diff --git a/python/ql/lib/change-notes/2022-04-20-export-python-under-DataFlow.md b/python/ql/lib/change-notes/2022-04-20-export-python-under-DataFlow.md new file mode 100644 index 00000000000..2729b834ccf --- /dev/null +++ b/python/ql/lib/change-notes/2022-04-20-export-python-under-DataFlow.md @@ -0,0 +1,4 @@ +--- + category: breaking +--- + * The imports made available from `import python` are no longer exposed under `DataFlow::` after doing `import semmle.python.dataflow.new.DataFlow`, for example using `DataFlow::Add` will now cause a compile error. diff --git a/python/ql/lib/semmle/python/SpecialMethods.qll b/python/ql/lib/semmle/python/SpecialMethods.qll index afa9367c269..eb960005f4d 100644 --- a/python/ql/lib/semmle/python/SpecialMethods.qll +++ b/python/ql/lib/semmle/python/SpecialMethods.qll @@ -8,7 +8,7 @@ * Extend `SpecialMethod::Potential` to capture more cases. */ -import python +private import python /** A control flow node which might correspond to a special method call. */ class PotentialSpecialMethodCallNode extends ControlFlowNode { diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll index e88726b158b..cdbd1eecb2c 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll @@ -1,9 +1,15 @@ /** * Provides Python-specific definitions for use in the data flow library. */ + +// we need to export `Unit` for the DataFlowImpl* files +private import python as Python + module Private { import DataFlowPrivate + // import DataFlowDispatch + class Unit = Python::Unit; } module Public { diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowUtil.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowUtil.qll index 4dbf2a5d4cd..4d0d52e9a4b 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowUtil.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowUtil.qll @@ -2,6 +2,7 @@ * Contains utility functions for writing data flow queries */ +private import python private import DataFlowPrivate import DataFlowPublic diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll b/python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll index 5bf6f22e945..08d8dff2a02 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll @@ -6,7 +6,7 @@ * local tracking within a function. */ -import python +private import python import DataFlowPublic private import DataFlowPrivate private import semmle.python.internal.CachedStages diff --git a/python/ql/test/experimental/dataflow/qll-private-imports/README.md b/python/ql/test/experimental/dataflow/qll-private-imports/README.md new file mode 100644 index 00000000000..f11beca34d9 --- /dev/null +++ b/python/ql/test/experimental/dataflow/qll-private-imports/README.md @@ -0,0 +1,3 @@ +Sometimes we accidentally re-export too much from `DataFlow` such that for example we can access `Add` from `DataFlow::Add` :disappointed: + +This test should always FAIL to compile! diff --git a/python/ql/test/experimental/dataflow/qll-private-imports/Test.expected b/python/ql/test/experimental/dataflow/qll-private-imports/Test.expected new file mode 100644 index 00000000000..c0963a9ef61 --- /dev/null +++ b/python/ql/test/experimental/dataflow/qll-private-imports/Test.expected @@ -0,0 +1 @@ +ERROR: Could not resolve type DataFlow::Add (Test.ql:7,6-19) diff --git a/python/ql/test/experimental/dataflow/qll-private-imports/Test.ql b/python/ql/test/experimental/dataflow/qll-private-imports/Test.ql new file mode 100644 index 00000000000..302504fcf96 --- /dev/null +++ b/python/ql/test/experimental/dataflow/qll-private-imports/Test.ql @@ -0,0 +1,8 @@ +import python +private import semmle.python.dataflow.new.DataFlow + +// Sometimes we accidentally re-export too much from `DataFlow` such that for example we can access `Add` from `DataFlow::Add` :( +// +// This test should always FAIL to compile! +from DataFlow::Add this_should_not_work +select this_should_not_work diff --git a/python/ql/test/experimental/dataflow/qll-private-imports/test.py b/python/ql/test/experimental/dataflow/qll-private-imports/test.py new file mode 100644 index 00000000000..c040fa67d34 --- /dev/null +++ b/python/ql/test/experimental/dataflow/qll-private-imports/test.py @@ -0,0 +1 @@ +1+1