Add query suite inclusion tests for actions, csharp, go, javascript, ruby, rust

2026-04-27 09:45:15 +02:00 · 2025-04-24 09:06:18 +02:00
parent 522dd51416
commit a4a24470c8
36 changed files with 1610 additions and 0 deletions
--- a/ruby/ql/integration-tests/query-suite/not_included_in_qls.expected
+++ b/ruby/ql/integration-tests/query-suite/not_included_in_qls.expected
@@ -0,0 +1,36 @@
+ql/ruby/ql/src/AlertSuppression.ql
+ql/ruby/ql/src/experimental/CWE-522-DecompressionBombs/DecompressionBombs.ql
+ql/ruby/ql/src/experimental/cwe-022-zipslip/ZipSlip.ql
+ql/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql
+ql/ruby/ql/src/experimental/cwe-208/UnsafeHmacComparison.ql
+ql/ruby/ql/src/experimental/cwe-347/EmptyJWTSecret.ql
+ql/ruby/ql/src/experimental/cwe-347/MissingJWTVerification.ql
+ql/ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.ql
+ql/ruby/ql/src/experimental/cwe-807/ConditionalBypass.ql
+ql/ruby/ql/src/experimental/decompression-api/DecompressionApi.ql
+ql/ruby/ql/src/experimental/improper-memoization/ImproperMemoization.ql
+ql/ruby/ql/src/experimental/insecure-randomness/InsecureRandomness.ql
+ql/ruby/ql/src/experimental/ldap-improper-auth/ImproperLdapAuth.ql
+ql/ruby/ql/src/experimental/ldap-injection/LdapInjection.ql
+ql/ruby/ql/src/experimental/manually-check-http-verb/ManuallyCheckHttpVerb.ql
+ql/ruby/ql/src/experimental/performance/UseDetect.ql
+ql/ruby/ql/src/experimental/template-injection/TemplateInjection.ql
+ql/ruby/ql/src/experimental/weak-params/WeakParams.ql
+ql/ruby/ql/src/experimental/xpath-injection/XpathInjection.ql
+ql/ruby/ql/src/filters/ClassifyFiles.ql
+ql/ruby/ql/src/queries/analysis/Definitions.ql
+ql/ruby/ql/src/queries/diagnostics/PerformanceDiagnostics.ql
+ql/ruby/ql/src/queries/meta/CallGraph.ql
+ql/ruby/ql/src/queries/meta/SummarizedCallableCallSites.ql
+ql/ruby/ql/src/queries/meta/TaintSinks.ql
+ql/ruby/ql/src/queries/meta/TaintSources.ql
+ql/ruby/ql/src/queries/meta/TaintedNodes.ql
+ql/ruby/ql/src/queries/metrics/FLines.ql
+ql/ruby/ql/src/queries/metrics/FLinesOfCode.ql
+ql/ruby/ql/src/queries/metrics/FLinesOfComments.ql
+ql/ruby/ql/src/queries/modeling/GenerateModel.ql
+ql/ruby/ql/src/queries/security/cwe-732/WeakFilePermissions.ql
+ql/ruby/ql/src/queries/variables/UnusedParameter.ql
+ql/ruby/ql/src/utils/modeleditor/ApplicationModeEndpoints.ql
+ql/ruby/ql/src/utils/modeleditor/FrameworkModeAccessPaths.ql
+ql/ruby/ql/src/utils/modeleditor/FrameworkModeEndpoints.ql
--- a/ruby/ql/integration-tests/query-suite/ruby-code-quality.qls.expected
+++ b/ruby/ql/integration-tests/query-suite/ruby-code-quality.qls.expected
@@ -0,0 +1,3 @@
+ql/ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql
+ql/ruby/ql/src/queries/variables/DeadStoreOfLocal.ql
+ql/ruby/ql/src/queries/variables/UninitializedLocal.ql
--- a/ruby/ql/integration-tests/query-suite/ruby-code-scanning.qls.expected
+++ b/ruby/ql/integration-tests/query-suite/ruby-code-scanning.qls.expected
@@ -0,0 +1,44 @@
+ql/ruby/ql/src/queries/diagnostics/ExtractedFiles.ql
+ql/ruby/ql/src/queries/diagnostics/ExtractionErrors.ql
+ql/ruby/ql/src/queries/diagnostics/ExtractionWarnings.ql
+ql/ruby/ql/src/queries/security/cwe-020/IncompleteHostnameRegExp.ql
+ql/ruby/ql/src/queries/security/cwe-020/IncompleteUrlSubstringSanitization.ql
+ql/ruby/ql/src/queries/security/cwe-020/MissingFullAnchor.ql
+ql/ruby/ql/src/queries/security/cwe-020/OverlyLargeRange.ql
+ql/ruby/ql/src/queries/security/cwe-022/PathInjection.ql
+ql/ruby/ql/src/queries/security/cwe-078/CommandInjection.ql
+ql/ruby/ql/src/queries/security/cwe-078/KernelOpen.ql
+ql/ruby/ql/src/queries/security/cwe-078/NonConstantKernelOpen.ql
+ql/ruby/ql/src/queries/security/cwe-078/UnsafeShellCommandConstruction.ql
+ql/ruby/ql/src/queries/security/cwe-079/ReflectedXSS.ql
+ql/ruby/ql/src/queries/security/cwe-079/StoredXSS.ql
+ql/ruby/ql/src/queries/security/cwe-079/UnsafeHtmlConstruction.ql
+ql/ruby/ql/src/queries/security/cwe-089/SqlInjection.ql
+ql/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql
+ql/ruby/ql/src/queries/security/cwe-116/BadTagFilter.ql
+ql/ruby/ql/src/queries/security/cwe-116/IncompleteMultiCharacterSanitization.ql
+ql/ruby/ql/src/queries/security/cwe-116/IncompleteSanitization.ql
+ql/ruby/ql/src/queries/security/cwe-1333/PolynomialReDoS.ql
+ql/ruby/ql/src/queries/security/cwe-1333/ReDoS.ql
+ql/ruby/ql/src/queries/security/cwe-1333/RegExpInjection.ql
+ql/ruby/ql/src/queries/security/cwe-134/TaintedFormatString.ql
+ql/ruby/ql/src/queries/security/cwe-209/StackTraceExposure.ql
+ql/ruby/ql/src/queries/security/cwe-300/InsecureDependencyResolution.ql
+ql/ruby/ql/src/queries/security/cwe-312/CleartextLogging.ql
+ql/ruby/ql/src/queries/security/cwe-312/CleartextStorage.ql
+ql/ruby/ql/src/queries/security/cwe-327/BrokenCryptoAlgorithm.ql
+ql/ruby/ql/src/queries/security/cwe-327/WeakSensitiveDataHashing.ql
+ql/ruby/ql/src/queries/security/cwe-352/CSRFProtectionDisabled.ql
+ql/ruby/ql/src/queries/security/cwe-352/CSRFProtectionNotEnabled.ql
+ql/ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.ql
+ql/ruby/ql/src/queries/security/cwe-598/SensitiveGetQuery.ql
+ql/ruby/ql/src/queries/security/cwe-601/UrlRedirect.ql
+ql/ruby/ql/src/queries/security/cwe-611/Xxe.ql
+ql/ruby/ql/src/queries/security/cwe-732/WeakCookieConfiguration.ql
+ql/ruby/ql/src/queries/security/cwe-829/InsecureDownload.ql
+ql/ruby/ql/src/queries/security/cwe-915/MassAssignment.ql
+ql/ruby/ql/src/queries/security/cwe-918/ServerSideRequestForgery.ql
+ql/ruby/ql/src/queries/summary/LinesOfCode.ql
+ql/ruby/ql/src/queries/summary/LinesOfUserCode.ql
+ql/ruby/ql/src/queries/summary/NumberOfFilesExtractedWithErrors.ql
+ql/ruby/ql/src/queries/summary/NumberOfSuccessfullyExtractedFiles.ql
--- a/ruby/ql/integration-tests/query-suite/ruby-security-and-quality.qls.expected
+++ b/ruby/ql/integration-tests/query-suite/ruby-security-and-quality.qls.expected
@@ -0,0 +1,54 @@
+ql/ruby/ql/src/queries/diagnostics/ExtractedFiles.ql
+ql/ruby/ql/src/queries/diagnostics/ExtractionErrors.ql
+ql/ruby/ql/src/queries/diagnostics/ExtractionWarnings.ql
+ql/ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql
+ql/ruby/ql/src/queries/security/cwe-020/IncompleteHostnameRegExp.ql
+ql/ruby/ql/src/queries/security/cwe-020/IncompleteUrlSubstringSanitization.ql
+ql/ruby/ql/src/queries/security/cwe-020/MissingFullAnchor.ql
+ql/ruby/ql/src/queries/security/cwe-020/MissingRegExpAnchor.ql
+ql/ruby/ql/src/queries/security/cwe-020/OverlyLargeRange.ql
+ql/ruby/ql/src/queries/security/cwe-022/PathInjection.ql
+ql/ruby/ql/src/queries/security/cwe-078/CommandInjection.ql
+ql/ruby/ql/src/queries/security/cwe-078/KernelOpen.ql
+ql/ruby/ql/src/queries/security/cwe-078/NonConstantKernelOpen.ql
+ql/ruby/ql/src/queries/security/cwe-078/UnsafeShellCommandConstruction.ql
+ql/ruby/ql/src/queries/security/cwe-079/ReflectedXSS.ql
+ql/ruby/ql/src/queries/security/cwe-079/StoredXSS.ql
+ql/ruby/ql/src/queries/security/cwe-079/UnsafeHtmlConstruction.ql
+ql/ruby/ql/src/queries/security/cwe-089/SqlInjection.ql
+ql/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql
+ql/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.ql
+ql/ruby/ql/src/queries/security/cwe-116/BadTagFilter.ql
+ql/ruby/ql/src/queries/security/cwe-116/IncompleteMultiCharacterSanitization.ql
+ql/ruby/ql/src/queries/security/cwe-116/IncompleteSanitization.ql
+ql/ruby/ql/src/queries/security/cwe-117/LogInjection.ql
+ql/ruby/ql/src/queries/security/cwe-1333/PolynomialReDoS.ql
+ql/ruby/ql/src/queries/security/cwe-1333/ReDoS.ql
+ql/ruby/ql/src/queries/security/cwe-1333/RegExpInjection.ql
+ql/ruby/ql/src/queries/security/cwe-134/TaintedFormatString.ql
+ql/ruby/ql/src/queries/security/cwe-209/StackTraceExposure.ql
+ql/ruby/ql/src/queries/security/cwe-295/RequestWithoutValidation.ql
+ql/ruby/ql/src/queries/security/cwe-300/InsecureDependencyResolution.ql
+ql/ruby/ql/src/queries/security/cwe-312/CleartextLogging.ql
+ql/ruby/ql/src/queries/security/cwe-312/CleartextStorage.ql
+ql/ruby/ql/src/queries/security/cwe-327/BrokenCryptoAlgorithm.ql
+ql/ruby/ql/src/queries/security/cwe-327/WeakSensitiveDataHashing.ql
+ql/ruby/ql/src/queries/security/cwe-352/CSRFProtectionDisabled.ql
+ql/ruby/ql/src/queries/security/cwe-352/CSRFProtectionNotEnabled.ql
+ql/ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.ql
+ql/ruby/ql/src/queries/security/cwe-506/HardcodedDataInterpretedAsCode.ql
+ql/ruby/ql/src/queries/security/cwe-598/SensitiveGetQuery.ql
+ql/ruby/ql/src/queries/security/cwe-601/UrlRedirect.ql
+ql/ruby/ql/src/queries/security/cwe-611/Xxe.ql
+ql/ruby/ql/src/queries/security/cwe-732/WeakCookieConfiguration.ql
+ql/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
+ql/ruby/ql/src/queries/security/cwe-829/InsecureDownload.ql
+ql/ruby/ql/src/queries/security/cwe-912/HttpToFileAccess.ql
+ql/ruby/ql/src/queries/security/cwe-915/MassAssignment.ql
+ql/ruby/ql/src/queries/security/cwe-918/ServerSideRequestForgery.ql
+ql/ruby/ql/src/queries/summary/LinesOfCode.ql
+ql/ruby/ql/src/queries/summary/LinesOfUserCode.ql
+ql/ruby/ql/src/queries/summary/NumberOfFilesExtractedWithErrors.ql
+ql/ruby/ql/src/queries/summary/NumberOfSuccessfullyExtractedFiles.ql
+ql/ruby/ql/src/queries/variables/DeadStoreOfLocal.ql
+ql/ruby/ql/src/queries/variables/UninitializedLocal.ql
--- a/ruby/ql/integration-tests/query-suite/ruby-security-extended.qls.expected
+++ b/ruby/ql/integration-tests/query-suite/ruby-security-extended.qls.expected
@@ -0,0 +1,51 @@
+ql/ruby/ql/src/queries/diagnostics/ExtractedFiles.ql
+ql/ruby/ql/src/queries/diagnostics/ExtractionErrors.ql
+ql/ruby/ql/src/queries/diagnostics/ExtractionWarnings.ql
+ql/ruby/ql/src/queries/security/cwe-020/IncompleteHostnameRegExp.ql
+ql/ruby/ql/src/queries/security/cwe-020/IncompleteUrlSubstringSanitization.ql
+ql/ruby/ql/src/queries/security/cwe-020/MissingFullAnchor.ql
+ql/ruby/ql/src/queries/security/cwe-020/MissingRegExpAnchor.ql
+ql/ruby/ql/src/queries/security/cwe-020/OverlyLargeRange.ql
+ql/ruby/ql/src/queries/security/cwe-022/PathInjection.ql
+ql/ruby/ql/src/queries/security/cwe-078/CommandInjection.ql
+ql/ruby/ql/src/queries/security/cwe-078/KernelOpen.ql
+ql/ruby/ql/src/queries/security/cwe-078/NonConstantKernelOpen.ql
+ql/ruby/ql/src/queries/security/cwe-078/UnsafeShellCommandConstruction.ql
+ql/ruby/ql/src/queries/security/cwe-079/ReflectedXSS.ql
+ql/ruby/ql/src/queries/security/cwe-079/StoredXSS.ql
+ql/ruby/ql/src/queries/security/cwe-079/UnsafeHtmlConstruction.ql
+ql/ruby/ql/src/queries/security/cwe-089/SqlInjection.ql
+ql/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql
+ql/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.ql
+ql/ruby/ql/src/queries/security/cwe-116/BadTagFilter.ql
+ql/ruby/ql/src/queries/security/cwe-116/IncompleteMultiCharacterSanitization.ql
+ql/ruby/ql/src/queries/security/cwe-116/IncompleteSanitization.ql
+ql/ruby/ql/src/queries/security/cwe-117/LogInjection.ql
+ql/ruby/ql/src/queries/security/cwe-1333/PolynomialReDoS.ql
+ql/ruby/ql/src/queries/security/cwe-1333/ReDoS.ql
+ql/ruby/ql/src/queries/security/cwe-1333/RegExpInjection.ql
+ql/ruby/ql/src/queries/security/cwe-134/TaintedFormatString.ql
+ql/ruby/ql/src/queries/security/cwe-209/StackTraceExposure.ql
+ql/ruby/ql/src/queries/security/cwe-295/RequestWithoutValidation.ql
+ql/ruby/ql/src/queries/security/cwe-300/InsecureDependencyResolution.ql
+ql/ruby/ql/src/queries/security/cwe-312/CleartextLogging.ql
+ql/ruby/ql/src/queries/security/cwe-312/CleartextStorage.ql
+ql/ruby/ql/src/queries/security/cwe-327/BrokenCryptoAlgorithm.ql
+ql/ruby/ql/src/queries/security/cwe-327/WeakSensitiveDataHashing.ql
+ql/ruby/ql/src/queries/security/cwe-352/CSRFProtectionDisabled.ql
+ql/ruby/ql/src/queries/security/cwe-352/CSRFProtectionNotEnabled.ql
+ql/ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.ql
+ql/ruby/ql/src/queries/security/cwe-506/HardcodedDataInterpretedAsCode.ql
+ql/ruby/ql/src/queries/security/cwe-598/SensitiveGetQuery.ql
+ql/ruby/ql/src/queries/security/cwe-601/UrlRedirect.ql
+ql/ruby/ql/src/queries/security/cwe-611/Xxe.ql
+ql/ruby/ql/src/queries/security/cwe-732/WeakCookieConfiguration.ql
+ql/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
+ql/ruby/ql/src/queries/security/cwe-829/InsecureDownload.ql
+ql/ruby/ql/src/queries/security/cwe-912/HttpToFileAccess.ql
+ql/ruby/ql/src/queries/security/cwe-915/MassAssignment.ql
+ql/ruby/ql/src/queries/security/cwe-918/ServerSideRequestForgery.ql
+ql/ruby/ql/src/queries/summary/LinesOfCode.ql
+ql/ruby/ql/src/queries/summary/LinesOfUserCode.ql
+ql/ruby/ql/src/queries/summary/NumberOfFilesExtractedWithErrors.ql
+ql/ruby/ql/src/queries/summary/NumberOfSuccessfullyExtractedFiles.ql
--- a/ruby/ql/integration-tests/query-suite/test.py
+++ b/ruby/ql/integration-tests/query-suite/test.py
@@ -0,0 +1,14 @@
+import runs_on
+import pytest
+from query_suites import *
+
+well_known_query_suites = ['ruby-code-quality.qls', 'ruby-security-and-quality.qls', 'ruby-security-extended.qls', 'ruby-code-scanning.qls']
+
+@runs_on.posix
+@pytest.mark.parametrize("query_suite", well_known_query_suites)
+def test(codeql, ruby, check_query_suite, query_suite):
+    check_query_suite(query_suite)
+
+@runs_on.posix
+def test_not_included_queries(codeql, ruby, check_queries_not_included):
+    check_queries_not_included('ruby', well_known_query_suites)