CRA review: mark workerscript subfolder

- Mark the global heades as insignificant, they don't contain any logic. - Mark qv4serialize as critical: String data that might get passed to a worker script might come from an untrusted context, and thus the serialization process needs some basic care. - Evertything else gets the default significant marker to indicate that it has been reviewed. Pick-to: 6.10 6.9 6.8 Fixes: QTBUG-136209 Change-Id: Ib820d551f687cbd41f0306d39552e55e8642a2b3 Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
author: Fabian Kosmale <fabian.kosmale@qt.io> 2025-08-26 11:16:04 +0200
committer: Fabian Kosmale <fabian.kosmale@qt.io> 2025-09-16 15:17:47 +0200
commit: cf798310238765612891696077f7d70570ad2e3a (patch)
tree: 6be6fb54300f5708112536a8b14b13ddb4e87e20 /src/qmlworkerscript/qtqmlworkerscriptglobal.h
parent: 8d4ebd03d29e58ef83b286a12d3257bc9a3094d4 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/qmlworkerscript/qtqmlworkerscriptglobal.h b/src/qmlworkerscript/qtqmlworkerscriptglobal.h
index 1156b27b2d..896d6e0e55 100644
--- a/src/qmlworkerscript/qtqmlworkerscriptglobal.h
+++ b/src/qmlworkerscript/qtqmlworkerscriptglobal.h
@@ -1,5 +1,6 @@
 // Copyright (C) 2019 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:insignificant
 
 #ifndef QTQMLWORKERSCRIPTGLOBAL_H
 #define QTQMLWORKERSCRIPTGLOBAL_H
author	Fabian Kosmale <fabian.kosmale@qt.io>	2025-08-26 11:16:04 +0200
committer	Fabian Kosmale <fabian.kosmale@qt.io>	2025-09-16 15:17:47 +0200
commit	cf798310238765612891696077f7d70570ad2e3a (patch)
tree	6be6fb54300f5708112536a8b14b13ddb4e87e20 /src/qmlworkerscript/qtqmlworkerscriptglobal.h
parent	8d4ebd03d29e58ef83b286a12d3257bc9a3094d4 (diff)