CodeQL library for JavaScript/TypeScript

codeql/javascript-all 2.6.19-dev (changelog, source)

Class PrettyJsonTaintStep

A step through the prettyjson library. This is not quite a JSON.stringify call, as it e.g. does not wrap keys in double quotes. It’s therefore modeled as a taint-step rather than as a JSON.stringify call.

Import path

import javascript

Direct supertypes

SharedTaintStep

Indirect supertypes

Predicates

step	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge.

Inherited predicates

arrayStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through arrays.	from SharedTaintStep
deserializeStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through data deserialization, such as `JSON.parse`.	from SharedTaintStep
heapStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through the heap.	from SharedTaintStep
heuristicStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge contributed by the heuristics library.	from SharedTaintStep
persistentStorageStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through persistent storage.	from SharedTaintStep
promiseStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through a promise.	from SharedTaintStep
serializeStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through data serialization, such as `JSON.stringify`.	from SharedTaintStep
stringConcatenationStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through string concatenation.	from SharedTaintStep
stringManipulationStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through string manipulation (other than concatenation).	from SharedTaintStep
toString	Gets a textual representation of this element.	from Unit
uriStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through URI manipulation.	from SharedTaintStep
viewComponentStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through the `state` or `props` or a React component.	from SharedTaintStep