use "depends to" for a taint-tracking query

erik-krogh · erik-krogh · commit 1be14962a075 · 2022-09-20T22:51:35.000+02:00
diff --git a/go/ql/src/Security/CWE-209/StackTraceExposure.ql b/go/ql/src/Security/CWE-209/StackTraceExposure.ql
@@ -77,5 +77,5 @@ class StackTraceExposureConfig extends TaintTracking::Configuration {
 from StackTraceExposureConfig cfg, DataFlow::PathNode source, DataFlow::PathNode sink
 where cfg.hasFlowPath(source, sink)
 select sink.getNode(), source, sink,
-  "$@ flows to a HTTP response and may be exposed to an external user.", source.getNode(),
-  "Stack trace information"
+  "HTTP response depends on $@ and may be exposed to an external user.", source.getNode(),
+  "stack trace information"
diff --git a/go/ql/test/query-tests/Security/CWE-209/StackTraceExposure.expected b/go/ql/test/query-tests/Security/CWE-209/StackTraceExposure.expected
@@ -5,4 +5,4 @@ nodes
 | test.go:17:10:17:12 | buf | semmle.label | buf |
 subpaths
 #select
-| test.go:17:10:17:12 | buf | test.go:14:2:14:4 | definition of buf : slice type | test.go:17:10:17:12 | buf | $@ flows to a HTTP response and may be exposed to an external user. | test.go:14:2:14:4 | definition of buf | Stack trace information |
+| test.go:17:10:17:12 | buf | test.go:14:2:14:4 | definition of buf : slice type | test.go:17:10:17:12 | buf | HTTP response depends on $@ and may be exposed to an external user. | test.go:14:2:14:4 | definition of buf | stack trace information |
