Update javascript/ql/src/semmle/javascript/security/dataflow/IndirectCommandInjectionCustomizations.qll

Co-authored-by: Esben Sparre Andreasen <esbena@github.com>

javascript/ql/src/semmle/javascript/security/dataflow/IndirectCommandInjectionCustomizations.qll

@@ -53,7 +53,7 @@ module IndirectCommandInjection {
       // `require("arg")({...spec})` => `{_: [], a: ..., b: ...}`
       this = DataFlow::moduleImport("arg").getACall()
       or
-      // https://www.npmjs.com/package/argparse
+      // `(new (require(argparse)).ArgumentParser({...spec})).parse_args()` => `{a: ..., b: ...}`
       this =
         API::moduleImport("argparse")
             .getMember("ArgumentParser")