remove DB source

packages/dd-trace/src/appsec/iast/analyzers/untrusted-deserialization-analyzer.js

@@ -11,10 +11,6 @@ class UntrustedDeserializationAnalyzer extends InjectionAnalyzer {
   onConfigure () {
     this.addSub('datadog:node-serialize:unserialize:start', ({ obj }) => this.analyze(obj))
   }
-
-  _areRangesVulnerable () {
-    return true
-  }
 }
 
 module.exports = new UntrustedDeserializationAnalyzer()

packages/dd-trace/test/appsec/iast/analyzers/untrusted-deserialization-analyzer.node-serialize.plugin.spec.js

@@ -4,7 +4,6 @@ const { prepareTestServerForIast } = require('../utils')
 const { storage } = require('../../../../../datadog-core')
 const iastContextFunctions = require('../../../../src/appsec/iast/iast-context')
 const { newTaintedString } = require('../../../../src/appsec/iast/taint-tracking/operations')
-const { SQL_ROW_VALUE } = require('../../../../src/appsec/iast/taint-tracking/source-types')
 
 describe('untrusted-deserialization-analyzer with node-serialize', () => {
   withVersions('node-serialize', 'node-serialize', version => {
@@ -28,14 +27,6 @@ describe('untrusted-deserialization-analyzer with node-serialize', () => {
             lib.unserialize(str)
           }, 'UNTRUSTED_DESERIALIZATION')
 
-          testThatRequestHasVulnerability(() => {
-            const store = storage.getStore()
-            const iastContext = iastContextFunctions.getIastContext(store)
-            const str = newTaintedString(iastContext, obj, 'query', SQL_ROW_VALUE)
-            lib.unserialize(str)
-          }, 'UNTRUSTED_DESERIALIZATION', undefined, undefined, undefined,
-          'Should detect UNTRUSTED_DESERIALIZATION vulnerability with DB source')
-
           testThatRequestHasNoVulnerability(() => {
             lib.unserialize(obj)
           }, 'UNTRUSTED_DESERIALIZATION')