Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JS: use the class hierarchy from TypeScript in the callgraph #5694

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

JS: use the class hierarchy from TypeScript in the callgraph #5694

wants to merge 1 commit into from

Conversation

erik-krogh
Copy link
Contributor

@erik-krogh erik-krogh commented Apr 16, 2021
edited
Loading

Adds a taint-step for CVE-2020-27224.
From this call to this callee.

I'm trying to run an evaluation, but vscode keeps being weird.

In the vast majority of evaluations vscode times out on the new branch (but not always).
Some evaluations where vscode timed out: 1, 2, 3, 4, 5.

But here is an evaluation where vscode ran just fine.
I'm trying out another evaluation with the same SHAs, I expect vscode to time out.

Edit: I've figured something out. Some commits of vscode times out, and others do not.

But I just can't replicate it locally. It always runs fine locally.
I've tried both with a DB build by LGTM and a locally build DB.

If you ignore vscode, then there definitely is a performance regression on big TypeScript projects (mostly angular).
But that performance regression is due to there being more call-edges, and thus more flow.
The callgraph computation still runs plenty fast.
So I think the performance regression is acceptable.

Update. VSCode only timed out sometimes because extraction changed a lot depending on whether we used the latest TS version or not.
And with eveything the latest, VSCode still times out.

@erik-krogh erik-krogh added Awaiting evaluation Do not merge yet, this PR is waiting for an evaluation to finish no-change-note-required This PR does not need a change note labels Apr 16, 2021
@github-actions github-actions bot added the JS label Apr 16, 2021
@erik-krogh erik-krogh force-pushed the typedCall branch 5 times, most recently from 506abc0 to 51f4e01 Compare April 26, 2021 16:34
@erik-krogh erik-krogh force-pushed the typedCall branch 4 times, most recently from d39cd2f to 9d078d3 Compare April 29, 2021 07:52
@github-actions GitHub Actions
Copy link
Contributor

QHelp previews:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
Awaiting evaluation Do not merge yet, this PR is waiting for an evaluation to finish JS no-change-note-required This PR does not need a change note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@erik-krogh