Merge branch 'main' into python/port-tarslip

2026-04-30 11:15:13 +02:00 · 2022-06-28 22:17:28 +02:00
parent ac0c8d238f f97cc9e37c
commit 1105cd569b
202 changed files with 1233 additions and 518 deletions
--- a/python/ql/test/TestUtilities/VerifyApiGraphs.qll
+++ b/python/ql/test/TestUtilities/VerifyApiGraphs.qll
@@ -21,10 +21,10 @@ import semmle.python.ApiGraphs

 private DataFlow::Node getNode(API::Node nd, string kind) {
  kind = "def" and
-  result = nd.getARhs()
+  result = nd.asSink()
  or
  kind = "use" and
-  result = nd.getAUse()
+  result = nd.getAValueReachableFromSource()
 }

 private string getLocStr(Location loc) {
--- a/python/ql/test/experimental/dataflow/typetracking/moduleattr.ql
+++ b/python/ql/test/experimental/dataflow/typetracking/moduleattr.ql
@@ -5,7 +5,7 @@ import semmle.python.ApiGraphs

 private DataFlow::TypeTrackingNode module_tracker(TypeTracker t) {
  t.start() and
-  result = API::moduleImport("module").getAnImmediateUse()
+  result = API::moduleImport("module").asSource()
  or
  exists(TypeTracker t2 | result = module_tracker(t2).track(t2, t))
 }
--- a/python/ql/test/experimental/dataflow/typetracking/tracked.ql
+++ b/python/ql/test/experimental/dataflow/typetracking/tracked.ql
@@ -120,7 +120,7 @@ class TrackedSelfTest extends InlineExpectationsTest {
 /** Gets a reference to `foo` (fictive module). */
 private DataFlow::TypeTrackingNode foo(DataFlow::TypeTracker t) {
  t.start() and
-  result = API::moduleImport("foo").getAnImmediateUse()
+  result = API::moduleImport("foo").asSource()
  or
  exists(DataFlow::TypeTracker t2 | result = foo(t2).track(t2, t))
 }
@@ -131,7 +131,7 @@ DataFlow::Node foo() { foo(DataFlow::TypeTracker::end()).flowsTo(result) }
 /** Gets a reference to `foo.bar` (fictive module). */
 private DataFlow::TypeTrackingNode foo_bar(DataFlow::TypeTracker t) {
  t.start() and
-  result = API::moduleImport("foo").getMember("bar").getAnImmediateUse()
+  result = API::moduleImport("foo").getMember("bar").asSource()
  or
  t.startInAttr("bar") and
  result = foo()
@@ -145,7 +145,7 @@ DataFlow::Node foo_bar() { foo_bar(DataFlow::TypeTracker::end()).flowsTo(result)
 /** Gets a reference to `foo.bar.baz` (fictive attribute on `foo.bar` module). */
 private DataFlow::TypeTrackingNode foo_bar_baz(DataFlow::TypeTracker t) {
  t.start() and
-  result = API::moduleImport("foo").getMember("bar").getMember("baz").getAnImmediateUse()
+  result = API::moduleImport("foo").getMember("bar").getMember("baz").asSource()
  or
  t.startInAttr("baz") and
  result = foo_bar()
--- a/python/ql/test/experimental/meta/MaDTest.qll
+++ b/python/ql/test/experimental/meta/MaDTest.qll
@@ -19,7 +19,7 @@ class MadSinkTest extends InlineExpectationsTest {
  override predicate hasActualResult(Location location, string element, string tag, string value) {
    exists(location.getFile().getRelativePath()) and
    exists(DataFlow::Node sink, string kind |
-      sink = ModelOutput::getASinkNode(kind).getARhs() and
+      sink = ModelOutput::getASinkNode(kind).asSink() and
      location = sink.getLocation() and
      element = sink.toString() and
      value = prettyNodeForInlineTest(sink) and
@@ -38,7 +38,7 @@ class MadSourceTest extends InlineExpectationsTest {
  override predicate hasActualResult(Location location, string element, string tag, string value) {
    exists(location.getFile().getRelativePath()) and
    exists(DataFlow::Node source, string kind |
-      source = ModelOutput::getASourceNode(kind).getAnImmediateUse() and
+      source = ModelOutput::getASourceNode(kind).asSource() and
      location = source.getLocation() and
      element = source.toString() and
      value = prettyNodeForInlineTest(source) and
--- a/python/ql/test/library-tests/ApiGraphs/py2/use.ql
+++ b/python/ql/test/library-tests/ApiGraphs/py2/use.ql
@@ -9,7 +9,7 @@ class ApiUseTest extends InlineExpectationsTest {
  override string getARelevantTag() { result = "use" }

  private predicate relevant_node(API::Node a, DataFlow::Node n, Location l) {
-    n = a.getAUse() and l = n.getLocation()
+    n = a.getAValueReachableFromSource() and l = n.getLocation()
  }

  override predicate hasActualResult(Location location, string element, string tag, string value) {
--- a/python/ql/test/library-tests/frameworks/data/test.ql
+++ b/python/ql/test/library-tests/frameworks/data/test.ql
@@ -87,11 +87,11 @@ class BasicTaintTracking extends TaintTracking::Configuration {
  BasicTaintTracking() { this = "BasicTaintTracking" }

  override predicate isSource(DataFlow::Node source) {
-    source = ModelOutput::getASourceNode("test-source").getAnImmediateUse()
+    source = ModelOutput::getASourceNode("test-source").asSource()
  }

  override predicate isSink(DataFlow::Node sink) {
-    sink = ModelOutput::getASinkNode("test-sink").getARhs()
+    sink = ModelOutput::getASinkNode("test-sink").asSink()
  }
 }

@@ -100,11 +100,11 @@ query predicate taintFlow(DataFlow::Node source, DataFlow::Node sink) {
 }

 query predicate isSink(DataFlow::Node node, string kind) {
-  node = ModelOutput::getASinkNode(kind).getARhs()
+  node = ModelOutput::getASinkNode(kind).asSink()
 }

 query predicate isSource(DataFlow::Node node, string kind) {
-  node = ModelOutput::getASourceNode(kind).getAnImmediateUse()
+  node = ModelOutput::getASourceNode(kind).asSource()
 }

 class SyntaxErrorTest extends ModelInput::SinkModelCsv {