From e1fc0ca051d43b46aef2fd1adeeb3a5b3c25ed33 Mon Sep 17 00:00:00 2001
From: Napalys Klicius <napalys@github.com>
Date: Thu, 1 May 2025 14:01:33 +0200
Subject: [PATCH] Added implementation `hdbcli` as part of
 `PEP249::PEP249ModuleApiNode`

---
 python/ql/lib/semmle/python/Frameworks.qll    |  1 +
 .../lib/semmle/python/frameworks/Hdbcli.qll   | 24 +++++++++++++++++++
 .../library-tests/frameworks/hdbcli/pep249.py |  4 ++--
 3 files changed, 27 insertions(+), 2 deletions(-)
 create mode 100644 python/ql/lib/semmle/python/frameworks/Hdbcli.qll

diff --git a/python/ql/lib/semmle/python/Frameworks.qll b/python/ql/lib/semmle/python/Frameworks.qll
index e6af222a615..955385141f7 100644
--- a/python/ql/lib/semmle/python/Frameworks.qll
+++ b/python/ql/lib/semmle/python/Frameworks.qll
@@ -35,6 +35,7 @@ private import semmle.python.frameworks.FlaskAdmin
 private import semmle.python.frameworks.FlaskSqlAlchemy
 private import semmle.python.frameworks.Genshi
 private import semmle.python.frameworks.Gradio
+private import semmle.python.frameworks.Hdbcli
 private import semmle.python.frameworks.Httpx
 private import semmle.python.frameworks.Idna
 private import semmle.python.frameworks.Invoke
diff --git a/python/ql/lib/semmle/python/frameworks/Hdbcli.qll b/python/ql/lib/semmle/python/frameworks/Hdbcli.qll
new file mode 100644
index 00000000000..6b91519ae63
--- /dev/null
+++ b/python/ql/lib/semmle/python/frameworks/Hdbcli.qll
@@ -0,0 +1,24 @@
+/**
+ * Provides classes modeling security-relevant aspects of the `hdbcli` PyPI package.
+ * See https://pypi.org/project/hdbcli/
+ */
+
+private import python
+private import semmle.python.dataflow.new.RemoteFlowSources
+private import semmle.python.Concepts
+private import semmle.python.ApiGraphs
+private import semmle.python.frameworks.PEP249
+
+/**
+ * Provides models for the `hdbcli` PyPI package.
+ * See https://pypi.org/project/hdbcli/
+ */
+private module Hdbcli {
+  /**
+   * A model of `hdbcli` as a module that implements PEP 249, providing ways to execute SQL statements
+   * against a database.
+   */
+  class HdbcliPEP249 extends PEP249::PEP249ModuleApiNode {
+    HdbcliPEP249() { this = API::moduleImport("hdbcli").getMember("dbapi") }
+  }
+}
diff --git a/python/ql/test/library-tests/frameworks/hdbcli/pep249.py b/python/ql/test/library-tests/frameworks/hdbcli/pep249.py
index 35c6e6d87e4..713f15cb6d4 100644
--- a/python/ql/test/library-tests/frameworks/hdbcli/pep249.py
+++ b/python/ql/test/library-tests/frameworks/hdbcli/pep249.py
@@ -3,7 +3,7 @@ from hdbcli import dbapi
 conn = dbapi.connect(address="hostname", port=300, user="username", password="password")
 cursor = conn.cursor()
 
-cursor.execute("some sql", (42,))  # $ MISSING: getSql="some sql"
-cursor.executemany("some sql", (42,))  # $ MISSING: getSql="some sql"
+cursor.execute("some sql", (42,))  # $ getSql="some sql"
+cursor.executemany("some sql", (42,))  # $ getSql="some sql"
     
 cursor.close()