Expand description
Module extraction types: exports, imports, re-exports, and member info. Module extraction types.
Structs§
- Class
Heritage Info - Additional heritage metadata for an exported class.
- Dynamic
Import Info - A dynamic
import()call. - Dynamic
Import Pattern - A dynamic import with a partially resolved pattern.
- Export
Info - An export declaration.
- FlagUse
- A feature flag use site.
- Function
Complexity - Complexity metrics for a single function/method/arrow.
- Import
Info - An import declaration.
- Local
Type Declaration - A module-scope declaration that can be used as a TypeScript type.
- Member
Access - A static member access expression (e.g.,
Status.Active,MyClass.create()). - Member
Info - A member of an enum, class, or namespace.
- Module
Info - Extracted module information from a single file.
- Namespace
Object Alias - One alias entry tying an exported object’s dotted property path to a namespace import.
- Parse
Result - Result of parsing all files, including incremental cache statistics.
- Public
Signature Type Reference - A reference from an exported symbol’s public signature to a type name.
- ReExport
Info - A re-export declaration.
- Require
Call Info - A
require()call. - Sanitized
Sink Arg - A captured sink argument that is itself a recognized sanitizer call.
- Sink
Site - A captured non-literal sink site. The visitor records EVERY call / member-assign / member-call / tagged-template / jsx-attr whose relevant argument is non-literal; it knows nothing about CWE categories. A fully-literal argument is never captured (conservative trigger).
- Tainted
Binding - A local binding tied to the flattened member-access path it was initialized
from. The analyze layer matches
source_pathagainst the data-driven source catalogue; when it matches,localis treated as carrying untrusted input.
Enums§
- Export
Name - Export identifier.
- Flag
UseKind - The kind of feature flag pattern detected.
- Imported
Name - How a symbol is imported.
- Member
Kind - The kind of member.
- Sanitizer
Scope - Sanitizer output domain. Kept intentionally narrow so a sanitizer for one domain cannot suppress a different sink family.
- Sink
ArgKind - The shape of the non-literal argument captured at a sink site. Category-blind
like
SinkShape, but finer-grained: it lets the catalogue matcher require or exclude specific argument shapes. The discriminator is what distinguishes an unsafe SQL string concatenation or template-into-.execute()from a safely-parameterizedsql`${x}`tagged template or an object-literal.execute({ sql, args })argument. - Sink
Shape - The syntactic shape of a captured security sink site. Category-blind: the
extractor records the shape and the dotted/bare callee path; the analyze
layer matches it against the data-driven catalogue. See
crates/core/data/security_matchers.toml. - Visibility
Tag - Visibility tag from JSDoc/TSDoc comments that suppresses unused-export detection.
Functions§
- byte_
offset_ to_ line_ col - Convert a byte offset to a 1-based line number and 0-based byte column.
- compute_
line_ offsets - Compute a table of line-start byte offsets from source text.