Skip to content

JS: Migrate to new *Query.qll convention for files only to be imported by queries #6450

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
codeql-ci merged 10 commits into from
Aug 17, 2021
Merged

JS: Migrate to new *Query.qll convention for files only to be imported by queries #6450

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
f6da030
JS: Migrate to *Query.qll convention
asgerf Aug 12, 2021
5638a33
JS: Remove obsolete module prefix
asgerf Aug 10, 2021
abb819e
JS: Fix insecure randomness
asgerf Aug 10, 2021
71930f9
JS: Fix cleartext logging
asgerf Aug 10, 2021
3a6da34
JS: Add missing QLdoc
asgerf Aug 10, 2021
cb0075f
JS: Remove use of deprecated API
asgerf Aug 10, 2021
020d65b
Fix StoredXssTypeTracking example query
asgerf Aug 11, 2021
fd02745
JS: Fix StoresXss example query
asgerf Aug 12, 2021
a6c3896
JS: Fix DomBasedXssQuery.qll
asgerf Aug 12, 2021
0047536
JS: Add change note
asgerf Aug 16, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions javascript/change-notes/2021-08-16-query-suffix-convention2.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
lgtm,codescanning
* Some library files have been deprecated, which may affect custom queries.
Queries importing a data-flow configuration from `semmle.javascript.security.dataflow` should
ensure that the imported file ends with `Query`, and only import its top-level module.
For example, a query that imported `DomBasedXss::DomBasedXss` should from now on import `DomBasedXssQuery`
instead.
9 changes: 4 additions & 5 deletions javascript/ql/examples/queries/dataflow/StoredXss/StoredXss.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,7 @@
*/

import javascript
import DataFlow
import semmle.javascript.security.dataflow.StoredXss
import semmle.javascript.security.dataflow.StoredXssQuery
import DataFlow::PathGraph

/**
Expand All @@ -21,17 +20,17 @@ import DataFlow::PathGraph
* connection.query(..., (e, data) => { ... });
* ```
*/
class MysqlSource extends StoredXss::Source {
class MysqlSource extends Source {
MysqlSource() {
this =
moduleImport("mysql")
DataFlow::moduleImport("mysql")
.getAMemberCall("createConnection")
.getAMethodCall("query")
.getCallback(1)
.getParameter(1)
}
}

from StoredXss::Configuration cfg, PathNode source, PathNode sink
from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
where cfg.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Stored XSS from $@.", source.getNode(), "database value."
9 changes: 4 additions & 5 deletions javascript/ql/examples/queries/dataflow/StoredXss/StoredXssTypeTracking.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,15 @@
*/

import javascript
import DataFlow
import semmle.javascript.security.dataflow.StoredXss
import semmle.javascript.security.dataflow.StoredXssQuery
import DataFlow::PathGraph

/**
* An instance of `mysql.createConnection()`, tracked globally.
*/
DataFlow::SourceNode mysqlConnection(DataFlow::TypeTracker t) {
t.start() and
result = moduleImport("mysql").getAMemberCall("createConnection")
result = DataFlow::moduleImport("mysql").getAMemberCall("createConnection")
or
exists(DataFlow::TypeTracker t2 | result = mysqlConnection(t2).track(t2, t))
}
Expand All @@ -42,10 +41,10 @@ DataFlow::SourceNode mysqlConnection() { result = mysqlConnection(DataFlow::Type
* }
* ```
*/
class MysqlSource extends StoredXss::Source {
class MysqlSource extends Source {
MysqlSource() { this = mysqlConnection().getAMethodCall("query").getCallback(1).getParameter(1) }
}

from StoredXss::Configuration cfg, PathNode source, PathNode sink
from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
where cfg.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Stored XSS from $@.", source.getNode(), "database value."
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-020/ExternalAPIsUsedWithUntrustedData.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.ExternalAPIUsedWithUntrustedData::ExternalAPIUsedWithUntrustedData
import semmle.javascript.security.dataflow.ExternalAPIUsedWithUntrustedDataQuery

from ExternalAPIUsedWithUntrustedData externalAPI
select externalAPI, count(externalAPI.getUntrustedDataNode()) as numberOfUses,
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-020/UntrustedDataToExternalAPI.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.ExternalAPIUsedWithUntrustedData::ExternalAPIUsedWithUntrustedData
import semmle.javascript.security.dataflow.ExternalAPIUsedWithUntrustedDataQuery
import DataFlow::PathGraph

from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-022/TaintedPath.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.TaintedPath::TaintedPath
import semmle.javascript.security.dataflow.TaintedPathQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-022/ZipSlip.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.ZipSlip::ZipSlip
import semmle.javascript.security.dataflow.ZipSlipQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-073/TemplateObjectInjection.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@

import javascript
import DataFlow::PathGraph
import semmle.javascript.security.dataflow.TemplateObjectInjection::TemplateObjectInjection
import semmle.javascript.security.dataflow.TemplateObjectInjectionQuery

from DataFlow::Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
where cfg.hasFlowPath(source, sink)
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-078/CommandInjection.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.CommandInjection::CommandInjection
import semmle.javascript.security.dataflow.CommandInjectionQuery
import DataFlow::PathGraph

from
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-078/IndirectCommandInjection.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@

import javascript
import DataFlow::PathGraph
import semmle.javascript.security.dataflow.IndirectCommandInjection::IndirectCommandInjection
import semmle.javascript.security.dataflow.IndirectCommandInjectionQuery

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink, DataFlow::Node highlight
where
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-078/ShellCommandInjectionFromEnvironment.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@

import javascript
import DataFlow::PathGraph
import semmle.javascript.security.dataflow.ShellCommandInjectionFromEnvironment::ShellCommandInjectionFromEnvironment
import semmle.javascript.security.dataflow.ShellCommandInjectionFromEnvironmentQuery

from
Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink, DataFlow::Node highlight,
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-078/UnsafeShellCommandConstruction.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.UnsafeShellCommandConstruction::UnsafeShellCommandConstruction
import semmle.javascript.security.dataflow.UnsafeShellCommandConstructionQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink, Sink sinkNode
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-079/ExceptionXss.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.ExceptionXss::ExceptionXss
import semmle.javascript.security.dataflow.ExceptionXssQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-079/ReflectedXss.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.ReflectedXss::ReflectedXss
import semmle.javascript.security.dataflow.ReflectedXssQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-079/StoredXss.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.StoredXss::StoredXss
import semmle.javascript.security.dataflow.StoredXssQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-079/UnsafeHtmlConstruction.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@

import javascript
import DataFlow::PathGraph
import semmle.javascript.security.dataflow.UnsafeHtmlConstruction::UnsafeHtmlConstruction
import semmle.javascript.security.dataflow.UnsafeHtmlConstructionQuery

from DataFlow::Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink, Sink sinkNode
where cfg.hasFlowPath(source, sink) and sink.getNode() = sinkNode
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-079/UnsafeJQueryPlugin.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.UnsafeJQueryPlugin::UnsafeJQueryPlugin
import semmle.javascript.security.dataflow.UnsafeJQueryPluginQuery
import DataFlow::PathGraph

from
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-079/Xss.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.DomBasedXss::DomBasedXss
import semmle.javascript.security.dataflow.DomBasedXssQuery
import DataFlow::PathGraph

from DataFlow::Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-079/XssThroughDom.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.XssThroughDom::XssThroughDom
import semmle.javascript.security.dataflow.XssThroughDomQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
4 changes: 2 additions & 2 deletions javascript/ql/src/Security/CWE-089/SqlInjection.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,8 @@
*/

import javascript
import semmle.javascript.security.dataflow.SqlInjection
import semmle.javascript.security.dataflow.NosqlInjection
import semmle.javascript.security.dataflow.SqlInjectionQuery as SqlInjection
import semmle.javascript.security.dataflow.NosqlInjectionQuery as NosqlInjection
import DataFlow::PathGraph

from DataFlow::Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-094/CodeInjection.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.CodeInjection::CodeInjection
import semmle.javascript.security.dataflow.CodeInjectionQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-094/ImproperCodeSanitization.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.ImproperCodeSanitization::ImproperCodeSanitization
import semmle.javascript.security.dataflow.ImproperCodeSanitizationQuery
import DataFlow::PathGraph
private import semmle.javascript.heuristics.HeuristicSinks
private import semmle.javascript.security.dataflow.CodeInjectionCustomizations
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-094/UnsafeDynamicMethodAccess.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.UnsafeDynamicMethodAccess::UnsafeDynamicMethodAccess
import semmle.javascript.security.dataflow.UnsafeDynamicMethodAccessQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-116/IncompleteHtmlAttributeSanitization.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@

import javascript
import DataFlow::PathGraph
import semmle.javascript.security.dataflow.IncompleteHtmlAttributeSanitization::IncompleteHtmlAttributeSanitization
import semmle.javascript.security.dataflow.IncompleteHtmlAttributeSanitizationQuery
import semmle.javascript.security.IncompleteBlacklistSanitizer

/**
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-117/LogInjection.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@

import javascript
import DataFlow::PathGraph
import semmle.javascript.security.dataflow.LogInjection::LogInjection
import semmle.javascript.security.dataflow.LogInjectionQuery

from LogInjectionConfiguration config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-134/TaintedFormatString.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.TaintedFormatString::TaintedFormatString
import semmle.javascript.security.dataflow.TaintedFormatStringQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-200/FileAccessToHttp.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.FileAccessToHttp::FileAccessToHttp
import semmle.javascript.security.dataflow.FileAccessToHttpQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-201/PostMessageStar.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.PostMessageStar::PostMessageStar
import semmle.javascript.security.dataflow.PostMessageStarQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-209/StackTraceExposure.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.StackTraceExposure::StackTraceExposure
import semmle.javascript.security.dataflow.StackTraceExposureQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-312/BuildArtifactLeak.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.BuildArtifactLeak::BuildArtifactLeak
import semmle.javascript.security.dataflow.BuildArtifactLeakQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-312/CleartextLogging.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.CleartextLogging::CleartextLogging
import semmle.javascript.security.dataflow.CleartextLoggingQuery
import DataFlow::PathGraph

/**
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-312/CleartextStorage.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.CleartextStorage::CleartextStorage
import semmle.javascript.security.dataflow.CleartextStorageQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-327/BrokenCryptoAlgorithm.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.BrokenCryptoAlgorithm::BrokenCryptoAlgorithm
import semmle.javascript.security.dataflow.BrokenCryptoAlgorithmQuery
import semmle.javascript.security.SensitiveActions
import DataFlow::PathGraph

Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-338/InsecureRandomness.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.InsecureRandomness::InsecureRandomness
import semmle.javascript.security.dataflow.InsecureRandomnessQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-346/CorsMisconfigurationForCredentials.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.CorsMisconfigurationForCredentials::CorsMisconfigurationForCredentials
import semmle.javascript.security.dataflow.CorsMisconfigurationForCredentialsQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-400/DeepObjectResourceExhaustion.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@

import javascript
import DataFlow::PathGraph
import semmle.javascript.security.dataflow.DeepObjectResourceExhaustion::DeepObjectResourceExhaustion
import semmle.javascript.security.dataflow.DeepObjectResourceExhaustionQuery

from
Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink, DataFlow::Node link,
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-400/RemotePropertyInjection.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.RemotePropertyInjection::RemotePropertyInjection
import semmle.javascript.security.dataflow.RemotePropertyInjectionQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-502/UnsafeDeserialization.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.UnsafeDeserialization::UnsafeDeserialization
import semmle.javascript.security.dataflow.UnsafeDeserializationQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
2 changes: 1 addition & 1 deletion javascript/ql/src/Security/CWE-506/HardcodedDataInterpretedAsCode.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*/

import javascript
import semmle.javascript.security.dataflow.HardcodedDataInterpretedAsCode::HardcodedDataInterpretedAsCode
import semmle.javascript.security.dataflow.HardcodedDataInterpretedAsCodeQuery
import DataFlow::PathGraph

from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
Expand Down
Loading