From 38596dddc0ecd527f4d8b70baa23f9457043aca1 Mon Sep 17 00:00:00 2001
From: Sauyon Lee <sauyon@github.com>
Date: Fri, 6 Mar 2020 03:35:11 -0800
Subject: [PATCH] Address review comments.

Co-authored-by: Max Schaefer <max-schaefer@github.com>
---
 ql/src/semmle/go/dependencies/Dependencies.qll | 18 ++++++++++++++----
 ql/src/semmle/go/dependencies/SemVer.qll       |  4 ++++
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/ql/src/semmle/go/dependencies/Dependencies.qll b/ql/src/semmle/go/dependencies/Dependencies.qll
index 5c41588b4f3..c38d4437380 100644
--- a/ql/src/semmle/go/dependencies/Dependencies.qll
+++ b/ql/src/semmle/go/dependencies/Dependencies.qll
@@ -22,14 +22,18 @@ abstract class Dependency extends Locatable {
   /** Gets the version of this dependency. */
   string getDepVersion() { this.info(_, result) }
 
+  /**
+   * This dependency is relevant for imports in file `file`. That is, an import of this
+   * dependency's path that is in `file` will use this dependency.
+   */
+  abstract predicate relevantForFile(File file);
+
   /**
    * An import of this dependency.
    */
   ImportSpec getAnImport() {
     result.getPath() = this.getDepPath() and
-    exists(Folder parent | parent.getAFile() = this.getFile() |
-      parent.getAFolder*().getAFile() = result.getFile()
-    )
+    this.relevantForFile(result.getFile())
   }
 }
 
@@ -44,8 +48,14 @@ class GoModDependency extends Dependency, GoModRequireLine {
     this.originalInfo(path, v)
   }
 
+  override predicate relevantForFile(File file) {
+    exists(Folder parent | parent.getAFile() = this.getFile() |
+      parent.getAFolder*().getAFile() = file
+    )
+  }
+
   /**
-   * Holds if there is a replace line that replaces this dependency with a dependency to `path`,
+   * Holds if there is a replace line that replaces this dependency with a dependency on `path`,
    * version `v`.
    */
   predicate replacementInfo(string path, string v) {
diff --git a/ql/src/semmle/go/dependencies/SemVer.qll b/ql/src/semmle/go/dependencies/SemVer.qll
index 7dfb97e0a5c..fd079291dc3 100644
--- a/ql/src/semmle/go/dependencies/SemVer.qll
+++ b/ql/src/semmle/go/dependencies/SemVer.qll
@@ -1,3 +1,7 @@
+/**
+ * Provides classes for dealing with semantic versions, for strings that dependency's versions.
+ */
+
 import semmle.go.dependencies.Dependencies
 
 /**