refactor(probes): isFetch detect fetch re-assigment (#380)

clemgbld · web-flow · commit 99fd4fe674ce · 2025-07-04T13:30:06.000+02:00
diff --git a/.changeset/public-coats-give.md b/.changeset/public-coats-give.md
@@ -0,0 +1,5 @@
+---
+"@nodesecure/js-x-ray": minor
+---
+
+refactor(probes): isFetch detect fetch re-assigment
diff --git a/workspaces/js-x-ray/src/probes/isFetch.ts b/workspaces/js-x-ray/src/probes/isFetch.ts
@@ -6,11 +6,22 @@ import type { ESTree } from "meriyah";
 import { SourceFile } from "../SourceFile.js";
 
 function validateNode(
-  node: ESTree.Node
+  node: ESTree.Node,
+  { tracer }: SourceFile
 ): [boolean, any?] {
   const id = getCallExpressionIdentifier(node);
 
-  return [id === "fetch"];
+  if (id === null) {
+    return [false];
+  }
+
+  const data = tracer.getDataFromIdentifier(id);
+
+  return [data !== null && data.identifierOrMemberExpr === "fetch"];
+}
+
+function initialize(sourceFile: SourceFile) {
+  sourceFile.tracer.trace("fetch", { followConsecutiveAssignment: true });
 }
 
 function main(
@@ -23,6 +34,7 @@ function main(
 export default {
   name: "isFetch",
   validateNode,
+  initialize,
   main,
   breakOnMatch: false
 };
diff --git a/workspaces/js-x-ray/test/probes/isFetch.spec.ts b/workspaces/js-x-ray/test/probes/isFetch.spec.ts
@@ -12,3 +12,13 @@ test("it should detect native fetch", () => {
   assert.ok(flags.has("fetch"));
   assert.strictEqual(flags.size, 1);
 });
+
+test("it should detect a re-assigned native fetch", () => {
+  const code = `const fetchBis = fetch
+              await fetchBis(url);
+         `;
+  const { flags } = new AstAnalyser().analyse(code);
+
+  assert.ok(flags.has("fetch"));
+  assert.strictEqual(flags.size, 1);
+});

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +---
 +"@nodesecure/js-x-ray": minor
 +---
++
 +refactor(probes): isFetch detect fetch re-assigment