From eac5e24aee0020ac9d73d355966ec5a626c8564f Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Tue, 16 May 2023 11:06:13 +0100 Subject: [PATCH] Downgrade query severity to warning --- queries/default-setup-environment-variables.ql | 2 +- queries/default-setup-event-context.ql | 12 +----------- 2 files changed, 2 insertions(+), 12 deletions(-) diff --git a/queries/default-setup-environment-variables.ql b/queries/default-setup-environment-variables.ql index d4a095cdd..a65f9d138 100644 --- a/queries/default-setup-environment-variables.ql +++ b/queries/default-setup-environment-variables.ql @@ -2,7 +2,7 @@ * @name Some environment variables may not exist in default setup workflows * @id javascript/codeql-action/default-setup-env-vars * @kind problem - * @severity error + * @severity warning */ import javascript diff --git a/queries/default-setup-event-context.ql b/queries/default-setup-event-context.ql index b5d1ca309..27bd55af6 100644 --- a/queries/default-setup-event-context.ql +++ b/queries/default-setup-event-context.ql @@ -2,7 +2,7 @@ * @name Some context properties may not exist in default setup workflows * @id javascript/codeql-action/default-setup-context-properties * @kind path-problem - * @severity error + * @severity warning */ import javascript @@ -49,16 +49,6 @@ class EventContextAccessConfiguration extends DataFlow::Configuration { } } -predicate deepPropertyRead(DataFlow::PropRead originalRead, DataFlow::PropRead read, int depth) { - read = originalRead and depth = 1 - or - exists(DataFlow::PropRead prevRead, int prevDepth | - deepPropertyRead(originalRead, prevRead, prevDepth) and - read = prevRead.getAPropertyRead() and - depth = prevDepth + 1 - ) -} - from EventContextAccessConfiguration cfg, DataFlow::PathNode source, DataFlow::PathNode sink where cfg.hasFlowPath(source, sink) and