hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-21 22:57:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

Simplify the definition of ExtractPositiveExamples.ql

Browse Source
This commit is contained in:
tiferet
2023-01-12 16:40:14 -08:00
parent ecf4d4dc02
commit 844171a28e
1 changed files with 3 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
java/ql/experimental/adaptivethreatmodeling/src/ExtractPositiveExamples.ql
View File

@@ -21,14 +21,10 @@ private import experimental.adaptivethreatmodeling.RequestForgeryATM as RequestF
* the ML-gnerarated, noisy sinks will end up poluting the positive examples used in the prompt!
*/
from
DataFlow::Node sink, AtmConfig::AtmConfig config,
EndpointCharacteristics::EndpointCharacteristic characteristic, float confidence
from DataFlow::Node sink, AtmConfig::AtmConfig config
where
characteristic.appliesToEndpoint(sink) and
confidence >= characteristic.maximalConfidence() and
characteristic.hasImplications(config.getASinkEndpointType(), true, confidence) and
config.isKnownSink(sink) and
// If there are _any_ erroneous endpoints, return nothing. This will prevent us from accidentally running this query
// when there's a codex-generated data extension file in `java/ql/lib/ext`.
not EndpointCharacteristics::erroneousEndpoints(_, _, _, _, _)
select sink, characteristic.toString()
select sink, config.getASinkEndpointType().getDescription()