Merge pull request #7679 from erik-krogh/ql-doc-style

Approved by esbena
2026-04-30 19:26:02 +02:00 · 2022-01-20 23:43:44 -08:00
parent 2287b6e549 5780161b2c
commit b02f1c87a1
18 changed files with 52 additions and 52 deletions
--- a/javascript/ql/src/Declarations/IneffectiveParameterType.ql
+++ b/javascript/ql/src/Declarations/IneffectiveParameterType.ql
@@ -22,7 +22,7 @@ predicate isCommonPredefinedTypeName(string name) {
 }

 /**
- * Any local type declaration, excluding imported names that are not explicitly used as types.
+ * A local type declaration, excluding imported names that are not explicitly used as types.
 */
 class DefiniteTypeDecl extends TypeDecl {
  DefiniteTypeDecl() {
--- a/javascript/ql/src/Expressions/ImplicitOperandConversion.ql
+++ b/javascript/ql/src/Expressions/ImplicitOperandConversion.ql
@@ -56,8 +56,8 @@ abstract class ImplicitConversionWithWhitelist extends ImplicitConversion {
 }

 /**
- * Property names in `in` expressions are converted to strings,
- * so they should be strings or numbers.
+ * A property name in an `in` expression that is converted to string,
+ * so it should be a string or number.
 */
 class PropertyNameConversion extends ImplicitConversionWithWhitelist {
  PropertyNameConversion() { this.asExpr() = parent.(InExpr).getLeftOperand() }
@@ -68,8 +68,8 @@ class PropertyNameConversion extends ImplicitConversionWithWhitelist {
 }

 /**
- * Property names in index expressions are converted to strings,
- * so they should be Booleans, strings or numbers.
+ * A property name in an index expression that is converted to string,
+ * so it should be Boolean, string or number.
 */
 class IndexExprConversion extends ImplicitConversionWithWhitelist {
  IndexExprConversion() { this.asExpr() = parent.(IndexExpr).getIndex() }
@@ -82,7 +82,7 @@ class IndexExprConversion extends ImplicitConversionWithWhitelist {
 }

 /**
- * Expressions that are interpreted as objects shouldn't be primitive values.
+ * An expression that is interpreted as an object, and therefore shouldn't be a primitive value.
 */
 class ObjectConversion extends ImplicitConversionWithWhitelist {
  ObjectConversion() {
@@ -107,8 +107,8 @@ class ConstructorConversion extends ImplicitConversionWithWhitelist {
 }

 /**
- * Operands of relational operators are converted to strings or numbers,
- * and hence should be strings, numbers or Dates.
+ * An operand of an relational comparison that is converted to string or number,
+ * and hence should be a string, number or Date.
 */
 class RelationalOperandConversion extends ImplicitConversionWithWhitelist {
  RelationalOperandConversion() { parent instanceof RelationalComparison }
@@ -121,8 +121,8 @@ class RelationalOperandConversion extends ImplicitConversionWithWhitelist {
 }

 /**
- * Operands of arithmetic and bitwise operations are converted to numbers,
- * so they should be Booleans, numbers or Dates.
+ * An operand of arithmetic and bitwise operations that is converted to a number,
+ * so it should be a Boolean, number or Date.
 */
 class NumericConversion extends ImplicitConversion {
  NumericConversion() {
@@ -156,7 +156,7 @@ abstract class NullOrUndefinedConversion extends ImplicitConversion {
 }

 /**
- * Operands of `+` or `+=` are converted to strings or numbers, and hence
+ * An operand of `+` or `+=` that is converted to string or number, and hence
 * should not be `null` or `undefined`.
 */
 class PlusConversion extends NullOrUndefinedConversion {
@@ -186,7 +186,7 @@ class PlusConversion extends NullOrUndefinedConversion {
 }

 /**
- * Template literal elements are converted to strings, and hence should not
+ * A template literal element that is converted to a string, and hence should not
 * be `null` or `undefined`.
 */
 class TemplateElementConversion extends NullOrUndefinedConversion {
--- a/javascript/ql/src/Security/CWE-915/PrototypePollutingFunction.ql
+++ b/javascript/ql/src/Security/CWE-915/PrototypePollutingFunction.ql
@@ -193,7 +193,7 @@ string unsafePropName() {
 }

 /**
- * Flow label representing an unsafe property name, or an object obtained
+ * A flow label representing an unsafe property name, or an object obtained
 * by using such a property in a dynamic read.
 */
 class UnsafePropLabel extends FlowLabel {
@@ -295,7 +295,7 @@ class PropNameTracking extends DataFlow::Configuration {
 }

 /**
- * Sanitizer guard of form `x === "__proto__"` or `x === "constructor"`.
+ * A sanitizer guard of form `x === "__proto__"` or `x === "constructor"`.
 */
 class DenyListEqualityGuard extends DataFlow::LabeledBarrierGuardNode, ValueNode {
  override EqualityTest astNode;
@@ -355,7 +355,7 @@ class HasOwnPropertyGuard extends DataFlow::BarrierGuardNode, CallNode {
 }

 /**
- * Sanitizer guard for `key in dst`.
+ * A sanitizer guard for `key in dst`.
 *
 * Since `"__proto__" in obj` and `"constructor" in obj` is true for most objects,
 * this is seen as a sanitizer for `key` in the false outcome.
@@ -374,7 +374,7 @@ class InExprGuard extends DataFlow::BarrierGuardNode, DataFlow::ValueNode {
 }

 /**
- * Sanitizer guard for `instanceof` expressions.
+ * A sanitizer guard for `instanceof` expressions.
 *
 * `Object.prototype instanceof X` is never true, so this blocks the `__proto__` label.
 *
--- a/javascript/ql/src/experimental/Security/CWE-094/UntrustedCheckout.ql
+++ b/javascript/ql/src/experimental/Security/CWE-094/UntrustedCheckout.ql
@@ -16,7 +16,7 @@ import javascript
 import experimental.semmle.javascript.Actions

 /**
- * Action step that doesn't contain `actor` or `label` check in `if:` or
+ * An action step that doesn't contain `actor` or `label` check in `if:` or
 * the check requires manual analysis.
 */
 class ProbableStep extends Actions::Step {
@@ -46,7 +46,7 @@ class ProbableStep extends Actions::Step {
 }

 /**
- * Action job that doesn't contain `actor` or `label` check in `if:` or
+ * An action job that doesn't contain `actor` or `label` check in `if:` or
 * the check requires manual analysis.
 */
 class ProbableJob extends Actions::Job {
@@ -76,7 +76,7 @@ class ProbableJob extends Actions::Job {
 }

 /**
- * Action step that doesn't contain `actor` or `label` check in `if:` or
+ * An action step that doesn't contain `actor` or `label` check in `if:` or
 */
 class ProbablePullRequestTarget extends Actions::On, Actions::MappingOrSequenceOrScalar {
  ProbablePullRequestTarget() {
--- a/javascript/ql/src/experimental/Security/CWE-918/SSRF.qll
+++ b/javascript/ql/src/experimental/Security/CWE-918/SSRF.qll
@@ -119,7 +119,7 @@ class TernaryOperatorSanitizerGuard extends TaintTracking::SanitizerGuardNode {
 }

 /**
- * Number.isInteger is a sanitizer guard because a number can't be used to exploit a SSRF.
+ * A call to Number.isInteger seen as a sanitizer guard because a number can't be used to exploit a SSRF.
 */
 class IntegerCheck extends TaintTracking::SanitizerGuardNode, DataFlow::CallNode {
  IntegerCheck() { this = DataFlow::globalVarRef("Number").getAMemberCall("isInteger") }
@@ -131,7 +131,7 @@ class IntegerCheck extends TaintTracking::SanitizerGuardNode, DataFlow::CallNode
 }

 /**
- * ValidatorCheck identifies if exists a call to validator's library methods.
+ * A call to validator's library methods.
 * validator is a library which has a variety of input-validation functions. We are interesed in
 * checking that source is a number (any type of number) or an alphanumeric value.
 */