mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
Merge pull request #15026 from egregius313/egregius313/java/dataflow/deprecate-old-dataflow-module-uses
Java: Deprecate or remove imports of dataflow library copies
This commit is contained in:
Edward Minnix III
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
* Imports of the old dataflow libraries (e.g. `semmle.code.java.dataflow.DataFlow2`) have been deprecated in the libraries under the `semmle.code.java.security` namespace.
|
||||
@@ -5,7 +5,8 @@
|
||||
import java
|
||||
import semmle.code.java.Maps
|
||||
import semmle.code.java.dataflow.DataFlow
|
||||
import semmle.code.java.dataflow.DataFlow2
|
||||
deprecated import semmle.code.java.dataflow.DataFlow2
|
||||
private import semmle.code.java.dataflow.DataFlow2
|
||||
|
||||
/**
|
||||
* The class `com.cedarsoftware.util.io.JsonReader`.
|
||||
|
||||
@@ -5,7 +5,6 @@
|
||||
import java
|
||||
import semmle.code.java.dataflow.ExternalFlow
|
||||
private import semmle.code.java.dataflow.DataFlow
|
||||
private import semmle.code.java.dataflow.DataFlow2
|
||||
private import semmle.code.java.security.SecurityTests
|
||||
|
||||
private class ExploitableStringLiteral extends StringLiteral {
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
import java
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.dataflow.DataFlow2
|
||||
deprecated import semmle.code.java.dataflow.DataFlow2
|
||||
import semmle.code.java.dataflow.TaintTracking
|
||||
import semmle.code.java.dataflow.TaintTracking3
|
||||
deprecated import semmle.code.java.dataflow.TaintTracking3
|
||||
import semmle.code.java.security.AndroidIntentRedirection
|
||||
|
||||
/**
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
import java
|
||||
import semmle.code.java.dataflow.DataFlow
|
||||
import semmle.code.java.dataflow.DataFlow3
|
||||
deprecated import semmle.code.java.dataflow.DataFlow3
|
||||
import semmle.code.java.security.CleartextStorageQuery
|
||||
|
||||
private class CookieCleartextStorageSink extends CleartextStorageSink {
|
||||
|
||||
@@ -1,9 +1,7 @@
|
||||
/** Provides classes and predicates to reason about cleartext storage vulnerabilities. */
|
||||
|
||||
import java
|
||||
private import semmle.code.java.dataflow.DataFlow4
|
||||
private import semmle.code.java.dataflow.TaintTracking
|
||||
private import semmle.code.java.dataflow.TaintTracking2
|
||||
private import semmle.code.java.security.SensitiveActions
|
||||
|
||||
/** A sink representing persistent storage that saves data in clear text. */
|
||||
|
||||
@@ -4,7 +4,8 @@
|
||||
|
||||
import java
|
||||
import semmle.code.java.dataflow.DataFlow
|
||||
import semmle.code.java.dataflow.DataFlow2
|
||||
deprecated import semmle.code.java.dataflow.DataFlow2
|
||||
private import semmle.code.java.dataflow.DataFlow2
|
||||
import HardcodedCredentials
|
||||
|
||||
/**
|
||||
|
||||
@@ -2,7 +2,8 @@
|
||||
|
||||
import java
|
||||
import semmle.code.java.dataflow.DataFlow
|
||||
import semmle.code.java.dataflow.DataFlow3
|
||||
deprecated import semmle.code.java.dataflow.DataFlow3
|
||||
private import semmle.code.java.dataflow.DataFlow3
|
||||
private import semmle.code.java.dataflow.RangeUtils
|
||||
|
||||
private module Frameworks {
|
||||
|
||||
@@ -24,7 +24,6 @@ import java
|
||||
import semmle.code.java.dataflow.FlowSteps
|
||||
import semmle.code.java.frameworks.Servlets
|
||||
import semmle.code.java.dataflow.TaintTracking
|
||||
import semmle.code.java.dataflow.TaintTracking2
|
||||
import MissingHttpOnlyFlow::PathGraph
|
||||
|
||||
/** Gets a regular expression for matching common names of sensitive cookies. */
|
||||
|
||||
Reference in New Issue
Block a user