JS: Mass promotion of queries to quality status

[Napalys]

This PR promotes multiple JavaScript queries by adding quality-related tags, clearly indicating their promotion to quality status.

Notes for reviewers:

• Copilot was heavily used during this process (with extensive supervision and manual verification).
• The following queries were intentionally not promoted as they seemed not relevant:
  • js/summary/lines-of-code
  • js/summary/lines-of-user-code
  • js/diagnostics/successfully-extracted-files
  • js/diagnostics/extraction-errors
• Skipped js/loop-iteration-skipped-due-to-shifting because it is currently being promoted in another pr JS: Promote js/loop-iteration-skipped-due-to-shifting to the Code Quality suite #19743

[Copilot]

Pull Request Overview

This PR promotes various JavaScript CodeQL queries to quality status by adding the @tags quality annotation and updating related tags, and updates the integration-tests suite to include all newly promoted queries.

• Bulk update: Added @tags quality and refined tag lists in Declarations, DOM, AngularJS, and other query modules.
• Test suite update: Extended javascript-code-quality.qls.expected to cover all newly promoted queries.

Reviewed Changes

Copilot reviewed 96 out of 96 changed files in this pull request and generated no comments.

File	Description
javascript/ql/src/Declarations/*	Added @tags quality and adjusted tags on declaration queries
javascript/ql/src/DOM/*	Added @tags quality and refined tags on DOM queries
javascript/ql/src/AngularJS/*	Added @tags quality and refined tags on AngularJS queries
javascript/ql/integration-tests/query-suite/javascript-code-quality.qls.expected	Updated expected suite list to include all promoted queries

Comments suppressed due to low confidence (1)

javascript/ql/src/DOM/PseudoEval.ql:11

• The CWE identifier was changed from cwe-676 to cwe-67, which appears incorrect. Please restore the correct identifier (e.g., external/cwe/cwe-676).

*       external/cwe/cwe-67

[owen-mc]

Part 1 - more review to follow. I got as far as javascript/ql/src/Expressions/UnclearOperatorPrecedence.qhelp

[owen-mc]

I think this should be correctness, because in the majority of cases it indicates a copy-paste error/typo, and the user will adjust the condition rather than deleting that branch. That's how we've tagged this query in go, which has the same query. And it matches how this query was tagged before this PR.

[Napalys]

It feels like a bit of a gray area. When you look at the top-level categories, you could make a case for either. Sometimes, duplicate conditions hint at a copy-paste mistake (which could affect correctness), but not always. To me, it felt more like this falls under for queries that detect patterns that make it harder for developers to make changes to the code rather than for queries that detect issues that affect whether the code will perform as expected during execution.

That’s why I ended up leaning more towards @tags maintainability and specifically @tags readability.

I actually debated between @tags useless-code and @tags readability, and I thought I’d get more comments here. 😄

But I really don’t mind changing it to correctness and reliability, we’ll probably change these tags quite a bit over time anyway, depending on feedback. :)

[owen-mc]

We agreed that when something matched maintainability and reliability we would choose reliability, since that is a higher priority for users.

I think we have far more correctness bugs than anything else because that's what users care about - an alert saying "you should change the name of this class" is annoying, but an alert saying "this code doesn't make a lot of sense, look again because there's probably a copy-paste error" is actually going to catch quite a few bugs.

If you don't mind changing it then I think you should, to be consistent with the other languages.

[owen-mc]

The phrasing of the qhelp is "This most likely indicates a copy-paste error where the first condition was copied and then not properly adjusted." which I think makes it clear that it was written expecting to find correctness problems.

[owen-mc]

Finished.

[Napalys]

Finished.

Thank you for the helpful feedback! 🙇
I truly believe we shouldn’t spend too much time debating tags (for queries where either could fit), as time is of the essence and it’s important to move swiftly. Of course, we also shouldn’t be negligent. If there are any tags you strongly disagree with, still please let me know.

[owen-mc]

Indeed, let's not spend too long debating tags.