CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.8.12 (changelog, source)
Search

Module PromiseFlow

This module defines how data-flow propagates into and out of a Promise. The data-flow is based on pseudo-properties rather than tainting the Promise object (which is what PromiseTaintStep does).

Import path

import javascript

Predicates

loadStep

Holds if there is a step for loading a value from a promise. prop is either valueProp() if the value is a resolved value, or errorProp() if the promise has been rejected.

loadStoreStep

Holds if there is a step copying a resolved/rejected promise value from promise pred to promise succ. prop is either valueProp() if the value is a resolved value, or errorProp() if the promise has been rejected.

storeStep

Holds if there is a step for storing a value into a promise obj. prop is either valueProp() if the value is a resolved value, or errorProp() if the promise has been rejected.