Merge branch 'main' into angular-sources-sinks

2026-04-26 01:05:15 +02:00 · 2025-01-03 16:38:48 +00:00
parent 0f64822356 b0062fc727
commit a23f4ee007
3175 changed files with 99591 additions and 18429 deletions
--- a/javascript/ql/lib/qlpack.yml
+++ b/javascript/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 2.2.0
+version: 2.2.1-dev
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript
--- a/javascript/ql/lib/semmle/javascript/internal/ConceptsShared.qll
+++ b/javascript/ql/lib/semmle/javascript/internal/ConceptsShared.qll
@@ -30,7 +30,7 @@ module Cryptography {
  class PasswordHashingAlgorithm = CryptoAlgorithms::PasswordHashingAlgorithm;

  /**
-   * A data-flow node that is an application of a cryptographic algorithm. For example,
+   * A data flow node that is an application of a cryptographic algorithm. For example,
   * encryption, decryption, signature-validation.
   *
   * Extend this class to refine existing API models. If you want to model new APIs,
@@ -40,7 +40,7 @@ module Cryptography {
    /** Gets the algorithm used, if it matches a known `CryptographicAlgorithm`. */
    CryptographicAlgorithm getAlgorithm() { result = super.getAlgorithm() }

-    /** Gets the data-flow node where the cryptographic algorithm used in this operation is configured. */
+    /** Gets the data flow node where the cryptographic algorithm used in this operation is configured. */
    DataFlow::Node getInitialization() { result = super.getInitialization() }

    /** Gets an input the algorithm is used on, for example the plain text input to be encrypted. */
@@ -61,14 +61,14 @@ module Cryptography {
  /** Provides classes for modeling new applications of a cryptographic algorithms. */
  module CryptographicOperation {
    /**
-     * A data-flow node that is an application of a cryptographic algorithm. For example,
+     * A data flow node that is an application of a cryptographic algorithm. For example,
     * encryption, decryption, signature-validation.
     *
     * Extend this class to model new APIs. If you want to refine existing API models,
     * extend `CryptographicOperation` instead.
     */
    abstract class Range extends DataFlow::Node {
-      /** Gets the data-flow node where the cryptographic algorithm used in this operation is configured. */
+      /** Gets the data flow node where the cryptographic algorithm used in this operation is configured. */
      abstract DataFlow::Node getInitialization();

      /** Gets the algorithm used, if it matches a known `CryptographicAlgorithm`. */
@@ -118,14 +118,14 @@ module Http {
  /** Provides classes for modeling HTTP clients. */
  module Client {
    /**
-     * A data-flow node that makes an outgoing HTTP request.
+     * A data flow node that makes an outgoing HTTP request.
     *
     * Extend this class to refine existing API models. If you want to model new APIs,
     * extend `Http::Client::Request::Range` instead.
     */
    class Request extends DataFlow::Node instanceof Request::Range {
      /**
-       * Gets a data-flow node that contributes to the URL of the request.
+       * Gets a data flow node that contributes to the URL of the request.
       * Depending on the framework, a request may have multiple nodes which contribute to the URL.
       */
      DataFlow::Node getAUrlPart() { result = super.getAUrlPart() }
@@ -150,14 +150,14 @@ module Http {
    /** Provides a class for modeling new HTTP requests. */
    module Request {
      /**
-       * A data-flow node that makes an outgoing HTTP request.
+       * A data flow node that makes an outgoing HTTP request.
       *
       * Extend this class to model new APIs. If you want to refine existing API models,
       * extend `Http::Client::Request` instead.
       */
      abstract class Range extends DataFlow::Node {
        /**
-         * Gets a data-flow node that contributes to the URL of the request.
+         * Gets a data flow node that contributes to the URL of the request.
         * Depending on the framework, a request may have multiple nodes which contribute to the URL.
         */
        abstract DataFlow::Node getAUrlPart();
--- a/javascript/ql/test/testUtilities/ConsistencyChecking.qll
+++ b/javascript/ql/test/testUtilities/ConsistencyChecking.qll
--- a/javascript/ql/test/testUtilities/InlineExpectationsTest.qll
+++ b/javascript/ql/test/testUtilities/InlineExpectationsTest.qll
--- a/javascript/ql/test/testUtilities/InlineExpectationsTestQuery.ql
+++ b/javascript/ql/test/testUtilities/InlineExpectationsTestQuery.ql
--- a/javascript/ql/test/testUtilities/internal/InlineExpectationsTestImpl.qll
+++ b/javascript/ql/test/testUtilities/internal/InlineExpectationsTestImpl.qll
--- a/javascript/ql/src/qlpack.yml
+++ b/javascript/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 1.2.5
+version: 1.2.6-dev
 groups:
  - javascript
  - queries
--- a/javascript/ql/test/library-tests/EndpointNaming/EndpointNaming.ql
+++ b/javascript/ql/test/library-tests/EndpointNaming/EndpointNaming.ql
@@ -2,7 +2,7 @@ import javascript
 import semmle.javascript.RestrictedLocations
 import semmle.javascript.Lines
 import semmle.javascript.endpoints.EndpointNaming as EndpointNaming
-import testUtilities.InlineExpectationsTest
+import utils.test.InlineExpectationsTest
 import EndpointNaming::Debug

 private predicate isIgnored(DataFlow::FunctionNode function) {
--- a/javascript/ql/test/library-tests/Generators/DataFlow.ql
+++ b/javascript/ql/test/library-tests/Generators/DataFlow.ql
@@ -1,5 +1,5 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking

 class GeneratorFlowConfig extends DataFlow::Configuration {
  GeneratorFlowConfig() { this = "GeneratorFlowConfig" }
--- a/javascript/ql/test/library-tests/Routing/test.ql
+++ b/javascript/ql/test/library-tests/Routing/test.ql
@@ -1,5 +1,5 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking

 API::Node testInstance() { result = API::moduleImport("@example/test").getInstance() }

--- a/javascript/ql/test/library-tests/Security/heuristics/HeuristicSource.ql
+++ b/javascript/ql/test/library-tests/Security/heuristics/HeuristicSource.ql
@@ -1,6 +1,6 @@
 import javascript
 private import semmle.javascript.heuristics.AdditionalSources
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking

 class Taint extends TaintTracking::Configuration {
  Taint() { this = "Taint" }
--- a/javascript/ql/test/library-tests/frameworks/Nest/Consistency.ql
+++ b/javascript/ql/test/library-tests/frameworks/Nest/Consistency.ql
@@ -1,3 +1,3 @@
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
 import semmle.javascript.security.dataflow.ReflectedXssQuery as ReflectedXss
 import semmle.javascript.security.dataflow.ServerSideUrlRedirectQuery as ServerSideUrlRedirect
--- a/javascript/ql/test/library-tests/frameworks/Vuex/test.ql
+++ b/javascript/ql/test/library-tests/frameworks/Vuex/test.ql
@@ -1,5 +1,5 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking

 class BasicTaint extends TaintTracking::Configuration {
  BasicTaint() { this = "BasicTaint" }
--- a/javascript/ql/test/library-tests/frameworks/data/test.ql
+++ b/javascript/ql/test/library-tests/frameworks/data/test.ql
@@ -1,5 +1,5 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
 import semmle.javascript.frameworks.data.internal.ApiGraphModels as ApiGraphModels

 class TypeModelFromCodeQL extends ModelInput::TypeModel {
--- a/javascript/ql/test/library-tests/threat-models/sources/TestSources.ql
+++ b/javascript/ql/test/library-tests/threat-models/sources/TestSources.ql
@@ -1,5 +1,5 @@
 import javascript
-import testUtilities.InlineExpectationsTest
+import utils.test.InlineExpectationsTest

 class TestSourcesConfiguration extends TaintTracking::Configuration {
  TestSourcesConfiguration() { this = "TestSources" }
--- a/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/Consistency.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/Consistency.ql
@@ -1,3 +1,3 @@
 import javascript
 import semmle.javascript.security.dataflow.TaintedPathQuery
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
--- a/javascript/ql/test/query-tests/Security/CWE-073/Consistency.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-073/Consistency.ql
@@ -1,3 +1,3 @@
 import javascript
 import semmle.javascript.security.dataflow.TemplateObjectInjectionQuery
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
--- a/javascript/ql/test/query-tests/Security/CWE-078/Consistency.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-078/Consistency.ql
@@ -1,5 +1,5 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
 import semmle.javascript.security.dataflow.CommandInjectionQuery as CommandInjection
 import semmle.javascript.security.dataflow.IndirectCommandInjectionQuery as IndirectCommandInjection
 import semmle.javascript.security.dataflow.ShellCommandInjectionFromEnvironmentQuery as ShellCommandInjectionFromEnvironment
--- a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/ConsistencyDomBasedXss.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/ConsistencyDomBasedXss.ql
@@ -1,3 +1,3 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
 import semmle.javascript.security.dataflow.DomBasedXssQuery as DomXss
--- a/javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/ConsistencyExceptionXss.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/ConsistencyExceptionXss.ql
@@ -1,3 +1,3 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
 import semmle.javascript.security.dataflow.ExceptionXssQuery as ExceptionXss
--- a/javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/ConsistencyReflectedXss.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/ConsistencyReflectedXss.ql
@@ -1,3 +1,3 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
 import semmle.javascript.security.dataflow.ReflectedXssQuery as ReflectedXss
--- a/javascript/ql/test/query-tests/Security/CWE-079/StoredXss/ConsistencyStoredXss.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-079/StoredXss/ConsistencyStoredXss.ql
@@ -1,3 +1,3 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
 import semmle.javascript.security.dataflow.StoredXssQuery as StoredXss
--- a/javascript/ql/test/query-tests/Security/CWE-079/UnsafeHtmlConstruction/ConsistencyUnsafeHtmlConstruction.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-079/UnsafeHtmlConstruction/ConsistencyUnsafeHtmlConstruction.ql
@@ -1,3 +1,3 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
 import semmle.javascript.security.dataflow.UnsafeHtmlConstructionQuery as UnsafeHtmlConstruction
--- a/javascript/ql/test/query-tests/Security/CWE-079/UnsafeJQueryPlugin/ConsistencyUnsafeJQueryPlugin.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-079/UnsafeJQueryPlugin/ConsistencyUnsafeJQueryPlugin.ql
@@ -1,3 +1,3 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
 import semmle.javascript.security.dataflow.UnsafeJQueryPluginQuery as UnsafeJqueryPlugin
--- a/javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/ConsistencyXssThroughDom.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/ConsistencyXssThroughDom.ql
@@ -1,3 +1,3 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
 import semmle.javascript.security.dataflow.XssThroughDomQuery as ThroughDomXss
--- a/javascript/ql/test/query-tests/Security/CWE-089/untyped/Consistency.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-089/untyped/Consistency.ql
@@ -1,4 +1,4 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
 import semmle.javascript.security.dataflow.SqlInjectionQuery as SqlInjection
 import semmle.javascript.security.dataflow.NosqlInjectionQuery as NosqlInjection
--- a/javascript/ql/test/query-tests/Security/CWE-502/Consistency.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-502/Consistency.ql
@@ -1,3 +1,3 @@
 import javascript
 import semmle.javascript.security.dataflow.UnsafeDeserializationQuery
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
--- a/javascript/ql/test/query-tests/Security/CWE-611/Xxe.qlref
+++ b/javascript/ql/test/query-tests/Security/CWE-611/Xxe.qlref
@@ -1,2 +1,2 @@
 query: Security/CWE-611/Xxe.ql
-postprocess: testUtilities/InlineExpectationsTestQuery.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/javascript/ql/test/query-tests/Security/CWE-770/ResourceExhaustion/Consistency.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-770/ResourceExhaustion/Consistency.ql
@@ -1,3 +1,3 @@
 import javascript
 import semmle.javascript.security.dataflow.ResourceExhaustionQuery
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
--- a/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingAssignment/Consistency.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingAssignment/Consistency.ql
@@ -1,5 +1,5 @@
 import javascript
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking
 import semmle.javascript.security.dataflow.PrototypePollutingAssignmentQuery

 class Config extends ConsistencyConfiguration, Configuration {
--- a/javascript/ql/test/query-tests/Security/CWE-918/Consistency.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-918/Consistency.ql
@@ -1,7 +1,7 @@
 import javascript
 import semmle.javascript.security.dataflow.RequestForgeryQuery as RequestForgery
 import semmle.javascript.security.dataflow.ClientSideRequestForgeryQuery as ClientSideRequestForgery
-import testUtilities.ConsistencyChecking
+import utils.test.ConsistencyChecking

 query predicate resultInWrongFile(DataFlow::Node node) {
  exists(DataFlow::Configuration cfg, string filePattern |