# reference <https://codeql.github.com/codeql-standard-libraries/csharp>`__.
Exercises
~~~~~~~~~
@@ -74,7 +74,7 @@ Exercise 1: Simplify this query:
Files
-----
Files are represented by the class `File <https://help.semmle.com/qldoc/csharp/semmle/code/csharp/File.qll/type.File$File.html>`__, and directories by the class `Folder <https://help.semmle.com/qldoc/csharp/semmle/code/csharp/File.qll/type.File$Folder.html>`__. The database contains all of the source files and assemblies used during the compilation.
Files are represented by the class `File <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/csharp/File.qll/type.File$File.html>`__, and directories by the class `Folder <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/csharp/File.qll/type.File$Folder.html>`__. The database contains all of the source files and assemblies used during the compilation.
Class hierarchy
~~~~~~~~~~~~~~~
@@ -120,7 +120,7 @@ Exercise 2: Write a query to find the source file with the largest number of lin
Elements
--------
The class `Element <https://help.semmle.com/qldoc/csharp/semmle/code/cil/Element.qll/type.Element$Element.html>`__ is the base class for all parts of a C# program, and it's the root of the element class hierarchy. All program elements (such as types, methods, statements, and expressions) ultimately derive from this common base class.
The class `Element <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/cil/Element.qll/type.Element$Element.html>`__ is the base class for all parts of a C# program, and it's the root of the element class hierarchy. All program elements (such as types, methods, statements, and expressions) ultimately derive from this common base class.
``Element`` forms a hierarchical structure of the program, which can be navigated using the ``getParent()`` and ``getChild()`` predicates. This is much like an abstract syntax tree, and also applies to elements in assemblies.
@@ -150,7 +150,7 @@ Note that ``getAQlClass()`` is available on all entities and is a useful way to
Locations
---------
`Location <https://help.semmle.com/qldoc/csharp/semmle/code/csharp/Location.qll/type.Location$Location.html>`__ represents a section of text in the source code, or an assembly. All elements have a ``Location`` obtained by their ``getLocation()`` predicate. A ``SourceLocation`` represents a span of text in source code, whereas an ``Assembly`` location represents a referenced assembly.
`Location <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/csharp/Location.qll/type.Location$Location.html>`__ represents a section of text in the source code, or an assembly. All elements have a ``Location`` obtained by their ``getLocation()`` predicate. A ``SourceLocation`` represents a span of text in source code, whereas an ``Assembly`` location represents a referenced assembly.
Sometimes elements have several locations, for example if they occur in both source code and an assembly. In this case, only the ``SourceLocation`` is returned.
@@ -189,7 +189,7 @@ Find all elements that are one character wide:
Declarations
------------
`Declaration <https://help.semmle.com/qldoc/csharp/semmle/code/cil/Declaration.qll/type.Declaration$Declaration.html>`__ is the common class of all entities defined in the program, such as types, methods, variables etc. The database contains all declarations from the source code and all referenced assemblies.
`Declaration <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/cil/Declaration.qll/type.Declaration$Declaration.html>`__ is the common class of all entities defined in the program, such as types, methods, variables etc. The database contains all declarations from the source code and all referenced assemblies.
Class hierarchy
~~~~~~~~~~~~~~~
@@ -236,7 +236,7 @@ Find declarations containing a username:
Variables
---------
The class `Variable <https://help.semmle.com/qldoc/csharp/semmle/code/cil/Variable.qll/type.Variable$Variable.html>`__ represents C# variables, such as fields, parameters and local variables. The database contains all variables from the source code, as well as all fields and parameters from assemblies referenced by the program.
The class `Variable <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/cil/Variable.qll/type.Variable$Variable.html>`__ represents C# variables, such as fields, parameters and local variables. The database contains all variables from the source code, as well as all fields and parameters from assemblies referenced by the program.
Class hierarchy
~~~~~~~~~~~~~~~
@@ -285,7 +285,7 @@ Find all unused local variables:
Types
-----
Types are represented by the CodeQL class `Type <https://help.semmle.com/qldoc/csharp/semmle/code/cil/Type.qll/type.Type$Type.html>`__ and consist of builtin types, interfaces, classes, structs, enums, and type parameters. The database contains types from the program and all referenced assemblies including mscorlib and the .NET framework.
Types are represented by the CodeQL class `Type <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/cil/Type.qll/type.Type$Type.html>`__ and consist of builtin types, interfaces, classes, structs, enums, and type parameters. The database contains types from the program and all referenced assemblies including mscorlib and the .NET framework.
The builtin types (``object``, ``int``, ``double`` etc.) have corresponding types (``System.Object``, ``System.Int32`` etc.) in mscorlib.
@@ -440,7 +440,7 @@ Exercise 5: Write a query to find all classes starting with the letter ``A``. (`
Callables
---------
Callables are represented by the class `Callable <https://help.semmle.com/qldoc/csharp/semmle/code/csharp/Callable.qll/type.Callable$Callable.html>`__ and are anything that can be called independently, such as methods, constructors, destructors, operators, anonymous functions, indexers, and property accessors.
Callables are represented by the class `Callable <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/csharp/Callable.qll/type.Callable$Callable.html>`__ and are anything that can be called independently, such as methods, constructors, destructors, operators, anonymous functions, indexers, and property accessors.
The database contains all of the callables in your program and in all referenced assemblies.
@@ -566,7 +566,7 @@ Find ``Main`` methods which are not ``private``:
Statements
----------
Statements are represented by the class `Stmt <https://help.semmle.com/qldoc/csharp/semmle/code/csharp/Stmt.qll/type.Stmt$Stmt.html>`__ and make up the body of methods (and other callables). The database contains all statements in the source code, but does not contain any statements from referenced assemblies where the source code is not available.
Statements are represented by the class `Stmt <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/csharp/Stmt.qll/type.Stmt$Stmt.html>`__ and make up the body of methods (and other callables). The database contains all statements in the source code, but does not contain any statements from referenced assemblies where the source code is not available.
Class hierarchy
~~~~~~~~~~~~~~~
@@ -691,7 +691,7 @@ Exercise 8: Modify the last example to exclude chains of ``if`` statements, wher
Expressions
-----------
The `Expr <https://help.semmle.com/qldoc/csharp/semmle/code/csharp/exprs/Expr.qll/type.Expr$Expr.html>`__ class represents all C# expressions in the program. An expression is something producing a value such as ``a+b`` or ``new List<int>()``. The database contains all expressions from the source code, but no expressions from referenced assemblies where the source code is not available.
The `Expr <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/csharp/exprs/Expr.qll/type.Expr$Expr.html>`__ class represents all C# expressions in the program. An expression is something producing a value such as ``a+b`` or ``new List<int>()``. The database contains all expressions from the source code, but no expressions from referenced assemblies where the source code is not available.
The ``Access`` class represents any use or cross-reference of another ``Declaration`` such a variable, property, method or field. The ``getTarget()`` predicate gets the declaration being accessed.
@@ -924,7 +924,7 @@ Exercise 9: Limit the previous query to string types. Exclude empty passwords or
Attributes
----------
C# attributes are represented by the class `Attribute <https://help.semmle.com/qldoc/csharp/semmle/code/cil/Attribute.qll/type.Attribute$Attribute.html>`__. They can be present on many C# elements, such as classes, methods, fields, and parameters. The database contains attributes from the source code and all assembly references.
C# attributes are represented by the class `Attribute <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/cil/Attribute.qll/type.Attribute$Attribute.html>`__. They can be present on many C# elements, such as classes, methods, fields, and parameters. The database contains attributes from the source code and all assembly references.
The attribute of any ``Element`` can be obtained via ``getAnAttribute()``, whereas if you have an attribute, you can find its element via ``getTarget()``. These two query fragments are identical:

16
docs/codeql/codeql-language-guides/codeql-library-for-go.rst
View File

@@ -44,7 +44,7 @@ analysis involving deeper semantic properties of the program should be done on t
The rest of this tutorial briefly summarizes the most important classes and predicates provided by
this library, including references to the `detailed API documentation
<https://help.semmle.com/qldoc/go/>`__ where applicable. We start by giving an overview of the AST
<https://codeql.github.com/codeql-standard-libraries/go/>`__ where applicable. We start by giving an overview of the AST
representation, followed by an explanation of names and entities, which are used to represent
name-binding information, and of types and type information. Then we move on to control flow and the
data-flow graph, and finally the call graph and a few advanced topics.
@@ -69,7 +69,7 @@ first child, reflecting their order in the program text. Similarly, ``x + y`` is
``(x + y)``, which is the zeroth child of ``(x + y) * z``, whose first child is ``z``.
All AST nodes belong to class `AstNode
<https://help.semmle.com/qldoc/go/semmle/go/AST.qll/type.AST$AstNode.html>`__, which defines generic
<https://codeql.github.com/codeql-standard-libraries/go/semmle/go/AST.qll/type.AST$AstNode.html>`__, which defines generic
tree traversal predicates:
- ``getChild(i)``: returns the ``i``\ th child of this AST node.
@@ -88,20 +88,20 @@ access to the source text corresponding to an AST node. The source text is not s
dataset, and hence is not directly accessible to CodeQL queries.
The predicate ``getLocation()`` in class ``AstNode`` returns a `Location
<https://help.semmle.com/qldoc/go/semmle/go/Locations.qll/type.Locations$Location.html>`__ entity
<https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Locations.qll/type.Locations$Location.html>`__ entity
describing the source location of the program element represented by the AST node. You can use its
member predicates ``getFile()``, ``getStartLine()``, ``getStartColumn``, ``getEndLine()``, and
``getEndColumn()`` to obtain information about its file, start line and column, and end line and
column.
The most important subclasses of `AstNode
<https://help.semmle.com/qldoc/go/semmle/go/AST.qll/type.AST$AstNode.html>`__ are `Stmt
<https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html>`__ and `Expr
<https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__, which represent
<https://codeql.github.com/codeql-standard-libraries/go/semmle/go/AST.qll/type.AST$AstNode.html>`__ are `Stmt
<https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html>`__ and `Expr
<https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__, which represent
statements and expressions, respectively. This section briefly discusses some of their more
important subclasses and predicates. For a full reference of all the subclasses of `Stmt
<https://help.semmle.com/qldoc/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html>`__ and `Expr
<https://help.semmle.com/qldoc/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__, see
<https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Stmt.qll/type.Stmt$Stmt.html>`__ and `Expr
<https://codeql.github.com/codeql-standard-libraries/go/semmle/go/Expr.qll/type.Expr$Expr.html>`__, see
:doc:`Abstract syntax tree classes for Go <abstract-syntax-tree-classes-for-working-with-go-programs>`.
Statements

400
docs/codeql/codeql-language-guides/codeql-library-for-javascript.rst
View File

@@ -16,7 +16,7 @@ The library is implemented as a set of QL modules, that is, files with the exten
import javascript
The rest of this tutorial briefly summarizes the most important classes and predicates provided by this library, including references to the `detailed API documentation <https://help.semmle.com/qldoc/javascript/>`__ where applicable.
The rest of this tutorial briefly summarizes the most important classes and predicates provided by this library, including references to the `detailed API documentation <https://codeql.github.com/codeql-standard-libraries/javascript/>`__ where applicable.
Introducing the library
-----------------------
@@ -48,21 +48,21 @@ Note that the textual content of a program is not included in the CodeQL databas
Files and folders
^^^^^^^^^^^^^^^^^
In the CodeQL libraries, files are represented as entities of class `File <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$File.html>`__, and folders as entities of class `Folder <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$Folder.html>`__, both of which are subclasses of class `Container <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$Container.html>`__.
In the CodeQL libraries, files are represented as entities of class `File <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$File.html>`__, and folders as entities of class `Folder <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$Folder.html>`__, both of which are subclasses of class `Container <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$Container.html>`__.
Class `Container <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$Container.html>`__ provides the following member predicates:
Class `Container <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$Container.html>`__ provides the following member predicates:
- ``Container.getParentContainer()`` returns the parent folder of the file or folder.
- ``Container.getAFile()`` returns a file within the folder.
- ``Container.getAFolder()`` returns a folder nested within the folder.
Note that while ``getAFile`` and ``getAFolder`` are declared on class `Container <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$Container.html>`__, they currently only have results for `Folder <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$Folder.html>`__\ s.
Note that while ``getAFile`` and ``getAFolder`` are declared on class `Container <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$Container.html>`__, they currently only have results for `Folder <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$Folder.html>`__\ s.
Both files and folders have paths, which can be accessed by the predicate ``Container.getAbsolutePath()``. For example, if ``f`` represents a file with the path ``/home/user/project/src/index.js``, then ``f.getAbsolutePath()`` evaluates to the string ``"/home/user/project/src/index.js"``, while ``f.getParentContainer().getAbsolutePath()`` returns ``"/home/user/project/src"``.
These paths are absolute file system paths. If you want to obtain the path of a file relative to the source location in the CodeQL database, use ``Container.getRelativePath()`` instead. Note, however, that a database may contain files that are not located underneath the source location; for such files, ``getRelativePath()`` will not return anything.
The following member predicates of class `Container <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$Container.html>`__ provide more information about the name of a file or folder:
The following member predicates of class `Container <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$Container.html>`__ provide more information about the name of a file or folder:
- ``Container.getBaseName()`` returns the base name of a file or folder, not including its parent folder, but including its extension. In the above example, ``f.getBaseName()`` would return the string ``"index.js"``.
- ``Container.getStem()`` is similar to ``Container.getBaseName()``, but it does *not* include the file extension; so ``f.getStem()`` returns ``"index"``.
@@ -84,7 +84,7 @@ Locations
Most entities in a CodeQL database have an associated source location. Locations are identified by four pieces of information: a file, a start line, a start column, an end line, and an end column. Line and column counts are 1-based (so the first character of a file is at line 1, column 1), and the end position is inclusive.
All entities associated with a source location belong to the class `Locatable <https://help.semmle.com/qldoc/javascript/semmle/javascript/Locations.qll/type.Locations$Locatable.html>`__. The location itself is modeled by the class `Location <https://help.semmle.com/qldoc/javascript/semmle/javascript/Locations.qll/type.Locations$Location.html>`__ and can be accessed through the member predicate ``Locatable.getLocation()``. The `Location <https://help.semmle.com/qldoc/javascript/semmle/javascript/Locations.qll/type.Locations$Location.html>`__ class provides the following member predicates:
All entities associated with a source location belong to the class `Locatable <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Locations.qll/type.Locations$Locatable.html>`__. The location itself is modeled by the class `Location <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Locations.qll/type.Locations$Location.html>`__ and can be accessed through the member predicate ``Locatable.getLocation()``. The `Location <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Locations.qll/type.Locations$Location.html>`__ class provides the following member predicates:
- ``Location.getFile()``, ``Location.getStartLine()``, ``Location.getStartColumn()``, ``Location.getEndLine()``, ``Location.getEndColumn()`` return detailed information about the location.
- ``Location.getNumLines()`` returns the number of (whole or partial) lines covered by the location.
@@ -94,7 +94,7 @@ All entities associated with a source location belong to the class `Locatable <h
Lines
^^^^^
Lines of text in files are represented by the class `Line <https://help.semmle.com/qldoc/javascript/semmle/javascript/Lines.qll/type.Lines$Line.html>`__. This class offers the following member predicates:
Lines of text in files are represented by the class `Line <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Lines.qll/type.Lines$Line.html>`__. This class offers the following member predicates:
- ``Line.getText()`` returns the text of the line, excluding any terminating newline characters.
- ``Line.getTerminator()`` returns the terminator character(s) of the line. The last line in a file may not have any terminator characters, in which case this predicate does not return anything; otherwise it returns either the two-character string ``"\r\n"`` (carriage-return followed by newline), or one of the one-character strings ``"\n"`` (newline), ``"\r"`` (carriage-return), ``"\u2028"`` (Unicode character LINE SEPARATOR), ``"\u2029"`` (Unicode character PARAGRAPH SEPARATOR).
@@ -104,23 +104,23 @@ Note that, as mentioned above, the textual representation of the program is not
Lexical level
~~~~~~~~~~~~~
A slightly more structured view of a JavaScript program is provided by the classes `Token <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$Token.html>`__ and `Comment <https://help.semmle.com/qldoc/javascript/semmle/javascript/Comments.qll/type.Comments$Comment.html>`__, which represent tokens and comments, respectively.
A slightly more structured view of a JavaScript program is provided by the classes `Token <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$Token.html>`__ and `Comment <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Comments.qll/type.Comments$Comment.html>`__, which represent tokens and comments, respectively.
Tokens
^^^^^^
The most important member predicates of class `Token <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$Token.html>`__ are as follows:
The most important member predicates of class `Token <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$Token.html>`__ are as follows:
- ``Token.getValue()`` returns the source text of the token.
- ``Token.getIndex()`` returns the index of the token within its enclosing script.
- ``Token.getNextToken()`` and ``Token.getPreviousToken()`` navigate between tokens.
The `Token <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$Token.html>`__ class has nine subclasses, each representing a particular kind of token:
The `Token <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$Token.html>`__ class has nine subclasses, each representing a particular kind of token:
- `EOFToken <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$EOFToken.html>`__: a marker token representing the end of a script
- `NullLiteralToken <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$NullLiteralToken.html>`__, `BooleanLiteralToken <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$BooleanLiteralToken.html>`__, `NumericLiteralToken <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$NumericLiteralToken.html>`__, `StringLiteralToken <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$StringLiteralToken.html>`__ and `RegularExpressionToken <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$RegularExpressionToken.html>`__: different kinds of literals
- `IdentifierToken <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$IdentifierToken.html>`__ and `KeywordToken <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$KeywordToken.html>`__: identifiers and keywords (including reserved words) respectively
- `PunctuatorToken <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$PunctuatorToken.html>`__: operators and other punctuation symbols
- `EOFToken <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$EOFToken.html>`__: a marker token representing the end of a script
- `NullLiteralToken <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$NullLiteralToken.html>`__, `BooleanLiteralToken <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$BooleanLiteralToken.html>`__, `NumericLiteralToken <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$NumericLiteralToken.html>`__, `StringLiteralToken <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$StringLiteralToken.html>`__ and `RegularExpressionToken <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$RegularExpressionToken.html>`__: different kinds of literals
- `IdentifierToken <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$IdentifierToken.html>`__ and `KeywordToken <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$KeywordToken.html>`__: identifiers and keywords (including reserved words) respectively
- `PunctuatorToken <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$PunctuatorToken.html>`__: operators and other punctuation symbols
As an example of a query operating entirely on the lexical level, consider the following query, which finds consecutive comma tokens arising from an omitted element in an array expression:
@@ -145,30 +145,30 @@ You can use predicate ``Locatable.getFirstToken()`` and ``Locatable.getLastToken
Comments
^^^^^^^^
The class `Comment <https://help.semmle.com/qldoc/javascript/semmle/javascript/Comments.qll/type.Comments$Comment.html>`__ and its subclasses represent the different kinds of comments that can occur in JavaScript programs:
The class `Comment <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Comments.qll/type.Comments$Comment.html>`__ and its subclasses represent the different kinds of comments that can occur in JavaScript programs:
- `Comment <https://help.semmle.com/qldoc/javascript/semmle/javascript/Comments.qll/type.Comments$Comment.html>`__: any comment
- `Comment <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Comments.qll/type.Comments$Comment.html>`__: any comment
- `LineComment <https://help.semmle.com/qldoc/javascript/semmle/javascript/Comments.qll/type.Comments$LineComment.html>`__: a single-line comment terminated by an end-of-line character
- `LineComment <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Comments.qll/type.Comments$LineComment.html>`__: a single-line comment terminated by an end-of-line character
- `SlashSlashComment <https://help.semmle.com/qldoc/javascript/semmle/javascript/Comments.qll/type.Comments$SlashSlashComment.html>`__: a plain JavaScript single-line comment starting with ``//``
- `HtmlLineComment <https://help.semmle.com/qldoc/javascript/semmle/javascript/Comments.qll/type.Comments$HtmlLineComment.html>`__: a (non-standard) HTML comment
- `SlashSlashComment <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Comments.qll/type.Comments$SlashSlashComment.html>`__: a plain JavaScript single-line comment starting with ``//``
- `HtmlLineComment <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Comments.qll/type.Comments$HtmlLineComment.html>`__: a (non-standard) HTML comment
- `HtmlCommentStart <https://help.semmle.com/qldoc/javascript/semmle/javascript/Comments.qll/type.Comments$HtmlCommentStart.html>`__: an HTML comment starting with ``<!--``
- `HtmlCommentStart <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Comments.qll/type.Comments$HtmlCommentStart.html>`__: an HTML comment starting with ``<!--``
- `HtmlCommentEnd <https://help.semmle.com/qldoc/javascript/semmle/javascript/Comments.qll/type.Comments$HtmlCommentEnd.html>`__: an HTML comment ending with ``-->``
- `HtmlCommentEnd <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Comments.qll/type.Comments$HtmlCommentEnd.html>`__: an HTML comment ending with ``-->``
- `BlockComment <https://help.semmle.com/qldoc/javascript/semmle/javascript/Comments.qll/type.Comments$BlockComment.html>`__: a block comment potentially spanning multiple lines
- `BlockComment <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Comments.qll/type.Comments$BlockComment.html>`__: a block comment potentially spanning multiple lines
- `SlashStarComment <https://help.semmle.com/qldoc/javascript/semmle/javascript/Comments.qll/type.Comments$SlashStarComment.html>`__: a plain JavaScript block comment surrounded with ``/*...*/``
- `DocComment <https://help.semmle.com/qldoc/javascript/semmle/javascript/Comments.qll/type.Comments$DocComment.html>`__: a documentation block comment surrounded with ``/**...*/``
- `SlashStarComment <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Comments.qll/type.Comments$SlashStarComment.html>`__: a plain JavaScript block comment surrounded with ``/*...*/``
- `DocComment <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Comments.qll/type.Comments$DocComment.html>`__: a documentation block comment surrounded with ``/**...*/``
The most important member predicates are as follows:
- ``Comment.getText()`` returns the source text of the comment, not including delimiters.
- ``Comment.getLine(i)`` returns the ``i``\ th line of text within the comment (0-based).
- ``Comment.getNumLines()`` returns the number of lines in the comment.
- ``Comment.getNextToken()`` returns the token immediately following a comment. Note that such a token always exists: if a comment appears at the end of a file, its following token is an `EOFToken <https://help.semmle.com/qldoc/javascript/semmle/javascript/Tokens.qll/type.Tokens$EOFToken.html>`__.
- ``Comment.getNextToken()`` returns the token immediately following a comment. Note that such a token always exists: if a comment appears at the end of a file, its following token is an `EOFToken <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Tokens.qll/type.Tokens$EOFToken.html>`__.
As an example of a query using only lexical information, consider the following query for finding HTML comments, which are not a standard ECMAScript feature and should be avoided:
@@ -186,7 +186,7 @@ Syntactic level
The majority of classes in the JavaScript library is concerned with representing a JavaScript program as a collection of `abstract syntax trees <http://en.wikipedia.org/wiki/Abstract_syntax_tree>`__ (ASTs).
The class `ASTNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$ASTNode.html>`__ contains all entities representing nodes in the abstract syntax trees and defines generic tree traversal predicates:
The class `ASTNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$ASTNode.html>`__ contains all entities representing nodes in the abstract syntax trees and defines generic tree traversal predicates:
- ``ASTNode.getChild(i)``: returns the ``i``\ th child of this AST node.
- ``ASTNode.getAChild()``: returns any child of this AST node.
@@ -201,25 +201,25 @@ The class `ASTNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/A
Top-levels
^^^^^^^^^^
From a syntactic point of view, each JavaScript program is composed of one or more top-level code blocks (or *top-levels* for short), which are blocks of JavaScript code that do not belong to a larger code block. Top-levels are represented by the class `TopLevel <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$TopLevel.html>`__ and its subclasses:
From a syntactic point of view, each JavaScript program is composed of one or more top-level code blocks (or *top-levels* for short), which are blocks of JavaScript code that do not belong to a larger code block. Top-levels are represented by the class `TopLevel <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$TopLevel.html>`__ and its subclasses:
- `TopLevel <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$TopLevel.html>`__
- `TopLevel <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$TopLevel.html>`__
- `Script <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$Script.html>`__: a stand-alone file or HTML ``<script>`` element
- `Script <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$Script.html>`__: a stand-alone file or HTML ``<script>`` element
- `ExternalScript <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$ExternalScript.html>`__: a stand-alone JavaScript file
- `InlineScript <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$InlineScript.html>`__: code embedded inline in an HTML ``<script>`` tag
- `ExternalScript <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$ExternalScript.html>`__: a stand-alone JavaScript file
- `InlineScript <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$InlineScript.html>`__: code embedded inline in an HTML ``<script>`` tag
- `CodeInAttribute <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$CodeInAttribute.html>`__: a code block originating from an HTML attribute value
- `CodeInAttribute <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$CodeInAttribute.html>`__: a code block originating from an HTML attribute value
- `EventHandlerCode <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$EventHandlerCode.html>`__: code from an event handler attribute such as ``onload``
- `JavaScriptURL <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$JavaScriptURL.html>`__: code from a URL with the ``javascript:`` scheme
- `EventHandlerCode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$EventHandlerCode.html>`__: code from an event handler attribute such as ``onload``
- `JavaScriptURL <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$JavaScriptURL.html>`__: code from a URL with the ``javascript:`` scheme
- `Externs <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$Externs.html>`__: a JavaScript file containing `externs <https://developers.google.com/closure/compiler/docs/api-tutorial3#externs>`__ definitions
- `Externs <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$Externs.html>`__: a JavaScript file containing `externs <https://developers.google.com/closure/compiler/docs/api-tutorial3#externs>`__ definitions
Every `TopLevel <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$TopLevel.html>`__ class is contained in a `File <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$File.html>`__ class, but a single `File <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$File.html>`__ may contain more than one `TopLevel <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$TopLevel.html>`__. To go from a ``TopLevel tl`` to its `File <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$File.html>`__, use ``tl.getFile()``; conversely, for a ``File f``, predicate ``f.getATopLevel()`` returns a top-level contained in ``f``. For every AST node, predicate ``ASTNode.getTopLevel()`` can be used to find the top-level it belongs to.
Every `TopLevel <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$TopLevel.html>`__ class is contained in a `File <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$File.html>`__ class, but a single `File <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$File.html>`__ may contain more than one `TopLevel <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$TopLevel.html>`__. To go from a ``TopLevel tl`` to its `File <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$File.html>`__, use ``tl.getFile()``; conversely, for a ``File f``, predicate ``f.getATopLevel()`` returns a top-level contained in ``f``. For every AST node, predicate ``ASTNode.getTopLevel()`` can be used to find the top-level it belongs to.
The `TopLevel <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$TopLevel.html>`__ class additionally provides the following member predicates:
The `TopLevel <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$TopLevel.html>`__ class additionally provides the following member predicates:
- ``TopLevel.getNumberOfLines()`` returns the total number of lines (including code, comments and whitespace) in the top-level.
- ``TopLevel.getNumberOfLinesOfCode()`` returns the number of lines of code, that is, lines that contain at least one token.
@@ -235,111 +235,111 @@ The `TopLevel <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.ql
Statements and expressions
^^^^^^^^^^^^^^^^^^^^^^^^^^
The most important subclasses of `ASTNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$ASTNode.html>`__ besides `TopLevel <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$TopLevel.html>`__ are `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ and `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__, which, together with their subclasses, represent statements and expressions, respectively. This section briefly discusses some of the more important classes and predicates. For a full reference of all the subclasses of `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ and `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ and their API, see
`Stmt.qll <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/module.Stmt.html>`__ and `Expr.qll <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/module.Expr.html>`__.
The most important subclasses of `ASTNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$ASTNode.html>`__ besides `TopLevel <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$TopLevel.html>`__ are `Stmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ and `Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__, which, together with their subclasses, represent statements and expressions, respectively. This section briefly discusses some of the more important classes and predicates. For a full reference of all the subclasses of `Stmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ and `Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ and their API, see
`Stmt.qll <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/module.Stmt.html>`__ and `Expr.qll <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/module.Expr.html>`__.
- `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__: use ``Stmt.getContainer()`` to access the innermost function or top-level in which the statement is contained.
- `Stmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__: use ``Stmt.getContainer()`` to access the innermost function or top-level in which the statement is contained.
- `ControlStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html>`__: a statement that controls the execution of other statements, that is, a conditional, loop, ``try`` or ``with`` statement; use ``ControlStmt.getAControlledStmt()`` to access the statements that it controls.
- `ControlStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ControlStmt.html>`__: a statement that controls the execution of other statements, that is, a conditional, loop, ``try`` or ``with`` statement; use ``ControlStmt.getAControlledStmt()`` to access the statements that it controls.
- `IfStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$IfStmt.html>`__: an ``if`` statement; use ``IfStmt.getCondition()``, ``IfStmt.getThen()`` and ``IfStmt.getElse()`` to access its condition expression, "then" branch and "else" branch, respectively.
- `LoopStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$LoopStmt.html>`__: a loop; use ``Loop.getBody()`` and ``Loop.getTest()`` to access its body and its test expression, respectively.
- `IfStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$IfStmt.html>`__: an ``if`` statement; use ``IfStmt.getCondition()``, ``IfStmt.getThen()`` and ``IfStmt.getElse()`` to access its condition expression, "then" branch and "else" branch, respectively.
- `LoopStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$LoopStmt.html>`__: a loop; use ``Loop.getBody()`` and ``Loop.getTest()`` to access its body and its test expression, respectively.
- `WhileStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$WhileStmt.html>`__, `DoWhileStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$DoWhileStmt.html>`__: a "while" or "do-while" loop, respectively.
- `ForStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ForStmt.html>`__: a "for" statement; use ``ForStmt.getInit()`` and ``ForStmt.getUpdate()`` to access the init and update expressions, respectively.
- `EnhancedForLoop <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$EnhancedForLoop.html>`__: a "for-in" or "for-of" loop; use ``EnhancedForLoop.getIterator()`` to access the loop iterator (which may be a expression or variable declaration), and ``EnhancedForLoop.getIterationDomain()`` to access the expression being iterated over.
- `WhileStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$WhileStmt.html>`__, `DoWhileStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$DoWhileStmt.html>`__: a "while" or "do-while" loop, respectively.
- `ForStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ForStmt.html>`__: a "for" statement; use ``ForStmt.getInit()`` and ``ForStmt.getUpdate()`` to access the init and update expressions, respectively.
- `EnhancedForLoop <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$EnhancedForLoop.html>`__: a "for-in" or "for-of" loop; use ``EnhancedForLoop.getIterator()`` to access the loop iterator (which may be a expression or variable declaration), and ``EnhancedForLoop.getIterationDomain()`` to access the expression being iterated over.
- `ForInStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ForInStmt.html>`__, `ForOfStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ForOfStmt.html>`__: a "for-in" or "for-of" loop, respectively.
- `ForInStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ForInStmt.html>`__, `ForOfStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ForOfStmt.html>`__: a "for-in" or "for-of" loop, respectively.
- `WithStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$WithStmt.html>`__: a "with" statement; use ``WithStmt.getExpr()`` and ``WithStmt.getBody()`` to access the controlling expression and the body of the with statement, respectively.
- `SwitchStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$SwitchStmt.html>`__: a switch statement; use ``SwitchStmt.getExpr()`` to access the expression on which the statement switches; use ``SwitchStmt.getCase(int)`` and ``SwitchStmt.getACase()`` to access individual switch cases; each case is modeled by an entity of class `Case <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Case.html>`__, whose member predicates ``Case.getExpr()`` and ``Case.getBodyStmt(int)`` provide access to the expression checked by the switch case (which is undefined for ``default``), and its body.
- `TryStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$TryStmt.html>`__: a "try" statement; use ``TryStmt.getBody()``, ``TryStmt.getCatchClause()`` and ``TryStmt.getFinally`` to access its body, "catch" clause and "finally" block, respectively.
- `WithStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$WithStmt.html>`__: a "with" statement; use ``WithStmt.getExpr()`` and ``WithStmt.getBody()`` to access the controlling expression and the body of the with statement, respectively.
- `SwitchStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$SwitchStmt.html>`__: a switch statement; use ``SwitchStmt.getExpr()`` to access the expression on which the statement switches; use ``SwitchStmt.getCase(int)`` and ``SwitchStmt.getACase()`` to access individual switch cases; each case is modeled by an entity of class `Case <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$Case.html>`__, whose member predicates ``Case.getExpr()`` and ``Case.getBodyStmt(int)`` provide access to the expression checked by the switch case (which is undefined for ``default``), and its body.
- `TryStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$TryStmt.html>`__: a "try" statement; use ``TryStmt.getBody()``, ``TryStmt.getCatchClause()`` and ``TryStmt.getFinally`` to access its body, "catch" clause and "finally" block, respectively.
- `BlockStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$BlockStmt.html>`__: a block of statements; use ``BlockStmt.getStmt(int)`` to access the individual statements in the block.
- `ExprStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ExprStmt.html>`__: an expression statement; use ``ExprStmt.getExpr()`` to access the expression itself.
- `JumpStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$JumpStmt.html>`__: a statement that disrupts structured control flow, that is, one of ``break``, ``continue``, ``return`` and ``throw``; use predicate ``JumpStmt.getTarget()`` to determine the target of the jump, which is either a statement or (for ``return`` and uncaught ``throw`` statements) the enclosing function.
- `BlockStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$BlockStmt.html>`__: a block of statements; use ``BlockStmt.getStmt(int)`` to access the individual statements in the block.
- `ExprStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ExprStmt.html>`__: an expression statement; use ``ExprStmt.getExpr()`` to access the expression itself.
- `JumpStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$JumpStmt.html>`__: a statement that disrupts structured control flow, that is, one of ``break``, ``continue``, ``return`` and ``throw``; use predicate ``JumpStmt.getTarget()`` to determine the target of the jump, which is either a statement or (for ``return`` and uncaught ``throw`` statements) the enclosing function.
- `BreakStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$BreakStmt.html>`__: a "break" statement; use ``BreakStmt.getLabel()`` to access its (optional) target label.
- `ContinueStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ContinueStmt.html>`__: a "continue" statement; use ``ContinueStmt.getLabel()`` to access its (optional) target label.
- `ReturnStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ReturnStmt.html>`__: a "return" statement; use ``ReturnStmt.getExpr()`` to access its (optional) result expression.
- `ThrowStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ThrowStmt.html>`__: a "throw" statement; use ``ThrowStmt.getExpr()`` to access its thrown expression.
- `BreakStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$BreakStmt.html>`__: a "break" statement; use ``BreakStmt.getLabel()`` to access its (optional) target label.
- `ContinueStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ContinueStmt.html>`__: a "continue" statement; use ``ContinueStmt.getLabel()`` to access its (optional) target label.
- `ReturnStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ReturnStmt.html>`__: a "return" statement; use ``ReturnStmt.getExpr()`` to access its (optional) result expression.
- `ThrowStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ThrowStmt.html>`__: a "throw" statement; use ``ThrowStmt.getExpr()`` to access its thrown expression.
- `FunctionDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$FunctionDeclStmt.html>`__: a function declaration statement; see below for available member predicates.
- `ClassDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ClassDeclStmt.html>`__: a class declaration statement; see below for available member predicates.
- `DeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$DeclStmt.html>`__: a declaration statement containing one or more declarators which can be accessed by predicate ``DeclStmt.getDeclarator(int)``.
- `FunctionDeclStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$FunctionDeclStmt.html>`__: a function declaration statement; see below for available member predicates.
- `ClassDeclStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$ClassDeclStmt.html>`__: a class declaration statement; see below for available member predicates.
- `DeclStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$DeclStmt.html>`__: a declaration statement containing one or more declarators which can be accessed by predicate ``DeclStmt.getDeclarator(int)``.
- `VarDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$VarDeclStmt.html>`__, `ConstDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ConstDeclStmt.html>`__, `LetStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$LetStmt.html>`__: a ``var``, ``const`` or ``let`` declaration statement.
- `VarDeclStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$VarDeclStmt.html>`__, `ConstDeclStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ConstDeclStmt.html>`__, `LetStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$LetStmt.html>`__: a ``var``, ``const`` or ``let`` declaration statement.
- `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__: use ``Expr.getEnclosingStmt()`` to obtain the innermost statement to which this expression belongs; ``Expr.isPure()`` determines whether the expression is side-effect-free.
- `Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__: use ``Expr.getEnclosingStmt()`` to obtain the innermost statement to which this expression belongs; ``Expr.isPure()`` determines whether the expression is side-effect-free.
- `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__: an identifier; use ``Identifier.getName()`` to obtain its name.
- `Literal <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Literal.html>`__: a literal value; use ``Literal.getValue()`` to obtain a string representation of its value, and ``Literal.getRawValue()`` to obtain its raw source text (including surrounding quotes for string literals).
- `Identifier <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__: an identifier; use ``Identifier.getName()`` to obtain its name.
- `Literal <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Literal.html>`__: a literal value; use ``Literal.getValue()`` to obtain a string representation of its value, and ``Literal.getRawValue()`` to obtain its raw source text (including surrounding quotes for string literals).
- `NullLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$NullLiteral.html>`__, `BooleanLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$BooleanLiteral.html>`__, `NumberLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$NumberLiteral.html>`__, `StringLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$StringLiteral.html>`__, `RegExpLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$RegExpLiteral.html>`__: different kinds of literals.
- `NullLiteral <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$NullLiteral.html>`__, `BooleanLiteral <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$BooleanLiteral.html>`__, `NumberLiteral <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$NumberLiteral.html>`__, `StringLiteral <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$StringLiteral.html>`__, `RegExpLiteral <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$RegExpLiteral.html>`__: different kinds of literals.
- `ThisExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ThisExpr.html>`__: a "this" expression.
- `SuperExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$SuperExpr.html>`__: a "super" expression.
- `ArrayExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ArrayExpr.html>`__: an array expression; use ``ArrayExpr.getElement(i)`` to obtain the ``i``\ th element expression, and ``ArrayExpr.elementIsOmitted(i)`` to check whether the ``i``\ th element is omitted.
- `ObjectExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ObjectExpr.html>`__: an object expression; use ``ObjectExpr.getProperty(i)`` to obtain the ``i``\ th property in the object expression; properties are modeled by class `Property <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Property.html>`__, which is described in more detail below.
- `FunctionExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$FunctionExpr.html>`__: a function expression; see below for available member predicates.
- `ArrowFunctionExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ArrowFunctionExpr.html>`__: an ECMAScript 2015-style arrow function expression; see below for available member predicates.
- `ClassExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ClassExpr.html>`__: a class expression; see below for available member predicates.
- `ParExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ParExpr.html>`__: a parenthesized expression; use ``ParExpr.getExpression()`` to obtain the operand expression; for any expression, ``Expr.stripParens()`` can be used to recursively strip off any parentheses
- `SeqExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$SeqExpr.html>`__: a sequence of two or more expressions connected by the comma operator; use ``SeqExpr.getOperand(i)`` to obtain the ``i``\ th sub-expression.
- `ConditionalExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ConditionalExpr.html>`__: a ternary conditional expression; member predicates ``ConditionalExpr.getCondition()``, ``ConditionalExpr.getConsequent()`` and ``ConditionalExpr.getAlternate()`` provide access to the condition expression, the "then" expression and the "else" expression, respectively.
- `InvokeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$InvokeExpr.html>`__: a function call or a "new" expression; use ``InvokeExpr.getCallee()`` to obtain the expression specifying the function to be called, and ``InvokeExpr.getArgument(i)`` to obtain the ``i``\ th argument expression.
- `ThisExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ThisExpr.html>`__: a "this" expression.
- `SuperExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$SuperExpr.html>`__: a "super" expression.
- `ArrayExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ArrayExpr.html>`__: an array expression; use ``ArrayExpr.getElement(i)`` to obtain the ``i``\ th element expression, and ``ArrayExpr.elementIsOmitted(i)`` to check whether the ``i``\ th element is omitted.
- `ObjectExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ObjectExpr.html>`__: an object expression; use ``ObjectExpr.getProperty(i)`` to obtain the ``i``\ th property in the object expression; properties are modeled by class `Property <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Property.html>`__, which is described in more detail below.
- `FunctionExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$FunctionExpr.html>`__: a function expression; see below for available member predicates.
- `ArrowFunctionExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ArrowFunctionExpr.html>`__: an ECMAScript 2015-style arrow function expression; see below for available member predicates.
- `ClassExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$ClassExpr.html>`__: a class expression; see below for available member predicates.
- `ParExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ParExpr.html>`__: a parenthesized expression; use ``ParExpr.getExpression()`` to obtain the operand expression; for any expression, ``Expr.stripParens()`` can be used to recursively strip off any parentheses
- `SeqExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$SeqExpr.html>`__: a sequence of two or more expressions connected by the comma operator; use ``SeqExpr.getOperand(i)`` to obtain the ``i``\ th sub-expression.
- `ConditionalExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ConditionalExpr.html>`__: a ternary conditional expression; member predicates ``ConditionalExpr.getCondition()``, ``ConditionalExpr.getConsequent()`` and ``ConditionalExpr.getAlternate()`` provide access to the condition expression, the "then" expression and the "else" expression, respectively.
- `InvokeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$InvokeExpr.html>`__: a function call or a "new" expression; use ``InvokeExpr.getCallee()`` to obtain the expression specifying the function to be called, and ``InvokeExpr.getArgument(i)`` to obtain the ``i``\ th argument expression.
- `CallExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CallExpr.html>`__: a function call.
- `NewExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$NewExpr.html>`__: a "new" expression.
- `MethodCallExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$MethodCallExpr.html>`__: a function call whose callee expression is a property access; use ``MethodCallExpr.getReceiver`` to access the receiver expression of the method call, and ``MethodCallExpr.getMethodName()`` to get the method name (if it can be determined statically).
- `CallExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$CallExpr.html>`__: a function call.
- `NewExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$NewExpr.html>`__: a "new" expression.
- `MethodCallExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$MethodCallExpr.html>`__: a function call whose callee expression is a property access; use ``MethodCallExpr.getReceiver`` to access the receiver expression of the method call, and ``MethodCallExpr.getMethodName()`` to get the method name (if it can be determined statically).
- `PropAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PropAccess.html>`__: a property access, that is, either a "dot" expression of the form ``e.f`` or an index expression of the form ``e[p]``; use ``PropAccess.getBase()`` to obtain the base expression on which the property is accessed (``e`` in the example), and ``PropAccess.getPropertyName()`` to determine the name of the accessed property; if the name cannot be statically determined, ``getPropertyName()`` does not return any value.
- `PropAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PropAccess.html>`__: a property access, that is, either a "dot" expression of the form ``e.f`` or an index expression of the form ``e[p]``; use ``PropAccess.getBase()`` to obtain the base expression on which the property is accessed (``e`` in the example), and ``PropAccess.getPropertyName()`` to determine the name of the accessed property; if the name cannot be statically determined, ``getPropertyName()`` does not return any value.
- `DotExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$DotExpr.html>`__: a "dot" expression.
- `IndexExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$IndexExpr.html>`__: an index expression (also known as computed property access).
- `DotExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$DotExpr.html>`__: a "dot" expression.
- `IndexExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$IndexExpr.html>`__: an index expression (also known as computed property access).
- `UnaryExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$UnaryExpr.html>`__: a unary expression; use ``UnaryExpr.getOperand()`` to obtain the operand expression.
- `UnaryExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$UnaryExpr.html>`__: a unary expression; use ``UnaryExpr.getOperand()`` to obtain the operand expression.
- `NegExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$NegExpr.html>`__ ("-"), `PlusExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PlusExpr.html>`__ ("+"), `LogNotExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$LogNotExpr.html>`__ ("!"), `BitNotExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$BitNotExpr.html>`__ ("~"), `TypeofExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$TypeofExpr.html>`__, `VoidExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$VoidExpr.html>`__, `DeleteExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$DeleteExpr.html>`__, `SpreadElement <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$SpreadElement.html>`__ ("..."): various types of unary expressions.
- `NegExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$NegExpr.html>`__ ("-"), `PlusExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PlusExpr.html>`__ ("+"), `LogNotExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$LogNotExpr.html>`__ ("!"), `BitNotExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$BitNotExpr.html>`__ ("~"), `TypeofExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$TypeofExpr.html>`__, `VoidExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$VoidExpr.html>`__, `DeleteExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$DeleteExpr.html>`__, `SpreadElement <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$SpreadElement.html>`__ ("..."): various types of unary expressions.
- `BinaryExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$BinaryExpr.html>`__: a binary expression; use ``BinaryExpr.getLeftOperand()`` and ``BinaryExpr.getRightOperand()`` to access the operand expressions.
- `BinaryExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$BinaryExpr.html>`__: a binary expression; use ``BinaryExpr.getLeftOperand()`` and ``BinaryExpr.getRightOperand()`` to access the operand expressions.
- `Comparison <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Comparison.html>`__: any comparison expression.
- `Comparison <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Comparison.html>`__: any comparison expression.
- `EqualityTest <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$EqualityTest.html>`__: any equality or inequality test.
- `EqualityTest <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$EqualityTest.html>`__: any equality or inequality test.
- `EqExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$EqExpr.html>`__ ("=="), `NEqExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$NEqExpr.html>`__ ("!="): non-strict equality and inequality tests.
- `StrictEqExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$StrictEqExpr.html>`__ ("==="), `StrictNEqExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$StrictNEqExpr.html>`__ ("!=="): strict equality and inequality tests.
- `EqExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$EqExpr.html>`__ ("=="), `NEqExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$NEqExpr.html>`__ ("!="): non-strict equality and inequality tests.
- `StrictEqExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$StrictEqExpr.html>`__ ("==="), `StrictNEqExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$StrictNEqExpr.html>`__ ("!=="): strict equality and inequality tests.
- `LTExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$LTExpr.html>`__ ("<"), `LEExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$LEExpr.html>`__ ("<="), `GTExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$GTExpr.html>`__ (">"), `GEExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$GEExpr.html>`__ (">="): numeric comparisons.
- `LTExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$LTExpr.html>`__ ("<"), `LEExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$LEExpr.html>`__ ("<="), `GTExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$GTExpr.html>`__ (">"), `GEExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$GEExpr.html>`__ (">="): numeric comparisons.
- `LShiftExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$LShiftExpr.html>`__ ("<<"), `RShiftExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$RShiftExpr.html>`__ (">>"), `URShiftExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$URShiftExpr.html>`__ (">>>"): shift operators.
- `AddExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AddExpr.html>`__ ("+"), `SubExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$SubExpr.html>`__ ("-"), `MulExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$MulExpr.html>`__ ("*"), `DivExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$DivExpr.html>`__ ("/"), `ModExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ModExpr.html>`__ ("%"), `ExpExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ExpExpr.html>`__ ("**"): arithmetic operators.
- `BitOrExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$BitOrExpr.html>`__ ("|"), `XOrExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$XOrExpr.html>`__ ("^"), `BitAndExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$BitAndExpr.html>`__ ("&"): bitwise operators.
- `InExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$InExpr.html>`__: an ``in`` test.
- `InstanceofExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$InstanceofExpr.html>`__: an ``instanceof`` test.
- `LogAndExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$LogAndExpr.html>`__ ("&&"), `LogOrExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$LogOrExpr.html>`__ ("||"): short-circuiting logical operators.
- `LShiftExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$LShiftExpr.html>`__ ("<<"), `RShiftExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$RShiftExpr.html>`__ (">>"), `URShiftExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$URShiftExpr.html>`__ (">>>"): shift operators.
- `AddExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AddExpr.html>`__ ("+"), `SubExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$SubExpr.html>`__ ("-"), `MulExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$MulExpr.html>`__ ("*"), `DivExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$DivExpr.html>`__ ("/"), `ModExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ModExpr.html>`__ ("%"), `ExpExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ExpExpr.html>`__ ("**"): arithmetic operators.
- `BitOrExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$BitOrExpr.html>`__ ("|"), `XOrExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$XOrExpr.html>`__ ("^"), `BitAndExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$BitAndExpr.html>`__ ("&"): bitwise operators.
- `InExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$InExpr.html>`__: an ``in`` test.
- `InstanceofExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$InstanceofExpr.html>`__: an ``instanceof`` test.
- `LogAndExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$LogAndExpr.html>`__ ("&&"), `LogOrExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$LogOrExpr.html>`__ ("||"): short-circuiting logical operators.
- `Assignment <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Assignment.html>`__: assignment expressions, either simple or compound; use ``Assignment.getLhs()`` and ``Assignment.getRhs()`` to access the left- and right-hand side, respectively.
- `Assignment <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Assignment.html>`__: assignment expressions, either simple or compound; use ``Assignment.getLhs()`` and ``Assignment.getRhs()`` to access the left- and right-hand side, respectively.
- `AssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignExpr.html>`__: a simple assignment expression.
- `CompoundAssignExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__: a compound assignment expression.
- `AssignExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignExpr.html>`__: a simple assignment expression.
- `CompoundAssignExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$CompoundAssignExpr.html>`__: a compound assignment expression.
- `AssignAddExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignAddExpr.html>`__, `AssignSubExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignSubExpr.html>`__, `AssignMulExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignMulExpr.html>`__, `AssignDivExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignDivExpr.html>`__, `AssignModExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignModExpr.html>`__, `AssignLShiftExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignLShiftExpr.html>`__, `AssignRShiftExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignRShiftExpr.html>`__,
`AssignURShiftExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignURShiftExpr.html>`__, `AssignOrExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignOrExpr.html>`__, `AssignXOrExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignXOrExpr.html>`__, `AssignAndExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignAndExpr.html>`__, `AssignExpExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AssignExpExpr.html>`__: different kinds of compound assignment expressions.
- `AssignAddExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignAddExpr.html>`__, `AssignSubExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignSubExpr.html>`__, `AssignMulExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignMulExpr.html>`__, `AssignDivExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignDivExpr.html>`__, `AssignModExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignModExpr.html>`__, `AssignLShiftExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignLShiftExpr.html>`__, `AssignRShiftExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignRShiftExpr.html>`__,
`AssignURShiftExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignURShiftExpr.html>`__, `AssignOrExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignOrExpr.html>`__, `AssignXOrExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignXOrExpr.html>`__, `AssignAndExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignAndExpr.html>`__, `AssignExpExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AssignExpExpr.html>`__: different kinds of compound assignment expressions.
- `UpdateExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$UpdateExpr.html>`__: an increment or decrement expression; use ``UpdateExpr.getOperand()`` to obtain the operand expression.
- `UpdateExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$UpdateExpr.html>`__: an increment or decrement expression; use ``UpdateExpr.getOperand()`` to obtain the operand expression.
- `PreIncExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PreIncExpr.html>`__, `PostIncExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PostIncExpr.html>`__: an increment expression.
- `PreDecExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PreDecExpr.html>`__, `PostDecExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PostDecExpr.html>`__: a decrement expression.
- `PreIncExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PreIncExpr.html>`__, `PostIncExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PostIncExpr.html>`__: an increment expression.
- `PreDecExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PreDecExpr.html>`__, `PostDecExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PostDecExpr.html>`__: a decrement expression.
- `YieldExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$YieldExpr.html>`__: a "yield" expression; use ``YieldExpr.getOperand()`` to access the (optional) operand expression; use ``YieldExpr.isDelegating()`` to check whether this is a delegating ``yield*``.
- `TemplateLiteral <https://help.semmle.com/qldoc/javascript/semmle/javascript/Templates.qll/type.Templates$TemplateLiteral.html>`__: an ECMAScript 2015 template literal; ``TemplateLiteral.getElement(i)`` returns the ``i``\ th element of the template, which may either be an interpolated expression or a constant template element.
- `TaggedTemplateExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Templates.qll/type.Templates$TaggedTemplateExpr.html>`__: an ECMAScript 2015 tagged template literal; use ``TaggedTemplateExpr.getTag()`` to access the tagging expression, and ``TaggedTemplateExpr.getTemplate()`` to access the template literal being tagged.
- `TemplateElement <https://help.semmle.com/qldoc/javascript/semmle/javascript/Templates.qll/type.Templates$TemplateElement.html>`__: a constant template element; as for literals, use ``TemplateElement.getValue()`` to obtain the value of the element, and ``TemplateElement.getRawValue()`` for its raw value
- `AwaitExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AwaitExpr.html>`__: an "await" expression; use ``AwaitExpr.getOperand()`` to access the operand expression.
- `YieldExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$YieldExpr.html>`__: a "yield" expression; use ``YieldExpr.getOperand()`` to access the (optional) operand expression; use ``YieldExpr.isDelegating()`` to check whether this is a delegating ``yield*``.
- `TemplateLiteral <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Templates.qll/type.Templates$TemplateLiteral.html>`__: an ECMAScript 2015 template literal; ``TemplateLiteral.getElement(i)`` returns the ``i``\ th element of the template, which may either be an interpolated expression or a constant template element.
- `TaggedTemplateExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Templates.qll/type.Templates$TaggedTemplateExpr.html>`__: an ECMAScript 2015 tagged template literal; use ``TaggedTemplateExpr.getTag()`` to access the tagging expression, and ``TaggedTemplateExpr.getTemplate()`` to access the template literal being tagged.
- `TemplateElement <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Templates.qll/type.Templates$TemplateElement.html>`__: a constant template element; as for literals, use ``TemplateElement.getValue()`` to obtain the value of the element, and ``TemplateElement.getRawValue()`` for its raw value
- `AwaitExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AwaitExpr.html>`__: an "await" expression; use ``AwaitExpr.getOperand()`` to access the operand expression.
`Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ and `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ share a common superclass `ExprOrStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$ExprOrStmt.html>`__ which is useful for queries that should operate either on statements or on expressions, but not on any other AST nodes.
`Stmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ and `Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ share a common superclass `ExprOrStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$ExprOrStmt.html>`__ which is useful for queries that should operate either on statements or on expressions, but not on any other AST nodes.
As an example of how to use expression AST nodes, here is a query that finds expressions of the form ``e + f >> g``; such expressions should be rewritten as ``(e + f) >> g`` to clarify operator precedence:
@@ -356,12 +356,12 @@ As an example of how to use expression AST nodes, here is a query that finds exp
Functions
^^^^^^^^^
JavaScript provides several ways of defining functions: in ECMAScript 5, there are function declaration statements and function expressions, and ECMAScript 2015 adds arrow function expressions. These different syntactic forms are represented by the classes `FunctionDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$FunctionDeclStmt.html>`__ (a subclass of `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__), `FunctionExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$FunctionExpr.html>`__ (a subclass of `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__) and `ArrowFunctionExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ArrowFunctionExpr.html>`__ (also a subclass of
`Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__), respectively. All three are subclasses of `Function <https://help.semmle.com/qldoc/javascript/semmle/javascript/Functions.qll/type.Functions$Function.html>`__, which provides common member predicates for accessing function parameters or the function body:
JavaScript provides several ways of defining functions: in ECMAScript 5, there are function declaration statements and function expressions, and ECMAScript 2015 adds arrow function expressions. These different syntactic forms are represented by the classes `FunctionDeclStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$FunctionDeclStmt.html>`__ (a subclass of `Stmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__), `FunctionExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$FunctionExpr.html>`__ (a subclass of `Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__) and `ArrowFunctionExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ArrowFunctionExpr.html>`__ (also a subclass of
`Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__), respectively. All three are subclasses of `Function <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Functions.qll/type.Functions$Function.html>`__, which provides common member predicates for accessing function parameters or the function body:
- ``Function.getId()`` returns the `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ naming the function, which may not be defined for function expressions.
- ``Function.getParameter(i)`` and ``Function.getAParameter()`` access the ``i``\ th parameter or any parameter, respectively; parameters are modeled by the class `Parameter <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Parameter.html>`__, which is a subclass of `BindingPattern <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$BindingPattern.html>`__ (see below).
- ``Function.getBody()`` returns the body of the function, which is usually a `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__, but may be an `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ for arrow function expressions and legacy `expression closures <https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Expression_closures>`__.
- ``Function.getId()`` returns the `Identifier <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ naming the function, which may not be defined for function expressions.
- ``Function.getParameter(i)`` and ``Function.getAParameter()`` access the ``i``\ th parameter or any parameter, respectively; parameters are modeled by the class `Parameter <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Parameter.html>`__, which is a subclass of `BindingPattern <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$BindingPattern.html>`__ (see below).
- ``Function.getBody()`` returns the body of the function, which is usually a `Stmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__, but may be an `Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ for arrow function expressions and legacy `expression closures <https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Expression_closures>`__.
As an example, here is a query that finds all expression closures:
@@ -393,10 +393,10 @@ As another example, this query finds functions that have two parameters that bin
Classes
^^^^^^^
Classes can be defined either by class declaration statements, represented by the CodeQL class `ClassDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ClassDeclStmt.html>`__ (which is a subclass of `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__), or by class expressions, represented by the CodeQL class `ClassExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ClassExpr.html>`__ (which is a subclass of `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__). Both of these classes are also subclasses of `ClassDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ClassDefinition.html>`__, which provides common member predicates for accessing the name of a class, its superclass, and its body:
Classes can be defined either by class declaration statements, represented by the CodeQL class `ClassDeclStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$ClassDeclStmt.html>`__ (which is a subclass of `Stmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__), or by class expressions, represented by the CodeQL class `ClassExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$ClassExpr.html>`__ (which is a subclass of `Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__). Both of these classes are also subclasses of `ClassDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$ClassDefinition.html>`__, which provides common member predicates for accessing the name of a class, its superclass, and its body:
- ``ClassDefinition.getIdentifier()`` returns the `Identifier <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ naming the function, which may not be defined for class expressions.
- ``ClassDefinition.getSuperClass()`` returns the `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ specifying the superclass, which may not be defined.
- ``ClassDefinition.getIdentifier()`` returns the `Identifier <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Identifier.html>`__ naming the function, which may not be defined for class expressions.
- ``ClassDefinition.getSuperClass()`` returns the `Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ specifying the superclass, which may not be defined.
- ``ClassDefinition.getMember(n)`` returns the definition of member ``n`` of this class.
- ``ClassDefinition.getMethod(n)`` restricts ``ClassDefinition.getMember(n)`` to methods (as opposed to fields).
- ``ClassDefinition.getField(n)`` restricts ``ClassDefinition.getMember(n)`` to fields (as opposed to methods).
@@ -404,30 +404,30 @@ Classes can be defined either by class declaration statements, represented by th
Note that class fields are not a standard language feature yet, so details of their representation may change.
Method definitions are represented by the class `MethodDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$MethodDefinition.html>`__, which (like its counterpart `FieldDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$FieldDefinition.html>`__ for fields) is a subclass of `MemberDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$MemberDefinition.html>`__. That class provides the following important member predicates:
Method definitions are represented by the class `MethodDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$MethodDefinition.html>`__, which (like its counterpart `FieldDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$FieldDefinition.html>`__ for fields) is a subclass of `MemberDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$MemberDefinition.html>`__. That class provides the following important member predicates:
- ``MemberDefinition.isStatic()``: holds if this is a static member.
- ``MemberDefinition.isComputed()``: holds if the name of this member is computed at runtime.
- ``MemberDefinition.getName()``: gets the name of this member if it can be determined statically.
- ``MemberDefinition.getInit()``: gets the initializer of this field; for methods, the initializer is a function expressions, for fields it may be an arbitrary expression, and may be undefined.
There are three classes for modeling special methods: `ConstructorDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ConstructorDefinition.html>`__ models constructors, while `GetterMethodDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$GetterMethodDefinition.html>`__ and `SetterMethodDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$SetterMethodDefinition.html>`__ model getter and setter methods, respectively.
There are three classes for modeling special methods: `ConstructorDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$ConstructorDefinition.html>`__ models constructors, while `GetterMethodDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$GetterMethodDefinition.html>`__ and `SetterMethodDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$SetterMethodDefinition.html>`__ model getter and setter methods, respectively.
Declarations and binding patterns
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Variables are declared by declaration statements (class `DeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$DeclStmt.html>`__), which come in three flavors: ``var`` statements (represented by class `VarDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$VarDeclStmt.html>`__), ``const`` statements (represented by class `ConstDeclStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$ConstDeclStmt.html>`__), and ``let`` statements (represented by class `LetStmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$LetStmt.html>`__). Every declaration statement has one or more declarators, represented by class `VariableDeclarator <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VariableDeclarator.html>`__.
Variables are declared by declaration statements (class `DeclStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$DeclStmt.html>`__), which come in three flavors: ``var`` statements (represented by class `VarDeclStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$VarDeclStmt.html>`__), ``const`` statements (represented by class `ConstDeclStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$ConstDeclStmt.html>`__), and ``let`` statements (represented by class `LetStmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$LetStmt.html>`__). Every declaration statement has one or more declarators, represented by class `VariableDeclarator <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$VariableDeclarator.html>`__.
Each declarator consists of a binding pattern, returned by predicate ``VariableDeclarator.getBindingPattern()``, and an optional initializing expression, returned by ``VariableDeclarator.getInit()``.
Often, the binding pattern is a simple identifier, as in ``var x = 42``. In ECMAScript 2015 and later, however, it can also be a more complex destructuring pattern, as in ``var [x, y] = arr``.
The various kinds of binding patterns are represented by class `BindingPattern <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$BindingPattern.html>`__ and its subclasses:
The various kinds of binding patterns are represented by class `BindingPattern <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$BindingPattern.html>`__ and its subclasses:
- `VarRef <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarRef.html>`__: a simple identifier in an l-value position, for example the ``x`` in ``var x`` or in ``x = 42``
- `Parameter <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Parameter.html>`__: a function or catch clause parameter
- `ArrayPattern <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$ArrayPattern.html>`__: an array pattern, for example, the left-hand side of ``[x, y] = arr``
- `ObjectPattern <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$ObjectPattern.html>`__: an object pattern, for example, the left-hand side of ``{x, y: z} = o``
- `VarRef <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$VarRef.html>`__: a simple identifier in an l-value position, for example the ``x`` in ``var x`` or in ``x = 42``
- `Parameter <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Parameter.html>`__: a function or catch clause parameter
- `ArrayPattern <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$ArrayPattern.html>`__: an array pattern, for example, the left-hand side of ``[x, y] = arr``
- `ObjectPattern <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$ObjectPattern.html>`__: an object pattern, for example, the left-hand side of ``{x, y: z} = o``
Here is an example of a query to find declaration statements that declare the same variable more than once, excluding results in minified code:
@@ -451,11 +451,11 @@ Here is an example of a query to find declaration statements that declare the sa
Properties
^^^^^^^^^^
Properties in object literals are represented by class `Property <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Property.html>`__, which is also a subclass of `ASTNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$ASTNode.html>`__, but neither of `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ nor of `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__.
Properties in object literals are represented by class `Property <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Property.html>`__, which is also a subclass of `ASTNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$ASTNode.html>`__, but neither of `Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ nor of `Stmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__.
Class `Property <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Property.html>`__ has two subclasses `ValueProperty <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$ValueProperty.html>`__ and `PropertyAccessor <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyAccessor.html>`__, which represent, respectively, normal value properties and getter/setter properties. Class `PropertyAccessor <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyAccessor.html>`__, in turn, has two subclasses `PropertyGetter <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyGetter.html>`__ and `PropertySetter <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PropertySetter.html>`__ representing getters and setters, respectively.
Class `Property <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Property.html>`__ has two subclasses `ValueProperty <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$ValueProperty.html>`__ and `PropertyAccessor <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyAccessor.html>`__, which represent, respectively, normal value properties and getter/setter properties. Class `PropertyAccessor <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyAccessor.html>`__, in turn, has two subclasses `PropertyGetter <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyGetter.html>`__ and `PropertySetter <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PropertySetter.html>`__ representing getters and setters, respectively.
The predicates ``Property.getName()`` and ``Property.getInit()`` provide access to the defined property's name and its initial value. For `PropertyAccessor <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyAccessor.html>`__ and its subclasses, ``getInit()`` is overloaded to return the getter/setter function.
The predicates ``Property.getName()`` and ``Property.getInit()`` provide access to the defined property's name and its initial value. For `PropertyAccessor <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$PropertyAccessor.html>`__ and its subclasses, ``getInit()`` is overloaded to return the getter/setter function.
As an example of a query involving properties, consider the following query that flags object expressions containing two identically named properties, excluding results in minified code:
@@ -476,30 +476,30 @@ As an example of a query involving properties, consider the following query that
Modules
^^^^^^^
The JavaScript library has support for working with ECMAScript 2015 modules, as well as legacy CommonJS modules (still commonly employed by Node.js code bases) and AMD-style modules. The classes `ES2015Module <https://help.semmle.com/qldoc/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ES2015Module.html>`__, `NodeModule <https://help.semmle.com/qldoc/javascript/semmle/javascript/NodeJS.qll/type.NodeJS$NodeModule.html>`__, and `AMDModule <https://help.semmle.com/qldoc/javascript/semmle/javascript/AMD.qll/type.AMD$AmdModule.html>`__ represent these three types of modules, and all three extend the common superclass `Module <https://help.semmle.com/qldoc/javascript/semmle/javascript/Modules.qll/type.Modules$Module.html>`__.
The JavaScript library has support for working with ECMAScript 2015 modules, as well as legacy CommonJS modules (still commonly employed by Node.js code bases) and AMD-style modules. The classes `ES2015Module <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/ES2015Modules.qll/type.ES2015Modules$ES2015Module.html>`__, `NodeModule <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/NodeJS.qll/type.NodeJS$NodeModule.html>`__, and `AMDModule <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AMD.qll/type.AMD$AmdModule.html>`__ represent these three types of modules, and all three extend the common superclass `Module <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Modules.qll/type.Modules$Module.html>`__.
The most important member predicates defined by `Module <https://help.semmle.com/qldoc/javascript/semmle/javascript/Modules.qll/type.Modules$Module.html>`__ are:
The most important member predicates defined by `Module <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Modules.qll/type.Modules$Module.html>`__ are:
- ``Module.getName()``: gets the name of the module, which is just the stem (that is, the basename without extension) of the enclosing file.
- ``Module.getAnImportedModule()``: gets another module that is imported (through ``import`` or ``require``) by this module.
- ``Module.getAnExportedSymbol()``: gets the name of a symbol that this module exports.
Moreover, there is a class `Import <https://help.semmle.com/qldoc/javascript/semmle/javascript/Modules.qll/type.Modules$Import.html>`__ that models both ECMAScript 2015-style ``import`` declarations and CommonJS/AMD-style ``require`` calls; its member predicate ``Import.getImportedModule`` provides access to the module the import refers to, if it can be determined statically.
Moreover, there is a class `Import <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Modules.qll/type.Modules$Import.html>`__ that models both ECMAScript 2015-style ``import`` declarations and CommonJS/AMD-style ``require`` calls; its member predicate ``Import.getImportedModule`` provides access to the module the import refers to, if it can be determined statically.
Name binding
~~~~~~~~~~~~
Name binding is modeled in the JavaScript libraries using four concepts: *scopes*, *variables*, *variable declarations*, and *variable accesses*, represented by the classes `Scope <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Scope.html>`__, `Variable <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__, `VarDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarDecl.html>`__ and `VarAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html>`__, respectively.
Name binding is modeled in the JavaScript libraries using four concepts: *scopes*, *variables*, *variable declarations*, and *variable accesses*, represented by the classes `Scope <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Scope.html>`__, `Variable <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__, `VarDecl <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$VarDecl.html>`__ and `VarAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html>`__, respectively.
Scopes
^^^^^^
In ECMAScript 5, there are three kinds of scopes: the global scope (one per program), function scopes (one per function), and catch clause scopes (one per ``catch`` clause). These three kinds of scopes are represented by the classes `GlobalScope <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$GlobalScope.html>`__, `FunctionScope <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$FunctionScope.html>`__ and `CatchScope <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$CatchScope.html>`__. ECMAScript 2015 adds block scopes for ``let``-bound variables, which are also represented by class `Scope <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Scope.html>`__, class expression scopes (`ClassExprScope <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ClassExprScope.html>`__),
and module scopes (`ModuleScope <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$ModuleScope.html>`__).
In ECMAScript 5, there are three kinds of scopes: the global scope (one per program), function scopes (one per function), and catch clause scopes (one per ``catch`` clause). These three kinds of scopes are represented by the classes `GlobalScope <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$GlobalScope.html>`__, `FunctionScope <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$FunctionScope.html>`__ and `CatchScope <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$CatchScope.html>`__. ECMAScript 2015 adds block scopes for ``let``-bound variables, which are also represented by class `Scope <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Scope.html>`__, class expression scopes (`ClassExprScope <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$ClassExprScope.html>`__),
and module scopes (`ModuleScope <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$ModuleScope.html>`__).
Class `Scope <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Scope.html>`__ provides the following API:
Class `Scope <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Scope.html>`__ provides the following API:
- ``Scope.getScopeElement()`` returns the AST node inducing this scope; undefined for `GlobalScope <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$GlobalScope.html>`__.
- ``Scope.getScopeElement()`` returns the AST node inducing this scope; undefined for `GlobalScope <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$GlobalScope.html>`__.
- ``Scope.getOuterScope()`` returns the lexically enclosing scope of this scope.
- ``Scope.getAnInnerScope()`` returns a scope lexically nested inside this scope.
- ``Scope.getVariable(name)``, ``Scope.getAVariable()`` return a variable declared (implicitly or explicitly) in this scope.
@@ -507,22 +507,22 @@ Class `Scope <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variabl
Variables
^^^^^^^^^
The `Variable <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__ class models all variables in a JavaScript program, including global variables, local variables, and parameters (both of functions and ``catch`` clauses), whether explicitly declared or not.
The `Variable <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__ class models all variables in a JavaScript program, including global variables, local variables, and parameters (both of functions and ``catch`` clauses), whether explicitly declared or not.
It is important not to confuse variables and their declarations: local variables may have more than one declaration, while global variables and the implicitly declared local ``arguments`` variable need not have a declaration at all.
Variable declarations and accesses
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Variables may be declared by variable declarators, by function declaration statements and expressions, by class declaration statements or expressions, or by parameters of functions and ``catch`` clauses. While these declarations differ in their syntactic form, in each case there is an identifier naming the declared variable. We consider that identifier to be the declaration proper, and assign it the class `VarDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarDecl.html>`__. Identifiers that reference a variable, on the other hand, are given the class `VarAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html>`__.
Variables may be declared by variable declarators, by function declaration statements and expressions, by class declaration statements or expressions, or by parameters of functions and ``catch`` clauses. While these declarations differ in their syntactic form, in each case there is an identifier naming the declared variable. We consider that identifier to be the declaration proper, and assign it the class `VarDecl <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$VarDecl.html>`__. Identifiers that reference a variable, on the other hand, are given the class `VarAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html>`__.
The most important predicates involving variables, their declarations, and their accesses are as follows:
- ``Variable.getName()``, ``VarDecl.getName()``, ``VarAccess.getName()`` return the name of the variable.
- ``Variable.getScope()`` returns the scope to which the variable belongs.
- ``Variable.isGlobal()``, ``Variable.isLocal()``, ``Variable.isParameter()`` determine whether the variable is a global variable, a local variable, or a parameter variable, respectively.
- ``Variable.getAnAccess()`` maps a `Variable <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__ to all `VarAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html>`__\ es that refer to it.
- ``Variable.getADeclaration()`` maps a `Variable <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__ to all `VarDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarDecl.html>`__\ s that declare it (of which there may be none, one, or more than one).
- ``Variable.getAnAccess()`` maps a `Variable <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__ to all `VarAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html>`__\ es that refer to it.
- ``Variable.getADeclaration()`` maps a `Variable <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__ to all `VarDecl <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$VarDecl.html>`__\ s that declare it (of which there may be none, one, or more than one).
- ``Variable.isCaptured()`` determines whether the variable is ever accessed in a scope that is lexically nested within the scope where it is declared.
As an example, consider the following query which finds distinct function declarations that declare the same variable, that is, two conflicting function declarations within the same scope (again excluding minified code):
@@ -542,25 +542,25 @@ As an example, consider the following query which finds distinct function declar
Control flow
~~~~~~~~~~~~
A different program representation in terms of intraprocedural control flow graphs (CFGs) is provided by the classes in library `CFG.qll <https://help.semmle.com/qldoc/javascript/semmle/javascript/CFG.qll/module.CFG.html>`__.
A different program representation in terms of intraprocedural control flow graphs (CFGs) is provided by the classes in library `CFG.qll <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CFG.qll/module.CFG.html>`__.
Class `ControlFlowNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowNode.html>`__ represents a single node in the control flow graph, which is either an expression, a statement, or a synthetic control flow node. Note that `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ and `Stmt <https://help.semmle.com/qldoc/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ do not inherit from `ControlFlowNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowNode.html>`__ at the CodeQL level, although their entity types are compatible, so you can explicitly cast from one to the other if you need to map between the AST-based and the CFG-based program representations.
Class `ControlFlowNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowNode.html>`__ represents a single node in the control flow graph, which is either an expression, a statement, or a synthetic control flow node. Note that `Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__ and `Stmt <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Stmt.qll/type.Stmt$Stmt.html>`__ do not inherit from `ControlFlowNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowNode.html>`__ at the CodeQL level, although their entity types are compatible, so you can explicitly cast from one to the other if you need to map between the AST-based and the CFG-based program representations.
There are two kinds of synthetic control flow nodes: entry nodes (class `ControlFlowEntryNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowEntryNode.html>`__), which represent the beginning of a top-level or function, and exit nodes (class `ControlFlowExitNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowExitNode.html>`__), which represent their end. They do not correspond to any AST nodes, but simply serve as the unique entry point and exit point of a control flow graph. Entry and exit nodes can be accessed through the predicates ``StmtContainer.getEntry()`` and ``StmtContainer.getExit()``.
There are two kinds of synthetic control flow nodes: entry nodes (class `ControlFlowEntryNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowEntryNode.html>`__), which represent the beginning of a top-level or function, and exit nodes (class `ControlFlowExitNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowExitNode.html>`__), which represent their end. They do not correspond to any AST nodes, but simply serve as the unique entry point and exit point of a control flow graph. Entry and exit nodes can be accessed through the predicates ``StmtContainer.getEntry()`` and ``StmtContainer.getExit()``.
Most, but not all, top-levels and functions have another distinguished CFG node, the *start node*. This is the CFG node at which execution begins. Unlike the entry node, which is a synthetic construct, the start node corresponds to an actual program element: for top-levels, it is the first CFG node of the first statement; for functions, it is the CFG node corresponding to their first parameter or, if there are no parameters, the first CFG node of the body. Empty top-levels do not have a start node.
For most purposes, using start nodes is preferable to using entry nodes.
The structure of the control flow graph is reflected in the member predicates of `ControlFlowNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowNode.html>`__:
The structure of the control flow graph is reflected in the member predicates of `ControlFlowNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowNode.html>`__:
- ``ControlFlowNode.getASuccessor()`` returns a `ControlFlowNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowNode.html>`__ that is a successor of this `ControlFlowNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowNode.html>`__ in the control flow graph.
- ``ControlFlowNode.getASuccessor()`` returns a `ControlFlowNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowNode.html>`__ that is a successor of this `ControlFlowNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowNode.html>`__ in the control flow graph.
- ``ControlFlowNode.getAPredecessor()`` is the inverse of ``getASuccessor()``.
- ``ControlFlowNode.isBranch()`` determines whether this node has more than one successor.
- ``ControlFlowNode.isJoin()`` determines whether this node has more than one predecessor.
- ``ControlFlowNode.isStart()`` determines whether this node is a start node.
Many control-flow-based analyses are phrased in terms of `basic blocks <http://en.wikipedia.org/wiki/Basic_block>`__ rather than single control flow nodes, where a basic block is a maximal sequence of control flow nodes without branches or joins. The class `BasicBlock <https://help.semmle.com/qldoc/javascript/semmle/javascript/BasicBlocks.qll/type.BasicBlocks$BasicBlock.html>`__ from `BasicBlocks.qll <https://help.semmle.com/qldoc/javascript/semmle/javascript/BasicBlocks.qll/module.BasicBlocks.html>`__ represents all such basic blocks. Similar to `ControlFlowNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowNode.html>`__, it provides member predicates ``getASuccessor()`` and ``getAPredecessor()`` to navigate the control flow graph at the level of basic blocks, and member predicates ``getANode()``, ``getNode(int)``, ``getFirstNode()`` and ``getLastNode()`` to access individual control flow nodes within a basic block. The predicate
Many control-flow-based analyses are phrased in terms of `basic blocks <http://en.wikipedia.org/wiki/Basic_block>`__ rather than single control flow nodes, where a basic block is a maximal sequence of control flow nodes without branches or joins. The class `BasicBlock <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/BasicBlocks.qll/type.BasicBlocks$BasicBlock.html>`__ from `BasicBlocks.qll <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/BasicBlocks.qll/module.BasicBlocks.html>`__ represents all such basic blocks. Similar to `ControlFlowNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CFG.qll/type.CFG$ControlFlowNode.html>`__, it provides member predicates ``getASuccessor()`` and ``getAPredecessor()`` to navigate the control flow graph at the level of basic blocks, and member predicates ``getANode()``, ``getNode(int)``, ``getFirstNode()`` and ``getLastNode()`` to access individual control flow nodes within a basic block. The predicate
``Function.getEntryBB()`` returns the entry basic block in a function, that is, the basic block containing the function's entry node. Similarly, ``Function.getStartBB()`` provides access to the start basic block, which contains the function's start node. As for CFG nodes, ``getStartBB()`` should normally be preferred over ``getEntryBB()``.
As an example of an analysis using basic blocks, ``BasicBlock.isLiveAtEntry(v, u)`` determines whether variable ``v`` is `live <http://en.wikipedia.org/wiki/Live_variable_analysis>`__ at the entry of the given basic block, and if so binds ``u`` to a use of ``v`` that refers to its value at the entry. We can use it to find global variables that are used in a function where they are not live (that is, every read of the variable is preceded by a write), suggesting that the variable was meant to be declared as a local variable instead:
@@ -582,9 +582,9 @@ Data flow
Definitions and uses
^^^^^^^^^^^^^^^^^^^^
Library `DefUse.qll <https://help.semmle.com/qldoc/javascript/semmle/javascript/DefUse.qll/module.DefUse.html>`__ provides classes and predicates to determine `def-use <http://en.wikipedia.org/wiki/Use-define_chain>`__ relationships between definitions and uses of variables.
Library `DefUse.qll <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/DefUse.qll/module.DefUse.html>`__ provides classes and predicates to determine `def-use <http://en.wikipedia.org/wiki/Use-define_chain>`__ relationships between definitions and uses of variables.
Classes `VarDef <https://help.semmle.com/qldoc/javascript/semmle/javascript/DefUse.qll/type.DefUse$VarDef.html>`__ and `VarUse <https://help.semmle.com/qldoc/javascript/semmle/javascript/DefUse.qll/type.DefUse$VarUse.html>`__ contain all expressions that define and use a variable, respectively. For the former, you can use predicate ``VarDef.getAVariable()`` to find out which variables are defined by a given variable definition (recall that destructuring assignments in ECMAScript 2015 define several variables at the same time). Similarly, predicate ``VarUse.getVariable()`` returns the (single) variable being accessed by a variable use.
Classes `VarDef <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/DefUse.qll/type.DefUse$VarDef.html>`__ and `VarUse <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/DefUse.qll/type.DefUse$VarUse.html>`__ contain all expressions that define and use a variable, respectively. For the former, you can use predicate ``VarDef.getAVariable()`` to find out which variables are defined by a given variable definition (recall that destructuring assignments in ECMAScript 2015 define several variables at the same time). Similarly, predicate ``VarUse.getVariable()`` returns the (single) variable being accessed by a variable use.
The def-use information itself is provided by predicate ``VarUse.getADef()``, that connects a use of a variable to a definition of the same variable, where the definition may reach the use.
@@ -606,20 +606,20 @@ SSA
A more fine-grained representation of a program's data flow based on `Static Simple Assignment Form (SSA) <https://en.wikipedia.org/wiki/Static_single_assignment_form>`__ is provided by the library ``semmle.javascript.SSA``.
In SSA form, each use of a local variable has exactly one (SSA) definition that reaches it. SSA definitions are represented by class `SsaDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/SSA.qll/type.SSA$SsaDefinition.html>`__. They are not AST nodes, since not every SSA definition corresponds to an explicit element in the source code.
In SSA form, each use of a local variable has exactly one (SSA) definition that reaches it. SSA definitions are represented by class `SsaDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/SSA.qll/type.SSA$SsaDefinition.html>`__. They are not AST nodes, since not every SSA definition corresponds to an explicit element in the source code.
Altogether, there are five kinds of SSA definitions:
#. Explicit definitions (`SsaExplicitDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/SSA.qll/type.SSA$SsaExplicitDefinition.html>`__): these simply wrap a `VarDef <https://help.semmle.com/qldoc/javascript/semmle/javascript/DefUse.qll/type.DefUse$VarDef.html>`__, that is, a definition like ``x = 1`` appearing explicitly in the source code.
#. Implicit initializations (`SsaImplicitInit <https://help.semmle.com/qldoc/javascript/semmle/javascript/SSA.qll/type.SSA$SsaImplicitInit.html>`__): these represent the implicit initialization of local variables with ``undefined`` at the beginning of their scope.
#. Phi nodes (`SsaPhiNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/SSA.qll/type.SSA$SsaPhiNode.html>`__): these are pseudo-definitions that merge two or more SSA definitions where necessary; see the Wikipedia page linked to above for an explanation.
#. Variable captures (`SsaVariableCapture <https://help.semmle.com/qldoc/javascript/semmle/javascript/SSA.qll/type.SSA$SsaVariableCapture.html>`__): these are pseudo-definitions appearing at places in the code where the value of a captured variable may change without there being an explicit assignment, for example due to a function call.
#. Refinement nodes (`SsaRefinementNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/SSA.qll/type.SSA$SsaRefinementNode.html>`__): these are pseudo-definitions appearing at places in the code where something becomes known about a variable; for example, a conditional ``if (x === null)`` induces a refinement node at the beginning of its "then" branch recording the fact that ``x`` is known to be ``null`` there. (In the literature, these are sometimes known as "pi nodes.")
#. Explicit definitions (`SsaExplicitDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/SSA.qll/type.SSA$SsaExplicitDefinition.html>`__): these simply wrap a `VarDef <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/DefUse.qll/type.DefUse$VarDef.html>`__, that is, a definition like ``x = 1`` appearing explicitly in the source code.
#. Implicit initializations (`SsaImplicitInit <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/SSA.qll/type.SSA$SsaImplicitInit.html>`__): these represent the implicit initialization of local variables with ``undefined`` at the beginning of their scope.
#. Phi nodes (`SsaPhiNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/SSA.qll/type.SSA$SsaPhiNode.html>`__): these are pseudo-definitions that merge two or more SSA definitions where necessary; see the Wikipedia page linked to above for an explanation.
#. Variable captures (`SsaVariableCapture <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/SSA.qll/type.SSA$SsaVariableCapture.html>`__): these are pseudo-definitions appearing at places in the code where the value of a captured variable may change without there being an explicit assignment, for example due to a function call.
#. Refinement nodes (`SsaRefinementNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/SSA.qll/type.SSA$SsaRefinementNode.html>`__): these are pseudo-definitions appearing at places in the code where something becomes known about a variable; for example, a conditional ``if (x === null)`` induces a refinement node at the beginning of its "then" branch recording the fact that ``x`` is known to be ``null`` there. (In the literature, these are sometimes known as "pi nodes.")
Data flow nodes
^^^^^^^^^^^^^^^
Moving beyond just variable definitions and uses, library ``semmle.javascript.dataflow.DataFlow`` provides a representation of the program as a data flow graph. Its nodes are values of class `DataFlow::Node <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$Node.html>`__, which has two subclasses ``ValueNode`` and ``SsaDefinitionNode``. Nodes of the former kind wrap an expression or a statement that is considered to produce a value (specifically, a function or class declaration statement, or a TypeScript namespace or enum declaration). Nodes of the latter kind wrap SSA definitions.
Moving beyond just variable definitions and uses, library ``semmle.javascript.dataflow.DataFlow`` provides a representation of the program as a data flow graph. Its nodes are values of class `DataFlow::Node <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$Node.html>`__, which has two subclasses ``ValueNode`` and ``SsaDefinitionNode``. Nodes of the former kind wrap an expression or a statement that is considered to produce a value (specifically, a function or class declaration statement, or a TypeScript namespace or enum declaration). Nodes of the latter kind wrap SSA definitions.
You can use the predicate ``DataFlow::valueNode`` to convert an expression, function or class into its corresponding ``ValueNode``, and similarly ``DataFlow::ssaDefinitionNode`` to map an SSA definition to its corresponding ``SsaDefinitionNode``.
@@ -649,7 +649,7 @@ Note that the data flow modeling in this library is intraprocedural, that is, fl
Type inference
~~~~~~~~~~~~~~
The library ``semmle.javascript.dataflow.TypeInference`` implements a simple type inference for JavaScript based on intraprocedural, heap-insensitive flow analysis. Basically, the inference algorithm approximates the possible concrete runtime values of variables and expressions as sets of abstract values (represented by the class `AbstractValue <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/AbstractValues.qll/type.AbstractValues$AbstractValue.html>`__), each of which stands for a set of concrete values.
The library ``semmle.javascript.dataflow.TypeInference`` implements a simple type inference for JavaScript based on intraprocedural, heap-insensitive flow analysis. Basically, the inference algorithm approximates the possible concrete runtime values of variables and expressions as sets of abstract values (represented by the class `AbstractValue <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/AbstractValues.qll/type.AbstractValues$AbstractValue.html>`__), each of which stands for a set of concrete values.
For example, there is an abstract value representing all non-zero numbers, and another representing all non-empty strings except for those that can be converted to a number. Both of these abstract values are fairly coarse approximations that represent very large sets of concrete values.
@@ -661,9 +661,9 @@ Each indefinite abstract value is associated with a string value describing the
To check whether an abstract value is indefinite, you can use the ``isIndefinite`` member predicate. Its single argument describes the cause of imprecision.
Each abstract value has one or more associated types (CodeQL class `InferredType <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/InferredTypes.qll/type.InferredTypes$InferredType.html>`__ corresponding roughly to the type tags computed by the ``typeof`` operator. The types are ``null``, ``undefined``, ``boolean``, ``number``, ``string``, ``function``, ``class``, ``date`` and ``object``.
Each abstract value has one or more associated types (CodeQL class `InferredType <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/InferredTypes.qll/type.InferredTypes$InferredType.html>`__ corresponding roughly to the type tags computed by the ``typeof`` operator. The types are ``null``, ``undefined``, ``boolean``, ``number``, ``string``, ``function``, ``class``, ``date`` and ``object``.
To access the results of the type inference, use class `DataFlow::AnalyzedNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/TypeInference.qll/type.TypeInference$AnalyzedNode.html>`__: any `DataFlow::Node <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$Node.html>`__ can be cast to this class, and additionally there is a convenience predicate ``Expr::analyze`` that maps expressions directly to their corresponding ``AnalyzedNode``\ s.
To access the results of the type inference, use class `DataFlow::AnalyzedNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/TypeInference.qll/type.TypeInference$AnalyzedNode.html>`__: any `DataFlow::Node <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$Node.html>`__ can be cast to this class, and additionally there is a convenience predicate ``Expr::analyze`` that maps expressions directly to their corresponding ``AnalyzedNode``\ s.
Once you have an ``AnalyzedNode``, you can use predicate ``AnalyzedNode.getAValue()`` to access the abstract values inferred for it, and ``getAType()`` to get the inferred types.
@@ -688,7 +688,7 @@ Call graph
The JavaScript library implements a simple `call graph <http://en.wikipedia.org/wiki/Call_graph>`__ construction algorithm to statically approximate the possible call targets of function calls and ``new`` expressions. Due to the dynamically typed nature of JavaScript and its support for higher-order functions and reflective language features, building static call graphs is quite difficult. Simple call graph algorithms tend to be incomplete, that is, they often fail to resolve all possible call targets. More sophisticated algorithms can suffer from the opposite problem of imprecision, that is, they may infer many spurious call targets.
The call graph is represented by the member predicate ``getACallee()`` of class `DataFlow::InvokeNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$InvokeNode.html>`__, which computes possible callees of the given invocation, that is, functions that may at runtime be invoked by this expression.
The call graph is represented by the member predicate ``getACallee()`` of class `DataFlow::InvokeNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$InvokeNode.html>`__, which computes possible callees of the given invocation, that is, functions that may at runtime be invoked by this expression.
Furthermore, there are three member predicates that indicate the quality of the callee information for this invocation:
@@ -791,9 +791,9 @@ Note that while analyses implemented in this way are inter-procedural in that th
Syntax errors
~~~~~~~~~~~~~
JavaScript code that contains syntax errors cannot usually be analyzed. For such code, the lexical and syntactic representations are not available, and hence no name binding information, call graph or control and data flow. All that is available in this case is a value of class `JSParseError <https://help.semmle.com/qldoc/javascript/semmle/javascript/Errors.qll/type.Errors$JSParseError.html>`__ representing the syntax error. It provides information about the syntax error location (`JSParseError <https://help.semmle.com/qldoc/javascript/semmle/javascript/Errors.qll/type.Errors$JSParseError.html>`__ is a subclass of `Locatable <https://help.semmle.com/qldoc/javascript/semmle/javascript/Locations.qll/type.Locations$Locatable.html>`__) and the error message through predicate ``JSParseError.getMessage``.
JavaScript code that contains syntax errors cannot usually be analyzed. For such code, the lexical and syntactic representations are not available, and hence no name binding information, call graph or control and data flow. All that is available in this case is a value of class `JSParseError <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Errors.qll/type.Errors$JSParseError.html>`__ representing the syntax error. It provides information about the syntax error location (`JSParseError <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Errors.qll/type.Errors$JSParseError.html>`__ is a subclass of `Locatable <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Locations.qll/type.Locations$Locatable.html>`__) and the error message through predicate ``JSParseError.getMessage``.
Note that for some very simple syntax errors the parser can recover and continue parsing. If this happens, lexical and syntactic information is available in addition to the `JSParseError <https://help.semmle.com/qldoc/javascript/semmle/javascript/Errors.qll/type.Errors$JSParseError.html>`__ values representing the (recoverable) syntax errors encountered during parsing.
Note that for some very simple syntax errors the parser can recover and continue parsing. If this happens, lexical and syntactic information is available in addition to the `JSParseError <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Errors.qll/type.Errors$JSParseError.html>`__ values representing the (recoverable) syntax errors encountered during parsing.
Frameworks
~~~~~~~~~~
@@ -803,9 +803,9 @@ AngularJS
The ``semmle.javascript.frameworks.AngularJS`` library provides support for working with `AngularJS (Angular 1.x) <https://www.angularjs.org/>`__ code. Its most important classes are:
- `AngularJS::AngularModule <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/AngularJS/AngularJSCore.qll/type.AngularJSCore$AngularModule.html>`__: an Angular module
- `AngularJS::DirectiveDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/AngularJS/ServiceDefinitions.qll/type.ServiceDefinitions$DirectiveDefinition.html>`__, `AngularJS::FactoryRecipeDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/AngularJS/ServiceDefinitions.qll/type.ServiceDefinitions$FactoryRecipeDefinition.html>`__, `AngularJS::FilterDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/AngularJS/ServiceDefinitions.qll/type.ServiceDefinitions$FilterDefinition.html>`__, `AngularJS::ControllerDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/AngularJS/ServiceDefinitions.qll/type.ServiceDefinitions$ControllerDefinition.html>`__: a definition of a directive, service, filter or controller, respectively
- `AngularJS::InjectableFunction <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/AngularJS/DependencyInjections.qll/type.DependencyInjections$InjectableFunction.html>`__: a function that is subject to dependency injection
- `AngularJS::AngularModule <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/AngularJS/AngularJSCore.qll/type.AngularJSCore$AngularModule.html>`__: an Angular module
- `AngularJS::DirectiveDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/AngularJS/ServiceDefinitions.qll/type.ServiceDefinitions$DirectiveDefinition.html>`__, `AngularJS::FactoryRecipeDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/AngularJS/ServiceDefinitions.qll/type.ServiceDefinitions$FactoryRecipeDefinition.html>`__, `AngularJS::FilterDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/AngularJS/ServiceDefinitions.qll/type.ServiceDefinitions$FilterDefinition.html>`__, `AngularJS::ControllerDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/AngularJS/ServiceDefinitions.qll/type.ServiceDefinitions$ControllerDefinition.html>`__: a definition of a directive, service, filter or controller, respectively
- `AngularJS::InjectableFunction <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/AngularJS/DependencyInjections.qll/type.DependencyInjections$InjectableFunction.html>`__: a function that is subject to dependency injection
HTTP framework libraries
^^^^^^^^^^^^^^^^^^^^^^^^
@@ -831,8 +831,8 @@ Node.js
The ``semmle.javascript.NodeJS`` library provides support for working with `Node.js <http://nodejs.org/>`__ modules through the following classes:
- `NodeModule <https://help.semmle.com/qldoc/javascript/semmle/javascript/NodeJS.qll/type.NodeJS$NodeModule.html>`__: a top-level that defines a Node.js module; see the section on `Modules <#modules>`__ for more information.
- `Require <https://help.semmle.com/qldoc/javascript/semmle/javascript/NodeJS.qll/type.NodeJS$Require.html>`__: a call to the special ``require`` function that imports a module.
- `NodeModule <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/NodeJS.qll/type.NodeJS$NodeModule.html>`__: a top-level that defines a Node.js module; see the section on `Modules <#modules>`__ for more information.
- `Require <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/NodeJS.qll/type.NodeJS$Require.html>`__: a call to the special ``require`` function that imports a module.
As an example of the use of these classes, here is a query that counts for every module how many other modules it imports:
@@ -850,10 +850,10 @@ NPM
The ``semmle.javascript.NPM`` library provides support for working with `NPM <http://npmjs.org/>`__ packages through the following classes:
- `PackageJSON <https://help.semmle.com/qldoc/javascript/semmle/javascript/NPM.qll/type.NPM$PackageJSON.html>`__: a ``package.json`` file describing an NPM package; various getter predicates are available for accessing detailed information about the package, which are described in the `online API documentation <https://help.semmle.com/qldoc/javascript/semmle/javascript/NPM.qll/module.NPM.html>`__.
- `BugTrackerInfo <https://help.semmle.com/qldoc/javascript/semmle/javascript/NPM.qll/type.NPM$BugTrackerInfo.html>`__, `ContributorInfo <https://help.semmle.com/qldoc/javascript/semmle/javascript/NPM.qll/type.NPM$ContributorInfo.html>`__, `RepositoryInfo <https://help.semmle.com/qldoc/javascript/semmle/javascript/NPM.qll/type.NPM$RepositoryInfo.html>`__: these classes model parts of the ``package.json`` file providing information on bug tracking systems, contributors and repositories.
- `PackageDependencies <https://help.semmle.com/qldoc/javascript/semmle/javascript/NPM.qll/type.NPM$PackageDependencies.html>`__: models the dependencies of an NPM package; the predicate ``PackageDependencies.getADependency(pkg, v)`` binds ``pkg`` to the name and ``v`` to the version of a package required by a ``package.json`` file.
- `NPMPackage <https://help.semmle.com/qldoc/javascript/semmle/javascript/NPM.qll/type.NPM$NPMPackage.html>`__: a subclass of `Folder <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$Folder.html>`__ that models an NPM package; important member predicates include:
- `PackageJSON <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/NPM.qll/type.NPM$PackageJSON.html>`__: a ``package.json`` file describing an NPM package; various getter predicates are available for accessing detailed information about the package, which are described in the `online API documentation <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/NPM.qll/module.NPM.html>`__.
- `BugTrackerInfo <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/NPM.qll/type.NPM$BugTrackerInfo.html>`__, `ContributorInfo <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/NPM.qll/type.NPM$ContributorInfo.html>`__, `RepositoryInfo <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/NPM.qll/type.NPM$RepositoryInfo.html>`__: these classes model parts of the ``package.json`` file providing information on bug tracking systems, contributors and repositories.
- `PackageDependencies <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/NPM.qll/type.NPM$PackageDependencies.html>`__: models the dependencies of an NPM package; the predicate ``PackageDependencies.getADependency(pkg, v)`` binds ``pkg`` to the name and ``v`` to the version of a package required by a ``package.json`` file.
- `NPMPackage <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/NPM.qll/type.NPM$NPMPackage.html>`__: a subclass of `Folder <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$Folder.html>`__ that models an NPM package; important member predicates include:
- ``NPMPackage.getPackageName()`` returns the name of this package.
- ``NPMPackage.getPackageJSON()`` returns the ``package.json`` file for this package.
@@ -877,7 +877,7 @@ As an example of the use of these classes, here is a query that identifies unuse
React
^^^^^
The ``semmle.javascript.frameworks.React`` library provides support for working with `React <https://facebook.github.io/react/>`__ code through the `ReactComponent <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/React.qll/type.React$ReactComponent.html>`__ class, which models a React component defined either in the functional style or the class-based style (both ECMAScript 2015 classes and old-style ``React.createClass`` classes are supported).
The ``semmle.javascript.frameworks.React`` library provides support for working with `React <https://facebook.github.io/react/>`__ code through the `ReactComponent <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/React.qll/type.React$ReactComponent.html>`__ class, which models a React component defined either in the functional style or the class-based style (both ECMAScript 2015 classes and old-style ``React.createClass`` classes are supported).
Databases
^^^^^^^^^
@@ -909,22 +909,22 @@ Externs
The ``semmle.javascript.Externs`` library provides support for working with `externs <https://developers.google.com/closure/compiler/docs/api-tutorial3>`__ through the following classes:
- `ExternalDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalDecl.html>`__: common superclass modeling all different kinds of externs declarations; it defines two member predicates:
- `ExternalDecl <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalDecl.html>`__: common superclass modeling all different kinds of externs declarations; it defines two member predicates:
- ``ExternalDecl.getQualifiedName()`` returns the fully qualified name of the declared entity.
- ``ExternalDecl.getName()`` returns the unqualified name of the declared entity.
- `ExternalTypedef <https://help.semmle.com/qldoc/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalTypedef.html>`__: a subclass of `ExternalDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalDecl.html>`__ representing type declarations; unlike other externs declarations, such declarations do not declare a function or object that is present at runtime, but simply introduce an alias for a type.
- `ExternalVarDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalVarDecl.html>`__: a subclass of `ExternalDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalDecl.html>`__ representing a variable or function declaration; it defines two member predicates:
- `ExternalTypedef <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalTypedef.html>`__: a subclass of `ExternalDecl <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalDecl.html>`__ representing type declarations; unlike other externs declarations, such declarations do not declare a function or object that is present at runtime, but simply introduce an alias for a type.
- `ExternalVarDecl <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalVarDecl.html>`__: a subclass of `ExternalDecl <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalDecl.html>`__ representing a variable or function declaration; it defines two member predicates:
- ``ExternalVarDecl.getInit()`` returns the initializer associated with this declaration, if any; this can either be a `Function <https://help.semmle.com/qldoc/javascript/semmle/javascript/Functions.qll/type.Functions$Function.html>`__ or an `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__.
- ``ExternalVarDecl.getInit()`` returns the initializer associated with this declaration, if any; this can either be a `Function <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Functions.qll/type.Functions$Function.html>`__ or an `Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__.
- ``ExternalVarDecl.getDocumentation()`` returns the JSDoc comment associated with this declaration.
Variables and functions declared in an externs file are either globals (represented by class `ExternalGlobalDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalGlobalDecl.html>`__), or members (represented by class `ExternalMemberDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalMemberDecl.html>`__).
Variables and functions declared in an externs file are either globals (represented by class `ExternalGlobalDecl <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalGlobalDecl.html>`__), or members (represented by class `ExternalMemberDecl <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalMemberDecl.html>`__).
Members are further subdivided into static members (class `ExternalStaticMemberDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalStaticMemberDecl.html>`__) and instance members (class `ExternalInstanceMemberDecl <https://help.semmle.com/qldoc/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalInstanceMemberDecl.html>`__).
Members are further subdivided into static members (class `ExternalStaticMemberDecl <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalStaticMemberDecl.html>`__) and instance members (class `ExternalInstanceMemberDecl <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Externs.qll/type.Externs$ExternalInstanceMemberDecl.html>`__).
For more details on these and other classes representing externs, see `the API documentation <https://help.semmle.com/qldoc/javascript/semmle/javascript/Externs.qll/module.Externs.html>`__.
For more details on these and other classes representing externs, see `the API documentation <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Externs.qll/module.Externs.html>`__.
HTML
^^^^
@@ -942,17 +942,17 @@ JSDoc
The ``semmle.javascript.JSDoc`` library provides support for working with `JSDoc comments <http://usejsdoc.org/>`__. Documentation comments are parsed into an abstract syntax tree representation closely following the format employed by the `Doctrine <https://github.com/Constellation/doctrine>`__ JSDoc parser.
A JSDoc comment as a whole is represented by an entity of class `JSDoc <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSDoc.qll/type.JSDoc$JSDoc.html>`__, while individual tags are represented by class `JSDocTag <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSDoc.qll/type.JSDoc$JSDocTag.html>`__. Important member predicates of these two classes include:
A JSDoc comment as a whole is represented by an entity of class `JSDoc <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSDoc.qll/type.JSDoc$JSDoc.html>`__, while individual tags are represented by class `JSDocTag <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSDoc.qll/type.JSDoc$JSDocTag.html>`__. Important member predicates of these two classes include:
- ``JSDoc.getDescription()`` returns the descriptive header of the JSDoc comment, if any.
- ``JSDoc.getComment()`` maps the `JSDoc <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSDoc.qll/type.JSDoc$JSDoc.html>`__ entity to its underlying `Comment <https://help.semmle.com/qldoc/javascript/semmle/javascript/Comments.qll/type.Comments$Comment.html>`__ entity.
- ``JSDoc.getComment()`` maps the `JSDoc <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSDoc.qll/type.JSDoc$JSDoc.html>`__ entity to its underlying `Comment <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Comments.qll/type.Comments$Comment.html>`__ entity.
- ``JSDocTag.getATag()`` returns a tag in this JSDoc comment.
- ``JSDocTag.getTitle()`` returns the title of his tag; for instance, an ``@param`` tag has title ``"param"``.
- ``JSDocTag.getName()`` returns the name of the parameter or variable documented by this tag.
- ``JSDocTag.getType()`` returns the type of the parameter or variable documented by this tag.
- ``JSDocTag.getDescription()`` returns the description associated with this tag.
Types in JSDoc comments are represented by the class `JSDocTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSDoc.qll/type.JSDoc$JSDocTypeExpr.html>`__ and its subclasses, which again represent type expressions as abstract syntax trees. Examples of type expressions are `JSDocAnyTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSDoc.qll/type.JSDoc$JSDocAnyTypeExpr.html>`__, representing the "any" type ``*``, or `JSDocNullTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSDoc.qll/type.JSDoc$JSDocNullTypeExpr.html>`__, representing the null type.
Types in JSDoc comments are represented by the class `JSDocTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSDoc.qll/type.JSDoc$JSDocTypeExpr.html>`__ and its subclasses, which again represent type expressions as abstract syntax trees. Examples of type expressions are `JSDocAnyTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSDoc.qll/type.JSDoc$JSDocAnyTypeExpr.html>`__, representing the "any" type ``*``, or `JSDocNullTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSDoc.qll/type.JSDoc$JSDocNullTypeExpr.html>`__, representing the null type.
As an example, here is a query that finds ``@param`` tags that do not specify the name of the documented parameter:
@@ -967,66 +967,66 @@ As an example, here is a query that finds ``@param`` tags that do not specify th
`See this in the query console on LGTM.com <https://lgtm.com/query/673060054/>`__. Of the LGTM.com demo projects analyzed, only *Semantic-Org/Semantic-UI* has an example where the ``@param`` tag omits the name.
For full details on these and other classes representing JSDoc comments and type expressions, see `the API documentation <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSDoc.qll/module.JSDoc.html>`__.
For full details on these and other classes representing JSDoc comments and type expressions, see `the API documentation <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSDoc.qll/module.JSDoc.html>`__.
JSX
^^^
The ``semmle.javascript.JSX`` library provides support for working with `JSX code <https://facebook.github.io/react/docs/jsx-in-depth.html>`__.
Similar to the representation of HTML documents, JSX fragments are modeled as a tree of `JSXElement <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSX.qll/type.JSX$JSXElement.html>`__\ s, each of which may have zero or more `JSXAttribute <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSX.qll/type.JSX$JSXAttribute.html>`__\ s.
Similar to the representation of HTML documents, JSX fragments are modeled as a tree of `JSXElement <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSX.qll/type.JSX$JSXElement.html>`__\ s, each of which may have zero or more `JSXAttribute <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSX.qll/type.JSX$JSXAttribute.html>`__\ s.
However, unlike HTML, JSX is interleaved with JavaScript, hence `JSXElement <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSX.qll/type.JSX$JSXElement.html>`__ is a subclass of `Expr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__. Like ``HTML::Element``, it has predicates ``getAttribute(i)`` and ``getAttributeByName(n)`` to look up attributes of a JSX element. Its body elements can be accessed by predicate ``getABodyElement()``; note that the results of this predicate are arbitrary expressions, which may either be further `JSXElement <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSX.qll/type.JSX$JSXElement.html>`__\ s, or other expressions that are interpolated into the body of the outer element.
However, unlike HTML, JSX is interleaved with JavaScript, hence `JSXElement <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSX.qll/type.JSX$JSXElement.html>`__ is a subclass of `Expr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$Expr.html>`__. Like ``HTML::Element``, it has predicates ``getAttribute(i)`` and ``getAttributeByName(n)`` to look up attributes of a JSX element. Its body elements can be accessed by predicate ``getABodyElement()``; note that the results of this predicate are arbitrary expressions, which may either be further `JSXElement <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSX.qll/type.JSX$JSXElement.html>`__\ s, or other expressions that are interpolated into the body of the outer element.
`JSXAttribute <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSX.qll/type.JSX$JSXAttribute.html>`__, again not unlike ``HTML::Attribute``, has predicates ``getName()`` and ``getValue()`` to access the attribute name and value.
`JSXAttribute <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSX.qll/type.JSX$JSXAttribute.html>`__, again not unlike ``HTML::Attribute``, has predicates ``getName()`` and ``getValue()`` to access the attribute name and value.
JSON
^^^^
The ``semmle.javascript.JSON`` library provides support for working with `JSON <http://json.org/>`__ files that were processed by the JavaScript extractor when building the CodeQL database.
JSON files are modeled as trees of JSON values. Each JSON value is represented by an entity of class `JSONValue <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSON.qll/type.JSON$JSONValue.html>`__, which provides the following member predicates:
JSON files are modeled as trees of JSON values. Each JSON value is represented by an entity of class `JSONValue <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSON.qll/type.JSON$JSONValue.html>`__, which provides the following member predicates:
- ``JSONValue.getParent()`` returns the JSON object or array in which this value occurs.
- ``JSONValue.getChild(i)`` returns the ``i``\ th child of this JSON object or array.
Note that `JSONValue <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSON.qll/type.JSON$JSONValue.html>`__ is a subclass of `Locatable <https://help.semmle.com/qldoc/javascript/semmle/javascript/Locations.qll/type.Locations$Locatable.html>`__, so the usual member predicates of `Locatable <https://help.semmle.com/qldoc/javascript/semmle/javascript/Locations.qll/type.Locations$Locatable.html>`__ can be used to determine the file in which a JSON value appears, and its location within that file.
Note that `JSONValue <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSON.qll/type.JSON$JSONValue.html>`__ is a subclass of `Locatable <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Locations.qll/type.Locations$Locatable.html>`__, so the usual member predicates of `Locatable <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Locations.qll/type.Locations$Locatable.html>`__ can be used to determine the file in which a JSON value appears, and its location within that file.
Class `JSONValue <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSON.qll/type.JSON$JSONValue.html>`__ has the following subclasses:
Class `JSONValue <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSON.qll/type.JSON$JSONValue.html>`__ has the following subclasses:
- `JSONPrimitiveValue <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSON.qll/type.JSON$JSONPrimitiveValue.html>`__: a JSON-encoded primitive value; use ``JSONPrimitiveValue.getValue()`` to obtain a string representation of the value.
- `JSONPrimitiveValue <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSON.qll/type.JSON$JSONPrimitiveValue.html>`__: a JSON-encoded primitive value; use ``JSONPrimitiveValue.getValue()`` to obtain a string representation of the value.
- `JSONNull <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSON.qll/type.JSON$JSONNull.html>`__, `JSONBoolean <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSON.qll/type.JSON$JSONBoolean.html>`__, `JSONNumber <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSON.qll/type.JSON$JSONNumber.html>`__, `JSONString <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSON.qll/type.JSON$JSONString.html>`__: subclasses of `JSONPrimitiveValue <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSON.qll/type.JSON$JSONPrimitiveValue.html>`__ representing the various kinds of primitive values.
- `JSONNull <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSON.qll/type.JSON$JSONNull.html>`__, `JSONBoolean <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSON.qll/type.JSON$JSONBoolean.html>`__, `JSONNumber <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSON.qll/type.JSON$JSONNumber.html>`__, `JSONString <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSON.qll/type.JSON$JSONString.html>`__: subclasses of `JSONPrimitiveValue <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSON.qll/type.JSON$JSONPrimitiveValue.html>`__ representing the various kinds of primitive values.
- `JSONArray <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSON.qll/type.JSON$JSONArray.html>`__: a JSON-encoded array; use ``JSONArray.getElementValue(i)`` to access the ``i``\ th element of the array.
- `JSONObject <https://help.semmle.com/qldoc/javascript/semmle/javascript/JSON.qll/type.JSON$JSONObject.html>`__: a JSON-encoded object; use ``JSONObject.getValue(n)`` to access the value of property ``n`` of the object.
- `JSONArray <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSON.qll/type.JSON$JSONArray.html>`__: a JSON-encoded array; use ``JSONArray.getElementValue(i)`` to access the ``i``\ th element of the array.
- `JSONObject <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JSON.qll/type.JSON$JSONObject.html>`__: a JSON-encoded object; use ``JSONObject.getValue(n)`` to access the value of property ``n`` of the object.
Regular expressions
^^^^^^^^^^^^^^^^^^^
The ``semmle.javascript.Regexp`` library provides support for working with regular expression literals. The syntactic structure of regular expression literals is represented as an abstract syntax tree of regular expression terms, modeled by the class `RegExpTerm <https://help.semmle.com/qldoc/javascript/semmle/javascript/Regexp.qll/type.Regexp$RegExpTerm.html>`__. Similar to `ASTNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$ASTNode.html>`__, class `RegExpTerm <https://help.semmle.com/qldoc/javascript/semmle/javascript/Regexp.qll/type.Regexp$RegExpTerm.html>`__ provides member predicates ``getParent()`` and ``getChild(i)`` to navigate the structure of the syntax tree.
The ``semmle.javascript.Regexp`` library provides support for working with regular expression literals. The syntactic structure of regular expression literals is represented as an abstract syntax tree of regular expression terms, modeled by the class `RegExpTerm <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Regexp.qll/type.Regexp$RegExpTerm.html>`__. Similar to `ASTNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$ASTNode.html>`__, class `RegExpTerm <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Regexp.qll/type.Regexp$RegExpTerm.html>`__ provides member predicates ``getParent()`` and ``getChild(i)`` to navigate the structure of the syntax tree.
Various subclasses of `RegExpTerm <https://help.semmle.com/qldoc/javascript/semmle/javascript/Regexp.qll/type.Regexp$RegExpTerm.html>`__ model different kinds of regular expression constructs and operators; see `the API documentation <https://help.semmle.com/qldoc/javascript/semmle/javascript/Regexp.qll/module.Regexp.html>`__ for details.
Various subclasses of `RegExpTerm <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Regexp.qll/type.Regexp$RegExpTerm.html>`__ model different kinds of regular expression constructs and operators; see `the API documentation <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Regexp.qll/module.Regexp.html>`__ for details.
YAML
^^^^
The ``semmle.javascript.YAML`` library provides support for working with `YAML <http://yaml.org/>`__ files that were processed by the JavaScript extractor when building the CodeQL database.
YAML files are modeled as trees of YAML nodes. Each YAML node is represented by an entity of class `YAMLNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLNode.html>`__, which provides, among others, the following member predicates:
YAML files are modeled as trees of YAML nodes. Each YAML node is represented by an entity of class `YAMLNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLNode.html>`__, which provides, among others, the following member predicates:
- ``YAMLNode.getParentNode()`` returns the YAML collection in which this node is syntactically nested.
- ``YAMLNode.getChildNode(i)`` returns the ``i``\ th child node of this node, ``YAMLNode.getAChildNode()`` returns any child node of this node.
- ``YAMLNode.getTag()`` returns the tag of this YAML node.
- ``YAMLNode.getAnchor()`` returns the anchor associated with this YAML node, if any.
- ``YAMLNode.eval()`` returns the `YAMLValue <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLValue.html>`__ this YAML node evaluates to after resolving aliases and includes.
- ``YAMLNode.eval()`` returns the `YAMLValue <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLValue.html>`__ this YAML node evaluates to after resolving aliases and includes.
The various kinds of scalar values available in YAML are represented by classes `YAMLInteger <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLInteger.html>`__, `YAMLFloat <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLFloat.html>`__, `YAMLTimestamp <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLTimestamp.html>`__, `YAMLBool <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLBool.html>`__, `YAMLNull <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLNull.html>`__ and `YAMLString <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLString.html>`__. Their common superclass is `YAMLScalar <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLScalar.html>`__, which has a member predicate ``getValue()`` to obtain the value of a scalar as a
The various kinds of scalar values available in YAML are represented by classes `YAMLInteger <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLInteger.html>`__, `YAMLFloat <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLFloat.html>`__, `YAMLTimestamp <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLTimestamp.html>`__, `YAMLBool <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLBool.html>`__, `YAMLNull <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLNull.html>`__ and `YAMLString <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLString.html>`__. Their common superclass is `YAMLScalar <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLScalar.html>`__, which has a member predicate ``getValue()`` to obtain the value of a scalar as a
string.
`YAMLMapping <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLMapping.html>`__ and `YAMLSequence <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLSequence.html>`__ represent mappings and sequences, respectively, and are subclasses of `YAMLCollection <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLCollection.html>`__.
`YAMLMapping <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLMapping.html>`__ and `YAMLSequence <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLSequence.html>`__ represent mappings and sequences, respectively, and are subclasses of `YAMLCollection <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLCollection.html>`__.
Alias nodes are represented by class `YAMLAliasNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLAliasNode.html>`__, while `YAMLMergeKey <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLMergeKey.html>`__ and `YAMLInclude <https://help.semmle.com/qldoc/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLInclude.html>`__ represent merge keys and ``!include`` directives, respectively.
Alias nodes are represented by class `YAMLAliasNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLAliasNode.html>`__, while `YAMLMergeKey <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLMergeKey.html>`__ and `YAMLInclude <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/YAML.qll/type.YAML$YAMLInclude.html>`__ represent merge keys and ``!include`` directives, respectively.
Predicate ``YAMLMapping.maps(key, value)`` models the key-value relation represented by a mapping, taking merge keys into account.

24
docs/codeql/codeql-language-guides/codeql-library-for-python.rst
View File

@@ -31,7 +31,7 @@ This part of the library represents the Python source code. The ``Module``, ``Cl
Scope
^^^^^
A Python program is a group of modules. Technically a module is just a list of statements, but we often think of it as composed of classes and functions. These top-level entities, the module, class, and function are represented by the three CodeQL classes `Module <https://help.semmle.com/qldoc/python/semmle/python/Module.qll/type.Module$Module.html>`__, `Class <https://help.semmle.com/qldoc/python/semmle/python/Class.qll/type.Class$Class.html>`__ and `Function <https://help.semmle.com/qldoc/python/semmle/python/Function.qll/type.Function$Function.html>`__ which are all subclasses of ``Scope``.
A Python program is a group of modules. Technically a module is just a list of statements, but we often think of it as composed of classes and functions. These top-level entities, the module, class, and function are represented by the three CodeQL classes `Module <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/Module.qll/type.Module$Module.html>`__, `Class <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/Class.qll/type.Class$Class.html>`__ and `Function <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/Function.qll/type.Function$Function.html>`__ which are all subclasses of ``Scope``.
- ``Scope``
@@ -54,7 +54,7 @@ All scopes are basically a list of statements, although ``Scope`` classes have a
Statement
^^^^^^^^^
A statement is represented by the `Stmt <https://help.semmle.com/qldoc/python/semmle/python/Stmts.qll/type.Stmts$Stmt.html>`__ class which has about 20 subclasses representing the various kinds of statements, such as the ``Pass`` statement, the ``Return`` statement or the ``For`` statement. Statements are usually made up of parts. The most common of these is the expression, represented by the ``Expr`` class. For example, take the following Python ``for`` statement:
A statement is represented by the `Stmt <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/Stmts.qll/type.Stmts$Stmt.html>`__ class which has about 20 subclasses representing the various kinds of statements, such as the ``Pass`` statement, the ``Return`` statement or the ``For`` statement. Statements are usually made up of parts. The most common of these is the expression, represented by the ``Expr`` class. For example, take the following Python ``for`` statement:
.. code-block:: python
@@ -63,7 +63,7 @@ A statement is represented by the `Stmt <https://help.semmle.com/qldoc/python/se
else:
return 0
The `For <https://help.semmle.com/qldoc/python/semmle/python/Stmts.qll/type.Stmts$For.html>`__ class representing the ``for`` statement has a number of member predicates to access its parts:
The `For <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/Stmts.qll/type.Stmts$For.html>`__ class representing the ``for`` statement has a number of member predicates to access its parts:
- ``getTarget()`` returns the ``Expr`` representing the variable ``var``.
- ``getIter()`` returns the ``Expr`` resenting the variable ``seq``.
@@ -74,7 +74,7 @@ The `For <https://help.semmle.com/qldoc/python/semmle/python/Stmts.qll/type.Stmt
Expression
^^^^^^^^^^
Most statements are made up of expressions. The `Expr <https://help.semmle.com/qldoc/python/semmle/python/Exprs.qll/type.Exprs$Expr.html>`__ class is the superclass of all expression classes, of which there are about 30 including calls, comprehensions, tuples, lists and arithmetic operations. For example, the Python expression ``a+2`` is represented by the ``BinaryExpr`` class:
Most statements are made up of expressions. The `Expr <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/Exprs.qll/type.Exprs$Expr.html>`__ class is the superclass of all expression classes, of which there are about 30 including calls, comprehensions, tuples, lists and arithmetic operations. For example, the Python expression ``a+2`` is represented by the ``BinaryExpr`` class:
- ``getLeft()`` returns the ``Expr`` representing the ``a``.
- ``getRight()`` returns the ``Expr`` representing the ``2``.
@@ -96,12 +96,12 @@ As an example, to find expressions of the form ``a+2`` where the left is a simpl
Variable
^^^^^^^^
Variables are represented by the `Variable <https://help.semmle.com/qldoc/python/semmle/python/Variables.qll/type.Variables$Variable.html>`__ class in the CodeQL library. There are two subclasses, ``LocalVariable`` for function-level and class-level variables and ``GlobalVariable`` for module-level variables.
Variables are represented by the `Variable <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/Variables.qll/type.Variables$Variable.html>`__ class in the CodeQL library. There are two subclasses, ``LocalVariable`` for function-level and class-level variables and ``GlobalVariable`` for module-level variables.
Other source code elements
^^^^^^^^^^^^^^^^^^^^^^^^^^
Although the meaning of the program is encoded by the syntactic elements, ``Scope``, ``Stmt`` and ``Expr`` there are some parts of the source code not covered by the abstract syntax tree. The most useful of these is the `Comment <https://help.semmle.com/qldoc/python/semmle/python/Comment.qll/type.Comment$Comment.html>`__ class which describes comments in the source code.
Although the meaning of the program is encoded by the syntactic elements, ``Scope``, ``Stmt`` and ``Expr`` there are some parts of the source code not covered by the abstract syntax tree. The most useful of these is the `Comment <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/Comment.qll/type.Comment$Comment.html>`__ class which describes comments in the source code.
Examples
^^^^^^^^
@@ -160,7 +160,7 @@ Summary
The most commonly used standard classes in the syntactic part of the library are organized as follows:
``Module``, ``Class``, ``Function``, ``Stmt``, and ``Expr`` - they are all subclasses of `AstNode <https://help.semmle.com/qldoc/python/semmle/python/AstExtended.qll/type.AstExtended$AstNode.html>`__.
``Module``, ``Class``, ``Function``, ``Stmt``, and ``Expr`` - they are all subclasses of `AstNode <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/AstExtended.qll/type.AstExtended$AstNode.html>`__.
Abstract syntax tree
''''''''''''''''''''
@@ -287,8 +287,8 @@ Summary
The classes in the control-flow part of the library are:
- `ControlFlowNode <https://help.semmle.com/qldoc/python/semmle/python/Flow.qll/type.Flow$ControlFlowNode.html>`__ A control-flow node. There is a one-to-many relation between AST nodes and control-flow nodes.
- `BasicBlock <https://help.semmle.com/qldoc/python/semmle/python/Flow.qll/type.Flow$BasicBlock.html>`__ A non branching list of control-flow nodes.
- `ControlFlowNode <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/Flow.qll/type.Flow$ControlFlowNode.html>`__ A control-flow node. There is a one-to-many relation between AST nodes and control-flow nodes.
- `BasicBlock <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/Flow.qll/type.Flow$BasicBlock.html>`__ A non branching list of control-flow nodes.
Type-inference classes
@@ -316,7 +316,7 @@ For example, which ``ClassValue``\ s are iterable can be determined using the qu
Summary
^^^^^^^
- `Value <https://help.semmle.com/qldoc/python/semmle/python/objects/ObjectAPI.qll/type.ObjectAPI$Value.html>`__
- `Value <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/objects/ObjectAPI.qll/type.ObjectAPI$Value.html>`__
- ``ClassValue``
- ``CallableValue``
@@ -333,8 +333,8 @@ The CodeQL library for Python also supplies classes to specify taint-tracking an
Summary
^^^^^^^
- `TaintKind <https://help.semmle.com/qldoc/python/semmle/python/dataflow/TaintTracking.qll/type.TaintTracking$TaintKind.html>`__
- `Configuration <https://help.semmle.com/qldoc/python/semmle/python/dataflow/Configuration.qll/type.Configuration$TaintTracking$Configuration.html>`__
- `TaintKind <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/dataflow/TaintTracking.qll/type.TaintTracking$TaintKind.html>`__
- `Configuration <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/dataflow/Configuration.qll/type.Configuration$TaintTracking$Configuration.html>`__
For more information about these classes, see ":doc:`Analyzing data flow and tracking tainted data in Python <analyzing-data-flow-and-tracking-tainted-data-in-python>`."

140
docs/codeql/codeql-language-guides/codeql-library-for-typescript.rst
View File

@@ -19,12 +19,12 @@ Support for analyzing TypeScript code is bundled with the CodeQL libraries for J
Syntax
------
Most syntax in TypeScript is represented in the same way as its JavaScript counterpart. For example, ``a+b`` is represented by an `AddExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/Expr.qll/type.Expr$AddExpr.html>`__; the same as it would be in JavaScript. On the other hand, ``x as number`` is represented by `TypeAssertion <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAssertion.html>`__, a class that is specific to TypeScript.
Most syntax in TypeScript is represented in the same way as its JavaScript counterpart. For example, ``a+b`` is represented by an `AddExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Expr.qll/type.Expr$AddExpr.html>`__; the same as it would be in JavaScript. On the other hand, ``x as number`` is represented by `TypeAssertion <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAssertion.html>`__, a class that is specific to TypeScript.
Type annotations
~~~~~~~~~~~~~~~~
The `TypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeExpr.html>`__ class represents anything that is part of a type annotation.
The `TypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeExpr.html>`__ class represents anything that is part of a type annotation.
Only type annotations that are explicit in the source code occur as a ``TypeExpr``. Types inferred by the TypeScript compiler are ``Type`` entities; for details about this, see the section on `static type information <#static-type-information>`__.
@@ -37,48 +37,48 @@ There are several ways to access type annotations, for example:
- ``VarDecl.getTypeAnnotation()`` (special case of ``BindingPattern.getTypeAnnotation()``)
- ``FieldDeclaration.getTypeAnnotation()``
The `TypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeExpr.html>`__ class provides some convenient member predicates such as ``isString()`` and ``isVoid()`` to recognize commonly used types.
The `TypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeExpr.html>`__ class provides some convenient member predicates such as ``isString()`` and ``isVoid()`` to recognize commonly used types.
The subclasses that represent type annotations are:
- `TypeAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAccess.html>`__: a name referring to a type, such as ``Date`` or ``http.ServerRequest``.
- `TypeAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAccess.html>`__: a name referring to a type, such as ``Date`` or ``http.ServerRequest``.
- `LocalTypeAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalTypeAccess.html>`__: an unqualified name, such as ``Date``.
- `QualifiedTypeAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$QualifiedTypeAccess.html>`__: a name prefixed by a namespace, such as ``http.ServerRequest``.
- `ImportTypeAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ImportTypeAccess.html>`__: an ``import`` used as a type, such as ``import("./foo")``.
- `LocalTypeAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalTypeAccess.html>`__: an unqualified name, such as ``Date``.
- `QualifiedTypeAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$QualifiedTypeAccess.html>`__: a name prefixed by a namespace, such as ``http.ServerRequest``.
- `ImportTypeAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ImportTypeAccess.html>`__: an ``import`` used as a type, such as ``import("./foo")``.
- `PredefinedTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$PredefinedTypeExpr.html>`__: a predefined type, such as ``number``, ``string``, ``void``, or ``any``.
- `ThisTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ThisTypeExpr.html>`__: the ``this`` type.
- `InterfaceTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$InterfaceTypeExpr.html>`__, also known as a literal type, such as ``{x: number}``.
- `FunctionTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$FunctionTypeExpr.html>`__: a type such as ``(x: number) => string``.
- `GenericTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$GenericTypeExpr.html>`__: a named type with type arguments, such as ``Array<string>``.
- `LiteralTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LiteralTypeExpr.html>`__: a string, number, or boolean constant used as a type, such as ``'foo'``.
- `ArrayTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ArrayTypeExpr.html>`__: a type such as ``string[]``.
- `UnionTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$UnionTypeExpr.html>`__: a type such as ``string | number``.
- `IntersectionTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$IntersectionTypeExpr.html>`__: a type such as ``S & T``.
- `IndexedAccessTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$IndexedAccessTypeExpr.html>`__: a type such as ``T[K]``.
- `ParenthesizedTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ParenthesizedTypeExpr.html>`__: a type such as ``(string)``.
- `TupleTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TupleTypeExpr.html>`__: a type such as ``[string, number]``.
- `KeyofTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$KeyofTypeExpr.html>`__: a type such as ``keyof T``.
- `TypeofTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeofTypeExpr.html>`__: a type such as ``typeof x``.
- `IsTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$IsTypeExpr.html>`__: a type such as ``x is string``.
- `MappedTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$MappedTypeExpr.html>`__: a type such as ``{ [K in C]: T }``.
- `PredefinedTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$PredefinedTypeExpr.html>`__: a predefined type, such as ``number``, ``string``, ``void``, or ``any``.
- `ThisTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ThisTypeExpr.html>`__: the ``this`` type.
- `InterfaceTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$InterfaceTypeExpr.html>`__, also known as a literal type, such as ``{x: number}``.
- `FunctionTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$FunctionTypeExpr.html>`__: a type such as ``(x: number) => string``.
- `GenericTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$GenericTypeExpr.html>`__: a named type with type arguments, such as ``Array<string>``.
- `LiteralTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LiteralTypeExpr.html>`__: a string, number, or boolean constant used as a type, such as ``'foo'``.
- `ArrayTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ArrayTypeExpr.html>`__: a type such as ``string[]``.
- `UnionTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$UnionTypeExpr.html>`__: a type such as ``string | number``.
- `IntersectionTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$IntersectionTypeExpr.html>`__: a type such as ``S & T``.
- `IndexedAccessTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$IndexedAccessTypeExpr.html>`__: a type such as ``T[K]``.
- `ParenthesizedTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ParenthesizedTypeExpr.html>`__: a type such as ``(string)``.
- `TupleTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TupleTypeExpr.html>`__: a type such as ``[string, number]``.
- `KeyofTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$KeyofTypeExpr.html>`__: a type such as ``keyof T``.
- `TypeofTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeofTypeExpr.html>`__: a type such as ``typeof x``.
- `IsTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$IsTypeExpr.html>`__: a type such as ``x is string``.
- `MappedTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$MappedTypeExpr.html>`__: a type such as ``{ [K in C]: T }``.
There are some subclasses that may be part of a type annotation, but are not themselves types:
- `TypeParameter <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeParameter.html>`__: a type parameter declared on a type or function, such as ``T`` in ``class C<T> {}``.
- `NamespaceAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceAccess.html>`__: a name referring to a namespace from inside a type, such as ``http`` in ``http.ServerRequest``.
- `TypeParameter <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeParameter.html>`__: a type parameter declared on a type or function, such as ``T`` in ``class C<T> {}``.
- `NamespaceAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceAccess.html>`__: a name referring to a namespace from inside a type, such as ``http`` in ``http.ServerRequest``.
- `LocalNamespaceAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalNamespaceAccess.html>`__: the initial identifier in a prefix, such as ``http`` in ``http.ServerRequest``.
- `QualifiedNamespaceAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$QualifiedNamespaceAccess.html>`__: a qualified name in a prefix, such as ``net.client`` in ``net.client.Connection``.
- `ImportNamespaceAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ImportNamespaceAccess.html>`__: an ``import`` used as a namespace in a type, such as in ``import("http").ServerRequest``.
- `LocalNamespaceAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalNamespaceAccess.html>`__: the initial identifier in a prefix, such as ``http`` in ``http.ServerRequest``.
- `QualifiedNamespaceAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$QualifiedNamespaceAccess.html>`__: a qualified name in a prefix, such as ``net.client`` in ``net.client.Connection``.
- `ImportNamespaceAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ImportNamespaceAccess.html>`__: an ``import`` used as a namespace in a type, such as in ``import("http").ServerRequest``.
- `VarTypeAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$VarTypeAccess.html>`__: a reference to a value from inside a type, such as ``x`` in ``typeof x`` or ``x is string``.
- `VarTypeAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$VarTypeAccess.html>`__: a reference to a value from inside a type, such as ``x`` in ``typeof x`` or ``x is string``.
Function signatures
~~~~~~~~~~~~~~~~~~~
The `Function <https://help.semmle.com/qldoc/javascript/semmle/javascript/Functions.qll/type.Functions$Function.html>`__ class is a broad class that includes both concrete functions and function signatures.
The `Function <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Functions.qll/type.Functions$Function.html>`__ class is a broad class that includes both concrete functions and function signatures.
Function signatures can take several forms:
@@ -94,7 +94,7 @@ We recommend that you use the predicate ``Function.hasBody()`` to distinguish co
Type parameters
~~~~~~~~~~~~~~~
The `TypeParameter <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeParameter.html>`__ class represents type parameters, and the `TypeParameterized <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeParameterized.html>`__ class represents entities that can declare type parameters. Classes, interfaces, type aliases, functions, and mapped type expressions are all ``TypeParameterized``.
The `TypeParameter <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeParameter.html>`__ class represents type parameters, and the `TypeParameterized <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeParameterized.html>`__ class represents entities that can declare type parameters. Classes, interfaces, type aliases, functions, and mapped type expressions are all ``TypeParameterized``.
You can access type parameters using the following predicates:
@@ -104,7 +104,7 @@ You can access type parameters using the following predicates:
You can access type arguments using the following predicates:
- ``GenericTypeExpr.getTypeArgument(n)`` gets the ``n``\ th type argument of a type.
- ``TypeAccess.getTypeArgument(n)`` is a convenient alternative for the above (a `TypeAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAccess.html>`__ with type arguments is wrapped in a `GenericTypeExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$GenericTypeExpr.html>`__).
- ``TypeAccess.getTypeArgument(n)`` is a convenient alternative for the above (a `TypeAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAccess.html>`__ with type arguments is wrapped in a `GenericTypeExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$GenericTypeExpr.html>`__).
- ``InvokeExpr.getTypeArgument(n)`` gets the ``n``\ th type argument of a call.
- ``ExpressionWithTypeArguments.getTypeArgument(n)`` gets the ``n``\ th type argument of a generic superclass expression.
@@ -128,7 +128,7 @@ Select expressions that cast a value to a type parameter:
Classes and interfaces
~~~~~~~~~~~~~~~~~~~~~~
The CodeQL class `ClassOrInterface <https://help.semmle.com/qldoc/javascript/semmle/javascript/Classes.qll/type.Classes$ClassOrInterface.html>`__ is a common supertype of classes and interfaces, and provides some TypeScript-specific member predicates:
The CodeQL class `ClassOrInterface <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Classes.qll/type.Classes$ClassOrInterface.html>`__ is a common supertype of classes and interfaces, and provides some TypeScript-specific member predicates:
- ``ClassOrInterface.isAbstract()`` holds if this is an interface or a class with the ``abstract`` modifier.
- ``ClassOrInterface.getASuperInterface()`` gets a type from the ``implements`` clause of a class or from the ``extends`` clause of an interface.
@@ -136,7 +136,7 @@ The CodeQL class `ClassOrInterface <https://help.semmle.com/qldoc/javascript/sem
- ``ClassOrInterface.getAnIndexSignature()`` gets an index signature, such as in ``{ [key: string]: number }``.
- ``ClassOrInterface.getATypeParameter()`` gets a declared type parameter (special case of ``TypeParameterized.getATypeParameter()``).
Note that the superclass of a class is an expression, not a type annotation. If the superclass has type arguments, it will be an expression of kind `ExpressionWithTypeArguments <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExpressionWithTypeArguments.html>`__.
Note that the superclass of a class is an expression, not a type annotation. If the superclass has type arguments, it will be an expression of kind `ExpressionWithTypeArguments <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExpressionWithTypeArguments.html>`__.
Also see the documentation for classes in the "`CodeQL libraries for JavaScript <introduce-libraries-js#classes>`__."
@@ -147,25 +147,25 @@ Statements
The following are TypeScript-specific statements:
- `NamespaceDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceDeclaration.html>`__: a statement such as ``namespace M {}``.
- `EnumDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$EnumDeclaration.html>`__: a statement such as ``enum Color { red, green, blue }``.
- `TypeAliasDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAliasDeclaration.html>`__: a statement such as ``type A = number``.
- `InterfaceDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$InterfaceDeclaration.html>`__: a statement such as ``interface Point { x: number; y: number; }``.
- `ImportEqualsDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ImportEqualsDeclaration.html>`__: a statement such as ``import fs = require("fs")``.
- `ExportAssignDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExportAssignDeclaration.html>`__: a statement such as ``export = M``.
- `ExportAsNamespaceDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExportAsNamespaceDeclaration.html>`__: a statement such as ``export as namespace M``.
- `ExternalModuleDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExternalModuleDeclaration.html>`__: a statement such as ``module "foo" {}``.
- `GlobalAugmentationDeclaration <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$GlobalAugmentationDeclaration.html>`__: a statement such as ``global {}``
- `NamespaceDeclaration <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceDeclaration.html>`__: a statement such as ``namespace M {}``.
- `EnumDeclaration <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$EnumDeclaration.html>`__: a statement such as ``enum Color { red, green, blue }``.
- `TypeAliasDeclaration <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAliasDeclaration.html>`__: a statement such as ``type A = number``.
- `InterfaceDeclaration <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$InterfaceDeclaration.html>`__: a statement such as ``interface Point { x: number; y: number; }``.
- `ImportEqualsDeclaration <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ImportEqualsDeclaration.html>`__: a statement such as ``import fs = require("fs")``.
- `ExportAssignDeclaration <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExportAssignDeclaration.html>`__: a statement such as ``export = M``.
- `ExportAsNamespaceDeclaration <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExportAsNamespaceDeclaration.html>`__: a statement such as ``export as namespace M``.
- `ExternalModuleDeclaration <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExternalModuleDeclaration.html>`__: a statement such as ``module "foo" {}``.
- `GlobalAugmentationDeclaration <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$GlobalAugmentationDeclaration.html>`__: a statement such as ``global {}``
Expressions
~~~~~~~~~~~
The following are TypeScript-specific expressions:
- `ExpressionWithTypeArguments <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExpressionWithTypeArguments.html>`__: occurs when the ``extends`` clause of a class has type arguments, such as in ``class C extends D<string>``.
- `TypeAssertion <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAssertion.html>`__: asserts that a value has a given type, such as ``x as number`` or ``<number> x``.
- `NonNullAssertion <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NonNullAssertion.html>`__: asserts that a value is not null or undefined, such as ``x!``.
- `ExternalModuleReference <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExternalModuleReference.html>`__: a ``require`` call on the right-hand side of an import-assign, such as ``import fs = require("fs")``.
- `ExpressionWithTypeArguments <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExpressionWithTypeArguments.html>`__: occurs when the ``extends`` clause of a class has type arguments, such as in ``class C extends D<string>``.
- `TypeAssertion <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAssertion.html>`__: asserts that a value has a given type, such as ``x as number`` or ``<number> x``.
- `NonNullAssertion <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NonNullAssertion.html>`__: asserts that a value is not null or undefined, such as ``x!``.
- `ExternalModuleReference <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$ExternalModuleReference.html>`__: a ``require`` call on the right-hand side of an import-assign, such as ``import fs = require("fs")``.
Ambient declarations
~~~~~~~~~~~~~~~~~~~~
@@ -181,16 +181,10 @@ Static type information
Static type information and global name binding is available for projects with "full" TypeScript extraction enabled. This option is enabled by default for projects on LGTM.com and when you create databases with the :ref:`CodeQL CLI <codeql-cli>`.
.. pull-quote:: Note
If you are using the `legacy QL command-line tools <https://help.semmle.com/wiki/display/SD/QL+command-line+tools>`__, you must enable full TypeScript extraction by passing ``--typescript-full`` to the JavaScript extractor. For further information on customizing calls to the extractor, see `Customizing JavaScript extraction <https://help.semmle.com/wiki/display/SD/Customizing+JavaScript+extraction>`__.
Without full extraction, the classes and predicates described in this section are empty.
Basic usage
~~~~~~~~~~~
The `Type <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$Type.html>`__ class represents a static type, such as ``number`` or ``string``. The type of an expression can be obtained with ``Expr.getType()``.
The `Type <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$Type.html>`__ class represents a static type, such as ``number`` or ``string``. The type of an expression can be obtained with ``Expr.getType()``.
Types that refer to a specific named type can be recognized in various ways:
@@ -343,7 +337,7 @@ Name binding
In TypeScript, names can refer to variables, types, and namespaces, or a combination of these.
These concepts are modeled as distinct entities: `Variable <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__, `TypeName <https://help.semmle.com/qldoc/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$TypeName.html>`__, and `Namespace <https://help.semmle.com/qldoc/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$Namespace.html>`__. For example, the class ``C`` below introduces both a variable and a type:
These concepts are modeled as distinct entities: `Variable <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__, `TypeName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$TypeName.html>`__, and `Namespace <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$Namespace.html>`__. For example, the class ``C`` below introduces both a variable and a type:
.. code-block:: typescript
@@ -351,7 +345,7 @@ These concepts are modeled as distinct entities: `Variable <https://help.semmle.
let x = C; // refers to the variable C
let y: C; // refers to the type C
The variable ``C`` and the type ``C`` are modeled as distinct entities. One is a `Variable <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__, the other is a `TypeName <https://help.semmle.com/qldoc/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$TypeName.html>`__.
The variable ``C`` and the type ``C`` are modeled as distinct entities. One is a `Variable <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__, the other is a `TypeName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$TypeName.html>`__.
TypeScript also allows you to import types and namespaces, and give them local names in different scopes. For example, the import below introduces a local type name ``B``:
@@ -359,33 +353,33 @@ TypeScript also allows you to import types and namespaces, and give them local n
import {C as B} from "./foo"
The local name ``B`` is represented as a `LocalTypeName <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalTypeName.html>`__ named ``B``, restricted to just the file containing the import. An import statement can also introduce a `Variable <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__ and a `LocalNamespaceName <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalNamespaceName.html>`__.
The local name ``B`` is represented as a `LocalTypeName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalTypeName.html>`__ named ``B``, restricted to just the file containing the import. An import statement can also introduce a `Variable <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__ and a `LocalNamespaceName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalNamespaceName.html>`__.
The following table shows the relevant classes for working with each kind of name. The classes are described in more detail below.
+-----------+------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
| Kind | Local alias | Canonical name | Definition | Access |
+===========+================================================================================================================================================+======================================================================================================================================+===================================================================================================================================================+==========================================================================================================================================+
| Value | `Variable <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__ | | | `VarAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html>`__ |
+-----------+------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
| Type | `LocalTypeName <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalTypeName.html>`__ | `TypeName <https://help.semmle.com/qldoc/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$TypeName.html>`__ | `TypeDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeDefinition.html>`__ | `TypeAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAccess.html>`__ |
+-----------+------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
| Namespace | `LocalNamespaceName <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalNamespaceName.html>`__ | `Namespace <https://help.semmle.com/qldoc/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$Namespace.html>`__ | `NamespaceDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceDeclaration.html>`__ | `NamespaceAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceAccess.html>`__ |
+-----------+------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
+-----------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Kind | Local alias | Canonical name | Definition | Access |
+===========+==================================================================================================================================================================+========================================================================================================================================================+=====================================================================================================================================================================+============================================================================================================================================================+
| Value | `Variable <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$Variable.html>`__ | | | `VarAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Variables.qll/type.Variables$VarAccess.html>`__ |
+-----------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Type | `LocalTypeName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalTypeName.html>`__ | `TypeName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$TypeName.html>`__ | `TypeDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeDefinition.html>`__ | `TypeAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeAccess.html>`__ |
+-----------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Namespace | `LocalNamespaceName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalNamespaceName.html>`__ | `Namespace <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$Namespace.html>`__ | `NamespaceDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceDeclaration.html>`__ | `NamespaceAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceAccess.html>`__ |
+-----------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------+
**Note:** ``TypeName`` and ``Namespace`` are only populated if the database is generated using full TypeScript extraction. ``LocalTypeName`` and ``LocalNamespaceName`` are always populated.
Type names
~~~~~~~~~~
A `TypeName <https://help.semmle.com/qldoc/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$TypeName.html>`__ is a qualified name for a type and is not bound to a specific lexical scope. The `TypeDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeDefinition.html>`__ class represents an entity that defines a type, namely a class, interface, type alias, enum, or enum member. The relevant predicates for working with type names are:
A `TypeName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$TypeName.html>`__ is a qualified name for a type and is not bound to a specific lexical scope. The `TypeDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$TypeDefinition.html>`__ class represents an entity that defines a type, namely a class, interface, type alias, enum, or enum member. The relevant predicates for working with type names are:
- ``TypeAccess.getTypeName()`` gets the qualified name being referenced (if any).
- ``TypeDefinition.getTypeName()`` gets the qualified name of a class, interface, type alias, enum, or enum member.
- ``TypeName.getAnAccess()``, gets an access to a given type.
- ``TypeName.getADefinition()``, get a definition of a given type. Note that interfaces can have multiple definitions.
A `LocalTypeName <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalTypeName.html>`__ behaves like a block-scoped variable, that is, it has an unqualified name and is restricted to a specific scope. The relevant predicates are:
A `LocalTypeName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalTypeName.html>`__ behaves like a block-scoped variable, that is, it has an unqualified name and is restricted to a specific scope. The relevant predicates are:
- ``LocalTypeAccess.getLocalTypeName()`` gets the local name referenced by an unqualified type access.
- ``LocalTypeName.getAnAccess()`` gets an access to a local type name.
@@ -397,7 +391,7 @@ Examples
Find references that omit type arguments to a generic type.
It is best to use `TypeName <https://help.semmle.com/qldoc/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$TypeName.html>`__ to resolve through imports and qualified names:
It is best to use `TypeName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$TypeName.html>`__ to resolve through imports and qualified names:
.. code-block:: ql
@@ -427,11 +421,11 @@ Find imported names that are used as both a type and a value:
Namespace names
~~~~~~~~~~~~~~~
Namespaces are represented by the classes `Namespace <https://help.semmle.com/qldoc/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$Namespace.html>`__ and `LocalNamespaceName <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalNamespaceName.html>`__. The `NamespaceDefinition <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceDefinition.html>`__ class represents a syntactic definition of a namespace, which includes ordinary namespace declarations as well as enum declarations.
Namespaces are represented by the classes `Namespace <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$Namespace.html>`__ and `LocalNamespaceName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalNamespaceName.html>`__. The `NamespaceDefinition <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$NamespaceDefinition.html>`__ class represents a syntactic definition of a namespace, which includes ordinary namespace declarations as well as enum declarations.
Note that these classes deal exclusively with namespaces referenced from inside type annotations, not through expressions.
A `Namespace <https://help.semmle.com/qldoc/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$Namespace.html>`__ is a qualified name for a namespace, and is not bound to a specific scope. The relevant predicates for working with namespaces are:
A `Namespace <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/CanonicalNames.qll/type.CanonicalNames$Namespace.html>`__ is a qualified name for a namespace, and is not bound to a specific scope. The relevant predicates for working with namespaces are:
- ``NamespaceAccess.getNamespace()`` gets the namespace being referenced by a namespace access.
- ``NamespaceDefinition.getNamespace()`` gets the namespace defined by a namespace or enum declaration.
@@ -439,9 +433,9 @@ A `Namespace <https://help.semmle.com/qldoc/javascript/semmle/javascript/Canonic
- ``Namespace.getADefinition()`` gets a definition of this namespace. Note that namespaces can have multiple definitions.
- ``Namespace.getNamespaceMember(name)`` gets an inner namespace with a given name.
- ``Namespace.getTypeMember(name)`` gets a type exported under a given name.
- ``Namespace.getAnExportingContainer()`` gets a `StmtContainer <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/type.AST$StmtContainer.html>`__ whose exports contribute to this namespace. This can be a the body of a namespace declaration or the top-level of a module. Enums have no exporting containers.
- ``Namespace.getAnExportingContainer()`` gets a `StmtContainer <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/type.AST$StmtContainer.html>`__ whose exports contribute to this namespace. This can be a the body of a namespace declaration or the top-level of a module. Enums have no exporting containers.
A `LocalNamespaceName <https://help.semmle.com/qldoc/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalNamespaceName.html>`__ behaves like a block-scoped variable, that is, it has an unqualified name and is restricted to a specific scope. The relevant predicates are:
A `LocalNamespaceName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/TypeScript.qll/type.TypeScript$LocalNamespaceName.html>`__ behaves like a block-scoped variable, that is, it has an unqualified name and is restricted to a specific scope. The relevant predicates are:
- ``LocalNamespaceAccess.getLocalNamespaceName()`` gets the local name referenced by an identifier.
- ``LocalNamespaceName.getAnAccess()`` gets an identifier that refers to this local name.

2
docs/codeql/codeql-language-guides/conversions-and-classes-in-cpp.rst
View File

@@ -10,7 +10,7 @@ Conversions
In C and C++, conversions change the type of an expression. They may be implicit conversions generated by the compiler, or explicit conversions requested by the user.
Let's take a look at the `Conversion <https://help.semmle.com/qldoc/cpp/semmle/code/cpp/exprs/Cast.qll/type.Cast$Conversion.html>`__ class in the standard library:
Let's take a look at the `Conversion <https://codeql.github.com/codeql-standard-libraries/cpp/semmle/code/cpp/exprs/Cast.qll/type.Cast$Conversion.html>`__ class in the standard library:
- ``Expr``

182
docs/codeql/codeql-language-guides/data-flow-cheat-sheet-for-javascript.rst
View File

@@ -32,9 +32,9 @@ Use the following template to create a taint tracking path query:
This query reports flow paths which:
- Begin at a node matched by `isSource <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Configuration.qll/predicate.Configuration$Configuration$isSource.1.html>`__.
- Step through variables, function calls, properties, strings, arrays, promises, exceptions, and steps added by `isAdditionalTaintStep <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/TaintTracking.qll/predicate.TaintTracking$TaintTracking$Configuration$isAdditionalTaintStep.2.html>`__.
- End at a node matched by `isSink <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Configuration.qll/predicate.Configuration$Configuration$isSink.1.html>`__.
- Begin at a node matched by `isSource <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Configuration.qll/predicate.Configuration$Configuration$isSource.1.html>`__.
- Step through variables, function calls, properties, strings, arrays, promises, exceptions, and steps added by `isAdditionalTaintStep <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/TaintTracking.qll/predicate.TaintTracking$TaintTracking$Configuration$isAdditionalTaintStep.2.html>`__.
- End at a node matched by `isSink <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Configuration.qll/predicate.Configuration$Configuration$isSink.1.html>`__.
See also: "`Global data flow <analyzing-data-flow-in-javascript.html#global-data-flow>`__" and ":ref:`Creating path queries <creating-path-queries>`."
@@ -45,101 +45,101 @@ Use data flow nodes to match program elements independently of syntax. See also:
Predicates in the ``DataFlow::`` module:
- `moduleImport <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$moduleImport.1.html>`__ -- finds uses of a module
- `moduleMember <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$moduleMember.2.html>`__ -- finds uses of a module member
- `globalVarRef <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$globalVarRef.1.html>`__ -- finds uses of a global variable
- `moduleImport <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$moduleImport.1.html>`__ -- finds uses of a module
- `moduleMember <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$moduleMember.2.html>`__ -- finds uses of a module member
- `globalVarRef <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$globalVarRef.1.html>`__ -- finds uses of a global variable
Classes and member predicates in the ``DataFlow::`` module:
- `Node <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$Node.html>`__ -- something that can have a value, such as an expression, declaration, or SSA variable
- `getALocalSource <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$getALocalSource.0.html>`__ -- find the node that this came from
- `getTopLevel <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$getTopLevel.0.html>`__ -- top-level scope enclosing this node
- `getFile <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$getFile.0.html>`__ -- file containing this node
- `getIntValue <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$getIntValue.0.html>`__ -- value of this node if it's is an integer constant
- `getStringValue <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$getStringValue.0.html>`__ -- value of this node if it's is a string constant
- `mayHaveBooleanValue <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$mayHaveBooleanValue.1.html>`__ -- check if the value is ``true`` or ``false``
- `SourceNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ extends `Node <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$Node.html>`__ -- function call, parameter, object creation, or reference to a property or global variable
- `getACall <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getACall.0.html>`__ -- find calls with this as the callee
- `getAnInstantiation <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAnInstantiation.0.html>`__ -- find ``new``-calls with this as the callee
- `getAnInvocation <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAnInvocation.0.html>`__ -- find calls or ``new``-calls with this as the callee
- `getAMethodCall <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAMethodCall.1.html>`__ -- find method calls with this as the receiver
- `getAMemberCall <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAMemberCall.1.html>`__ -- find calls with a member of this as the receiver
- `getAPropertyRead <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAPropertyRead.1.html>`__ -- find property reads with this as the base
- `getAPropertyWrite <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAPropertyWrite.1.html>`__ -- find property writes with this as the base
- `getAPropertySource <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAPropertySource.1.html>`__ -- find nodes flowing into a property of this node
- `InvokeNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$InvokeNode.html>`__, `NewNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$NewNode.html>`__, `CallNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$CallNode.html>`__, `MethodCallNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$MethodCallNode.html>`__ extends `SourceNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ -- call to a function or constructor
- `getArgument <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getArgument.1.html>`__ -- an argument to the call
- `getCalleeNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getCalleeNode.0.html>`__ -- node being invoked as a function
- `getCalleeName <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getCalleeName.0.html>`__ -- name of the variable or property being called
- `getOptionArgument <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getOptionArgument.2.html>`__ -- a "named argument" passed in through an object literal
- `getCallback <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getCallback.1.html>`__ -- a function passed as a callback
- `getACallee <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getACallee.0.html>`__ - a function being called here
- (MethodCallNode).\ `getMethodName <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$MethodCallNode$getMethodName.0.html>`__ -- name of the method being invoked
- (MethodCallNode).\ `getReceiver <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$CallNode$getReceiver.0.html>`__ -- receiver of the method call
- `FunctionNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$FunctionNode.html>`__ extends `SourceNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ -- definition of a function, including closures, methods, and class constructors
- `getName <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$FunctionNode$getName.0.html>`__ -- name of the function, derived from a variable or property name
- `getParameter <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$FunctionNode$getParameter.1.html>`__ -- a parameter of the function
- `getReceiver <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$FunctionNode$getReceiver.0.html>`__ -- the node representing the value of ``this``
- `getAReturn <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$FunctionNode$getAReturn.0.html>`__ -- get a returned expression
- `ParameterNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$ParameterNode.html>`__ extends `SourceNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ -- parameter of a function
- `getName <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ParameterNode$getName.0.html>`__ -- the parameter name, if it has one
- `ClassNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$ClassNode.html>`__ extends `SourceNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ -- class declaration or function that acts as a class
- `getName <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ClassNode$getName.0.html>`__ -- name of the class, derived from a variable or property name
- `getConstructor <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ClassNode$getConstructor.0.html>`__ -- the constructor function
- `getInstanceMethod <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ClassNode$getInstanceMethod.1.html>`__ -- get an instance method by name
- `getStaticMethod <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ClassNode$getStaticMethod.1.html>`__ -- get a static method by name
- `getAnInstanceReference <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ClassNode$getAnInstanceReference.0.html>`__ -- find references to an instance of the class
- `getAClassReference <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ClassNode$getAClassReference.0.html>`__ -- find references to the class itself
- `ObjectLiteralNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$ObjectLiteralNode.html>`__ extends `SourceNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ -- object literal
- `getAPropertyWrite <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAPropertyWrite.1.html>`__ -- a property in the object literal
- `getAPropertySource <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAPropertySource.1.html>`__ -- value flowing into a property
- `ArrayCreationNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$ArrayCreationNode.html>`__ extends `SourceNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ -- array literal or call to ``Array`` constructor
- `getElement <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ArrayCreationNode$getElement.1.html>`__ -- an element of the array
- `PropRef <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$PropRef.html>`__, `PropRead <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$PropRead.html>`__, `PropWrite <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$PropWrite.html>`__ -- read or write of a property
- `getPropertyName <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$PropRef$getPropertyName.0.html>`__ -- name of the property, if it is constant
- `getPropertyNameExpr <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$PropRef$getPropertyNameExpr.0.html>`__ -- expression holding the name of the property
- `getBase <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$PropRef$getBase.0.html>`__ -- object whose property is accessed
- (PropWrite).\ `getRhs <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$PropWrite$getRhs.0.html>`__ -- right-hand side of the property assignment
- `Node <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$Node.html>`__ -- something that can have a value, such as an expression, declaration, or SSA variable
- `getALocalSource <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$getALocalSource.0.html>`__ -- find the node that this came from
- `getTopLevel <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$getTopLevel.0.html>`__ -- top-level scope enclosing this node
- `getFile <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$getFile.0.html>`__ -- file containing this node
- `getIntValue <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$getIntValue.0.html>`__ -- value of this node if it's is an integer constant
- `getStringValue <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$getStringValue.0.html>`__ -- value of this node if it's is a string constant
- `mayHaveBooleanValue <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$mayHaveBooleanValue.1.html>`__ -- check if the value is ``true`` or ``false``
- `SourceNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ extends `Node <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$Node.html>`__ -- function call, parameter, object creation, or reference to a property or global variable
- `getACall <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getACall.0.html>`__ -- find calls with this as the callee
- `getAnInstantiation <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAnInstantiation.0.html>`__ -- find ``new``-calls with this as the callee
- `getAnInvocation <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAnInvocation.0.html>`__ -- find calls or ``new``-calls with this as the callee
- `getAMethodCall <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAMethodCall.1.html>`__ -- find method calls with this as the receiver
- `getAMemberCall <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAMemberCall.1.html>`__ -- find calls with a member of this as the receiver
- `getAPropertyRead <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAPropertyRead.1.html>`__ -- find property reads with this as the base
- `getAPropertyWrite <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAPropertyWrite.1.html>`__ -- find property writes with this as the base
- `getAPropertySource <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAPropertySource.1.html>`__ -- find nodes flowing into a property of this node
- `InvokeNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$InvokeNode.html>`__, `NewNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$NewNode.html>`__, `CallNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$CallNode.html>`__, `MethodCallNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$MethodCallNode.html>`__ extends `SourceNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ -- call to a function or constructor
- `getArgument <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getArgument.1.html>`__ -- an argument to the call
- `getCalleeNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getCalleeNode.0.html>`__ -- node being invoked as a function
- `getCalleeName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getCalleeName.0.html>`__ -- name of the variable or property being called
- `getOptionArgument <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getOptionArgument.2.html>`__ -- a "named argument" passed in through an object literal
- `getCallback <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getCallback.1.html>`__ -- a function passed as a callback
- `getACallee <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getACallee.0.html>`__ - a function being called here
- (MethodCallNode).\ `getMethodName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$MethodCallNode$getMethodName.0.html>`__ -- name of the method being invoked
- (MethodCallNode).\ `getReceiver <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$CallNode$getReceiver.0.html>`__ -- receiver of the method call
- `FunctionNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$FunctionNode.html>`__ extends `SourceNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ -- definition of a function, including closures, methods, and class constructors
- `getName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$FunctionNode$getName.0.html>`__ -- name of the function, derived from a variable or property name
- `getParameter <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$FunctionNode$getParameter.1.html>`__ -- a parameter of the function
- `getReceiver <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$FunctionNode$getReceiver.0.html>`__ -- the node representing the value of ``this``
- `getAReturn <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$FunctionNode$getAReturn.0.html>`__ -- get a returned expression
- `ParameterNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$ParameterNode.html>`__ extends `SourceNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ -- parameter of a function
- `getName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ParameterNode$getName.0.html>`__ -- the parameter name, if it has one
- `ClassNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$ClassNode.html>`__ extends `SourceNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ -- class declaration or function that acts as a class
- `getName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ClassNode$getName.0.html>`__ -- name of the class, derived from a variable or property name
- `getConstructor <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ClassNode$getConstructor.0.html>`__ -- the constructor function
- `getInstanceMethod <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ClassNode$getInstanceMethod.1.html>`__ -- get an instance method by name
- `getStaticMethod <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ClassNode$getStaticMethod.1.html>`__ -- get a static method by name
- `getAnInstanceReference <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ClassNode$getAnInstanceReference.0.html>`__ -- find references to an instance of the class
- `getAClassReference <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ClassNode$getAClassReference.0.html>`__ -- find references to the class itself
- `ObjectLiteralNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$ObjectLiteralNode.html>`__ extends `SourceNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ -- object literal
- `getAPropertyWrite <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAPropertyWrite.1.html>`__ -- a property in the object literal
- `getAPropertySource <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getAPropertySource.1.html>`__ -- value flowing into a property
- `ArrayCreationNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/type.Nodes$ArrayCreationNode.html>`__ extends `SourceNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/type.Sources$SourceNode.html>`__ -- array literal or call to ``Array`` constructor
- `getElement <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$ArrayCreationNode$getElement.1.html>`__ -- an element of the array
- `PropRef <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$PropRef.html>`__, `PropRead <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$PropRead.html>`__, `PropWrite <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/type.DataFlow$DataFlow$PropWrite.html>`__ -- read or write of a property
- `getPropertyName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$PropRef$getPropertyName.0.html>`__ -- name of the property, if it is constant
- `getPropertyNameExpr <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$PropRef$getPropertyNameExpr.0.html>`__ -- expression holding the name of the property
- `getBase <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$PropRef$getBase.0.html>`__ -- object whose property is accessed
- (PropWrite).\ `getRhs <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$PropWrite$getRhs.0.html>`__ -- right-hand side of the property assignment
StringOps module
----------------
- StringOps::`Concatenation <https://help.semmle.com/qldoc/javascript/semmle/javascript/StringOps.qll/type.StringOps$StringOps$Concatenation.html>`__ -- string concatenation, using a plus operator, template literal, or array join call
- StringOps::`StartsWith <https://help.semmle.com/qldoc/javascript/semmle/javascript/StringOps.qll/type.StringOps$StringOps$StartsWith.html>`__ -- check if a string starts with something
- StringOps::`EndsWith <https://help.semmle.com/qldoc/javascript/semmle/javascript/StringOps.qll/type.StringOps$StringOps$EndsWith.html>`__ -- check if a string ends with something
- StringOps::`Includes <https://help.semmle.com/qldoc/javascript/semmle/javascript/StringOps.qll/type.StringOps$StringOps$Includes.html>`__ -- check if a string contains something
- StringOps::`Concatenation <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/StringOps.qll/type.StringOps$StringOps$Concatenation.html>`__ -- string concatenation, using a plus operator, template literal, or array join call
- StringOps::`StartsWith <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/StringOps.qll/type.StringOps$StringOps$StartsWith.html>`__ -- check if a string starts with something
- StringOps::`EndsWith <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/StringOps.qll/type.StringOps$StringOps$EndsWith.html>`__ -- check if a string ends with something
- StringOps::`Includes <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/StringOps.qll/type.StringOps$StringOps$Includes.html>`__ -- check if a string contains something
Utility
--------
- `ExtendCall <https://help.semmle.com/qldoc/javascript/semmle/javascript/Extend.qll/type.Extend$ExtendCall.html>`__ -- call that copies properties from one object to another
- `JsonParserCall <https://help.semmle.com/qldoc/javascript/semmle/javascript/JsonParsers.qll/type.JsonParsers$JsonParserCall.html>`__ -- call that deserializes a JSON string
- `PropertyProjection <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/PropertyProjection.qll/type.PropertyProjection$PropertyProjection.html>`__ -- call that extracts nested properties by name
- `ExtendCall <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Extend.qll/type.Extend$ExtendCall.html>`__ -- call that copies properties from one object to another
- `JsonParserCall <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/JsonParsers.qll/type.JsonParsers$JsonParserCall.html>`__ -- call that deserializes a JSON string
- `PropertyProjection <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/PropertyProjection.qll/type.PropertyProjection$PropertyProjection.html>`__ -- call that extracts nested properties by name
System and Network
------------------
- `ClientRequest <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/ClientRequests.qll/type.ClientRequests$ClientRequest.html>`__ -- outgoing network request
- `DatabaseAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Concepts.qll/type.Concepts$DatabaseAccess.html>`__ -- query being submitted to a database
- `FileNameSource <https://help.semmle.com/qldoc/javascript/semmle/javascript/Concepts.qll/type.Concepts$FileNameSource.html>`__ -- reference to a filename
- `FileSystemAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Concepts.qll/type.Concepts$FileSystemAccess.html>`__ -- file system operation
- `FileSystemReadAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Concepts.qll/type.Concepts$FileSystemReadAccess.html>`__ -- reading the contents of a file
- `FileSystemWriteAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Concepts.qll/type.Concepts$FileSystemWriteAccess.html>`__ -- writing to the contents of a file
- `PersistentReadAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Concepts.qll/type.Concepts$PersistentReadAccess.html>`__ -- reading from persistent storage, like cookies
- `PersistentWriteAccess <https://help.semmle.com/qldoc/javascript/semmle/javascript/Concepts.qll/type.Concepts$PersistentWriteAccess.html>`__ -- writing to persistent storage
- `RemoteFlowSource <https://help.semmle.com/qldoc/javascript/semmle/javascript/security/dataflow/RemoteFlowSources.qll/type.RemoteFlowSources$RemoteFlowSource.html>`__ -- source of untrusted user input
- `SystemCommandExecution <https://help.semmle.com/qldoc/javascript/semmle/javascript/Concepts.qll/type.Concepts$SystemCommandExecution.html>`__ -- execution of a system command
- `ClientRequest <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/ClientRequests.qll/type.ClientRequests$ClientRequest.html>`__ -- outgoing network request
- `DatabaseAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Concepts.qll/type.Concepts$DatabaseAccess.html>`__ -- query being submitted to a database
- `FileNameSource <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Concepts.qll/type.Concepts$FileNameSource.html>`__ -- reference to a filename
- `FileSystemAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Concepts.qll/type.Concepts$FileSystemAccess.html>`__ -- file system operation
- `FileSystemReadAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Concepts.qll/type.Concepts$FileSystemReadAccess.html>`__ -- reading the contents of a file
- `FileSystemWriteAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Concepts.qll/type.Concepts$FileSystemWriteAccess.html>`__ -- writing to the contents of a file
- `PersistentReadAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Concepts.qll/type.Concepts$PersistentReadAccess.html>`__ -- reading from persistent storage, like cookies
- `PersistentWriteAccess <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Concepts.qll/type.Concepts$PersistentWriteAccess.html>`__ -- writing to persistent storage
- `RemoteFlowSource <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/security/dataflow/RemoteFlowSources.qll/type.RemoteFlowSources$RemoteFlowSource.html>`__ -- source of untrusted user input
- `SystemCommandExecution <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Concepts.qll/type.Concepts$SystemCommandExecution.html>`__ -- execution of a system command
Files
-----
- `File <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$File.html>`__,
`Folder <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$Folder.html>`__ extends
`Container <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/type.Files$Container.html>`__ -- file or folder in the database
- `File <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$File.html>`__,
`Folder <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$Folder.html>`__ extends
`Container <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/type.Files$Container.html>`__ -- file or folder in the database
- `getBaseName <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/predicate.Files$Container$getBaseName.0.html>`__ -- the name of the file or folder
- `getRelativePath <https://help.semmle.com/qldoc/javascript/semmle/javascript/Files.qll/predicate.Files$Container$getRelativePath.0.html>`__ -- path relative to the database root
- `getBaseName <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/predicate.Files$Container$getBaseName.0.html>`__ -- the name of the file or folder
- `getRelativePath <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/Files.qll/predicate.Files$Container$getRelativePath.0.html>`__ -- path relative to the database root
AST nodes
---------
@@ -148,18 +148,18 @@ See also: ":doc:`Abstract syntax tree classes for working with JavaScript and Ty
Conversion between DataFlow and AST nodes:
- `Node.asExpr() <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$asExpr.0.html>`__ -- convert node to an expression, if possible
- `Expr.flow() <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/predicate.AST$AST$ValueNode$flow.0.html>`__ -- convert expression to a node (always possible)
- `DataFlow::valueNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$valueNode.1.html>`__ -- convert expression or declaration to a node
- `DataFlow::parameterNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$parameterNode.1.html>`__ -- convert a parameter to a node
- `DataFlow::thisNode <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$thisNode.1.html>`__ -- get the receiver node of a function
- `Node.asExpr() <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$asExpr.0.html>`__ -- convert node to an expression, if possible
- `Expr.flow() <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/predicate.AST$AST$ValueNode$flow.0.html>`__ -- convert expression to a node (always possible)
- `DataFlow::valueNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$valueNode.1.html>`__ -- convert expression or declaration to a node
- `DataFlow::parameterNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$parameterNode.1.html>`__ -- convert a parameter to a node
- `DataFlow::thisNode <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$thisNode.1.html>`__ -- get the receiver node of a function
String matching
---------------
- x.\ `matches <https://help.semmle.com/qldoc/javascript/predicate.string$matches.1.html>`__\ ("escape%") -- holds if x starts with "escape"
- x.\ `regexpMatch <https://help.semmle.com/qldoc/javascript/predicate.string$regexpMatch.1.html>`__\ ("escape.*") -- holds if x starts with "escape"
- x.\ `regexpMatch <https://help.semmle.com/qldoc/javascript/predicate.string$regexpMatch.1.html>`__\ ("(?i).*escape.*") -- holds if x contains
- x.\ `matches <https://codeql.github.com/codeql-standard-libraries/javascript/predicate.string$matches.1.html>`__\ ("escape%") -- holds if x starts with "escape"
- x.\ `regexpMatch <https://codeql.github.com/codeql-standard-libraries/javascript/predicate.string$regexpMatch.1.html>`__\ ("escape.*") -- holds if x starts with "escape"
- x.\ `regexpMatch <https://codeql.github.com/codeql-standard-libraries/javascript/predicate.string$regexpMatch.1.html>`__\ ("(?i).*escape.*") -- holds if x contains
"escape" (case insensitive)
Type tracking
@@ -208,16 +208,16 @@ Use the following template to define backward type tracking predicates:
Troubleshooting
---------------
- Using a call node as as sink? Try using `getArgument <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getArgument.1.html>`__
- Using a call node as as sink? Try using `getArgument <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$InvokeNode$getArgument.1.html>`__
to get an *argument* of the call node instead.
- Trying to use `moduleImport <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$moduleImport.1.html>`__
or `moduleMember <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$moduleMember.2.html>`__
- Trying to use `moduleImport <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$moduleImport.1.html>`__
or `moduleMember <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Nodes.qll/predicate.Nodes$moduleMember.2.html>`__
as a call node?
Try using `getACall <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getACall.0.html>`__
Try using `getACall <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$getACall.0.html>`__
to get a *call* to the imported function, instead of the function itself.
- Compilation fails due to incompatible types? Make sure AST nodes and
DataFlow nodes are not mixed up. Use `asExpr() <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$asExpr.0.html>`__ or
`flow() <https://help.semmle.com/qldoc/javascript/semmle/javascript/AST.qll/predicate.AST$AST$ValueNode$flow.0.html>`__ to convert.
DataFlow nodes are not mixed up. Use `asExpr() <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/DataFlow.qll/predicate.DataFlow$DataFlow$Node$asExpr.0.html>`__ or
`flow() <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/AST.qll/predicate.AST$AST$ValueNode$flow.0.html>`__ to convert.
Further reading
---------------

2
docs/codeql/codeql-language-guides/detecting-a-potential-buffer-overflow.rst
View File

@@ -31,7 +31,7 @@ Defining the entities of interest
You could approach this problem either by searching for code similar to the call to ``malloc`` in line 3 or the call to ``strcpy`` in line 5 (see example above). For our basic query, we start with a simple assumption: any call to ``malloc`` with only a ``strlen`` to define the memory size is likely to cause an error when the memory is populated.
Calls to ``strlen`` can be identified using the library `StrlenCall <https://help.semmle.com/qldoc/cpp/semmle/code/cpp/commons/StringAnalysis.qll/type.StringAnalysis$StrlenCall.html>`__ class, but we need to define a new class to identify calls to ``malloc``. Both the library class and the new class need to extend the standard class ``FunctionCall``, with the added restriction of the function name that they apply to:
Calls to ``strlen`` can be identified using the library `StrlenCall <https://codeql.github.com/codeql-standard-libraries/cpp/semmle/code/cpp/commons/StringAnalysis.qll/type.StringAnalysis$StrlenCall.html>`__ class, but we need to define a new class to identify calls to ``malloc``. Both the library class and the new class need to extend the standard class ``FunctionCall``, with the added restriction of the function name that they apply to:
.. code-block:: ql

2
docs/codeql/codeql-language-guides/functions-in-python.rst
View File

@@ -5,7 +5,7 @@ Functions in Python
You can use syntactic classes from the standard CodeQL library to find Python functions and identify calls to them.
These examples use the standard CodeQL class `Function <https://help.semmle.com/qldoc/python/semmle/python/Function.qll/type.Function$Function.html>`__. For more information, see ":doc:`CodeQL library for Python <codeql-library-for-python>`."
These examples use the standard CodeQL class `Function <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/Function.qll/type.Function$Function.html>`__. For more information, see ":doc:`CodeQL library for Python <codeql-library-for-python>`."
Finding all functions called "get..."
-------------------------------------

2
docs/codeql/codeql-language-guides/pointer-analysis-and-type-inference-in-python.rst
View File

@@ -15,7 +15,7 @@ Summary
Class hierarchy for ``Value``:
- `Value <https://help.semmle.com/qldoc/python/semmle/python/objects/ObjectAPI.qll/type.ObjectAPI$Value.html>`__
- `Value <https://codeql.github.com/codeql-standard-libraries/python/semmle/python/objects/ObjectAPI.qll/type.ObjectAPI$Value.html>`__
- ``ClassValue``
- ``FunctionValue``

2
docs/codeql/codeql-language-guides/using-the-guards-library-in-cpp.rst
View File

@@ -8,7 +8,7 @@ You can use the CodeQL guards library to identify conditional expressions that c
About the guards library
------------------------
The guards library (defined in ``semmle.code.cpp.controlflow.Guards``) provides a class `GuardCondition <https://help.semmle.com/qldoc/cpp/semmle/code/cpp/controlflow/Guards.qll/type.Guards$GuardCondition.html>`__ representing Boolean values that are used to make control flow decisions.
The guards library (defined in ``semmle.code.cpp.controlflow.Guards``) provides a class `GuardCondition <https://codeql.github.com/codeql-standard-libraries/cpp/semmle/code/cpp/controlflow/Guards.qll/type.Guards$GuardCondition.html>`__ representing Boolean values that are used to make control flow decisions.
A ``GuardCondition`` is considered to guard a basic block if the block can only be reached if the ``GuardCondition`` is evaluated a certain way. For instance, in the following code, ``x < 10`` is a ``GuardCondition``, and it guards all the code before the return statement.
.. code-block:: cpp

20
docs/codeql/codeql-language-guides/using-type-tracking-for-api-modeling.rst
View File

@@ -120,9 +120,9 @@ Type tracking is a generalization of the above pattern, where a predicate matche
and has a recursive clause that tracks the flow of that value.
But instead of us having to deal with function calls/returns and property reads/writes,
all of these steps are included in a single predicate,
`SourceNode.track <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$track.2.html>`__,
`SourceNode.track <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/Sources.qll/predicate.Sources$SourceNode$track.2.html>`__,
to be used with the companion class
`TypeTracker <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/TypeTracking.qll/type.TypeTracking$TypeTracker.html>`__.
`TypeTracker <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/TypeTracking.qll/type.TypeTracking$TypeTracker.html>`__.
Predicates that use type tracking usually conform to the following general pattern, which we explain below:
@@ -435,7 +435,7 @@ Note that these predicates all return ``SourceNode``,
so attempts to track a non-source node, such as an identifier or string literal,
will not work.
If this becomes an issue, see
`TypeTracker.smallstep <https://help.semmle.com/qldoc/javascript/semmle/javascript/dataflow/TypeTracking.qll/predicate.TypeTracking$TypeTracker$smallstep.2.html>`__.
`TypeTracker.smallstep <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/dataflow/TypeTracking.qll/predicate.TypeTracking$TypeTracker$smallstep.2.html>`__.
Also note that the predicates taking a ``TypeTracker`` or ``TypeBackTracker`` can often be made ``private``,
as they are typically only used as an intermediate result to compute the other predicate.
@@ -511,14 +511,14 @@ Type tracking in the standard libraries
Type tracking is used in a few places in the standard libraries:
- The `DOM <https://help.semmle.com/qldoc/javascript/semmle/javascript/DOM.qll/module.DOM$DOM.html>`__ predicates,
`documentRef <https://help.semmle.com/qldoc/javascript/semmle/javascript/DOM.qll/predicate.DOM$DOM$documentRef.0.html>`__,
`locationRef <https://help.semmle.com/qldoc/javascript/semmle/javascript/DOM.qll/predicate.DOM$DOM$locationRef.0.html>`__, and
`domValueRef <https://help.semmle.com/qldoc/javascript/semmle/javascript/DOM.qll/predicate.DOM$DOM$domValueRef.0.html>`__,
- The `DOM <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/DOM.qll/module.DOM$DOM.html>`__ predicates,
`documentRef <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/DOM.qll/predicate.DOM$DOM$documentRef.0.html>`__,
`locationRef <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/DOM.qll/predicate.DOM$DOM$locationRef.0.html>`__, and
`domValueRef <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/DOM.qll/predicate.DOM$DOM$domValueRef.0.html>`__,
are implemented with type tracking.
- The `HTTP <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/HTTP.qll/module.HTTP$HTTP.html>`__ server models, such as `Express <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/Express.qll/module.Express$Express.html>`__, use type tracking to track the installation of router handler functions.
- The `Firebase <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/Firebase.qll/module.Firebase$Firebase.html>`__ and
`Socket.io <https://help.semmle.com/qldoc/javascript/semmle/javascript/frameworks/SocketIO.qll/module.SocketIO$SocketIO.html>`__ models use type tracking to track objects coming from their respective APIs.
- The `HTTP <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/HTTP.qll/module.HTTP$HTTP.html>`__ server models, such as `Express <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/Express.qll/module.Express$Express.html>`__, use type tracking to track the installation of router handler functions.
- The `Firebase <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/Firebase.qll/module.Firebase$Firebase.html>`__ and
`Socket.io <https://codeql.github.com/codeql-standard-libraries/javascript/semmle/javascript/frameworks/SocketIO.qll/module.SocketIO$SocketIO.html>`__ models use type tracking to track objects coming from their respective APIs.
Further reading
---------------

49
docs/codeql/conf.py
View File

@@ -1,29 +1,20 @@
# -*- coding: utf-8 -*-
#
# Global configuration file, created on 29th April 2019.
#
# The config values below are used across all of the sphinx projects
# The Sphinx config values used in the CodeQL documentation that is published
# at codeql.github.com/docs
#
# Note that not all possible configuration values are present in this file.
#
# All configuration values have a default; values that are commented out
# serve to show the default.
#
# For details of all possible config values,
# see https://www.sphinx-doc.org/en/master/usage/configuration.html
##################################################################################
#
# Project-specific values are configured in the relevant conf.py file.
# See individual projects for details
#
##################################################################################
# -- GLOBAL GENERAL CONFIG VALUES ------------------------------------------------
# -- GENERAL CONFIG VALUES ------------------------------------------------
# The suffix(es) of source filenames.
# You can specify multiple suffix as a list of string:
# source_suffix = ['.rst', '.md']
source_suffix = '.rst'
# The master toctree document.
@@ -42,10 +33,6 @@ htmlhelp_basename = 'CodeQL'
# If your documentation needs a minimal Sphinx version, state it here.
#needs_sphinx = '1.0'
# Add any Sphinx extension module names here, as strings. They can be
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones.
# The encoding of source files.
source_encoding = 'utf-8-sig'
@@ -61,10 +48,9 @@ def setup(sphinx):
from qllexer import QLLexer
sphinx.add_lexer("ql", QLLexer())
# The Semmle version info for the current release you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
# built documents.
#
# The version of CodeQL for the current release you're documenting, acts as replacement for
# |version| and |release|
# The short X.Y version.
version = u'3.0'
# The full version, including alpha/beta/rc tags.
@@ -85,13 +71,11 @@ html_show_sphinx = False
# -- Global HTML configuration -------------------------------------
# The theme to use for HTML and HTML Help pages. See the documentation for
# a list of builtin themes.
# The theme to use for HTML pages. See https://github.com/bitprophet/alabaster/blob/master/alabaster/static/alabaster.css_t
# Many of the built-in theme styles are overridden by the static stylesheets in html_static_path.
html_theme = 'alabaster'
# Theme options are theme-specific and customize the look and feel of a theme
# further. For a list of options available for each theme, see the
# documentation.
# HTML theme options used to customize the look and feel of the docs.
html_theme_options = {'font_size': '16px',
'body_text': '#333',
'link': '#2F1695',
@@ -101,13 +85,14 @@ html_theme_options = {'font_size': '16px',
'head_font_family': '-apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji"',
}
# Add any paths that contain templates here, relative to this directory.
# Path to the folder that contains the project's HTML template
templates_path = ['_templates']
# Add any paths that contain custom static files (such as style sheets) here,
# relative to this directory. They are copied after the builtin static files,
# so a file named "default.css" will overwrite the builtin "default.css".
# Path to the folder that contains static stylesheets
html_static_path = ['_static']
exclude_patterns = ['vale*', '_static', '_templates', 'reusables', 'images', 'support', 'ql-training', 'query-help','_build', '*.py*', 'README.rst']
##############################################################################
# Copy the static landing page for codeql.github.com/docs when building this sphinx project
html_extra_path = ['index.html']
# Exclude these paths from being built by Sphinx
exclude_patterns = ['vale*', '_static', '_templates', 'reusables', 'images', 'support', 'ql-training', 'query-help', '_build', '*.py*', 'README.rst']

298
docs/codeql/index.html Normal file
View File

@@ -0,0 +1,298 @@
<!DOCTYPE html>
<html lang="en">
<head>
<title>CodeQL documentation</title>
<meta name="viewport" content="width=device-width, initial-scale=1" />
<link rel="stylesheet" href="_static/primer.css" />
</head>
<body>
<div class="Header">
<div class="Header-item--full">
<a href="index.html" class="Header-link f2 d-flex flex-items-center">
<!-- <%= octicon "mark-github", class: "mr-2", height: 32 %> -->
<svg height="32" class="octicon octicon-mark-github mr-2" viewBox="0 0 16 16" version="1.1" width="32"
aria-hidden="true">
<path fill-rule="evenodd"
d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0 0 16 8c0-4.42-3.58-8-8-8z">
</path>
</svg>
<span class="hide-sm">CodeQL documentation</span>
</a>
</div>
<div class="Header-item hide-sm hide-md">
<script src="https://addsearch.com/js/?key=93b4d287e2fc079a4089412b669785d5&categories=!0xhelp.semmle.com,0xcodeql.github.com,1xdocs"></script>
</div>
<div class="Header-item">
<details class="dropdown details-reset details-overlay d-inline-block">
<summary class="btn bg-gray-dark text-white border" aria-haspopup="true">
CodeQL resources
<div class="dropdown-caret"></div>
</summary>
<ul class="dropdown-menu dropdown-menu-se dropdown-menu-dark">
<li><a class="dropdown-item" href="codeql-overview">CodeQL overview</a></li>
<li class="dropdown-divider" role="separator"></li>
<div class="dropdown-header">
CodeQL tools
</div>
<li><a class="dropdown-item" href="codeql-for-visual-studio-code">CodeQL for VS Code</a>
<li><a class="dropdown-item" href="codeql-cli">CodeQL CLI</a>
</li>
<li class="dropdown-divider" role="separator"></li>
<div class="dropdown-header">
CodeQL guides
</div>
<li><a class="dropdown-item" href="writing-codeql-queries">Writing CodeQL queries</a></li>
<li><a class="dropdown-item" href="codeql-language-guides">CodeQL language guides</a>
<li class="dropdown-divider" role="separator"></li>
<div class="dropdown-header">
Reference docs
</div>
<li><a class="dropdown-item" href="ql-language-reference/">QL language
reference</a>
<li><a class="dropdown-item" href="../codeql-standard-libraries">CodeQL
standard-libraries</a>
<li><a class="dropdown-item" href="../codeql-query-help">CodeQL
query help</a>
<li class="dropdown-divider" role="separator"></li>
<div class="dropdown-header">
Source files
</div>
<li><a class="dropdown-item" href="https://github.com/github/codeql">CodeQL repository</a>
</ul>
</details>
</div>
</div>
<article class="pb-6" style="min-height: calc(100vh - 68px);">
<div class="blankslate">
<img src="https://ghicons.github.com/assets/images/blue/svg/Code%20QL.svg" class="mb-3" />
<h1>CodeQL documentation</h1>
<p class="f2">Discover vulnerabilities across a codebase with CodeQL, our industry-leading semantic code
analysis
engine. CodeQL lets you query code as though it were data. Write a query to find all variants of a
vulnerability, eradicating it forever. Then share your query to help others do the same.</p>
</div>
<div class="d-flex flex-column flex-md-row flex-justify-center">
<div class="Box col-lg-3 col-sm-12">
<a href="codeql-overview">
<div class="Box-header">
<h3 class="Box-title">
CodeQL overview
</h3>
</div>
</a>
<div class="Box-body border-bottom-0">
Learn more about how CodeQL works, the languages and libraries supported by CodeQL analysis, and the tools you can use to run CodeQL on open source projects.
</div>
</div>
<div class="Box col-lg-3 col-sm-12">
<div class="Box-header">
<a href="codeql-overview/codeql-tools">
<h3 class="Box-title">
CodeQL tools
</h3>
</a>
</div>
<div class="Box-body border-bottom-0">
GitHub provides the <a href ="codeql-cli">CodeQL command-line interface</a> and <a href="codeql-for-visual-studio-code">CodeQL for Visual Studio Code</a> for performing
CodeQL analysis on open source codebases.
</div>
</div>
<div class="Box col-lg-3 col-sm-12">
<div class="Box-header">
<a
href="https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/about-code-scanning">
<h3 class="Box-title">
Code scanning with CodeQL
</h3>
</a>
</div>
<div class="Box-body border-bottom-0">
You can use code scanning with CodeQL to analyze the code in a GitHub repository to find security
vulnerabilities and coding errors. Any problems identified by the analysis are shown in GitHub
</div>
</div>
</div>
<div class="d-flex flex-column flex-md-row flex-justify-center">
<div class="Box col-lg-3 col-sm-12">
<div class="Box-header">
<h3 class="Box-title text-blue">
CodeQL guides
</h3>
</div>
<div class="Box-body border-bottom-0">
Learn more about CodeQL queries in <a href="writing-codeql-queries">Writing CodeQL queries</a> and find information about writing queries to analyze specific languages in the <a href="codeql-language-guides">CodeQL language guides</a>.
</div>
</div>
<div class="Box col-lg-3 col-sm-12">
<div class="Box-header">
<h3 class="Box-title text-blue">
CodeQL reference documentation
</h3>
</div>
<div class="Box-body border-bottom-0">
Finds details of the predicates, modules, and classes included with CodeQL in the <a href="../codeql-standard-libraries">CodeQL standard libraries</a> and explore the documentation for the CodeQL queries in the <a href="../codeql-query-help">CodeQL query help</a>.
</div>
</div>
<div class="Box col-lg-3 col-sm-12">
<a href="ql-language-reference">
<div class="Box-header">
<h3 class="Box-title">
QL language reference
</h3>
</div>
</a>
<div class="Box-body border-bottom-0">
Learn all about QL, the powerful query language that underlies the code scanning tool CodeQL.
</div>
</div>
</div>
</article>
<div class="footer mt-6 bg-gray-light border-y border-gray-dark no-print">
<div class="container-xl px-3 px-md-6">
<div class="d-flex flex-wrap py-5 mb-5">
<div class="col-12 col-lg-4 mb-5">
<a href="https://github.com/" data-ga-click="Footer, go to home, text:home" class="text-gray-dark"
aria-label="Go to GitHub homepage">
<svg version="1.1" width="84.375" height="30" viewBox="0 0 45 16"
class="octicon octicon-logo-github" aria-hidden="true">
<path fill-rule="evenodd"
d="M18.53 12.03h-.02c.009 0 .015.01.024.011h.006l-.01-.01zm.004.011c-.093.001-.327.05-.574.05-.78 0-1.05-.36-1.05-.83V8.13h1.59c.09 0 .16-.08.16-.19v-1.7c0-.09-.08-.17-.16-.17h-1.59V3.96c0-.08-.05-.13-.14-.13h-2.16c-.09 0-.14.05-.14.13v2.17s-1.09.27-1.16.28c-.08.02-.13.09-.13.17v1.36c0 .11.08.19.17.19h1.11v3.28c0 2.44 1.7 2.69 2.86 2.69.53 0 1.17-.17 1.27-.22.06-.02.09-.09.09-.16v-1.5a.177.177 0 00-.146-.18zM42.23 9.84c0-1.81-.73-2.05-1.5-1.97-.6.04-1.08.34-1.08.34v3.52s.49.34 1.22.36c1.03.03 1.36-.34 1.36-2.25zm2.43-.16c0 3.43-1.11 4.41-3.05 4.41-1.64 0-2.52-.83-2.52-.83s-.04.46-.09.52c-.03.06-.08.08-.14.08h-1.48c-.1 0-.19-.08-.19-.17l.02-11.11c0-.09.08-.17.17-.17h2.13c.09 0 .17.08.17.17v3.77s.82-.53 2.02-.53l-.01-.02c1.2 0 2.97.45 2.97 3.88zm-8.72-3.61h-2.1c-.11 0-.17.08-.17.19v5.44s-.55.39-1.3.39-.97-.34-.97-1.09V6.25c0-.09-.08-.17-.17-.17h-2.14c-.09 0-.17.08-.17.17v5.11c0 2.2 1.23 2.75 2.92 2.75 1.39 0 2.52-.77 2.52-.77s.05.39.08.45c.02.05.09.09.16.09h1.34c.11 0 .17-.08.17-.17l.02-7.47c0-.09-.08-.17-.19-.17zm-23.7-.01h-2.13c-.09 0-.17.09-.17.2v7.34c0 .2.13.27.3.27h1.92c.2 0 .25-.09.25-.27V6.23c0-.09-.08-.17-.17-.17zm-1.05-3.38c-.77 0-1.38.61-1.38 1.38 0 .77.61 1.38 1.38 1.38.75 0 1.36-.61 1.36-1.38 0-.77-.61-1.38-1.36-1.38zm16.49-.25h-2.11c-.09 0-.17.08-.17.17v4.09h-3.31V2.6c0-.09-.08-.17-.17-.17h-2.13c-.09 0-.17.08-.17.17v11.11c0 .09.09.17.17.17h2.13c.09 0 .17-.08.17-.17V8.96h3.31l-.02 4.75c0 .09.08.17.17.17h2.13c.09 0 .17-.08.17-.17V2.6c0-.09-.08-.17-.17-.17zM8.81 7.35v5.74c0 .04-.01.11-.06.13 0 0-1.25.89-3.31.89-2.49 0-5.44-.78-5.44-5.92S2.58 1.99 5.1 2c2.18 0 3.06.49 3.2.58.04.05.06.09.06.14L7.94 4.5c0 .09-.09.2-.2.17-.36-.11-.9-.33-2.17-.33-1.47 0-3.05.42-3.05 3.73s1.5 3.7 2.58 3.7c.92 0 1.25-.11 1.25-.11v-2.3H4.88c-.11 0-.19-.08-.19-.17V7.35c0-.09.08-.17.19-.17h3.74c.11 0 .19.08.19.17z">
</path>
</svg>
</a>
</div>
<div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-lg-0 pl-lg-4">
<h4 class="mb-3 text-mono text-gray-light text-normal">Product</h4>
<ul class="list-style-none text-gray f5">
<li class="lh-condensed mb-3"><a href="https://github.com/features"
data-ga-click="Footer, go to features, text:features" class="link-gray">Features</a>
</li>
<li class="lh-condensed mb-3"><a href="https://github.com/security"
data-ga-click="Footer, go to security, text:security" class="link-gray">Security</a>
</li>
<li class="lh-condensed mb-3"><a href="https://github.com/enterprise"
data-ga-click="Footer, go to enterprise, text:enterprise"
class="link-gray">Enterprise</a></li>
<li class="lh-condensed mb-3"><a href="https://github.com/case-studies?type=customers"
data-ga-click="Footer, go to case studies, text:case studies" class="link-gray">Case
Studies</a></li>
<li class="lh-condensed mb-3"><a href="https://github.com/pricing"
data-ga-click="Footer, go to pricing, text:pricing" class="link-gray">Pricing</a></li>
<li class="lh-condensed mb-3"><a href="https://resources.github.com"
data-ga-click="Footer, go to resources, text:resources" class="link-gray">Resources</a>
</li>
</ul>
</div>
<div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-md-0 pl-md-4">
<h4 class="mb-3 text-mono text-gray-light text-normal">Platform</h4>
<ul class="list-style-none f5">
<li class="lh-condensed mb-3"><a href="https://developer.github.com/"
data-ga-click="Footer, go to api, text:api" class="link-gray">Developer API</a></li>
<li class="lh-condensed mb-3"><a href="http://partner.github.com/"
data-ga-click="Footer, go to partner, text:partner" class="link-gray">Partners</a></li>
<li class="lh-condensed mb-3"><a href="https://atom.io"
data-ga-click="Footer, go to atom, text:atom" class="link-gray">Atom</a></li>
<li class="lh-condensed mb-3"><a href="http://electron.atom.io/"
data-ga-click="Footer, go to electron, text:electron" class="link-gray">Electron</a>
</li>
<li class="lh-condensed mb-3"><a href="https://desktop.github.com/"
data-ga-click="Footer, go to desktop, text:desktop" class="link-gray">GitHub Desktop</a>
</li>
</ul>
</div>
<div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-md-0 pl-md-4">
<h4 class="mb-3 text-mono text-gray-light text-normal">Support</h4>
<ul class="list-style-none f5">
<li class="lh-condensed mb-3"><a href="/" class="link-gray">Help</a></li>
<li class="lh-condensed mb-3"><a href="https://github.community" class="link-gray">Community
Forum</a></li>
<li class="lh-condensed mb-3"><a href="https://services.github.com/"
class="link-gray">Training</a></li>
<li class="lh-condensed mb-3"><a href="https://githubstatus.com/" class="link-gray">Status</a>
</li>
<li class="lh-condensed mb-3"><a href="https://support.github.com/contact"
class="link-gray">Contact GitHub</a></li>
</ul>
</div>
<div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-md-0 pl-md-4">
<h4 class="mb-3 text-mono text-gray-light text-normal">Company</h4>
<ul class="list-style-none f5">
<li class="lh-condensed mb-3"><a href="https://github.com/about" class="link-gray">About</a>
</li>
<li class="lh-condensed mb-3"><a href="https://github.blog/" class="link-gray">Blog</a></li>
<li class="lh-condensed mb-3"><a href="https://github.com/about/careers"
class="link-gray">Careers</a></li>
<li class="lh-condensed mb-3"><a href="https://github.com/about/press"
class="link-gray">Press</a></li>
<li class="lh-condensed mb-3"><a href="https://shop.github.com" class="link-gray">Shop</a></li>
</ul>
</div>
</div>
</div>
<div class="bg-gray-light">
<div
class="container-xl px-3 px-md-6 f6 py-4 d-sm-flex flex-justify-between flex-row-reverse flex-items-center">
<ul class="list-style-none d-flex flex-items-center mb-3 mb-sm-0 lh-condensed-ultra">
<li class="mr-3">
<a href="https://twitter.com/github" title="GitHub on Twitter" style="color: #959da5;">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 273.5 222.3" class="d-block"
height="18">
<path
d="M273.5 26.3a109.77 109.77 0 0 1-32.2 8.8 56.07 56.07 0 0 0 24.7-31 113.39 113.39 0 0 1-35.7 13.6 56.1 56.1 0 0 0-97 38.4 54 54 0 0 0 1.5 12.8A159.68 159.68 0 0 1 19.1 10.3a56.12 56.12 0 0 0 17.4 74.9 56.06 56.06 0 0 1-25.4-7v.7a56.11 56.11 0 0 0 45 55 55.65 55.65 0 0 1-14.8 2 62.39 62.39 0 0 1-10.6-1 56.24 56.24 0 0 0 52.4 39 112.87 112.87 0 0 1-69.7 24 119 119 0 0 1-13.4-.8 158.83 158.83 0 0 0 86 25.2c103.2 0 159.6-85.5 159.6-159.6 0-2.4-.1-4.9-.2-7.3a114.25 114.25 0 0 0 28.1-29.1"
fill="currentColor"></path>
</svg>
</a>
</li>
<li class="mr-3">
<a href="https://www.facebook.com/GitHub" title="GitHub on Facebook" style="color: #959da5;">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 15.3 15.4" class="d-block" height="18">
<path
d="M14.5 0H.8a.88.88 0 0 0-.8.9v13.6a.88.88 0 0 0 .8.9h7.3v-6h-2V7.1h2V5.4a2.87 2.87 0 0 1 2.5-3.1h.5a10.87 10.87 0 0 1 1.8.1v2.1h-1.3c-1 0-1.1.5-1.1 1.1v1.5h2.3l-.3 2.3h-2v5.9h3.9a.88.88 0 0 0 .9-.8V.8a.86.86 0 0 0-.8-.8z"
fill="currentColor"></path>
</svg>
</a>
</li>
<li class="mr-3">
<a href="https://www.youtube.com/github" title="GitHub on YouTube" style="color: #959da5;">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.17 13.6" class="d-block"
height="16">
<path
d="M18.77 2.13A2.4 2.4 0 0 0 17.09.42C15.59 0 9.58 0 9.58 0a57.55 57.55 0 0 0-7.5.4A2.49 2.49 0 0 0 .39 2.13 26.27 26.27 0 0 0 0 6.8a26.15 26.15 0 0 0 .39 4.67 2.43 2.43 0 0 0 1.69 1.71c1.52.42 7.5.42 7.5.42a57.69 57.69 0 0 0 7.51-.4 2.4 2.4 0 0 0 1.68-1.71 25.63 25.63 0 0 0 .4-4.67 24 24 0 0 0-.4-4.69zM7.67 9.71V3.89l5 2.91z"
fill="currentColor"></path>
</svg>
</a>
</li>
<li class="mr-3 flex-self-start">
<a href="https://www.linkedin.com/company/github" title="GitHub on Linkedin"
style="color: #959da5;">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19 18" class="d-block" height="18">
<path
d="M3.94 2A2 2 0 1 1 2 0a2 2 0 0 1 1.94 2zM4 5.48H0V18h4zm6.32 0H6.34V18h3.94v-6.57c0-3.66 4.77-4 4.77 0V18H19v-7.93c0-6.17-7.06-5.94-8.72-2.91z"
fill="currentColor"></path>
</svg>
</a>
</li>
<li>
<a href="https://github.com/github" title="GitHub's organization" style="color: #959da5;">
<svg version="1.1" width="20" height="20" viewBox="0 0 16 16"
class="octicon octicon-mark-github" aria-hidden="true">
<path fill-rule="evenodd"
d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0016 8c0-4.42-3.58-8-8-8z">
</path>
</svg>
</a>
</li>
</ul>
<ul class="list-style-none d-flex text-gray">
<li class="mr-3">&copy; 2020 GitHub, Inc.</li>
<li class="mr-3"><a href="https://docs.github.com/en/free-pro-team@latest/github/site-policy/github-terms-of-service" class="link-gray">Terms </a></li>
<li><a href="https://docs.github.com/en/free-pro-team@latest/github/site-policy/github-privacy-statement" class="link-gray">Privacy </a></li>
</ul>
</div>
</div>
</div>
</body>
</html>

2
docs/codeql/ql-language-reference/expressions.rst
View File

@@ -636,7 +636,7 @@ is exactly equivalent to ``((Foo)x)``.
Casts are useful if you want to call a :ref:`member predicate <member-predicates>` that is only defined for a more
specific type. For example, the following query selects Java
`classes <https://help.semmle.com/qldoc/java/semmle/code/java/Type.qll/type.Type$Class.html>`_
`classes <https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/Type.qll/type.Type$Class.html>`_
that have a direct supertype called "List"::
import java

2
docs/codeql/ql-training/cpp/bad-overflow-guard.rst
View File

@@ -149,7 +149,7 @@ Lets look for overflow guards of the form ``v + b < v``, using the classes
- a ``RelationalOperation``: the overflow comparison check.
- a ``Variable``: used as an argument to both the addition and comparison.
- The ``where`` part of the query ties these three variables together using `predicates <https://help.semmle.com/QL/ql-handbook/predicates.html>`__ defined in the `standard CodeQL for C/C++ library <https://help.semmle.com/qldoc/cpp/>`__.
- The ``where`` part of the query ties these three variables together using `predicates <https://help.semmle.com/QL/ql-handbook/predicates.html>`__ defined in the `standard CodeQL for C/C++ library <https://codeql.github.com/codeql-standard-libraries/cpp/>`__.
CodeQL query: bad overflow guards
=================================

2
docs/codeql/ql-training/cpp/control-flow-cpp.rst
View File

@@ -223,7 +223,7 @@ Further materials
=================
- CodeQL for C/C++: https://help.semmle.com/QL/learn-ql/ql/cpp/ql-for-cpp.html
- API reference: https://help.semmle.com/qldoc/cpp
- API reference: https://codeql.github.com/codeql-standard-libraries/cpp
.. rst-class:: end-slide

2
docs/codeql/ql-training/cpp/data-flow-cpp.rst
View File

@@ -84,7 +84,7 @@ Write a query that flags ``printf`` calls where the format argument is not a ``S
This first query is about finding places where the format specifier is not a constant string. In the CodeQL libraries for C/C++, constant strings are modeled as ``StringLiteral`` nodes, so we are looking for calls to format functions where the format specifier argument is not a string literal.
The `C/C++ standard libraries <https://help.semmle.com/qldoc/cpp/>`__ include many different formatting functions that may be vulnerable to this particular attackincluding ``printf``, ``snprintf``, and others. Furthermore, each of these different formatting functions may include the format string in a different position in the argument list. Instead of laboriously listing all these different variants, we can make use of the standard CodeQL class ``FormattingFunction``, which provides an interface that models common formatting functions in C/C++.
The `C/C++ standard libraries <https://codeql.github.com/codeql-standard-libraries/cpp/>`__ include many different formatting functions that may be vulnerable to this particular attackincluding ``printf``, ``snprintf``, and others. Furthermore, each of these different formatting functions may include the format string in a different position in the argument list. Instead of laboriously listing all these different variants, we can make use of the standard CodeQL class ``FormattingFunction``, which provides an interface that models common formatting functions in C/C++.
Meh...
======

2
docs/codeql/ql-training/cpp/intro-ql-cpp.rst
View File

@@ -70,7 +70,7 @@ A simple CodeQL query
A `query <https://help.semmle.com/QL/ql-handbook/queries.html>`__ consists of a “select” clause that indicates what results should be returned. Typically it will also provide a “from” clause to declare some variables, and a “where” clause to state conditions over those variables. For more information on the structure of query files (including links to useful topics in the `QL language reference <https://help.semmle.com/QL/ql-handbook/index.html>`__), see `About CodeQL queries <https://help.semmle.com/QL/learn-ql/ql/writing-queries/introduction-to-queries.html>`__.
In our example here, the first line of the query imports the `CodeQL library for C/C++ <https://help.semmle.com/qldoc/cpp/>`__, which defines concepts like ``IfStmt`` and ``Block``.
In our example here, the first line of the query imports the `CodeQL library for C/C++ <https://codeql.github.com/codeql-standard-libraries/cpp/>`__, which defines concepts like ``IfStmt`` and ``Block``.
The query proper starts by declaring two variablesifStmt and block. These variables represent sets of values in the database, according to the type of each of the variables. For example, ifStmt has the type IfStmt, which means it represents the set of all if statements in the program.
If we simply selected these two variables::

2
docs/codeql/ql-training/java/intro-ql-java.rst
View File

@@ -70,7 +70,7 @@ A simple CodeQL query
A `query <https://help.semmle.com/QL/ql-handbook/queries.html>`__ consists of a “select” clause that indicates what results should be returned. Typically it will also provide a “from” clause to declare some variables, and a “where” clause to state conditions over those variables. For more information on the structure of query files (including links to useful topics in the `QL language reference <https://help.semmle.com/QL/ql-handbook/index.html>`__), see `About CodeQL queries <https://help.semmle.com/QL/learn-ql/ql/writing-queries/introduction-to-queries.html>`__.
In our example here, the first line of the query imports the `CodeQL library for Java <https://help.semmle.com/qldoc/java/>`__, which defines concepts like ``IfStmt`` and ``Block``.
In our example here, the first line of the query imports the `CodeQL library for Java <https://codeql.github.com/codeql-standard-libraries/java/>`__, which defines concepts like ``IfStmt`` and ``Block``.
The query proper starts by declaring two variablesifStmt and block. These variables represent sets of values in the database, according to the type of each of the variables. For example, ``ifStmt`` has the type ``IfStmt``, which means it represents the set of all if statements in the program.
If we simply selected these two variables::

2
docs/codeql/ql-training/java/query-injection-java.rst
View File

@@ -84,7 +84,7 @@ Lets start by looking for calls to methods with names of the form ``sparql*Qu
- a ``MethodAccess``: the call to a SPARQL query method
- a ``Method``: the SPARQL query method.
- The ``where`` part of the query ties these variables together using `predicates <https://help.semmle.com/QL/ql-handbook/predicates.html>`__ defined in the `standard CodeQL library for Java <https://help.semmle.com/qldoc/java/>`__.
- The ``where`` part of the query ties these variables together using `predicates <https://help.semmle.com/QL/ql-handbook/predicates.html>`__ defined in the `standard CodeQL library for Java <https://codeql.github.com/codeql-standard-libraries/java/>`__.
CodeQL query: find string concatenation
=======================================

12
docs/codeql/ql-training/slide-snippets/local-data-flow.rst
View File

@@ -105,9 +105,9 @@ So all references will need to be qualified (that is, ``DataFlow::Node``)
A **query library** is file with the extension ``.qll``. Query libraries do not contain a query clause, but may contain modules, classes, and predicates.
For further information on the data flow libraries, see the following links:
- `Java data flow library <https://help.semmle.com/qldoc/java/semmle/code/java/dataflow/DataFlow.qll/module.DataFlow.html>`__
- `C/C++ data flow library <https://help.semmle.com/qldoc/cpp/semmle/code/cpp/dataflow/DataFlow.qll/module.DataFlow.html>`__
- `C# data flow library <https://help.semmle.com/qldoc/csharp/semmle/code/csharp/dataflow/DataFlow.qll/module.DataFlow.html>`__
- `Java data flow library <https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/dataflow/DataFlow.qll/module.DataFlow.html>`__
- `C/C++ data flow library <https://codeql.github.com/codeql-standard-libraries/cpp/semmle/code/cpp/dataflow/DataFlow.qll/module.DataFlow.html>`__
- `C# data flow library <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/csharp/dataflow/DataFlow.qll/module.DataFlow.html>`__
A **module** is a way of organizing QL code by grouping together related predicates, classes, and (sub-)modules. They can be either explicitly declared or implicit. A query library implicitly declares a module with the same name as the QLL file.
@@ -155,6 +155,6 @@ Taint tracking
The taint-tracking API is almost identical to that of the local data flow. All we need to do to switch to taint tracking is ``import semmle.code.<language>.dataflow.TaintTracking`` instead of ``semmle.code.<language>.dataflow.DataFlow``, and instead of using ``localFlow``, we use ``localTaint``.
- `Java taint-tracking library <https://help.semmle.com/qldoc/java/semmle/code/java/dataflow/TaintTracking.qll/module.TaintTracking.html>`__
- `C/C++ taint-tracking library <https://help.semmle.com/qldoc/cpp/semmle/code/cpp/dataflow/TaintTracking.qll/module.TaintTracking.html>`__
- `C# taint-tracking library <https://help.semmle.com/qldoc/csharp/semmle/code/csharp/dataflow/TaintTracking.qll/module.TaintTracking.html>`__
- `Java taint-tracking library <https://codeql.github.com/codeql-standard-libraries/java/semmle/code/java/dataflow/TaintTracking.qll/module.TaintTracking.html>`__
- `C/C++ taint-tracking library <https://codeql.github.com/codeql-standard-libraries/cpp/semmle/code/cpp/dataflow/TaintTracking.qll/module.TaintTracking.html>`__
- `C# taint-tracking library <https://codeql.github.com/codeql-standard-libraries/csharp/semmle/code/csharp/dataflow/TaintTracking.qll/module.TaintTracking.html>`__

6
docs/codeql/reusables/advanced-query-execution.rst
View File

@@ -4,15 +4,15 @@
<including-query-metadata>`. You can also execute queries using the following
plumbing-level subcommands:
- `database run-queries <../codeql-cli-manual/database-run-queries.html>`__, which
- `database run-queries <../manual/database-run-queries>`__, which
outputs non-interpreted results in an intermediate binary format called
:ref:`BQRS <bqrs-file>`.
- `query run <../codeql-cli-manual/query-run.html>`__, which will output BQRS files, or print
- `query run <../manual/query-run>`__, which will output BQRS files, or print
results tables directly to the command line. Viewing results directly in
the command line may be useful for iterative query development using the CLI.
Queries run with these commands don't have the same metadata requirements.
However, to save human-readable data you have to process each BQRS results
file using the `bqrs decode <../codeql-cli-manual/bqrs-decode.html>`__ plumbing
file using the `bqrs decode <../manual/bqrs-decode>`__ plumbing
subcommand. Therefore, for most use cases it's easiest to use ``database
analyze`` to directly generate interpreted results.

2
docs/codeql/reusables/cpp-further-reading.rst
View File

@@ -1,4 +1,4 @@
- `CodeQL queries for C and C++ <https://github.com/github/codeql/tree/main/cpp/ql/src>`__
- `Example queries for C and C++ <https://github.com/github/codeql/tree/main/cpp/ql/examples>`__
- `CodeQL library reference for C and C++ <https://help.semmle.com/qldoc/cpp/>`__
- `CodeQL library reference for C and C++ <https://codeql.github.com/codeql-standard-libraries/cpp/>`__

2
docs/codeql/reusables/csharp-further-reading.rst
View File

@@ -1,4 +1,4 @@
- `CodeQL queries for C# <https://github.com/github/codeql/tree/main/csharp/ql/src>`__
- `Example queries for C# <https://github.com/github/codeql/tree/main/csharp/ql/examples>`__
- `CodeQL library reference for C# <https://help.semmle.com/qldoc/csharp/>`__
- `CodeQL library reference for C# <https://codeql.github.com/codeql-standard-libraries/csharp/>`__

2
docs/codeql/reusables/go-further-reading.rst
View File

@@ -1,3 +1,3 @@
- `CodeQL queries for Go <https://github.com/github/codeql-go/tree/main/ql/src>`__
- `Example queries for Go <https://github.com/github/codeql-go/tree/main/ql/examples>`__
- `CodeQL library reference for Go <https://help.semmle.com/qldoc/go/>`__
- `CodeQL library reference for Go <https://codeql.github.com/codeql-standard-libraries/go/>`__

2
docs/codeql/reusables/java-further-reading.rst
View File

@@ -1,4 +1,4 @@
- `CodeQL queries for Java <https://github.com/github/codeql/tree/main/java/ql/src>`__
- `Example queries for Java <https://github.com/github/codeql/tree/main/java/ql/examples>`__
- `CodeQL library reference for Java <https://help.semmle.com/qldoc/java/>`__
- `CodeQL library reference for Java <https://codeql.github.com/codeql-standard-libraries/java/>`__

2
docs/codeql/reusables/javascript-further-reading.rst
View File

@@ -1,3 +1,3 @@
- `CodeQL queries for JavaScript <https://github.com/github/codeql/tree/main/javascript/ql/src>`__
- `Example queries for JavaScript <https://github.com/github/codeql/tree/main/javascript/ql/examples>`__
- `CodeQL library reference for JavaScript <https://help.semmle.com/qldoc/javascript/>`__
- `CodeQL library reference for JavaScript <https://codeql.github.com/codeql-standard-libraries/javascript/>`__

2
docs/codeql/reusables/python-further-reading.rst
View File

@@ -1,4 +1,4 @@
- `CodeQL queries for Python <https://github.com/github/codeql/tree/main/python/ql/src>`__
- `Example queries for Python <https://github.com/github/codeql/tree/main/python/ql/examples>`__
- `CodeQL library reference for Python <https://help.semmle.com/qldoc/python/>`__
- `CodeQL library reference for Python <https://codeql.github.com/codeql-standard-libraries/python/>`__

2
docs/codeql/writing-codeql-queries/about-data-flow-analysis.rst
View File

@@ -67,7 +67,7 @@ To overcome these potential problems, two kinds of data flow are modeled in the
- Global data flow, effectively considers the data flow within an entire program, by calculating data flow between functions and through object properties. Computing global data flow is typically more time and energy intensive than local data flow, therefore queries should be refined to look for more specific sources and sinks.
Many CodeQL queries contain examples of both local and global data flow analysis. See `the built-in queries <https://help.semmle.com/wiki/display/QL/Built-in+queries>`__ for details.
Many CodeQL queries contain examples of both local and global data flow analysis. For more information, see `CodeQL query help <https://codeql.github.com/codeql-query-help>`__.
Normal data flow vs taint tracking
**********************************

14
docs/codeql/writing-codeql-queries/creating-path-queries.rst
View File

@@ -34,13 +34,7 @@ For more language-specific information on analyzing data flow, see:
Path query examples
*******************
The easiest way to get started writing your own path query is to modify one of the existing queries. Visit the links below to see all the built-in path queries:
- `C/C++ path queries <https://help.semmle.com/wiki/label/CCPPOBJ/path-problem>`__
- `C# path queries <https://help.semmle.com/wiki/label/CSHARP/path-problem>`__
- `Java path queries <https://help.semmle.com/wiki/label/java/path-problem>`__
- `JavaScript path queries <https://help.semmle.com/wiki/label/js/path-problem>`__
- `Python path queries <https://help.semmle.com/wiki/label/python/path-problem>`__
The easiest way to get started writing your own path query is to modify one of the existing queries. For more information, see the `CodeQL query help <https://codeql.github.com/codeql-query-help>`__.
The Security Lab researchers have used path queries to find security vulnerabilities in various open source projects. To see articles describing how these queries were written, as well as other posts describing other aspects of security research such as exploiting vulnerabilities, see the `GitHub Security Lab website <https://securitylab.github.com/research>`__.
@@ -120,7 +114,7 @@ For Python, the ``Paths`` module contains the ``edges`` predicate::
import semmle.python.security.Paths
You can also import libraries specifically designed to implement data flow analysis in various common frameworks and environments, and many additional libraries are included with CodeQL. To see examples of the different libraries used in data flow analysis, see the links to the built-in queries above or browse the `standard libraries <https://help.semmle.com/QL/ql-libraries.html>`__.
You can also import libraries specifically designed to implement data flow analysis in various common frameworks and environments, and many additional libraries are included with CodeQL. To see examples of the different libraries used in data flow analysis, see the links to the built-in queries above or browse the `standard libraries <https://codeql.github.com/codeql-standard-libraries>`__.
For all languages, you can also optionally define a ``nodes`` query predicate, which specifies the nodes of the path graph that you are interested in. If ``nodes`` is defined, only edges with endpoints defined by these nodes are selected. If ``nodes`` is not defined, you select all possible endpoints of ``edges``.
@@ -133,7 +127,7 @@ You can also define your own ``edges`` predicate in the body of your query. It s
/** Logical conditions which hold if `(a,b)` is an edge in the data flow graph */
}
For more examples of how to define an ``edges`` predicate, visit the `standard CodeQL libraries <https://help.semmle.com/QL/ql-libraries.html>`__ and search for ``edges``.
For more examples of how to define an ``edges`` predicate, visit the `standard CodeQL libraries <https://codeql.github.com/codeql-standard-libraries>`__ and search for ``edges``.
Declaring sources and sinks
***************************
@@ -159,7 +153,7 @@ If you are querying Python code (and you have used ``import semmle.python.securi
from TaintedPathSource source, TaintedPathSink sink
You can extend your query by adding different sources and sinks by either defining them in the query, or by importing predefined sources and sinks for specific frameworks and libraries. See the `Python path queries <https://help.semmle.com/wiki/label/python/path-problem>`__ for further details.
You can extend your query by adding different sources and sinks by either defining them in the query, or by importing predefined sources and sinks for specific frameworks and libraries. For more information, see the `CodeQL query help for Python <https://codeql.github.com/codeql-query-help/python>`__.
Defining flow conditions
************************

2
docs/codeql/writing-codeql-queries/query-help-files.rst
View File

@@ -13,7 +13,7 @@ For more information about how to write useful query help in a style that is con
Note
You can access the query help for CodeQL queries by visiting the `Built-in query pages <https://help.semmle.com/wiki/display/QL/Built-in+queries>`__.
You can access the query help for CodeQL queries by visiting `CodeQL query help <https://codeql.github.com/codeql-query-help>`__.
You can also access the raw query help files in the `GitHub repository <https://github.com/github/codeql>`__.
For example, see the `JavaScript security queries <https://github.com/github/codeql/tree/main/javascript/ql/src/Security>`__ and `C/C++ critical queries <https://github.com/github/codeql/tree/main/cpp/ql/src/Critical>`__.