From e3a66811825fa6d588494ac8486ba3913685725b Mon Sep 17 00:00:00 2001 From: Tamas Vajk Date: Tue, 29 Apr 2025 16:02:21 +0200 Subject: [PATCH 1/8] Add code quality suite selector --- misc/suite-helpers/code-quality-selectors.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 misc/suite-helpers/code-quality-selectors.yml diff --git a/misc/suite-helpers/code-quality-selectors.yml b/misc/suite-helpers/code-quality-selectors.yml new file mode 100644 index 00000000000..ddaf3366599 --- /dev/null +++ b/misc/suite-helpers/code-quality-selectors.yml @@ -0,0 +1,10 @@ +- description: Selectors for selecting the Code-Quality-relevant queries for a language +- include: + kind: + - problem + - path-problem + precision: + - high + - very-high + tags contain: + - quality From ea9b95790bb099fa756bbaf54e797bc0394085df Mon Sep 17 00:00:00 2001 From: Tamas Vajk Date: Tue, 29 Apr 2025 16:02:46 +0200 Subject: [PATCH 2/8] Use code-quality-selectors in C# suite --- csharp/ql/src/API Abuse/FormatInvalid.ql | 1 + .../NoDisposeCallOnLocalIDisposable.ql | 1 + .../Control-Flow/ConstantCondition.ql | 1 + csharp/ql/src/Dead Code/DeadStoreOfLocal.ql | 1 + .../Collections/ContainerLengthCmpOffByOne.ql | 1 + .../Collections/ContainerSizeCmpZero.ql | 1 + .../DangerousNonShortCircuitLogic.ql | 1 + .../src/Likely Bugs/EqualityCheckOnFloats.ql | 1 + .../Likely Bugs/ReferenceEqualsOnValueTypes.ql | 1 + csharp/ql/src/Likely Bugs/SelfAssignment.ql | 1 + .../src/Likely Bugs/UncheckedCastInEquals.ql | 1 + csharp/ql/src/Performance/UseTryGetValue.ql | 4 +++- csharp/ql/src/Useless code/DefaultToString.ql | 1 + csharp/ql/src/Useless code/IntGetHashCode.ql | 1 + .../src/codeql-suites/csharp-code-quality.qls | 18 ++---------------- 15 files changed, 18 insertions(+), 17 deletions(-) diff --git a/csharp/ql/src/API Abuse/FormatInvalid.ql b/csharp/ql/src/API Abuse/FormatInvalid.ql index a2b8ef5e222..056730a577d 100644 --- a/csharp/ql/src/API Abuse/FormatInvalid.ql +++ b/csharp/ql/src/API Abuse/FormatInvalid.ql @@ -8,6 +8,7 @@ * @id cs/invalid-string-formatting * @tags reliability * maintainability + * quality */ import csharp diff --git a/csharp/ql/src/API Abuse/NoDisposeCallOnLocalIDisposable.ql b/csharp/ql/src/API Abuse/NoDisposeCallOnLocalIDisposable.ql index e5826c42342..f02b0d49b54 100644 --- a/csharp/ql/src/API Abuse/NoDisposeCallOnLocalIDisposable.ql +++ b/csharp/ql/src/API Abuse/NoDisposeCallOnLocalIDisposable.ql @@ -8,6 +8,7 @@ * @id cs/local-not-disposed * @tags efficiency * maintainability + * quality * external/cwe/cwe-404 * external/cwe/cwe-459 * external/cwe/cwe-460 diff --git a/csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql b/csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql index 88d938e399f..7bfdea1e906 100644 --- a/csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql +++ b/csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql @@ -9,6 +9,7 @@ * @id cs/constant-condition * @tags maintainability * readability + * quality * external/cwe/cwe-835 */ diff --git a/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql b/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql index 1e2eaad1aa1..5be820ee74c 100644 --- a/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql +++ b/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql @@ -6,6 +6,7 @@ * @problem.severity warning * @id cs/useless-assignment-to-local * @tags maintainability + * quality * external/cwe/cwe-563 * @precision very-high */ diff --git a/csharp/ql/src/Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql b/csharp/ql/src/Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql index 615f0634f16..754ed8ad773 100644 --- a/csharp/ql/src/Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql +++ b/csharp/ql/src/Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql @@ -9,6 +9,7 @@ * @tags reliability * correctness * logic + * quality * external/cwe/cwe-193 */ diff --git a/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql b/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql index 6ba109713ae..90f5b981e24 100644 --- a/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql +++ b/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql @@ -8,6 +8,7 @@ * @tags reliability * correctness * logic + * quality */ import csharp diff --git a/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql b/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql index 6091b0f79a3..f3defa47a43 100644 --- a/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql +++ b/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql @@ -9,6 +9,7 @@ * @tags reliability * correctness * logic + * quality * external/cwe/cwe-480 * external/cwe/cwe-691 */ diff --git a/csharp/ql/src/Likely Bugs/EqualityCheckOnFloats.ql b/csharp/ql/src/Likely Bugs/EqualityCheckOnFloats.ql index 1109201fbe1..108e6f45f94 100644 --- a/csharp/ql/src/Likely Bugs/EqualityCheckOnFloats.ql +++ b/csharp/ql/src/Likely Bugs/EqualityCheckOnFloats.ql @@ -9,6 +9,7 @@ * @id cs/equality-on-floats * @tags reliability * correctness + * quality */ import csharp diff --git a/csharp/ql/src/Likely Bugs/ReferenceEqualsOnValueTypes.ql b/csharp/ql/src/Likely Bugs/ReferenceEqualsOnValueTypes.ql index f038117aff3..de29f6109ad 100644 --- a/csharp/ql/src/Likely Bugs/ReferenceEqualsOnValueTypes.ql +++ b/csharp/ql/src/Likely Bugs/ReferenceEqualsOnValueTypes.ql @@ -7,6 +7,7 @@ * @id cs/reference-equality-on-valuetypes * @tags reliability * correctness + * quality * external/cwe/cwe-595 */ diff --git a/csharp/ql/src/Likely Bugs/SelfAssignment.ql b/csharp/ql/src/Likely Bugs/SelfAssignment.ql index dd63ba87627..e010d18292c 100644 --- a/csharp/ql/src/Likely Bugs/SelfAssignment.ql +++ b/csharp/ql/src/Likely Bugs/SelfAssignment.ql @@ -8,6 +8,7 @@ * @tags reliability * correctness * logic + * quality */ import csharp diff --git a/csharp/ql/src/Likely Bugs/UncheckedCastInEquals.ql b/csharp/ql/src/Likely Bugs/UncheckedCastInEquals.ql index aa244147e3e..d1e2dbdf056 100644 --- a/csharp/ql/src/Likely Bugs/UncheckedCastInEquals.ql +++ b/csharp/ql/src/Likely Bugs/UncheckedCastInEquals.ql @@ -7,6 +7,7 @@ * @id cs/unchecked-cast-in-equals * @tags reliability * maintainability + * quality */ import csharp diff --git a/csharp/ql/src/Performance/UseTryGetValue.ql b/csharp/ql/src/Performance/UseTryGetValue.ql index 67b57e90347..c33c0d1e8d7 100644 --- a/csharp/ql/src/Performance/UseTryGetValue.ql +++ b/csharp/ql/src/Performance/UseTryGetValue.ql @@ -6,7 +6,9 @@ * @problem.severity recommendation * @precision high * @id cs/inefficient-containskey - * @tags maintainability efficiency + * @tags maintainability + * efficiency + * quality */ import csharp diff --git a/csharp/ql/src/Useless code/DefaultToString.ql b/csharp/ql/src/Useless code/DefaultToString.ql index 544347576fe..ea33fe7874b 100644 --- a/csharp/ql/src/Useless code/DefaultToString.ql +++ b/csharp/ql/src/Useless code/DefaultToString.ql @@ -8,6 +8,7 @@ * @id cs/call-to-object-tostring * @tags reliability * maintainability + * quality */ import DefaultToStringQuery diff --git a/csharp/ql/src/Useless code/IntGetHashCode.ql b/csharp/ql/src/Useless code/IntGetHashCode.ql index 85d0f56aae0..847443d018e 100644 --- a/csharp/ql/src/Useless code/IntGetHashCode.ql +++ b/csharp/ql/src/Useless code/IntGetHashCode.ql @@ -8,6 +8,7 @@ * @id cs/useless-gethashcode-call * @tags readability * useless-code + * quality */ import csharp diff --git a/csharp/ql/src/codeql-suites/csharp-code-quality.qls b/csharp/ql/src/codeql-suites/csharp-code-quality.qls index 85bbe4db683..2074f9378cf 100644 --- a/csharp/ql/src/codeql-suites/csharp-code-quality.qls +++ b/csharp/ql/src/codeql-suites/csharp-code-quality.qls @@ -1,17 +1,3 @@ - queries: . -- include: - id: - - cs/index-out-of-bounds - - cs/test-for-negative-container-size - - cs/unchecked-cast-in-equals - - cs/reference-equality-on-valuetypes - - cs/self-assignment - - cs/inefficient-containskey - - cs/call-to-object-tostring - - cs/local-not-disposed - - cs/constant-condition - - cs/useless-gethashcode-call - - cs/non-short-circuit - - cs/useless-assignment-to-local - - cs/invalid-string-formatting - - cs/equality-on-floats +- apply: code-quality-selectors.yml + from: codeql/suite-helpers From 425e020d6c2269bfd3db5d4260adfae38d32ab02 Mon Sep 17 00:00:00 2001 From: Tamas Vajk Date: Tue, 29 Apr 2025 16:09:51 +0200 Subject: [PATCH 3/8] Use code-quality-selectors in Java suite --- .../query-suite/java-code-quality.qls.expected | 1 - .../Language Abuse/TypeVariableHidesType.ql | 1 + .../Likely Bugs/Arithmetic/IntMultToLong.ql | 1 + .../Collections/WriteOnlyContainer.ql | 1 + .../Comparison/IncomparableEquals.ql | 1 + .../Comparison/InconsistentEqualsHashCode.ql | 1 + .../Comparison/MissingInstanceofInEquals.ql | 1 + .../src/Likely Bugs/Comparison/RefEqBoxed.ql | 1 + .../Likely Typos/ContradictoryTypeChecks.ql | 1 + .../Likely Typos/SuspiciousDateFormat.ql | 1 + .../Likely Bugs/Resource Leaks/CloseReader.ql | 1 + .../Likely Bugs/Resource Leaks/CloseWriter.ql | 1 + .../ql/src/codeql-suites/java-code-quality.qls | 18 ++---------------- 13 files changed, 13 insertions(+), 17 deletions(-) diff --git a/java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected b/java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected index 0934d4cf996..4af6a4dd5db 100644 --- a/java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected +++ b/java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected @@ -1,4 +1,3 @@ -ql/java/ql/src/Language Abuse/TypeVariableHidesType.ql ql/java/ql/src/Likely Bugs/Arithmetic/IntMultToLong.ql ql/java/ql/src/Likely Bugs/Collections/WriteOnlyContainer.ql ql/java/ql/src/Likely Bugs/Comparison/IncomparableEquals.ql diff --git a/java/ql/src/Language Abuse/TypeVariableHidesType.ql b/java/ql/src/Language Abuse/TypeVariableHidesType.ql index d411c3848e2..81da0e9703e 100644 --- a/java/ql/src/Language Abuse/TypeVariableHidesType.ql +++ b/java/ql/src/Language Abuse/TypeVariableHidesType.ql @@ -9,6 +9,7 @@ * @tags reliability * readability * types + * quality */ import java diff --git a/java/ql/src/Likely Bugs/Arithmetic/IntMultToLong.ql b/java/ql/src/Likely Bugs/Arithmetic/IntMultToLong.ql index 31a1d8a20a1..026096b63a7 100644 --- a/java/ql/src/Likely Bugs/Arithmetic/IntMultToLong.ql +++ b/java/ql/src/Likely Bugs/Arithmetic/IntMultToLong.ql @@ -9,6 +9,7 @@ * @tags reliability * correctness * types + * quality * external/cwe/cwe-190 * external/cwe/cwe-192 * external/cwe/cwe-197 diff --git a/java/ql/src/Likely Bugs/Collections/WriteOnlyContainer.ql b/java/ql/src/Likely Bugs/Collections/WriteOnlyContainer.ql index 8c8cb6105b3..1f4ebb3403d 100644 --- a/java/ql/src/Likely Bugs/Collections/WriteOnlyContainer.ql +++ b/java/ql/src/Likely Bugs/Collections/WriteOnlyContainer.ql @@ -7,6 +7,7 @@ * @id java/unused-container * @tags maintainability * useless-code + * quality * external/cwe/cwe-561 */ diff --git a/java/ql/src/Likely Bugs/Comparison/IncomparableEquals.ql b/java/ql/src/Likely Bugs/Comparison/IncomparableEquals.ql index 2326ae5dd3d..f5019373b65 100644 --- a/java/ql/src/Likely Bugs/Comparison/IncomparableEquals.ql +++ b/java/ql/src/Likely Bugs/Comparison/IncomparableEquals.ql @@ -8,6 +8,7 @@ * @id java/equals-on-unrelated-types * @tags reliability * correctness + * quality */ import java diff --git a/java/ql/src/Likely Bugs/Comparison/InconsistentEqualsHashCode.ql b/java/ql/src/Likely Bugs/Comparison/InconsistentEqualsHashCode.ql index b788caec0e1..2fce3397346 100644 --- a/java/ql/src/Likely Bugs/Comparison/InconsistentEqualsHashCode.ql +++ b/java/ql/src/Likely Bugs/Comparison/InconsistentEqualsHashCode.ql @@ -8,6 +8,7 @@ * @id java/inconsistent-equals-and-hashcode * @tags reliability * correctness + * quality * external/cwe/cwe-581 */ diff --git a/java/ql/src/Likely Bugs/Comparison/MissingInstanceofInEquals.ql b/java/ql/src/Likely Bugs/Comparison/MissingInstanceofInEquals.ql index 455ca22d6e3..413a88bb008 100644 --- a/java/ql/src/Likely Bugs/Comparison/MissingInstanceofInEquals.ql +++ b/java/ql/src/Likely Bugs/Comparison/MissingInstanceofInEquals.ql @@ -8,6 +8,7 @@ * @id java/unchecked-cast-in-equals * @tags reliability * correctness + * quality */ import java diff --git a/java/ql/src/Likely Bugs/Comparison/RefEqBoxed.ql b/java/ql/src/Likely Bugs/Comparison/RefEqBoxed.ql index b5c679f67e7..811edd9e2d7 100644 --- a/java/ql/src/Likely Bugs/Comparison/RefEqBoxed.ql +++ b/java/ql/src/Likely Bugs/Comparison/RefEqBoxed.ql @@ -8,6 +8,7 @@ * @id java/reference-equality-of-boxed-types * @tags reliability * correctness + * quality * external/cwe/cwe-595 */ diff --git a/java/ql/src/Likely Bugs/Likely Typos/ContradictoryTypeChecks.ql b/java/ql/src/Likely Bugs/Likely Typos/ContradictoryTypeChecks.ql index 9608ec93767..a8ff61f481d 100644 --- a/java/ql/src/Likely Bugs/Likely Typos/ContradictoryTypeChecks.ql +++ b/java/ql/src/Likely Bugs/Likely Typos/ContradictoryTypeChecks.ql @@ -9,6 +9,7 @@ * @id java/contradictory-type-checks * @tags correctness * logic + * quality */ import java diff --git a/java/ql/src/Likely Bugs/Likely Typos/SuspiciousDateFormat.ql b/java/ql/src/Likely Bugs/Likely Typos/SuspiciousDateFormat.ql index b39da1aa870..9e24a3b7b4e 100644 --- a/java/ql/src/Likely Bugs/Likely Typos/SuspiciousDateFormat.ql +++ b/java/ql/src/Likely Bugs/Likely Typos/SuspiciousDateFormat.ql @@ -6,6 +6,7 @@ * @precision high * @id java/suspicious-date-format * @tags correctness + * quality */ import java diff --git a/java/ql/src/Likely Bugs/Resource Leaks/CloseReader.ql b/java/ql/src/Likely Bugs/Resource Leaks/CloseReader.ql index 92da62633d8..d210581d20c 100644 --- a/java/ql/src/Likely Bugs/Resource Leaks/CloseReader.ql +++ b/java/ql/src/Likely Bugs/Resource Leaks/CloseReader.ql @@ -9,6 +9,7 @@ * @tags efficiency * correctness * resources + * quality * external/cwe/cwe-404 * external/cwe/cwe-772 */ diff --git a/java/ql/src/Likely Bugs/Resource Leaks/CloseWriter.ql b/java/ql/src/Likely Bugs/Resource Leaks/CloseWriter.ql index fa04de220bf..fe23286b2e0 100644 --- a/java/ql/src/Likely Bugs/Resource Leaks/CloseWriter.ql +++ b/java/ql/src/Likely Bugs/Resource Leaks/CloseWriter.ql @@ -9,6 +9,7 @@ * @tags efficiency * correctness * resources + * quality * external/cwe/cwe-404 * external/cwe/cwe-772 */ diff --git a/java/ql/src/codeql-suites/java-code-quality.qls b/java/ql/src/codeql-suites/java-code-quality.qls index 847864606ca..2074f9378cf 100644 --- a/java/ql/src/codeql-suites/java-code-quality.qls +++ b/java/ql/src/codeql-suites/java-code-quality.qls @@ -1,17 +1,3 @@ - queries: . -- include: - id: - - java/contradictory-type-checks - - java/do-not-call-finalize - - java/equals-on-unrelated-types - - java/inconsistent-equals-and-hashcode - - java/input-resource-leak - - java/integer-multiplication-cast-to-long - - java/junit5-missing-nested-annotation - - java/output-resource-leak - - java/reference-equality-of-boxed-types - - java/string-replace-all-with-non-regex - - java/suspicious-date-format - - java/type-variable-hides-type - - java/unchecked-cast-in-equals - - java/unused-container \ No newline at end of file +- apply: code-quality-selectors.yml + from: codeql/suite-helpers From bb46ca7a6423669ccfe27fc35fe3af3ca8029fae Mon Sep 17 00:00:00 2001 From: Tamas Vajk Date: Tue, 29 Apr 2025 16:22:37 +0200 Subject: [PATCH 4/8] Modify quality query suite selector for actions, cpp, rust and swift --- actions/ql/src/codeql-suites/actions-code-quality.qls | 4 +++- cpp/ql/src/codeql-suites/cpp-code-quality.qls | 4 +++- rust/ql/src/codeql-suites/rust-code-quality.qls | 4 +++- swift/ql/src/codeql-suites/swift-code-quality.qls | 4 +++- 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/actions/ql/src/codeql-suites/actions-code-quality.qls b/actions/ql/src/codeql-suites/actions-code-quality.qls index 0637a088a01..2074f9378cf 100644 --- a/actions/ql/src/codeql-suites/actions-code-quality.qls +++ b/actions/ql/src/codeql-suites/actions-code-quality.qls @@ -1 +1,3 @@ -[] \ No newline at end of file +- queries: . +- apply: code-quality-selectors.yml + from: codeql/suite-helpers diff --git a/cpp/ql/src/codeql-suites/cpp-code-quality.qls b/cpp/ql/src/codeql-suites/cpp-code-quality.qls index 0637a088a01..2074f9378cf 100644 --- a/cpp/ql/src/codeql-suites/cpp-code-quality.qls +++ b/cpp/ql/src/codeql-suites/cpp-code-quality.qls @@ -1 +1,3 @@ -[] \ No newline at end of file +- queries: . +- apply: code-quality-selectors.yml + from: codeql/suite-helpers diff --git a/rust/ql/src/codeql-suites/rust-code-quality.qls b/rust/ql/src/codeql-suites/rust-code-quality.qls index 0637a088a01..2074f9378cf 100644 --- a/rust/ql/src/codeql-suites/rust-code-quality.qls +++ b/rust/ql/src/codeql-suites/rust-code-quality.qls @@ -1 +1,3 @@ -[] \ No newline at end of file +- queries: . +- apply: code-quality-selectors.yml + from: codeql/suite-helpers diff --git a/swift/ql/src/codeql-suites/swift-code-quality.qls b/swift/ql/src/codeql-suites/swift-code-quality.qls index 0637a088a01..2074f9378cf 100644 --- a/swift/ql/src/codeql-suites/swift-code-quality.qls +++ b/swift/ql/src/codeql-suites/swift-code-quality.qls @@ -1 +1,3 @@ -[] \ No newline at end of file +- queries: . +- apply: code-quality-selectors.yml + from: codeql/suite-helpers From 2515b06b2afef5c61245406401fd13dc6ed354c2 Mon Sep 17 00:00:00 2001 From: Tamas Vajk Date: Tue, 29 Apr 2025 16:22:57 +0200 Subject: [PATCH 5/8] Use code-quality-selectors in Go suite --- go/ql/src/InconsistentCode/LengthComparisonOffByOne.ql | 1 + go/ql/src/InconsistentCode/MissingErrorCheck.ql | 1 + .../InconsistentCode/UnhandledCloseWritableHandle.ql | 1 + go/ql/src/InconsistentCode/WrappedErrorAlwaysNil.ql | 1 + go/ql/src/RedundantCode/NegativeLengthCheck.ql | 1 + go/ql/src/RedundantCode/RedundantRecover.ql | 1 + go/ql/src/codeql-suites/go-code-quality.qls | 10 ++-------- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/go/ql/src/InconsistentCode/LengthComparisonOffByOne.ql b/go/ql/src/InconsistentCode/LengthComparisonOffByOne.ql index 05a468b8517..436eb8a8fe5 100644 --- a/go/ql/src/InconsistentCode/LengthComparisonOffByOne.ql +++ b/go/ql/src/InconsistentCode/LengthComparisonOffByOne.ql @@ -8,6 +8,7 @@ * @tags reliability * correctness * logic + * quality * external/cwe/cwe-193 * @precision high */ diff --git a/go/ql/src/InconsistentCode/MissingErrorCheck.ql b/go/ql/src/InconsistentCode/MissingErrorCheck.ql index d2021517267..9acd7e13602 100644 --- a/go/ql/src/InconsistentCode/MissingErrorCheck.ql +++ b/go/ql/src/InconsistentCode/MissingErrorCheck.ql @@ -8,6 +8,7 @@ * @tags reliability * correctness * logic + * quality * @precision high */ diff --git a/go/ql/src/InconsistentCode/UnhandledCloseWritableHandle.ql b/go/ql/src/InconsistentCode/UnhandledCloseWritableHandle.ql index 211cf4b3985..051e4644cc7 100644 --- a/go/ql/src/InconsistentCode/UnhandledCloseWritableHandle.ql +++ b/go/ql/src/InconsistentCode/UnhandledCloseWritableHandle.ql @@ -11,6 +11,7 @@ * correctness * call * defer + * quality */ import go diff --git a/go/ql/src/InconsistentCode/WrappedErrorAlwaysNil.ql b/go/ql/src/InconsistentCode/WrappedErrorAlwaysNil.ql index 48df6a9297d..fac236c7f03 100644 --- a/go/ql/src/InconsistentCode/WrappedErrorAlwaysNil.ql +++ b/go/ql/src/InconsistentCode/WrappedErrorAlwaysNil.ql @@ -7,6 +7,7 @@ * @tags reliability * correctness * logic + * quality * @precision high */ diff --git a/go/ql/src/RedundantCode/NegativeLengthCheck.ql b/go/ql/src/RedundantCode/NegativeLengthCheck.ql index f1ae5409c2d..adac6fe78d9 100644 --- a/go/ql/src/RedundantCode/NegativeLengthCheck.ql +++ b/go/ql/src/RedundantCode/NegativeLengthCheck.ql @@ -9,6 +9,7 @@ * @precision very-high * @id go/negative-length-check * @tags correctness + * quality */ import go diff --git a/go/ql/src/RedundantCode/RedundantRecover.ql b/go/ql/src/RedundantCode/RedundantRecover.ql index d2138068515..08fc06727e5 100644 --- a/go/ql/src/RedundantCode/RedundantRecover.ql +++ b/go/ql/src/RedundantCode/RedundantRecover.ql @@ -8,6 +8,7 @@ * @id go/redundant-recover * @tags maintainability * correctness + * quality * @precision high */ diff --git a/go/ql/src/codeql-suites/go-code-quality.qls b/go/ql/src/codeql-suites/go-code-quality.qls index 84c0fe6b35b..2074f9378cf 100644 --- a/go/ql/src/codeql-suites/go-code-quality.qls +++ b/go/ql/src/codeql-suites/go-code-quality.qls @@ -1,9 +1,3 @@ - queries: . -- include: - id: - - go/unhandled-writable-file-close - - go/unexpected-nil-value - - go/negative-length-check - - go/redundant-recover - - go/missing-error-check - - go/index-out-of-bounds \ No newline at end of file +- apply: code-quality-selectors.yml + from: codeql/suite-helpers From d56c5225f6c0dc4c8df6560c0f293de24d8a2499 Mon Sep 17 00:00:00 2001 From: Tamas Vajk Date: Tue, 29 Apr 2025 16:23:08 +0200 Subject: [PATCH 6/8] Use code-quality-selectors in JS suite --- .../ql/src/Declarations/IneffectiveParameterType.ql | 1 + javascript/ql/src/Expressions/MissingAwait.ql | 1 + javascript/ql/src/LanguageFeatures/SpuriousArguments.ql | 1 + javascript/ql/src/RegExp/RegExpAlwaysMatches.ql | 1 + .../ql/src/codeql-suites/javascript-code-quality.qls | 9 ++------- 5 files changed, 6 insertions(+), 7 deletions(-) diff --git a/javascript/ql/src/Declarations/IneffectiveParameterType.ql b/javascript/ql/src/Declarations/IneffectiveParameterType.ql index da8d610c974..18899bd0c4e 100644 --- a/javascript/ql/src/Declarations/IneffectiveParameterType.ql +++ b/javascript/ql/src/Declarations/IneffectiveParameterType.ql @@ -7,6 +7,7 @@ * @precision high * @tags correctness * typescript + * quality */ import javascript diff --git a/javascript/ql/src/Expressions/MissingAwait.ql b/javascript/ql/src/Expressions/MissingAwait.ql index 08b6c7af0bb..d97c006a7bd 100644 --- a/javascript/ql/src/Expressions/MissingAwait.ql +++ b/javascript/ql/src/Expressions/MissingAwait.ql @@ -5,6 +5,7 @@ * @problem.severity warning * @id js/missing-await * @tags correctness + * quality * @precision high */ diff --git a/javascript/ql/src/LanguageFeatures/SpuriousArguments.ql b/javascript/ql/src/LanguageFeatures/SpuriousArguments.ql index fd3914c9023..fd493a247a4 100644 --- a/javascript/ql/src/LanguageFeatures/SpuriousArguments.ql +++ b/javascript/ql/src/LanguageFeatures/SpuriousArguments.ql @@ -7,6 +7,7 @@ * @tags maintainability * correctness * language-features + * quality * external/cwe/cwe-685 * @precision very-high */ diff --git a/javascript/ql/src/RegExp/RegExpAlwaysMatches.ql b/javascript/ql/src/RegExp/RegExpAlwaysMatches.ql index 04756158f55..1d063534903 100644 --- a/javascript/ql/src/RegExp/RegExpAlwaysMatches.ql +++ b/javascript/ql/src/RegExp/RegExpAlwaysMatches.ql @@ -6,6 +6,7 @@ * @id js/regex/always-matches * @tags correctness * regular-expressions + * quality * @precision high */ diff --git a/javascript/ql/src/codeql-suites/javascript-code-quality.qls b/javascript/ql/src/codeql-suites/javascript-code-quality.qls index 5570d91c4f7..2074f9378cf 100644 --- a/javascript/ql/src/codeql-suites/javascript-code-quality.qls +++ b/javascript/ql/src/codeql-suites/javascript-code-quality.qls @@ -1,8 +1,3 @@ - queries: . -- include: - id: - - js/missing-await - - js/regex/always-matches - - js/superfluous-trailing-arguments - - js/useless-expression - - js/ineffective-parameter-type \ No newline at end of file +- apply: code-quality-selectors.yml + from: codeql/suite-helpers From fdeac95714f4db728fe64c23e53ff6b8aee4d66f Mon Sep 17 00:00:00 2001 From: Tamas Vajk Date: Tue, 29 Apr 2025 16:23:22 +0200 Subject: [PATCH 7/8] Use code-quality-selectors in Python suite --- .../query-suite/python-code-quality.qls.expected | 2 ++ python/ql/src/Functions/NonCls.ql | 1 + python/ql/src/Functions/NonSelf.ql | 1 + python/ql/src/codeql-suites/python-code-quality.qls | 8 ++------ 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/python/ql/integration-tests/query-suite/python-code-quality.qls.expected b/python/ql/integration-tests/query-suite/python-code-quality.qls.expected index 47643f6a319..b81d300d024 100644 --- a/python/ql/integration-tests/query-suite/python-code-quality.qls.expected +++ b/python/ql/integration-tests/query-suite/python-code-quality.qls.expected @@ -1,4 +1,6 @@ ql/python/ql/src/Functions/NonCls.ql ql/python/ql/src/Functions/NonSelf.ql +ql/python/ql/src/Functions/ReturnConsistentTupleSizes.ql ql/python/ql/src/Functions/SignatureSpecialMethods.ql ql/python/ql/src/Resources/FileNotAlwaysClosed.ql +ql/python/ql/src/Variables/LoopVariableCapture/LoopVariableCapture.ql diff --git a/python/ql/src/Functions/NonCls.ql b/python/ql/src/Functions/NonCls.ql index d36eeb9a6ec..0808da00e0a 100644 --- a/python/ql/src/Functions/NonCls.ql +++ b/python/ql/src/Functions/NonCls.ql @@ -5,6 +5,7 @@ * @tags maintainability * readability * convention + * quality * @problem.severity recommendation * @sub-severity high * @precision high diff --git a/python/ql/src/Functions/NonSelf.ql b/python/ql/src/Functions/NonSelf.ql index cea15d3661a..35b7af9b800 100644 --- a/python/ql/src/Functions/NonSelf.ql +++ b/python/ql/src/Functions/NonSelf.ql @@ -5,6 +5,7 @@ * @tags maintainability * readability * convention + * quality * @problem.severity recommendation * @sub-severity high * @precision very-high diff --git a/python/ql/src/codeql-suites/python-code-quality.qls b/python/ql/src/codeql-suites/python-code-quality.qls index 3ada7e8eb4c..2074f9378cf 100644 --- a/python/ql/src/codeql-suites/python-code-quality.qls +++ b/python/ql/src/codeql-suites/python-code-quality.qls @@ -1,7 +1,3 @@ - queries: . -- include: - id: - - py/not-named-self - - py/not-named-cls - - py/file-not-closed - - py/special-method-wrong-signature +- apply: code-quality-selectors.yml + from: codeql/suite-helpers From e9e6d68a6ebaa4a2a9827b3c5f9fbcf50df1caca Mon Sep 17 00:00:00 2001 From: Tamas Vajk Date: Tue, 29 Apr 2025 16:23:33 +0200 Subject: [PATCH 8/8] Use code-quality-selectors in Ruby suite --- .../query-suite/ruby-code-quality.qls.expected | 1 - ruby/ql/src/codeql-suites/ruby-code-quality.qls | 7 ++----- ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql | 1 + ruby/ql/src/queries/variables/DeadStoreOfLocal.ql | 1 + 4 files changed, 4 insertions(+), 6 deletions(-) diff --git a/ruby/ql/integration-tests/query-suite/ruby-code-quality.qls.expected b/ruby/ql/integration-tests/query-suite/ruby-code-quality.qls.expected index 94b2f19caaa..db6b7590220 100644 --- a/ruby/ql/integration-tests/query-suite/ruby-code-quality.qls.expected +++ b/ruby/ql/integration-tests/query-suite/ruby-code-quality.qls.expected @@ -1,3 +1,2 @@ ql/ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql -ql/ruby/ql/src/queries/variables/DeadStoreOfLocal.ql ql/ruby/ql/src/queries/variables/UninitializedLocal.ql diff --git a/ruby/ql/src/codeql-suites/ruby-code-quality.qls b/ruby/ql/src/codeql-suites/ruby-code-quality.qls index 2111c6979ef..2074f9378cf 100644 --- a/ruby/ql/src/codeql-suites/ruby-code-quality.qls +++ b/ruby/ql/src/codeql-suites/ruby-code-quality.qls @@ -1,6 +1,3 @@ - queries: . -- include: - id: - - rb/database-query-in-loop - - rb/useless-assignment-to-local - - rb/uninitialized-local-variable \ No newline at end of file +- apply: code-quality-selectors.yml + from: codeql/suite-helpers diff --git a/ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql b/ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql index b17c5ecd9ba..835fe620984 100644 --- a/ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql +++ b/ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql @@ -6,6 +6,7 @@ * @precision high * @id rb/database-query-in-loop * @tags performance + * quality */ import ruby diff --git a/ruby/ql/src/queries/variables/DeadStoreOfLocal.ql b/ruby/ql/src/queries/variables/DeadStoreOfLocal.ql index 547d7d3cd89..a7b37515d7f 100644 --- a/ruby/ql/src/queries/variables/DeadStoreOfLocal.ql +++ b/ruby/ql/src/queries/variables/DeadStoreOfLocal.ql @@ -6,6 +6,7 @@ * @problem.severity warning * @id rb/useless-assignment-to-local * @tags maintainability + * quality * external/cwe/cwe-563 * @precision medium */