Merge pull request #20360 from asgerf/js/remove-angularjs-string-special-case

JS: Remove special treatment of strings in AngularJS code

Author: asgerf

javascript/ql/lib/semmle/javascript/dataflow/Sources.qll

@@ -334,6 +334,7 @@ module SourceNode {
         astNode instanceof Templating::PipeRefExpr or
         astNode instanceof Templating::TemplateVarRefExpr or
         astNode instanceof StringLiteral or
+        astNode instanceof TemplateLiteral or
         astNode instanceof TypeAssertion or
         astNode instanceof SatisfiesExpr
       )

javascript/ql/lib/semmle/javascript/frameworks/AngularJS/AngularJSCore.qll

@@ -23,46 +23,6 @@ DataFlow::SourceNode angular() {
   result = DataFlow::moduleImport("angular")
 }
 
-/**
- * Holds if `tl` appears to be a top-level using the AngularJS library.
- *
- * Should not depend on the `SourceNode` class.
- */
-pragma[nomagic]
-private predicate isAngularTopLevel(TopLevel tl) {
-  exists(Import imprt |
-    imprt.getTopLevel() = tl and
-    imprt.getImportedPathString() = "angular"
-  )
-  or
-  exists(GlobalVarAccess global |
-    global.getName() = "angular" and
-    global.getTopLevel() = tl
-  )
-}
-
-/**
- * Holds if `s` is a string in a top-level using the AngularJS library.
- *
- * Should not depend on the `SourceNode` class.
- */
-pragma[nomagic]
-private predicate isAngularString(Expr s) {
-  isAngularTopLevel(s.getTopLevel()) and
-  (
-    s instanceof StringLiteral or
-    s instanceof TemplateLiteral
-  )
-}
-
-/**
- * String literals in Angular code are often used as identifiers or references, so we
- * want to track them.
- */
-private class TrackStringsInAngularCode extends DataFlow::SourceNode::Range, DataFlow::ValueNode {
-  TrackStringsInAngularCode() { isAngularString(astNode) }
-}
-
 /**
  * Holds if `m` is of the form `angular.module("name", ...)`.
  */

javascript/ql/test/library-tests/DataFlow/tests.expected

@@ -1564,8 +1564,10 @@ sources
 | tst.js:50:14:53:3 | () {\\n   ... et`\\n  } |
 | tst.js:50:14:53:3 | return of constructor of class A |
 | tst.js:51:5:51:13 | super(42) |
+| tst.js:57:1:57:9 | `x: ${x}` |
 | tst.js:58:1:58:3 | tag |
 | tst.js:58:1:58:13 | tag `x: ${x}` |
+| tst.js:58:5:58:13 | `x: ${x}` |
 | tst.js:61:1:61:5 | ::o.m |
 | tst.js:61:3:61:5 | o.m |
 | tst.js:62:1:62:4 | o::g |