CodeQL library for JavaScript
codeql/javascript-all 0.6.1 ( changelog , source )

Member predicate TaintTracking :: SharedTaintStep :: promiseStep

Holds if predsucc should be considered a taint-propagating data flow edge through a promise.

These steps consider a promise object to tainted if it can resolve to a tainted value.

predicate promiseStep ( Node pred , Node succ )