JS: Deprecate getUnknownMember() and replace its uses with getArrayElement()

Although they mean slightly different things, every single call site of getUnknownMember() just used it as a way to get array elements. Since there is no known use-case for the original meaning of getUnknownMember() I am deprecating it for now.
2026-04-26 01:05:15 +02:00 · 2025-03-14 13:14:50 +01:00
parent 4c1c0b79a6
commit ab74898bbb
9 changed files with 28 additions and 25 deletions
--- a/javascript/ql/src/experimental/Security/CWE-347/JWT.qll
+++ b/javascript/ql/src/experimental/Security/CWE-347/JWT.qll
@@ -7,7 +7,7 @@ DataFlow::Node unverifiedDecode() {
    verify
        .getParameter(2)
        .getMember("algorithms")
-        .getUnknownMember()
+        .getArrayElement()
        .asSink()
        .mayHaveStringValue("none") and
    result = verify.getParameter(0).asSink()
@@ -32,7 +32,7 @@ DataFlow::Node verifiedDecode() {
      not verify
          .getParameter(2)
          .getMember("algorithms")
-          .getUnknownMember()
+          .getArrayElement()
          .asSink()
          .mayHaveStringValue("none") or
      not exists(verify.getParameter(2).getMember("algorithms"))
--- a/javascript/ql/src/experimental/semmle/javascript/Execa.qll
+++ b/javascript/ql/src/experimental/semmle/javascript/Execa.qll
@@ -72,7 +72,7 @@ module Execa {
    override predicate isShellInterpreted(DataFlow::Node arg) {
      // if shell: true then first and second args are sinks
      // options can be third argument
-      arg = [this.getArgument(0), this.getParameter(1).getUnknownMember().asSink()] and
+      arg = [this.getArgument(0), this.getParameter(1).getArrayElement().asSink()] and
      isExecaShellEnable(this.getParameter(2))
      or
      // options can be second argument