from testlib import getSource, mySink, alias

x = getSource()

mySink(x)

mySink(foo=x) # OK

mySink(sinkName=x) # NOT OK

mySink(alias()) # NOT OK

mySink(alias().chain()) # NOT OK

mySink(alias().chain().chain()) # NOT OK

mySink(alias().chain().safeThing()) # OK

from testlib import Args

Args.arg0(one, two, three, four, five)

Args.arg1to3(one, two, three, four, five)

Args.lastarg(one, two, three, four, five)

Args.nonFist(first, second)

from testlib import Callbacks

Callbacks.first(lambda one, two, three, four, five: 0)

Callbacks.param1to3(lambda one, two, three, four, five: 0)

Callbacks.nonFirst(lambda first, second: 0)

from testlib import CallFilter

CallFilter.arityOne(one, two) # NO match

CallFilter.arityOne(one) # Match

CallFilter.twoOrMore(one) # NO match

CallFilter.twoOrMore(one, two) # Match

CallFilter.twoOrMore(one, two, three) # Match

from testlib import CommonTokens

async def async_func():

prom = CommonTokens.makePromise(1);

val = await prom

inst = CommonTokens.Class()

class SubClass (CommonTokens.Super):

pass

sub = SubClass()

class Sub2Class (CommonTokens.Class):

pass

sub2 = Sub2Class()

val = inst.foo()

from testlib import ArgPos

arg_pos = ArgPos(); val = arg_pos.self_thing(arg, named=2);

class SubClass (ArgPos.MyClass):

def foo(self, arg, named=2, otherName=3):

pass

def secondAndAfter(self, arg1, arg2, arg3, arg4, arg5):

pass

ArgPos.anyParam(arg1, arg2, name=namedThing)

ArgPos.anyNamed(arg4, arg5, name=secondNamed)

from testlib import Steps

mySink(Steps.preserveTaint(getSource())) # FLOW

mySink(Steps.preserveTaint("safe", getSource())) # NO FLOW

Steps.taintIntoCallback(

getSource(),

lambda x: mySink(x), # FLOW

lambda y: mySink(y), # FLOW

lambda z: mySink(z) # NO FLOW

)

mySink(Steps.preserveArgZeroAndTwo(getSource())) # FLOW

mySink(Steps.preserveArgZeroAndTwo("foo", getSource())) # NO FLOW

mySink(Steps.preserveArgZeroAndTwo("foo", "bar", getSource())) # FLOW

mySink(Steps.preserveAllButFirstArgument(getSource())) # NO FLOW

mySink(Steps.preserveAllButFirstArgument("foo", getSource())) # FLOW

mySink(Steps.preserveAllButFirstArgument("foo", "bar", getSource())) # FLOW

CallFilter.arityOne(one) # match

CallFilter.arityOne(one=one) # NO match

CallFilter.arityOne(one, two=two) # match - on both the named and positional arguments

CallFilter.arityOne(one=one, two=two) # NO match

from foo1.bar import baz1

baz1(baz1) # no match, and that's the point.

from foo2.bar import baz2

baz2(baz2) # match

class OtherSubClass (ArgPos.MyClass):

def otherSelfTest(self, arg, named=2, otherName=3): # test that Parameter[0] hits `arg`.

pass

def anyParam(self, param1, param2): # Parameter[any] matches all non-self parameters

pass

def anyNamed(self, name1, name2=2): # Parameter[any-named] matches all non-self named parameters

pass

import testlib as testlib

import testlib.nestedlib as testlib2

import otherlib as otherlib

testlib.fuzzyCall(getSource()) # NOT OK

testlib2.fuzzyCall(getSource()) # NOT OK

testlib.foo.bar.baz.fuzzyCall(getSource()) # NOT OK

testlib.foo().bar().fuzzyCall(getSource()) # NOT OK

testlib.foo(lambda x: x.fuzzyCall(getSource())) # NOT OK

otherlib.fuzzyCall(getSource()) # OK

# defining sources through content steps

# dictionaries

testlib.source_dict["key"].func() # source

testlib.source_dict["safe"].func() # not a source

lambda k: testlib.source_dict_any[k].func() # source

# TODO: implement support for lists

lambda i: testlib.source_list[i].func()

# TODO: implement support for tuples

testlib.source_tuple[0].func() # a source

testlib.source_tuple[1].func() # not a source