Default setup env vars: Restrict results to src

2026-05-21 10:11:48 +00:00 · 2026-05-18 17:15:30 +01:00
parent 4fc0f3e51b
commit 6f8805e224
1 changed files with 1 additions and 0 deletions
@@ -43,6 +43,7 @@ predicate envVarRead(DataFlow::Node node, string envVar) {
 from DataFlow::Node read, string envVar
 where
  envVarRead(read, envVar) and
+  read.getFile().getRelativePath().matches("src/%") and
  not read.getFile().getBaseName().matches("%.test.ts") and
  not isSafeForDefaultSetup(envVar)
 select read,