SystemSh0cker/monaco-editor
1
0
Fork 0
mirror of https://github.com/microsoft/monaco-editor.git synced 2025-12-22 05:50:11 +01:00
Code Issues Projects Releases Packages Activity

Fixes CodeQL issues (#4090)

Browse source
This commit is contained in:
Henning Dieterichs 2023-07-19 17:05:52 +02:00 committed by GitHub
parent be57cbf4ef
commit 97c7fdb35c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 11 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

13
build/importTypescript.ts
View file

@ -37,10 +37,15 @@ export const typescriptVersion = "${typeScriptDependencyVersion}";\n`
let tsServices = fs.readFileSync(path.join(TYPESCRIPT_LIB_SOURCE, 'typescript.js')).toString(); let tsServices = fs.readFileSync(path.join(TYPESCRIPT_LIB_SOURCE, 'typescript.js')).toString();
tsServices = tsServices.replace( tsServices = tsServices
'const path = matchedStar ? subst.replace("*", matchedStar) : subst;', .replace(
'const path = matchedStar ? subst.replace("*", matchedStar) : subst; // CodeQL [SM02383] This is a false positive, the code is from the TypeScript compiler' 'const path = matchedStar ? subst.replace("*", matchedStar) : subst;',
); 'const path = matchedStar ? subst.replace("*", matchedStar) : subst; // CodeQL [SM02383] This is a false positive, the code is from the TypeScript compiler'
)
.replace(
'return key.replace("*", matchedStar);',
'return key.replace("*", matchedStar); // CodeQL [SM02383] This is a false positive, the code is from the TypeScript compiler'
);
// The output from this build will only be accessible via ESM; rather than removing // The output from this build will only be accessible via ESM; rather than removing
// references to require/module, define them as dummy variables that bundlers will ignore. // references to require/module, define them as dummy variables that bundlers will ignore.

2
src/language/typescript/lib/typescriptServices.js
View file

@ -44626,7 +44626,7 @@ ${lanes.join("\n")}
for (const { ending, value } of candidates) { for (const { ending, value } of candidates) {
if (value.length >= prefix.length + suffix.length && startsWith(value, prefix) && endsWith(value, suffix) && validateEnding({ ending, value })) { if (value.length >= prefix.length + suffix.length && startsWith(value, prefix) && endsWith(value, suffix) && validateEnding({ ending, value })) {
const matchedStar = value.substring(prefix.length, value.length - suffix.length); const matchedStar = value.substring(prefix.length, value.length - suffix.length);
return key.replace("*", matchedStar); return key.replace("*", matchedStar); // CodeQL [SM02383] This is a false positive, the code is from the TypeScript compiler
} }
} }
} else if (some(candidates, (c) => c.ending !== 0 /* Minimal */ && pattern === c.value) || some(candidates, (c) => c.ending === 0 /* Minimal */ && pattern === c.value && validateEnding(c))) { } else if (some(candidates, (c) => c.ending !== 0 /* Minimal */ && pattern === c.value) || some(candidates, (c) => c.ending === 0 /* Minimal */ && pattern === c.value && validateEnding(c))) {

2
website/src/runner/index.ts
View file

@ -46,7 +46,7 @@ async function initialize(state: IPreviewState) {
const style = document.createElement("style"); const style = document.createElement("style");
style.id = "custom-style"; style.id = "custom-style";
style.innerHTML = state.css; style.innerHTML = state.css; // CodeQL [SM03712] This is safe because the runner runs in an isolated iframe. This feature is essential to the functionality of the playground. // CodeQL [SM02688] This is safe because the runner runs in an isolated iframe. This feature is essential to the functionality of the playground.
document.body.appendChild(style); document.body.appendChild(style);
document.body.innerHTML += state.html; document.body.innerHTML += state.html;