From 505a82c673e29cd486ae9bdd1fc51236f354bff0 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 11 Sep 2023 18:38:07 -0400 Subject: [PATCH 01/11] refactor for QLT --- .github/actions/install-codeql/action.yml | 109 +++++++++++++++ .github/actions/install-qlt/action.yml | 86 ++++++++++++ .../run-codeql-unit-tests-javascript.yml | 132 ++++++++++++++++++ codeql-workspace.yml | 3 +- .../src/UI5Clickjacking}/UI5Clickjacking.md | 0 .../src/UI5Clickjacking}/UI5Clickjacking.ql | 0 .../src/UI5LogInjection}/UI5LogInjection.md | 0 .../src/UI5LogInjection}/UI5LogInjection.ql | 0 .../src/UI5Xss}/UI5Xss.md | 0 .../src/UI5Xss}/UI5Xss.ql | 2 +- .../src/codeql-pack.lock.yml | 4 + .../src}/models/UI5.qll | 2 +- .../src}/models/UI5AMDModule.qll | 0 .../src}/models/UI5DataFlow.qll | 0 .../src}/models/UI5HTML.qll | 0 .../src}/models/UI5View.qll | 0 .../src}/qlpack.yml | 0 .../test}/README.md | 50 +++---- .../UI5Clickjacking}/UI5Clickjacking.expected | 0 .../UI5Clickjacking}/UI5Clickjacking.qlref | 0 .../UI5Clickjacking.expected | 0 .../UI5Clickjacking.qlref | 0 .../clickjacking-allow-all/index.html | 0 .../clickjacking-allow-all/ui5.yaml | 0 .../UI5Clickjacking.expected | 0 .../UI5Clickjacking.qlref | 0 .../clickjacking-default-all/index.html | 0 .../clickjacking-default-all/ui5.yaml | 0 .../UI5Clickjacking.expected | 0 .../UI5Clickjacking.qlref | 0 .../clickjacking-deny-all/index.html | 0 .../clickjacking-deny-all/ui5.yaml | 0 .../LogInjection.expected | 0 .../avoid-duplicate-alerts/LogInjection.qlref | 0 .../LogInjectionTest.js | 0 .../UI5LogInjection.expected | 0 .../UI5LogInjection.qlref | 0 .../UI5LogInjection.expected | 0 .../UI5LogInjection.qlref | 0 .../package-lock.json | 0 .../package.json | 0 .../ui5.yaml | 0 .../webapp/control/xss.js | 0 .../webapp/controller/app.controller.js | 0 .../webapp/index.html | 0 .../webapp/index.js | 0 .../webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../UI5LogInjection.expected | 0 .../UI5LogInjection.qlref | 0 .../package-lock.json | 0 .../log-custom-control-sanitized/package.json | 0 .../log-custom-control-sanitized/ui5.yaml | 0 .../webapp/control/xss.js | 0 .../webapp/controller/app.controller.js | 0 .../webapp/index.html | 0 .../webapp/index.js | 0 .../webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../UI5LogInjection.expected | 0 .../log-html-control-df/UI5LogInjection.qlref | 0 .../log-html-control-df/package-lock.json | 0 .../log-html-control-df/package.json | 0 .../log-html-control-df/ui5.yaml | 0 .../webapp/controller/app.controller.js | 0 .../log-html-control-df/webapp/index.html | 0 .../log-html-control-df/webapp/index.js | 0 .../log-html-control-df/webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../avoid-duplicate-alerts/UI5Xss.expected | 0 .../avoid-duplicate-alerts/UI5Xss.qlref | 0 .../avoid-duplicate-alerts/Xss.expected | 0 .../UI5Xss}/avoid-duplicate-alerts/Xss.qlref | 0 .../UI5Xss}/avoid-duplicate-alerts/XssTest.js | 0 .../UI5Xss}/xss-book-example/.eslintrc.json | 0 .../test/UI5Xss}/xss-book-example/.npmrc | 0 .../UI5Xss}/xss-book-example/UI5Xss.expected | 0 .../UI5Xss}/xss-book-example/UI5Xss.qlref | 0 .../UI5Xss}/xss-book-example/diagram.drawio | 0 .../test/UI5Xss}/xss-book-example/diagram.svg | 0 .../xss-book-example/package-lock.json | 0 .../UI5Xss}/xss-book-example/package.json | 0 .../test/UI5Xss}/xss-book-example/ui5.yaml | 0 .../xss-book-example/webapp/Component.js | 0 .../webapp/controller/App.Controller.js | 0 .../xss-book-example/webapp/controls/Book.js | 0 .../xss-book-example/webapp/css/styles.css | 0 .../webapp/i18n/i18n.properties | 0 .../webapp/i18n/i18n_de.properties | 0 .../webapp/i18n/i18n_en.properties | 0 .../xss-book-example/webapp/img/logo_ui5.png | Bin .../xss-book-example/webapp/index.html | 0 .../xss-book-example/webapp/manifest.json | 0 .../webapp/model/todoitems.json | 0 .../webapp/test/integration/AllJourneys.js | 0 .../webapp/test/integration/FilterJourney.js | 0 .../webapp/test/integration/SearchJourney.js | 0 .../test/integration/TodoListJourney.js | 0 .../test/integration/arrangements/Startup.js | 0 .../test/integration/opaTests.qunit.html | 0 .../webapp/test/integration/opaTests.qunit.js | 0 .../webapp/test/integration/pages/App.js | 0 .../webapp/test/testsuite.qunit.html | 0 .../webapp/test/testsuite.qunit.js | 0 .../webapp/test/unit/AllTests.js | 0 .../test/unit/controller/App.controller.js | 0 .../webapp/test/unit/unitTests.qunit.html | 0 .../webapp/test/unit/unitTests.qunit.js | 0 .../xss-book-example/webapp/util/Helper.js | 0 .../xss-book-example/webapp/view/App.view.xml | 0 .../xss-custom-control-api1/UI5Xss.expected | 0 .../xss-custom-control-api1/UI5Xss.qlref | 0 .../xss-custom-control-api1/package-lock.json | 0 .../xss-custom-control-api1/package.json | 0 .../UI5Xss}/xss-custom-control-api1/ui5.yaml | 0 .../webapp/control/xss.js | 0 .../webapp/controller/app.controller.js | 0 .../xss-custom-control-api1/webapp/index.html | 0 .../xss-custom-control-api1/webapp/index.js | 0 .../webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../xss-custom-control-api2/UI5Xss.expected | 0 .../xss-custom-control-api2/UI5Xss.qlref | 0 .../xss-custom-control-api2/package-lock.json | 0 .../xss-custom-control-api2/package.json | 0 .../UI5Xss}/xss-custom-control-api2/ui5.yaml | 0 .../webapp/control/xss.js | 0 .../webapp/controller/app.controller.js | 0 .../xss-custom-control-api2/webapp/index.html | 0 .../xss-custom-control-api2/webapp/index.js | 0 .../webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../xss-custom-control-jquery/UI5Xss.expected | 0 .../xss-custom-control-jquery/UI5Xss.qlref | 0 .../package-lock.json | 0 .../xss-custom-control-jquery/package.json | 0 .../xss-custom-control-jquery/ui5.yaml | 0 .../webapp/control/xss.js | 0 .../webapp/controller/app.controller.js | 0 .../webapp/index.html | 0 .../xss-custom-control-jquery/webapp/index.js | 0 .../webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../UI5Xss.expected | 0 .../UI5Xss.qlref | 0 .../package-lock.json | 0 .../package.json | 0 .../ui5.yaml | 0 .../webapp/control/xss.js | 0 .../webapp/controller/app.controller.js | 0 .../webapp/index.html | 0 .../webapp/index.js | 0 .../webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../UI5Xss.expected | 0 .../xss-custom-control-sanitized/UI5Xss.qlref | 0 .../package-lock.json | 0 .../xss-custom-control-sanitized/package.json | 0 .../xss-custom-control-sanitized/ui5.yaml | 0 .../webapp/control/xss.js | 0 .../webapp/controller/app.controller.js | 0 .../webapp/index.html | 0 .../webapp/index.js | 0 .../webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../xss-event-handlers/UI5Xss.expected | 0 .../UI5Xss}/xss-event-handlers/UI5Xss.qlref | 0 .../xss-event-handlers/package-lock.json | 0 .../UI5Xss}/xss-event-handlers/package.json | 0 .../test/UI5Xss}/xss-event-handlers/ui5.yaml | 0 .../webapp/controller/app.controller.js | 0 .../xss-event-handlers/webapp/index.html | 0 .../xss-event-handlers/webapp/index.js | 0 .../xss-event-handlers/webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../xss-html-control-df/UI5Xss.expected | 0 .../UI5Xss}/xss-html-control-df/UI5Xss.qlref | 0 .../xss-html-control-df/package-lock.json | 0 .../UI5Xss}/xss-html-control-df/package.json | 0 .../test/UI5Xss}/xss-html-control-df/ui5.yaml | 0 .../webapp/controller/app.controller.js | 0 .../xss-html-control-df/webapp/index.html | 0 .../xss-html-control-df/webapp/index.js | 0 .../xss-html-control-df/webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../xss-html-control-oneway/UI5Xss.expected | 0 .../xss-html-control-oneway/UI5Xss.qlref | 0 .../xss-html-control-oneway/package-lock.json | 0 .../xss-html-control-oneway/package.json | 0 .../UI5Xss}/xss-html-control-oneway/ui5.yaml | 0 .../webapp/controller/app.controller.js | 0 .../xss-html-control-oneway/webapp/index.html | 0 .../xss-html-control-oneway/webapp/index.js | 0 .../webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../UI5Xss}/xss-html-control/UI5Xss.expected | 0 .../UI5Xss}/xss-html-control/UI5Xss.qlref | 0 .../xss-html-control/package-lock.json | 0 .../UI5Xss}/xss-html-control/package.json | 0 .../test/UI5Xss}/xss-html-control/ui5.yaml | 0 .../webapp/controller/app.controller.js | 0 .../xss-html-control/webapp/index.html | 0 .../UI5Xss}/xss-html-control/webapp/index.js | 0 .../xss-html-control/webapp/manifest.json | 0 .../xss-html-control/webapp/view/app.view.xml | 0 .../xss-html-external-model/UI5Xss.expected | 0 .../xss-html-external-model/UI5Xss.qlref | 0 .../xss-html-external-model/package-lock.json | 0 .../xss-html-external-model/package.json | 0 .../UI5Xss}/xss-html-external-model/ui5.yaml | 0 .../webapp/controller/app.controller.js | 0 .../webapp/controller/model.json | 0 .../xss-html-external-model/webapp/index.html | 0 .../xss-html-external-model/webapp/index.js | 0 .../webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../UI5Xss}/xss-html-view/UI5Xss.expected | 0 .../test/UI5Xss}/xss-html-view/UI5Xss.qlref | 0 .../UI5Xss}/xss-html-view/package-lock.json | 0 .../test/UI5Xss}/xss-html-view/package.json | 0 .../test/UI5Xss}/xss-html-view/ui5.yaml | 0 .../webapp/controller/app.controller.js | 0 .../UI5Xss}/xss-html-view/webapp/index.html | 0 .../UI5Xss}/xss-html-view/webapp/index.js | 0 .../xss-html-view/webapp/manifest.json | 0 .../xss-html-view/webapp/view}/app.view.html | 0 .../xss-indirect-control/UI5Xss.expected | 0 .../UI5Xss}/xss-indirect-control/UI5Xss.qlref | 0 .../xss-indirect-control/package-lock.json | 0 .../UI5Xss}/xss-indirect-control/package.json | 0 .../UI5Xss}/xss-indirect-control/ui5.yaml | 0 .../webapp/control/xss.js | 0 .../webapp/control/xssBase.js | 0 .../webapp/control/xssRenderer.js | 0 .../webapp/controller/app.controller.js | 0 .../xss-indirect-control/webapp/index.html | 0 .../xss-indirect-control/webapp/index.js | 0 .../xss-indirect-control/webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../test/UI5Xss}/xss-js-view/UI5Xss.expected | 0 .../test/UI5Xss}/xss-js-view/UI5Xss.qlref | 0 .../UI5Xss}/xss-js-view/package-lock.json | 0 .../test/UI5Xss}/xss-js-view/package.json | 0 .../test/UI5Xss}/xss-js-view/ui5.yaml | 0 .../webapp/controller/app.controller.js | 0 .../UI5Xss}/xss-js-view/webapp/index.html | 0 .../test/UI5Xss}/xss-js-view/webapp/index.js | 0 .../UI5Xss}/xss-js-view/webapp/manifest.json | 0 .../xss-js-view/webapp/view}/app.view.js | 0 .../UI5Xss}/xss-json-view/UI5Xss.expected | 0 .../test/UI5Xss}/xss-json-view/UI5Xss.qlref | 0 .../UI5Xss}/xss-json-view/package-lock.json | 0 .../test/UI5Xss}/xss-json-view/package.json | 0 .../test/UI5Xss}/xss-json-view/ui5.yaml | 0 .../webapp/controller/app.controller.js | 0 .../UI5Xss}/xss-json-view/webapp/index.html | 0 .../UI5Xss}/xss-json-view/webapp/index.js | 0 .../xss-json-view/webapp/manifest.json | 0 .../xss-json-view/webapp/view/app.view.json | 0 .../UI5Xss.expected | 0 .../xss-separate-renderer-byname/UI5Xss.qlref | 0 .../package-lock.json | 0 .../xss-separate-renderer-byname/package.json | 0 .../xss-separate-renderer-byname/ui5.yaml | 0 .../webapp/control/xss.js | 0 .../webapp/control/xssRenderer.js | 0 .../webapp/controller/app.controller.js | 0 .../webapp/index.html | 0 .../webapp/index.js | 0 .../webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../xss-separate-renderer/UI5Xss.expected | 0 .../xss-separate-renderer/UI5Xss.qlref | 0 .../xss-separate-renderer/package-lock.json | 0 .../xss-separate-renderer/package.json | 0 .../UI5Xss}/xss-separate-renderer/ui5.yaml | 0 .../webapp/control/renderer.js | 0 .../webapp/control/xss.js | 0 .../webapp/controller/app.controller.js | 0 .../xss-separate-renderer/webapp/index.html | 0 .../xss-separate-renderer/webapp/index.js | 0 .../webapp/manifest.json | 0 .../webapp/view/app.view.xml | 0 .../UI5Xss}/xss-webc-control/UI5Xss.expected | 0 .../UI5Xss}/xss-webc-control/UI5Xss.qlref | 0 .../xss-webc-control/package-lock.json | 0 .../UI5Xss}/xss-webc-control/package.json | 0 .../test/UI5Xss}/xss-webc-control/ui5.yaml | 0 .../webapp/controller/app.controller.js | 0 .../xss-webc-control/webapp/index.html | 0 .../UI5Xss}/xss-webc-control/webapp/index.js | 0 .../xss-webc-control/webapp/manifest.json | 0 .../xss-webc-control/webapp/view/app.view.xml | 0 .../test/codeql-pack.lock.yml | 4 + .../test/models/binding_path}/app.view.html | 0 .../test/models/binding_path}/app.view.js | 0 .../test}/models/binding_path/binding1.json | 0 .../test}/models/binding_path/binding1.xml | 0 .../models/binding_path/bindingComposite.xml | 0 .../models/binding_path/bindingTest.expected | 0 .../test}/models/binding_path/bindingTest.ql | 0 .../models/sink/UI5ViewSinkTest.expected | 0 .../test}/models/sink/UI5ViewSinkTest.ql | 0 .../test}/models/sink/logSinkTest.expected | 0 .../test}/models/sink/logSinkTest.ql | 0 .../test}/models/sink/pathSinkTest.expected | 0 .../test}/models/sink/pathSinkTest.ql | 0 .../test}/models/sink/sink.js | 0 .../test}/models/sink/sink1.xml | 0 .../test}/models/sink/sinkTest.expected | 0 .../test}/models/sink/xssSinkTest.expected | 0 .../test}/models/sink/xssSinkTest.ql | 0 .../models/source/UI5ViewSourceTest.expected | 0 .../test}/models/source/UI5ViewSourceTest.ql | 0 .../test}/models/source/source.js | 0 .../test}/models/source/source1.xml | 0 .../test}/models/source/sourceTest.expected | 0 .../test}/models/source/sourceTest.ql | 0 .../test}/models/summary/summary.js | 0 .../test}/models/summary/summaryTest.expected | 0 .../test}/models/summary/summaryTest.qlref | 0 .../test}/qlpack.yml | 6 +- qlt.conf.json | 5 + scripts/codeql-pack.lock.yml | 14 +- src/codeql-pack.lock.yml | 14 -- test/codeql-pack.lock.yml | 20 --- 326 files changed, 372 insertions(+), 79 deletions(-) create mode 100644 .github/actions/install-codeql/action.yml create mode 100644 .github/actions/install-qlt/action.yml create mode 100644 .github/workflows/run-codeql-unit-tests-javascript.yml rename {src/queries => javascript/javascript-sap-ui5-queries/src/UI5Clickjacking}/UI5Clickjacking.md (100%) rename {src/queries => javascript/javascript-sap-ui5-queries/src/UI5Clickjacking}/UI5Clickjacking.ql (100%) rename {src/queries => javascript/javascript-sap-ui5-queries/src/UI5LogInjection}/UI5LogInjection.md (100%) rename {src/queries => javascript/javascript-sap-ui5-queries/src/UI5LogInjection}/UI5LogInjection.ql (100%) rename {src/queries => javascript/javascript-sap-ui5-queries/src/UI5Xss}/UI5Xss.md (100%) rename {src/queries => javascript/javascript-sap-ui5-queries/src/UI5Xss}/UI5Xss.ql (99%) create mode 100644 javascript/javascript-sap-ui5-queries/src/codeql-pack.lock.yml rename {src => javascript/javascript-sap-ui5-queries/src}/models/UI5.qll (99%) rename {src => javascript/javascript-sap-ui5-queries/src}/models/UI5AMDModule.qll (100%) rename {src => javascript/javascript-sap-ui5-queries/src}/models/UI5DataFlow.qll (100%) rename {src => javascript/javascript-sap-ui5-queries/src}/models/UI5HTML.qll (100%) rename {src => javascript/javascript-sap-ui5-queries/src}/models/UI5View.qll (100%) rename {src => javascript/javascript-sap-ui5-queries/src}/qlpack.yml (100%) rename {test/queries => javascript/javascript-sap-ui5-queries/test}/README.md (56%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/UI5Clickjacking.expected (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/UI5Clickjacking.qlref (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/clickjacking-allow-all/UI5Clickjacking.expected (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/clickjacking-allow-all/UI5Clickjacking.qlref (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/clickjacking-allow-all/index.html (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/clickjacking-allow-all/ui5.yaml (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/clickjacking-default-all/UI5Clickjacking.expected (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/clickjacking-default-all/UI5Clickjacking.qlref (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/clickjacking-default-all/index.html (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/clickjacking-default-all/ui5.yaml (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/clickjacking-deny-all/UI5Clickjacking.expected (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/clickjacking-deny-all/UI5Clickjacking.qlref (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/clickjacking-deny-all/index.html (100%) rename {test/queries/clickjacking => javascript/javascript-sap-ui5-queries/test/UI5Clickjacking}/clickjacking-deny-all/ui5.yaml (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/avoid-duplicate-alerts/LogInjection.expected (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/avoid-duplicate-alerts/LogInjection.qlref (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/avoid-duplicate-alerts/LogInjectionTest.js (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/avoid-duplicate-alerts/UI5LogInjection.expected (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/avoid-duplicate-alerts/UI5LogInjection.qlref (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-property-sanitized/UI5LogInjection.expected (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-property-sanitized/UI5LogInjection.qlref (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-property-sanitized/package-lock.json (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-property-sanitized/package.json (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-property-sanitized/ui5.yaml (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-property-sanitized/webapp/control/xss.js (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-property-sanitized/webapp/controller/app.controller.js (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-property-sanitized/webapp/index.html (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-property-sanitized/webapp/index.js (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-property-sanitized/webapp/manifest.json (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-property-sanitized/webapp/view/app.view.xml (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-sanitized/UI5LogInjection.expected (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-sanitized/UI5LogInjection.qlref (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-sanitized/package-lock.json (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-sanitized/package.json (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-sanitized/ui5.yaml (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-sanitized/webapp/control/xss.js (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-sanitized/webapp/controller/app.controller.js (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-sanitized/webapp/index.html (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-sanitized/webapp/index.js (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-sanitized/webapp/manifest.json (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-custom-control-sanitized/webapp/view/app.view.xml (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-html-control-df/UI5LogInjection.expected (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-html-control-df/UI5LogInjection.qlref (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-html-control-df/package-lock.json (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-html-control-df/package.json (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-html-control-df/ui5.yaml (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-html-control-df/webapp/controller/app.controller.js (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-html-control-df/webapp/index.html (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-html-control-df/webapp/index.js (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-html-control-df/webapp/manifest.json (100%) rename {test/queries/log-injection => javascript/javascript-sap-ui5-queries/test/UI5LogInjection}/log-html-control-df/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/avoid-duplicate-alerts/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/avoid-duplicate-alerts/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/avoid-duplicate-alerts/Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/avoid-duplicate-alerts/Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/avoid-duplicate-alerts/XssTest.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/.eslintrc.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/.npmrc (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/diagram.drawio (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/diagram.svg (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/Component.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/controller/App.Controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/controls/Book.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/css/styles.css (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/i18n/i18n.properties (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/i18n/i18n_de.properties (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/i18n/i18n_en.properties (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/img/logo_ui5.png (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/model/todoitems.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/integration/AllJourneys.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/integration/FilterJourney.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/integration/SearchJourney.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/integration/TodoListJourney.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/integration/arrangements/Startup.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/integration/opaTests.qunit.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/integration/opaTests.qunit.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/integration/pages/App.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/testsuite.qunit.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/testsuite.qunit.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/unit/AllTests.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/unit/controller/App.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/unit/unitTests.qunit.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/test/unit/unitTests.qunit.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/util/Helper.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-book-example/webapp/view/App.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api1/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api1/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api1/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api1/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api1/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api1/webapp/control/xss.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api1/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api1/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api1/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api1/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api1/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api2/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api2/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api2/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api2/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api2/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api2/webapp/control/xss.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api2/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api2/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api2/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api2/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-api2/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-jquery/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-jquery/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-jquery/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-jquery/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-jquery/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-jquery/webapp/control/xss.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-jquery/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-jquery/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-jquery/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-jquery/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-jquery/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-property-sanitized/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-property-sanitized/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-property-sanitized/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-property-sanitized/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-property-sanitized/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-property-sanitized/webapp/control/xss.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-property-sanitized/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-property-sanitized/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-property-sanitized/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-property-sanitized/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-property-sanitized/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-sanitized/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-sanitized/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-sanitized/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-sanitized/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-sanitized/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-sanitized/webapp/control/xss.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-sanitized/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-sanitized/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-sanitized/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-sanitized/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-custom-control-sanitized/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-event-handlers/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-event-handlers/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-event-handlers/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-event-handlers/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-event-handlers/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-event-handlers/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-event-handlers/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-event-handlers/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-event-handlers/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-event-handlers/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-df/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-df/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-df/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-df/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-df/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-df/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-df/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-df/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-df/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-df/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-oneway/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-oneway/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-oneway/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-oneway/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-oneway/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-oneway/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-oneway/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-oneway/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-oneway/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control-oneway/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-control/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-external-model/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-external-model/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-external-model/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-external-model/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-external-model/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-external-model/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-external-model/webapp/controller/model.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-external-model/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-external-model/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-external-model/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-external-model/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-view/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-view/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-view/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-view/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-view/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-view/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-view/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-view/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-html-view/webapp/manifest.json (100%) rename {test/models/binding_path => javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/webapp/view}/app.view.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/webapp/control/xss.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/webapp/control/xssBase.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/webapp/control/xssRenderer.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-indirect-control/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-js-view/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-js-view/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-js-view/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-js-view/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-js-view/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-js-view/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-js-view/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-js-view/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-js-view/webapp/manifest.json (100%) rename {test/models/binding_path => javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/webapp/view}/app.view.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-json-view/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-json-view/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-json-view/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-json-view/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-json-view/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-json-view/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-json-view/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-json-view/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-json-view/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-json-view/webapp/view/app.view.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer-byname/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer-byname/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer-byname/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer-byname/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer-byname/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer-byname/webapp/control/xss.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer-byname/webapp/control/xssRenderer.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer-byname/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer-byname/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer-byname/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer-byname/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer-byname/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer/webapp/control/renderer.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer/webapp/control/xss.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-separate-renderer/webapp/view/app.view.xml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-webc-control/UI5Xss.expected (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-webc-control/UI5Xss.qlref (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-webc-control/package-lock.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-webc-control/package.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-webc-control/ui5.yaml (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-webc-control/webapp/controller/app.controller.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-webc-control/webapp/index.html (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-webc-control/webapp/index.js (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-webc-control/webapp/manifest.json (100%) rename {test/queries/xss => javascript/javascript-sap-ui5-queries/test/UI5Xss}/xss-webc-control/webapp/view/app.view.xml (100%) create mode 100644 javascript/javascript-sap-ui5-queries/test/codeql-pack.lock.yml rename {test/queries/xss/xss-html-view/webapp/view => javascript/javascript-sap-ui5-queries/test/models/binding_path}/app.view.html (100%) rename {test/queries/xss/xss-js-view/webapp/view => javascript/javascript-sap-ui5-queries/test/models/binding_path}/app.view.js (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/binding_path/binding1.json (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/binding_path/binding1.xml (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/binding_path/bindingComposite.xml (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/binding_path/bindingTest.expected (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/binding_path/bindingTest.ql (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/sink/UI5ViewSinkTest.expected (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/sink/UI5ViewSinkTest.ql (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/sink/logSinkTest.expected (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/sink/logSinkTest.ql (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/sink/pathSinkTest.expected (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/sink/pathSinkTest.ql (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/sink/sink.js (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/sink/sink1.xml (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/sink/sinkTest.expected (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/sink/xssSinkTest.expected (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/sink/xssSinkTest.ql (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/source/UI5ViewSourceTest.expected (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/source/UI5ViewSourceTest.ql (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/source/source.js (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/source/source1.xml (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/source/sourceTest.expected (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/source/sourceTest.ql (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/summary/summary.js (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/summary/summaryTest.expected (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/models/summary/summaryTest.qlref (100%) rename {test => javascript/javascript-sap-ui5-queries/test}/qlpack.yml (59%) create mode 100644 qlt.conf.json delete mode 100644 src/codeql-pack.lock.yml delete mode 100644 test/codeql-pack.lock.yml diff --git a/.github/actions/install-codeql/action.yml b/.github/actions/install-codeql/action.yml new file mode 100644 index 000000000..29e575228 --- /dev/null +++ b/.github/actions/install-codeql/action.yml @@ -0,0 +1,109 @@ +name: Fetch CodeQL CLI and queries +description: | + Fetches a CodeQL CLI and a copy of the CodeQL standard libraries at the specified versions. +inputs: + codeql-cli-version: + description: | + The version of the CodeQL CLI to be downloaded. + required: false + default: 'latest' + + codeql-stdlib-version: + description: | + The tag or commit to use from the CodeQL Standard Library + required: false + default: 'latest' + + add-to-path: + description: | + Add the CodeQL CLI to the system path + required: false + default: 'true' + + codeql-home: + description: | + The directory to store the CodeQL CLI and Standard Library. + A fixed location can be used for caching the tooling. + required: false +outputs: + codeql-home: + description: 'The directory containing the CodeQL CLI and CodeQL Standard Library' + value: ${{ steps.install-codeql.outputs.codeql-home }} + +runs: + using: composite + steps: + - name: Install CodeQL + id: install-codeql + env: + RUNNER_OS: ${{ runner.os }} + RUNNER_TEMP: ${{ runner.temp }} + CODEQL_CLI_VERSION: ${{ inputs.codeql-cli-version }} + CODEQL_STDLIB_VERSION: ${{ inputs.codeql-stdlib-version }} + GITHUB_TOKEN: ${{ github.token }} + ADD_TO_PATH: ${{ inputs.add-to-path }} + CODEQL_HOME: ${{ inputs.codeql-home }} + shell: bash + run: | + echo "::debug::Determining CodeQL release for $RUNNER_OS" + case $RUNNER_OS in + "Linux") + RELEASE_PATTERN="codeql-linux64.zip" + ;; + "macOS") + RELEASE_PATTERN="codeql-osx64.zip" + ;; + "Windows") + RELEASE_PATTERN="codeql-win64.zip" + ;; + *) + echo "::error::Unsupported runner operating system $RUNNER_OS" + exit 1 + ;; + esac + echo "::debug::Selected $RELEASE_PATTERN" + + if [ "$CODEQL_HOME" == "" ] + then + echo "::debug::Creating temporary CodeQL home" + CODEQL_HOME=$(mktemp -d -p $RUNNER_TEMP codeql-home-XXXXXXXXXX) + else + echo "::debug::Creating CodeQL home at $CODEQL_HOME" + mkdir -p $CODEQL_HOME + fi + + echo "::debug::Changing directory to $CODEQL_HOME" + pushd $CODEQL_HOME + + echo "::debug::Downloading CodeQL CLI version $CODEQL_CLI_VERSION" + if [ "$CODEQL_CLI_VERSION" == "latest" ] + then + gh release download --repo https://github.com/github/codeql-cli-binaries --pattern $RELEASE_PATTERN + else + gh release download "v${CODEQL_CLI_VERSION}" --repo https://github.com/github/codeql-cli-binaries --pattern $RELEASE_PATTERN + fi + echo "::debug::Unpacking CodeQL CLI" + unzip -q $RELEASE_PATTERN + + echo "::debug::Cloning CodeQL standard library" + git clone https://github.com/github/codeql.git codeql-stdlib + + if [ "$CODEQL_STDLIB_VERSION" != "latest" ] + then + pushd codeql-stdlib + echo "::debug::Switching to revision $CODEQL_STDLIB_VERSION" + git checkout $CODEQL_STDLIB_VERSION + popd + fi + + if [ "$ADD_TO_PATH" == "true" ] + then + echo "::debug::Adding CodeQL CLI path '$(pwd)/codeql' to system path" + echo "$(pwd)/codeql" >> $GITHUB_PATH + fi + + echo "::debug::Setting output parameter codeql-home to $(pwd)" + echo "codeql-home=$(pwd)" >> $GITHUB_OUTPUT + + popd + echo "::debug::Done." diff --git a/.github/actions/install-qlt/action.yml b/.github/actions/install-qlt/action.yml new file mode 100644 index 000000000..24e274270 --- /dev/null +++ b/.github/actions/install-qlt/action.yml @@ -0,0 +1,86 @@ +name: Fetch and Install QLT +description: | + Fetches and installs QLT. +inputs: + qlt-version: + description: | + The version of QLT to be downloaded. + required: false + default: 'latest' + + add-to-path: + description: | + Add QLT to the system path + required: false + default: 'true' + + token: + description: | + Token to use for auth + required: true + +outputs: + qlt-home: + description: 'The directory containing the QLT installation' + value: ${{ steps.install-qlt.outputs.qlt-home }} + +runs: + using: composite + steps: + - name: Install QLT + id: install-qlt + env: + RUNNER_OS: ${{ runner.os }} + RUNNER_TEMP: ${{ runner.temp }} + GITHUB_TOKEN: ${{ inputs.token }} + ADD_TO_PATH: ${{ inputs.add-to-path }} + QLT_VERSION: ${{ inputs.qlt-version }} + QLT_HOME: ${{ inputs.qlt-home }} + shell: bash + run: | + echo -e "\e[0;32m[QLT]\e[0m Determining QLT release for $RUNNER_OS" + case $RUNNER_OS in + "Linux") + RELEASE_PATTERN="qlt-linux-x86_64.zip" + ;; + *) + echo "::error::Unsupported runner operating system $RUNNER_OS" + exit 1 + ;; + esac + echo -e "\e[0;32m[QLT]\e[0m Selected $RELEASE_PATTERN" + + if [ "$QLT_HOME" == "" ] + then + echo -e "\e[0;32m[QLT]\e[0m Creating temporary QLT home" + QLT_HOME=$(mktemp -d -p $RUNNER_TEMP qlt-home-XXXXXXXXXX) + else + echo -e "\e[0;32m[QLT]\e[0m Creating CodeQL home at $QLT_HOME" + mkdir -p $QLT_HOME + fi + + echo -e "\e[0;32m[QLT]\e[0m Changing directory to $QLT_HOME" + pushd $QLT_HOME + + echo -e "\e[0;32m[QLT]\e[0m Downloading QLT version $QLT_VERSION" + if [ "$QLT_VERSION" == "latest" ] + then + # download the actual bundle + gh release download -R advanced-security/codeql-development-toolkit --pattern "$RELEASE_PATTERN" + else + gh release download "$QLT_VERSION" -R advanced-security/codeql-development-toolkit --pattern "$RELEASE_PATTERN" + fi + echo -e "\e[0;32m[QLT]\e[0m Unpacking QLT" + unzip $RELEASE_PATTERN + + if [ "$ADD_TO_PATH" == "true" ] + then + echo -e "\e[0;32m[QLT]\e[0m Adding QLT '$(pwd)/qlt' to system path" + echo "$(pwd)" >> $GITHUB_PATH + fi + + echo -e "\e[0;32m[QLT]\e[0m Setting output parameter qlt-home to $(pwd)" + echo "qlt-home=$(pwd)" >> $GITHUB_OUTPUT + + popd + echo -e "\e[0;32m[QLT]\e[0m Done." diff --git a/.github/workflows/run-codeql-unit-tests-javascript.yml b/.github/workflows/run-codeql-unit-tests-javascript.yml new file mode 100644 index 000000000..b8627c4ce --- /dev/null +++ b/.github/workflows/run-codeql-unit-tests-javascript.yml @@ -0,0 +1,132 @@ +name: ⚙️ CodeQL - Run Unit Tests (javascript) + + +on: + push: + branches: + - '**' + pull_request: + branches: + - '**' + workflow_dispatch: + +jobs: + create-unit-test-matrix: + name: Create CodeQL Unit Test Matrix + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Install QLT + id: install-qlt + uses: ./.github/actions/install-qlt + with: + qlt-version: 'latest' + add-to-path: true + token: ${{ secrets.ACCESS_TOKEN }} + + - name: Export unit test matrix + id: export-unit-test-matrix + run: | + qlt test run get-matrix --os-version ubuntu-latest + + run-test-suites: + name: Run Unit Tests + needs: create-unit-test-matrix + + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: ${{ fromJSON(needs.create-unit-test-matrix.outputs.matrix) }} + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Install QLT + id: install-qlt + uses: ./.github/actions/install-qlt + with: + qlt-version: 'latest' + add-to-path: true + token: ${{ secrets.ACCESS_TOKEN }} + + - name: Install CodeQL + id: install-codeql + uses: ./.github/actions/install-codeql + with: + codeql-cli-version: ${{ matrix.codeql_cli }} + codeql-stdlib-version: ${{ matrix.codeql_standard_library }} + add-to-path: true + + - name: Verify Versions of Tooling + shell: bash + run: | + echo "CodeQL Home: ${{ steps.install-codeql.outputs.codeql-home }}" + echo -e "Checking CodeQL Version:" + codeql --version + + echo -e "Checking QLT Version:" + echo "QLT Home: ${{ steps.install-qlt.outputs.qlt-home }}" + qlt version + + - name: Install QL Packs + shell: bash + run: | + qlt query run install-packs + + - name: Run test suites + id: run-test-suites + env: + RUNNER_OS: ${{ runner.os }} + CODEQL_CLI: ${{ matrix.codeql_cli }} + CODEQL_STDLIB: ${{ matrix.codeql_standard_library }} + CODEQL_STDLIB_IDENT: ${{matrix.codeql_standard_library_ident}} + RUNNER_TMP: ${{ runner.temp }} + LGTM_INDEX_XML_MODE: all + + shell: bash + run: > + qlt test run execute-unit-tests + --codeql-args "--threads=0 --strict-test-discovery" + --num-threads 2 + --language javascript + --runner-os $RUNNER_OS + --work-dir $RUNNER_TMP + + - name: Upload test results + uses: actions/upload-artifact@v2 + with: + name: test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} + path: | + ${{ runner.temp }}/test_report_${{ runner.os }}_${{ matrix.codeql_cli }}_${{ matrix.codeql_standard_library_ident }}_slice_*.json + if-no-files-found: error + + validate-test-results: + name: Validate test results + needs: [run-test-suites] + runs-on: ubuntu-latest + steps: + + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Install QLT + id: install-qlt + uses: ./.github/actions/install-qlt + with: + qlt-version: 'latest' + add-to-path: true + token: ${{ secrets.ACCESS_TOKEN }} + + + - name: Collect test results + uses: actions/download-artifact@v2 + + - name: Validate test results + run: | + qlt test run validate-unit-tests --pretty-print --results-directory . >> $GITHUB_STEP_SUMMARY + qlt test run validate-unit-tests --results-directory . diff --git a/codeql-workspace.yml b/codeql-workspace.yml index 95b958985..26362dc07 100644 --- a/codeql-workspace.yml +++ b/codeql-workspace.yml @@ -1,2 +1,3 @@ provide: - - "**/qlpack.yml" + - '**/qlpack.yml' + - '**/codeql-workspace.yml' \ No newline at end of file diff --git a/src/queries/UI5Clickjacking.md b/javascript/javascript-sap-ui5-queries/src/UI5Clickjacking/UI5Clickjacking.md similarity index 100% rename from src/queries/UI5Clickjacking.md rename to javascript/javascript-sap-ui5-queries/src/UI5Clickjacking/UI5Clickjacking.md diff --git a/src/queries/UI5Clickjacking.ql b/javascript/javascript-sap-ui5-queries/src/UI5Clickjacking/UI5Clickjacking.ql similarity index 100% rename from src/queries/UI5Clickjacking.ql rename to javascript/javascript-sap-ui5-queries/src/UI5Clickjacking/UI5Clickjacking.ql diff --git a/src/queries/UI5LogInjection.md b/javascript/javascript-sap-ui5-queries/src/UI5LogInjection/UI5LogInjection.md similarity index 100% rename from src/queries/UI5LogInjection.md rename to javascript/javascript-sap-ui5-queries/src/UI5LogInjection/UI5LogInjection.md diff --git a/src/queries/UI5LogInjection.ql b/javascript/javascript-sap-ui5-queries/src/UI5LogInjection/UI5LogInjection.ql similarity index 100% rename from src/queries/UI5LogInjection.ql rename to javascript/javascript-sap-ui5-queries/src/UI5LogInjection/UI5LogInjection.ql diff --git a/src/queries/UI5Xss.md b/javascript/javascript-sap-ui5-queries/src/UI5Xss/UI5Xss.md similarity index 100% rename from src/queries/UI5Xss.md rename to javascript/javascript-sap-ui5-queries/src/UI5Xss/UI5Xss.md diff --git a/src/queries/UI5Xss.ql b/javascript/javascript-sap-ui5-queries/src/UI5Xss/UI5Xss.ql similarity index 99% rename from src/queries/UI5Xss.ql rename to javascript/javascript-sap-ui5-queries/src/UI5Xss/UI5Xss.ql index 10d1da302..b4058c770 100644 --- a/src/queries/UI5Xss.ql +++ b/javascript/javascript-sap-ui5-queries/src/UI5Xss/UI5Xss.ql @@ -13,7 +13,7 @@ */ import javascript -import models.UI5DataFlow +import models.UI5DataFlow import models.UI5DataFlow::UI5PathGraph import semmle.javascript.security.dataflow.DomBasedXssQuery as DomBasedXss diff --git a/javascript/javascript-sap-ui5-queries/src/codeql-pack.lock.yml b/javascript/javascript-sap-ui5-queries/src/codeql-pack.lock.yml new file mode 100644 index 000000000..530042745 --- /dev/null +++ b/javascript/javascript-sap-ui5-queries/src/codeql-pack.lock.yml @@ -0,0 +1,4 @@ +--- +lockVersion: 1.0.0 +dependencies: {} +compiled: false diff --git a/src/models/UI5.qll b/javascript/javascript-sap-ui5-queries/src/models/UI5.qll similarity index 99% rename from src/models/UI5.qll rename to javascript/javascript-sap-ui5-queries/src/models/UI5.qll index b2c40cfb6..e1815c5dc 100644 --- a/src/models/UI5.qll +++ b/javascript/javascript-sap-ui5-queries/src/models/UI5.qll @@ -1,4 +1,4 @@ -private import javascript +private import javascript private import DataFlow private import semmle.javascript.security.dataflow.DomBasedXssCustomizations private import UI5View diff --git a/src/models/UI5AMDModule.qll b/javascript/javascript-sap-ui5-queries/src/models/UI5AMDModule.qll similarity index 100% rename from src/models/UI5AMDModule.qll rename to javascript/javascript-sap-ui5-queries/src/models/UI5AMDModule.qll diff --git a/src/models/UI5DataFlow.qll b/javascript/javascript-sap-ui5-queries/src/models/UI5DataFlow.qll similarity index 100% rename from src/models/UI5DataFlow.qll rename to javascript/javascript-sap-ui5-queries/src/models/UI5DataFlow.qll diff --git a/src/models/UI5HTML.qll b/javascript/javascript-sap-ui5-queries/src/models/UI5HTML.qll similarity index 100% rename from src/models/UI5HTML.qll rename to javascript/javascript-sap-ui5-queries/src/models/UI5HTML.qll diff --git a/src/models/UI5View.qll b/javascript/javascript-sap-ui5-queries/src/models/UI5View.qll similarity index 100% rename from src/models/UI5View.qll rename to javascript/javascript-sap-ui5-queries/src/models/UI5View.qll diff --git a/src/qlpack.yml b/javascript/javascript-sap-ui5-queries/src/qlpack.yml similarity index 100% rename from src/qlpack.yml rename to javascript/javascript-sap-ui5-queries/src/qlpack.yml diff --git a/test/queries/README.md b/javascript/javascript-sap-ui5-queries/test/README.md similarity index 56% rename from test/queries/README.md rename to javascript/javascript-sap-ui5-queries/test/README.md index 47ef3127c..e88c997ae 100644 --- a/test/queries/README.md +++ b/javascript/javascript-sap-ui5-queries/test/README.md @@ -2,102 +2,102 @@ Eamples can be run locally using [UI5 tooling](https://sap.github.io/ui5-tooling/stable/) ## UiI5 XSS -### [avoid-duplicate-alerts](xss/avoid-duplicate-alerts) +### [avoid-duplicate-alerts](UI5Xss/avoid-duplicate-alerts) - only reportin alerts that are specific to UI5 -### [xss-book-example](xss/xss-book-example) +### [xss-book-example](UI5Xss/xss-book-example) - custom Control - classic string-based API - `renderer` property is set to a render function -### [xss-custom-control-api1](xss/xss-custom-control-api1) +### [xss-custom-control-api1](UI5Xss/xss-custom-control-api1) - custom Control - accessing Control properties byId -### [xss-custom-control-api2](xss/xss-custom-control-api2) +### [xss-custom-control-api2](UI5Xss/xss-custom-control-api2) - custom Control - DOM-like API - `renderer` property is set to an object literal -### [xss-custom-control-jquery](xss/xss-custom-control-jquery) +### [xss-custom-control-jquery](UI5Xss/xss-custom-control-jquery) - custom Control declared using JQuery -### [xss-custom-control-property-sanitized](xss/xss-custom-control-property-sanitized) +### [xss-custom-control-property-sanitized](UI5Xss/xss-custom-control-property-sanitized) - custom Control - DOM-like API - the type of the control property `text` is set to `int` (sanitized) - the sanitizer is not affecting the log-injection -### [xss-custom-control-sanitized](xss/xss-custom-control-sanitized) +### [xss-custom-control-sanitized](UI5Xss/xss-custom-control-sanitized) - custom Control - DOM-like API - the value of `text` is sanitized using `sap/base/security/encodeXML` -### [xss-event-handlers](xss/xss-event-handlers) +### [xss-event-handlers](UI5Xss/xss-event-handlers) User input flows to XSS sinks via event handlers in 4 different ways: 1. function `sap.ui.model.Model#getProperty` 2. model property passed as handler parameter 3. function `sap.ui.base.Event#getSource#getValue` 4. accessing properties byId -### [xss-html-control](xss/xss-html-control) +### [xss-html-control](UI5Xss/xss-html-control) - `sap.ui.core.HTML` Control -### [xss-html-control-df](xss/xss-html-control-df) +### [xss-html-control-df](UI5Xss/xss-html-control-df) - `sap.ui.core.HTML` Control - dataflow in the controller -### [xss-html-control-oneway](xss/xss-html-control-oneway) +### [xss-html-control-oneway](UI5Xss/xss-html-control-oneway) - `sap.ui.core.HTML` Control - one-way binding makes the xss fail -### [xss-html-external-model](xss/xss-html-external-model) +### [xss-html-external-model](UI5Xss/xss-html-external-model) - `sap.ui.core.HTML` Control - controller model as external `.json` file -### [xss-html-view](xss/xss-html-view) +### [xss-html-view](UI5Xss/xss-html-view) - `sap.ui.core.mvc.HTMLView` View - -### [xss-indirect-control](xss/xss-indirect-control) +### [xss-indirect-control](UI5Xss/xss-indirect-control) - control accessed indirectly -### [xss-js-view](xss/xss-js-view) +### [xss-js-view](UI5Xss/xss-js-view) - `sap.ui.core.mvc.JSView` View -### [xss-json-view](xss/xss-json-view) +### [xss-json-view](UI5Xss/xss-json-view) - `sap.ui.core.mvc.JSONView` View -### [xss-separate-renderer](xss/xss-separate-renderer) +### [xss-separate-renderer](UI5Xss/xss-separate-renderer) - `renderer` property is set to a class name (a string) - Renderer implemented in it's own module -### [xss-webc-control](xss/xss-webc-control) +### [xss-webc-control](UI5Xss/xss-webc-control) - Uses the `sap.ui.webc.main.MultiInput` control ## UiI5 Log-Injection -### [avoid-duplicate-alerts](log-injection/avoid-duplicate-alerts) +### [avoid-duplicate-alerts](UI5LogInjection/avoid-duplicate-alerts) - only reportin alerts that are specific to UI5 -### [log-html-control-df](log-injection/log-html-control-df) +### [log-html-control-df](UI5LogInjection/log-html-control-df) - `sap.ui.core.HTML` Control - dataflow in the controller -### [log-custom-control-property-sanitized](log-injection/log-custom-control-property-sanitized) +### [log-custom-control-property-sanitized](UI5LogInjection/log-custom-control-property-sanitized) - custom Control - DOM-like API - the type of the control property `text` is set to `int` (sanitized) - the sanitizer is not affecting the log-injection -### [log-custom-control-sanitized](log-injection/log-custom-control-sanitized) +### [log-custom-control-sanitized](UI5LogInjection/log-custom-control-sanitized) - the value of `text` is sanitized using `sap/base/security/encodeXML` - the sanitizer is not affecting the log-injection ## UiI5 Clickjacking -### [clickjacking-allow-all](clickjacking/clickjacking-allow-all) +### [clickjacking-allow-all](UI5Clickjacking/clickjacking-allow-all) - frameOptions = `allow` -### [clickjacking-default-all](clickjacking/clickjacking-default-all) +### [clickjacking-default-all](UI5Clickjacking/clickjacking-default-all) - `frameOptions` not set -### [clickjacking-deny-all](clickjacking/clickjacking-deny-all) +### [clickjacking-deny-all](UI5Clickjacking/clickjacking-deny-all) - frameOptions = `deny` diff --git a/test/queries/clickjacking/UI5Clickjacking.expected b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/UI5Clickjacking.expected similarity index 100% rename from test/queries/clickjacking/UI5Clickjacking.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/UI5Clickjacking.expected diff --git a/test/queries/clickjacking/UI5Clickjacking.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/UI5Clickjacking.qlref similarity index 100% rename from test/queries/clickjacking/UI5Clickjacking.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/UI5Clickjacking.qlref diff --git a/test/queries/clickjacking/clickjacking-allow-all/UI5Clickjacking.expected b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/UI5Clickjacking.expected similarity index 100% rename from test/queries/clickjacking/clickjacking-allow-all/UI5Clickjacking.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/UI5Clickjacking.expected diff --git a/test/queries/clickjacking/clickjacking-allow-all/UI5Clickjacking.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/UI5Clickjacking.qlref similarity index 100% rename from test/queries/clickjacking/clickjacking-allow-all/UI5Clickjacking.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/UI5Clickjacking.qlref diff --git a/test/queries/clickjacking/clickjacking-allow-all/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/index.html similarity index 100% rename from test/queries/clickjacking/clickjacking-allow-all/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/index.html diff --git a/test/queries/clickjacking/clickjacking-allow-all/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/ui5.yaml similarity index 100% rename from test/queries/clickjacking/clickjacking-allow-all/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/ui5.yaml diff --git a/test/queries/clickjacking/clickjacking-default-all/UI5Clickjacking.expected b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-default-all/UI5Clickjacking.expected similarity index 100% rename from test/queries/clickjacking/clickjacking-default-all/UI5Clickjacking.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-default-all/UI5Clickjacking.expected diff --git a/test/queries/clickjacking/clickjacking-default-all/UI5Clickjacking.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-default-all/UI5Clickjacking.qlref similarity index 100% rename from test/queries/clickjacking/clickjacking-default-all/UI5Clickjacking.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-default-all/UI5Clickjacking.qlref diff --git a/test/queries/clickjacking/clickjacking-default-all/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-default-all/index.html similarity index 100% rename from test/queries/clickjacking/clickjacking-default-all/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-default-all/index.html diff --git a/test/queries/clickjacking/clickjacking-default-all/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-default-all/ui5.yaml similarity index 100% rename from test/queries/clickjacking/clickjacking-default-all/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-default-all/ui5.yaml diff --git a/test/queries/clickjacking/clickjacking-deny-all/UI5Clickjacking.expected b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-deny-all/UI5Clickjacking.expected similarity index 100% rename from test/queries/clickjacking/clickjacking-deny-all/UI5Clickjacking.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-deny-all/UI5Clickjacking.expected diff --git a/test/queries/clickjacking/clickjacking-deny-all/UI5Clickjacking.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-deny-all/UI5Clickjacking.qlref similarity index 100% rename from test/queries/clickjacking/clickjacking-deny-all/UI5Clickjacking.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-deny-all/UI5Clickjacking.qlref diff --git a/test/queries/clickjacking/clickjacking-deny-all/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-deny-all/index.html similarity index 100% rename from test/queries/clickjacking/clickjacking-deny-all/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-deny-all/index.html diff --git a/test/queries/clickjacking/clickjacking-deny-all/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-deny-all/ui5.yaml similarity index 100% rename from test/queries/clickjacking/clickjacking-deny-all/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-deny-all/ui5.yaml diff --git a/test/queries/log-injection/avoid-duplicate-alerts/LogInjection.expected b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/LogInjection.expected similarity index 100% rename from test/queries/log-injection/avoid-duplicate-alerts/LogInjection.expected rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/LogInjection.expected diff --git a/test/queries/log-injection/avoid-duplicate-alerts/LogInjection.qlref b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/LogInjection.qlref similarity index 100% rename from test/queries/log-injection/avoid-duplicate-alerts/LogInjection.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/LogInjection.qlref diff --git a/test/queries/log-injection/avoid-duplicate-alerts/LogInjectionTest.js b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js similarity index 100% rename from test/queries/log-injection/avoid-duplicate-alerts/LogInjectionTest.js rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/LogInjectionTest.js diff --git a/test/queries/log-injection/avoid-duplicate-alerts/UI5LogInjection.expected b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/UI5LogInjection.expected similarity index 100% rename from test/queries/log-injection/avoid-duplicate-alerts/UI5LogInjection.expected rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/UI5LogInjection.expected diff --git a/test/queries/log-injection/avoid-duplicate-alerts/UI5LogInjection.qlref b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/UI5LogInjection.qlref similarity index 100% rename from test/queries/log-injection/avoid-duplicate-alerts/UI5LogInjection.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/UI5LogInjection.qlref diff --git a/test/queries/log-injection/log-custom-control-property-sanitized/UI5LogInjection.expected b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/UI5LogInjection.expected similarity index 100% rename from test/queries/log-injection/log-custom-control-property-sanitized/UI5LogInjection.expected rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/UI5LogInjection.expected diff --git a/test/queries/log-injection/log-custom-control-property-sanitized/UI5LogInjection.qlref b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/UI5LogInjection.qlref similarity index 100% rename from test/queries/log-injection/log-custom-control-property-sanitized/UI5LogInjection.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/UI5LogInjection.qlref diff --git a/test/queries/log-injection/log-custom-control-property-sanitized/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/package-lock.json similarity index 100% rename from test/queries/log-injection/log-custom-control-property-sanitized/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/package-lock.json diff --git a/test/queries/log-injection/log-custom-control-property-sanitized/package.json b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/package.json similarity index 100% rename from test/queries/log-injection/log-custom-control-property-sanitized/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/package.json diff --git a/test/queries/log-injection/log-custom-control-property-sanitized/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/ui5.yaml similarity index 100% rename from test/queries/log-injection/log-custom-control-property-sanitized/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/ui5.yaml diff --git a/test/queries/log-injection/log-custom-control-property-sanitized/webapp/control/xss.js b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/webapp/control/xss.js similarity index 100% rename from test/queries/log-injection/log-custom-control-property-sanitized/webapp/control/xss.js rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/webapp/control/xss.js diff --git a/test/queries/log-injection/log-custom-control-property-sanitized/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/webapp/controller/app.controller.js similarity index 100% rename from test/queries/log-injection/log-custom-control-property-sanitized/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/webapp/controller/app.controller.js diff --git a/test/queries/log-injection/log-custom-control-property-sanitized/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/webapp/index.html similarity index 100% rename from test/queries/log-injection/log-custom-control-property-sanitized/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/webapp/index.html diff --git a/test/queries/log-injection/log-custom-control-property-sanitized/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/webapp/index.js similarity index 100% rename from test/queries/log-injection/log-custom-control-property-sanitized/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/webapp/index.js diff --git a/test/queries/log-injection/log-custom-control-property-sanitized/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/webapp/manifest.json similarity index 100% rename from test/queries/log-injection/log-custom-control-property-sanitized/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/webapp/manifest.json diff --git a/test/queries/log-injection/log-custom-control-property-sanitized/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/webapp/view/app.view.xml similarity index 100% rename from test/queries/log-injection/log-custom-control-property-sanitized/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/webapp/view/app.view.xml diff --git a/test/queries/log-injection/log-custom-control-sanitized/UI5LogInjection.expected b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/UI5LogInjection.expected similarity index 100% rename from test/queries/log-injection/log-custom-control-sanitized/UI5LogInjection.expected rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/UI5LogInjection.expected diff --git a/test/queries/log-injection/log-custom-control-sanitized/UI5LogInjection.qlref b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/UI5LogInjection.qlref similarity index 100% rename from test/queries/log-injection/log-custom-control-sanitized/UI5LogInjection.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/UI5LogInjection.qlref diff --git a/test/queries/log-injection/log-custom-control-sanitized/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/package-lock.json similarity index 100% rename from test/queries/log-injection/log-custom-control-sanitized/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/package-lock.json diff --git a/test/queries/log-injection/log-custom-control-sanitized/package.json b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/package.json similarity index 100% rename from test/queries/log-injection/log-custom-control-sanitized/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/package.json diff --git a/test/queries/log-injection/log-custom-control-sanitized/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/ui5.yaml similarity index 100% rename from test/queries/log-injection/log-custom-control-sanitized/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/ui5.yaml diff --git a/test/queries/log-injection/log-custom-control-sanitized/webapp/control/xss.js b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js similarity index 100% rename from test/queries/log-injection/log-custom-control-sanitized/webapp/control/xss.js rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/webapp/control/xss.js diff --git a/test/queries/log-injection/log-custom-control-sanitized/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/webapp/controller/app.controller.js similarity index 100% rename from test/queries/log-injection/log-custom-control-sanitized/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/webapp/controller/app.controller.js diff --git a/test/queries/log-injection/log-custom-control-sanitized/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/webapp/index.html similarity index 100% rename from test/queries/log-injection/log-custom-control-sanitized/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/webapp/index.html diff --git a/test/queries/log-injection/log-custom-control-sanitized/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/webapp/index.js similarity index 100% rename from test/queries/log-injection/log-custom-control-sanitized/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/webapp/index.js diff --git a/test/queries/log-injection/log-custom-control-sanitized/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/webapp/manifest.json similarity index 100% rename from test/queries/log-injection/log-custom-control-sanitized/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/webapp/manifest.json diff --git a/test/queries/log-injection/log-custom-control-sanitized/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/webapp/view/app.view.xml similarity index 100% rename from test/queries/log-injection/log-custom-control-sanitized/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/webapp/view/app.view.xml diff --git a/test/queries/log-injection/log-html-control-df/UI5LogInjection.expected b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/UI5LogInjection.expected similarity index 100% rename from test/queries/log-injection/log-html-control-df/UI5LogInjection.expected rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/UI5LogInjection.expected diff --git a/test/queries/log-injection/log-html-control-df/UI5LogInjection.qlref b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/UI5LogInjection.qlref similarity index 100% rename from test/queries/log-injection/log-html-control-df/UI5LogInjection.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/UI5LogInjection.qlref diff --git a/test/queries/log-injection/log-html-control-df/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/package-lock.json similarity index 100% rename from test/queries/log-injection/log-html-control-df/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/package-lock.json diff --git a/test/queries/log-injection/log-html-control-df/package.json b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/package.json similarity index 100% rename from test/queries/log-injection/log-html-control-df/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/package.json diff --git a/test/queries/log-injection/log-html-control-df/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/ui5.yaml similarity index 100% rename from test/queries/log-injection/log-html-control-df/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/ui5.yaml diff --git a/test/queries/log-injection/log-html-control-df/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/webapp/controller/app.controller.js similarity index 100% rename from test/queries/log-injection/log-html-control-df/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/webapp/controller/app.controller.js diff --git a/test/queries/log-injection/log-html-control-df/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/webapp/index.html similarity index 100% rename from test/queries/log-injection/log-html-control-df/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/webapp/index.html diff --git a/test/queries/log-injection/log-html-control-df/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/webapp/index.js similarity index 100% rename from test/queries/log-injection/log-html-control-df/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/webapp/index.js diff --git a/test/queries/log-injection/log-html-control-df/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/webapp/manifest.json similarity index 100% rename from test/queries/log-injection/log-html-control-df/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/webapp/manifest.json diff --git a/test/queries/log-injection/log-html-control-df/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/webapp/view/app.view.xml similarity index 100% rename from test/queries/log-injection/log-html-control-df/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/webapp/view/app.view.xml diff --git a/test/queries/xss/avoid-duplicate-alerts/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/UI5Xss.expected similarity index 100% rename from test/queries/xss/avoid-duplicate-alerts/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/UI5Xss.expected diff --git a/test/queries/xss/avoid-duplicate-alerts/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/UI5Xss.qlref similarity index 100% rename from test/queries/xss/avoid-duplicate-alerts/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/UI5Xss.qlref diff --git a/test/queries/xss/avoid-duplicate-alerts/Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/Xss.expected similarity index 100% rename from test/queries/xss/avoid-duplicate-alerts/Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/Xss.expected diff --git a/test/queries/xss/avoid-duplicate-alerts/Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/Xss.qlref similarity index 100% rename from test/queries/xss/avoid-duplicate-alerts/Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/Xss.qlref diff --git a/test/queries/xss/avoid-duplicate-alerts/XssTest.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/XssTest.js similarity index 100% rename from test/queries/xss/avoid-duplicate-alerts/XssTest.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/XssTest.js diff --git a/test/queries/xss/xss-book-example/.eslintrc.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/.eslintrc.json similarity index 100% rename from test/queries/xss/xss-book-example/.eslintrc.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/.eslintrc.json diff --git a/test/queries/xss/xss-book-example/.npmrc b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/.npmrc similarity index 100% rename from test/queries/xss/xss-book-example/.npmrc rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/.npmrc diff --git a/test/queries/xss/xss-book-example/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-book-example/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/UI5Xss.expected diff --git a/test/queries/xss/xss-book-example/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-book-example/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/UI5Xss.qlref diff --git a/test/queries/xss/xss-book-example/diagram.drawio b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/diagram.drawio similarity index 100% rename from test/queries/xss/xss-book-example/diagram.drawio rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/diagram.drawio diff --git a/test/queries/xss/xss-book-example/diagram.svg b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/diagram.svg similarity index 100% rename from test/queries/xss/xss-book-example/diagram.svg rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/diagram.svg diff --git a/test/queries/xss/xss-book-example/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/package-lock.json similarity index 100% rename from test/queries/xss/xss-book-example/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/package-lock.json diff --git a/test/queries/xss/xss-book-example/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/package.json similarity index 100% rename from test/queries/xss/xss-book-example/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/package.json diff --git a/test/queries/xss/xss-book-example/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/ui5.yaml similarity index 100% rename from test/queries/xss/xss-book-example/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/ui5.yaml diff --git a/test/queries/xss/xss-book-example/webapp/Component.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/Component.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/Component.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/Component.js diff --git a/test/queries/xss/xss-book-example/webapp/controller/App.Controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/controller/App.Controller.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/controller/App.Controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/controller/App.Controller.js diff --git a/test/queries/xss/xss-book-example/webapp/controls/Book.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/controls/Book.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/controls/Book.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/controls/Book.js diff --git a/test/queries/xss/xss-book-example/webapp/css/styles.css b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/css/styles.css similarity index 100% rename from test/queries/xss/xss-book-example/webapp/css/styles.css rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/css/styles.css diff --git a/test/queries/xss/xss-book-example/webapp/i18n/i18n.properties b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/i18n/i18n.properties similarity index 100% rename from test/queries/xss/xss-book-example/webapp/i18n/i18n.properties rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/i18n/i18n.properties diff --git a/test/queries/xss/xss-book-example/webapp/i18n/i18n_de.properties b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/i18n/i18n_de.properties similarity index 100% rename from test/queries/xss/xss-book-example/webapp/i18n/i18n_de.properties rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/i18n/i18n_de.properties diff --git a/test/queries/xss/xss-book-example/webapp/i18n/i18n_en.properties b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/i18n/i18n_en.properties similarity index 100% rename from test/queries/xss/xss-book-example/webapp/i18n/i18n_en.properties rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/i18n/i18n_en.properties diff --git a/test/queries/xss/xss-book-example/webapp/img/logo_ui5.png b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/img/logo_ui5.png similarity index 100% rename from test/queries/xss/xss-book-example/webapp/img/logo_ui5.png rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/img/logo_ui5.png diff --git a/test/queries/xss/xss-book-example/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/index.html similarity index 100% rename from test/queries/xss/xss-book-example/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/index.html diff --git a/test/queries/xss/xss-book-example/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-book-example/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/manifest.json diff --git a/test/queries/xss/xss-book-example/webapp/model/todoitems.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/model/todoitems.json similarity index 100% rename from test/queries/xss/xss-book-example/webapp/model/todoitems.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/model/todoitems.json diff --git a/test/queries/xss/xss-book-example/webapp/test/integration/AllJourneys.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/AllJourneys.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/integration/AllJourneys.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/AllJourneys.js diff --git a/test/queries/xss/xss-book-example/webapp/test/integration/FilterJourney.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/FilterJourney.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/integration/FilterJourney.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/FilterJourney.js diff --git a/test/queries/xss/xss-book-example/webapp/test/integration/SearchJourney.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/SearchJourney.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/integration/SearchJourney.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/SearchJourney.js diff --git a/test/queries/xss/xss-book-example/webapp/test/integration/TodoListJourney.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/TodoListJourney.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/integration/TodoListJourney.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/TodoListJourney.js diff --git a/test/queries/xss/xss-book-example/webapp/test/integration/arrangements/Startup.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/arrangements/Startup.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/integration/arrangements/Startup.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/arrangements/Startup.js diff --git a/test/queries/xss/xss-book-example/webapp/test/integration/opaTests.qunit.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/opaTests.qunit.html similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/integration/opaTests.qunit.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/opaTests.qunit.html diff --git a/test/queries/xss/xss-book-example/webapp/test/integration/opaTests.qunit.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/opaTests.qunit.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/integration/opaTests.qunit.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/opaTests.qunit.js diff --git a/test/queries/xss/xss-book-example/webapp/test/integration/pages/App.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/pages/App.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/integration/pages/App.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/integration/pages/App.js diff --git a/test/queries/xss/xss-book-example/webapp/test/testsuite.qunit.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/testsuite.qunit.html similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/testsuite.qunit.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/testsuite.qunit.html diff --git a/test/queries/xss/xss-book-example/webapp/test/testsuite.qunit.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/testsuite.qunit.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/testsuite.qunit.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/testsuite.qunit.js diff --git a/test/queries/xss/xss-book-example/webapp/test/unit/AllTests.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/unit/AllTests.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/unit/AllTests.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/unit/AllTests.js diff --git a/test/queries/xss/xss-book-example/webapp/test/unit/controller/App.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/unit/controller/App.controller.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/unit/controller/App.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/unit/controller/App.controller.js diff --git a/test/queries/xss/xss-book-example/webapp/test/unit/unitTests.qunit.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/unit/unitTests.qunit.html similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/unit/unitTests.qunit.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/unit/unitTests.qunit.html diff --git a/test/queries/xss/xss-book-example/webapp/test/unit/unitTests.qunit.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/unit/unitTests.qunit.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/test/unit/unitTests.qunit.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/test/unit/unitTests.qunit.js diff --git a/test/queries/xss/xss-book-example/webapp/util/Helper.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/util/Helper.js similarity index 100% rename from test/queries/xss/xss-book-example/webapp/util/Helper.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/util/Helper.js diff --git a/test/queries/xss/xss-book-example/webapp/view/App.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/view/App.view.xml similarity index 100% rename from test/queries/xss/xss-book-example/webapp/view/App.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/webapp/view/App.view.xml diff --git a/test/queries/xss/xss-custom-control-api1/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-custom-control-api1/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/UI5Xss.expected diff --git a/test/queries/xss/xss-custom-control-api1/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-custom-control-api1/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/UI5Xss.qlref diff --git a/test/queries/xss/xss-custom-control-api1/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/package-lock.json similarity index 100% rename from test/queries/xss/xss-custom-control-api1/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/package-lock.json diff --git a/test/queries/xss/xss-custom-control-api1/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/package.json similarity index 100% rename from test/queries/xss/xss-custom-control-api1/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/package.json diff --git a/test/queries/xss/xss-custom-control-api1/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/ui5.yaml similarity index 100% rename from test/queries/xss/xss-custom-control-api1/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/ui5.yaml diff --git a/test/queries/xss/xss-custom-control-api1/webapp/control/xss.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/webapp/control/xss.js similarity index 100% rename from test/queries/xss/xss-custom-control-api1/webapp/control/xss.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/webapp/control/xss.js diff --git a/test/queries/xss/xss-custom-control-api1/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-custom-control-api1/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-custom-control-api1/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/webapp/index.html similarity index 100% rename from test/queries/xss/xss-custom-control-api1/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/webapp/index.html diff --git a/test/queries/xss/xss-custom-control-api1/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/webapp/index.js similarity index 100% rename from test/queries/xss/xss-custom-control-api1/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/webapp/index.js diff --git a/test/queries/xss/xss-custom-control-api1/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-custom-control-api1/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/webapp/manifest.json diff --git a/test/queries/xss/xss-custom-control-api1/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-custom-control-api1/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-custom-control-api2/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-custom-control-api2/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/UI5Xss.expected diff --git a/test/queries/xss/xss-custom-control-api2/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-custom-control-api2/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/UI5Xss.qlref diff --git a/test/queries/xss/xss-custom-control-api2/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/package-lock.json similarity index 100% rename from test/queries/xss/xss-custom-control-api2/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/package-lock.json diff --git a/test/queries/xss/xss-custom-control-api2/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/package.json similarity index 100% rename from test/queries/xss/xss-custom-control-api2/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/package.json diff --git a/test/queries/xss/xss-custom-control-api2/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/ui5.yaml similarity index 100% rename from test/queries/xss/xss-custom-control-api2/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/ui5.yaml diff --git a/test/queries/xss/xss-custom-control-api2/webapp/control/xss.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/webapp/control/xss.js similarity index 100% rename from test/queries/xss/xss-custom-control-api2/webapp/control/xss.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/webapp/control/xss.js diff --git a/test/queries/xss/xss-custom-control-api2/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-custom-control-api2/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-custom-control-api2/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/webapp/index.html similarity index 100% rename from test/queries/xss/xss-custom-control-api2/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/webapp/index.html diff --git a/test/queries/xss/xss-custom-control-api2/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/webapp/index.js similarity index 100% rename from test/queries/xss/xss-custom-control-api2/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/webapp/index.js diff --git a/test/queries/xss/xss-custom-control-api2/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-custom-control-api2/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/webapp/manifest.json diff --git a/test/queries/xss/xss-custom-control-api2/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-custom-control-api2/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-custom-control-jquery/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-custom-control-jquery/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/UI5Xss.expected diff --git a/test/queries/xss/xss-custom-control-jquery/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-custom-control-jquery/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/UI5Xss.qlref diff --git a/test/queries/xss/xss-custom-control-jquery/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/package-lock.json similarity index 100% rename from test/queries/xss/xss-custom-control-jquery/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/package-lock.json diff --git a/test/queries/xss/xss-custom-control-jquery/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/package.json similarity index 100% rename from test/queries/xss/xss-custom-control-jquery/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/package.json diff --git a/test/queries/xss/xss-custom-control-jquery/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/ui5.yaml similarity index 100% rename from test/queries/xss/xss-custom-control-jquery/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/ui5.yaml diff --git a/test/queries/xss/xss-custom-control-jquery/webapp/control/xss.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/webapp/control/xss.js similarity index 100% rename from test/queries/xss/xss-custom-control-jquery/webapp/control/xss.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/webapp/control/xss.js diff --git a/test/queries/xss/xss-custom-control-jquery/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-custom-control-jquery/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-custom-control-jquery/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/webapp/index.html similarity index 100% rename from test/queries/xss/xss-custom-control-jquery/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/webapp/index.html diff --git a/test/queries/xss/xss-custom-control-jquery/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/webapp/index.js similarity index 100% rename from test/queries/xss/xss-custom-control-jquery/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/webapp/index.js diff --git a/test/queries/xss/xss-custom-control-jquery/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-custom-control-jquery/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/webapp/manifest.json diff --git a/test/queries/xss/xss-custom-control-jquery/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-custom-control-jquery/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-custom-control-property-sanitized/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-custom-control-property-sanitized/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/UI5Xss.expected diff --git a/test/queries/xss/xss-custom-control-property-sanitized/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-custom-control-property-sanitized/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/UI5Xss.qlref diff --git a/test/queries/xss/xss-custom-control-property-sanitized/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/package-lock.json similarity index 100% rename from test/queries/xss/xss-custom-control-property-sanitized/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/package-lock.json diff --git a/test/queries/xss/xss-custom-control-property-sanitized/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/package.json similarity index 100% rename from test/queries/xss/xss-custom-control-property-sanitized/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/package.json diff --git a/test/queries/xss/xss-custom-control-property-sanitized/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/ui5.yaml similarity index 100% rename from test/queries/xss/xss-custom-control-property-sanitized/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/ui5.yaml diff --git a/test/queries/xss/xss-custom-control-property-sanitized/webapp/control/xss.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/webapp/control/xss.js similarity index 100% rename from test/queries/xss/xss-custom-control-property-sanitized/webapp/control/xss.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/webapp/control/xss.js diff --git a/test/queries/xss/xss-custom-control-property-sanitized/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-custom-control-property-sanitized/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-custom-control-property-sanitized/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/webapp/index.html similarity index 100% rename from test/queries/xss/xss-custom-control-property-sanitized/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/webapp/index.html diff --git a/test/queries/xss/xss-custom-control-property-sanitized/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/webapp/index.js similarity index 100% rename from test/queries/xss/xss-custom-control-property-sanitized/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/webapp/index.js diff --git a/test/queries/xss/xss-custom-control-property-sanitized/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-custom-control-property-sanitized/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/webapp/manifest.json diff --git a/test/queries/xss/xss-custom-control-property-sanitized/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-custom-control-property-sanitized/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-custom-control-sanitized/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-custom-control-sanitized/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/UI5Xss.expected diff --git a/test/queries/xss/xss-custom-control-sanitized/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-custom-control-sanitized/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/UI5Xss.qlref diff --git a/test/queries/xss/xss-custom-control-sanitized/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/package-lock.json similarity index 100% rename from test/queries/xss/xss-custom-control-sanitized/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/package-lock.json diff --git a/test/queries/xss/xss-custom-control-sanitized/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/package.json similarity index 100% rename from test/queries/xss/xss-custom-control-sanitized/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/package.json diff --git a/test/queries/xss/xss-custom-control-sanitized/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/ui5.yaml similarity index 100% rename from test/queries/xss/xss-custom-control-sanitized/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/ui5.yaml diff --git a/test/queries/xss/xss-custom-control-sanitized/webapp/control/xss.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/webapp/control/xss.js similarity index 100% rename from test/queries/xss/xss-custom-control-sanitized/webapp/control/xss.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/webapp/control/xss.js diff --git a/test/queries/xss/xss-custom-control-sanitized/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-custom-control-sanitized/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-custom-control-sanitized/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/webapp/index.html similarity index 100% rename from test/queries/xss/xss-custom-control-sanitized/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/webapp/index.html diff --git a/test/queries/xss/xss-custom-control-sanitized/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/webapp/index.js similarity index 100% rename from test/queries/xss/xss-custom-control-sanitized/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/webapp/index.js diff --git a/test/queries/xss/xss-custom-control-sanitized/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-custom-control-sanitized/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/webapp/manifest.json diff --git a/test/queries/xss/xss-custom-control-sanitized/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-custom-control-sanitized/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-event-handlers/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-event-handlers/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/UI5Xss.expected diff --git a/test/queries/xss/xss-event-handlers/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-event-handlers/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/UI5Xss.qlref diff --git a/test/queries/xss/xss-event-handlers/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/package-lock.json similarity index 100% rename from test/queries/xss/xss-event-handlers/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/package-lock.json diff --git a/test/queries/xss/xss-event-handlers/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/package.json similarity index 100% rename from test/queries/xss/xss-event-handlers/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/package.json diff --git a/test/queries/xss/xss-event-handlers/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/ui5.yaml similarity index 100% rename from test/queries/xss/xss-event-handlers/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/ui5.yaml diff --git a/test/queries/xss/xss-event-handlers/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-event-handlers/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-event-handlers/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/webapp/index.html similarity index 100% rename from test/queries/xss/xss-event-handlers/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/webapp/index.html diff --git a/test/queries/xss/xss-event-handlers/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/webapp/index.js similarity index 100% rename from test/queries/xss/xss-event-handlers/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/webapp/index.js diff --git a/test/queries/xss/xss-event-handlers/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-event-handlers/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/webapp/manifest.json diff --git a/test/queries/xss/xss-event-handlers/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-event-handlers/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-html-control-df/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-html-control-df/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/UI5Xss.expected diff --git a/test/queries/xss/xss-html-control-df/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-html-control-df/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/UI5Xss.qlref diff --git a/test/queries/xss/xss-html-control-df/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/package-lock.json similarity index 100% rename from test/queries/xss/xss-html-control-df/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/package-lock.json diff --git a/test/queries/xss/xss-html-control-df/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/package.json similarity index 100% rename from test/queries/xss/xss-html-control-df/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/package.json diff --git a/test/queries/xss/xss-html-control-df/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/ui5.yaml similarity index 100% rename from test/queries/xss/xss-html-control-df/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/ui5.yaml diff --git a/test/queries/xss/xss-html-control-df/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-html-control-df/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-html-control-df/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/webapp/index.html similarity index 100% rename from test/queries/xss/xss-html-control-df/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/webapp/index.html diff --git a/test/queries/xss/xss-html-control-df/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/webapp/index.js similarity index 100% rename from test/queries/xss/xss-html-control-df/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/webapp/index.js diff --git a/test/queries/xss/xss-html-control-df/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-html-control-df/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/webapp/manifest.json diff --git a/test/queries/xss/xss-html-control-df/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-html-control-df/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-html-control-oneway/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-html-control-oneway/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/UI5Xss.expected diff --git a/test/queries/xss/xss-html-control-oneway/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-html-control-oneway/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/UI5Xss.qlref diff --git a/test/queries/xss/xss-html-control-oneway/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/package-lock.json similarity index 100% rename from test/queries/xss/xss-html-control-oneway/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/package-lock.json diff --git a/test/queries/xss/xss-html-control-oneway/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/package.json similarity index 100% rename from test/queries/xss/xss-html-control-oneway/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/package.json diff --git a/test/queries/xss/xss-html-control-oneway/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/ui5.yaml similarity index 100% rename from test/queries/xss/xss-html-control-oneway/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/ui5.yaml diff --git a/test/queries/xss/xss-html-control-oneway/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-html-control-oneway/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-html-control-oneway/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/webapp/index.html similarity index 100% rename from test/queries/xss/xss-html-control-oneway/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/webapp/index.html diff --git a/test/queries/xss/xss-html-control-oneway/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/webapp/index.js similarity index 100% rename from test/queries/xss/xss-html-control-oneway/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/webapp/index.js diff --git a/test/queries/xss/xss-html-control-oneway/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-html-control-oneway/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/webapp/manifest.json diff --git a/test/queries/xss/xss-html-control-oneway/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-html-control-oneway/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-html-control/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-html-control/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/UI5Xss.expected diff --git a/test/queries/xss/xss-html-control/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-html-control/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/UI5Xss.qlref diff --git a/test/queries/xss/xss-html-control/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/package-lock.json similarity index 100% rename from test/queries/xss/xss-html-control/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/package-lock.json diff --git a/test/queries/xss/xss-html-control/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/package.json similarity index 100% rename from test/queries/xss/xss-html-control/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/package.json diff --git a/test/queries/xss/xss-html-control/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/ui5.yaml similarity index 100% rename from test/queries/xss/xss-html-control/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/ui5.yaml diff --git a/test/queries/xss/xss-html-control/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-html-control/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-html-control/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/webapp/index.html similarity index 100% rename from test/queries/xss/xss-html-control/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/webapp/index.html diff --git a/test/queries/xss/xss-html-control/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/webapp/index.js similarity index 100% rename from test/queries/xss/xss-html-control/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/webapp/index.js diff --git a/test/queries/xss/xss-html-control/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-html-control/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/webapp/manifest.json diff --git a/test/queries/xss/xss-html-control/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-html-control/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-html-external-model/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-html-external-model/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/UI5Xss.expected diff --git a/test/queries/xss/xss-html-external-model/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-html-external-model/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/UI5Xss.qlref diff --git a/test/queries/xss/xss-html-external-model/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/package-lock.json similarity index 100% rename from test/queries/xss/xss-html-external-model/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/package-lock.json diff --git a/test/queries/xss/xss-html-external-model/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/package.json similarity index 100% rename from test/queries/xss/xss-html-external-model/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/package.json diff --git a/test/queries/xss/xss-html-external-model/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/ui5.yaml similarity index 100% rename from test/queries/xss/xss-html-external-model/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/ui5.yaml diff --git a/test/queries/xss/xss-html-external-model/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-html-external-model/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-html-external-model/webapp/controller/model.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/webapp/controller/model.json similarity index 100% rename from test/queries/xss/xss-html-external-model/webapp/controller/model.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/webapp/controller/model.json diff --git a/test/queries/xss/xss-html-external-model/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/webapp/index.html similarity index 100% rename from test/queries/xss/xss-html-external-model/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/webapp/index.html diff --git a/test/queries/xss/xss-html-external-model/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/webapp/index.js similarity index 100% rename from test/queries/xss/xss-html-external-model/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/webapp/index.js diff --git a/test/queries/xss/xss-html-external-model/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-html-external-model/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/webapp/manifest.json diff --git a/test/queries/xss/xss-html-external-model/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-html-external-model/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-html-view/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-html-view/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/UI5Xss.expected diff --git a/test/queries/xss/xss-html-view/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-html-view/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/UI5Xss.qlref diff --git a/test/queries/xss/xss-html-view/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/package-lock.json similarity index 100% rename from test/queries/xss/xss-html-view/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/package-lock.json diff --git a/test/queries/xss/xss-html-view/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/package.json similarity index 100% rename from test/queries/xss/xss-html-view/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/package.json diff --git a/test/queries/xss/xss-html-view/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/ui5.yaml similarity index 100% rename from test/queries/xss/xss-html-view/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/ui5.yaml diff --git a/test/queries/xss/xss-html-view/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-html-view/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-html-view/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/webapp/index.html similarity index 100% rename from test/queries/xss/xss-html-view/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/webapp/index.html diff --git a/test/queries/xss/xss-html-view/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/webapp/index.js similarity index 100% rename from test/queries/xss/xss-html-view/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/webapp/index.js diff --git a/test/queries/xss/xss-html-view/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-html-view/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/webapp/manifest.json diff --git a/test/models/binding_path/app.view.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/webapp/view/app.view.html similarity index 100% rename from test/models/binding_path/app.view.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/webapp/view/app.view.html diff --git a/test/queries/xss/xss-indirect-control/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-indirect-control/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/UI5Xss.expected diff --git a/test/queries/xss/xss-indirect-control/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-indirect-control/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/UI5Xss.qlref diff --git a/test/queries/xss/xss-indirect-control/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/package-lock.json similarity index 100% rename from test/queries/xss/xss-indirect-control/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/package-lock.json diff --git a/test/queries/xss/xss-indirect-control/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/package.json similarity index 100% rename from test/queries/xss/xss-indirect-control/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/package.json diff --git a/test/queries/xss/xss-indirect-control/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/ui5.yaml similarity index 100% rename from test/queries/xss/xss-indirect-control/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/ui5.yaml diff --git a/test/queries/xss/xss-indirect-control/webapp/control/xss.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/control/xss.js similarity index 100% rename from test/queries/xss/xss-indirect-control/webapp/control/xss.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/control/xss.js diff --git a/test/queries/xss/xss-indirect-control/webapp/control/xssBase.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/control/xssBase.js similarity index 100% rename from test/queries/xss/xss-indirect-control/webapp/control/xssBase.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/control/xssBase.js diff --git a/test/queries/xss/xss-indirect-control/webapp/control/xssRenderer.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/control/xssRenderer.js similarity index 100% rename from test/queries/xss/xss-indirect-control/webapp/control/xssRenderer.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/control/xssRenderer.js diff --git a/test/queries/xss/xss-indirect-control/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-indirect-control/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-indirect-control/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/index.html similarity index 100% rename from test/queries/xss/xss-indirect-control/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/index.html diff --git a/test/queries/xss/xss-indirect-control/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/index.js similarity index 100% rename from test/queries/xss/xss-indirect-control/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/index.js diff --git a/test/queries/xss/xss-indirect-control/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-indirect-control/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/manifest.json diff --git a/test/queries/xss/xss-indirect-control/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-indirect-control/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-js-view/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-js-view/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/UI5Xss.expected diff --git a/test/queries/xss/xss-js-view/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-js-view/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/UI5Xss.qlref diff --git a/test/queries/xss/xss-js-view/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/package-lock.json similarity index 100% rename from test/queries/xss/xss-js-view/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/package-lock.json diff --git a/test/queries/xss/xss-js-view/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/package.json similarity index 100% rename from test/queries/xss/xss-js-view/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/package.json diff --git a/test/queries/xss/xss-js-view/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/ui5.yaml similarity index 100% rename from test/queries/xss/xss-js-view/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/ui5.yaml diff --git a/test/queries/xss/xss-js-view/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-js-view/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-js-view/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/webapp/index.html similarity index 100% rename from test/queries/xss/xss-js-view/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/webapp/index.html diff --git a/test/queries/xss/xss-js-view/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/webapp/index.js similarity index 100% rename from test/queries/xss/xss-js-view/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/webapp/index.js diff --git a/test/queries/xss/xss-js-view/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-js-view/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/webapp/manifest.json diff --git a/test/models/binding_path/app.view.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/webapp/view/app.view.js similarity index 100% rename from test/models/binding_path/app.view.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/webapp/view/app.view.js diff --git a/test/queries/xss/xss-json-view/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-json-view/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/UI5Xss.expected diff --git a/test/queries/xss/xss-json-view/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-json-view/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/UI5Xss.qlref diff --git a/test/queries/xss/xss-json-view/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/package-lock.json similarity index 100% rename from test/queries/xss/xss-json-view/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/package-lock.json diff --git a/test/queries/xss/xss-json-view/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/package.json similarity index 100% rename from test/queries/xss/xss-json-view/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/package.json diff --git a/test/queries/xss/xss-json-view/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/ui5.yaml similarity index 100% rename from test/queries/xss/xss-json-view/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/ui5.yaml diff --git a/test/queries/xss/xss-json-view/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-json-view/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-json-view/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/webapp/index.html similarity index 100% rename from test/queries/xss/xss-json-view/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/webapp/index.html diff --git a/test/queries/xss/xss-json-view/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/webapp/index.js similarity index 100% rename from test/queries/xss/xss-json-view/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/webapp/index.js diff --git a/test/queries/xss/xss-json-view/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-json-view/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/webapp/manifest.json diff --git a/test/queries/xss/xss-json-view/webapp/view/app.view.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/webapp/view/app.view.json similarity index 100% rename from test/queries/xss/xss-json-view/webapp/view/app.view.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/webapp/view/app.view.json diff --git a/test/queries/xss/xss-separate-renderer-byname/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-separate-renderer-byname/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/UI5Xss.expected diff --git a/test/queries/xss/xss-separate-renderer-byname/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-separate-renderer-byname/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/UI5Xss.qlref diff --git a/test/queries/xss/xss-separate-renderer-byname/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/package-lock.json similarity index 100% rename from test/queries/xss/xss-separate-renderer-byname/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/package-lock.json diff --git a/test/queries/xss/xss-separate-renderer-byname/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/package.json similarity index 100% rename from test/queries/xss/xss-separate-renderer-byname/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/package.json diff --git a/test/queries/xss/xss-separate-renderer-byname/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/ui5.yaml similarity index 100% rename from test/queries/xss/xss-separate-renderer-byname/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/ui5.yaml diff --git a/test/queries/xss/xss-separate-renderer-byname/webapp/control/xss.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/control/xss.js similarity index 100% rename from test/queries/xss/xss-separate-renderer-byname/webapp/control/xss.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/control/xss.js diff --git a/test/queries/xss/xss-separate-renderer-byname/webapp/control/xssRenderer.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/control/xssRenderer.js similarity index 100% rename from test/queries/xss/xss-separate-renderer-byname/webapp/control/xssRenderer.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/control/xssRenderer.js diff --git a/test/queries/xss/xss-separate-renderer-byname/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-separate-renderer-byname/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-separate-renderer-byname/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/index.html similarity index 100% rename from test/queries/xss/xss-separate-renderer-byname/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/index.html diff --git a/test/queries/xss/xss-separate-renderer-byname/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/index.js similarity index 100% rename from test/queries/xss/xss-separate-renderer-byname/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/index.js diff --git a/test/queries/xss/xss-separate-renderer-byname/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-separate-renderer-byname/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/manifest.json diff --git a/test/queries/xss/xss-separate-renderer-byname/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-separate-renderer-byname/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-separate-renderer/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-separate-renderer/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/UI5Xss.expected diff --git a/test/queries/xss/xss-separate-renderer/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-separate-renderer/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/UI5Xss.qlref diff --git a/test/queries/xss/xss-separate-renderer/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/package-lock.json similarity index 100% rename from test/queries/xss/xss-separate-renderer/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/package-lock.json diff --git a/test/queries/xss/xss-separate-renderer/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/package.json similarity index 100% rename from test/queries/xss/xss-separate-renderer/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/package.json diff --git a/test/queries/xss/xss-separate-renderer/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/ui5.yaml similarity index 100% rename from test/queries/xss/xss-separate-renderer/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/ui5.yaml diff --git a/test/queries/xss/xss-separate-renderer/webapp/control/renderer.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/control/renderer.js similarity index 100% rename from test/queries/xss/xss-separate-renderer/webapp/control/renderer.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/control/renderer.js diff --git a/test/queries/xss/xss-separate-renderer/webapp/control/xss.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/control/xss.js similarity index 100% rename from test/queries/xss/xss-separate-renderer/webapp/control/xss.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/control/xss.js diff --git a/test/queries/xss/xss-separate-renderer/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-separate-renderer/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-separate-renderer/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/index.html similarity index 100% rename from test/queries/xss/xss-separate-renderer/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/index.html diff --git a/test/queries/xss/xss-separate-renderer/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/index.js similarity index 100% rename from test/queries/xss/xss-separate-renderer/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/index.js diff --git a/test/queries/xss/xss-separate-renderer/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-separate-renderer/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/manifest.json diff --git a/test/queries/xss/xss-separate-renderer/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-separate-renderer/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/webapp/view/app.view.xml diff --git a/test/queries/xss/xss-webc-control/UI5Xss.expected b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/UI5Xss.expected similarity index 100% rename from test/queries/xss/xss-webc-control/UI5Xss.expected rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/UI5Xss.expected diff --git a/test/queries/xss/xss-webc-control/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/UI5Xss.qlref similarity index 100% rename from test/queries/xss/xss-webc-control/UI5Xss.qlref rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/UI5Xss.qlref diff --git a/test/queries/xss/xss-webc-control/package-lock.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/package-lock.json similarity index 100% rename from test/queries/xss/xss-webc-control/package-lock.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/package-lock.json diff --git a/test/queries/xss/xss-webc-control/package.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/package.json similarity index 100% rename from test/queries/xss/xss-webc-control/package.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/package.json diff --git a/test/queries/xss/xss-webc-control/ui5.yaml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/ui5.yaml similarity index 100% rename from test/queries/xss/xss-webc-control/ui5.yaml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/ui5.yaml diff --git a/test/queries/xss/xss-webc-control/webapp/controller/app.controller.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/webapp/controller/app.controller.js similarity index 100% rename from test/queries/xss/xss-webc-control/webapp/controller/app.controller.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/webapp/controller/app.controller.js diff --git a/test/queries/xss/xss-webc-control/webapp/index.html b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/webapp/index.html similarity index 100% rename from test/queries/xss/xss-webc-control/webapp/index.html rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/webapp/index.html diff --git a/test/queries/xss/xss-webc-control/webapp/index.js b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/webapp/index.js similarity index 100% rename from test/queries/xss/xss-webc-control/webapp/index.js rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/webapp/index.js diff --git a/test/queries/xss/xss-webc-control/webapp/manifest.json b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/webapp/manifest.json similarity index 100% rename from test/queries/xss/xss-webc-control/webapp/manifest.json rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/webapp/manifest.json diff --git a/test/queries/xss/xss-webc-control/webapp/view/app.view.xml b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/webapp/view/app.view.xml similarity index 100% rename from test/queries/xss/xss-webc-control/webapp/view/app.view.xml rename to javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/webapp/view/app.view.xml diff --git a/javascript/javascript-sap-ui5-queries/test/codeql-pack.lock.yml b/javascript/javascript-sap-ui5-queries/test/codeql-pack.lock.yml new file mode 100644 index 000000000..530042745 --- /dev/null +++ b/javascript/javascript-sap-ui5-queries/test/codeql-pack.lock.yml @@ -0,0 +1,4 @@ +--- +lockVersion: 1.0.0 +dependencies: {} +compiled: false diff --git a/test/queries/xss/xss-html-view/webapp/view/app.view.html b/javascript/javascript-sap-ui5-queries/test/models/binding_path/app.view.html similarity index 100% rename from test/queries/xss/xss-html-view/webapp/view/app.view.html rename to javascript/javascript-sap-ui5-queries/test/models/binding_path/app.view.html diff --git a/test/queries/xss/xss-js-view/webapp/view/app.view.js b/javascript/javascript-sap-ui5-queries/test/models/binding_path/app.view.js similarity index 100% rename from test/queries/xss/xss-js-view/webapp/view/app.view.js rename to javascript/javascript-sap-ui5-queries/test/models/binding_path/app.view.js diff --git a/test/models/binding_path/binding1.json b/javascript/javascript-sap-ui5-queries/test/models/binding_path/binding1.json similarity index 100% rename from test/models/binding_path/binding1.json rename to javascript/javascript-sap-ui5-queries/test/models/binding_path/binding1.json diff --git a/test/models/binding_path/binding1.xml b/javascript/javascript-sap-ui5-queries/test/models/binding_path/binding1.xml similarity index 100% rename from test/models/binding_path/binding1.xml rename to javascript/javascript-sap-ui5-queries/test/models/binding_path/binding1.xml diff --git a/test/models/binding_path/bindingComposite.xml b/javascript/javascript-sap-ui5-queries/test/models/binding_path/bindingComposite.xml similarity index 100% rename from test/models/binding_path/bindingComposite.xml rename to javascript/javascript-sap-ui5-queries/test/models/binding_path/bindingComposite.xml diff --git a/test/models/binding_path/bindingTest.expected b/javascript/javascript-sap-ui5-queries/test/models/binding_path/bindingTest.expected similarity index 100% rename from test/models/binding_path/bindingTest.expected rename to javascript/javascript-sap-ui5-queries/test/models/binding_path/bindingTest.expected diff --git a/test/models/binding_path/bindingTest.ql b/javascript/javascript-sap-ui5-queries/test/models/binding_path/bindingTest.ql similarity index 100% rename from test/models/binding_path/bindingTest.ql rename to javascript/javascript-sap-ui5-queries/test/models/binding_path/bindingTest.ql diff --git a/test/models/sink/UI5ViewSinkTest.expected b/javascript/javascript-sap-ui5-queries/test/models/sink/UI5ViewSinkTest.expected similarity index 100% rename from test/models/sink/UI5ViewSinkTest.expected rename to javascript/javascript-sap-ui5-queries/test/models/sink/UI5ViewSinkTest.expected diff --git a/test/models/sink/UI5ViewSinkTest.ql b/javascript/javascript-sap-ui5-queries/test/models/sink/UI5ViewSinkTest.ql similarity index 100% rename from test/models/sink/UI5ViewSinkTest.ql rename to javascript/javascript-sap-ui5-queries/test/models/sink/UI5ViewSinkTest.ql diff --git a/test/models/sink/logSinkTest.expected b/javascript/javascript-sap-ui5-queries/test/models/sink/logSinkTest.expected similarity index 100% rename from test/models/sink/logSinkTest.expected rename to javascript/javascript-sap-ui5-queries/test/models/sink/logSinkTest.expected diff --git a/test/models/sink/logSinkTest.ql b/javascript/javascript-sap-ui5-queries/test/models/sink/logSinkTest.ql similarity index 100% rename from test/models/sink/logSinkTest.ql rename to javascript/javascript-sap-ui5-queries/test/models/sink/logSinkTest.ql diff --git a/test/models/sink/pathSinkTest.expected b/javascript/javascript-sap-ui5-queries/test/models/sink/pathSinkTest.expected similarity index 100% rename from test/models/sink/pathSinkTest.expected rename to javascript/javascript-sap-ui5-queries/test/models/sink/pathSinkTest.expected diff --git a/test/models/sink/pathSinkTest.ql b/javascript/javascript-sap-ui5-queries/test/models/sink/pathSinkTest.ql similarity index 100% rename from test/models/sink/pathSinkTest.ql rename to javascript/javascript-sap-ui5-queries/test/models/sink/pathSinkTest.ql diff --git a/test/models/sink/sink.js b/javascript/javascript-sap-ui5-queries/test/models/sink/sink.js similarity index 100% rename from test/models/sink/sink.js rename to javascript/javascript-sap-ui5-queries/test/models/sink/sink.js diff --git a/test/models/sink/sink1.xml b/javascript/javascript-sap-ui5-queries/test/models/sink/sink1.xml similarity index 100% rename from test/models/sink/sink1.xml rename to javascript/javascript-sap-ui5-queries/test/models/sink/sink1.xml diff --git a/test/models/sink/sinkTest.expected b/javascript/javascript-sap-ui5-queries/test/models/sink/sinkTest.expected similarity index 100% rename from test/models/sink/sinkTest.expected rename to javascript/javascript-sap-ui5-queries/test/models/sink/sinkTest.expected diff --git a/test/models/sink/xssSinkTest.expected b/javascript/javascript-sap-ui5-queries/test/models/sink/xssSinkTest.expected similarity index 100% rename from test/models/sink/xssSinkTest.expected rename to javascript/javascript-sap-ui5-queries/test/models/sink/xssSinkTest.expected diff --git a/test/models/sink/xssSinkTest.ql b/javascript/javascript-sap-ui5-queries/test/models/sink/xssSinkTest.ql similarity index 100% rename from test/models/sink/xssSinkTest.ql rename to javascript/javascript-sap-ui5-queries/test/models/sink/xssSinkTest.ql diff --git a/test/models/source/UI5ViewSourceTest.expected b/javascript/javascript-sap-ui5-queries/test/models/source/UI5ViewSourceTest.expected similarity index 100% rename from test/models/source/UI5ViewSourceTest.expected rename to javascript/javascript-sap-ui5-queries/test/models/source/UI5ViewSourceTest.expected diff --git a/test/models/source/UI5ViewSourceTest.ql b/javascript/javascript-sap-ui5-queries/test/models/source/UI5ViewSourceTest.ql similarity index 100% rename from test/models/source/UI5ViewSourceTest.ql rename to javascript/javascript-sap-ui5-queries/test/models/source/UI5ViewSourceTest.ql diff --git a/test/models/source/source.js b/javascript/javascript-sap-ui5-queries/test/models/source/source.js similarity index 100% rename from test/models/source/source.js rename to javascript/javascript-sap-ui5-queries/test/models/source/source.js diff --git a/test/models/source/source1.xml b/javascript/javascript-sap-ui5-queries/test/models/source/source1.xml similarity index 100% rename from test/models/source/source1.xml rename to javascript/javascript-sap-ui5-queries/test/models/source/source1.xml diff --git a/test/models/source/sourceTest.expected b/javascript/javascript-sap-ui5-queries/test/models/source/sourceTest.expected similarity index 100% rename from test/models/source/sourceTest.expected rename to javascript/javascript-sap-ui5-queries/test/models/source/sourceTest.expected diff --git a/test/models/source/sourceTest.ql b/javascript/javascript-sap-ui5-queries/test/models/source/sourceTest.ql similarity index 100% rename from test/models/source/sourceTest.ql rename to javascript/javascript-sap-ui5-queries/test/models/source/sourceTest.ql diff --git a/test/models/summary/summary.js b/javascript/javascript-sap-ui5-queries/test/models/summary/summary.js similarity index 100% rename from test/models/summary/summary.js rename to javascript/javascript-sap-ui5-queries/test/models/summary/summary.js diff --git a/test/models/summary/summaryTest.expected b/javascript/javascript-sap-ui5-queries/test/models/summary/summaryTest.expected similarity index 100% rename from test/models/summary/summaryTest.expected rename to javascript/javascript-sap-ui5-queries/test/models/summary/summaryTest.expected diff --git a/test/models/summary/summaryTest.qlref b/javascript/javascript-sap-ui5-queries/test/models/summary/summaryTest.qlref similarity index 100% rename from test/models/summary/summaryTest.qlref rename to javascript/javascript-sap-ui5-queries/test/models/summary/summaryTest.qlref diff --git a/test/qlpack.yml b/javascript/javascript-sap-ui5-queries/test/qlpack.yml similarity index 59% rename from test/qlpack.yml rename to javascript/javascript-sap-ui5-queries/test/qlpack.yml index 0065dda13..6c27a94c3 100644 --- a/test/qlpack.yml +++ b/javascript/javascript-sap-ui5-queries/test/qlpack.yml @@ -1,10 +1,8 @@ ---- -library: true -name: advanced-security/javascript-sap-ui5-test +name: advanced-security/javascript-sap-ui5-queries-tests version: 0.1.0 extractor: javascript dependencies: codeql/javascript-all: "^0.6.3" codeql/javascript-queries: "^0.6.3" - advanced-security/javascript-sap-ui5-queries: "^0.1.2" + advanced-security/javascript-sap-ui5-queries: "*" advanced-security/javascript-sap-ui5-extensions: "^0.1.0" diff --git a/qlt.conf.json b/qlt.conf.json new file mode 100644 index 000000000..9665476ca --- /dev/null +++ b/qlt.conf.json @@ -0,0 +1,5 @@ +{ + "CodeQLCLI": "2.14.1", + "CodeQLStandardLibrary": "codeql-cli/v2.14.1", + "CodeQLCLIBundle": "codeql-bundle-v2.14.1" +} \ No newline at end of file diff --git a/scripts/codeql-pack.lock.yml b/scripts/codeql-pack.lock.yml index 3350912dc..530042745 100644 --- a/scripts/codeql-pack.lock.yml +++ b/scripts/codeql-pack.lock.yml @@ -1,16 +1,4 @@ --- lockVersion: 1.0.0 -dependencies: - codeql/javascript-all: - version: 0.7.0 - codeql/mad: - version: 0.1.0 - codeql/regex: - version: 0.1.0 - codeql/tutorial: - version: 0.1.0 - codeql/util: - version: 0.1.0 - codeql/yaml: - version: 0.1.0 +dependencies: {} compiled: false diff --git a/src/codeql-pack.lock.yml b/src/codeql-pack.lock.yml deleted file mode 100644 index f8b362092..000000000 --- a/src/codeql-pack.lock.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/javascript-all: - version: 0.6.4 - codeql/regex: - version: 0.0.15 - codeql/tutorial: - version: 0.0.12 - codeql/util: - version: 0.0.12 - codeql/yaml: - version: 0.0.4 -compiled: false diff --git a/test/codeql-pack.lock.yml b/test/codeql-pack.lock.yml deleted file mode 100644 index 79d3aa8c2..000000000 --- a/test/codeql-pack.lock.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/javascript-all: - version: 0.6.4 - codeql/javascript-queries: - version: 0.6.4 - codeql/regex: - version: 0.0.15 - codeql/suite-helpers: - version: 0.5.4 - codeql/tutorial: - version: 0.0.12 - codeql/typos: - version: 0.0.19 - codeql/util: - version: 0.0.12 - codeql/yaml: - version: 0.0.4 -compiled: false From d846f5b0c16814e530931e3f604af9fdefad9b51 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 11 Sep 2023 18:42:04 -0400 Subject: [PATCH 02/11] fix suites --- javascript/javascript-sap-ui5-queries/src/qlpack.yml | 2 -- .../test/UI5Clickjacking/UI5Clickjacking.qlref | 2 +- .../clickjacking-allow-all/UI5Clickjacking.qlref | 2 +- .../clickjacking-default-all/UI5Clickjacking.qlref | 2 +- .../UI5Clickjacking/clickjacking-deny-all/UI5Clickjacking.qlref | 2 +- .../avoid-duplicate-alerts/UI5LogInjection.qlref | 2 +- .../log-custom-control-property-sanitized/UI5LogInjection.qlref | 2 +- .../log-custom-control-sanitized/UI5LogInjection.qlref | 2 +- .../UI5LogInjection/log-html-control-df/UI5LogInjection.qlref | 2 +- .../test/UI5Xss/avoid-duplicate-alerts/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-book-example/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-custom-control-api1/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-custom-control-api2/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-custom-control-jquery/UI5Xss.qlref | 2 +- .../UI5Xss/xss-custom-control-property-sanitized/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-custom-control-sanitized/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-event-handlers/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-html-control-df/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-html-control-oneway/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-html-control/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-html-external-model/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-html-view/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-indirect-control/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-js-view/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-json-view/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-separate-renderer-byname/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-separate-renderer/UI5Xss.qlref | 2 +- .../test/UI5Xss/xss-webc-control/UI5Xss.qlref | 2 +- .../test/models/summary/summaryTest.qlref | 2 +- 29 files changed, 28 insertions(+), 30 deletions(-) diff --git a/javascript/javascript-sap-ui5-queries/src/qlpack.yml b/javascript/javascript-sap-ui5-queries/src/qlpack.yml index 1f83b0659..07ac366f4 100644 --- a/javascript/javascript-sap-ui5-queries/src/qlpack.yml +++ b/javascript/javascript-sap-ui5-queries/src/qlpack.yml @@ -1,8 +1,6 @@ --- -library: false name: advanced-security/javascript-sap-ui5-queries version: 0.1.2 -suites: codeql-suites extractor: javascript dependencies: codeql/javascript-all: "^0.6.3" diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/UI5Clickjacking.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/UI5Clickjacking.qlref index 5f97d9403..0692fa1c8 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/UI5Clickjacking.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/UI5Clickjacking.qlref @@ -1 +1 @@ -queries/UI5Clickjacking.ql \ No newline at end of file +UI5Clickjacking/UI5Clickjacking.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/UI5Clickjacking.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/UI5Clickjacking.qlref index 5f97d9403..0692fa1c8 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/UI5Clickjacking.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/UI5Clickjacking.qlref @@ -1 +1 @@ -queries/UI5Clickjacking.ql \ No newline at end of file +UI5Clickjacking/UI5Clickjacking.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-default-all/UI5Clickjacking.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-default-all/UI5Clickjacking.qlref index a7c189c18..c9aadbd29 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-default-all/UI5Clickjacking.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-default-all/UI5Clickjacking.qlref @@ -1 +1 @@ -queries/UI5Clickjacking.ql +UI5Clickjacking/UI5Clickjacking.ql diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-deny-all/UI5Clickjacking.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-deny-all/UI5Clickjacking.qlref index a7c189c18..c9aadbd29 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-deny-all/UI5Clickjacking.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-deny-all/UI5Clickjacking.qlref @@ -1 +1 @@ -queries/UI5Clickjacking.ql +UI5Clickjacking/UI5Clickjacking.ql diff --git a/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/UI5LogInjection.qlref b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/UI5LogInjection.qlref index 32a5d4ccd..83cfc6203 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/UI5LogInjection.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/avoid-duplicate-alerts/UI5LogInjection.qlref @@ -1 +1 @@ -queries/UI5LogInjection.ql \ No newline at end of file +UI5LogInjection/UI5LogInjection.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/UI5LogInjection.qlref b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/UI5LogInjection.qlref index 32a5d4ccd..83cfc6203 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/UI5LogInjection.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-property-sanitized/UI5LogInjection.qlref @@ -1 +1 @@ -queries/UI5LogInjection.ql \ No newline at end of file +UI5LogInjection/UI5LogInjection.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/UI5LogInjection.qlref b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/UI5LogInjection.qlref index 32a5d4ccd..83cfc6203 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/UI5LogInjection.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-custom-control-sanitized/UI5LogInjection.qlref @@ -1 +1 @@ -queries/UI5LogInjection.ql \ No newline at end of file +UI5LogInjection/UI5LogInjection.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/UI5LogInjection.qlref b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/UI5LogInjection.qlref index 32a5d4ccd..83cfc6203 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/UI5LogInjection.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5LogInjection/log-html-control-df/UI5LogInjection.qlref @@ -1 +1 @@ -queries/UI5LogInjection.ql \ No newline at end of file +UI5LogInjection/UI5LogInjection.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/avoid-duplicate-alerts/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-book-example/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api1/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-api2/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-jquery/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-property-sanitized/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-custom-control-sanitized/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-event-handlers/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-df/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control-oneway/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-control/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-external-model/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-html-view/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-indirect-control/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-js-view/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-json-view/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer-byname/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-separate-renderer/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/UI5Xss.qlref b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/UI5Xss.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/UI5Xss.qlref +++ b/javascript/javascript-sap-ui5-queries/test/UI5Xss/xss-webc-control/UI5Xss.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/models/summary/summaryTest.qlref b/javascript/javascript-sap-ui5-queries/test/models/summary/summaryTest.qlref index 23e7adf87..ce544f1d0 100644 --- a/javascript/javascript-sap-ui5-queries/test/models/summary/summaryTest.qlref +++ b/javascript/javascript-sap-ui5-queries/test/models/summary/summaryTest.qlref @@ -1 +1 @@ -queries/UI5Xss.ql \ No newline at end of file +UI5Xss/UI5Xss.ql \ No newline at end of file From 94bbb5b44476cfd19b70af001069fe8707c8d9ee Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 11 Sep 2023 18:50:47 -0400 Subject: [PATCH 03/11] ignores --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 2fd5679e7..f6f2b741f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ +# CodeQL Result Files +*.actual + # Logs logs *.log From 3163c419c2076c38359f8f06adb7616198d8c16d Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 11 Sep 2023 18:56:15 -0400 Subject: [PATCH 04/11] wrong path --- .github/codeql/codeql-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/codeql/codeql-config.yaml b/.github/codeql/codeql-config.yaml index 175b9bebc..00695f43d 100644 --- a/.github/codeql/codeql-config.yaml +++ b/.github/codeql/codeql-config.yaml @@ -4,7 +4,7 @@ queries: # for log-injection - uses: security-and-quality # for ui5 queries - - uses: ./src + - uses: ./javascript/ paths: - "**/*.xml" From 9e1f6bb03c17240698622a6def8134cc14a246a0 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 11 Sep 2023 19:15:30 -0400 Subject: [PATCH 05/11] not needed --- .github/workflows/codeql_tests.yml | 40 ------------------------------ 1 file changed, 40 deletions(-) delete mode 100644 .github/workflows/codeql_tests.yml diff --git a/.github/workflows/codeql_tests.yml b/.github/workflows/codeql_tests.yml deleted file mode 100644 index a77d0b757..000000000 --- a/.github/workflows/codeql_tests.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: "CodeQL Tests" - -on: - push: - branches: [ "main" ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ "main" ] - schedule: - - cron: '39 12 * * 2' - -env: - LGTM_INDEX_XML_MODE: all - -jobs: - analyze: - name: Test - runs-on: 'ubuntu-latest' - permissions: - actions: read - contents: read - security-events: write - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - id: init - uses: github/codeql-action/init@v2 - - - name: Run CodeQL Tests - env: - CODEQL_PATH: ${{ steps.init.outputs.codeql-path }} - run: | - $CODEQL_PATH test run --strict-test-discovery --show-extractor-output --format=json --threads=0 --verbosity=errors ./test | - jq -r '.|sort_by(.pass)|.[]|"\(if .pass then "✅" else "❌" end) \(.test / "/test/" | .[1]) "' >> results.md - cat results.md >> $GITHUB_STEP_SUMMARY - if grep -n "❌" results.md; then exit 1; fi From 1a04dbb72d5001f8386c24dfd96dae64aa814bc3 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 11 Sep 2023 19:16:57 -0400 Subject: [PATCH 06/11] Update .github/codeql/codeql-config.yaml Co-authored-by: Mauro Baluda --- .github/codeql/codeql-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/codeql/codeql-config.yaml b/.github/codeql/codeql-config.yaml index 00695f43d..8fae3535d 100644 --- a/.github/codeql/codeql-config.yaml +++ b/.github/codeql/codeql-config.yaml @@ -4,7 +4,7 @@ queries: # for log-injection - uses: security-and-quality # for ui5 queries - - uses: ./javascript/ + - uses: ./javascript/src paths: - "**/*.xml" From ae481bcdfb4072256c141b4e905adc5ed31855e1 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 11 Sep 2023 19:26:34 -0400 Subject: [PATCH 07/11] Update javascript/javascript-sap-ui5-queries/test/qlpack.yml Co-authored-by: Mauro Baluda --- javascript/javascript-sap-ui5-queries/test/qlpack.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/javascript/javascript-sap-ui5-queries/test/qlpack.yml b/javascript/javascript-sap-ui5-queries/test/qlpack.yml index 6c27a94c3..67441025b 100644 --- a/javascript/javascript-sap-ui5-queries/test/qlpack.yml +++ b/javascript/javascript-sap-ui5-queries/test/qlpack.yml @@ -5,4 +5,4 @@ dependencies: codeql/javascript-all: "^0.6.3" codeql/javascript-queries: "^0.6.3" advanced-security/javascript-sap-ui5-queries: "*" - advanced-security/javascript-sap-ui5-extensions: "^0.1.0" + advanced-security/javascript-sap-ui5-extensions: "*" From c8fb4d8fc8247da3dc7bf6528492548ab597696c Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 12 Sep 2023 11:15:01 -0400 Subject: [PATCH 08/11] fix pack locks --- .../src/codeql-pack.lock.yml | 14 +++++++++++-- .../test/codeql-pack.lock.yml | 20 +++++++++++++++++-- scripts/codeql-pack.lock.yml | 16 +++++++++++++-- 3 files changed, 44 insertions(+), 6 deletions(-) diff --git a/javascript/javascript-sap-ui5-queries/src/codeql-pack.lock.yml b/javascript/javascript-sap-ui5-queries/src/codeql-pack.lock.yml index 530042745..2f3331715 100644 --- a/javascript/javascript-sap-ui5-queries/src/codeql-pack.lock.yml +++ b/javascript/javascript-sap-ui5-queries/src/codeql-pack.lock.yml @@ -1,4 +1,14 @@ --- lockVersion: 1.0.0 -dependencies: {} -compiled: false +dependencies: + codeql/javascript-all: + version: 0.6.4 + codeql/regex: + version: 0.0.15 + codeql/tutorial: + version: 0.0.12 + codeql/util: + version: 0.0.12 + codeql/yaml: + version: 0.0.4 +compiled: false \ No newline at end of file diff --git a/javascript/javascript-sap-ui5-queries/test/codeql-pack.lock.yml b/javascript/javascript-sap-ui5-queries/test/codeql-pack.lock.yml index 530042745..bb796b01b 100644 --- a/javascript/javascript-sap-ui5-queries/test/codeql-pack.lock.yml +++ b/javascript/javascript-sap-ui5-queries/test/codeql-pack.lock.yml @@ -1,4 +1,20 @@ --- lockVersion: 1.0.0 -dependencies: {} -compiled: false +dependencies: + codeql/javascript-all: + version: 0.6.4 + codeql/javascript-queries: + version: 0.6.4 + codeql/regex: + version: 0.0.15 + codeql/suite-helpers: + version: 0.5.4 + codeql/tutorial: + version: 0.0.12 + codeql/typos: + version: 0.0.19 + codeql/util: + version: 0.0.12 + codeql/yaml: + version: 0.0.4 +compiled: false \ No newline at end of file diff --git a/scripts/codeql-pack.lock.yml b/scripts/codeql-pack.lock.yml index 530042745..bc9df1ccf 100644 --- a/scripts/codeql-pack.lock.yml +++ b/scripts/codeql-pack.lock.yml @@ -1,4 +1,16 @@ --- lockVersion: 1.0.0 -dependencies: {} -compiled: false +dependencies: + codeql/javascript-all: + version: 0.7.0 + codeql/mad: + version: 0.1.0 + codeql/regex: + version: 0.1.0 + codeql/tutorial: + version: 0.1.0 + codeql/util: + version: 0.1.0 + codeql/yaml: + version: 0.1.0 +compiled: false \ No newline at end of file From 792e07866301c79e23c267c40198a9b0dcfbc6a0 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 12 Sep 2023 17:46:47 +0200 Subject: [PATCH 09/11] Fixing some broken links --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 97afe9c20..ccaf3befa 100644 --- a/README.md +++ b/README.md @@ -3,9 +3,9 @@ CodeQL queries and supporting models for the SAP UI5 JavaScript framework ### Queries -- [XSS](src/queries/UI5Xss.ql) -- [Log Injection](src/queries/UI5LogInjection.ql) -- [Clickjacking](src/queries/UI5Clickjacking.ql) +- [XSS](javascript/javascript-sap-ui5-queries/src/queries/UI5Xss.ql) +- [Log Injection](javascript/javascript-sap-ui5-queries/src/queries/UI5LogInjection.ql) +- [Clickjacking](javascript/javascript-sap-ui5-queries/src/queries/UI5Clickjacking.ql) ### Modeled UI5 framework elements - UI5 AMD-style components (also via jQuery) @@ -33,6 +33,6 @@ The following tables list the main supported features with corresponding test ca #### Detecting Clickjacking vulnerabilities | test | secure | insecure frameOptions | missing frameOptions | | - | :-: | :-: | :-: | -| [clickjacking-deny-all]( test/queries/clickjacking/clickjacking-deny-all/index.html#L10) | ✅︎ | | +| [clickjacking-deny-all](javascript/javascript-sap-ui5-queries/test/queries/clickjacking/clickjacking-deny-all/index.html#L10) | ✅︎ | | | [clickjacking-allow-all:l9](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/240)
[clickjacking-allow-all:l28](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/241) | | ✅︎ | | [clickjacking-default-all](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/330) | | | ✅︎ | From 9c615e6aee3000555a697e01654e4f9a4cb75624 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 12 Sep 2023 17:50:28 +0200 Subject: [PATCH 10/11] Fix broken links --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index ccaf3befa..a013d83af 100644 --- a/README.md +++ b/README.md @@ -3,9 +3,9 @@ CodeQL queries and supporting models for the SAP UI5 JavaScript framework ### Queries -- [XSS](javascript/javascript-sap-ui5-queries/src/queries/UI5Xss.ql) -- [Log Injection](javascript/javascript-sap-ui5-queries/src/queries/UI5LogInjection.ql) -- [Clickjacking](javascript/javascript-sap-ui5-queries/src/queries/UI5Clickjacking.ql) +- [XSS](javascript/javascript-sap-ui5-queries/src/UI5Xss/UI5Xss.ql) +- [Log Injection](javascript/javascript-sap-ui5-queries/src/UI5LogInjection/UI5LogInjection.ql) +- [Clickjacking](javascript/javascript-sap-ui5-queries/src/UI5Clickjacking/UI5Clickjacking.ql) ### Modeled UI5 framework elements - UI5 AMD-style components (also via jQuery) @@ -33,6 +33,6 @@ The following tables list the main supported features with corresponding test ca #### Detecting Clickjacking vulnerabilities | test | secure | insecure frameOptions | missing frameOptions | | - | :-: | :-: | :-: | -| [clickjacking-deny-all](javascript/javascript-sap-ui5-queries/test/queries/clickjacking/clickjacking-deny-all/index.html#L10) | ✅︎ | | +| [clickjacking-deny-all](javascript/javascript-sap-ui5-queries/test/UI5Clickjacking/clickjacking-allow-all/index.html#L10) | ✅︎ | | | [clickjacking-allow-all:l9](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/240)
[clickjacking-allow-all:l28](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/241) | | ✅︎ | | [clickjacking-default-all](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/330) | | | ✅︎ | From 78f7ce45c54ae41948daa6fdb610a014c396d5f9 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 12 Sep 2023 17:53:23 +0200 Subject: [PATCH 11/11] fix codeql config --- .github/codeql/codeql-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/codeql/codeql-config.yaml b/.github/codeql/codeql-config.yaml index 8fae3535d..ea91f0ca6 100644 --- a/.github/codeql/codeql-config.yaml +++ b/.github/codeql/codeql-config.yaml @@ -4,7 +4,7 @@ queries: # for log-injection - uses: security-and-quality # for ui5 queries - - uses: ./javascript/src + - uses: ./javascript/javascript-sap-ui5-queries/src paths: - "**/*.xml"