aboutsummaryrefslogtreecommitdiffstats
path: root/src/qmlcompiler/qqmlsasourcelocation.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Add security header for src/qmlcompilerOlivier De Cannière2025-09-171-0/+1
| | | | | | | | | | | | | | | | | | We assume that QML or JS code comes from a trusted source. Therefore, most files are deemed to be significant even if they parse data. This includes the source code itself but also the associated metadata or cache files. However, the QML compiler also generates C++ code. Extra care needs to be taken with the generator as a vulnerability there could propagate and have a disproportionate effect on the program's security. It is marked as critical. QUIP: 23 Fixes: QTBUG-136195 Pick-to: 6.10 6.9 6.8 Change-Id: I70630361ec8e9cb3969f78a3fdf36a41334a33b3 Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
* Doc: Add more documentation for QQmlSAOlivier De Cannière2025-02-281-0/+46
| | | | | | | | | | | Some documentation may not provide a lot of extra information but is there mainly so that the function appears in the final documentation and is discoverable by the user. Fixes: QTBUG-116682 Pick-to: 6.9 6.8 Change-Id: I68e531663a25ea9aaba9dfd4ec0c8b842023f673 Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
* SourceLocation: make begin() and end() qsizetypeSami Shalayel2024-10-091-2/+2
| | | | | | | | | | | | | Change begin() and end() to return a qsizetype, as now we only process QML files where quint32 can safely be casted to qsizetype. This allows to change all users of begin() and end() to use qsizetype, and to silence all MSVC compile warnings about comparison of ints with different signedness. Fixes: QTBUG-127833 Change-Id: I251435aa598386effe0259549dbe94d17b0d806b Reviewed-by: Olivier De Cannière <olivier.decanniere@qt.io>
* QQmlSA: Create an abstraction layer for static analysisOlivier De Cannière2023-05-301-0/+125
This patch adds abstractions for QML Elements, Bindings, Methods and Properties. This abstraction layer avoids exposing internal details and should be more suited for static analysis tasks. It is now possible to write qmllint plugins without including private headers. As a drive-by, change tst_qmllint:verifyJsRoot to open files in text mode instead of binary. This fixes an issue where line endings cause issues on Windows. Fixes: QTBUG-102276 Change-Id: I6b6e53f1e0078734a18f3aa51807fbe875b375f0 Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-02 04:41:01 +0000