Skip to content

JS: add a predicate to recognize path arguments in calls to the fs-extra lib #7715

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kaeluka merged 3 commits into from
Jan 25, 2022
Merged

JS: add a predicate to recognize path arguments in calls to the fs-extra lib #7715

kaeluka merged 3 commits into from
Jan 25, 2022

Conversation

@kaeluka
Copy link

@kaeluka kaeluka commented Jan 24, 2022

I'm sending this PR because the lack of complete support for fs-extra (ca 60.000.000 downloads weekly) has led to at least one false negative (see here: https://lgtm.com/projects/g/strongloop/strong-arc/snapshot/ac18d2c147b10c94552f215b1016216bb580d3ff/files/client/test/test-server.js?sort=name&dir=ASC&mode=heatmap#L89, it's a FN since fs.remove is not currently recognized as a sink. This PR fixes the problem.)

@kaeluka kaeluka requested a review from esbena January 24, 2022 08:44
@kaeluka kaeluka requested a review from a team as a code owner January 24, 2022 08:44
@github-actions github-actions bot added the JS label Jan 24, 2022
@kaeluka
Copy link
Author

kaeluka commented Jan 24, 2022

Adding @esbena as reviewer, as he is already in the loop.

esbena
esbena requested changes Jan 24, 2022
View reviewed changes
Copy link
Contributor

@esbena esbena left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for doing this! I'm excited about the evaluation, could you do one with code-scanning.qls and default.yml?

The semantics of this looks fine, but there are two tangential issues. See inline comments.

Stephan Brandauer and others added 2 commits January 24, 2022 10:47
@owen-mc owen-mc changed the title add a predicate to recognize path arguments in calls to the fs-extra lib JS: add a predicate to recognize path arguments in calls to the fs-extra lib Jan 24, 2022
@esbena
Copy link
Contributor

esbena commented Jan 25, 2022

Great. Merge at will.
The results are a bit underwhelming, so I have started an evaluation that just lists the new sinks (see backlink below)

@kaeluka kaeluka merged commit 35cc5ff into github:main Jan 25, 2022
@kaeluka kaeluka deleted the recognize-fs-extra-path-args branch January 25, 2022 08:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@asgerf asgerf asgerf left review comments

@esbena esbena esbena approved these changes

Assignees

No one assigned

Labels

JS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kaeluka @esbena @asgerf