From effb8024a436f0ebcc02f4d1fcd9b4973cc8c74d Mon Sep 17 00:00:00 2001
From: amammad <amg2027amg@gmail.com>
Date: Sun, 25 Jun 2023 23:30:24 +1000
Subject: [PATCH] fix yargs bug

---
 .../Security/CWE-522-DecompressionBombs/CommandLineSource.qll | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/javascript/ql/src/experimental/Security/CWE-522-DecompressionBombs/CommandLineSource.qll b/javascript/ql/src/experimental/Security/CWE-522-DecompressionBombs/CommandLineSource.qll
index dfa10d2ccdf..f163375e578 100644
--- a/javascript/ql/src/experimental/Security/CWE-522-DecompressionBombs/CommandLineSource.qll
+++ b/javascript/ql/src/experimental/Security/CWE-522-DecompressionBombs/CommandLineSource.qll
@@ -11,8 +11,8 @@ abstract class CommandLineFlowSource extends API::Node { }
 
 class Yargs extends CommandLineFlowSource {
   Yargs() {
-    this = API::moduleImport("yargs/yargs").getASuccessor().getMember("argv") or
-    this = API::moduleImport("yargs/yargs").getASuccessor().getMember("argv").getAMember()
+    this = API::moduleImport("yargs/yargs").getASuccessor*().getMember("argv") or
+    this = API::moduleImport("yargs/yargs").getASuccessor*().getMember("argv").getAMember()
   }
 }