Merge pull request #19891 from michaelnebel/michaelnebel/freezemoresuites

Go/Ruby/Python: Freeze quality queries in `security-and-quality`.

csharp/ql/src/codeql-suites/csharp-security-and-quality.qls

@@ -1,24 +1,7 @@
 - description: Security-and-quality queries for C#
 - queries: .
-- include:
+- apply: security-and-frozen-quality-selectors.yml
-    kind:
+  from: codeql/suite-helpers
-    - problem
-    - path-problem
-    precision:
-    - high
-    - very-high
-    tags contain:
-    - security
-- include:
-    kind:
-    - problem
-    - path-problem
-    precision: medium
-    problem.severity:
-    - error
-    - warning
-    tags contain:
-    - security
 - include:
     id:
       - cs/asp/response-write
@@ -123,21 +106,3 @@
       - cs/wrong-compareto-signature
       - cs/wrong-equals-signature
       - cs/xmldoc/missing-summary
-- include:
-    kind:
-    - diagnostic
-- include:
-    kind:
-    - metric
-    tags contain:
-    - summary
-- exclude:
-    deprecated: //
-- exclude:
-    query path:
-      - /^experimental\/.*/
-      - Metrics/Summaries/FrameworkCoverage.ql
-- exclude:
-    tags contain:
-      - modeleditor
-      - modelgenerator

go/ql/src/codeql-suites/go-security-and-quality.qls

@@ -1,4 +1,28 @@
 - description: Security-and-quality queries for Go
 - queries: .
-- apply: security-and-quality-selectors.yml
+- apply: security-and-frozen-quality-selectors.yml
   from: codeql/suite-helpers
+- include:
+    id:
+      - go/comparison-of-identical-expressions
+      - go/constant-length-comparison
+      - go/duplicate-branches
+      - go/duplicate-condition
+      - go/duplicate-switch-case
+      - go/impossible-interface-nil-check
+      - go/inconsistent-loop-direction
+      - go/index-out-of-bounds
+      - go/missing-error-check
+      - go/mistyped-exponentiation
+      - go/negative-length-check
+      - go/redundant-assignment
+      - go/redundant-operation
+      - go/redundant-recover
+      - go/shift-out-of-range
+      - go/unexpected-nil-value
+      - go/unhandled-writable-file-close
+      - go/unreachable-statement
+      - go/useless-assignment-to-field
+      - go/useless-assignment-to-local
+      - go/useless-expression
+      - go/whitespace-contradicts-precedence

java/ql/src/codeql-suites/java-security-and-quality.qls

@@ -1,24 +1,7 @@
 - description: Security-and-quality queries for Java
 - queries: .
-- include:
+- apply: security-and-frozen-quality-selectors.yml
-    kind:
+  from: codeql/suite-helpers
-    - problem
-    - path-problem
-    precision:
-    - high
-    - very-high
-    tags contain:
-    - security
-- include:
-    kind:
-    - problem
-    - path-problem
-    precision: medium
-    problem.severity:
-    - error
-    - warning
-    tags contain:
-    - security
 - include:
     id:
       - java/abs-of-random
@@ -143,22 +126,3 @@
       - java/wrong-object-serialization-signature
       - java/wrong-readresolve-signature
       - java/wrong-swing-event-adapter-signature
-- include:
-    kind:
-    - diagnostic
-- include:
-    kind:
-    - metric
-    tags contain:
-    - summary
-- exclude:
-    deprecated: //
-- exclude:
-    query path:
-      - /^experimental\/.*/
-      - Metrics/Summaries/FrameworkCoverage.ql
-      - /Diagnostics/Internal/.*/
-- exclude:
-    tags contain:
-      - modeleditor
-      - modelgenerator

javascript/ql/src/codeql-suites/javascript-security-and-quality.qls

@@ -1,24 +1,7 @@
 - description: Security-and-quality queries for JavaScript
 - queries: .
-- include:
+- apply: security-and-frozen-quality-selectors.yml
-    kind:
+  from: codeql/suite-helpers
-    - problem
-    - path-problem
-    precision:
-    - high
-    - very-high
-    tags contain:
-    - security
-- include:
-    kind:
-    - problem
-    - path-problem
-    precision: medium
-    problem.severity:
-    - error
-    - warning
-    tags contain:
-    - security
 - include:
     id:
       - js/node/assignment-to-exports-variable
@@ -123,16 +106,3 @@
       - js/diagnostics/successfully-extracted-files
       - js/summary/lines-of-code
       - js/summary/lines-of-user-code
-- include:
-    kind:
-    - diagnostic
-- include:
-    kind:
-    - metric
-    tags contain:
-    - summary
-- exclude:
-    deprecated: //
-- exclude:
-    query path:
-      - /^experimental\/.*/

misc/suite-helpers/security-and-frozen-quality-selectors.yml

@@ -0,0 +1,5 @@
+- description: Selectors for selecting the non-quality queries for the security-and-quality queries for a language
+- apply: security-extended-selectors.yml
+- exclude:
+    tags contain:
+      - 'model-generator'

python/ql/src/codeql-suites/python-security-and-quality.qls

@@ -1,4 +1,128 @@
 - description: Security-and-quality queries for Python
 - queries: .
-- apply: security-and-quality-selectors.yml
+- apply: security-and-frozen-quality-selectors.yml
   from: codeql/suite-helpers
+- include:
+    id:
+      - py/asserts-tuple
+      - py/attribute-shadows-method
+      - py/call-to-non-callable
+      - py/call/wrong-arguments
+      - py/call/wrong-named-argument
+      - py/call/wrong-named-class-argument
+      - py/call/wrong-number-class-arguments
+      - py/catch-base-exception
+      - py/commented-out-code
+      - py/comparison-missing-self
+      - py/comparison-of-constants
+      - py/comparison-of-identical-expressions
+      - py/comparison-using-is
+      - py/conflicting-attributes
+      - py/constant-conditional-expression
+      - py/cyclic-import
+      - py/deprecated-slice-method
+      - py/duplicate-key-dict-literal
+      - py/empty-except
+      - py/encoding-error
+      - py/equals-hash-mismatch
+      - py/exit-from-finally
+      - py/explicit-call-to-delete
+      - py/explicit-return-in-init
+      - py/file-not-closed
+      - py/hash-unhashable-value
+      - py/illegal-raise
+      - py/implicit-string-concatenation-in-list
+      - py/import-and-import-from
+      - py/import-deprecated-module
+      - py/import-of-mutable-attribute
+      - py/import-own-module
+      - py/imprecise-assert
+      - py/incomplete-ordering
+      - py/inconsistent-equality
+      - py/inconsistent-mro
+      - py/ineffectual-statement
+      - py/inheritance/incorrect-overridden-signature
+      - py/inheritance/incorrect-overriding-signature
+      - py/inheritance/signature-mismatch
+      - py/init-calls-subclass
+      - py/init-method-is-generator
+      - py/iter-returns-non-iterator
+      - py/iter-returns-non-self
+      - py/iteration-string-and-sequence
+      - py/leaking-list-comprehension
+      - py/loop-variable-capture
+      - py/member-test-non-container
+      - py/mismatched-multiple-assignment
+      - py/missing-call-to-delete
+      - py/missing-call-to-init
+      - py/missing-equals
+      - py/mixed-returns
+      - py/mixed-tuple-returns
+      - py/modification-of-default-value
+      - py/modification-of-locals
+      - py/multiple-calls-to-delete
+      - py/multiple-calls-to-init
+      - py/multiple-definition
+      - py/mutable-descriptor
+      - py/nested-loops-with-same-variable
+      - py/nested-loops-with-same-variable-reused
+      - py/non-iterable-in-for-loop
+      - py/not-named-cls
+      - py/not-named-self
+      - py/old-style-octal-literal
+      - py/overly-complex-delete
+      - py/overwritten-inherited-attribute
+      - py/percent-format/not-mapping
+      - py/percent-format/unsupported-character
+      - py/percent-format/wrong-arguments
+      - py/polluting-import
+      - py/print-during-import
+      - py/procedure-return-value-used
+      - py/property-in-old-style-class
+      - py/pythagorean
+      - py/raise-not-implemented
+      - py/raises-tuple
+      - py/redundant-assignment
+      - py/redundant-comparison
+      - py/redundant-else
+      - py/redundant-global-declaration
+      - py/regex/backspace-escape
+      - py/regex/duplicate-in-character-class
+      - py/regex/incomplete-special-group
+      - py/regex/unmatchable-caret
+      - py/regex/unmatchable-dollar
+      - py/repeated-import
+      - py/return-or-yield-outside-function
+      - py/should-use-with
+      - py/side-effect-in-assert
+      - py/slots-in-old-style-class
+      - py/special-method-wrong-signature
+      - py/str-format/missing-argument
+      - py/str-format/missing-named-argument
+      - py/str-format/mixed-fields
+      - py/str-format/surplus-argument
+      - py/str-format/surplus-named-argument
+      - py/super-in-old-style
+      - py/super-not-enclosing-class
+      - py/syntax-error
+      - py/test-equals-none
+      - py/truncated-division
+      - py/undefined-export
+      - py/undefined-placeholder-variable
+      - py/unexpected-raise-in-special-method
+      - py/unguarded-next-in-generator
+      - py/uninitialized-local-variable
+      - py/unnecessary-delete
+      - py/unnecessary-lambda
+      - py/unnecessary-pass
+      - py/unreachable-except
+      - py/unreachable-statement
+      - py/unsafe-cyclic-import
+      - py/unused-exception-object
+      - py/unused-global-variable
+      - py/unused-import
+      - py/unused-local-variable
+      - py/unused-loop-variable
+      - py/use-of-apply
+      - py/use-of-exit-or-quit
+      - py/useless-except

ruby/ql/src/codeql-suites/ruby-security-and-quality.qls

@@ -1,4 +1,9 @@
 - description: Security-and-quality queries for Ruby
 - queries: .
-- apply: security-and-quality-selectors.yml
+- apply: security-and-frozen-quality-selectors.yml
   from: codeql/suite-helpers
+- include:
+    id:
+      - rb/database-query-in-loop
+      - rb/uninitialized-local-variable
+      - rb/useless-assignment-to-local