dfatool
Advanced tools
Readme
dfatool.js(http://pissang.github.com/dfatool/) is a data flow analyze tool for javascript code runs on node.js.
The code analyze is based on Parser API AST, which you can generated with Esprima. And Escodegen is needed for the final output code regenerate.
npm install dfatool
Use Esprima to generate AST
var ast = esprima.parse(data, {
loc : true
});
Build scope for the program
var globalScope = dfatool.globalScope
dfatool.buildScope(ast, globalScope);
analyze the code
globalScope.initialize();
globalScope.derivation();
Get the variable defined in a specific scope
var variable = scope.getDefine("variableName");
Inference the variable's value in a specific position of program
var loc = {
line : 20,
column : 20
};
var value = variable.inference( scope.offsetLoc(loc) );
Inference the type(object,function,array,literal,expression)
var type = value.type
Read property of the value( support prototype chain look up)
var property = value.access("propName.propName");
If the value is an array
var elem = value.access(10);
If the value is an function, you can simulate an function call
var returnedVariable = value.execute(callExprAST, scope);
FAQs
JavaScript Data Flow Analyze Tool
The npm package dfatool receives a total of 1 weekly downloads. As such, dfatool popularity was classified as not popular.
We found that dfatool demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The US Justice Department has penalized two consulting firms $11.3 million for failing to meet cybersecurity requirements on federally funded projects, emphasizing strict enforcement to protect sensitive government data.
Security News
ua-parser-js is set to drop the MIT license and adopt a controversial dual AGPLv3 + PRO licensing model in its upcoming v2.0 release, raising significant concerns among developers and enterprise users.
Security News
Researchers recently demonstrated that the npm Registry is vulnerable to cache poisoning combined with DoS, posing significant risks for package availability.