Pandurang Patil

We were trying to identify sources and sinks for one sample use case that I have created. Please find the attached zip file with the source code. I created a...

**Is your feature request related to a problem? Please describe.** When insert query is fired with executeQuery its been marked as DB read. **Describe the solution you'd like** As of...

Code is included in the scan results (as "excerpt")

1

**Is your feature request related to a problem? Please describe.** Code is included in the scan results (as "excerpt") which is used to provide context for the finding. If someone...

**Describe the bug** email validation links or password reset links risk leaking information (ex: https://email.auth.privado.ai/prod/redirect?code=&username=&clientId=&region=eu-west-1&email=&isCLI=true&website=). I’m certain all that GET data could be POSTed, encrypted, tokenized, or otherwise set up...

Storing output result privado.json inside repo itself seems problematic

1

**Is your feature request related to a problem? Please describe.** The approach to results storage is extremely interesting but also potentially problematic. At present, a repo’s scan result is stored...

[Bug] - missing dataflows with chained field access call on LHS side of assignment.

6

I was trying to get the flows in specific use cases from Javascript repo sample 1 - **This is the first issue.** ``` function sayHello(req) { var payload = {}...

``` val cpg = code( """ |module joern.io/sample |go 1.18 |""".stripMargin, "go.mod" ).moreCode( """ |package fpkg |type Sample struct { | Name string |} |func Woo(a int) int{ | return...