Merge remote-tracking branch 'upstream/main' into igfoo/mb

2026-05-04 05:05:12 +02:00 · 2026-01-13 01:01:35 +00:00
parent 70cc153cf5 c666fc71ca
commit dcd0a69759
1891 changed files with 180230 additions and 116717 deletions
--- a/go/ql/src/Security/CWE-020/MissingRegexpAnchor.ql
+++ b/go/ql/src/Security/CWE-020/MissingRegexpAnchor.ql
@@ -81,5 +81,5 @@ module Config implements DataFlow::ConfigSig {
 module Flow = DataFlow::Global<Config>;

 from DataFlow::Node source, string msg
-where Flow::flow(source, _) and Config::isSourceString(source, msg)
+where Flow::flowFrom(source) and Config::isSourceString(source, msg)
 select source, msg
--- a/go/ql/src/Security/CWE-352/ConstantOauth2State.ql
+++ b/go/ql/src/Security/CWE-352/ConstantOauth2State.ql
@@ -154,7 +154,7 @@ module FlowToPrintFlow = DataFlow::Global<FlowToPrintConfig>;

 /** Holds if the provided `CallNode`'s result flows to an argument of a printer call. */
 predicate resultFlowsToPrinter(DataFlow::CallNode authCodeUrlCall) {
-  FlowToPrintFlow::flow(authCodeUrlCall.getResult(), _)
+  FlowToPrintFlow::flowFrom(authCodeUrlCall.getResult())
 }

 /** Get a data-flow node that reads the value of `os.Stdin`. */
--- a/go/ql/src/Security/CWE-601/OpenUrlRedirect.ql
+++ b/go/ql/src/Security/CWE-601/OpenUrlRedirect.ql
@@ -21,6 +21,6 @@ where
  OpenUrlRedirect::Flow::flowPath(source, sink) and
  // this excludes flow from safe parts of request URLs, for example the full URL when the
  // doing a redirect from `http://<path>` to `https://<path>`
-  not SafeUrlFlow::Flow::flow(_, sink.getNode())
+  not SafeUrlFlow::Flow::flowTo(sink.getNode())
 select sink.getNode(), source, sink, "This path to an untrusted URL redirection depends on a $@.",
  source.getNode(), "user-provided value"
--- a/go/ql/src/Security/CWE-918/RequestForgery.ql
+++ b/go/ql/src/Security/CWE-918/RequestForgery.ql
@@ -21,6 +21,6 @@ where
  RequestForgery::Flow::flowPath(source, sink) and
  request = sink.getNode().(RequestForgery::Sink).getARequest() and
  // this excludes flow from safe parts of request URLs, for example the full URL
-  not SafeUrlFlow::Flow::flow(_, sink.getNode())
+  not SafeUrlFlow::Flow::flowTo(sink.getNode())
 select request, source, sink, "The $@ of this request depends on a $@.", sink.getNode(),
  sink.getNode().(RequestForgery::Sink).getKind(), source, "user-provided value"
--- a/go/ql/src/experimental/CWE-285/PamAuthBypass.ql
+++ b/go/ql/src/experimental/CWE-285/PamAuthBypass.ql
@@ -70,5 +70,6 @@ module PamStartToAuthenticateFlow = TaintTracking::Global<PamStartToAuthenticate
 from DataFlow::Node source, DataFlow::Node sink
 where
  not isInTestFile(source.asExpr()) and
-  (PamStartToAuthenticateFlow::flow(source, sink) and not PamStartToAcctMgmtFlow::flow(source, _))
+  PamStartToAuthenticateFlow::flow(source, sink) and
+  not PamStartToAcctMgmtFlow::flowFrom(source)
 select source, "This Pam transaction may not be secure."
--- a/go/ql/src/experimental/CWE-321-V2/HardCodedKeys.ql
+++ b/go/ql/src/experimental/CWE-321-V2/HardCodedKeys.ql
@@ -24,7 +24,7 @@ module JwtParseWithConstantKeyConfig implements DataFlow::ConfigSig {
      or
      n = fd.(FuncDecl).getFunction().getARead()
    |
-      GolangJwtKeyFunc::flow(n, _) and
+      GolangJwtKeyFunc::flowFrom(n) and
      sink = rn and
      rn.getRoot() = fd and
      rn.getIndex() = 0