advanced-security
diff --git a/‎javascript/frameworks/cap/lib/codeql-pack.lock.yml‎
Lines changed: 14 additions & 12 deletions b/‎javascript/frameworks/cap/lib/codeql-pack.lock.yml‎
Lines changed: 14 additions & 12 deletions
diff --git a/‎javascript/frameworks/cap/src/codeql-pack.lock.yml‎
Lines changed: 14 additions & 12 deletions b/‎javascript/frameworks/cap/src/codeql-pack.lock.yml‎
Lines changed: 14 additions & 12 deletions
diff --git a/‎javascript/frameworks/cap/test/codeql-pack.lock.yml‎
Lines changed: 14 additions & 12 deletions b/‎javascript/frameworks/cap/test/codeql-pack.lock.yml‎
Lines changed: 14 additions & 12 deletions
diff --git a/‎javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.expected‎
Lines changed: 327 additions & 327 deletions b/‎javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.expected‎
Lines changed: 327 additions & 327 deletions
diff --git a/‎javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/log-injection-with-service1-protocol-none.expected‎
Lines changed: 3 additions & 3 deletions b/‎javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/log-injection-with-service1-protocol-none.expected‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/log-injection-with-service2-protocol-none.expected‎
Lines changed: 6 additions & 6 deletions b/‎javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/log-injection-with-service2-protocol-none.expected‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/log-injection-without-protocol-none.expected‎
Lines changed: 6 additions & 6 deletions b/‎javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/log-injection-without-protocol-none.expected‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎javascript/frameworks/cap/test/queries/path-traversal/pathinjection.expected‎
Lines changed: 40 additions & 40 deletions b/‎javascript/frameworks/cap/test/queries/path-traversal/pathinjection.expected‎
Lines changed: 40 additions & 40 deletions
diff --git a/‎javascript/frameworks/cap/test/queries/sensitive-exposure/sensitive-exposure-js-all-sinks/sensitive-exposure-heuristic-source.expected‎
Lines changed: 3 additions & 3 deletions b/‎javascript/frameworks/cap/test/queries/sensitive-exposure/sensitive-exposure-js-all-sinks/sensitive-exposure-heuristic-source.expected‎
Lines changed: 3 additions & 3 deletions
@@ -2,27 +2,29 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/concepts:
-    version: 0.0.3
+    version: 0.0.4
+  codeql/controlflow:
+    version: 2.0.14
   codeql/dataflow:
-    version: 2.0.13
+    version: 2.0.14
   codeql/javascript-all:
-    version: 2.6.9
+    version: 2.6.10
   codeql/mad:
-    version: 1.0.29
+    version: 1.0.30
   codeql/regex:
-    version: 1.0.29
+    version: 1.0.30
   codeql/ssa:
-    version: 2.0.5
+    version: 2.0.6
   codeql/threat-models:
-    version: 1.0.29
+    version: 1.0.30
   codeql/tutorial:
-    version: 1.0.29
+    version: 1.0.30
   codeql/typetracking:
-    version: 2.0.13
+    version: 2.0.14
   codeql/util:
-    version: 2.0.16
+    version: 2.0.17
   codeql/xml:
-    version: 1.0.29
+    version: 1.0.30
   codeql/yaml:
-    version: 1.0.29
+    version: 1.0.30
 compiled: false
@@ -2,27 +2,29 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/concepts:
-    version: 0.0.3
+    version: 0.0.4
+  codeql/controlflow:
+    version: 2.0.14
   codeql/dataflow:
-    version: 2.0.13
+    version: 2.0.14
   codeql/javascript-all:
-    version: 2.6.9
+    version: 2.6.10
   codeql/mad:
-    version: 1.0.29
+    version: 1.0.30
   codeql/regex:
-    version: 1.0.29
+    version: 1.0.30
   codeql/ssa:
-    version: 2.0.5
+    version: 2.0.6
   codeql/threat-models:
-    version: 1.0.29
+    version: 1.0.30
   codeql/tutorial:
-    version: 1.0.29
+    version: 1.0.30
   codeql/typetracking:
-    version: 2.0.13
+    version: 2.0.14
   codeql/util:
-    version: 2.0.16
+    version: 2.0.17
   codeql/xml:
-    version: 1.0.29
+    version: 1.0.30
   codeql/yaml:
-    version: 1.0.29
+    version: 1.0.30
 compiled: false
@@ -2,27 +2,29 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/concepts:
-    version: 0.0.3
+    version: 0.0.4
+  codeql/controlflow:
+    version: 2.0.14
   codeql/dataflow:
-    version: 2.0.13
+    version: 2.0.14
   codeql/javascript-all:
-    version: 2.6.9
+    version: 2.6.10
   codeql/mad:
-    version: 1.0.29
+    version: 1.0.30
   codeql/regex:
-    version: 1.0.29
+    version: 1.0.30
   codeql/ssa:
-    version: 2.0.5
+    version: 2.0.6
   codeql/threat-models:
-    version: 1.0.29
+    version: 1.0.30
   codeql/tutorial:
-    version: 1.0.29
+    version: 1.0.30
   codeql/typetracking:
-    version: 2.0.13
+    version: 2.0.14
   codeql/util:
-    version: 2.0.16
+    version: 2.0.17
   codeql/xml:
-    version: 1.0.29
+    version: 1.0.30
   codeql/yaml:
-    version: 1.0.29
+    version: 1.0.30
 compiled: false
@@ -1,10 +1,10 @@
 edges
-| srv/service2.js:7:15:7:31 | { messageToPass } | srv/service2.js:7:15:7:42 | messageToPass | provenance |  |
-| srv/service2.js:7:15:7:42 | messageToPass | srv/service2.js:9:32:9:44 | messageToPass | provenance |  |
+| srv/service2.js:7:15:7:31 | { messageToPass } | srv/service2.js:7:17:7:29 | messageToPass | provenance |  |
+| srv/service2.js:7:17:7:29 | messageToPass | srv/service2.js:9:32:9:44 | messageToPass | provenance |  |
 | srv/service2.js:7:35:7:42 | msg.data | srv/service2.js:7:15:7:31 | { messageToPass } | provenance |  |
 nodes
 | srv/service2.js:7:15:7:31 | { messageToPass } | semmle.label | { messageToPass } |
-| srv/service2.js:7:15:7:42 | messageToPass | semmle.label | messageToPass |
+| srv/service2.js:7:17:7:29 | messageToPass | semmle.label | messageToPass |
 | srv/service2.js:7:35:7:42 | msg.data | semmle.label | msg.data |
 | srv/service2.js:9:32:9:44 | messageToPass | semmle.label | messageToPass |
 subpaths
 
@@ -1,22 +1,22 @@
 edges
-| srv/service1.js:7:19:7:35 | { messageToPass } | srv/service1.js:7:19:7:46 | messageToPass | provenance |  |
-| srv/service1.js:7:19:7:46 | messageToPass | srv/service1.js:9:38:9:50 | messageToPass | provenance |  |
+| srv/service1.js:7:19:7:35 | { messageToPass } | srv/service1.js:7:21:7:33 | messageToPass | provenance |  |
+| srv/service1.js:7:21:7:33 | messageToPass | srv/service1.js:9:38:9:50 | messageToPass | provenance |  |
 | srv/service1.js:7:39:7:46 | req.data | srv/service1.js:7:19:7:35 | { messageToPass } | provenance |  |
 | srv/service1.js:9:36:9:52 | { messageToPass } | srv/service2.js:6:29:6:31 | msg | provenance |  |
 | srv/service1.js:9:38:9:50 | messageToPass | srv/service1.js:9:36:9:52 | { messageToPass } | provenance |  |
 | srv/service2.js:6:29:6:31 | msg | srv/service2.js:7:35:7:37 | msg | provenance |  |
-| srv/service2.js:7:15:7:31 | { messageToPass } | srv/service2.js:7:15:7:42 | messageToPass | provenance |  |
-| srv/service2.js:7:15:7:42 | messageToPass | srv/service2.js:9:32:9:44 | messageToPass | provenance |  |
+| srv/service2.js:7:15:7:31 | { messageToPass } | srv/service2.js:7:17:7:29 | messageToPass | provenance |  |
+| srv/service2.js:7:17:7:29 | messageToPass | srv/service2.js:9:32:9:44 | messageToPass | provenance |  |
 | srv/service2.js:7:35:7:37 | msg | srv/service2.js:7:15:7:31 | { messageToPass } | provenance |  |
 nodes
 | srv/service1.js:7:19:7:35 | { messageToPass } | semmle.label | { messageToPass } |
-| srv/service1.js:7:19:7:46 | messageToPass | semmle.label | messageToPass |
+| srv/service1.js:7:21:7:33 | messageToPass | semmle.label | messageToPass |
 | srv/service1.js:7:39:7:46 | req.data | semmle.label | req.data |
 | srv/service1.js:9:36:9:52 | { messageToPass } | semmle.label | { messageToPass } |
 | srv/service1.js:9:38:9:50 | messageToPass | semmle.label | messageToPass |
 | srv/service2.js:6:29:6:31 | msg | semmle.label | msg |
 | srv/service2.js:7:15:7:31 | { messageToPass } | semmle.label | { messageToPass } |
-| srv/service2.js:7:15:7:42 | messageToPass | semmle.label | messageToPass |
+| srv/service2.js:7:17:7:29 | messageToPass | semmle.label | messageToPass |
 | srv/service2.js:7:35:7:37 | msg | semmle.label | msg |
 | srv/service2.js:9:32:9:44 | messageToPass | semmle.label | messageToPass |
 subpaths
 
@@ -1,23 +1,23 @@
 edges
-| srv/service1.js:7:19:7:35 | { messageToPass } | srv/service1.js:7:19:7:46 | messageToPass | provenance |  |
-| srv/service1.js:7:19:7:46 | messageToPass | srv/service1.js:9:38:9:50 | messageToPass | provenance |  |
+| srv/service1.js:7:19:7:35 | { messageToPass } | srv/service1.js:7:21:7:33 | messageToPass | provenance |  |
+| srv/service1.js:7:21:7:33 | messageToPass | srv/service1.js:9:38:9:50 | messageToPass | provenance |  |
 | srv/service1.js:7:39:7:46 | req.data | srv/service1.js:7:19:7:35 | { messageToPass } | provenance |  |
 | srv/service1.js:9:36:9:52 | { messageToPass } | srv/service2.js:6:29:6:31 | msg | provenance |  |
 | srv/service1.js:9:38:9:50 | messageToPass | srv/service1.js:9:36:9:52 | { messageToPass } | provenance |  |
 | srv/service2.js:6:29:6:31 | msg | srv/service2.js:7:35:7:37 | msg | provenance |  |
-| srv/service2.js:7:15:7:31 | { messageToPass } | srv/service2.js:7:15:7:42 | messageToPass | provenance |  |
-| srv/service2.js:7:15:7:42 | messageToPass | srv/service2.js:9:32:9:44 | messageToPass | provenance |  |
+| srv/service2.js:7:15:7:31 | { messageToPass } | srv/service2.js:7:17:7:29 | messageToPass | provenance |  |
+| srv/service2.js:7:17:7:29 | messageToPass | srv/service2.js:9:32:9:44 | messageToPass | provenance |  |
 | srv/service2.js:7:35:7:37 | msg | srv/service2.js:7:15:7:31 | { messageToPass } | provenance |  |
 | srv/service2.js:7:35:7:42 | msg.data | srv/service2.js:7:15:7:31 | { messageToPass } | provenance |  |
 nodes
 | srv/service1.js:7:19:7:35 | { messageToPass } | semmle.label | { messageToPass } |
-| srv/service1.js:7:19:7:46 | messageToPass | semmle.label | messageToPass |
+| srv/service1.js:7:21:7:33 | messageToPass | semmle.label | messageToPass |
 | srv/service1.js:7:39:7:46 | req.data | semmle.label | req.data |
 | srv/service1.js:9:36:9:52 | { messageToPass } | semmle.label | { messageToPass } |
 | srv/service1.js:9:38:9:50 | messageToPass | semmle.label | messageToPass |
 | srv/service2.js:6:29:6:31 | msg | semmle.label | msg |
 | srv/service2.js:7:15:7:31 | { messageToPass } | semmle.label | { messageToPass } |
-| srv/service2.js:7:15:7:42 | messageToPass | semmle.label | messageToPass |
+| srv/service2.js:7:17:7:29 | messageToPass | semmle.label | messageToPass |
 | srv/service2.js:7:35:7:37 | msg | semmle.label | msg |
 | srv/service2.js:7:35:7:42 | msg.data | semmle.label | msg.data |
 | srv/service2.js:9:32:9:44 | messageToPass | semmle.label | messageToPass |
 
@@ -1,61 +1,61 @@
 edges
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:31:26:31:34 | userinput | provenance |  |
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:33:38:33:46 | userinput | provenance |  |
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:34:24:34:32 | userinput | provenance |  |
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:36:44:36:52 | userinput | provenance |  |
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:38:25:38:33 | userinput | provenance |  |
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:40:26:40:34 | userinput | provenance |  |
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:41:26:41:34 | userinput | provenance |  |
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:43:25:43:33 | userinput | provenance |  |
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:44:25:44:33 | userinput | provenance |  |
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:46:26:46:34 | userinput | provenance |  |
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:47:26:47:34 | userinput | provenance |  |
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:49:22:49:30 | userinput | provenance |  |
-| pathinjection.js:8:19:8:38 | userinput | pathinjection.js:50:22:50:30 | userinput | provenance |  |
-| pathinjection.js:8:31:8:38 | req.data | pathinjection.js:8:19:8:38 | userinput | provenance |  |
-| pathinjection.js:9:19:9:44 | userinputtwo | pathinjection.js:37:25:37:36 | userinputtwo | provenance |  |
-| pathinjection.js:9:34:9:44 | req.headers | pathinjection.js:9:19:9:44 | userinputtwo | provenance |  |
-| pathinjection.js:10:19:10:45 | userinputthree | pathinjection.js:12:38:12:51 | userinputthree | provenance |  |
-| pathinjection.js:10:19:10:45 | userinputthree | pathinjection.js:14:47:14:60 | userinputthree | provenance |  |
-| pathinjection.js:10:19:10:45 | userinputthree | pathinjection.js:16:34:16:47 | userinputthree | provenance |  |
-| pathinjection.js:10:19:10:45 | userinputthree | pathinjection.js:18:34:18:47 | userinputthree | provenance |  |
-| pathinjection.js:10:19:10:45 | userinputthree | pathinjection.js:20:35:20:48 | userinputthree | provenance |  |
-| pathinjection.js:10:36:10:45 | req.params | pathinjection.js:10:19:10:45 | userinputthree | provenance |  |
-| pathinjection.js:12:19:12:52 | taint1 | pathinjection.js:22:36:22:41 | taint1 | provenance |  |
-| pathinjection.js:12:28:12:52 | decodeU ... tthree) | pathinjection.js:12:19:12:52 | taint1 | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:31:26:31:34 | userinput | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:33:38:33:46 | userinput | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:34:24:34:32 | userinput | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:36:44:36:52 | userinput | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:38:25:38:33 | userinput | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:40:26:40:34 | userinput | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:41:26:41:34 | userinput | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:43:25:43:33 | userinput | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:44:25:44:33 | userinput | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:46:26:46:34 | userinput | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:47:26:47:34 | userinput | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:49:22:49:30 | userinput | provenance |  |
+| pathinjection.js:8:19:8:27 | userinput | pathinjection.js:50:22:50:30 | userinput | provenance |  |
+| pathinjection.js:8:31:8:38 | req.data | pathinjection.js:8:19:8:27 | userinput | provenance |  |
+| pathinjection.js:9:19:9:30 | userinputtwo | pathinjection.js:37:25:37:36 | userinputtwo | provenance |  |
+| pathinjection.js:9:34:9:44 | req.headers | pathinjection.js:9:19:9:30 | userinputtwo | provenance |  |
+| pathinjection.js:10:19:10:32 | userinputthree | pathinjection.js:12:38:12:51 | userinputthree | provenance |  |
+| pathinjection.js:10:19:10:32 | userinputthree | pathinjection.js:14:47:14:60 | userinputthree | provenance |  |
+| pathinjection.js:10:19:10:32 | userinputthree | pathinjection.js:16:34:16:47 | userinputthree | provenance |  |
+| pathinjection.js:10:19:10:32 | userinputthree | pathinjection.js:18:34:18:47 | userinputthree | provenance |  |
+| pathinjection.js:10:19:10:32 | userinputthree | pathinjection.js:20:35:20:48 | userinputthree | provenance |  |
+| pathinjection.js:10:36:10:45 | req.params | pathinjection.js:10:19:10:32 | userinputthree | provenance |  |
+| pathinjection.js:12:19:12:24 | taint1 | pathinjection.js:22:36:22:41 | taint1 | provenance |  |
+| pathinjection.js:12:28:12:52 | decodeU ... tthree) | pathinjection.js:12:19:12:24 | taint1 | provenance |  |
 | pathinjection.js:12:38:12:51 | userinputthree | pathinjection.js:12:28:12:52 | decodeU ... tthree) | provenance | Config |
-| pathinjection.js:14:19:14:61 | taint2 | pathinjection.js:24:40:24:45 | taint2 | provenance |  |
-| pathinjection.js:14:28:14:61 | decodeU ... tthree) | pathinjection.js:14:19:14:61 | taint2 | provenance |  |
+| pathinjection.js:14:19:14:24 | taint2 | pathinjection.js:24:40:24:45 | taint2 | provenance |  |
+| pathinjection.js:14:28:14:61 | decodeU ... tthree) | pathinjection.js:14:19:14:24 | taint2 | provenance |  |
 | pathinjection.js:14:47:14:60 | userinputthree | pathinjection.js:14:28:14:61 | decodeU ... tthree) | provenance | Config |
-| pathinjection.js:16:19:16:48 | taint3 | pathinjection.js:26:34:26:39 | taint3 | provenance |  |
-| pathinjection.js:16:28:16:48 | local(u ... tthree) | pathinjection.js:16:19:16:48 | taint3 | provenance |  |
+| pathinjection.js:16:19:16:24 | taint3 | pathinjection.js:26:34:26:39 | taint3 | provenance |  |
+| pathinjection.js:16:28:16:48 | local(u ... tthree) | pathinjection.js:16:19:16:24 | taint3 | provenance |  |
 | pathinjection.js:16:34:16:47 | userinputthree | pathinjection.js:16:28:16:48 | local(u ... tthree) | provenance | Config |
-| pathinjection.js:18:19:18:48 | taint4 | pathinjection.js:28:34:28:39 | taint4 | provenance |  |
-| pathinjection.js:18:28:18:48 | isdir(u ... tthree) | pathinjection.js:18:19:18:48 | taint4 | provenance |  |
+| pathinjection.js:18:19:18:24 | taint4 | pathinjection.js:28:34:28:39 | taint4 | provenance |  |
+| pathinjection.js:18:28:18:48 | isdir(u ... tthree) | pathinjection.js:18:19:18:24 | taint4 | provenance |  |
 | pathinjection.js:18:34:18:47 | userinputthree | pathinjection.js:18:28:18:48 | isdir(u ... tthree) | provenance | Config |
-| pathinjection.js:20:19:20:49 | taint5 | pathinjection.js:30:40:30:45 | taint5 | provenance |  |
-| pathinjection.js:20:28:20:49 | isfile( ... tthree) | pathinjection.js:20:19:20:49 | taint5 | provenance |  |
+| pathinjection.js:20:19:20:24 | taint5 | pathinjection.js:30:40:30:45 | taint5 | provenance |  |
+| pathinjection.js:20:28:20:49 | isfile( ... tthree) | pathinjection.js:20:19:20:24 | taint5 | provenance |  |
 | pathinjection.js:20:35:20:48 | userinputthree | pathinjection.js:20:28:20:49 | isfile( ... tthree) | provenance | Config |
 nodes
-| pathinjection.js:8:19:8:38 | userinput | semmle.label | userinput |
+| pathinjection.js:8:19:8:27 | userinput | semmle.label | userinput |
 | pathinjection.js:8:31:8:38 | req.data | semmle.label | req.data |
-| pathinjection.js:9:19:9:44 | userinputtwo | semmle.label | userinputtwo |
+| pathinjection.js:9:19:9:30 | userinputtwo | semmle.label | userinputtwo |
 | pathinjection.js:9:34:9:44 | req.headers | semmle.label | req.headers |
-| pathinjection.js:10:19:10:45 | userinputthree | semmle.label | userinputthree |
+| pathinjection.js:10:19:10:32 | userinputthree | semmle.label | userinputthree |
 | pathinjection.js:10:36:10:45 | req.params | semmle.label | req.params |
-| pathinjection.js:12:19:12:52 | taint1 | semmle.label | taint1 |
+| pathinjection.js:12:19:12:24 | taint1 | semmle.label | taint1 |
 | pathinjection.js:12:28:12:52 | decodeU ... tthree) | semmle.label | decodeU ... tthree) |
 | pathinjection.js:12:38:12:51 | userinputthree | semmle.label | userinputthree |
-| pathinjection.js:14:19:14:61 | taint2 | semmle.label | taint2 |
+| pathinjection.js:14:19:14:24 | taint2 | semmle.label | taint2 |
 | pathinjection.js:14:28:14:61 | decodeU ... tthree) | semmle.label | decodeU ... tthree) |
 | pathinjection.js:14:47:14:60 | userinputthree | semmle.label | userinputthree |
-| pathinjection.js:16:19:16:48 | taint3 | semmle.label | taint3 |
+| pathinjection.js:16:19:16:24 | taint3 | semmle.label | taint3 |
 | pathinjection.js:16:28:16:48 | local(u ... tthree) | semmle.label | local(u ... tthree) |
 | pathinjection.js:16:34:16:47 | userinputthree | semmle.label | userinputthree |
-| pathinjection.js:18:19:18:48 | taint4 | semmle.label | taint4 |
+| pathinjection.js:18:19:18:24 | taint4 | semmle.label | taint4 |
 | pathinjection.js:18:28:18:48 | isdir(u ... tthree) | semmle.label | isdir(u ... tthree) |
 | pathinjection.js:18:34:18:47 | userinputthree | semmle.label | userinputthree |
-| pathinjection.js:20:19:20:49 | taint5 | semmle.label | taint5 |
+| pathinjection.js:20:19:20:24 | taint5 | semmle.label | taint5 |
 | pathinjection.js:20:28:20:49 | isfile( ... tthree) | semmle.label | isfile( ... tthree) |
 | pathinjection.js:20:35:20:48 | userinputthree | semmle.label | userinputthree |
 | pathinjection.js:22:36:22:41 | taint1 | semmle.label | taint1 |
 
@@ -1,14 +1,14 @@
 edges
 | sensitive-exposure-heuristic-source.js:6:41:6:67 | JSON.st ... ss.env) | sensitive-exposure-heuristic-source.js:6:18:6:69 | `[INFO] ... .env)}` | provenance |  |
 | sensitive-exposure-heuristic-source.js:6:56:6:66 | process.env | sensitive-exposure-heuristic-source.js:6:41:6:67 | JSON.st ... ss.env) | provenance |  |
-| sensitive-exposure-heuristic-source.js:8:13:10:9 | obj [x] | sensitive-exposure-heuristic-source.js:11:18:11:20 | obj | provenance |  |
-| sensitive-exposure-heuristic-source.js:8:19:10:9 | {\\n      ...       } [x] | sensitive-exposure-heuristic-source.js:8:13:10:9 | obj [x] | provenance |  |
+| sensitive-exposure-heuristic-source.js:8:13:8:15 | obj [x] | sensitive-exposure-heuristic-source.js:11:18:11:20 | obj | provenance |  |
+| sensitive-exposure-heuristic-source.js:8:19:10:9 | {\\n      ...       } [x] | sensitive-exposure-heuristic-source.js:8:13:8:15 | obj [x] | provenance |  |
 | sensitive-exposure-heuristic-source.js:9:16:9:23 | password | sensitive-exposure-heuristic-source.js:8:19:10:9 | {\\n      ...       } [x] | provenance |  |
 nodes
 | sensitive-exposure-heuristic-source.js:6:18:6:69 | `[INFO] ... .env)}` | semmle.label | `[INFO] ... .env)}` |
 | sensitive-exposure-heuristic-source.js:6:41:6:67 | JSON.st ... ss.env) | semmle.label | JSON.st ... ss.env) |
 | sensitive-exposure-heuristic-source.js:6:56:6:66 | process.env | semmle.label | process.env |
-| sensitive-exposure-heuristic-source.js:8:13:10:9 | obj [x] | semmle.label | obj [x] |
+| sensitive-exposure-heuristic-source.js:8:13:8:15 | obj [x] | semmle.label | obj [x] |
 | sensitive-exposure-heuristic-source.js:8:19:10:9 | {\\n      ...       } [x] | semmle.label | {\\n      ...       } [x] |
 | sensitive-exposure-heuristic-source.js:9:16:9:23 | password | semmle.label | password |
 | sensitive-exposure-heuristic-source.js:11:18:11:20 | obj | semmle.label | obj |