broaden which types are recognized by API-graphs

Author: erik-krogh

javascript/ql/src/semmle/javascript/ApiGraphs.qll

@@ -317,6 +317,8 @@ module API {
         tn.hasQualifiedName(moduleName, exportedName) and
         result = Impl::MkCanonicalNameUse(tn).(Node).getInstance()
       )
+      or
+      result = Impl::MkHasUnderlyingType(moduleName, exportedName)
     }
   }
 
@@ -413,6 +415,13 @@ module API {
         not n.isRoot() and
         isUsed(n)
       } or
+      /**
+       * An instance of a TypeScript type, identified by name of the type-annotation.
+       * This API node is exclusively used by `API::Node::ofType`.
+       */
+      MkHasUnderlyingType(string moduleName, string exportName) {
+        any(TypeAnnotation n).hasQualifiedName(moduleName, exportName)
+      } or
       MkSyntheticCallbackArg(DataFlow::Node src, int bound, DataFlow::InvokeNode nd) {
         trackUseNode(src, true, bound).flowsTo(nd.getCalleeNode())
       }
@@ -423,7 +432,8 @@ module API {
       MkModuleExport or MkClassInstance or MkAsyncFuncResult or MkDef or MkCanonicalNameDef or
           MkSyntheticCallbackArg;
 
-    class TUse = MkModuleUse or MkModuleImport or MkUse or MkCanonicalNameUse;
+    class TUse =
+      MkModuleUse or MkModuleImport or MkUse or MkCanonicalNameUse or MkHasUnderlyingType;
 
     private predicate hasSemantics(DataFlow::Node nd) { not nd.getTopLevel().isExterns() }
 
@@ -678,6 +688,12 @@ module API {
       nd = MkUse(ref)
       or
       exists(CanonicalName n | nd = MkCanonicalNameUse(n) | ref.asExpr() = n.getAnAccess())
+      or
+      exists(string moduleName, string exportsName |
+        nd = MkHasUnderlyingType(moduleName, exportsName)
+      |
+        ref.(DataFlow::SourceNode).hasUnderlyingType(moduleName, exportsName)
+      )
     }
 
     /** Holds if module `m` exports `rhs`. */

javascript/ql/src/semmle/javascript/frameworks/Puppeteer.qll

@@ -9,38 +9,22 @@ module Puppeteer {
    */
   private API::Node puppeteer() { result = API::moduleImport(["puppeteer", "puppeteer-core"]) }
 
-  private class BrowserTypeEntryPoint extends API::EntryPoint {
-    BrowserTypeEntryPoint() { this = "PuppeteerBrowserTypeEntryPoint" }
-
-    override DataFlow::SourceNode getAUse() { result.hasUnderlyingType("puppeteer", "Browser") }
-
-    override DataFlow::Node getARhs() { none() }
-  }
-
   /**
    * A reference to a `Browser` from puppeteer.
    */
   private API::Node browser() {
-    result = API::root().getASuccessor(any(BrowserTypeEntryPoint b))
+    result = API::Node::ofType("puppeteer", "Browser")
     or
     result = puppeteer().getMember(["launch", "connect"]).getReturn().getPromised()
     or
     result = [page(), context(), target()].getMember("browser").getReturn()
   }
 
-  private class PageTypeEntryPoint extends API::EntryPoint {
-    PageTypeEntryPoint() { this = "PuppeteerPageTypeEntryPoint" }
-
-    override DataFlow::SourceNode getAUse() { result.hasUnderlyingType("puppeteer", "Page") }
-
-    override DataFlow::Node getARhs() { none() }
-  }
-
   /**
    * A reference to a `Page` from puppeteer.
    */
   API::Node page() {
-    result = API::root().getASuccessor(any(PageTypeEntryPoint b))
+    result = API::Node::ofType("puppeteer", "Page")
     or
     result = [browser(), context()].getMember("newPage").getReturn().getPromised()
     or
@@ -49,19 +33,11 @@ module Puppeteer {
     result = target().getMember("page").getReturn().getPromised()
   }
 
-  private class TargetTypeEntryPoint extends API::EntryPoint {
-    TargetTypeEntryPoint() { this = "PuppeteerTargetTypeEntryPoint" }
-
-    override DataFlow::SourceNode getAUse() { result.hasUnderlyingType("puppeteer", "Target") }
-
-    override DataFlow::Node getARhs() { none() }
-  }
-
   /**
    * A reference to a `Target` from puppeteer.
    */
   private API::Node target() {
-    result = API::root().getASuccessor(any(TargetTypeEntryPoint b))
+    result = API::Node::ofType("puppeteer", "Target")
     or
     result = [page(), browser()].getMember("target").getReturn()
     or
@@ -70,21 +46,11 @@ module Puppeteer {
     result = target().getMember("opener").getReturn()
   }
 
-  private class ContextTypeEntryPoint extends API::EntryPoint {
-    ContextTypeEntryPoint() { this = "PuppeteerContextTypeEntryPoint" }
-
-    override DataFlow::SourceNode getAUse() {
-      result.hasUnderlyingType("puppeteer", "BrowserContext")
-    }
-
-    override DataFlow::Node getARhs() { none() }
-  }
-
   /**
    * A reference to a `BrowserContext` from puppeteer.
    */
   private API::Node context() {
-    result = API::root().getASuccessor(any(ContextTypeEntryPoint b))
+    result = API::Node::ofType("puppeteer", "BrowserContext")
     or
     result = [page(), target()].getMember("browserContext").getReturn()
     or