JS: Autoformat

2026-04-28 10:15:14 +02:00 · 2022-04-05 09:40:04 +02:00
parent 76ba78294f
commit 9fad4b883b
9 changed files with 17 additions and 23 deletions
--- a/javascript/ql/lib/semmle/javascript/frameworks/ClassValidator.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/ClassValidator.qll
@@ -39,7 +39,8 @@ module ClassValidator {

  /** Holds if the given field has a decorator that sanitizes its value for the purpose of taint tracking. */
  predicate isFieldSanitizedByDecorator(FieldDefinition field) {
-    field.getADecorator().getExpression().flow() = sanitizingDecorator().getReturn().getAValueReachableFromSource()
+    field.getADecorator().getExpression().flow() =
+      sanitizingDecorator().getReturn().getAValueReachableFromSource()
  }

  pragma[noinline]
--- a/javascript/ql/lib/semmle/javascript/frameworks/SQL.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/SQL.qll
@@ -440,7 +440,8 @@ private module MsSql {
    override TaggedTemplateExpr astNode;

    QueryTemplateExpr() {
-      mssql().getMember("query").getAValueReachableFromSource() = DataFlow::valueNode(astNode.getTag())
+      mssql().getMember("query").getAValueReachableFromSource() =
+        DataFlow::valueNode(astNode.getTag())
    }

    override DataFlow::Node getAResult() {
--- a/javascript/ql/lib/semmle/javascript/frameworks/TorrentLibraries.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/TorrentLibraries.qll
@@ -29,7 +29,9 @@ module ParseTorrent {
  }

  /** Gets a data flow node referring to a parsed torrent. */
-  DataFlow::SourceNode parsedTorrentRef() { result = any(ParsedTorrent t).asApiNode().getAValueReachableFromSource() }
+  DataFlow::SourceNode parsedTorrentRef() {
+    result = any(ParsedTorrent t).asApiNode().getAValueReachableFromSource()
+  }

  /**
   * An access to user-controlled torrent information.
--- a/javascript/ql/lib/semmle/javascript/frameworks/Vue.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/Vue.qll
@@ -700,11 +700,7 @@ module Vue {
              .getASource()
        or
        result =
-          router
-              .getParameter(0)
-              .getMember("scrollBehavior")
-              .getParameter([0, 1])
-              .getASource()
+          router.getParameter(0).getMember("scrollBehavior").getParameter([0, 1]).getASource()
      )
      or
      result = routeConfig().getMember("beforeEnter").getParameter([0, 1]).getASource()
--- a/javascript/ql/lib/semmle/javascript/frameworks/Vuex.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/Vuex.qll
@@ -88,7 +88,8 @@ module Vuex {
    pragma[noinline]
    string getNamespace() {
      getNumArgument() = 2 and
-      result = appendToNamespace(namespace, getParameter(0).getAValueReachingSink().getStringValue())
+      result =
+        appendToNamespace(namespace, getParameter(0).getAValueReachingSink().getStringValue())
      or
      getNumArgument() = 1 and
      result = namespace
@@ -303,9 +304,7 @@ module Vuex {
  }

  /** Gets a value that refers to the given access path of the state. */
-  DataFlow::Node stateMutationSucc(string path) {
-    result = stateRefByAccessPath(path).getASource()
-  }
+  DataFlow::Node stateMutationSucc(string path) { result = stateRefByAccessPath(path).getASource() }

  /** Holds if `pred -> succ` is a step from state mutation to state access. */
  predicate stateMutationStep(DataFlow::Node pred, DataFlow::Node succ) {
--- a/javascript/ql/lib/semmle/javascript/frameworks/XmlParsers.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/XmlParsers.qll
@@ -282,11 +282,7 @@ module XML {

    override DataFlow::Node getAResult() {
      result =
-        parser
-            .getReturn()
-            .getMember(any(string s | s.matches("on%")))
-            .getAParameter()
-            .getASource()
+        parser.getReturn().getMember(any(string s | s.matches("on%"))).getAParameter().getASource()
    }
  }

--- a/javascript/ql/lib/semmle/javascript/security/dataflow/MissingRateLimiting.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/MissingRateLimiting.qll
@@ -152,9 +152,7 @@ abstract class RateLimitingMiddleware extends DataFlow::SourceNode {
 * A rate limiter constructed using the `express-rate-limit` package.
 */
 class ExpressRateLimit extends RateLimitingMiddleware {
-  ExpressRateLimit() {
-    this = API::moduleImport("express-rate-limit").getReturn().getASource()
-  }
+  ExpressRateLimit() { this = API::moduleImport("express-rate-limit").getReturn().getASource() }
 }

 /**
--- a/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll
@@ -208,8 +208,7 @@ module XssThroughDom {
        exists(API::Node useForm |
          useForm = API::moduleImport("react-hook-form").getMember("useForm").getReturn()
        |
-          this =
-            useForm.getMember("handleSubmit").getParameter(0).getParameter(0).getASource()
+          this = useForm.getMember("handleSubmit").getParameter(0).getParameter(0).getASource()
          or
          this = useForm.getMember("getValues").getACall()
        )
--- a/javascript/ql/test/library-tests/frameworks/Express/MiddlewareFlow.qll
+++ b/javascript/ql/test/library-tests/frameworks/Express/MiddlewareFlow.qll
@@ -1,3 +1,5 @@
 import javascript

-query DataFlow::Node dbUse() { result = API::moduleImport("@example/db").getInstance().getAValueReachableFromSource() }
+query DataFlow::Node dbUse() {
+  result = API::moduleImport("@example/db").getInstance().getAValueReachableFromSource()
+}