Skip to content
Type Analyzer for JavaScript
JavaScript HTML Java CSS
Find file
New pull request
Latest commit c2aae6f @amoeller amoeller added -determinacy option
Failed to load latest commit information.
.idea cumulative updates
.settings cumulative updates
lib cumulative updates
misc cumulative updates
src added -determinacy option
test added -determinacy option
.classpath cumulative updates
.gitignore cumulative updates
.project initial
.travis.yml cumulative updates
LICENSE initial added -determinacy option
TAJS.iml cumulative updates
build.xml cumulative updates initial

TAJS - Type Analyzer for JavaScript

Copyright 2009-2015 Aarhus University

TAJS is a dataflow analysis for JavaScript that infers type information and call graphs. The current version of the analysis contains a model of ECMAScript 3rd edition, including the standard library, and a partial model of the HTML DOM and browser API.

For research publications and other information about this tool see

How to build and run the tool

The simplest way to build TAJS is to run ant, which will build two jar files: dist/tajs.jar (which contains only TAJS itself) and dist/tajs-all.jar (which also includes the relevant extra libraries).

The jar files are also available for download at

You can now run the analysis as, for example:

java -jar dist/tajs-all.jar test/google/richards.js


java -jar dist/tajs-all.jar test/chromeexperiments/3ddemo.html

By default, TAJS outputs some information about its progress and eventually a list of type warnings and other messages.

Some of the available options (run TAJS without arguments to see the full list):

  • -callgraph - output call graph as text and in a file out/ (process with Graphviz dot)

  • -collect-variable-info - output type and line information about all variables

  • -debug - output extensive internal information during the analysis

  • -flowgraph - output the initial and final flow graphs (TAJS's intermediate representation) as text and to out/flowgraphs/ (in Graphviz dot format, with a file for each function and for the complete program)

  • -low-severity - enable many more type warnings

  • -quiet - only print results, not information about analysis progress

  • -states - output intermediate abstract states during the analysis

  • -uneval - enable the Unevalizer for on-the-fly translation of eval calls, as described in 'Remedying the Eval that Men Do', ISSTA 2012

  • -determinacy - enable the techniques described in 'Determinacy in Static Analysis of jQuery', OOPSLA 2014

Note that the analysis produces lots of addition information that is not output by default. If you want full access to the abstract states and call graphs, as a starting point see the source code for dk.brics.tajs.Main. The javadoc for TAJS is available at

Special built-in functions

TAJS recognizes a few special built-in functions (defined as properties of the global object) to support debugging and testing of the tool, including:

  • TAJS_dumpValue(exp) - report the abstract value of expression exp after analysis has completed

  • TAJS_dumpObject(obj) - report the properties of the abstract object obj after analysis has completed

  • TAJS_dumpState() - report the abstract state at this program point after analysis has completed

  • TAJS_assert(value) - tests that value is true, failure will result in an AssertionError.

  • TAJS_assert(value, predicate, expectedResult) - a generalized version of the single-argument TAJS_assert, supports disjunctions of the predicate methods in E.g. to check that a value is either a single concrete string or some unsigned integer:

    • TAJS_assert(myValue, 'isMaybeSingleStr || isMaybeNumUInt', true)

Running regression tests

The directory test contains a collection of tests that can be executed by running dk.brics.tajs.test.RunFast with JUnit from Eclipse/IntelliJ or with ant test from the command-line. (A more thorough but slower test is located in dk.brics.tajs.test.RunAll.)

Package dependencies

This diagram shows the main package dependencies:

package dependencies

Modifications of the source code should avoid introducing upwards dependencies in this diagram.


The following people have contributed to the source code:

  • Anders Møller
  • Simon Holm Jensen
  • Peter Thiemann
  • Magnus Madsen
  • Matthias Diehn Ingesman
  • Peter Jonsson
  • Esben Andreasen

This software includes components from:

Something went wrong with that request. Please try again.