From 66f733d7988cc0d42b319460806edf12fbf38d23 Mon Sep 17 00:00:00 2001
From: Sauyon Lee <sauyon@github.com>
Date: Fri, 12 Jun 2020 09:16:41 -0700
Subject: [PATCH] Use allow or allowlist instead of whitelist

---
 ql/src/RedundantCode/CompareIdenticalValues.ql           | 4 ++--
 ql/src/RedundantCode/UnreachableStatement.ql             | 4 ++--
 ql/src/Security/CWE-022/TaintedPath.qhelp                | 2 +-
 ql/src/Security/CWE-798/HardcodedCredentials.ql          | 4 ++--
 ql/src/experimental/CWE-807/SensitiveConditionBypass.qll | 2 +-
 ql/src/semmle/go/Scopes.qll                              | 2 +-
 6 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/ql/src/RedundantCode/CompareIdenticalValues.ql b/ql/src/RedundantCode/CompareIdenticalValues.ql
index 4f63b222018..d2703d8f58c 100644
--- a/ql/src/RedundantCode/CompareIdenticalValues.ql
+++ b/ql/src/RedundantCode/CompareIdenticalValues.ql
@@ -17,9 +17,9 @@ from ComparisonExpr cmp, Expr l
 where
   l = cmp.getLeftOperand() and
   l.getGlobalValueNumber() = cmp.getRightOperand().getGlobalValueNumber() and
-  // whitelist floats, where self-comparison may be used for NaN checks
+  // allow floats, where self-comparison may be used for NaN checks
   not l.getType().getUnderlyingType() instanceof FloatType and
-  // whitelist comparisons of symbolic constants to literal constants; these are often feature flags
+  // allow comparisons of symbolic constants to literal constants; these are often feature flags
   not exists(DeclaredConstant decl |
     cmp.getAnOperand() = decl.getAReference() and
     cmp.getAnOperand() instanceof BasicLit
diff --git a/ql/src/RedundantCode/UnreachableStatement.ql b/ql/src/RedundantCode/UnreachableStatement.ql
index 639fafa6d7a..4164d8be236 100644
--- a/ql/src/RedundantCode/UnreachableStatement.ql
+++ b/ql/src/RedundantCode/UnreachableStatement.ql
@@ -21,7 +21,7 @@ ControlFlow::Node nonGuardPredecessor(ControlFlow::Node nd) {
   )
 }
 
-predicate whitelist(Stmt s) {
+predicate allowlist(Stmt s) {
   // `panic("unreachable")` and similar
   exists(CallExpr ce | ce = s.(ExprStmt).getExpr() or ce = s.(ReturnStmt).getExpr() |
     ce.getTarget().mustPanic() or ce.getCalleeName().toLowerCase() = "error"
@@ -49,5 +49,5 @@ from Stmt s, ControlFlow::Node fst
 where
   fst = s.getFirstControlFlowNode() and
   not exists(nonGuardPredecessor(fst)) and
-  not whitelist(s)
+  not allowlist(s)
 select s, "This statement is unreachable."
diff --git a/ql/src/Security/CWE-022/TaintedPath.qhelp b/ql/src/Security/CWE-022/TaintedPath.qhelp
index 6004e9c358f..71af3e45c62 100644
--- a/ql/src/Security/CWE-022/TaintedPath.qhelp
+++ b/ql/src/Security/CWE-022/TaintedPath.qhelp
@@ -24,7 +24,7 @@ Ideally, follow these rules:
 <li>Do not allow directory separators such as "/" or "\" (depending on the file system).</li>
 <li>Do not rely on simply replacing problematic sequences such as "../". For example, after
 applying this filter to ".../...//", the resulting string would still be "../".</li>
-<li>Use a whitelist of known good patterns.</li>
+<li>Use an allowlist of known good patterns.</li>
 </ul>
 </recommendation>
 
diff --git a/ql/src/Security/CWE-798/HardcodedCredentials.ql b/ql/src/Security/CWE-798/HardcodedCredentials.ql
index 88625148c05..ca46b24ff80 100644
--- a/ql/src/Security/CWE-798/HardcodedCredentials.ql
+++ b/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -23,7 +23,7 @@ predicate isSensitive(DataFlow::Node sink, SensitiveExpr::Classification type) {
   exists(Write write, string name |
     write.getRhs() = sink and
     name = write.getLhs().getName() and
-    // whitelist obvious test password variables
+    // allow obvious test password variables
     not name.regexpMatch(HeuristicNames::notSensitive())
   |
     name.regexpMatch(HeuristicNames::maybeSensitive(type))
@@ -35,7 +35,7 @@ where
   exists(string val | val = source.getStringValue() and val != "" |
     isSensitive(sink, type) and
     DataFlow::localFlow(source, sink) and
-    // whitelist obvious dummy/test values
+    // allow obvious dummy/test values
     not PasswordHeuristics::isDummyPassword(val) and
     not sink.asExpr().(Ident).getName().regexpMatch(HeuristicNames::notSensitive())
   ) and
diff --git a/ql/src/experimental/CWE-807/SensitiveConditionBypass.qll b/ql/src/experimental/CWE-807/SensitiveConditionBypass.qll
index 065282b0531..1134580a59b 100644
--- a/ql/src/experimental/CWE-807/SensitiveConditionBypass.qll
+++ b/ql/src/experimental/CWE-807/SensitiveConditionBypass.qll
@@ -9,7 +9,7 @@ predicate isSensitive(DataFlow::Node sink, SensitiveExpr::Classification type) {
   exists(Write write, string name |
     write.getRhs() = sink and
     name = write.getLhs().getName() and
-    // whitelist obvious test password variables
+    // allow obvious test password variables
     not name.regexpMatch(HeuristicNames::notSensitive())
   |
     name.regexpMatch(HeuristicNames::maybeSensitive(type))
diff --git a/ql/src/semmle/go/Scopes.qll b/ql/src/semmle/go/Scopes.qll
index c9bf60e3ac4..4df20739839 100644
--- a/ql/src/semmle/go/Scopes.qll
+++ b/ql/src/semmle/go/Scopes.qll
@@ -507,7 +507,7 @@ class DeclaredFunction extends Function, DeclaredEntity, @declfunctionobject {
       body.mayHaveSideEffects()
       or
       // functions declared in files with build constraints may be defined differently
-      // for different platforms, so whitelist them to avoid false positives
+      // for different platforms, so allow them to avoid false positives
       body.getFile().hasBuildConstraints()
     )
   }