Skip to content

Commit 76cc1fc

Browse files
authored
Add CodeQL comments (microsoft#185735)
1 parent 8417c87 commit 76cc1fc

File tree

3 files changed

+7
-5
lines changed

3 files changed

+7
-5
lines changed

src/vs/base/worker/workerMain.ts

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,7 @@
5555
const func = (
5656
trustedTypesPolicy
5757
? globalThis.eval(<any>trustedTypesPolicy.createScript('', 'true'))
58-
: new Function('true')
58+
: new Function('true') // CodeQL [SM01632] fetch + eval is used on the web worker instead of importScripts if possible because importScripts is synchronous and we observed deadlocks on Safari
5959
);
6060
func.call(globalThis);
6161
return true;
@@ -85,7 +85,7 @@
8585
const func = (
8686
trustedTypesPolicy
8787
? globalThis.eval(trustedTypesPolicy.createScript('', text) as unknown as string)
88-
: new Function(text)
88+
: new Function(text) // CodeQL [SM01632] fetch + eval is used on the web worker instead of importScripts if possible because importScripts is synchronous and we observed deadlocks on Safari
8989
);
9090
func.call(globalThis);
9191
resolve();

src/vs/loader.js

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -656,7 +656,8 @@ var AMDLoader;
656656
try {
657657
const func = (trustedTypesPolicy
658658
? self.eval(trustedTypesPolicy.createScript('', 'true'))
659-
: new Function('true'));
659+
: new Function('true') // CodeQL [SM01632] the loader is responsible with loading code, fetch + eval is used on the web worker instead of importScripts if possible because importScripts is synchronous and we observed deadlocks on Safari
660+
);
660661
func.call(self);
661662
return true;
662663
}
@@ -705,7 +706,8 @@ var AMDLoader;
705706
text = `${text}\n//# sourceURL=${scriptSrc}`;
706707
const func = (trustedTypesPolicy
707708
? self.eval(trustedTypesPolicy.createScript('', text))
708-
: new Function(text));
709+
: new Function(text) // CodeQL [SM01632] the loader is responsible with loading code, fetch + eval is used on the web worker instead of importScripts if possible because importScripts is synchronous and we observed deadlocks on Safari
710+
);
709711
func.call(self);
710712
callback();
711713
}).then(undefined, errorback);

src/vs/workbench/services/keybinding/test/node/keyboardMapperTestUtils.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ export function assertResolveKeybinding(mapper: IKeyboardMapper, keybinding: Key
4848
export function readRawMapping<T>(file: string): Promise<T> {
4949
return Promises.readFile(FileAccess.asFileUri(`vs/workbench/services/keybinding/test/node/${file}.js`).fsPath).then((buff) => {
5050
const contents = buff.toString();
51-
const func = new Function('define', contents);
51+
const func = new Function('define', contents);// CodeQL [SM01632] This is used in tests and we read the files as JS to avoid slowing down TS compilation
5252
let rawMappings: T | null = null;
5353
func(function (value: T) {
5454
rawMappings = value;

0 commit comments

Comments
 (0)