Remove now-unnecessary bindingset annotations

2026-01-29 06:12:58 +01:00 · 2021-03-05 03:41:09 -08:00
parent 8ad1010860
commit db20119267
30 changed files with 4 additions and 45 deletions
--- a/ql/src/semmle/go/frameworks/Beego.qll
+++ b/ql/src/semmle/go/frameworks/Beego.qll
@@ -9,23 +9,18 @@ private import semmle.go.security.SafeUrlFlowCustomizations

 module Beego {
  /** Gets the module path `github.com/astaxie/beego` or `github.com/beego/beego`. */
-  bindingset[result]
  string modulePath() { result = ["github.com/astaxie/beego", "github.com/beego/beego"] }

  /** Gets the path for the root package of beego. */
-  bindingset[result]
  string packagePath() { result = package(modulePath(), "") }

  /** Gets the path for the context package of beego. */
-  bindingset[result]
  string contextPackagePath() { result = package(modulePath(), "context") }

  /** Gets the path for the logs package of beego. */
-  bindingset[result]
  string logsPackagePath() { result = package(modulePath(), "logs") }

  /** Gets the path for the utils package of beego. */
-  bindingset[result]
  string utilsPackagePath() { result = package(modulePath(), "utils") }

  /**
--- a/ql/src/semmle/go/frameworks/BeegoOrm.qll
+++ b/ql/src/semmle/go/frameworks/BeegoOrm.qll
@@ -8,7 +8,6 @@ private import semmle.go.security.StoredXssCustomizations

 module BeegoOrm {
  /** Gets the package name `github.com/astaxie/beego/orm`. */
-  bindingset[result]
  string packagePath() { result = package("github.com/astaxie/beego", "orm") }

  private class DbSink extends SQL::QueryString::Range {
--- a/ql/src/semmle/go/frameworks/Chi.qll
+++ b/ql/src/semmle/go/frameworks/Chi.qll
@@ -6,7 +6,6 @@ import go

 private module Chi {
  /** Gets the package name `github.com/go-chi/chi`. */
-  bindingset[result]
  string packagePath() { result = package("github.com/go-chi/chi", "") }

  /**
--- a/ql/src/semmle/go/frameworks/Couchbase.qll
+++ b/ql/src/semmle/go/frameworks/Couchbase.qll
@@ -14,7 +14,6 @@ module Couchbase {
   * Note that v1 and v2 have different APIs, but the names are disjoint so there is no need to
   * distinguish between them.
   */
-  bindingset[result]
  string packagePath() {
    result =
      package([
--- a/ql/src/semmle/go/frameworks/Echo.qll
+++ b/ql/src/semmle/go/frameworks/Echo.qll
@@ -7,7 +7,6 @@ import go

 private module Echo {
  /** Gets the package name `github.com/labstack/echo`. */
-  bindingset[result]
  private string packagePath() { result = package("github.com/labstack/echo", "") }

  /**
--- a/ql/src/semmle/go/frameworks/ElazarlGoproxy.qll
+++ b/ql/src/semmle/go/frameworks/ElazarlGoproxy.qll
@@ -9,7 +9,6 @@ import go
 */
 module ElazarlGoproxy {
  /** Gets the package name. */
-  bindingset[result]
  string packagePath() { result = package("github.com/elazarl/goproxy", "") }

  private class NewResponse extends HTTP::HeaderWrite::Range, DataFlow::CallNode {
--- a/ql/src/semmle/go/frameworks/Email.qll
+++ b/ql/src/semmle/go/frameworks/Email.qll
@@ -44,7 +44,6 @@ module EmailData {
  }

  /** Gets the package name `github.com/sendgrid/sendgrid-go/helpers/mail`. */
-  bindingset[result]
  private string sendgridMail() {
    result = package("github.com/sendgrid/sendgrid-go", "helpers/mail")
  }
--- a/ql/src/semmle/go/frameworks/Encoding.qll
+++ b/ql/src/semmle/go/frameworks/Encoding.qll
@@ -5,7 +5,6 @@
 import go

 /** Gets the package name `github.com/json-iterator/go`. */
-bindingset[result]
 private string packagePath() { result = package("github.com/json-iterator/go", "") }

 /** A model of json-iterator's `Unmarshal` function, propagating taint from the JSON input to the decoded object. */
--- a/ql/src/semmle/go/frameworks/EvanphxJsonPatch.qll
+++ b/ql/src/semmle/go/frameworks/EvanphxJsonPatch.qll
@@ -6,7 +6,6 @@ import go

 private module EvanphxJsonPatch {
  /** Gets the package name `github.com/evanphx/json-patch`. */
-  bindingset[result]
  private string packagePath() { result = package("github.com/evanphx/json-patch", "") }

  private class MergeMergePatches extends TaintTracking::FunctionModel {
--- a/ql/src/semmle/go/frameworks/Gin.qll
+++ b/ql/src/semmle/go/frameworks/Gin.qll
@@ -6,7 +6,6 @@ import go

 private module Gin {
  /** Gets the package name `github.com/gin-gonic/gin`. */
-  bindingset[result]
  string packagePath() { result = package("github.com/gin-gonic/gin", "") }

  /**
--- a/ql/src/semmle/go/frameworks/GoKit.qll
+++ b/ql/src/semmle/go/frameworks/GoKit.qll
@@ -12,7 +12,6 @@ import go
 */
 module GoKit {
  /** Gets the package name. */
-  bindingset[result]
  string packagePath() { result = package("github.com/go-kit/kit", "") }

  /**
@@ -21,7 +20,6 @@ module GoKit {
   */
  module Endpoint {
    /** Gets the package name. */
-    bindingset[result]
    string endpointPackagePath() { result = package("github.com/go-kit/kit", "endpoint") }

    // gets a function that returns an endpoint
--- a/ql/src/semmle/go/frameworks/GoRestfulHttp.qll
+++ b/ql/src/semmle/go/frameworks/GoRestfulHttp.qll
@@ -5,7 +5,6 @@ import go
 */
 private module GoRestfulHttp {
  /** Gets the package name `github.com/emicklei/go-restful`. */
-  bindingset[result]
  string packagePath() { result = package("github.com/emicklei/go-restful", "") }

  /**
--- a/ql/src/semmle/go/frameworks/K8sIoApiCoreV1.qll
+++ b/ql/src/semmle/go/frameworks/K8sIoApiCoreV1.qll
@@ -7,7 +7,6 @@ import go
 */
 module K8sIoApiCoreV1 {
  /** Gets the package name `k8s.io/api/core/v1`. */
-  bindingset[result]
  string packagePath() { result = package("k8s.io/api", "core/v1") }

  private class SecretDeepCopy extends TaintTracking::FunctionModel, Method {
--- a/ql/src/semmle/go/frameworks/K8sIoApimachineryPkgRuntime.qll
+++ b/ql/src/semmle/go/frameworks/K8sIoApimachineryPkgRuntime.qll
@@ -7,7 +7,6 @@ import go
 */
 module K8sIoApimachineryPkgRuntime {
  /** Gets the package name `k8s.io/apimachinery/pkg/runtime`. */
-  bindingset[result]
  string packagePath() { result = package("k8s.io/apimachinery", "pkg/runtime") }

  private class ConvertTypeToType extends TaintTracking::FunctionModel {
--- a/ql/src/semmle/go/frameworks/K8sIoClientGo.qll
+++ b/ql/src/semmle/go/frameworks/K8sIoClientGo.qll
@@ -8,7 +8,6 @@ import go
 */
 module K8sIoClientGo {
  /** Gets the package name `k8s.io/client-go/kubernetes/typed/core/v1`. */
-  bindingset[result]
  string packagePath() { result = package("k8s.io/client-go", "kubernetes/typed/core/v1") }

  /**
--- a/ql/src/semmle/go/frameworks/Logrus.qll
+++ b/ql/src/semmle/go/frameworks/Logrus.qll
@@ -5,7 +5,6 @@ import go
 /** Provides models of commonly used functions in the `github.com/sirupsen/logrus` package. */
 module Logrus {
  /** Gets the package name `github.com/sirupsen/logrus`. */
-  bindingset[result]
  string packagePath() {
    result = package(["github.com/sirupsen/logrus", "github.com/Sirupsen/logrus"], "")
  }
--- a/ql/src/semmle/go/frameworks/Protobuf.qll
+++ b/ql/src/semmle/go/frameworks/Protobuf.qll
@@ -5,23 +5,19 @@ import go
 /** Provides models of commonly used functions and types in the protobuf packages. */
 module Protobuf {
  /** Gets the name of the modern protobuf top-level implementation package. */
-  bindingset[result]
  string modernProtobufPackage() { result = package("google.golang.org/protobuf", "proto") }

  /** Gets the name of the modern protobuf implementation's `protoiface` subpackage. */
-  bindingset[result]
  string protobufIfacePackage() {
    result = package("google.golang.org/protobuf", "runtime/protoiface")
  }

  /** Gets the name of the modern protobuf implementation's `protoreflect` subpackage. */
-  bindingset[result]
  string protobufReflectPackage() {
    result = package("google.golang.org/protobuf", "reflect/protoreflect")
  }

  /** Gets the name of a top-level protobuf implementation package. */
-  bindingset[result]
  string protobufPackages() {
    result in [package("github.com/golang/protobuf", "proto"), modernProtobufPackage()]
  }
--- a/ql/src/semmle/go/frameworks/Revel.qll
+++ b/ql/src/semmle/go/frameworks/Revel.qll
@@ -8,7 +8,6 @@ private import semmle.go.security.OpenUrlRedirectCustomizations
 /** Provides classes and methods modelling the Revel web framework. */
 module Revel {
  /** Gets the package name `github.com/revel/revel`. */
-  bindingset[result]
  string packagePath() { result = package(["github.com/revel", "github.com/robfig"], "revel") }

  private class ControllerParams extends UntrustedFlowSource::Range, DataFlow::FieldReadNode {
--- a/ql/src/semmle/go/frameworks/SQL.qll
+++ b/ql/src/semmle/go/frameworks/SQL.qll
@@ -101,11 +101,9 @@ module SQL {
    }

    /** A string that might identify package `go-pg/pg` or a specific version of it. */
-    bindingset[result]
    private string gopg() { result = package("github.com/go-pg/pg", "") }

    /** A string that might identify package `go-pg/pg/orm` or a specific version of it. */
-    bindingset[result]
    private string gopgorm() { result = package("github.com/go-pg/pg", "orm") }

    /**
@@ -219,7 +217,6 @@ module SQL {

 module Gorm {
  /** Gets the package name for Gorm. */
-  bindingset[result]
  string packagePath() {
    result = package(["github.com/jinzhu/gorm", "github.com/go-gorm/gorm", "gorm.io/gorm"], "")
  }
--- a/ql/src/semmle/go/frameworks/Spew.qll
+++ b/ql/src/semmle/go/frameworks/Spew.qll
@@ -9,7 +9,6 @@ import go
 */
 module Spew {
  /** Gets the package path `github.com/davecgh/go-spew/spew`. */
-  bindingset[result]
  private string packagePath() { result = package("github.com/davecgh/go-spew", "spew") }

  private class SpewCall extends LoggerCall::Range, DataFlow::CallNode {
--- a/ql/src/semmle/go/frameworks/SystemCommandExecutors.qll
+++ b/ql/src/semmle/go/frameworks/SystemCommandExecutors.qll
@@ -79,7 +79,6 @@ private class GoShCommandExecution extends SystemCommandExecution::Range, DataFl

 module CryptoSsh {
  /** Gets the package path `golang.org/x/crypto/ssh`. */
-  bindingset[result]
  string packagePath() { result = package("golang.org/x/crypto", "ssh") }

  /**
--- a/ql/src/semmle/go/frameworks/Testing.qll
+++ b/ql/src/semmle/go/frameworks/Testing.qll
@@ -90,7 +90,6 @@ module TestFile {
 /** Provides classes modelling Ginkgo. */
 module Ginkgo {
  /** Gets the package path `github.com/onsi/ginkgo`. */
-  bindingset[result]
  string packagePath() { result = package("github.com/onsi/ginkgo", "") }

  /** The Ginkgo `Fail` function, which always panics. */
--- a/ql/src/semmle/go/frameworks/WebSocket.qll
+++ b/ql/src/semmle/go/frameworks/WebSocket.qll
@@ -300,24 +300,20 @@ module WebSocketReader {

 module GorillaWebsocket {
  /** Gets the package name `github.com/gorilla/websocket`. */
-  bindingset[result]
  string packagePath() { result = package("github.com/gorilla", "websocket") }
 }

 module GolangOrgXNetWebsocket {
  /** Gets the package name `golang.org/x/net/websocket`. */
-  bindingset[result]
  string packagePath() { result = package("golang.org/x/net", "websocket") }
 }

 module NhooyrWebSocket {
  /** Gets the package name `nhooyr.io/websocket/`. */
-  bindingset[result]
  string packagePath() { result = package("nhooyr.io/websocket", "") }
 }

 module GobwasWs {
  /** Gets the package name `github.com/gobwas/ws`. */
-  bindingset[result]
  string packagePath() { result = package("github.com/gobwas/ws", "") }
 }
--- a/ql/src/semmle/go/frameworks/XNetHtml.qll
+++ b/ql/src/semmle/go/frameworks/XNetHtml.qll
@@ -12,7 +12,6 @@ import go
 /** Provides models of commonly used functions in the `golang.org/x/net/html` subpackage. */
 module XNetHtml {
  /** Gets the package name `golang.org/x/net/html`. */
-  bindingset[result]
  string packagePath() { result = package("golang.org/x/net", "html") }

  private class EscapeString extends HtmlEscapeFunction, TaintTracking::FunctionModel {
--- a/ql/src/semmle/go/frameworks/XPath.qll
+++ b/ql/src/semmle/go/frameworks/XPath.qll
@@ -191,7 +191,6 @@ module XPath {

 module XmlPath {
  /** Gets the package name `github.com/go-xmlpath/xmlpath` or `gopkg.in/xmlpath`. */
-  bindingset[result]
  string packagePath() {
    result = package(["github.com/go-xmlpath/xmlpath", "gopkg.in/xmlpath"], "")
  }
--- a/ql/src/semmle/go/frameworks/Yaml.qll
+++ b/ql/src/semmle/go/frameworks/Yaml.qll
@@ -9,7 +9,6 @@ import go
 */
 module Yaml {
  /** Gets a package path for the Yaml package. */
-  bindingset[result]
  string packagePath() { result = package("gopkg.in/yaml", "") }

  private class MarshalFunction extends TaintTracking::FunctionModel, MarshalingFunction::Range {
--- a/ql/src/semmle/go/frameworks/Zap.qll
+++ b/ql/src/semmle/go/frameworks/Zap.qll
@@ -9,7 +9,6 @@ import go
 */
 module Zap {
  /** Gets the package path `go.uber.org/zap`. */
-  bindingset[result]
  private string packagePath() { result = package("go.uber.org/zap", "") }

  /** Gets a suffix for a method on `zap.SugaredLogger`. */
--- a/ql/src/semmle/go/frameworks/stdlib/Context.qll
+++ b/ql/src/semmle/go/frameworks/stdlib/Context.qll
@@ -12,7 +12,6 @@ module Context {
   * The two packages are identical; before Go 1.7 it was only available
   * under `golang.org/x`; as of Go 1.7 it is included in the standard library.
   */
-  bindingset[result]
  private string packagePath() { result = ["context", package("golang.org/x/net", "context")] }

  private class FunctionModels extends TaintTracking::FunctionModel {
--- a/ql/test/library-tests/semmle/go/Packages/main.go
+++ b/ql/test/library-tests/semmle/go/Packages/main.go
@@ -4,8 +4,8 @@ import (
 	"fmt"

 	"github.com/nonexistent-test-pkg"
-	"github.com/nonexistent/test"
-	test2 "github.com/nonexistent/v2/test"
+	_ "github.com/nonexistent/test"
+	_ "github.com/nonexistent/v2/test"
 )

 func main() {
--- a/ql/test/library-tests/semmle/go/Packages/package.expected
+++ b/ql/test/library-tests/semmle/go/Packages/package.expected
@@ -1,2 +1,2 @@
-| PackageName/test |
-| PackageName/v2/test |
+| github.com/nonexistent/test |
+| github.com/nonexistent/v2/test |