JavaScript: Autoformat.

2026-01-25 04:12:58 +01:00 · 2019-09-06 09:04:51 +02:00
parent 343230402a
commit ca45fb5a60
134 changed files with 396 additions and 764 deletions
--- a/javascript/ql/src/Security/CWE-020/IncorrectSuffixCheck.ql
+++ b/javascript/ql/src/Security/CWE-020/IncorrectSuffixCheck.ql
@@ -109,7 +109,6 @@ predicate isDerivedFromLength(DataFlow::Node length, DataFlow::Node operand) {
 */
 class UnsafeIndexOfComparison extends EqualityTest {
  IndexOfCall indexOf;
-
  DataFlow::Node testedValue;

  UnsafeIndexOfComparison() {
--- a/javascript/ql/src/Security/CWE-020/MissingRegExpAnchor.ql
+++ b/javascript/ql/src/Security/CWE-020/MissingRegExpAnchor.ql
@@ -37,7 +37,8 @@ predicate isInterestingSemiAnchoredRegExpString(RegExpPatternSource src, string
    ) and
    anchorPart = src.getPattern().regexpCapture(regex, 1) and
    anchorPart.regexpMatch("(?i).*[a-z].*") and
-    msg = "Misleading operator precedence. The subexpression '" + anchorPart + "' is anchored, but the other parts of this regular expression are not"
+    msg = "Misleading operator precedence. The subexpression '" + anchorPart +
+        "' is anchored, but the other parts of this regular expression are not"
  )
 }

--- a/javascript/ql/src/Security/CWE-116/DoubleEscaping.ql
+++ b/javascript/ql/src/Security/CWE-116/DoubleEscaping.ql
@@ -70,7 +70,7 @@ class Replacement extends DataFlow::Node {
  Replacement() {
    exists(DataFlow::MethodCallNode mcn | this = mcn |
      mcn.getMethodName() = "replace" and
-      pattern.flow().(DataFlow::SourceNode).flowsTo(mcn.getArgument(0))and
+      pattern.flow().(DataFlow::SourceNode).flowsTo(mcn.getArgument(0)) and
      mcn.getNumArgument() = 2 and
      pattern.isGlobal()
    )
--- a/javascript/ql/src/Security/CWE-313/PasswordInConfigurationFile.ql
+++ b/javascript/ql/src/Security/CWE-313/PasswordInConfigurationFile.ql
@@ -64,4 +64,4 @@ where
    pwd = val.regexpCapture("(?is).*password\\s*=\\s*(?!;|\"?[$`]|%s|=)(\\S+).*", 1)
  ) and
  not exclude(valElement.getFile())
-select (FirstLineOf)valElement, "Hard-coded password '" + pwd + "' in configuration file."
+select valElement.(FirstLineOf), "Hard-coded password '" + pwd + "' in configuration file."
--- a/javascript/ql/src/Security/CWE-400/PrototypePollution.ql
+++ b/javascript/ql/src/Security/CWE-400/PrototypePollution.ql
@@ -1,7 +1,7 @@
 /**
 * @name Prototype pollution
 * @description Recursively merging a user-controlled object into another object
- *              can allow an attacker to modify the built-in Object prototype. 
+ *              can allow an attacker to modify the built-in Object prototype.
 * @kind path-problem
 * @problem.severity error
 * @precision high
@@ -17,7 +17,8 @@ import DataFlow::PathGraph
 import semmle.javascript.dependencies.Dependencies

 from
-  Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink, string moduleName, Locatable dependencyLoc
+  Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink, string moduleName,
+  Locatable dependencyLoc
 where
  cfg.hasFlowPath(source, sink) and
  sink.getNode().(Sink).dependencyInfo(moduleName, dependencyLoc)
--- a/javascript/ql/src/Security/Summaries/ImportFromCsv.qll
+++ b/javascript/ql/src/Security/Summaries/ImportFromCsv.qll
@@ -135,9 +135,7 @@ class AdditionalStepSpec extends ExternalData {

 private class AdditionalFlowStepFromSpec extends DataFlow::Configuration {
  AdditionalStepSpec spec;
-
  DataFlow::Node entry;
-
  DataFlow::Node exit;

  AdditionalFlowStepFromSpec() {
--- a/javascript/ql/src/Security/Summaries/ImportFromExternalPredicates.qll
+++ b/javascript/ql/src/Security/Summaries/ImportFromExternalPredicates.qll
@@ -36,9 +36,7 @@ external predicate additionalSteps(
 */
 private class AdditionalSourceFromSpec extends DataFlow::AdditionalSource {
  Portal portal;
-
  string flowLabel;
-
  string config;

  AdditionalSourceFromSpec() {
@@ -56,9 +54,7 @@ private class AdditionalSourceFromSpec extends DataFlow::AdditionalSource {
 */
 private class AdditionalSinkFromSpec extends DataFlow::AdditionalSink {
  Portal portal;
-
  string flowLabel;
-
  string config;

  AdditionalSinkFromSpec() {
@@ -76,11 +72,8 @@ private class AdditionalSinkFromSpec extends DataFlow::AdditionalSink {
 */
 private class AdditionalFlowStepFromSpec extends DataFlow::Configuration {
  DataFlow::Node entry;
-
  string startFlowLabel;
-
  DataFlow::Node exit;
-
  string endFlowLabel;

  AdditionalFlowStepFromSpec() {
--- a/javascript/ql/src/Security/Summaries/PortalEntrySink.qll
+++ b/javascript/ql/src/Security/Summaries/PortalEntrySink.qll
@@ -10,9 +10,7 @@ class PortalEntrySink extends DataFlow::AdditionalSink {

  PortalEntrySink() { this = p.getAnEntryNode(true) }

-  override predicate isSinkFor(DataFlow::Configuration cfg, DataFlow::FlowLabel lbl) {
-    any()
-  }
+  override predicate isSinkFor(DataFlow::Configuration cfg, DataFlow::FlowLabel lbl) { any() }

  /** Gets the portal of which this is an entry node. */
  Portal getPortal() { result = p }
--- a/javascript/ql/src/Security/Summaries/PortalExitSource.qll
+++ b/javascript/ql/src/Security/Summaries/PortalExitSource.qll
@@ -10,9 +10,7 @@ class PortalExitSource extends DataFlow::AdditionalSource {

  PortalExitSource() { this = p.getAnExitNode(true) }

-  override predicate isSourceFor(DataFlow::Configuration cfg, DataFlow::FlowLabel lbl) {
-    any()
-  }
+  override predicate isSourceFor(DataFlow::Configuration cfg, DataFlow::FlowLabel lbl) { any() }

  /** Gets the portal of which this is an exit node. */
  Portal getPortal() { result = p }