Added chaining modeling for underscore.string package.

Author: Napalys

javascript/ql/lib/ext/underscore.string.model.yml

@@ -1,4 +1,12 @@
 extensions:
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: typeModel
+    data:
+      - ["'underscore.string'.Wrapper", "'underscore.string'", "ReturnValue"]
+      - ["'underscore.string'.Wrapper", "'underscore.string'.Wrapper", "Member[slugify,capitalize,decapitalize,clean,cleanDiacritics,swapCase,escapeHTML,unescapeHTML,wrap,dedent,reverse,pred,succ,titleize,camelize,classify,underscored,dasherize,humanize,trim,ltrim,rtrim,truncate,sprintf,strRight,strRightBack,strLeft,strLeftBack,stripTags,unquote,value].ReturnValue"]
+      - ["'underscore.string'.Wrapper", "'underscore.string'.Wrapper", "Member[insert,replaceAll,join,splice,prune,pad,lpad,rpad,repeat,surround,quote].ReturnValue"]
+
   - addsTo:
       pack: codeql/javascript-all
       extensible: summaryModel
@@ -10,3 +18,10 @@ extensions:
       - ["'underscore.string'", "Member[splice]", "Argument[0,3]", "ReturnValue", "taint"]
       - ["'underscore.string'", "Member[join]", "Argument[0..N-1]", "ReturnValue", "taint"]
       - ["'underscore.string'", "Member[surround,quote]", "Argument[0,1]", "ReturnValue", "taint"]
+      - ["'underscore.string'", "", "Argument[0]", "ReturnValue", "taint"]
+      - ["'underscore.string'.Wrapper", "Member[slugify,capitalize,decapitalize,clean,cleanDiacritics,swapCase,escapeHTML,unescapeHTML,wrap,dedent,reverse,pred,succ,titleize,camelize,classify,underscored,dasherize,humanize,trim,ltrim,rtrim,truncate,sprintf,strRight,strRightBack,strLeft,strLeftBack,stripTags,unquote,value]", "Argument[this]", "ReturnValue", "taint"]
+      - ["'underscore.string'.Wrapper", "Member[insert,replaceAll,join,splice,prune,pad,lpad,rpad,repeat,surround,quote]", "Argument[this]", "ReturnValue", "taint"]
+      - ["'underscore.string'.Wrapper", "Member[insert,replaceAll,prune,pad,lpad,rpad,repeat]", "Argument[1]", "ReturnValue", "taint"]
+      - ["'underscore.string'.Wrapper", "Member[surround,quote]", "Argument[0]", "ReturnValue", "taint"]
+      - ["'underscore.string'.Wrapper", "Member[splice]", "Argument[2]", "ReturnValue", "taint"]
+      - ["'underscore.string'.Wrapper", "Member[join]", "Argument[0..N-1]", "ReturnValue", "taint"]

javascript/ql/test/library-tests/TripleDot/underscore.string.js

@@ -88,13 +88,13 @@ function chaining() {
       .reverse().pred().succ().titleize().camelize().classify()
       .underscored().dasherize().humanize().trim().ltrim().rtrim()
       .truncate().sprintf().strRight().strRightBack()
-      .strLeft().strLeftBack().stripTags().unquote().value()); // $ MISSING: hasTaintFlow=s1
+      .strLeft().strLeftBack().stripTags().unquote().value()); // $ hasTaintFlow=s1
 
   sink(s(source("s2"))
       .insert(4, source("s3")).replaceAll("a", source("s4"))
       .join(",", source("s5")).splice(1, 2, source("s6"))
       .prune(1, source("s7")).pad(10, source("s8"), "right")
       .lpad(10, source("s9")).rpad(10, source("s10"))
       .repeat(3, source("s11")).surround(source("s12"))
-      .quote(source("s13")).value()); // $ MISSING: hasTaintFlow=s2 MISSING: hasTaintFlow=s3 MISSING: hasTaintFlow=s4 MISSING: hasTaintFlow=s5 MISSING: hasTaintFlow=s6 MISSING: hasTaintFlow=s7 MISSING: hasTaintFlow=s8 MISSING: hasTaintFlow=s9 MISSING: hasTaintFlow=s10 MISSING: hasTaintFlow=s11 MISSING: hasTaintFlow=s12 MISSING: hasTaintFlow=s13
+      .quote(source("s13")).value()); // $ hasTaintFlow=s2 hasTaintFlow=s3 hasTaintFlow=s4 hasTaintFlow=s5 hasTaintFlow=s6 hasTaintFlow=s7 hasTaintFlow=s8 hasTaintFlow=s9 hasTaintFlow=s10 hasTaintFlow=s11 hasTaintFlow=s12 hasTaintFlow=s13
 }