From 2f256e272d38feabdfcf906bbb0207b99be170a7 Mon Sep 17 00:00:00 2001
From: tiferet <tiferet@github.com>
Date: Tue, 13 Dec 2022 12:09:32 -0800
Subject: [PATCH] Don't use sink-specific endpoint filters

---
 .../adaptivethreatmodeling/ATMConfig.qll             | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll
index 5532c8d4726..51d4e2d9e67 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll
+++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll
@@ -105,13 +105,11 @@ abstract class AtmConfig extends JS::TaintTracking::Configuration {
       // implies they're not sinks, rather than using only medium-confidence characteristics, by deleting the following
       // line.
       confidence < filter.highConfidence() and
-      (
-        // Exclude endpoints that have a characteristic that implies they're not sinks for _any_ sink type.
-        filter.hasImplications(any(NegativeType negative), true, confidence)
-        or
-        // Exclude endpoints that have a characteristic that implies they're not sinks for _this particular_ sink type.
-        filter.hasImplications(this.getASinkEndpointType(), false, confidence)
-      ) and
+      // Exclude endpoints that have a characteristic that implies they're not sinks for _any_ sink type.
+      filter.hasImplications(any(NegativeType negative), true, confidence) and
+      // or
+      // // Exclude endpoints that have a characteristic that implies they're not sinks for _this particular_ sink type.
+      // filter.hasImplications(this.getASinkEndpointType(), false, confidence)
       result = filter
     )
   }