JS: mass enable diff-informed data flow + none() overrides

d10c · d10c · commit 41cdb3208275 · 2025-06-17T15:22:47.000+02:00
An auto-generated patch that enables diff-informed data flow in the obvious cases. Builds on github#18346 and github/codeql-patch#88
diff --git a/javascript/ql/src/experimental/Security/CWE-918/SSRF.qll b/javascript/ql/src/experimental/Security/CWE-918/SSRF.qll
@@ -34,6 +34,8 @@ module SsrfConfig implements DataFlow::ConfigSig {
   }
 
   predicate observeDiffInformedIncrementalMode() { any() }
+
+  Location getASelectedSourceLocation(DataFlow::Node sink) { none() }
 }
 
 module SsrfFlow = TaintTracking::Global<SsrfConfig>;

Original file line number	Diff line number	Diff line change
`@@ -34,6 +34,8 @@ module SsrfConfig implements DataFlow::ConfigSig {`
`34`	`34`	`}`
`35`	`35`
`36`	`36`	`predicate observeDiffInformedIncrementalMode() { any() }`
	`37`	`+`
	`38`	`+ Location getASelectedSourceLocation(DataFlow::Node sink) { none() }`
`37`	`39`	`}`
`38`	`40`
`39`	`41`	`module SsrfFlow = TaintTracking::Global<SsrfConfig>;`