Merge branch 'main' into js/shared-dataflow-merge-main

2026-04-27 09:45:15 +02:00 · 2024-10-08 09:28:26 +02:00
parent 72daa980a0 5a4cd1c578
commit e2e91ac7d9
2562 changed files with 73355 additions and 42975 deletions
--- a/javascript/ql/test/query-tests/Metrics/ExternalDependencies/ExternalDependencies.expected
+++ b/javascript/ql/test/query-tests/Metrics/ExternalDependencies/ExternalDependencies.expected
@@ -1,9 +1,9 @@
-| /query-tests/Metrics/ExternalDependencies/src/tst.html<\|>jquery<\|>23.0.0 | 4 |
-| /query-tests/Metrics/ExternalDependencies/src/a.js<\|>lib3<\|>unknown | 3 |
-| /query-tests/Metrics/ExternalDependencies/src/tst.html<\|>jquery<\|>42.0.0 | 3 |
-| /query-tests/Metrics/ExternalDependencies/src/a.js<\|>lib1<\|>1.0.2 | 2 |
-| /query-tests/Metrics/ExternalDependencies/src/b.js<\|>lib3<\|>unknown | 2 |
-| /query-tests/Metrics/ExternalDependencies/src/a.js<\|>lib2<\|>1.0.0 | 1 |
-| /query-tests/Metrics/ExternalDependencies/src/b.js<\|>lib2<\|>1.0.0 | 1 |
-| /query-tests/Metrics/ExternalDependencies/src/sub/c.js<\|>lib1<\|>1.0.2 | 1 |
-| /query-tests/Metrics/ExternalDependencies/src/sub/subsub/d.js<\|>lib1<\|>1.0.3 | 1 |
+| /src/tst.html<\|>jquery<\|>23.0.0 | 4 |
+| /src/a.js<\|>lib3<\|>unknown | 3 |
+| /src/tst.html<\|>jquery<\|>42.0.0 | 3 |
+| /src/a.js<\|>lib1<\|>1.0.2 | 2 |
+| /src/b.js<\|>lib3<\|>unknown | 2 |
+| /src/a.js<\|>lib2<\|>1.0.0 | 1 |
+| /src/b.js<\|>lib2<\|>1.0.0 | 1 |
+| /src/sub/c.js<\|>lib1<\|>1.0.2 | 1 |
+| /src/sub/subsub/d.js<\|>lib1<\|>1.0.3 | 1 |
--- a/javascript/ql/test/query-tests/NodeJS/CyclicImport/CyclicImport.expected
+++ b/javascript/ql/test/query-tests/NodeJS/CyclicImport/CyclicImport.expected
@@ -1,7 +1,7 @@
 | a.js:4:9:4:25 | require('./b.js') | Module a imports module b, which in turn $@ it. | b.js:4:9:4:25 | require('./a.js') | imports |
 | b.js:4:9:4:25 | require('./a.js') | Module b imports module a, which in turn $@ it. | a.js:4:9:4:25 | require('./b.js') | imports |
 | selfimport.js:1:1:1:23 | require ... mport') | Module selfimport directly imports itself. | selfimport.js:1:1:1:24 | <toplevel> |  |
-| test1/a.js:1:1:1:27 | require ... ner/a') | Module .../test1/a.js imports module .../inner/a.js, which in turn $@ it. | test2/inner/a.js:1:1:1:24 | require ... st1/a') | imports |
+| test1/a.js:1:1:1:27 | require ... ner/a') | Module /test1/a.js imports module .../inner/a.js, which in turn $@ it. | test2/inner/a.js:1:1:1:24 | require ... st1/a') | imports |
 | test1/a.js:2:1:2:14 | require('./b') | Module a imports module b, which in turn $@ it. | test1/b.js:1:1:1:27 | require ... ner/a') | indirectly imports |
 | test1/b.js:1:1:1:27 | require ... ner/a') | Module b imports module a, which in turn $@ it. | test2/inner/a.js:1:1:1:24 | require ... st1/a') | indirectly imports |
-| test2/inner/a.js:1:1:1:24 | require ... st1/a') | Module .../inner/a.js imports module .../test1/a.js, which in turn $@ it. | test1/a.js:1:1:1:27 | require ... ner/a') | imports |
+| test2/inner/a.js:1:1:1:24 | require ... st1/a') | Module .../inner/a.js imports module /test1/a.js, which in turn $@ it. | test1/a.js:1:1:1:27 | require ... ner/a') | imports |
--- a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.ql
+++ b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.ql
@@ -5,7 +5,7 @@
 * @kind path-problem
 * @problem.severity error
 * @precision high
- * @id js/xss
+ * @id js/xss-additional-sources-dom-test
 * @tags security
 *       external/cwe/cwe-079
 *       external/cwe/cwe-116
--- a/javascript/ql/test/query-tests/Security/CWE-200/PrivateFileExposure.expected
+++ b/javascript/ql/test/query-tests/Security/CWE-200/PrivateFileExposure.expected
@@ -1,6 +1,6 @@
-| lib/tst.js:7:1:7:45 | app.use ... rname)) | Serves the folder query-tests/Security/CWE-200/lib, which can contain private information. |
-| lib/tst.js:9:1:9:43 | app.use ... otDir)) | Serves the folder query-tests/Security/CWE-200/lib, which can contain private information. |
-| lib/tst.js:11:1:11:52 | app.use ... + '/')) | Serves the folder query-tests/Security/CWE-200/lib, which can contain private information. |
+| lib/tst.js:7:1:7:45 | app.use ... rname)) | Serves the folder lib, which can contain private information. |
+| lib/tst.js:9:1:9:43 | app.use ... otDir)) | Serves the folder lib, which can contain private information. |
+| lib/tst.js:11:1:11:52 | app.use ... + '/')) | Serves the folder lib, which can contain private information. |
 | private-file-exposure.js:8:1:8:49 | app.use ... ular')) | Serves the folder "./node_modules/angular", which can contain private information. |
 | private-file-exposure.js:9:1:9:59 | app.use ... ular')) | Serves the folder "node_modules/angular", which can contain private information. |
 | private-file-exposure.js:10:1:10:67 | app.use ... mate')) | Serves the folder "node_modules/angular-animate", which can contain private information. |
@@ -20,4 +20,4 @@
 | private-file-exposure.js:43:1:43:46 | app.use ... )("/")) | Serves the root folder, which can contain private information. |
 | private-file-exposure.js:51:5:51:88 | app.use ... les'))) | Serves the folder "../node_modules", which can contain private information. |
 | private-file-exposure.js:70:5:70:71 | serveHa ... ular"}) | Serves the folder "./node_modules/angular", which can contain private information. |
-| subfolder/private-file-exposure-2.js:6:1:6:34 | app.use ... rname)) | Serves the folder query-tests/Security/CWE-200/subfolder, which can contain private information. |
+| subfolder/private-file-exposure-2.js:6:1:6:34 | app.use ... rname)) | Serves the folder subfolder, which can contain private information. |