From 9632771630d75f08faa5a3b6f5afc9d44a6a65b0 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Wed, 31 May 2023 14:23:43 +0100 Subject: [PATCH] Address review comments --- queries/default-setup-event-context.ql | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/queries/default-setup-event-context.ql b/queries/default-setup-event-context.ql index d0d3cbce1c..15b1c27c8c 100644 --- a/queries/default-setup-event-context.ql +++ b/queries/default-setup-event-context.ql @@ -27,7 +27,8 @@ class EventContextAccessConfiguration extends DataFlow::Configuration { override predicate isSink(DataFlow::Node sink, DataFlow::FlowLabel lbl) { sink instanceof DataFlow::PropRead and lbl instanceof ParsedLabel and - not exists(DataFlow::PropRead n | sink = n.getBase()) + not exists(DataFlow::PropRead n | sink = n.getBase()) and + not sink.asExpr().getFile().getBaseName().matches("%.test.ts") } override predicate isAdditionalFlowStep( @@ -52,11 +53,6 @@ class EventContextAccessConfiguration extends DataFlow::Configuration { } from EventContextAccessConfiguration cfg, DataFlow::PathNode source, DataFlow::PathNode sink -where - cfg.hasFlowPath(source, sink) and - not sink.getNode().asExpr().getFile().getBaseName().matches("%.test.ts") +where cfg.hasFlowPath(source, sink) select sink.getNode(), source, sink, - "This context property may not exist in default setup workflows. If all uses are safe, add it to the list of " - + "context properties that are known to be safe in " + - "'queries/default-setup-event-context.ql'. If this use is safe but others are not, " + - "dismiss this alert as a false positive." + "This event context property may not exist in default setup workflows."