Mark QML's JSON parser as critical

We're doing fully custom parsing here, and external JSON must not cause security issues. Pick-to: 6.8 QUIP: 23 Task-number: QTBUG-136970 Change-Id: I43f8280a31ebc170382485e6f5f3e7c06aa7db1a Reviewed-by: Ulf Hermann <ulf.hermann@qt.io> (cherry picked from commit c9f9e70da7e7e11394a3daeb1bc80fa8d41c9f0d) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> (cherry picked from commit 1cf0b57f76ad29fd4e03d5ad8efd6b0118746f90)
author: Fabian Kosmale <fabian.kosmale@qt.io> 2025-05-19 10:36:38 +0200
committer: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> 2025-06-27 11:38:01 +0000
commit: 9b5e4b6da764fd06edf04ddc19b2f17d98243b34 (patch)
tree: 991a9262a461b8cfdad8fdd504d99c61a3c387f8 /src
parent: c77f616e51e0c2edd73c0ed025bc1835080fdf22 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/qml/jsruntime/qv4jsonobject.cpp b/src/qml/jsruntime/qv4jsonobject.cpp
index 685276ba23..4cec24ba4c 100644
--- a/src/qml/jsruntime/qv4jsonobject.cpp
+++ b/src/qml/jsruntime/qv4jsonobject.cpp
@@ -1,5 +1,6 @@
 // Copyright (C) 2016 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:dataparser
 #include <qv4jsonobject_p.h>
 #include <qv4objectproto_p.h>
 #include <qv4numberobject_p.h>
author	Fabian Kosmale <fabian.kosmale@qt.io>	2025-05-19 10:36:38 +0200
committer	Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>	2025-06-27 11:38:01 +0000
commit	9b5e4b6da764fd06edf04ddc19b2f17d98243b34 (patch)
tree	991a9262a461b8cfdad8fdd504d99c61a3c387f8 /src
parent	c77f616e51e0c2edd73c0ed025bc1835080fdf22 (diff)