Merge pull request #13380 from asgerf/js/fix-sink-kind

JS: Fix invalid source kind in test

javascript/ql/test/library-tests/DataExtensions/Test.expected

@@ -1,7 +0,0 @@
-commandInjectionSinks
-| execa.example.js:2:7:2:9 | cmd |
-sqlInjectionSinks
-| connection.example.ts:4:20:4:20 | q |
-| connection.example.ts:9:18:9:18 | q |
-remoteFlowSources
-| message.example.js:1:46:1:50 | event |

javascript/ql/test/library-tests/DataExtensions/Test.ql

@@ -1,11 +0,0 @@
-import javascript
-private import semmle.javascript.security.dataflow.CommandInjectionCustomizations
-private import semmle.javascript.security.dataflow.SqlInjectionCustomizations
-
-query predicate commandInjectionSinks(DataFlow::Node node) {
-  node instanceof CommandInjection::Sink
-}
-
-query predicate sqlInjectionSinks(DataFlow::Node node) { node instanceof SqlInjection::Sink }
-
-query predicate remoteFlowSources(RemoteFlowSource node) { any() }

javascript/ql/test/library-tests/DataExtensions/connection.expected

@@ -0,0 +1,2 @@
+| connection.example.ts:4:20:4:20 | q |
+| connection.example.ts:9:18:9:18 | q |

javascript/ql/test/library-tests/DataExtensions/connection.ql

@@ -0,0 +1,4 @@
+import javascript
+private import semmle.javascript.security.dataflow.SqlInjectionCustomizations
+
+query predicate sqlInjectionSinks(DataFlow::Node node) { node instanceof SqlInjection::Sink }

javascript/ql/test/library-tests/DataExtensions/execa.expected

@@ -0,0 +1 @@
+| execa.example.js:2:7:2:9 | cmd |

javascript/ql/test/library-tests/DataExtensions/execa.ext.yml

@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: sinkModel
+    data:
+      - ["@example/execa", "Member[shell].Argument[0]", "command-injection"]

javascript/ql/test/library-tests/DataExtensions/execa.model.yml

@@ -1,10 +0,0 @@
-extensions:
-  - addsTo:
-      pack: codeql/javascript-all
-      extensible: sinkModel
-    data:
-      - [
-          "@example/execa",
-          "Member[shell].Argument[0]",
-          "command-injection",
-        ]

javascript/ql/test/library-tests/DataExtensions/execa.ql

@@ -0,0 +1,6 @@
+import javascript
+private import semmle.javascript.security.dataflow.CommandInjectionCustomizations
+
+query predicate commandInjectionSinks(DataFlow::Node node) {
+  node instanceof CommandInjection::Sink
+}

javascript/ql/test/library-tests/DataExtensions/message.expected

@@ -0,0 +1,2 @@
+| message.example.js:1:46:1:50 | event |
+| message.example.js:2:16:2:25 | event.data |

javascript/ql/test/library-tests/DataExtensions/message.ext.yml

@@ -6,5 +6,5 @@ extensions:
       - [
           "global",
           "Member[addEventListener].WithStringArgument[0=message].Argument[1].Parameter[0].Member[data]",
-          "remote-flow",
+          "remote",
         ]

javascript/ql/test/library-tests/DataExtensions/message.ql

@@ -0,0 +1,3 @@
+import javascript
+
+query predicate remoteFlowSources(RemoteFlowSource node) { any() }

javascript/ql/test/qlpack.yml

@@ -5,6 +5,4 @@ dependencies:
   codeql/javascript-queries: ${workspace}
 extractor: javascript
 tests: .
-dataExtensions:
-  - library-tests/DataExtensions/*.model.yml
 warnOnImplicitThis: true