DataFlow::moduleMember could not be able to cover all conditions
backcover7 opened this issue · comments
My test case is like the following
import * as vscode from 'vscode';
import TelemetryReporter from '@vscode/extension-telemetry';
// the application insights key (also known as instrumentation key)
const key = '<your key>';
// telemetry reporter
let reporter;
function activate(context: vscode.ExtensionContext) {
// create telemetry reporter on extension activation
reporter = new TelemetryReporter(key);
// ensure it gets properly disposed. Upon disposal the events will be flushed
context.subscriptions.push(reporter);
// send event any time after activation
reporter.sendTelemetryEvent('sampleEvent', { 'stringProp': 'some string' }, { 'numericMeasure': 123 });
}
I want to write a codeql query to match the method call sendTelemetryEvent()
However I could not be able to locate the TelemetryReporter
from the imported library using DataFlow::moduleMember
my ql file is like
import javascript
import DataFlow
select moduleMember("@vscode/extension-telemetry", "TelemetryReporter").getAnInstantiation().getAMemberCall("sendTelemetryEvent")
Hi @backcover7,
Thanks for your question. Is the code from the vscode
module part of your database?
Hi @jketema The code comes from the example code from the README.md file of this repo. https://github.com/microsoft/vscode-extension-telemetry
That doesn't really tell me enough. Does your database just contain that code snippet - in which case the behaviour is expected - or does it contain the code of the imported modules too?
My mistake. I tested it again. The correct query should be like the following
select moduleImport("@vscode/extension-telemetry").getAnInstantiation().getAMemberCall("sendTelemetryEvent")