hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Exclude .pipe detection which are in a test file.

Browse Source
This commit is contained in:
Napalys Klicius
2025-05-28 17:18:39 +02:00
parent 5bb29b6e33
commit f8f5d8f561
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
javascript/ql/src/Quality/UnhandledStreamPipe.ql
View File

@@ -12,6 +12,7 @@
*/
import javascript
import semmle.javascript.filters.ClassifyFiles
/**
* A call to the `pipe` method on a Node.js stream.
@@ -270,6 +271,7 @@ where
hasErrorHandlerDownstream(pipeCall) and
not isPipeFollowedByNonStreamAccess(pipeCall) and
not hasNonStreamSourceLikeUsage(pipeCall) and
not hasNonNodeJsStreamSource(pipeCall)
not hasNonNodeJsStreamSource(pipeCall) and
not isTestFile(pipeCall.getFile())
select pipeCall,
"Stream pipe without error handling on the source stream. Errors won't propagate downstream and may be silently dropped."