JS: review fixups in documentation

Esben Sparre Andreasen · Esben Sparre Andreasen · commit 605695e117a6 · 2018-08-21T22:08:10.000+02:00
diff --git a/change-notes/1.18/analysis-javascript.md b/change-notes/1.18/analysis-javascript.md
@@ -87,7 +87,7 @@
 | **Query**                  | **Expected impact**    | **Change**                                                       |
 |----------------------------|------------------------|------------------------------------------------------------------|
 | Arguments redefined | Fewer results | This rule previously also flagged redefinitions of `eval`. This was an oversight that is now fixed. |
-| Comparison between inconvertible types | Fewer results | This rule now flags fewer comparisons involving IIFE parameters. |
+| Comparison between inconvertible types | Fewer results | This rule now flags fewer comparisons involving parameters. |
 | Comparison between inconvertible types | Lower severity | The severity of this rule has been revised to "warning". |
 | CORS misconfiguration for credentials transfer | More true-positive results | This rule now treats header names case-insensitively. |
 | Hard-coded credentials | More true-positive results | This rule now recognizes secret cryptographic keys. |
@@ -102,8 +102,8 @@
 | Unused variable | Fewer results | This rule no longer flags class expressions that could be made anonymous. While technically true, these results are not interesting. |
 | Unused variable | Renamed | This rule has been renamed to "Unused variable, import, function or class" to reflect the fact that it flags different kinds of unused program elements. |
 | Use of incompletely initialized object| Fewer results | This rule now flags the constructor instead its errorneous `this` or `super` expressions. |
-| Useless conditional | Fewer results | This rule no longer flags uses of boolean IIFE return values. | 
-| Useless conditional | Fewer results | This rule now flags fewer comparisons involving IIFE parameters. | 
+| Useless conditional | Fewer results | This rule no longer flags uses of boolean return values. | 
+| Useless conditional | Fewer results | This rule now flags fewer comparisons involving parameters. | 
 
 ## Changes to QL libraries
 
diff --git a/javascript/ql/src/Expressions/HeterogeneousComparison.ql b/javascript/ql/src/Expressions/HeterogeneousComparison.ql
@@ -185,9 +185,7 @@ predicate isInitialParameterUse(Expr e) {
 /**
  * Holds if `e` is an expression that should not be considered in a heterogeneous comparison.
  *
- * We currently whitelist these kinds of expressions:
- *
- *   - parameters, as passed in from the caller
+ * We currently whitelist expressions that rely on inter-procedural parameter information.
  */
 predicate whitelist(Expr e) {
   isInitialParameterUse(e)
diff --git a/javascript/ql/src/Statements/UselessConditional.ql b/javascript/ql/src/Statements/UselessConditional.ql
@@ -64,7 +64,7 @@ predicate isConstant(Expr e) {
 }
 
 /**
- * Holds if `e` directly uses a parameter's initial value as passed in from the caller.
+ * Holds if `e` directly uses a parameter's negated or initial value as passed in from the caller.
  */
 predicate isInitialParameterUse(Expr e) {
   // unlike `SimpleParameter.getAnInitialUse` this will not include uses we have refinement information for
@@ -103,8 +103,8 @@ predicate isConstantBooleanReturnValue(Expr e) {
  *   - constants (including references to literal constants);
  *   - negations of constants;
  *   - defensive checks;
- *   - parameters, as passed in from the caller;
- *   - constant boolean returned values
+ *   - expressions that rely on inter-procedural parameter information;
+ *   - constant boolean returned values.
  */
 predicate whitelist(Expr e) {
   isConstant(e) or
