diff --git a/.github/codeql/codeql-config.yaml b/.github/codeql/codeql-config.yaml index 9c6b990c7..005c8944d 100644 --- a/.github/codeql/codeql-config.yaml +++ b/.github/codeql/codeql-config.yaml @@ -6,8 +6,5 @@ queries: - uses: ./javascript/frameworks/ui5/src/codeql-suites/javascript-security-extended.qls - uses: ./javascript/frameworks/cap/src/codeql-suites/javascript-security-extended.qls -paths: - - "**/*.xml" - - "**/*.json" paths-ignore: - "**/frameworks/*/test/models" diff --git a/.github/workflows/code_scanning.yml b/.github/workflows/code_scanning.yml index 168b1339e..e4fbeb472 100644 --- a/.github/workflows/code_scanning.yml +++ b/.github/workflows/code_scanning.yml @@ -12,7 +12,6 @@ on: env: LGTM_INDEX_XML_MODE: all - LGTM_INDEX_FILTERS: "include:**/*.json" jobs: analyze: diff --git a/.github/workflows/javascript.sarif.expected b/.github/workflows/javascript.sarif.expected index ae475cf03..016d091fc 100644 --- a/.github/workflows/javascript.sarif.expected +++ b/.github/workflows/javascript.sarif.expected @@ -2835,7 +2835,7 @@ } ] }, { "name" : "advanced-security/javascript-sap-ui5-queries", - "semanticVersion" : "0.6.0+98e19b0e301f4a2867e6a5c7d8351765387cf40c", + "semanticVersion" : "0.6.0+f0edf44a8f8752bf272345a75f00be922e0919a8", "rules" : [ { "id" : "js/ui5-xss", "name" : "js/ui5-xss", @@ -2985,7 +2985,7 @@ } ] }, { "name" : "advanced-security/javascript-sap-cap-queries", - "semanticVersion" : "0.2.0+98e19b0e301f4a2867e6a5c7d8351765387cf40c", + "semanticVersion" : "0.2.0+f0edf44a8f8752bf272345a75f00be922e0919a8", "rules" : [ { "id" : "js/cap-sql-injection", "name" : "js/cap-sql-injection", @@ -3076,137 +3076,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/db/schema.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "js/diagnostics/successfully-extracted-files", - "index" : 1, - "toolComponent" : { - "index" : 0 - } - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - }, { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 1 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "js/diagnostics/successfully-extracted-files", - "index" : 1, - "toolComponent" : { - "index" : 0 - } - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - }, { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/srv/service2.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 2 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "js/diagnostics/successfully-extracted-files", - "index" : 1, - "toolComponent" : { - "index" : 0 - } - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - }, { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/srv/service1.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 3 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "js/diagnostics/successfully-extracted-files", - "index" : 1, - "toolComponent" : { - "index" : 0 - } - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - }, { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/db/schema.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 4 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "js/diagnostics/successfully-extracted-files", - "index" : 1, - "toolComponent" : { - "index" : 0 - } - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - }, { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/package.json", + "uri" : ".github/actions/install-qlt/action.yml", "uriBaseId" : "%SRCROOT%", "index" : 5 } @@ -3232,7 +3102,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/srv/service1.cds.json", + "uri" : ".github/actions/install-codeql/action.yml", "uriBaseId" : "%SRCROOT%", "index" : 6 } @@ -3258,7 +3128,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/srv/service2.cds.json", + "uri" : ".github/codeql/codeql-config.yaml", "uriBaseId" : "%SRCROOT%", "index" : 7 } @@ -3284,7 +3154,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/package.json", + "uri" : ".github/codeql/extensions/javascript/frameworks/ui5/ext/ext/qlpack.yml", "uriBaseId" : "%SRCROOT%", "index" : 8 } @@ -3310,7 +3180,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/db/schema.cds.json", + "uri" : ".github/codeql/extensions/javascript/frameworks/cap/ext/ext/qlpack.yml", "uriBaseId" : "%SRCROOT%", "index" : 9 } @@ -3336,7 +3206,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/srv/service1.cds.json", + "uri" : ".github/codeql/extensions/javascript/frameworks/ui5/ext/ext/ui5.model.yml", "uriBaseId" : "%SRCROOT%", "index" : 10 } @@ -3362,7 +3232,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/srv/service2.cds.json", + "uri" : ".github/codeql/extensions/javascript/heuristic-models/ext/ext/additional-sources.model.yml", "uriBaseId" : "%SRCROOT%", "index" : 11 } @@ -3388,7 +3258,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/db/schema.cds.json", + "uri" : ".github/codeql/extensions/javascript/heuristic-models/ext/ext/qlpack.yml", "uriBaseId" : "%SRCROOT%", "index" : 12 } @@ -3414,7 +3284,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/package.json", + "uri" : ".github/workflows/code_scanning.yml", "uriBaseId" : "%SRCROOT%", "index" : 13 } @@ -3440,7 +3310,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/srv/service1.cds.json", + "uri" : ".github/workflows/run-codeql-unit-tests-javascript.yml", "uriBaseId" : "%SRCROOT%", "index" : 14 } @@ -3466,7 +3336,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/srv/service2.cds.json", + "uri" : "codeql-workspace.yml", "uriBaseId" : "%SRCROOT%", "index" : 15 } @@ -3492,7 +3362,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/package.json", + "uri" : "javascript/frameworks/cap/lib/qlpack.yml", "uriBaseId" : "%SRCROOT%", "index" : 16 } @@ -3518,7 +3388,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/db/schema.cds.json", + "uri" : "javascript/frameworks/cap/src/qlpack.yml", "uriBaseId" : "%SRCROOT%", "index" : 17 } @@ -3544,7 +3414,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service1.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/package.json", "uriBaseId" : "%SRCROOT%", "index" : 18 } @@ -3570,7 +3440,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service2.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/server.js", "uriBaseId" : "%SRCROOT%", "index" : 19 } @@ -3596,7 +3466,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/db/schema.cds.json", + "uri" : "javascript/frameworks/cap/test/qlpack.yml", "uriBaseId" : "%SRCROOT%", "index" : 20 } @@ -3622,7 +3492,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/package.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 21 } @@ -3648,7 +3518,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/srv/service1.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 22 } @@ -3674,7 +3544,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/srv/service2.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/package.json", "uriBaseId" : "%SRCROOT%", "index" : 23 } @@ -3700,7 +3570,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/db/schema.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 24 } @@ -3726,7 +3596,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/srv/service1.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/server.js", "uriBaseId" : "%SRCROOT%", "index" : 25 } @@ -3752,7 +3622,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/package.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 26 } @@ -3778,7 +3648,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/db/schema.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/package.json", "uriBaseId" : "%SRCROOT%", "index" : 27 } @@ -3804,7 +3674,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/srv/service2.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 28 } @@ -3830,7 +3700,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/package.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/server.js", "uriBaseId" : "%SRCROOT%", "index" : 29 } @@ -3856,7 +3726,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/srv/service1.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 30 } @@ -3882,7 +3752,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/srv/service2.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/server.js", "uriBaseId" : "%SRCROOT%", "index" : 31 } @@ -3908,7 +3778,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/db/schema.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/package.json", "uriBaseId" : "%SRCROOT%", "index" : 32 } @@ -3934,7 +3804,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/package.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 33 } @@ -3960,7 +3830,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service1.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 34 } @@ -3986,7 +3856,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/package.json", "uriBaseId" : "%SRCROOT%", "index" : 35 } @@ -4012,7 +3882,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/package.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/server.js", "uriBaseId" : "%SRCROOT%", "index" : 36 } @@ -4038,7 +3908,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/privileged-user.js", "uriBaseId" : "%SRCROOT%", "index" : 37 } @@ -4064,7 +3934,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/db/schema.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 38 } @@ -4090,7 +3960,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/db/schema.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 39 } @@ -4116,7 +3986,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/package.json", "uriBaseId" : "%SRCROOT%", "index" : 40 } @@ -4142,7 +4012,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/package.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 41 } @@ -4168,7 +4038,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/server.js", "uriBaseId" : "%SRCROOT%", "index" : 42 } @@ -4194,7 +4064,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 43 } @@ -4220,7 +4090,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/package.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/package.json", "uriBaseId" : "%SRCROOT%", "index" : 44 } @@ -4246,7 +4116,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/db/schema.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/server.js", "uriBaseId" : "%SRCROOT%", "index" : 45 } @@ -4272,7 +4142,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 46 } @@ -4298,7 +4168,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 47 } @@ -4324,7 +4194,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/db/schema.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/server.js", "uriBaseId" : "%SRCROOT%", "index" : 48 } @@ -4350,7 +4220,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/package.json", "uriBaseId" : "%SRCROOT%", "index" : 49 } @@ -4376,7 +4246,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/package.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 50 } @@ -4402,7 +4272,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/lib/Bindings/test.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 51 } @@ -4428,7 +4298,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/package.json", "uriBaseId" : "%SRCROOT%", "index" : 52 } @@ -4454,7 +4324,33 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/models/attachDisplay_detachDisplay/webapp/view/App.view.xml", + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/server.js", "uriBaseId" : "%SRCROOT%", "index" : 53 } @@ -4480,7 +4376,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/lib/Bindings/test.xml", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 54 } @@ -4506,7 +4402,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/models/binding_path/bindingComposite.xml", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 55 } @@ -4532,7 +4428,33 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/models/binding_path/binding1.xml", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/package.json", "uriBaseId" : "%SRCROOT%", "index" : 56 } @@ -4558,7 +4480,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/models/multiple_models/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/server.js", "uriBaseId" : "%SRCROOT%", "index" : 57 } @@ -4584,7 +4506,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/models/property_getter_setter/webapp/view/App.view.xml", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 58 } @@ -4610,7 +4532,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/models/sink/sink1.xml", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 59 } @@ -4636,7 +4558,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/models/source/source1.xml", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/package.json", "uriBaseId" : "%SRCROOT%", "index" : 60 } @@ -4662,7 +4584,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/package-lock.json", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/server.js", "uriBaseId" : "%SRCROOT%", "index" : 61 } @@ -4688,7 +4610,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/package.json", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 62 } @@ -4714,7 +4636,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 63 } @@ -4740,7 +4662,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/package.json", "uriBaseId" : "%SRCROOT%", "index" : 64 } @@ -4766,7 +4688,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/package-lock.json", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/server.js", "uriBaseId" : "%SRCROOT%", "index" : 65 } @@ -4792,7 +4714,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/package.json", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 66 } @@ -4818,7 +4740,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 67 } @@ -4844,7 +4766,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/package.json", "uriBaseId" : "%SRCROOT%", "index" : 68 } @@ -4870,7 +4792,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/package-lock.json", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/server.js", "uriBaseId" : "%SRCROOT%", "index" : 69 } @@ -4896,7 +4818,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/package.json", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.js", "uriBaseId" : "%SRCROOT%", "index" : 70 } @@ -4922,7 +4844,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/manifest.json", + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", "uriBaseId" : "%SRCROOT%", "index" : 71 } @@ -4948,7 +4870,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/lib/qlpack.yml", "uriBaseId" : "%SRCROOT%", "index" : 72 } @@ -4974,7 +4896,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/lib/BindingStringParser/test.js", "uriBaseId" : "%SRCROOT%", "index" : 73 } @@ -5000,7 +4922,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/package.json", + "uri" : "javascript/frameworks/ui5/src/qlpack.yml", "uriBaseId" : "%SRCROOT%", "index" : 74 } @@ -5026,7 +4948,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/lib/Bindings/test.html", "uriBaseId" : "%SRCROOT%", "index" : 75 } @@ -5052,7 +4974,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/lib/Bindings/test.xml", "uriBaseId" : "%SRCROOT%", "index" : 76 } @@ -5078,7 +5000,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/lib/Bindings/test.js", "uriBaseId" : "%SRCROOT%", "index" : 77 } @@ -5104,7 +5026,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/package.json", + "uri" : "javascript/frameworks/ui5/test/lib/JsonParser/test.js", "uriBaseId" : "%SRCROOT%", "index" : 78 } @@ -5130,7 +5052,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/models/attachDisplay_detachDisplay/webapp/view/App.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 79 } @@ -5156,7 +5078,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/models/binding_path/bindingComposite.xml", "uriBaseId" : "%SRCROOT%", "index" : 80 } @@ -5182,7 +5104,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/models/multiple_models/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 81 } @@ -5208,7 +5130,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/package.json", + "uri" : "javascript/frameworks/ui5/test/models/binding_path/binding1.xml", "uriBaseId" : "%SRCROOT%", "index" : 82 } @@ -5234,7 +5156,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/models/property_getter_setter/webapp/view/App.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 83 } @@ -5260,7 +5182,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/models/sink/sink1.xml", "uriBaseId" : "%SRCROOT%", "index" : 84 } @@ -5286,7 +5208,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/package.json", + "uri" : "javascript/frameworks/ui5/test/qlpack.yml", "uriBaseId" : "%SRCROOT%", "index" : 85 } @@ -5312,7 +5234,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/models/source/source1.xml", "uriBaseId" : "%SRCROOT%", "index" : 86 } @@ -5338,7 +5260,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-allow-all/index.html", "uriBaseId" : "%SRCROOT%", "index" : 87 } @@ -5364,7 +5286,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-allow-all/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 88 } @@ -5390,7 +5312,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-default-all/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 89 } @@ -5416,7 +5338,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-deny-all/index.html", "uriBaseId" : "%SRCROOT%", "index" : 90 } @@ -5442,7 +5364,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-default-all/index.html", "uriBaseId" : "%SRCROOT%", "index" : 91 } @@ -5468,7 +5390,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-deny-all/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 92 } @@ -5494,7 +5416,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/package.json", "uriBaseId" : "%SRCROOT%", "index" : 93 } @@ -5520,7 +5442,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 94 } @@ -5546,7 +5468,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/control/xss.js", "uriBaseId" : "%SRCROOT%", "index" : 95 } @@ -5572,7 +5494,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", "index" : 96 } @@ -5598,7 +5520,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/index.html", "uriBaseId" : "%SRCROOT%", "index" : 97 } @@ -5624,7 +5546,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/index.js", "uriBaseId" : "%SRCROOT%", "index" : 98 } @@ -5650,7 +5572,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 99 } @@ -5676,7 +5598,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/package.json", "uriBaseId" : "%SRCROOT%", "index" : 100 } @@ -5702,7 +5624,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 101 } @@ -5728,7 +5650,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/control/xss.js", "uriBaseId" : "%SRCROOT%", "index" : 102 } @@ -5754,7 +5676,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", "index" : 103 } @@ -5780,7 +5702,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/index.html", "uriBaseId" : "%SRCROOT%", "index" : 104 } @@ -5806,7 +5728,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/.eslintrc.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/index.js", "uriBaseId" : "%SRCROOT%", "index" : 105 } @@ -5832,7 +5754,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 106 } @@ -5858,7 +5780,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/package.json", "uriBaseId" : "%SRCROOT%", "index" : 107 } @@ -5884,7 +5806,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 108 } @@ -5910,7 +5832,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/model/todoitems.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", "index" : 109 } @@ -5936,7 +5858,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/view/App.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/index.html", "uriBaseId" : "%SRCROOT%", "index" : 110 } @@ -5962,7 +5884,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/index.js", "uriBaseId" : "%SRCROOT%", "index" : 111 } @@ -5988,7 +5910,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 112 } @@ -6014,9 +5936,9 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", "uriBaseId" : "%SRCROOT%", - "index" : 113 + "index" : 3 } } } ], @@ -6040,9 +5962,9 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 114 + "index" : 113 } } } ], @@ -6066,9 +5988,9 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 115 + "index" : 114 } } } ], @@ -6092,7 +6014,33 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 115 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/index.html", "uriBaseId" : "%SRCROOT%", "index" : 116 } @@ -6118,7 +6066,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", "index" : 117 } @@ -6144,7 +6092,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/index.js", "uriBaseId" : "%SRCROOT%", "index" : 118 } @@ -6170,7 +6118,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 119 } @@ -6196,7 +6144,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/package.json", "uriBaseId" : "%SRCROOT%", "index" : 120 } @@ -6222,7 +6170,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 121 } @@ -6248,7 +6196,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js", "uriBaseId" : "%SRCROOT%", "index" : 122 } @@ -6274,7 +6222,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", "index" : 123 } @@ -6300,7 +6248,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/index.html", "uriBaseId" : "%SRCROOT%", "index" : 124 } @@ -6326,7 +6274,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/index.js", "uriBaseId" : "%SRCROOT%", "index" : 125 } @@ -6352,7 +6300,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 126 } @@ -6378,7 +6326,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/package.json", "uriBaseId" : "%SRCROOT%", "index" : 127 } @@ -6404,7 +6352,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 128 } @@ -6430,7 +6378,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", "index" : 129 } @@ -6456,7 +6404,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/index.html", "uriBaseId" : "%SRCROOT%", "index" : 130 } @@ -6482,7 +6430,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/index.js", "uriBaseId" : "%SRCROOT%", "index" : 131 } @@ -6508,7 +6456,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 132 } @@ -6534,7 +6482,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/package.json", "uriBaseId" : "%SRCROOT%", "index" : 133 } @@ -6560,7 +6508,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 134 } @@ -6586,7 +6534,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", "index" : 135 } @@ -6612,7 +6560,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/index.html", "uriBaseId" : "%SRCROOT%", "index" : 136 } @@ -6638,7 +6586,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/index.js", "uriBaseId" : "%SRCROOT%", "index" : 137 } @@ -6664,7 +6612,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/utils/CustomLogListener.js", "uriBaseId" : "%SRCROOT%", "index" : 138 } @@ -6690,7 +6638,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 139 } @@ -6716,7 +6664,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/package.json", "uriBaseId" : "%SRCROOT%", "index" : 140 } @@ -6742,7 +6690,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 141 } @@ -6768,7 +6716,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", "index" : 142 } @@ -6794,7 +6742,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/index.html", "uriBaseId" : "%SRCROOT%", "index" : 143 } @@ -6820,7 +6768,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/index.js", "uriBaseId" : "%SRCROOT%", "index" : 144 } @@ -6846,7 +6794,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 145 } @@ -6872,7 +6820,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/package.json", "uriBaseId" : "%SRCROOT%", "index" : 146 } @@ -6898,7 +6846,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 147 } @@ -6924,7 +6872,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/control/xss.js", "uriBaseId" : "%SRCROOT%", "index" : 148 } @@ -6950,7 +6898,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/controller/model.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", "index" : 149 } @@ -6976,7 +6924,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/index.html", "uriBaseId" : "%SRCROOT%", "index" : 150 } @@ -7002,7 +6950,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/index.js", "uriBaseId" : "%SRCROOT%", "index" : 151 } @@ -7028,7 +6976,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 152 } @@ -7054,7 +7002,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/package.json", "uriBaseId" : "%SRCROOT%", "index" : 153 } @@ -7080,7 +7028,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 154 } @@ -7106,7 +7054,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/control/xss.js", "uriBaseId" : "%SRCROOT%", "index" : 155 } @@ -7132,7 +7080,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", "index" : 156 } @@ -7158,7 +7106,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/index.html", "uriBaseId" : "%SRCROOT%", "index" : 157 } @@ -7184,7 +7132,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 158 } @@ -7210,7 +7158,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/index.js", "uriBaseId" : "%SRCROOT%", "index" : 159 } @@ -7236,7 +7184,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/package.json", "uriBaseId" : "%SRCROOT%", "index" : 160 } @@ -7262,7 +7210,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 161 } @@ -7288,7 +7236,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", "index" : 162 } @@ -7314,7 +7262,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/index.html", "uriBaseId" : "%SRCROOT%", "index" : 163 } @@ -7340,7 +7288,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/index.js", "uriBaseId" : "%SRCROOT%", "index" : 164 } @@ -7366,7 +7314,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/webapp/view/app.view.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", "index" : 165 } @@ -7392,7 +7340,33 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/.eslintrc.json", "uriBaseId" : "%SRCROOT%", "index" : 166 } @@ -7418,7 +7392,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/package.json", "uriBaseId" : "%SRCROOT%", "index" : 167 } @@ -7444,7 +7418,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/ui5.yaml", "uriBaseId" : "%SRCROOT%", "index" : 168 } @@ -7470,7 +7444,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/Component.js", "uriBaseId" : "%SRCROOT%", "index" : 169 } @@ -7496,7 +7470,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controller/App.Controller.js", "uriBaseId" : "%SRCROOT%", "index" : 170 } @@ -7522,7 +7496,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controls/Book.js", "uriBaseId" : "%SRCROOT%", "index" : 171 } @@ -7548,7 +7522,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/index.html", "uriBaseId" : "%SRCROOT%", "index" : 172 } @@ -7574,7 +7548,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/AllJourneys.js", "uriBaseId" : "%SRCROOT%", "index" : 173 } @@ -7600,7 +7574,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/FilterJourney.js", "uriBaseId" : "%SRCROOT%", "index" : 174 } @@ -7626,7 +7600,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/SearchJourney.js", "uriBaseId" : "%SRCROOT%", "index" : 175 } @@ -7652,7 +7626,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/TodoListJourney.js", "uriBaseId" : "%SRCROOT%", "index" : 176 } @@ -7678,7 +7652,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/arrangements/Startup.js", "uriBaseId" : "%SRCROOT%", "index" : 177 } @@ -7704,7 +7678,7 @@ "locations" : [ { "physicalLocation" : { "artifactLocation" : { - "uri" : "qlt.conf.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/opaTests.qunit.html", "uriBaseId" : "%SRCROOT%", "index" : 178 } @@ -7726,1085 +7700,18906 @@ "text" : "" } } - } ], - "executionSuccessful" : true - } ], - "artifacts" : [ { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/db/schema.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 1 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/srv/service2.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 2 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/srv/service1.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 3 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/db/schema.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 4 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 5 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/srv/service1.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 6 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/srv/service2.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 7 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 8 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/db/schema.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 9 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/srv/service1.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 10 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/srv/service2.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 11 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/db/schema.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 12 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 13 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/srv/service1.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 14 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/srv/service2.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 15 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 16 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/db/schema.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 17 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service1.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 18 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service2.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 19 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/db/schema.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 20 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 21 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/srv/service1.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 22 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/srv/service2.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 23 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/db/schema.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 24 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/srv/service1.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 25 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 26 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/db/schema.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 27 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/srv/service2.cds.json", - "uriBaseId" : "%SRCROOT%", - "index" : 28 - } - }, { - "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/package.json", - "uriBaseId" : "%SRCROOT%", + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/opaTests.qunit.js", + "uriBaseId" : "%SRCROOT%", + "index" : 179 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/pages/App.js", + "uriBaseId" : "%SRCROOT%", + "index" : 180 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/testsuite.qunit.html", + "uriBaseId" : "%SRCROOT%", + "index" : 181 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/testsuite.qunit.js", + "uriBaseId" : "%SRCROOT%", + "index" : 182 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/unit/AllTests.js", + "uriBaseId" : "%SRCROOT%", + "index" : 183 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/unit/controller/App.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 184 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/unit/unitTests.qunit.html", + "uriBaseId" : "%SRCROOT%", + "index" : 185 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/unit/unitTests.qunit.js", + "uriBaseId" : "%SRCROOT%", + "index" : 186 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/util/Helper.js", + "uriBaseId" : "%SRCROOT%", + "index" : 187 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/view/App.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 188 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 189 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 190 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 191 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 192 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 193 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 194 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 195 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 196 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 197 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 198 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 199 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 200 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 201 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 202 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 203 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 204 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 205 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 206 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 207 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 208 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 209 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 210 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 211 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 212 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 213 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 214 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 215 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 216 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 217 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 218 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 219 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 220 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 221 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 222 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 223 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 224 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 225 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 227 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 228 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 229 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 230 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 231 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 232 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 233 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 234 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 235 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 236 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 237 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 238 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 239 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 240 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 241 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 242 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 243 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 244 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 245 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 246 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 247 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 248 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 249 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 250 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 251 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 252 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 253 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 254 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 255 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 256 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 257 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/view/app.view.html", + "uriBaseId" : "%SRCROOT%", + "index" : 258 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 259 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 260 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 261 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 262 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/control/xssBase.js", + "uriBaseId" : "%SRCROOT%", + "index" : 263 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/control/xssRenderer.js", + "uriBaseId" : "%SRCROOT%", + "index" : 264 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 265 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 266 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 267 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 268 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 269 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 270 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 271 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 272 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 273 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/view/app.view.js", + "uriBaseId" : "%SRCROOT%", + "index" : 274 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 275 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 276 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 277 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 278 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 279 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 280 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/control/renderer.js", + "uriBaseId" : "%SRCROOT%", + "index" : 281 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 282 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 283 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 284 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 285 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 286 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 287 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 288 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 289 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 290 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/control/xssRenderer.js", + "uriBaseId" : "%SRCROOT%", + "index" : 291 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 292 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 293 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 294 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 295 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 296 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 297 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 298 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 299 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 300 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/heuristic-models/tests/Sources/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 4 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/heuristic-models/tests/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 301 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 302 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "scripts/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 303 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "js/diagnostics/successfully-extracted-files", + "index" : 1, + "toolComponent" : { + "index" : 0 + } + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/Component.js", + "uriBaseId" : "%SRCROOT%", + "index" : 169 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 22 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 102 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 109 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/SearchJourney.js", + "uriBaseId" : "%SRCROOT%", + "index" : 175 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 70 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 48 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/control/renderer.js", + "uriBaseId" : "%SRCROOT%", + "index" : 281 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 191 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/FilterJourney.js", + "uriBaseId" : "%SRCROOT%", + "index" : 174 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 206 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 63 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 51 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 159 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 199 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 219 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/control/xssBase.js", + "uriBaseId" : "%SRCROOT%", + "index" : 263 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 41 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 273 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 115 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 271 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 155 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 298 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/utils/CustomLogListener.js", + "uriBaseId" : "%SRCROOT%", + "index" : 138 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 151 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 278 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/arrangements/Startup.js", + "uriBaseId" : "%SRCROOT%", + "index" : 177 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/pages/App.js", + "uriBaseId" : "%SRCROOT%", + "index" : 180 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 53 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 284 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 58 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/control/xssRenderer.js", + "uriBaseId" : "%SRCROOT%", + "index" : 291 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 137 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 46 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 294 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 118 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 201 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/lib/Bindings/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 77 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 125 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 251 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 103 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/TodoListJourney.js", + "uriBaseId" : "%SRCROOT%", + "index" : 176 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 69 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 28 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 144 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 267 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 34 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 39 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/privileged-user.js", + "uriBaseId" : "%SRCROOT%", + "index" : 37 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/lib/JsonParser/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 78 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 21 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 98 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/control/xssRenderer.js", + "uriBaseId" : "%SRCROOT%", + "index" : 264 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 232 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 65 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 265 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 244 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 262 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 122 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 43 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 290 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 238 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 19 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 55 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 45 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 47 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/view/app.view.js", + "uriBaseId" : "%SRCROOT%", + "index" : 274 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/testsuite.qunit.js", + "uriBaseId" : "%SRCROOT%", + "index" : 182 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 96 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 240 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 33 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 257 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 246 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 237 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 67 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 117 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/heuristic-models/tests/Sources/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 4 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 252 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controller/App.Controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 170 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 279 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 149 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 282 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 221 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 256 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 61 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 286 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 42 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 26 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 36 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/unit/AllTests.js", + "uriBaseId" : "%SRCROOT%", + "index" : 183 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 50 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 148 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 111 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 25 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 162 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 213 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 30 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 131 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 95 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/util/Helper.js", + "uriBaseId" : "%SRCROOT%", + "index" : 187 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 38 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 24 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 207 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 129 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 105 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 215 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 142 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 212 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 57 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 194 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/lib/BindingStringParser/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 73 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 302 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 198 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/unit/controller/App.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 184 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 205 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/unit/unitTests.qunit.js", + "uriBaseId" : "%SRCROOT%", + "index" : 186 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 222 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 135 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 228 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 54 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 164 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 292 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 156 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 192 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 29 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/AllJourneys.js", + "uriBaseId" : "%SRCROOT%", + "index" : 173 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/opaTests.qunit.js", + "uriBaseId" : "%SRCROOT%", + "index" : 179 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controls/Book.js", + "uriBaseId" : "%SRCROOT%", + "index" : 171 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 31 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 123 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/javascript", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "scripts/CreateTestsFromYaml.py", + "uriBaseId" : "%SRCROOT%", + "index" : 304 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cli/expected-extracted-files/python", + "index" : 1 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + } ], + "executionSuccessful" : true + } ], + "artifacts" : [ { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + } + }, { + "location" : { + "uri" : "javascript/heuristic-models/tests/Sources/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 4 + } + }, { + "location" : { + "uri" : ".github/actions/install-qlt/action.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 5 + } + }, { + "location" : { + "uri" : ".github/actions/install-codeql/action.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 6 + } + }, { + "location" : { + "uri" : ".github/codeql/codeql-config.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 7 + } + }, { + "location" : { + "uri" : ".github/codeql/extensions/javascript/frameworks/ui5/ext/ext/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 8 + } + }, { + "location" : { + "uri" : ".github/codeql/extensions/javascript/frameworks/cap/ext/ext/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 9 + } + }, { + "location" : { + "uri" : ".github/codeql/extensions/javascript/frameworks/ui5/ext/ext/ui5.model.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 10 + } + }, { + "location" : { + "uri" : ".github/codeql/extensions/javascript/heuristic-models/ext/ext/additional-sources.model.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 11 + } + }, { + "location" : { + "uri" : ".github/codeql/extensions/javascript/heuristic-models/ext/ext/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 12 + } + }, { + "location" : { + "uri" : ".github/workflows/code_scanning.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 13 + } + }, { + "location" : { + "uri" : ".github/workflows/run-codeql-unit-tests-javascript.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 14 + } + }, { + "location" : { + "uri" : "codeql-workspace.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 15 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/lib/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 16 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/src/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 17 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 18 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 19 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 20 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 21 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-cds-authz/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 22 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 23 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 24 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 25 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-js-authz/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 26 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 27 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 28 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/server.js", + "uriBaseId" : "%SRCROOT%", "index" : 29 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/srv/service1.cds.json", + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/entities-with-no-authz/entities-exposed-with-no-authz/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 30 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 31 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 32 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 33 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/default-is-privileged/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 34 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 35 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 36 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/privileged-user.js", + "uriBaseId" : "%SRCROOT%", + "index" : 37 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 38 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 39 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 40 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 41 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 42 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/basic-authentication/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 43 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 44 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 45 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 46 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/dummy-authentication/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 47 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 48 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 49 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 50 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 51 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 52 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 53 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 54 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 55 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 56 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 57 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 58 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 60 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 61 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 63 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 64 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 65 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 67 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 68 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/server.js", + "uriBaseId" : "%SRCROOT%", + "index" : 69 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 70 + } + }, { + "location" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/lib/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 72 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/lib/BindingStringParser/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 73 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/src/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 74 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/lib/Bindings/test.html", + "uriBaseId" : "%SRCROOT%", + "index" : 75 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/lib/Bindings/test.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 76 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/lib/Bindings/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 77 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/lib/JsonParser/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 78 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/models/attachDisplay_detachDisplay/webapp/view/App.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 79 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/models/binding_path/bindingComposite.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 80 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/models/multiple_models/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 81 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/models/binding_path/binding1.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 82 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/models/property_getter_setter/webapp/view/App.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 83 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/models/sink/sink1.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 84 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 85 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/models/source/source1.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 86 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-allow-all/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 87 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-allow-all/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 88 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-default-all/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 89 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-deny-all/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 90 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-default-all/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 91 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-deny-all/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 92 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 93 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 94 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 95 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 96 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 97 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 98 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 99 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 100 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 101 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 102 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 103 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 104 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 105 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 106 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 107 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 108 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 109 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 110 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 111 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 112 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 113 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 114 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 115 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 116 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 117 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 118 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 119 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 120 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 121 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 122 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 123 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 124 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 125 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 126 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 127 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 128 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 129 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 130 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 131 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 132 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 133 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 134 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 135 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 136 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 137 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/utils/CustomLogListener.js", + "uriBaseId" : "%SRCROOT%", + "index" : 138 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 139 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 140 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 141 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 142 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 143 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 144 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 145 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 146 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 147 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 148 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 149 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 150 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 151 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 152 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 153 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 154 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 155 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 156 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 157 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 158 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 159 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 160 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 161 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 162 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 163 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 164 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 165 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/.eslintrc.json", + "uriBaseId" : "%SRCROOT%", + "index" : 166 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 167 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 168 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/Component.js", + "uriBaseId" : "%SRCROOT%", + "index" : 169 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controller/App.Controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 170 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controls/Book.js", + "uriBaseId" : "%SRCROOT%", + "index" : 171 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 172 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/AllJourneys.js", + "uriBaseId" : "%SRCROOT%", + "index" : 173 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/FilterJourney.js", + "uriBaseId" : "%SRCROOT%", + "index" : 174 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/SearchJourney.js", + "uriBaseId" : "%SRCROOT%", + "index" : 175 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/TodoListJourney.js", + "uriBaseId" : "%SRCROOT%", + "index" : 176 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/arrangements/Startup.js", + "uriBaseId" : "%SRCROOT%", + "index" : 177 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/opaTests.qunit.html", + "uriBaseId" : "%SRCROOT%", + "index" : 178 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/opaTests.qunit.js", + "uriBaseId" : "%SRCROOT%", + "index" : 179 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/integration/pages/App.js", + "uriBaseId" : "%SRCROOT%", + "index" : 180 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/testsuite.qunit.html", + "uriBaseId" : "%SRCROOT%", + "index" : 181 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/testsuite.qunit.js", + "uriBaseId" : "%SRCROOT%", + "index" : 182 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/unit/AllTests.js", + "uriBaseId" : "%SRCROOT%", + "index" : 183 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/unit/controller/App.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 184 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/unit/unitTests.qunit.html", + "uriBaseId" : "%SRCROOT%", + "index" : 185 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/test/unit/unitTests.qunit.js", + "uriBaseId" : "%SRCROOT%", + "index" : 186 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/util/Helper.js", + "uriBaseId" : "%SRCROOT%", + "index" : 187 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/view/App.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 188 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 189 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 190 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 191 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 192 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 193 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 194 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 195 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 196 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 197 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 198 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 199 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 200 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 201 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 202 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 203 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/ui5.yaml", + "uriBaseId" : "%SRCROOT%", + "index" : 204 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 205 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 206 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 207 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 208 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/package.json", + "uriBaseId" : "%SRCROOT%", + "index" : 209 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 30 + "index" : 210 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/bad-authn-authz/nonprod-authn-strategy/mocked-authentication/srv/service2.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 31 + "index" : 211 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/db/schema.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/control/xss.js", "uriBaseId" : "%SRCROOT%", - "index" : 32 + "index" : 212 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 33 + "index" : 213 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service1.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 34 + "index" : 214 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 35 + "index" : 215 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", - "index" : 36 + "index" : 216 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 37 + "index" : 217 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/db/schema.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 38 + "index" : 218 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/db/schema.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/control/xss.js", "uriBaseId" : "%SRCROOT%", - "index" : 39 + "index" : 219 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 40 + "index" : 220 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 41 + "index" : 221 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 42 + "index" : 222 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", - "index" : 43 + "index" : 223 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 44 + "index" : 224 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/db/schema.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 45 + "index" : 225 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 46 + "index" : 226 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 47 + "index" : 227 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/db/schema.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 48 + "index" : 228 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", - "index" : 49 + "index" : 229 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 50 + "index" : 230 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/lib/Bindings/test.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 51 + "index" : 231 } }, { "location" : { - "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.cds.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 52 + "index" : 232 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/models/attachDisplay_detachDisplay/webapp/view/App.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 53 + "index" : 233 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/lib/Bindings/test.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", - "index" : 54 + "index" : 234 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/models/binding_path/bindingComposite.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 55 + "index" : 235 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/models/binding_path/binding1.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 56 + "index" : 236 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/models/multiple_models/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 57 + "index" : 237 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/models/property_getter_setter/webapp/view/App.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 58 + "index" : 238 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/models/sink/sink1.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 59 + "index" : 239 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/models/source/source1.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 60 + "index" : 240 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", - "index" : 61 + "index" : 241 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 62 + "index" : 242 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 63 + "index" : 243 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 64 + "index" : 244 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 65 + "index" : 245 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 66 + "index" : 246 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", - "index" : 67 + "index" : 247 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 68 + "index" : 248 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 69 + "index" : 249 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 70 + "index" : 250 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 71 + "index" : 251 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 72 + "index" : 252 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", - "index" : 73 + "index" : 253 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 74 + "index" : 254 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 75 + "index" : 255 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 76 + "index" : 256 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 77 + "index" : 257 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/view/app.view.html", "uriBaseId" : "%SRCROOT%", - "index" : 78 + "index" : 258 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 79 + "index" : 259 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 80 + "index" : 260 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 81 + "index" : 261 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/control/xss.js", "uriBaseId" : "%SRCROOT%", - "index" : 82 + "index" : 262 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/control/xssBase.js", "uriBaseId" : "%SRCROOT%", - "index" : 83 + "index" : 263 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/control/xssRenderer.js", "uriBaseId" : "%SRCROOT%", - "index" : 84 + "index" : 264 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 85 + "index" : 265 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 86 + "index" : 266 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 87 + "index" : 267 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", - "index" : 88 + "index" : 268 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 89 + "index" : 269 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 90 + "index" : 270 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 91 + "index" : 271 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 92 + "index" : 272 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 93 + "index" : 273 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/view/app.view.js", "uriBaseId" : "%SRCROOT%", - "index" : 94 + "index" : 274 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 95 + "index" : 275 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 96 + "index" : 276 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 97 + "index" : 277 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 98 + "index" : 278 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 99 + "index" : 279 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 100 + "index" : 280 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/control/renderer.js", "uriBaseId" : "%SRCROOT%", - "index" : 101 + "index" : 281 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/control/xss.js", "uriBaseId" : "%SRCROOT%", - "index" : 102 + "index" : 282 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 103 + "index" : 283 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 104 + "index" : 284 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/.eslintrc.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 105 + "index" : 285 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 106 + "index" : 286 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", - "index" : 107 + "index" : 287 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 108 + "index" : 288 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/model/todoitems.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 109 + "index" : 289 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/view/App.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/control/xss.js", "uriBaseId" : "%SRCROOT%", - "index" : 110 + "index" : 290 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/control/xssRenderer.js", "uriBaseId" : "%SRCROOT%", - "index" : 111 + "index" : 291 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 112 + "index" : 292 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 113 + "index" : 293 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/index.js", "uriBaseId" : "%SRCROOT%", - "index" : 114 + "index" : 294 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", - "index" : 115 + "index" : 295 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/package.json", "uriBaseId" : "%SRCROOT%", - "index" : 116 + "index" : 296 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/manifest.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/ui5.yaml", "uriBaseId" : "%SRCROOT%", - "index" : 117 + "index" : 297 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/view/app.view.xml", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/controller/app.controller.js", "uriBaseId" : "%SRCROOT%", - "index" : 118 + "index" : 298 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/package-lock.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/index.html", "uriBaseId" : "%SRCROOT%", - "index" : 119 + "index" : 299 } }, { "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/package.json", + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/view/app.view.xml", "uriBaseId" : "%SRCROOT%", - "index" : 120 + "index" : 300 + } + }, { + "location" : { + "uri" : "javascript/heuristic-models/tests/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 301 + } + }, { + "location" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/index.js", + "uriBaseId" : "%SRCROOT%", + "index" : 302 + } + }, { + "location" : { + "uri" : "scripts/qlpack.yml", + "uriBaseId" : "%SRCROOT%", + "index" : 303 + } + }, { + "location" : { + "uri" : "scripts/CreateTestsFromYaml.py", + "uriBaseId" : "%SRCROOT%", + "index" : 304 } + } ], + "results" : [ { + "ruleId" : "js/xss", + "rule" : { + "id" : "js/xss", + "index" : 34, + "toolComponent" : { + "index" : 0 + } + }, + "message" : { + "text" : "Cross-site scripting vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 4, + "startColumn" : 20, + "endColumn" : 25 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "6311a9ed7e4091a4:1", + "primaryLocationStartColumnFingerprint" : "15" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 3, + "startColumn" : 17, + "endColumn" : 51 + } + }, + "message" : { + "text" : "jQuery. ... param\")" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 3, + "startColumn" : 9, + "endColumn" : 51 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 4, + "startColumn" : 20, + "endColumn" : 25 + } + }, + "message" : { + "text" : "value" + } + } + } ] + } ] + }, { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 3, + "startColumn" : 17, + "endColumn" : 51 + } + }, + "message" : { + "text" : "jQuery. ... param\")" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 3, + "startColumn" : 9, + "endColumn" : 51 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 4, + "startColumn" : 20, + "endColumn" : 25 + } + }, + "message" : { + "text" : "value" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 3, + "startColumn" : 17, + "endColumn" : 51 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] + }, { + "ruleId" : "js/xss", + "rule" : { + "id" : "js/xss", + "index" : 34, + "toolComponent" : { + "index" : 0 + } + }, + "message" : { + "text" : "Cross-site scripting vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 11, + "startColumn" : 20, + "endColumn" : 25 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "8e517fc6fdf32a1a:1", + "primaryLocationStartColumnFingerprint" : "15" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 10, + "startColumn" : 17, + "endColumn" : 41 + } + }, + "message" : { + "text" : "documen ... .search" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 10, + "startColumn" : 9, + "endColumn" : 41 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 11, + "startColumn" : 20, + "endColumn" : 25 + } + }, + "message" : { + "text" : "value" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 10, + "startColumn" : 17, + "endColumn" : 41 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] + }, { + "ruleId" : "js/xss", + "rule" : { + "id" : "js/xss", + "index" : 34, + "toolComponent" : { + "index" : 0 + } + }, + "message" : { + "text" : "Cross-site scripting vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 19, + "startColumn" : 20, + "endColumn" : 26 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "c51cf11a085c01f4:1", + "primaryLocationStartColumnFingerprint" : "15" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 17, + "startColumn" : 17, + "endColumn" : 41 + } + }, + "message" : { + "text" : "documen ... .search" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 17, + "startColumn" : 9, + "endColumn" : 41 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 18, + "startColumn" : 39, + "endColumn" : 44 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 18, + "startColumn" : 18, + "endColumn" : 45 + } + }, + "message" : { + "text" : "jQuery. ... (value)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 18, + "startColumn" : 9, + "endColumn" : 45 + } + }, + "message" : { + "text" : "value1" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 19, + "startColumn" : 20, + "endColumn" : 26 + } + }, + "message" : { + "text" : "value1" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 17, + "startColumn" : 17, + "endColumn" : 41 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] + }, { + "ruleId" : "js/xss", + "rule" : { + "id" : "js/xss", + "index" : 34, + "toolComponent" : { + "index" : 0 + } + }, + "message" : { + "text" : "Cross-site scripting vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 27, + "startColumn" : 20, + "endColumn" : 26 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "e309bf8540256a05:1", + "primaryLocationStartColumnFingerprint" : "15" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 25, + "startColumn" : 17, + "endColumn" : 41 + } + }, + "message" : { + "text" : "documen ... .search" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 25, + "startColumn" : 9, + "endColumn" : 41 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 26, + "startColumn" : 39, + "endColumn" : 44 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 26, + "startColumn" : 18, + "endColumn" : 45 + } + }, + "message" : { + "text" : "jQuery. ... (value)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 26, + "startColumn" : 9, + "endColumn" : 45 + } + }, + "message" : { + "text" : "value1" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 27, + "startColumn" : 20, + "endColumn" : 26 + } + }, + "message" : { + "text" : "value1" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 25, + "startColumn" : 17, + "endColumn" : 41 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 121 - } + "ruleId" : "js/missing-rate-limiting", + "rule" : { + "id" : "js/missing-rate-limiting", + "index" : 68, + "toolComponent" : { + "index" : 0 + } + }, + "message" : { + "text" : "This route handler performs [a database access](1), but is not rate-limited." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 40, + "startColumn" : 25, + "endLine" : 44, + "endColumn" : 8 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "ac6d3bdd3d52ea9b:1", + "primaryLocationStartColumnFingerprint" : "18" + }, + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 41, + "startColumn" : 9, + "endLine" : 43, + "endColumn" : 11 + } + }, + "message" : { + "text" : "a database access" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/view/app.view.xml", - "uriBaseId" : "%SRCROOT%", - "index" : 122 - } + "ruleId" : "js/sql-injection", + "rule" : { + "id" : "js/sql-injection", + "index" : 78, + "toolComponent" : { + "index" : 0 + } + }, + "message" : { + "text" : "This query string depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 41, + "startColumn" : 20, + "endColumn" : 40 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "4fc3122b51f477a1:1", + "primaryLocationStartColumnFingerprint" : "11" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 41, + "startColumn" : 20, + "endColumn" : 40 + } + }, + "message" : { + "text" : "req2.params.category" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 41, + "startColumn" : 20, + "endColumn" : 40 + } + }, + "message" : { + "text" : "req2.params.category" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 41, + "startColumn" : 20, + "endColumn" : 40 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 123 - } + "ruleId" : "js/log-injection", + "rule" : { + "id" : "js/log-injection", + "index" : 91, + "toolComponent" : { + "index" : 0 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 26, + "startColumn" : 19, + "endColumn" : 36 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "ccc6f77c65eccb45:1", + "primaryLocationStartColumnFingerprint" : "12" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 23, + "startColumn" : 34, + "endColumn" : 54 + } + }, + "message" : { + "text" : "req2.params.category" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 23, + "startColumn" : 13, + "endColumn" : 31 + } + }, + "message" : { + "text" : "{ book, quantity }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 23, + "startColumn" : 15, + "endColumn" : 19 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 23, + "startColumn" : 13, + "endColumn" : 54 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 26, + "startColumn" : 32, + "endColumn" : 36 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 26, + "startColumn" : 19, + "endColumn" : 36 + } + }, + "message" : { + "text" : "\"console:\" + book" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 23, + "startColumn" : 34, + "endColumn" : 54 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 124 - } + "ruleId" : "js/log-injection", + "rule" : { + "id" : "js/log-injection", + "index" : 91, + "toolComponent" : { + "index" : 0 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 7, + "startColumn" : 18, + "endColumn" : 41 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "be9a18716e55d497:1", + "primaryLocationStartColumnFingerprint" : "13" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 6, + "startColumn" : 17, + "endColumn" : 51 + } + }, + "message" : { + "text" : "jQuery. ... param\")" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 6, + "startColumn" : 9, + "endColumn" : 51 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 39 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 7, + "startColumn" : 18, + "endColumn" : 41 + } + }, + "message" : { + "text" : "`[INFO] ... value}`" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 6, + "startColumn" : 17, + "endColumn" : 51 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 125 - } + "ruleId" : "js/log-injection", + "rule" : { + "id" : "js/log-injection", + "index" : 91, + "toolComponent" : { + "index" : 0 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 15, + "startColumn" : 18, + "endColumn" : 41 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "be9a18716e55d497:2", + "primaryLocationStartColumnFingerprint" : "13" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 13, + "startColumn" : 23, + "endColumn" : 30 + } + }, + "message" : { + "text" : "req.url" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 13, + "startColumn" : 13, + "endColumn" : 37 + } + }, + "message" : { + "text" : "url.par ... , true)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 13, + "startColumn" : 9, + "endColumn" : 37 + } + }, + "message" : { + "text" : "q" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 14, + "startColumn" : 17, + "endColumn" : 18 + } + }, + "message" : { + "text" : "q" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 14, + "startColumn" : 17, + "endColumn" : 24 + } + }, + "message" : { + "text" : "q.query" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 14, + "startColumn" : 17, + "endColumn" : 33 + } + }, + "message" : { + "text" : "q.query.username" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 14, + "startColumn" : 9, + "endColumn" : 33 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 15, + "startColumn" : 34, + "endColumn" : 39 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 15, + "startColumn" : 18, + "endColumn" : 41 + } + }, + "message" : { + "text" : "`[INFO] ... value}`" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 13, + "startColumn" : 23, + "endColumn" : 30 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-property-sanitized/webapp/view/app.view.xml", - "uriBaseId" : "%SRCROOT%", - "index" : 126 - } + "ruleId" : "js/log-injection", + "rule" : { + "id" : "js/log-injection", + "index" : 91, + "toolComponent" : { + "index" : 0 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 24, + "startColumn" : 18, + "endColumn" : 42 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "e197b363f9dc3962:1", + "primaryLocationStartColumnFingerprint" : "13" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 21, + "startColumn" : 23, + "endColumn" : 30 + } + }, + "message" : { + "text" : "req.url" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 21, + "startColumn" : 13, + "endColumn" : 37 + } + }, + "message" : { + "text" : "url.par ... , true)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 21, + "startColumn" : 9, + "endColumn" : 37 + } + }, + "message" : { + "text" : "q" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 22, + "startColumn" : 17, + "endColumn" : 18 + } + }, + "message" : { + "text" : "q" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 22, + "startColumn" : 17, + "endColumn" : 24 + } + }, + "message" : { + "text" : "q.query" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 22, + "startColumn" : 17, + "endColumn" : 33 + } + }, + "message" : { + "text" : "q.query.username" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 22, + "startColumn" : 9, + "endColumn" : 33 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 23, + "startColumn" : 39, + "endColumn" : 44 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 23, + "startColumn" : 18, + "endColumn" : 45 + } + }, + "message" : { + "text" : "jQuery. ... (value)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 23, + "startColumn" : 9, + "endColumn" : 45 + } + }, + "message" : { + "text" : "value1" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 24, + "startColumn" : 34, + "endColumn" : 40 + } + }, + "message" : { + "text" : "value1" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 24, + "startColumn" : 18, + "endColumn" : 42 + } + }, + "message" : { + "text" : "`[INFO] ... alue1}`" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 21, + "startColumn" : 23, + "endColumn" : 30 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 127 - } + "ruleId" : "js/log-injection", + "rule" : { + "id" : "js/log-injection", + "index" : 91, + "toolComponent" : { + "index" : 0 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/heuristic-models/tests/Sources/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 4 + }, + "region" : { + "startLine" : 5, + "startColumn" : 17, + "endColumn" : 33 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "45280b24f3d81287:1", + "primaryLocationStartColumnFingerprint" : "12" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/heuristic-models/tests/Sources/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 4 + }, + "region" : { + "startLine" : 5, + "startColumn" : 17, + "endColumn" : 33 + } + }, + "message" : { + "text" : "req.responseText" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/heuristic-models/tests/Sources/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 4 + }, + "region" : { + "startLine" : 5, + "startColumn" : 17, + "endColumn" : 33 + } + }, + "message" : { + "text" : "req.responseText" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/heuristic-models/tests/Sources/test.js", + "uriBaseId" : "%SRCROOT%", + "index" : 4 + }, + "region" : { + "startLine" : 5, + "startColumn" : 17, + "endColumn" : 33 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 128 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 5, + "startColumn" : 27, + "endColumn" : 32 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "92dbc37bdafc7694:1", + "primaryLocationStartColumnFingerprint" : "22" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 3, + "startColumn" : 17, + "endColumn" : 51 + } + }, + "message" : { + "text" : "jQuery. ... param\")" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 3, + "startColumn" : 9, + "endColumn" : 51 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 5, + "startColumn" : 27, + "endColumn" : 32 + } + }, + "message" : { + "text" : "value" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 3, + "startColumn" : 17, + "endColumn" : 51 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 129 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 12, + "startColumn" : 27, + "endColumn" : 32 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "faa1832c387d2ee5:1", + "primaryLocationStartColumnFingerprint" : "22" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 10, + "startColumn" : 17, + "endColumn" : 41 + } + }, + "message" : { + "text" : "documen ... .search" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 10, + "startColumn" : 9, + "endColumn" : 41 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 12, + "startColumn" : 27, + "endColumn" : 32 + } + }, + "message" : { + "text" : "value" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 10, + "startColumn" : 17, + "endColumn" : 41 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-sanitized/webapp/view/app.view.xml", - "uriBaseId" : "%SRCROOT%", - "index" : 130 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 20, + "startColumn" : 27, + "endColumn" : 33 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "8291f53a2e235d15:1", + "primaryLocationStartColumnFingerprint" : "22" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 17, + "startColumn" : 17, + "endColumn" : 41 + } + }, + "message" : { + "text" : "documen ... .search" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 17, + "startColumn" : 9, + "endColumn" : 41 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 18, + "startColumn" : 39, + "endColumn" : 44 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 18, + "startColumn" : 18, + "endColumn" : 45 + } + }, + "message" : { + "text" : "jQuery. ... (value)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 18, + "startColumn" : 9, + "endColumn" : 45 + } + }, + "message" : { + "text" : "value1" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 20, + "startColumn" : 27, + "endColumn" : 33 + } + }, + "message" : { + "text" : "value1" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/avoid-duplicate-alerts/XssTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 17, + "startColumn" : 17, + "endColumn" : 41 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 131 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controls/Book.js", + "uriBaseId" : "%SRCROOT%", + "index" : 171 + }, + "region" : { + "startLine" : 132, + "startColumn" : 7, + "endLine" : 134, + "endColumn" : 16 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "63ace7b071639814:1", + "primaryLocationStartColumnFingerprint" : "0" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controller/App.Controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 170 + }, + "region" : { + "startLine" : 23, + "startColumn" : 25, + "endColumn" : 48 + } + }, + "message" : { + "text" : "oSearch ... Value()" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controller/App.Controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 170 + }, + "region" : { + "startLine" : 23, + "startColumn" : 11, + "endColumn" : 48 + } + }, + "message" : { + "text" : "searchValue" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controller/App.Controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 170 + }, + "region" : { + "startLine" : 27, + "startColumn" : 34, + "endColumn" : 45 + } + }, + "message" : { + "text" : "searchValue" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controls/Book.js", + "uriBaseId" : "%SRCROOT%", + "index" : 171 + }, + "region" : { + "startLine" : 17, + "startColumn" : 13, + "endColumn" : 31 + } + }, + "message" : { + "text" : "{ type: \"string\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controls/Book.js", + "uriBaseId" : "%SRCROOT%", + "index" : 171 + }, + "region" : { + "startLine" : 133, + "startColumn" : 8, + "endColumn" : 27 + } + }, + "message" : { + "text" : "oControl.getTitle()" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controls/Book.js", + "uriBaseId" : "%SRCROOT%", + "index" : 171 + }, + "region" : { + "startLine" : 132, + "startColumn" : 7, + "endLine" : 134, + "endColumn" : 16 + } + }, + "message" : { + "text" : "\"
T ...
\"" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/controller/App.Controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 170 + }, + "region" : { + "startLine" : 23, + "startColumn" : 25, + "endColumn" : 48 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 132 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 191 + }, + "region" : { + "startLine" : 14, + "startColumn" : 23, + "endColumn" : 41 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "fc87b07640e9d85:1", + "primaryLocationStartColumnFingerprint" : "10" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 195 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 192 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 191 + }, + "region" : { + "startLine" : 7, + "startColumn" : 23, + "endColumn" : 41 + } + }, + "message" : { + "text" : "{ type: \"string\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 191 + }, + "region" : { + "startLine" : 14, + "startColumn" : 23, + "endColumn" : 41 + } + }, + "message" : { + "text" : "oControl.getText()" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api1/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 195 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 133 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 198 + }, + "region" : { + "startLine" : 14, + "startColumn" : 32, + "endColumn" : 50 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "352d5eac262ae765:1", + "primaryLocationStartColumnFingerprint" : "15" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 203 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 199 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 198 + }, + "region" : { + "startLine" : 7, + "startColumn" : 23, + "endColumn" : 41 + } + }, + "message" : { + "text" : "{ type: \"string\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 198 + }, + "region" : { + "startLine" : 14, + "startColumn" : 32, + "endColumn" : 50 + } + }, + "message" : { + "text" : "oControl.getText()" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-api2/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 203 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/view/app.view.xml", - "uriBaseId" : "%SRCROOT%", - "index" : 134 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 205 + }, + "region" : { + "startLine" : 14, + "startColumn" : 28, + "endColumn" : 46 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "352d5ec8b0c3bb0d:1", + "primaryLocationStartColumnFingerprint" : "15" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 208 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 206 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 205 + }, + "region" : { + "startLine" : 7, + "startColumn" : 19, + "endColumn" : 37 + } + }, + "message" : { + "text" : "{ type: \"string\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 205 + }, + "region" : { + "startLine" : 14, + "startColumn" : 28, + "endColumn" : 46 + } + }, + "message" : { + "text" : "oControl.getText()" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-custom-control-jquery/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 208 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 135 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 27, + "startColumn" : 36, + "endColumn" : 41 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "8ceecee7055f4fa2:1", + "primaryLocationStartColumnFingerprint" : "23" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 26, + "startColumn" : 25, + "endColumn" : 42 + } + }, + "message" : { + "text" : "oInput.getValue()" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 26, + "startColumn" : 17, + "endColumn" : 42 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 27, + "startColumn" : 36, + "endColumn" : 41 + } + }, + "message" : { + "text" : "value" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 26, + "startColumn" : 25, + "endColumn" : 42 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 136 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/control/xssRenderer.js", + "uriBaseId" : "%SRCROOT%", + "index" : 264 + }, + "region" : { + "startLine" : 8, + "startColumn" : 28, + "endColumn" : 46 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "353ad97f4bff4eae:1", + "primaryLocationStartColumnFingerprint" : "15" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 268 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 265 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/control/xssBase.js", + "uriBaseId" : "%SRCROOT%", + "index" : 263 + }, + "region" : { + "startLine" : 5, + "startColumn" : 15, + "endColumn" : 33 + } + }, + "message" : { + "text" : "{ type: \"string\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/control/xssRenderer.js", + "uriBaseId" : "%SRCROOT%", + "index" : 264 + }, + "region" : { + "startLine" : 8, + "startColumn" : 28, + "endColumn" : 46 + } + }, + "message" : { + "text" : "oControl.getText()" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 268 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 137 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/control/renderer.js", + "uriBaseId" : "%SRCROOT%", + "index" : 281 + }, + "region" : { + "startLine" : 8, + "startColumn" : 28, + "endColumn" : 46 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "353ad97f4bff4eae:1", + "primaryLocationStartColumnFingerprint" : "15" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 287 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 284 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 282 + }, + "region" : { + "startLine" : 7, + "startColumn" : 23, + "endColumn" : 41 + } + }, + "message" : { + "text" : "{ type: \"string\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/control/renderer.js", + "uriBaseId" : "%SRCROOT%", + "index" : 281 + }, + "region" : { + "startLine" : 8, + "startColumn" : 28, + "endColumn" : 46 + } + }, + "message" : { + "text" : "oControl.getText()" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 287 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/view/app.view.xml", - "uriBaseId" : "%SRCROOT%", - "index" : 138 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/control/xssRenderer.js", + "uriBaseId" : "%SRCROOT%", + "index" : 291 + }, + "region" : { + "startLine" : 8, + "startColumn" : 28, + "endColumn" : 46 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "353ad97f4bff4eae:1", + "primaryLocationStartColumnFingerprint" : "15" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 295 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 292 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 290 + }, + "region" : { + "startLine" : 7, + "startColumn" : 23, + "endColumn" : 41 + } + }, + "message" : { + "text" : "{ type: \"string\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/control/xssRenderer.js", + "uriBaseId" : "%SRCROOT%", + "index" : 291 + }, + "region" : { + "startLine" : 8, + "startColumn" : 28, + "endColumn" : 46 + } + }, + "message" : { + "text" : "oControl.getText()" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 295 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 139 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/view/app.view.js", + "uriBaseId" : "%SRCROOT%", + "index" : 274 + }, + "region" : { + "startLine" : 21, + "startColumn" : 22, + "endColumn" : 32 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "5d5122f6c75b5d01:1", + "primaryLocationStartColumnFingerprint" : "9" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/view/app.view.js", + "uriBaseId" : "%SRCROOT%", + "index" : 274 + }, + "region" : { + "startLine" : 18, + "startColumn" : 20, + "endColumn" : 30 + } + }, + "message" : { + "text" : "/input" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 271 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/view/app.view.js", + "uriBaseId" : "%SRCROOT%", + "index" : 274 + }, + "region" : { + "startLine" : 21, + "startColumn" : 22, + "endColumn" : 32 + } + }, + "message" : { + "text" : "/input" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/view/app.view.js", + "uriBaseId" : "%SRCROOT%", + "index" : 274 + }, + "region" : { + "startLine" : 18, + "startColumn" : 20, + "endColumn" : 30 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 140 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 112 + }, + "region" : { + "startLine" : 8, + "startColumn" : 5, + "endColumn" : 50 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "74b35e217af6aa05:1", + "primaryLocationStartColumnFingerprint" : "0" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 112 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 109 + }, + "region" : { + "startLine" : 10, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 112 + }, + "region" : { + "startLine" : 8, + "startColumn" : 5, + "endColumn" : 50 + } + }, + "message" : { + "text" : "content={/input}" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 112 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 141 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 229 + }, + "region" : { + "startLine" : 9, + "startColumn" : 5, + "endColumn" : 40 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "9caa0f252fbe2993:1", + "primaryLocationStartColumnFingerprint" : "0" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 229 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 31, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 9, + "startColumn" : 25, + "endColumn" : 53 + } + }, + "message" : { + "text" : "oModel. ... input')" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 53 + } + }, + "message" : { + "text" : "input" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 10, + "startColumn" : 44, + "endColumn" : 49 + } + }, + "message" : { + "text" : "input" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 32, + "startColumn" : 17, + "endColumn" : 30 + } + }, + "message" : { + "text" : "output1: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 229 + }, + "region" : { + "startLine" : 9, + "startColumn" : 5, + "endColumn" : 40 + } + }, + "message" : { + "text" : "content={/output1}" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 229 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/view/app.view.xml", - "uriBaseId" : "%SRCROOT%", - "index" : 142 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 229 + }, + "region" : { + "startLine" : 17, + "startColumn" : 5, + "endColumn" : 40 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "2963bbd458e69924:1", + "primaryLocationStartColumnFingerprint" : "0" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 18, + "startColumn" : 31, + "endColumn" : 60 + } + }, + "message" : { + "text" : "oEvent. ... Value()" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 18, + "startColumn" : 17, + "endColumn" : 60 + } + }, + "message" : { + "text" : "sInputValue" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 19, + "startColumn" : 44, + "endColumn" : 55 + } + }, + "message" : { + "text" : "sInputValue" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 34, + "startColumn" : 17, + "endColumn" : 30 + } + }, + "message" : { + "text" : "output3: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 229 + }, + "region" : { + "startLine" : 17, + "startColumn" : 5, + "endColumn" : 40 + } + }, + "message" : { + "text" : "content={/output3}" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 226 + }, + "region" : { + "startLine" : 18, + "startColumn" : 31, + "endColumn" : 60 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 143 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 234 + }, + "region" : { + "startLine" : 8, + "startColumn" : 5, + "endColumn" : 37 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "97b29ed20ac04ff0:1", + "primaryLocationStartColumnFingerprint" : "0" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 234 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 232 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 234 + }, + "region" : { + "startLine" : 8, + "startColumn" : 5, + "endColumn" : 37 + } + }, + "message" : { + "text" : "content={/input}" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 234 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 144 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 241 + }, + "region" : { + "startLine" : 8, + "startColumn" : 5, + "endColumn" : 38 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "1406455ac263a2d9:1", + "primaryLocationStartColumnFingerprint" : "0" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 241 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 237 + }, + "region" : { + "startLine" : 12, + "startColumn" : 26, + "endColumn" : 46 + } + }, + "message" : { + "text" : "new JSONModel(oData)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 241 + }, + "region" : { + "startLine" : 8, + "startColumn" : 5, + "endColumn" : 38 + } + }, + "message" : { + "text" : "content={/output}" + } + } + } ] + } ] + }, { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 241 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 237 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 237 + }, + "region" : { + "startLine" : 15, + "startColumn" : 25, + "endColumn" : 53 + } + }, + "message" : { + "text" : "oModel. ... input')" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 237 + }, + "region" : { + "startLine" : 15, + "startColumn" : 17, + "endColumn" : 53 + } + }, + "message" : { + "text" : "input" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 237 + }, + "region" : { + "startLine" : 16, + "startColumn" : 43, + "endColumn" : 48 + } + }, + "message" : { + "text" : "input" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 237 + }, + "region" : { + "startLine" : 10, + "startColumn" : 17, + "endColumn" : 29 + } + }, + "message" : { + "text" : "output: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 241 + }, + "region" : { + "startLine" : 8, + "startColumn" : 5, + "endColumn" : 38 + } + }, + "message" : { + "text" : "content={/output}" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 241 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 145 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/view/app.view.html", + "uriBaseId" : "%SRCROOT%", + "index" : 258 + }, + "region" : { + "startLine" : 8, + "startColumn" : 11, + "endColumn" : 34 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "5edd24be658b61a4:1", + "primaryLocationStartColumnFingerprint" : "0" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/view/app.view.html", + "uriBaseId" : "%SRCROOT%", + "index" : 258 + }, + "region" : { + "startLine" : 5, + "startColumn" : 11, + "endColumn" : 32 + } + }, + "message" : { + "text" : "data-value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 256 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/view/app.view.html", + "uriBaseId" : "%SRCROOT%", + "index" : 258 + }, + "region" : { + "startLine" : 8, + "startColumn" : 11, + "endColumn" : 34 + } + }, + "message" : { + "text" : "data-content={/input}" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/view/app.view.html", + "uriBaseId" : "%SRCROOT%", + "index" : 258 + }, + "region" : { + "startLine" : 5, + "startColumn" : 11, + "endColumn" : 32 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-control-oneway/webapp/view/app.view.xml", - "uriBaseId" : "%SRCROOT%", - "index" : 146 - } + "ruleId" : "js/ui5-xss", + "rule" : { + "id" : "js/ui5-xss", + "index" : 0, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "XSS vulnerability due to [user-provided value](1).\nXSS vulnerability due to [user-provided value](2)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 300 + }, + "region" : { + "startLine" : 22, + "startColumn" : 5, + "endColumn" : 38 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "6e0d8f690e30e24a:1", + "primaryLocationStartColumnFingerprint" : "0" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 300 + }, + "region" : { + "startLine" : 8, + "startColumn" : 5, + "endLine" : 10, + "endColumn" : 27 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 298 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 300 + }, + "region" : { + "startLine" : 22, + "startColumn" : 5, + "endColumn" : 38 + } + }, + "message" : { + "text" : "content={/input}" + } + } + } ] + } ] + }, { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 300 + }, + "region" : { + "startLine" : 15, + "startColumn" : 5, + "endLine" : 18, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 298 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 300 + }, + "region" : { + "startLine" : 22, + "startColumn" : 5, + "endColumn" : 38 + } + }, + "message" : { + "text" : "content={/input}" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 300 + }, + "region" : { + "startLine" : 8, + "startColumn" : 5, + "endLine" : 10, + "endColumn" : 27 + } + }, + "message" : { + "text" : "user-provided value" + } + }, { + "id" : 2, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 300 + }, + "region" : { + "startLine" : 15, + "startColumn" : 5, + "endLine" : 18, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 147 + "ruleId" : "js/ui5-clickjacking", + "rule" : { + "id" : "js/ui5-clickjacking", + "index" : 1, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "Possible clickjacking vulnerability due to window\\[ ... onfig\"\\] being set to `allow`." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-allow-all/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 87 + }, + "region" : { + "startLine" : 9, + "startColumn" : 9, + "endColumn" : 32 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "6152b8f74a1abdf5:1", + "primaryLocationStartColumnFingerprint" : "0" } }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 148 + "ruleId" : "js/ui5-clickjacking", + "rule" : { + "id" : "js/ui5-clickjacking", + "index" : 1, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "Possible clickjacking vulnerability due to data-sap-ui-frameOptions=allow being set to `allow`." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-allow-all/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 87 + }, + "region" : { + "startLine" : 28, + "startColumn" : 34, + "endColumn" : 66 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "b01bd23ca3666824:1", + "primaryLocationStartColumnFingerprint" : "25" } }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/controller/model.json", - "uriBaseId" : "%SRCROOT%", - "index" : 149 + "ruleId" : "js/ui5-clickjacking", + "rule" : { + "id" : "js/ui5-clickjacking", + "index" : 1, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "Possible clickjacking vulnerability due to missing frame options." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Clickjacking/clickjacking-default-all/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 91 + }, + "region" : { + "startLine" : 2, + "endColumn" : 16 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "7fe81114896a63c:1", + "primaryLocationStartColumnFingerprint" : "0" } }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 150 + "ruleId" : "js/ui5-clickjacking", + "rule" : { + "id" : "js/ui5-clickjacking", + "index" : 1, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "Possible clickjacking vulnerability due to missing frame options." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/webapp/index.html", + "uriBaseId" : "%SRCROOT%", + "index" : 172 + }, + "region" : { + "startLine" : 2, + "endColumn" : 16 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "df700c15dad274b2:1", + "primaryLocationStartColumnFingerprint" : "0" } }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-external-model/webapp/view/app.view.xml", - "uriBaseId" : "%SRCROOT%", - "index" : 151 - } + "ruleId" : "js/ui5-path-injection", + "rule" : { + "id" : "js/ui5-path-injection", + "index" : 2, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "The path of a saved file depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 148 + }, + "region" : { + "startLine" : 17, + "startColumn" : 43, + "endColumn" : 61 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "68e5ff83e2198ff5:1", + "primaryLocationStartColumnFingerprint" : "26" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 152 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 149 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 148 + }, + "region" : { + "startLine" : 8, + "startColumn" : 23, + "endColumn" : 38 + } + }, + "message" : { + "text" : "{ type: \"int\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 148 + }, + "region" : { + "startLine" : 17, + "startColumn" : 43, + "endColumn" : 61 + } + }, + "message" : { + "text" : "oControl.getText()" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-property-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 152 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 152 - } + "ruleId" : "js/ui5-path-injection", + "rule" : { + "id" : "js/ui5-path-injection", + "index" : 2, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "The path of a saved file depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 155 + }, + "region" : { + "startLine" : 23, + "startColumn" : 43, + "endColumn" : 55 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "b79de9dff4d8f842:1", + "primaryLocationStartColumnFingerprint" : "26" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 158 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 156 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 155 + }, + "region" : { + "startLine" : 9, + "startColumn" : 23, + "endColumn" : 41 + } + }, + "message" : { + "text" : "{ type: \"string\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 155 + }, + "region" : { + "startLine" : 15, + "startColumn" : 29, + "endColumn" : 47 + } + }, + "message" : { + "text" : "oControl.getText()" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 155 + }, + "region" : { + "startLine" : 15, + "startColumn" : 21, + "endColumn" : 47 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 155 + }, + "region" : { + "startLine" : 17, + "startColumn" : 53, + "endColumn" : 58 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 155 + }, + "region" : { + "startLine" : 17, + "startColumn" : 46, + "endColumn" : 59 + } + }, + "message" : { + "text" : "String(value)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 155 + }, + "region" : { + "startLine" : 17, + "startColumn" : 36, + "endColumn" : 60 + } + }, + "message" : { + "text" : "encodeX ... value))" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 155 + }, + "region" : { + "startLine" : 17, + "startColumn" : 21, + "endColumn" : 60 + } + }, + "message" : { + "text" : "xssSanitized" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 155 + }, + "region" : { + "startLine" : 23, + "startColumn" : 43, + "endColumn" : 55 + } + }, + "message" : { + "text" : "xssSanitized" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-custom-control-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 158 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 153 - } + "ruleId" : "js/ui5-path-injection", + "rule" : { + "id" : "js/ui5-path-injection", + "index" : 2, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "The path of a saved file depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 162 + }, + "region" : { + "startLine" : 16, + "startColumn" : 39, + "endColumn" : 67 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "de27f6d546a116e8:1", + "primaryLocationStartColumnFingerprint" : "26" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 165 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 162 + }, + "region" : { + "startLine" : 10, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 162 + }, + "region" : { + "startLine" : 16, + "startColumn" : 39, + "endColumn" : 67 + } + }, + "message" : { + "text" : "oModel. ... input')" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5PathInjection/path-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 165 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-html-view/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 154 - } + "ruleId" : "js/ui5-log-injection", + "rule" : { + "id" : "js/ui5-log-injection", + "index" : 3, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 115 + }, + "region" : { + "startLine" : 13, + "startColumn" : 38, + "endColumn" : 56 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "fb0b88ea7a3fc8f1:1", + "primaryLocationStartColumnFingerprint" : "21" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 119 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 117 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 115 + }, + "region" : { + "startLine" : 7, + "startColumn" : 23, + "endColumn" : 38 + } + }, + "message" : { + "text" : "{ type: \"int\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 115 + }, + "region" : { + "startLine" : 13, + "startColumn" : 38, + "endColumn" : 56 + } + }, + "message" : { + "text" : "oControl.getText()" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-property-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 119 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 155 - } + "ruleId" : "js/ui5-log-injection", + "rule" : { + "id" : "js/ui5-log-injection", + "index" : 3, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 8, + "startColumn" : 26, + "endColumn" : 31 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "62d5a4db56a18502:1", + "primaryLocationStartColumnFingerprint" : "21" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 6, + "startColumn" : 17, + "endColumn" : 51 + } + }, + "message" : { + "text" : "jQuery. ... param\")" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 6, + "startColumn" : 9, + "endColumn" : 51 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 8, + "startColumn" : 26, + "endColumn" : 31 + } + }, + "message" : { + "text" : "value" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 6, + "startColumn" : 17, + "endColumn" : 51 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 156 - } + "ruleId" : "js/ui5-log-injection", + "rule" : { + "id" : "js/ui5-log-injection", + "index" : 3, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 16, + "startColumn" : 26, + "endColumn" : 31 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "751ece7cb6fd18f7:1", + "primaryLocationStartColumnFingerprint" : "21" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 13, + "startColumn" : 23, + "endColumn" : 30 + } + }, + "message" : { + "text" : "req.url" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 13, + "startColumn" : 13, + "endColumn" : 37 + } + }, + "message" : { + "text" : "url.par ... , true)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 13, + "startColumn" : 9, + "endColumn" : 37 + } + }, + "message" : { + "text" : "q" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 14, + "startColumn" : 17, + "endColumn" : 18 + } + }, + "message" : { + "text" : "q" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 14, + "startColumn" : 17, + "endColumn" : 24 + } + }, + "message" : { + "text" : "q.query" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 14, + "startColumn" : 17, + "endColumn" : 33 + } + }, + "message" : { + "text" : "q.query.username" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 14, + "startColumn" : 9, + "endColumn" : 33 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 16, + "startColumn" : 26, + "endColumn" : 31 + } + }, + "message" : { + "text" : "value" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 13, + "startColumn" : 23, + "endColumn" : 30 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 157 - } + "ruleId" : "js/ui5-log-injection", + "rule" : { + "id" : "js/ui5-log-injection", + "index" : 3, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 25, + "startColumn" : 26, + "endColumn" : 32 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "191c273ff0751536:1", + "primaryLocationStartColumnFingerprint" : "21" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 21, + "startColumn" : 23, + "endColumn" : 30 + } + }, + "message" : { + "text" : "req.url" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 21, + "startColumn" : 13, + "endColumn" : 37 + } + }, + "message" : { + "text" : "url.par ... , true)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 21, + "startColumn" : 9, + "endColumn" : 37 + } + }, + "message" : { + "text" : "q" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 22, + "startColumn" : 17, + "endColumn" : 18 + } + }, + "message" : { + "text" : "q" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 22, + "startColumn" : 17, + "endColumn" : 24 + } + }, + "message" : { + "text" : "q.query" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 22, + "startColumn" : 17, + "endColumn" : 33 + } + }, + "message" : { + "text" : "q.query.username" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 22, + "startColumn" : 9, + "endColumn" : 33 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 23, + "startColumn" : 39, + "endColumn" : 44 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 23, + "startColumn" : 18, + "endColumn" : 45 + } + }, + "message" : { + "text" : "jQuery. ... (value)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 23, + "startColumn" : 9, + "endColumn" : 45 + } + }, + "message" : { + "text" : "value1" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 25, + "startColumn" : 26, + "endColumn" : 32 + } + }, + "message" : { + "text" : "value1" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js", + "uriBaseId" : "%SRCROOT%", + "index" : 3 + }, + "region" : { + "startLine" : 21, + "startColumn" : 23, + "endColumn" : 30 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-indirect-control/webapp/view/app.view.xml", - "uriBaseId" : "%SRCROOT%", - "index" : 158 - } + "ruleId" : "js/ui5-log-injection", + "rule" : { + "id" : "js/ui5-log-injection", + "index" : 3, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 122 + }, + "region" : { + "startLine" : 17, + "startColumn" : 38, + "endColumn" : 47 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "f32b0dcd4573d6a3:1", + "primaryLocationStartColumnFingerprint" : "21" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 126 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 123 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 122 + }, + "region" : { + "startLine" : 8, + "startColumn" : 23, + "endColumn" : 41 + } + }, + "message" : { + "text" : "{ type: \"string\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 122 + }, + "region" : { + "startLine" : 15, + "startColumn" : 29, + "endColumn" : 47 + } + }, + "message" : { + "text" : "oControl.getText()" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 122 + }, + "region" : { + "startLine" : 15, + "startColumn" : 21, + "endColumn" : 47 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 122 + }, + "region" : { + "startLine" : 16, + "startColumn" : 50, + "endColumn" : 55 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 122 + }, + "region" : { + "startLine" : 16, + "startColumn" : 43, + "endColumn" : 56 + } + }, + "message" : { + "text" : "String(value)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 122 + }, + "region" : { + "startLine" : 16, + "startColumn" : 33, + "endColumn" : 57 + } + }, + "message" : { + "text" : "encodeX ... value))" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 122 + }, + "region" : { + "startLine" : 16, + "startColumn" : 21, + "endColumn" : 57 + } + }, + "message" : { + "text" : "sanitized" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 122 + }, + "region" : { + "startLine" : 17, + "startColumn" : 38, + "endColumn" : 47 + } + }, + "message" : { + "text" : "sanitized" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-custom-control-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 126 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 159 - } + "ruleId" : "js/ui5-log-injection", + "rule" : { + "id" : "js/ui5-log-injection", + "index" : 3, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 129 + }, + "region" : { + "startLine" : 17, + "startColumn" : 34, + "endColumn" : 39 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "392fd43c95c7be9c:1", + "primaryLocationStartColumnFingerprint" : "21" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 132 + }, + "region" : { + "startLine" : 6, + "startColumn" : 5, + "endLine" : 8, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 129 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 129 + }, + "region" : { + "startLine" : 15, + "startColumn" : 25, + "endColumn" : 53 + } + }, + "message" : { + "text" : "oModel. ... input')" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 129 + }, + "region" : { + "startLine" : 15, + "startColumn" : 17, + "endColumn" : 53 + } + }, + "message" : { + "text" : "input" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 129 + }, + "region" : { + "startLine" : 17, + "startColumn" : 34, + "endColumn" : 39 + } + }, + "message" : { + "text" : "input" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 132 + }, + "region" : { + "startLine" : 6, + "startColumn" : 5, + "endLine" : 8, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 160 - } + "ruleId" : "js/ui5-log-injection", + "rule" : { + "id" : "js/ui5-log-injection", + "index" : 3, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 135 + }, + "region" : { + "startLine" : 16, + "startColumn" : 30, + "endColumn" : 35 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "27d08bf2c216b384:1", + "primaryLocationStartColumnFingerprint" : "21" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 139 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 135 + }, + "region" : { + "startLine" : 8, + "startColumn" : 11, + "endColumn" : 22 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 135 + }, + "region" : { + "startLine" : 14, + "startColumn" : 21, + "endColumn" : 49 + } + }, + "message" : { + "text" : "oModel. ... input\")" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 135 + }, + "region" : { + "startLine" : 14, + "startColumn" : 13, + "endColumn" : 49 + } + }, + "message" : { + "text" : "input" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 135 + }, + "region" : { + "startLine" : 16, + "startColumn" : 30, + "endColumn" : 35 + } + }, + "message" : { + "text" : "input" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-remote/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 139 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-js-view/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 161 - } + "ruleId" : "js/ui5-log-injection", + "rule" : { + "id" : "js/ui5-log-injection", + "index" : 3, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 142 + }, + "region" : { + "startLine" : 17, + "startColumn" : 34, + "endColumn" : 39 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "392fd43c95c7be9c:1", + "primaryLocationStartColumnFingerprint" : "21" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 145 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 142 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 142 + }, + "region" : { + "startLine" : 15, + "startColumn" : 25, + "endColumn" : 53 + } + }, + "message" : { + "text" : "oModel. ... input')" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 142 + }, + "region" : { + "startLine" : 15, + "startColumn" : 17, + "endColumn" : 53 + } + }, + "message" : { + "text" : "input" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 142 + }, + "region" : { + "startLine" : 17, + "startColumn" : 34, + "endColumn" : 39 + } + }, + "message" : { + "text" : "input" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5LogInjection/log-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 145 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 162 - } + "ruleId" : "js/ui5-formula-injection", + "rule" : { + "id" : "js/ui5-formula-injection", + "index" : 4, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "The content of a saved file depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 95 + }, + "region" : { + "startLine" : 17, + "startColumn" : 27, + "endColumn" : 45 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "41899ff1a967017d:1", + "primaryLocationStartColumnFingerprint" : "10" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 99 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 96 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 95 + }, + "region" : { + "startLine" : 8, + "startColumn" : 23, + "endColumn" : 38 + } + }, + "message" : { + "text" : "{ type: \"int\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 95 + }, + "region" : { + "startLine" : 17, + "startColumn" : 27, + "endColumn" : 45 + } + }, + "message" : { + "text" : "oControl.getText()" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-property-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 99 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 163 - } + "ruleId" : "js/ui5-formula-injection", + "rule" : { + "id" : "js/ui5-formula-injection", + "index" : 4, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "The content of a saved file depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 102 + }, + "region" : { + "startLine" : 23, + "startColumn" : 27, + "endColumn" : 39 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "9afa5fd07ee36af6:1", + "primaryLocationStartColumnFingerprint" : "10" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 106 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 103 + }, + "region" : { + "startLine" : 9, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 102 + }, + "region" : { + "startLine" : 9, + "startColumn" : 23, + "endColumn" : 41 + } + }, + "message" : { + "text" : "{ type: \"string\" }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 102 + }, + "region" : { + "startLine" : 15, + "startColumn" : 29, + "endColumn" : 47 + } + }, + "message" : { + "text" : "oControl.getText()" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 102 + }, + "region" : { + "startLine" : 15, + "startColumn" : 21, + "endColumn" : 47 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 102 + }, + "region" : { + "startLine" : 17, + "startColumn" : 53, + "endColumn" : 58 + } + }, + "message" : { + "text" : "value" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 102 + }, + "region" : { + "startLine" : 17, + "startColumn" : 46, + "endColumn" : 59 + } + }, + "message" : { + "text" : "String(value)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 102 + }, + "region" : { + "startLine" : 17, + "startColumn" : 36, + "endColumn" : 60 + } + }, + "message" : { + "text" : "encodeX ... value))" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 102 + }, + "region" : { + "startLine" : 17, + "startColumn" : 21, + "endColumn" : 60 + } + }, + "message" : { + "text" : "xssSanitized" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/control/xss.js", + "uriBaseId" : "%SRCROOT%", + "index" : 102 + }, + "region" : { + "startLine" : 23, + "startColumn" : 27, + "endColumn" : 39 + } + }, + "message" : { + "text" : "xssSanitized" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-custom-control-sanitized/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 106 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 164 - } + "ruleId" : "js/ui5-formula-injection", + "rule" : { + "id" : "js/ui5-formula-injection", + "index" : 4, + "toolComponent" : { + "index" : 1 + } + }, + "message" : { + "text" : "The content of a saved file depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 109 + }, + "region" : { + "startLine" : 16, + "startColumn" : 23, + "endColumn" : 51 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "e701acdf85af03b4:1", + "primaryLocationStartColumnFingerprint" : "10" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 112 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "value={/input}" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 109 + }, + "region" : { + "startLine" : 10, + "startColumn" : 17, + "endColumn" : 28 + } + }, + "message" : { + "text" : "input: null" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/controller/app.controller.js", + "uriBaseId" : "%SRCROOT%", + "index" : 109 + }, + "region" : { + "startLine" : 16, + "startColumn" : 23, + "endColumn" : 51 + } + }, + "message" : { + "text" : "oModel. ... input')" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/ui5/test/queries/UI5FormulaInjection/formula-html-control-df/webapp/view/app.view.xml", + "uriBaseId" : "%SRCROOT%", + "index" : 112 + }, + "region" : { + "startLine" : 5, + "startColumn" : 5, + "endLine" : 7, + "endColumn" : 29 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-json-view/webapp/view/app.view.json", - "uriBaseId" : "%SRCROOT%", - "index" : 165 - } + "ruleId" : "js/cap-sql-injection", + "rule" : { + "id" : "js/cap-sql-injection", + "index" : 0, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "This query depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 13, + "startColumn" : 36, + "endColumn" : 41 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "e5ae8639cd6967fb:1", + "primaryLocationStartColumnFingerprint" : "29" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 42 + } + }, + "message" : { + "text" : "req.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 31 + } + }, + "message" : { + "text" : "{ book, quantity }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 15, + "endColumn" : 19 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 42 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 12, + "startColumn" : 50, + "endColumn" : 54 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 12, + "startColumn" : 44, + "endColumn" : 56 + } + }, + "message" : { + "text" : "`ID=${book}`" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 12, + "startColumn" : 19, + "endColumn" : 57 + } + }, + "message" : { + "text" : "SELECT. ... book}`)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 12, + "startColumn" : 11, + "endColumn" : 57 + } + }, + "message" : { + "text" : "query" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 13, + "startColumn" : 36, + "endColumn" : 41 + } + }, + "message" : { + "text" : "query" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 166 - } + "ruleId" : "js/cap-sql-injection", + "rule" : { + "id" : "js/cap-sql-injection", + "index" : 0, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "This query depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 15, + "startColumn" : 27, + "endColumn" : 65 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "b41554298e90b620:1", + "primaryLocationStartColumnFingerprint" : "20" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 42 + } + }, + "message" : { + "text" : "req.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 31 + } + }, + "message" : { + "text" : "{ book, quantity }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 15, + "endColumn" : 19 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 42 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 15, + "startColumn" : 58, + "endColumn" : 62 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 15, + "startColumn" : 52, + "endColumn" : 64 + } + }, + "message" : { + "text" : "`ID=${book}`" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 15, + "startColumn" : 27, + "endColumn" : 65 + } + }, + "message" : { + "text" : "SELECT. ... book}`)" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 167 - } + "ruleId" : "js/cap-sql-injection", + "rule" : { + "id" : "js/cap-sql-injection", + "index" : 0, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "This query depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 18, + "startColumn" : 37, + "endColumn" : 43 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "967d7be3edc97a9e:1", + "primaryLocationStartColumnFingerprint" : "30" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 42 + } + }, + "message" : { + "text" : "req.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 31 + } + }, + "message" : { + "text" : "{ book, quantity }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 15, + "endColumn" : 19 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 42 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 17, + "startColumn" : 53, + "endColumn" : 57 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 17, + "startColumn" : 45, + "endColumn" : 57 + } + }, + "message" : { + "text" : "'ID=' + book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 17, + "startColumn" : 20, + "endColumn" : 58 + } + }, + "message" : { + "text" : "SELECT. ... + book)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 17, + "startColumn" : 11, + "endColumn" : 58 + } + }, + "message" : { + "text" : "query2" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 18, + "startColumn" : 37, + "endColumn" : 43 + } + }, + "message" : { + "text" : "query2" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 168 - } + "ruleId" : "js/cap-sql-injection", + "rule" : { + "id" : "js/cap-sql-injection", + "index" : 0, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "This query depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 20, + "startColumn" : 27, + "endColumn" : 65 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "1c132adaa6986472:1", + "primaryLocationStartColumnFingerprint" : "20" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 42 + } + }, + "message" : { + "text" : "req.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 31 + } + }, + "message" : { + "text" : "{ book, quantity }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 15, + "endColumn" : 19 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 42 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 20, + "startColumn" : 60, + "endColumn" : 64 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 20, + "startColumn" : 52, + "endColumn" : 64 + } + }, + "message" : { + "text" : "'ID=' + book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 20, + "startColumn" : 27, + "endColumn" : 65 + } + }, + "message" : { + "text" : "SELECT. ... + book)" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer/webapp/view/app.view.xml", - "uriBaseId" : "%SRCROOT%", - "index" : 169 - } + "ruleId" : "js/cap-sql-injection", + "rule" : { + "id" : "js/cap-sql-injection", + "index" : 0, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "This query depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 28, + "startColumn" : 39, + "endColumn" : 42 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "144d55d233768c80:1", + "primaryLocationStartColumnFingerprint" : "32" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 42 + } + }, + "message" : { + "text" : "req.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 31 + } + }, + "message" : { + "text" : "{ book, quantity }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 15, + "endColumn" : 19 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 42 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 27, + "startColumn" : 59, + "endColumn" : 63 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 27, + "startColumn" : 17, + "endColumn" : 63 + } + }, + "message" : { + "text" : "CQL`SEL ... + book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 27, + "startColumn" : 11, + "endColumn" : 63 + } + }, + "message" : { + "text" : "cqn" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 28, + "startColumn" : 39, + "endColumn" : 42 + } + }, + "message" : { + "text" : "cqn" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 170 - } + "ruleId" : "js/cap-sql-injection", + "rule" : { + "id" : "js/cap-sql-injection", + "index" : 0, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "This query depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 31, + "startColumn" : 39, + "endColumn" : 43 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "1cd6f1adc2ef8f7c:1", + "primaryLocationStartColumnFingerprint" : "32" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 42 + } + }, + "message" : { + "text" : "req.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 31 + } + }, + "message" : { + "text" : "{ book, quantity }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 15, + "endColumn" : 19 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 42 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 30, + "startColumn" : 56, + "endColumn" : 60 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 30, + "startColumn" : 32, + "endColumn" : 60 + } + }, + "message" : { + "text" : "`SELECT ... + book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 30, + "startColumn" : 18, + "endColumn" : 61 + } + }, + "message" : { + "text" : "cds.par ... + book)" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 30, + "startColumn" : 11, + "endColumn" : 61 + } + }, + "message" : { + "text" : "cqn1" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 31, + "startColumn" : 39, + "endColumn" : 43 + } + }, + "message" : { + "text" : "cqn1" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 171 - } + "ruleId" : "js/cap-log-injection", + "rule" : { + "id" : "js/cap-log-injection", + "index" : 1, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 55 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "7c291d40b7c61d4f:1", + "primaryLocationStartColumnFingerprint" : "23" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 55 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 55 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 38 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 55 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 43 + } + }, + "message" : { + "text" : "msg.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 55 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 32 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 55 + }, + "region" : { + "startLine" : 7, + "startColumn" : 17, + "endColumn" : 30 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 55 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 43 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 55 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + }, + "message" : { + "text" : "messageToPass" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-not-depending-on-request/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 55 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 172 - } + "ruleId" : "js/cap-log-injection", + "rule" : { + "id" : "js/cap-log-injection", + "index" : 1, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 11, + "startColumn" : 16, + "endColumn" : 29 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "eae426bf8fad0192:1", + "primaryLocationStartColumnFingerprint" : "9" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 8, + "startColumn" : 34, + "endColumn" : 42 + } + }, + "message" : { + "text" : "req.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 31 + } + }, + "message" : { + "text" : "{ book, quantity }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 8, + "startColumn" : 15, + "endColumn" : 19 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 8, + "startColumn" : 13, + "endColumn" : 42 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 11, + "startColumn" : 25, + "endColumn" : 29 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 11, + "startColumn" : 16, + "endColumn" : 29 + } + }, + "message" : { + "text" : "\"CAP:\" + book" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 7, + "startColumn" : 34, + "endColumn" : 37 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-separate-renderer-byname/webapp/view/app.view.xml", - "uriBaseId" : "%SRCROOT%", - "index" : 173 - } + "ruleId" : "js/cap-log-injection", + "rule" : { + "id" : "js/cap-log-injection", + "index" : 1, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1).\nLog entry depends on a [user-provided value](2)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "7c291d40b7c61d4f:1", + "primaryLocationStartColumnFingerprint" : "23" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 58 + }, + "region" : { + "startLine" : 6, + "startColumn" : 33, + "endColumn" : 36 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 58 + }, + "region" : { + "startLine" : 7, + "startColumn" : 39, + "endColumn" : 42 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 58 + }, + "region" : { + "startLine" : 7, + "startColumn" : 39, + "endColumn" : 47 + } + }, + "message" : { + "text" : "req.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 58 + }, + "region" : { + "startLine" : 7, + "startColumn" : 19, + "endColumn" : 36 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 58 + }, + "region" : { + "startLine" : 7, + "startColumn" : 21, + "endColumn" : 34 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 58 + }, + "region" : { + "startLine" : 7, + "startColumn" : 19, + "endColumn" : 47 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 58 + }, + "region" : { + "startLine" : 9, + "startColumn" : 38, + "endColumn" : 51 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 58 + }, + "region" : { + "startLine" : 9, + "startColumn" : 36, + "endColumn" : 53 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 38 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 43 + } + }, + "message" : { + "text" : "msg.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 32 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 7, + "startColumn" : 17, + "endColumn" : 30 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 43 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + }, + "message" : { + "text" : "messageToPass" + } + } + } ] + } ] + }, { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 38 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 43 + } + }, + "message" : { + "text" : "msg.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 32 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 7, + "startColumn" : 17, + "endColumn" : 30 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 43 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + }, + "message" : { + "text" : "messageToPass" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 58 + }, + "region" : { + "startLine" : 6, + "startColumn" : 33, + "endColumn" : 36 + } + }, + "message" : { + "text" : "user-provided value" + } + }, { + "id" : 2, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-complete-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 59 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/package-lock.json", - "uriBaseId" : "%SRCROOT%", - "index" : 174 - } + "ruleId" : "js/cap-log-injection", + "rule" : { + "id" : "js/cap-log-injection", + "index" : 1, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 18, + "startColumn" : 47, + "endColumn" : 48 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "e05b39891dddd161:1", + "primaryLocationStartColumnFingerprint" : "40" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 15, + "startColumn" : 24, + "endColumn" : 27 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 18, + "startColumn" : 17, + "endColumn" : 20 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 18, + "startColumn" : 17, + "endColumn" : 25 + } + }, + "message" : { + "text" : "req.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 18, + "startColumn" : 13, + "endColumn" : 25 + } + }, + "message" : { + "text" : "$" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 18, + "startColumn" : 47, + "endColumn" : 48 + } + }, + "message" : { + "text" : "$" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 15, + "startColumn" : 24, + "endColumn" : 27 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/package.json", - "uriBaseId" : "%SRCROOT%", - "index" : 175 - } + "ruleId" : "js/cap-log-injection", + "rule" : { + "id" : "js/cap-log-injection", + "index" : 1, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 25, + "startColumn" : 16, + "endColumn" : 29 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "4dc77ce4a9b7031e:1", + "primaryLocationStartColumnFingerprint" : "9" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 23, + "startColumn" : 34, + "endColumn" : 54 + } + }, + "message" : { + "text" : "req2.params.category" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 23, + "startColumn" : 13, + "endColumn" : 31 + } + }, + "message" : { + "text" : "{ book, quantity }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 23, + "startColumn" : 15, + "endColumn" : 19 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 23, + "startColumn" : 13, + "endColumn" : 54 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 25, + "startColumn" : 25, + "endColumn" : 29 + } + }, + "message" : { + "text" : "book" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 25, + "startColumn" : 16, + "endColumn" : 29 + } + }, + "message" : { + "text" : "\"CAP:\" + book" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-single-file/loginjection.js", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + }, + "region" : { + "startLine" : 23, + "startColumn" : 34, + "endColumn" : 54 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/manifest.json", - "uriBaseId" : "%SRCROOT%", - "index" : 176 - } + "ruleId" : "js/cap-log-injection", + "rule" : { + "id" : "js/cap-log-injection", + "index" : 1, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1).\nLog entry depends on a [user-provided value](2)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "7c291d40b7c61d4f:1", + "primaryLocationStartColumnFingerprint" : "23" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 38 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 43 + } + }, + "message" : { + "text" : "msg.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 32 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 7, + "startColumn" : 17, + "endColumn" : 30 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 43 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + }, + "message" : { + "text" : "messageToPass" + } + } + } ] + } ] + }, { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 63 + }, + "region" : { + "startLine" : 6, + "startColumn" : 33, + "endColumn" : 36 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 63 + }, + "region" : { + "startLine" : 7, + "startColumn" : 39, + "endColumn" : 42 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 63 + }, + "region" : { + "startLine" : 7, + "startColumn" : 39, + "endColumn" : 47 + } + }, + "message" : { + "text" : "req.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 63 + }, + "region" : { + "startLine" : 7, + "startColumn" : 19, + "endColumn" : 36 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 63 + }, + "region" : { + "startLine" : 7, + "startColumn" : 21, + "endColumn" : 34 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 63 + }, + "region" : { + "startLine" : 7, + "startColumn" : 19, + "endColumn" : 47 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 63 + }, + "region" : { + "startLine" : 9, + "startColumn" : 38, + "endColumn" : 51 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 63 + }, + "region" : { + "startLine" : 9, + "startColumn" : 36, + "endColumn" : 53 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 38 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 43 + } + }, + "message" : { + "text" : "msg.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 32 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 7, + "startColumn" : 17, + "endColumn" : 30 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 43 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + }, + "message" : { + "text" : "messageToPass" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 62 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "user-provided value" + } + }, { + "id" : 2, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 63 + }, + "region" : { + "startLine" : 6, + "startColumn" : 33, + "endColumn" : 36 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "javascript/frameworks/ui5/test/queries/UI5Xss/xss-webc-control/webapp/view/app.view.xml", - "uriBaseId" : "%SRCROOT%", - "index" : 177 - } + "ruleId" : "js/cap-log-injection", + "rule" : { + "id" : "js/cap-log-injection", + "index" : 1, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1).\nLog entry depends on a [user-provided value](2)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "7c291d40b7c61d4f:1", + "primaryLocationStartColumnFingerprint" : "23" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 38 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 43 + } + }, + "message" : { + "text" : "msg.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 32 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 7, + "startColumn" : 17, + "endColumn" : 30 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 43 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + }, + "message" : { + "text" : "messageToPass" + } + } + } ] + } ] + }, { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 67 + }, + "region" : { + "startLine" : 6, + "startColumn" : 33, + "endColumn" : 36 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 67 + }, + "region" : { + "startLine" : 7, + "startColumn" : 39, + "endColumn" : 42 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 67 + }, + "region" : { + "startLine" : 7, + "startColumn" : 39, + "endColumn" : 47 + } + }, + "message" : { + "text" : "req.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 67 + }, + "region" : { + "startLine" : 7, + "startColumn" : 19, + "endColumn" : 36 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 67 + }, + "region" : { + "startLine" : 7, + "startColumn" : 21, + "endColumn" : 34 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 67 + }, + "region" : { + "startLine" : 7, + "startColumn" : 19, + "endColumn" : 47 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 67 + }, + "region" : { + "startLine" : 9, + "startColumn" : 38, + "endColumn" : 51 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 67 + }, + "region" : { + "startLine" : 9, + "startColumn" : 36, + "endColumn" : 53 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 38 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 43 + } + }, + "message" : { + "text" : "msg.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 32 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 7, + "startColumn" : 17, + "endColumn" : 30 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 43 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + }, + "message" : { + "text" : "messageToPass" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 66 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "user-provided value" + } + }, { + "id" : 2, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 67 + }, + "region" : { + "startLine" : 6, + "startColumn" : 33, + "endColumn" : 36 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] }, { - "location" : { - "uri" : "qlt.conf.json", - "uriBaseId" : "%SRCROOT%", - "index" : 178 - } + "ruleId" : "js/cap-log-injection", + "rule" : { + "id" : "js/cap-log-injection", + "index" : 1, + "toolComponent" : { + "index" : 2 + } + }, + "message" : { + "text" : "Log entry depends on a [user-provided value](1).\nLog entry depends on a [user-provided value](2)." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "7c291d40b7c61d4f:1", + "primaryLocationStartColumnFingerprint" : "23" + }, + "codeFlows" : [ { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 70 + }, + "region" : { + "startLine" : 6, + "startColumn" : 33, + "endColumn" : 36 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 70 + }, + "region" : { + "startLine" : 7, + "startColumn" : 39, + "endColumn" : 42 + } + }, + "message" : { + "text" : "req" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 70 + }, + "region" : { + "startLine" : 7, + "startColumn" : 39, + "endColumn" : 47 + } + }, + "message" : { + "text" : "req.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 70 + }, + "region" : { + "startLine" : 7, + "startColumn" : 19, + "endColumn" : 36 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 70 + }, + "region" : { + "startLine" : 7, + "startColumn" : 21, + "endColumn" : 34 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 70 + }, + "region" : { + "startLine" : 7, + "startColumn" : 19, + "endColumn" : 47 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 70 + }, + "region" : { + "startLine" : 9, + "startColumn" : 38, + "endColumn" : 51 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 70 + }, + "region" : { + "startLine" : 9, + "startColumn" : 36, + "endColumn" : 53 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 38 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 43 + } + }, + "message" : { + "text" : "msg.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 32 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 7, + "startColumn" : 17, + "endColumn" : 30 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 43 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + }, + "message" : { + "text" : "messageToPass" + } + } + } ] + } ] + }, { + "threadFlows" : [ { + "locations" : [ { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 38 + } + }, + "message" : { + "text" : "msg" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 7, + "startColumn" : 35, + "endColumn" : 43 + } + }, + "message" : { + "text" : "msg.data" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 32 + } + }, + "message" : { + "text" : "{ messageToPass }" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 7, + "startColumn" : 17, + "endColumn" : 30 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 7, + "startColumn" : 15, + "endColumn" : 43 + } + }, + "message" : { + "text" : "messageToPass" + } + } + }, { + "location" : { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 9, + "startColumn" : 32, + "endColumn" : 45 + } + }, + "message" : { + "text" : "messageToPass" + } + } + } ] + } ] + } ], + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service1.js", + "uriBaseId" : "%SRCROOT%", + "index" : 70 + }, + "region" : { + "startLine" : 6, + "startColumn" : 33, + "endColumn" : 36 + } + }, + "message" : { + "text" : "user-provided value" + } + }, { + "id" : 2, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "javascript/frameworks/cap/test/queries/loginjection/log-injection-without-protocol-none/srv/service2.js", + "uriBaseId" : "%SRCROOT%", + "index" : 71 + }, + "region" : { + "startLine" : 6, + "startColumn" : 29, + "endColumn" : 32 + } + }, + "message" : { + "text" : "user-provided value" + } + } ] } ], - "results" : [ ], "newlineSequences" : [ "\r\n", "\n", "
", "
" ], "columnKind" : "utf16CodeUnits", "properties" : { @@ -8818,7 +26613,7 @@ } }, "ruleId" : "js/summary/lines-of-code", - "value" : 480 + "value" : 2973 }, { "rule" : { "id" : "js/summary/lines-of-user-code", @@ -8828,8 +26623,8 @@ } }, "ruleId" : "js/summary/lines-of-user-code", - "value" : 480, - "baseline" : 0 + "value" : 2973, + "baseline" : 2459 } ], "codeqlConfigSummary" : { "disableDefaultQueries" : false, @@ -8846,4 +26641,4 @@ } } } ] -} \ No newline at end of file +} diff --git a/.github/workflows/run-codeql-unit-tests-javascript.yml b/.github/workflows/run-codeql-unit-tests-javascript.yml index 4b5b41bc9..fb744e590 100644 --- a/.github/workflows/run-codeql-unit-tests-javascript.yml +++ b/.github/workflows/run-codeql-unit-tests-javascript.yml @@ -18,7 +18,7 @@ jobs: matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Install QLT id: install-qlt @@ -43,7 +43,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Install QLT id: install-qlt @@ -116,7 +116,7 @@ jobs: --work-dir $RUNNER_TMP - name: Upload test results - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: name: test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} path: | @@ -130,7 +130,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Install QLT id: install-qlt @@ -141,9 +141,10 @@ jobs: - name: Collect test results - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v4 - name: Validate test results run: | qlt test run validate-unit-tests --pretty-print --results-directory . >> $GITHUB_STEP_SUMMARY qlt test run validate-unit-tests --results-directory . + \ No newline at end of file diff --git a/.gitignore b/.gitignore index f6f2b741f..690edd408 100644 --- a/.gitignore +++ b/.gitignore @@ -69,3 +69,4 @@ tmp/ .cache/ **.testproj dbs +*.cds.json