hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Explain why ObjetWrapperFlowLabel is deprecated

Browse Source
This commit is contained in:
Asger F
2024-03-13 11:08:25 +01:00
parent e0aae53ac7
commit b31f20a64e
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
javascript/ql/lib/semmle/javascript/security/dataflow/ExternalAPIUsedWithUntrustedDataQuery.qll
View File

@@ -39,7 +39,12 @@ module ExternalAPIUsedWithUntrustedDataConfig implements DataFlow::ConfigSig {
module ExternalAPIUsedWithUntrustedDataFlow =
TaintTracking::Global<ExternalAPIUsedWithUntrustedDataConfig>;
/** Flow label for objects from which a tainted value is reachable. */
/**
* Flow label for objects from which a tainted value is reachable.
*
* Only used by the legacy data-flow configuration, as the new data flow configuration
* uses `allowImplicitRead` to achieve this instead.
*/
deprecated private class ObjectWrapperFlowLabel extends DataFlow::FlowLabel {
ObjectWrapperFlowLabel() { this = "object-wrapper" }
}