Merge branch 'main' of https://github.com/github/codeql into oscarsj/mergeback-rc-3-20-into-main

2025-12-16 08:43:11 +01:00 · 2025-12-12 13:22:08 +01:00
parent 72b63bbdc3 c5987b4481
commit d972af9ef8
1129 changed files with 32377 additions and 8332 deletions
--- a/javascript/ql/lib/semmle/javascript/security/dataflow/ExternalAPIUsedWithUntrustedDataQuery.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/ExternalAPIUsedWithUntrustedDataQuery.qll
@@ -97,7 +97,7 @@ class ExternalApiDataNode extends DataFlow::Node instanceof Sink { }

 /** A node representing untrusted data being passed to an external API. */
 class UntrustedExternalApiDataNode extends ExternalApiDataNode {
-  UntrustedExternalApiDataNode() { ExternalAPIUsedWithUntrustedDataFlow::flow(_, this) }
+  UntrustedExternalApiDataNode() { ExternalAPIUsedWithUntrustedDataFlow::flowTo(this) }

  /** Gets a source of untrusted data which is passed to this external API data node. */
  DataFlow::Node getAnUntrustedSource() { ExternalAPIUsedWithUntrustedDataFlow::flow(result, this) }
@@ -110,7 +110,7 @@ private newtype TExternalApi =
  /** An external API sink with `name`. */
  MkExternalApiNode(string name) {
    exists(Sink sink |
-      ExternalAPIUsedWithUntrustedDataFlow::flow(_, sink) and
+      ExternalAPIUsedWithUntrustedDataFlow::flowTo(sink) and
      name = sink.getApiName()
    )
  }
--- a/javascript/ql/src/experimental/Security/CWE-347/decodeJwtWithoutVerification.ql
+++ b/javascript/ql/src/experimental/Security/CWE-347/decodeJwtWithoutVerification.ql
@@ -36,6 +36,6 @@ import UnverifiedDecodeFlow::PathGraph
 from UnverifiedDecodeFlow::PathNode source, UnverifiedDecodeFlow::PathNode sink
 where
  UnverifiedDecodeFlow::flowPath(source, sink) and
-  not VerifiedDecodeFlow::flow(source.getNode(), _)
+  not VerifiedDecodeFlow::flowFrom(source.getNode())
 select source.getNode(), source, sink, "Decoding JWT $@.", sink.getNode(),
  "without signature verification"
--- a/javascript/ql/test/library-tests/FlowSummary/test.ql
+++ b/javascript/ql/test/library-tests/FlowSummary/test.ql
@@ -32,5 +32,5 @@ class BasicBarrierGuard extends DataFlow::CallNode {
 deprecated class ConsistencyConfig extends ConsistencyConfiguration {
  ConsistencyConfig() { this = "ConsistencyConfig" }

-  override DataFlow::Node getAnAlert() { Flow::flow(_, result) }
+  override DataFlow::Node getAnAlert() { Flow::flowTo(result) }
 }
--- a/javascript/ql/test/tutorials/Introducing
+++ b/javascript/ql/test/tutorials/Introducing
@@ -14,7 +14,7 @@ predicate passwordVarAssign(Variable v, DataFlow::Node nd) {
 module PasswordFlow = DataFlow::Global<PasswordConfig>;

 query predicate test_query17(DataFlow::Node sink, string res) {
-  exists(Variable v | PasswordFlow::flow(_, sink) and passwordVarAssign(v, sink) |
+  exists(Variable v | PasswordFlow::flowTo(sink) and passwordVarAssign(v, sink) |
    res = "Password variable " + v.toString() + " is assigned a constant string."
  )
 }