hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 16:25:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Deprecate ConsistencyChecking to avoid deprecation warnings

Browse Source
This commit is contained in:
Asger F
2024-11-28 13:43:07 +01:00
parent 04a3a6707f
commit 0ce1fe767d
24 changed files with 44 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
javascript/ql/test/library-tests/FlowSummary/test.ql
View File

@@ -1,5 +1,5 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import testUtilities.InlineSummaries
DataFlow::CallNode getACall(string name) {
@@ -29,7 +29,7 @@ class BasicBarrierGuard extends DataFlow::CallNode {
}
}
class ConsistencyConfig extends ConsistencyConfiguration {
deprecated class ConsistencyConfig extends ConsistencyConfiguration {
ConsistencyConfig() { this = "ConsistencyConfig" }
override DataFlow::Node getAnAlert() { Configuration::flow(_, result) }

2
javascript/ql/test/library-tests/Generators/DataFlow.ql
View File

@@ -1,5 +1,5 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
module TestConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source.asExpr().getStringValue() = "source" }

2
javascript/ql/test/library-tests/Routing/test.ql
View File

@@ -1,5 +1,5 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
API::Node testInstance() { result = API::moduleImport("@example/test").getInstance() }

2
javascript/ql/test/library-tests/Security/heuristics/HeuristicSource.ql
View File

@@ -1,6 +1,6 @@
import javascript
private import semmle.javascript.heuristics.AdditionalSources
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
module TestConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node node) { node instanceof HeuristicSource }

2
javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.ql
View File

@@ -1,6 +1,6 @@
import javascript
import semmle.javascript.dataflow.InferredTypes
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
DataFlow::CallNode getACall(string name) {
result.getCalleeName() = name

2
javascript/ql/test/library-tests/frameworks/Nest/Consistency.ql
View File

@@ -1,3 +1,3 @@
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.ReflectedXssQuery as ReflectedXss
import semmle.javascript.security.dataflow.ServerSideUrlRedirectQuery as ServerSideUrlRedirect

2
javascript/ql/test/library-tests/frameworks/Vuex/test.ql
View File

@@ -1,5 +1,5 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
module TestConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node node) { node.(DataFlow::CallNode).getCalleeName() = "source" }

2
javascript/ql/test/library-tests/frameworks/data/test.ql
View File

@@ -1,5 +1,5 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import semmle.javascript.frameworks.data.internal.ApiGraphModels as ApiGraphModels
class TypeModelFromCodeQL extends ModelInput::TypeModel {

2
javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/Consistency.ql
View File

@@ -1,6 +1,6 @@
import javascript
import semmle.javascript.security.dataflow.TaintedPathQuery
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
class TaintedPathConsistency extends ConsistencyConfiguration {
TaintedPathConsistency() { this = "TaintedPathConsistency" }

2
javascript/ql/test/query-tests/Security/CWE-073/Consistency.ql
View File

@@ -1,3 +1,3 @@
import javascript
import semmle.javascript.security.dataflow.TemplateObjectInjectionQuery
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking

2
javascript/ql/test/query-tests/Security/CWE-078/Consistency.ql
View File

@@ -1,5 +1,5 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.CommandInjectionQuery as CommandInjection
import semmle.javascript.security.dataflow.IndirectCommandInjectionQuery as IndirectCommandInjection
import semmle.javascript.security.dataflow.ShellCommandInjectionFromEnvironmentQuery as ShellCommandInjectionFromEnvironment

2
javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/ConsistencyDomBasedXss.ql
View File

@@ -1,5 +1,5 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.DomBasedXssQuery
class ConsistencyConfig extends ConsistencyConfiguration {

2
javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/ConsistencyExceptionXss.ql
View File

@@ -1,3 +1,3 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.ExceptionXssQuery as ExceptionXss

2
javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/ConsistencyReflectedXss.ql
View File

@@ -1,3 +1,3 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.ReflectedXssQuery as ReflectedXss

2
javascript/ql/test/query-tests/Security/CWE-079/StoredXss/ConsistencyStoredXss.ql
View File

@@ -1,3 +1,3 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.StoredXssQuery as StoredXss

2
javascript/ql/test/query-tests/Security/CWE-079/UnsafeHtmlConstruction/ConsistencyUnsafeHtmlConstruction.ql
View File

@@ -1,3 +1,3 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.UnsafeHtmlConstructionQuery as UnsafeHtmlConstruction

2
javascript/ql/test/query-tests/Security/CWE-079/UnsafeJQueryPlugin/ConsistencyUnsafeJQueryPlugin.ql
View File

@@ -1,3 +1,3 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.UnsafeJQueryPluginQuery as UnsafeJqueryPlugin

2
javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/ConsistencyXssThroughDom.ql
View File

@@ -1,5 +1,5 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.XssThroughDomQuery
class ConsistencyConfig extends ConsistencyConfiguration {

2
javascript/ql/test/query-tests/Security/CWE-089/untyped/Consistency.ql
View File

@@ -1,4 +1,4 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.SqlInjectionQuery as SqlInjection
import semmle.javascript.security.dataflow.NosqlInjectionQuery as NosqlInjection

2
javascript/ql/test/query-tests/Security/CWE-502/Consistency.ql
View File

@@ -1,3 +1,3 @@
import javascript
import semmle.javascript.security.dataflow.UnsafeDeserializationQuery
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking

2
javascript/ql/test/query-tests/Security/CWE-770/ResourceExhaustion/Consistency.ql
View File

@@ -1,3 +1,3 @@
import javascript
import semmle.javascript.security.dataflow.ResourceExhaustionQuery
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking

2
javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingAssignment/Consistency.ql
View File

@@ -1,5 +1,5 @@
import javascript
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.PrototypePollutingAssignmentQuery
class Config extends ConsistencyConfiguration {

2
javascript/ql/test/query-tests/Security/CWE-918/Consistency.ql
View File

@@ -1,7 +1,7 @@
import javascript
import semmle.javascript.security.dataflow.RequestForgeryQuery as RequestForgery
import semmle.javascript.security.dataflow.ClientSideRequestForgeryQuery as ClientSideRequestForgery
import testUtilities.ConsistencyChecking
deprecated import testUtilities.ConsistencyChecking
query predicate resultInWrongFile(DataFlow::Node node) {
exists(string filePattern |

30
javascript/ql/test/testUtilities/ConsistencyChecking.qll
View File

@@ -1,3 +1,9 @@
/**
* DEPRECATED, but can be imported with a `deprecated import`.
*
* Will be replaced with standardized inline test expectations in the future.
*/
import javascript
/**
@@ -7,7 +13,7 @@ import javascript
*
* If no configuration is specified, then the default is that the all sinks from a `DataFlow::Configuration` are alerts, and all files are consistency-checked.
*/
abstract class ConsistencyConfiguration extends string {
abstract deprecated class ConsistencyConfiguration extends string {
bindingset[this]
ConsistencyConfiguration() { any() }
@@ -30,7 +36,7 @@ abstract class ConsistencyConfiguration extends string {
*
* Is used internally to match a configuration or lack thereof.
*/
final private class Conf extends string {
deprecated final private class Conf extends string {
Conf() {
this instanceof ConsistencyConfiguration
or
@@ -65,12 +71,14 @@ private class AssertionComment extends LineComment {
predicate expectConsistencyError() { this.getText().matches("%[INCONSISTENCY]%") }
}
private DataFlow::Node getASink() { exists(DataFlow::Configuration cfg | cfg.hasFlow(_, result)) }
deprecated private DataFlow::Node getASink() {
exists(DataFlow::Configuration cfg | cfg.hasFlow(_, result))
}
/**
* Gets all the alerts for consistency consistency checking from a configuration `conf`.
*/
private DataFlow::Node alerts(Conf conf) {
deprecated private DataFlow::Node alerts(Conf conf) {
result = conf.(ConsistencyConfiguration).getAnAlert()
or
not exists(ConsistencyConfiguration r) and
@@ -83,7 +91,7 @@ private DataFlow::Node alerts(Conf conf) {
* The `line` can be either the first or the last line of the alert.
* And if no expression exists at `line`, then an alert on the next line is used.
*/
private DataFlow::Node getAlert(File file, int line, Conf conf) {
deprecated private DataFlow::Node getAlert(File file, int line, Conf conf) {
result = alerts(conf) and
result.getFile() = file and
(result.hasLocationInfo(_, _, _, line, _) or result.hasLocationInfo(_, line, _, _, _))
@@ -108,7 +116,7 @@ private AssertionComment getComment(File file, int line) {
/**
* Holds if there is a false positive in `file` at `line` for configuration `conf`.
*/
private predicate falsePositive(File file, int line, AssertionComment comment, Conf conf) {
deprecated private predicate falsePositive(File file, int line, AssertionComment comment, Conf conf) {
exists(getAlert(file, line, conf)) and
comment = getComment(file, line) and
not comment.shouldHaveAlert()
@@ -117,7 +125,7 @@ private predicate falsePositive(File file, int line, AssertionComment comment, C
/**
* Holds if there is a false negative in `file` at `line` for configuration `conf`.
*/
private predicate falseNegative(File file, int line, AssertionComment comment, Conf conf) {
deprecated private predicate falseNegative(File file, int line, AssertionComment comment, Conf conf) {
not exists(getAlert(file, line, conf)) and
comment = getComment(file, line) and
comment.shouldHaveAlert()
@@ -126,7 +134,7 @@ private predicate falseNegative(File file, int line, AssertionComment comment, C
/**
* Gets a file that should be included for consistency checking for configuration `conf`.
*/
private File getATestFile(string conf) {
deprecated private File getATestFile(string conf) {
not exists(any(ConsistencyConfiguration res).getAFile()) and
result = any(LineComment comment).getFile() and
(conf = "" or conf instanceof ConsistencyConfiguration)
@@ -139,7 +147,7 @@ private File getATestFile(string conf) {
* Or the empty string
*/
bindingset[file, line]
private string getSinkDescription(File file, int line, Conf conf) {
deprecated private string getSinkDescription(File file, int line, Conf conf) {
not exists(DataFlow::Configuration c | c.hasFlow(_, getAlert(file, line, conf))) and
result = ""
or
@@ -153,7 +161,9 @@ private string getSinkDescription(File file, int line, Conf conf) {
* The consistency issue an unexpected false positive/negative.
* Or that false positive/negative was expected, and none were found.
*/
query predicate consistencyIssue(string location, string msg, string commentText, Conf conf) {
deprecated query predicate consistencyIssue(
string location, string msg, string commentText, Conf conf
) {
exists(File file, int line |
file = getATestFile(conf) and location = file.getRelativePath() + ":" + line
|