CodeQL library for JavaScript/TypeScript
codeql/javascript-all 1.0.3-dev (changelog, source)
Search

Predicate TaintTracking::promiseStep

Holds if predsucc should be considered a taint-propagating data flow edge through a promise.

These steps consider a promise object to tainted if it can resolve to a tainted value.

Import path

import javascript
predicate promiseStep(Node pred, Node succ)