From 72a1289ebaac28c229afec765245176340a89b45 Mon Sep 17 00:00:00 2001 From: Edward Minnix III Date: Sun, 3 Sep 2023 21:56:15 -0400 Subject: [PATCH] Rename class to `CredentialsSinkNode` to better align with naming convention Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com> --- .../2023-08-23-deprecated-sensitiveapi-predicates.md | 2 +- .../semmle/code/java/security/HardcodedCredentials.qll | 2 +- java/ql/lib/semmle/code/java/security/SensitiveApi.qll | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/java/ql/lib/change-notes/2023-08-23-deprecated-sensitiveapi-predicates.md b/java/ql/lib/change-notes/2023-08-23-deprecated-sensitiveapi-predicates.md index 8cd9524e151..8d6d8d4a10a 100644 --- a/java/ql/lib/change-notes/2023-08-23-deprecated-sensitiveapi-predicates.md +++ b/java/ql/lib/change-notes/2023-08-23-deprecated-sensitiveapi-predicates.md @@ -1,4 +1,4 @@ --- category: deprecated --- -* In `SensitiveApi.qll`, `javaApiCallablePasswordParam`, `javaApiCallableUsernameParam`, `javaApiCallableCryptoKeyParam`, and `otherApiCallableCredentialParam` predicates have been deprecated. They have been replaced with a new class `CredentialSinkNode` and its child classes `PasswordSink`, `UsernameSink`, and `CryptoKeySink`. +* In `SensitiveApi.qll`, `javaApiCallablePasswordParam`, `javaApiCallableUsernameParam`, `javaApiCallableCryptoKeyParam`, and `otherApiCallableCredentialParam` predicates have been deprecated. They have been replaced with a new class `CredentialsSinkNode` and its child classes `PasswordSink`, `UsernameSink`, and `CryptoKeySink`. diff --git a/java/ql/lib/semmle/code/java/security/HardcodedCredentials.qll b/java/ql/lib/semmle/code/java/security/HardcodedCredentials.qll index d3cfc4e33ef..0b373fa27f8 100644 --- a/java/ql/lib/semmle/code/java/security/HardcodedCredentials.qll +++ b/java/ql/lib/semmle/code/java/security/HardcodedCredentials.qll @@ -58,7 +58,7 @@ abstract class CredentialsSink extends Expr { * credentials. */ class CredentialsApiSink extends CredentialsSink { - CredentialsApiSink() { this = any(CredentialSinkNode csn).asExpr() } + CredentialsApiSink() { this = any(CredentialsSinkNode csn).asExpr() } } /** diff --git a/java/ql/lib/semmle/code/java/security/SensitiveApi.qll b/java/ql/lib/semmle/code/java/security/SensitiveApi.qll index d028f406f9c..e107c0ae738 100644 --- a/java/ql/lib/semmle/code/java/security/SensitiveApi.qll +++ b/java/ql/lib/semmle/code/java/security/SensitiveApi.qll @@ -9,26 +9,26 @@ private import semmle.code.java.dataflow.ExternalFlow /** * A node that represents the use of a credential. */ -abstract class CredentialSinkNode extends DataFlow::Node { } +abstract class CredentialsSinkNode extends DataFlow::Node { } /** * A node representing a password being passed to a method. */ -class PasswordSink extends CredentialSinkNode { +class PasswordSink extends CredentialsSinkNode { PasswordSink() { sinkNode(this, "credentials-password") } } /** * A node representing a username being passed to a method. */ -class UsernameSink extends CredentialSinkNode { +class UsernameSink extends CredentialsSinkNode { UsernameSink() { sinkNode(this, "credentials-username") } } /** * A node representing a cryptographic key being passed to a method. */ -class CryptoKeySink extends CredentialSinkNode { +class CryptoKeySink extends CredentialsSinkNode { CryptoKeySink() { sinkNode(this, "crypto-parameter") } }