deprecate unused document predicates in DOM.qll

erik-krogh · erik-krogh · commit c0a63beec1b0 · 2022-03-13T23:54:53.000+01:00
diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/DOM.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/DOM.qll
@@ -29,15 +29,22 @@ predicate isLocation(Expr e) {
 }
 
 /**
+ * DEPRECATED: Use DOM::documentRef() instead.
  * Gets a reference to the 'document' object.
  */
-DataFlow::SourceNode document() { result = DOM::documentRef() }
+deprecated DataFlow::SourceNode document() { result = DOM::documentRef() }
 
-/** Holds if `e` could refer to the `document` object. */
-predicate isDocument(Expr e) { DOM::documentRef().flowsToExpr(e) }
+/**
+ * DEPRECATED: Use DOM::documentRef() instead.
+ * Holds if `e` could refer to the `document` object.
+ */
+deprecated predicate isDocument(Expr e) { DOM::documentRef().flowsToExpr(e) }
 
-/** Holds if `e` could refer to the document URL. */
-predicate isDocumentURL(Expr e) { e.flow() = DOM::locationSource() }
+/**
+ * DEPRECATED: Use DOM::locationSource() instead.
+ * Holds if `e` could refer to the document URL.
+ */
+deprecated predicate isDocumentURL(Expr e) { e.flow() = DOM::locationSource() }
 
 /**
  * DEPRECATED. In most cases, a sanitizer based on this predicate can be removed, as
