@@ -187,26 +187,36 @@ module API {
187187 InvokeNode getAnInvocation ( ) { result = this .getACall ( ) or result = this .getAnInstantiation ( ) }
188188
189189 /**
190- * Gets a data-flow node corresponding to the right-hand side of a definition of the API
191- * component represented by this node .
190+ * Get a data-flow node where this value leaves the current codebase and flows into an
191+ * external library (or in general, any external codebase) .
192192 *
193- * For example, in the assignment `exports.plusOne = (x) => x+1`, the function expression
194- * `(x) => x+1` is the right-hand side of the definition of the member `plusOne` of
195- * the enclosing module, and the expression `x+1` is the right-had side of the definition of
196- * its result.
193+ * Concretely, this is either an argument passed to a call to external code,
194+ * or the right-hand side of a property write on an object flows into such a call.
197195 *
198- * Note that for parameters, it is the arguments flowing into that parameter that count as
199- * right-hand sides of the definition, not the declaration of the parameter itself.
200- * Consequently, in `require('fs').readFileSync(file)`, `file` is the right-hand
201- * side of a definition of the first parameter of `readFileSync` from the `fs` module.
196+ * For example:
197+ * ```js
198+ * // 'x' is matched by API::moduleImport("foo").getParameter(0).getASink()
199+ * require('foo')(x);
200+ *
201+ * // 'x' is matched by API::moduleImport("foo").getParameter(0).getMember("prop").getASink()
202+ * require('foo')({
203+ * prop: x
204+ * });
205+ * ```
202206 */
203- DataFlow:: Node getARhs ( ) { Impl:: rhs ( this , result ) }
207+ DataFlow:: Node getASink ( ) { Impl:: rhs ( this , result ) }
204208
205209 /**
206210 * Gets a data-flow node that may interprocedurally flow to the right-hand side of a definition
207211 * of the API component represented by this node.
208212 */
209- DataFlow:: Node getAValueReachingRhs ( ) { result = Impl:: trackDefNode ( this .getARhs ( ) ) }
213+ DataFlow:: Node getAValueReachingSink ( ) { result = Impl:: trackDefNode ( this .getASink ( ) ) }
214+
215+ /** DEPRECATED. This predicate has been renamed to `getASink`. */
216+ deprecated DataFlow:: Node getARhs ( ) { result = this .getASink ( ) }
217+
218+ /** DEPRECATED. This predicate has been renamed to `getAValueReachingSink`. */
219+ deprecated DataFlow:: Node getAValueReachingRhs ( ) { result = this .getAValueReachingSink ( ) }
210220
211221 /**
212222 * Gets a node representing member `m` of this API component.
@@ -441,7 +451,7 @@ module API {
441451 * In other words, the value of a use of `that` may flow into the right-hand side of a
442452 * definition of this node.
443453 */
444- predicate refersTo ( Node that ) { this .getARhs ( ) = that .getAValueReachableFromSource ( ) }
454+ predicate refersTo ( Node that ) { this .getASink ( ) = that .getAValueReachableFromSource ( ) }
445455
446456 /**
447457 * Gets the data-flow node that gives rise to this node, if any.
@@ -1301,7 +1311,7 @@ module API {
13011311 * Gets an API node where a RHS of the node is the `i`th argument to this call.
13021312 */
13031313 pragma [ noinline]
1304- private Node getAParameterCandidate ( int i ) { result .getARhs ( ) = this .getArgument ( i ) }
1314+ private Node getAParameterCandidate ( int i ) { result .getASink ( ) = this .getArgument ( i ) }
13051315
13061316 /** Gets the API node for a parameter of this invocation. */
13071317 Node getAParameter ( ) { result = this .getParameter ( _) }
0 commit comments