Apply suggestions from code review

Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
2026-05-04 05:05:12 +02:00 · 2023-01-05 20:02:54 +01:00
parent 3811eae679
commit d9176541c6
2 changed files with 3 additions and 3 deletions
--- a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll
+++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll
@@ -81,10 +81,10 @@ module UnsafeCodeConstruction {
   * A string constructed from a string-literal (e.g. `"foo #{sink}"`),
   * where the resulting string ends up being executed as a code.
   */
-  class StringFormatAsSink extends Sink {
+  class StringInterpolationAsSink extends Sink {
    Concepts::CodeExecution s;

-    StringFormatAsSink() {
+    StringInterpolationAsSink() {
      exists(Ast::StringlikeLiteral lit |
        any(DataFlow::Node n | n.asExpr().getExpr() = lit) = getANodeExecutedAsCode(s) and
        this.asExpr().getExpr() = lit.getComponent(_)
--- a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp
+++ b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp
@@ -69,7 +69,7 @@ to define the getter method.
 <example>
 <p>
 This example dynamically registers a method on another class which
-forwards its arguments to a target class. This approach uses
+forwards its arguments to a target object. This approach uses
 <code>module_eval</code> and string interpolation to construct class variables
 and methods.
 </p>