Move files from experimental

2025-12-24 04:36:35 +01:00 · 2022-09-07 12:11:56 +02:00
parent 95a9faf1f9
commit cd61bd0606
19 changed files with 7 additions and 7 deletions
--- a/java/ql/src/experimental/semmle/code/java/frameworks/FreeMarker.qll
+++ b/java/ql/src/experimental/semmle/code/java/frameworks/FreeMarker.qll
--- a/java/ql/src/experimental/semmle/code/java/frameworks/JinJava.qll
+++ b/java/ql/src/experimental/semmle/code/java/frameworks/JinJava.qll
--- a/java/ql/src/experimental/semmle/code/java/frameworks/Pebble.qll
+++ b/java/ql/src/experimental/semmle/code/java/frameworks/Pebble.qll
--- a/java/ql/src/experimental/semmle/code/java/frameworks/Thymeleaf.qll
+++ b/java/ql/src/experimental/semmle/code/java/frameworks/Thymeleaf.qll
--- a/java/ql/src/experimental/semmle/code/java/frameworks/Velocity.qll
+++ b/java/ql/src/experimental/semmle/code/java/frameworks/Velocity.qll
--- a/java/ql/src/experimental/Security/CWE/CWE-094/SSTIBad.java
+++ b/java/ql/src/experimental/Security/CWE/CWE-094/SSTIBad.java
--- a/java/ql/src/experimental/Security/CWE/CWE-094/SSTIGood.java
+++ b/java/ql/src/experimental/Security/CWE/CWE-094/SSTIGood.java
--- a/java/ql/src/experimental/Security/CWE/CWE-094/TemplateInjection.qhelp
+++ b/java/ql/src/experimental/Security/CWE/CWE-094/TemplateInjection.qhelp
--- a/java/ql/src/experimental/Security/CWE/CWE-094/TemplateInjection.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-094/TemplateInjection.ql
--- a/java/ql/src/experimental/Security/CWE/CWE-094/TemplateInjection.qll
+++ b/java/ql/src/experimental/Security/CWE/CWE-094/TemplateInjection.qll
@@ -3,11 +3,11 @@
 import java
 import semmle.code.java.dataflow.TaintTracking
 import semmle.code.java.dataflow.FlowSources
-import experimental.semmle.code.java.frameworks.FreeMarker
-import experimental.semmle.code.java.frameworks.Velocity
-import experimental.semmle.code.java.frameworks.JinJava
-import experimental.semmle.code.java.frameworks.Pebble
-import experimental.semmle.code.java.frameworks.Thymeleaf
+import semmle.code.java.frameworks.FreeMarker
+import semmle.code.java.frameworks.Velocity
+import semmle.code.java.frameworks.JinJava
+import semmle.code.java.frameworks.Pebble
+import semmle.code.java.frameworks.Thymeleaf

 /** A taint tracking configuration to reason about Server Side Template Injection (SSTI) vulnerabilities */
 class TemplateInjectionFlowConfig extends TaintTracking::Configuration {
--- a/java/ql/test/experimental/query-tests/security/CWE-094/TemplateInjection.qlref
+++ b/java/ql/test/experimental/query-tests/security/CWE-094/TemplateInjection.qlref
@@ -1 +0,0 @@
-experimental/Security/CWE/CWE-094/TemplateInjection.ql
--- a/java/ql/test/experimental/query-tests/security/CWE-094/FreemarkerSSTI.java
+++ b/java/ql/test/experimental/query-tests/security/CWE-094/FreemarkerSSTI.java
--- a/java/ql/test/experimental/query-tests/security/CWE-094/JinJavaSSTI.java
+++ b/java/ql/test/experimental/query-tests/security/CWE-094/JinJavaSSTI.java
--- a/java/ql/test/experimental/query-tests/security/CWE-094/PebbleSSTI.java
+++ b/java/ql/test/experimental/query-tests/security/CWE-094/PebbleSSTI.java
--- a/java/ql/test/experimental/query-tests/security/CWE-094/TemplateInjection.expected
+++ b/java/ql/test/experimental/query-tests/security/CWE-094/TemplateInjection.expected
--- a/java/ql/test/query-tests/security/CWE-094/TemplateInjection.qlref
+++ b/java/ql/test/query-tests/security/CWE-094/TemplateInjection.qlref
@@ -0,0 +1 @@
+Security/CWE/CWE-094/TemplateInjection.ql
--- a/java/ql/test/experimental/query-tests/security/CWE-094/ThymeleafSSTI.java
+++ b/java/ql/test/experimental/query-tests/security/CWE-094/ThymeleafSSTI.java
--- a/java/ql/test/experimental/query-tests/security/CWE-094/VelocitySSTI.java
+++ b/java/ql/test/experimental/query-tests/security/CWE-094/VelocitySSTI.java
--- a/java/ql/test/query-tests/security/CWE-094/options
+++ b/java/ql/test/query-tests/security/CWE-094/options
@@ -1 +1 @@
-//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/validation-api-2.0.1.Final:${testdir}/../../../stubs/springframework-5.3.8:${testdir}/../../../stubs/apache-commons-jexl-2.1.1:${testdir}/../../../stubs/apache-commons-jexl-3.1:${testdir}/../../../stubs/apache-commons-logging-1.2:${testdir}/../../../stubs/mvel2-2.4.7:${testdir}/../../../stubs/groovy-all-3.0.7:${testdir}/../../../stubs/servlet-api-2.4:${testdir}/../../../stubs/scriptengine:${testdir}/../../../stubs/jsr223-api
+//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/validation-api-2.0.1.Final:${testdir}/../../../stubs/springframework-5.3.8:${testdir}/../../../stubs/apache-commons-jexl-2.1.1:${testdir}/../../../stubs/apache-commons-jexl-3.1:${testdir}/../../../stubs/apache-commons-logging-1.2:${testdir}/../../../stubs/mvel2-2.4.7:${testdir}/../../../stubs/groovy-all-3.0.7:${testdir}/../../../stubs/servlet-api-2.4:${testdir}/../../../stubs/scriptengine:${testdir}/../../../stubs/jsr223-api:${testdir}/../../../experimental/stubs/apache-freemarker-2.3.31:${testdir}/../../../experimental/stubs/jinjava-2.6.0:${testdir}/../../../experimental/stubs/pebble-3.1.5:${testdir}/../../../experimental/stubs/thymeleaf-3.0.14:${testdir}/../../../experimental/stubs/apache-velocity-2.3
				`@@ -1 +0,0 @@`
				`experimental/Security/CWE/CWE-094/TemplateInjection.ql`