fix all ql/unused-field warnings

erik-krogh · erik-krogh · commit 879680057e37 · 2022-03-17T09:41:42.000+01:00
diff --git a/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulation.qll b/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulation.qll
@@ -96,8 +96,6 @@ private class IntentFlagsOrDataChangedSanitizer extends IntentUriPermissionManip
  * ```
  */
 private class IntentFlagsOrDataCheckedGuard extends IntentUriPermissionManipulationGuard {
-  Expr condition;
-
   IntentFlagsOrDataCheckedGuard() { intentFlagsOrDataChecked(this, _, _) }
 
   override predicate checks(Expr e, boolean branch) { intentFlagsOrDataChecked(this, e, branch) }
diff --git a/java/ql/src/experimental/semmle/code/java/PathSanitizer.qll b/java/ql/src/experimental/semmle/code/java/PathSanitizer.qll
@@ -136,8 +136,6 @@ private predicate isDisallowedWord(CompileTimeConstantExpr word) {
 
 /** A complementary guard that protects against path traversal, by looking for the literal `..`. */
 class PathTraversalGuard extends Guard instanceof MethodAccess {
-  Expr checked;
-
   PathTraversalGuard() {
     super.getMethod().getDeclaringType() instanceof TypeString and
     super.getMethod().hasName(["contains", "indexOf"]) and
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/ClientRequests.qll b/javascript/ql/lib/semmle/javascript/frameworks/ClientRequests.qll
@@ -330,8 +330,6 @@ module ClientRequest {
      * A model of a URL request made using `require("needle")(...)`.
      */
     class PromisedNeedleRequest extends ClientRequest::Range {
-      DataFlow::Node url;
-
       PromisedNeedleRequest() { this = DataFlow::moduleImport("needle").getACall() }
 
       override DataFlow::Node getUrl() { result = this.getArgument(1) }
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/CryptoLibraries.qll b/javascript/ql/lib/semmle/javascript/frameworks/CryptoLibraries.qll
@@ -683,8 +683,6 @@ private module ExpressJwt {
  */
 private module NodeRsa {
   private class CreateKey extends CryptographicKeyCreation, API::InvokeNode {
-    CryptographicAlgorithm algorithm;
-
     CreateKey() {
       this = API::moduleImport("node-rsa").getAnInstantiation()
       or
diff --git a/python/ql/src/experimental/semmle/python/frameworks/Flask.qll b/python/ql/src/experimental/semmle/python/frameworks/Flask.qll
@@ -75,7 +75,10 @@ module ExperimentalFlask {
   private class FlaskResponse extends DataFlow::CallCfgNode, HeaderDeclaration::Range {
     KeyValuePair item;
 
-    FlaskResponse() { this = Flask::Response::classRef().getACall() }
+    FlaskResponse() {
+      this = Flask::Response::classRef().getACall() and
+      item = this.getArg(_).asExpr().(Dict).getAnItem()
+    }
 
     override DataFlow::Node getNameArg() { result.asExpr() = item.getKey() }
 
