Update test expectations for javascript/test/security/CWE-079/XSSReact.qlref

Jami Cogswell · Jami Cogswell · commit dcd2160df914 · 2025-04-29T14:01:59.000-04:00
diff --git a/javascript/test/security/CWE-079/XSSReact.expected b/javascript/test/security/CWE-079/XSSReact.expected
@@ -1,25 +1,18 @@
-nodes
-| app.jsx:12:11:12:27 | [query, setQuery] |
-| app.jsx:12:11:16:6 | query |
-| app.jsx:12:12:12:16 | query |
-| app.jsx:12:31:16:6 | useQuer ... \\n    }) |
-| app.jsx:12:31:16:6 | useQuer ... \\n    }) |
-| app.jsx:17:11:17:45 | { x: nu ... lters } |
-| app.jsx:17:11:17:53 | searchQuery |
-| app.jsx:17:21:17:34 | q: searchQuery |
-| app.jsx:17:49:17:53 | query |
-| app.jsx:26:52:26:62 | searchQuery |
-| app.jsx:26:52:26:62 | searchQuery |
 edges
-| app.jsx:12:11:12:27 | [query, setQuery] | app.jsx:12:12:12:16 | query |
-| app.jsx:12:11:16:6 | query | app.jsx:17:49:17:53 | query |
-| app.jsx:12:12:12:16 | query | app.jsx:12:11:16:6 | query |
-| app.jsx:12:31:16:6 | useQuer ... \\n    }) | app.jsx:12:11:12:27 | [query, setQuery] |
-| app.jsx:12:31:16:6 | useQuer ... \\n    }) | app.jsx:12:11:12:27 | [query, setQuery] |
-| app.jsx:17:11:17:45 | { x: nu ... lters } | app.jsx:17:21:17:34 | q: searchQuery |
-| app.jsx:17:11:17:53 | searchQuery | app.jsx:26:52:26:62 | searchQuery |
-| app.jsx:17:11:17:53 | searchQuery | app.jsx:26:52:26:62 | searchQuery |
-| app.jsx:17:21:17:34 | q: searchQuery | app.jsx:17:11:17:53 | searchQuery |
-| app.jsx:17:49:17:53 | query | app.jsx:17:11:17:45 | { x: nu ... lters } |
+| app.jsx:12:11:12:27 | [query, setQuery] | app.jsx:12:11:16:6 | query | provenance |  |
+| app.jsx:12:11:16:6 | query | app.jsx:17:49:17:53 | query | provenance |  |
+| app.jsx:12:31:16:6 | useQuer ... \\n    }) | app.jsx:12:11:12:27 | [query, setQuery] | provenance |  |
+| app.jsx:17:11:17:45 | { x: nu ... lters } | app.jsx:17:11:17:53 | searchQuery | provenance |  |
+| app.jsx:17:11:17:53 | searchQuery | app.jsx:26:52:26:62 | searchQuery | provenance |  |
+| app.jsx:17:49:17:53 | query | app.jsx:17:11:17:45 | { x: nu ... lters } | provenance |  |
+nodes
+| app.jsx:12:11:12:27 | [query, setQuery] | semmle.label | [query, setQuery] |
+| app.jsx:12:11:16:6 | query | semmle.label | query |
+| app.jsx:12:31:16:6 | useQuer ... \\n    }) | semmle.label | useQuer ... \\n    }) |
+| app.jsx:17:11:17:45 | { x: nu ... lters } | semmle.label | { x: nu ... lters } |
+| app.jsx:17:11:17:53 | searchQuery | semmle.label | searchQuery |
+| app.jsx:17:49:17:53 | query | semmle.label | query |
+| app.jsx:26:52:26:62 | searchQuery | semmle.label | searchQuery |
+subpaths
 #select
 | app.jsx:26:52:26:62 | searchQuery | app.jsx:12:31:16:6 | useQuer ... \\n    }) | app.jsx:26:52:26:62 | searchQuery | Cross-site scripting vulnerability due to $@. | app.jsx:12:31:16:6 | useQuer ... \\n    }) | user-provided value |
