Java: Consider ai-generated flow summaries to as generated summaries in dataflow.

2026-04-28 18:25:24 +02:00 · 2023-02-20 12:11:48 +01:00
parent 54c0404110
commit 813ffa440c
11 changed files with 41 additions and 29 deletions
--- a/java/ql/src/Metrics/Summaries/GeneratedVsManualCoverage.ql
+++ b/java/ql/src/Metrics/Summaries/GeneratedVsManualCoverage.ql
@@ -28,7 +28,7 @@ private int getNumMadModeledApis(string package, string provenance) {
        or
        sc.isManual() and
        (
-          if sc.hasProvenance("generated")
+          if sc.hasProvenance(["generated", "ai-generated"])
          then
            // "both"
            provenance = "both"
--- a/java/ql/src/utils/modelconverter/ExtractNeutrals.ql
+++ b/java/ql/src/utils/modelconverter/ExtractNeutrals.ql
@@ -10,5 +10,5 @@ import semmle.code.java.dataflow.ExternalFlow
 from string package, string type, string name, string signature, string provenance
 where
  neutralModel(package, type, name, signature, provenance) and
-  provenance != "generated"
+  provenance != ["generated", "ai-generated"]
 select package, type, name, signature, provenance order by package, type, name, signature
--- a/java/ql/src/utils/modelconverter/ExtractSinks.ql
+++ b/java/ql/src/utils/modelconverter/ExtractSinks.ql
@@ -12,6 +12,6 @@ from
  string input, string kind, string provenance
 where
  sinkModel(package, type, subtypes, name, signature, ext, input, kind, provenance) and
-  provenance != "generated"
+  provenance != ["generated", "ai-generated"]
 select package, type, subtypes, name, signature, ext, input, kind, provenance order by
    package, type, name, signature, input, kind
--- a/java/ql/src/utils/modelconverter/ExtractSources.ql
+++ b/java/ql/src/utils/modelconverter/ExtractSources.ql
@@ -12,6 +12,6 @@ from
  string output, string kind, string provenance
 where
  sourceModel(package, type, subtypes, name, signature, ext, output, kind, provenance) and
-  provenance != "generated"
+  provenance != ["generated", "ai-generated"]
 select package, type, subtypes, name, signature, ext, output, kind, provenance order by
    package, type, name, signature, output, kind
--- a/java/ql/src/utils/modelconverter/ExtractSummaries.ql
+++ b/java/ql/src/utils/modelconverter/ExtractSummaries.ql
@@ -12,6 +12,6 @@ from
  string input, string output, string kind, string provenance
 where
  summaryModel(package, type, subtypes, name, signature, ext, input, output, kind, provenance) and
-  provenance != "generated"
+  provenance != ["generated", "ai-generated"]
 select package, type, subtypes, name, signature, ext, input, output, kind, provenance order by
    package, type, name, signature, input, output, kind