Merge pull request github#10253 from asgerf/js/type-defs-squashed

JS: Add generated typings to SQL models

Author: asgerf

javascript/ql/lib/change-notes/2022-09-06-type-defs-squashed.md

@@ -0,0 +1,6 @@
+---
+category: minorAnalysis
+---
+
+- Several of the SQL and NoSQL library models have improved, leading to more results for the `js/sql-injection` query,
+  and in some cases the `js/missing-rate-limiting` query.

javascript/ql/lib/javascript.qll

@@ -99,6 +99,7 @@ import semmle.javascript.frameworks.JWT
 import semmle.javascript.frameworks.Handlebars
 import semmle.javascript.frameworks.History
 import semmle.javascript.frameworks.Immutable
+import semmle.javascript.frameworks.ImportGeneratedModels
 import semmle.javascript.frameworks.Knex
 import semmle.javascript.frameworks.LazyCache
 import semmle.javascript.frameworks.LdapJS

javascript/ql/lib/semmle/javascript/frameworks/Credentials.qll

@@ -34,10 +34,19 @@ abstract class CredentialsNode extends DataFlow::Node {
   abstract string getCredentialsKind();
 }
 
+/** Companion module to the `CredentialsExpr` class. */
+module CredentialsExpr {
+  /** Normalizes a credentials kind, mapping `username` to `user name`. */
+  bindingset[kind]
+  string normalizeKind(string kind) {
+    if kind = "username" then result = "user name" else result = kind
+  }
+}
+
 private class CredentialsFromModel extends CredentialsNode {
   string kind;
 
   CredentialsFromModel() { this = ModelOutput::getASinkNode("credentials[" + kind + "]").asSink() }
 
-  override string getCredentialsKind() { result = kind }
+  override string getCredentialsKind() { result = CredentialsExpr::normalizeKind(kind) }
 }

javascript/ql/lib/semmle/javascript/frameworks/ImportGeneratedModels.qll

@@ -0,0 +1,12 @@
+/**
+ * Imports all generated models.
+ */
+
+private import minimongo.Model
+private import mongodb.Model
+private import mssql.Model
+private import mysql.Model
+private import pg.Model
+private import sequelize.Model
+private import spanner.Model
+private import sqlite3.Model