Expand description
Taint-path + string-shape query API.
The SAST layer (Layer 3) and the dynamic-SQL consumers need
to ask “is this name tainted, by what, and was it cleansed?”
and “what’s the string shape of this name?” — but Layer 2
(this crate) must not depend on Layer 3. So the query surface
lives here, on top of the FLOW-002 FlowEnv +
FLOW-003 InterFlowResult, and Layer 3 consumes it.
The API is read-only and allocation-light: every query takes a name + the analysis outputs and returns a small typed answer the SAST rule pack can pattern-match on.
§/oracle evidence
DATABASE-REFERENCE.mdPL/SQL Language Reference — the taint sources (bind variables, IN parameters) and theDBMS_ASSERTcleanser come straight from the language + supplied-package references; this module only re-projects the flow facts those passes already computed.
Structs§
- Flow
Query - Read-only query facade over the flow analysis outputs.
- Taint
Answer - Answer to “is this name tainted?”.