From 39f74d808be5cf89c48ec805212ff23121fce217 Mon Sep 17 00:00:00 2001 From: Asger F Date: Wed, 2 Jul 2025 12:01:48 +0200 Subject: [PATCH 1/5] JS: Add compileForOverlayEval --- javascript/ql/lib/qlpack.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 1ee1c8c78150..d8d53ef1c7ef 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -23,3 +23,4 @@ dataExtensions: - semmle/javascript/security/domains/**/*.model.yml - ext/*.model.yml warnOnImplicitThis: true +compileForOverlayEval: true From a5819a14bec6c7efba67743085c6b196d1ce1c90 Mon Sep 17 00:00:00 2001 From: Asger F Date: Fri, 12 Sep 2025 09:49:52 +0200 Subject: [PATCH 2/5] JS: Fix bad join order in getNextToken() --- javascript/ql/lib/semmle/javascript/Tokens.qll | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/javascript/ql/lib/semmle/javascript/Tokens.qll b/javascript/ql/lib/semmle/javascript/Tokens.qll index c6a9b05a3d1a..3d4e70d61498 100644 --- a/javascript/ql/lib/semmle/javascript/Tokens.qll +++ b/javascript/ql/lib/semmle/javascript/Tokens.qll @@ -4,6 +4,13 @@ import javascript +private predicate adjacentTokens(Token token1, Token token2) { + exists(TopLevel top, int index | + tokeninfo(token1, _, top, index, _) and + tokeninfo(token2, _, top, index + 1, _) + ) +} + /** * A token occurring in a piece of JavaScript source code. * @@ -27,10 +34,7 @@ class Token extends Locatable, @token { string getValue() { tokeninfo(this, _, _, _, result) } /** Gets the token following this token inside the same toplevel structure, if any. */ - Token getNextToken() { - this.getTopLevel() = result.getTopLevel() and - this.getIndex() + 1 = result.getIndex() - } + Token getNextToken() { adjacentTokens(this, result) } /** Gets the token preceding this token inside the same toplevel structure, if any. */ Token getPreviousToken() { result.getNextToken() = this } From 0acfacefbfd9fbf1d0230c09d51afa5143c86e81 Mon Sep 17 00:00:00 2001 From: Asger F Date: Mon, 27 Oct 2025 13:29:02 +0100 Subject: [PATCH 3/5] JS: Recursively delete source archive so emptiness detection works --- .../extractor/src/com/semmle/js/extractor/AutoBuild.java | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java b/javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java index f5e998398f52..8d00712b653b 100644 --- a/javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java +++ b/javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java @@ -498,12 +498,9 @@ public int run() throws IOException { // ensuring that the finalize steps detects that no code was seen. Path srcFolder = Paths.get(EnvironmentVariables.getWipDatabase(), "src"); try { - // Non-recursive delete because "src/" should be empty. - FileUtil8.delete(srcFolder); + FileUtil8.recursiveDelete(srcFolder); } catch (NoSuchFileException e) { Exceptions.ignore(e, "the directory did not exist"); - } catch (DirectoryNotEmptyException e) { - Exceptions.ignore(e, "just leave the directory if it is not empty"); } return 0; } From 1f7671cf5ebf3ba673fcc40a9fbe84b5f5650d0e Mon Sep 17 00:00:00 2001 From: Asger F Date: Mon, 27 Oct 2025 13:47:45 +0100 Subject: [PATCH 4/5] JS: Ensure integration test contains one valid file --- .../ql/integration-tests/diagnostics/syntax-error/good.js | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 javascript/ql/integration-tests/diagnostics/syntax-error/good.js diff --git a/javascript/ql/integration-tests/diagnostics/syntax-error/good.js b/javascript/ql/integration-tests/diagnostics/syntax-error/good.js new file mode 100644 index 000000000000..7b0bfcf5c25b --- /dev/null +++ b/javascript/ql/integration-tests/diagnostics/syntax-error/good.js @@ -0,0 +1,2 @@ +// Ensure at least one file without errors is included, as extraction fails otherwise. +console.log("Hello") From c583b480afe7c7e97a217abaa9e6c57c87bee4cd Mon Sep 17 00:00:00 2001 From: Asger F Date: Thu, 30 Oct 2025 13:42:31 +0100 Subject: [PATCH 5/5] JS: Add pragma[nomagic] just to be safe The DIL is unchanged --- javascript/ql/lib/semmle/javascript/Tokens.qll | 1 + 1 file changed, 1 insertion(+) diff --git a/javascript/ql/lib/semmle/javascript/Tokens.qll b/javascript/ql/lib/semmle/javascript/Tokens.qll index 3d4e70d61498..c9eeef69dfba 100644 --- a/javascript/ql/lib/semmle/javascript/Tokens.qll +++ b/javascript/ql/lib/semmle/javascript/Tokens.qll @@ -4,6 +4,7 @@ import javascript +pragma[nomagic] private predicate adjacentTokens(Token token1, Token token2) { exists(TopLevel top, int index | tokeninfo(token1, _, top, index, _) and