Much of the code is now based on converting attributes and/or identifier nodes into strings to identify whether that string matches a suspicious call as part of a Rule.
However, the code needs to distinguish between a string representing an attribute/identifier and a true regular string.
To do this, a convenience utils class was added to detect true strings from tree-sitter node text. Luckily they appear different because they have extra quotes.
This should fix some critical false positive/negative cases where an identifier assignment was to a string and not a suspicious function.
Much of the code is now based on converting attributes and/or identifier nodes into strings to identify whether that string matches a suspicious call as part of a Rule.
However, the code needs to distinguish between a string representing an attribute/identifier and a true regular string.
To do this, a convenience utils class was added to detect true strings from tree-sitter node text. Luckily they appear different because they have extra quotes.
This should fix some critical false positive/negative cases where an identifier assignment was to a string and not a suspicious function.