Exclude queries without precision

2026-04-26 17:25:19 +02:00 · 2022-03-15 10:22:10 +01:00
parent 18165cbb46
commit 82b2fd2d23
3 changed files with 17 additions and 0 deletions
--- a/ql/ql/src/queries/style/MissingSecuritySeverity.ql
+++ b/ql/ql/src/queries/style/MissingSecuritySeverity.ql
@@ -15,6 +15,9 @@ predicate missingSecuritySeverity(QLDoc doc) {
    exists(string securityTag | securityTag = s.splitAt("@") |
      securityTag.matches("tags%security%")
    ) and
+    exists(string precisionTag | precisionTag = s.splitAt("@") |
+      precisionTag.matches("precision %")
+    ) and
    not exists(string securitySeverity | securitySeverity = s.splitAt("@") |
      securitySeverity.matches("security-severity %")
    )
--- a/ql/ql/test/queries/style/MissingSecuritySeverity/testcases/NoPrecision.expected
+++ b/ql/ql/test/queries/style/MissingSecuritySeverity/testcases/NoPrecision.expected
--- a/ql/ql/test/queries/style/MissingSecuritySeverity/testcases/NoPrecision.ql
+++ b/ql/ql/test/queries/style/MissingSecuritySeverity/testcases/NoPrecision.ql
@@ -0,0 +1,14 @@
+/**
+ * @name Some query
+ * @description Some description
+ * @kind problem
+ * @problem.severity warning
+ * @id ql/some-query
+ * @tags quality
+ *       security
+ */
+
+import ql
+
+from Class c
+select c