From 090a7013dd2d1efd95a086ca2a775011fca37536 Mon Sep 17 00:00:00 2001 From: Robert Brignull Date: Wed, 16 Sep 2020 11:03:19 +0100 Subject: [PATCH] add explanation to query --- queries/required-action-input.ql | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/queries/required-action-input.ql b/queries/required-action-input.ql index 8bf9c565e..e75628326 100644 --- a/queries/required-action-input.ql +++ b/queries/required-action-input.ql @@ -87,6 +87,10 @@ class CoreGetInputMethodCallExpr extends MethodCallExpr { from ActionDeclaration action, CoreGetInputMethodCallExpr getInputCall, string inputName, string alternateFunction where action.getAnInput() = inputName + // We don't want to create an alert for the users core.getInput in the getRequiredInput + // and getOptionalInput functions themselves, and this check here does that in a + // roundabout way by checking the parameter is a string literal. This should be enough + // and hopefully won't discount any real calls to core.getInput, but is worth noting here. and getInputCall.getInputName() = inputName and ((action.inputAlwaysHasValue(inputName) and alternateFunction = "getRequiredInput") or (not action.inputAlwaysHasValue(inputName) and alternateFunction = "geOptionalInput"))