Merge pull request #22081 from geoffw0/rubyinline2

Ruby: Address testFailures in inline expectations tests (part 2)
2026-06-30 00:55:29 +02:00 · 2026-06-29 19:37:28 +01:00
parent f1cc1e5c47 d519f79703
commit f353a17431
5 changed files with 29 additions and 7 deletions
--- a/ruby/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll
+++ b/ruby/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll
@@ -4,11 +4,35 @@ private import codeql.util.test.InlineExpectationsTest
 module Impl implements InlineExpectationsTestSig {
  private import codeql.ruby.ast.internal.TreeSitter

+  private newtype TAnyComment =
+    RubyComment(Ruby::Comment comment) or
+    ErbComment(R::ErbComment comment)
+
  /**
-   * A class representing line comments in Ruby.
+   * A class representing comments that may contain inline expectations (Ruby line comments and ERB comments).
   */
-  class ExpectationComment extends Ruby::Comment {
-    string getContents() { result = this.getValue().suffix(1) }
+  class ExpectationComment extends TAnyComment {
+    Ruby::Comment asRubyComment() { this = RubyComment(result) }
+
+    R::ErbComment asErbComment() { this = ErbComment(result) }
+
+    string toString() {
+      result = this.asRubyComment().toString()
+      or
+      result = this.asErbComment().toString()
+    }
+
+    Location getLocation() {
+      result = this.asRubyComment().getLocation()
+      or
+      result = this.asErbComment().getLocation()
+    }
+
+    string getContents() {
+      result = this.asRubyComment().getValue().suffix(1)
+      or
+      result = this.asErbComment().getValue().suffix(1)
+    }
  }

  class Location = R::Location;
--- a/ruby/ql/test/library-tests/frameworks/sinatra/Flow.expected
+++ b/ruby/ql/test/library-tests/frameworks/sinatra/Flow.expected
@@ -23,7 +23,6 @@ nodes
 | views/index.erb:2:10:2:12 | call to foo | semmle.label | call to foo |
 subpaths
 testFailures
-| views/index.erb:2:10:2:12 | call to foo | Unexpected result: hasTaintFlow |
 #select
 | app.rb:95:10:95:14 | @user | app.rb:103:13:103:22 | call to source | app.rb:95:10:95:14 | @user | $@ | app.rb:103:13:103:22 | call to source | call to source |
 | views/index.erb:2:10:2:12 | call to foo | app.rb:75:12:75:17 | call to params | views/index.erb:2:10:2:12 | call to foo | $@ | app.rb:75:12:75:17 | call to params | call to params |
--- a/ruby/ql/test/library-tests/frameworks/sinatra/views/index.erb
+++ b/ruby/ql/test/library-tests/frameworks/sinatra/views/index.erb
@@ -1,2 +1,2 @@
 <%= @foo %>
-<%= sink foo %>
+<%= sink foo %> <%# $ hasTaintFlow %>
--- a/ruby/ql/test/query-tests/experimental/improper-memoization/ImproperMemoization.expected
+++ b/ruby/ql/test/query-tests/experimental/improper-memoization/ImproperMemoization.expected
@@ -1,5 +1,4 @@
 testFailures
-| improper_memoization.rb:100:1:104:3 | m14 | Unexpected result: result=BAD |
 #select
 | improper_memoization.rb:50:1:55:3 | m7 | improper_memoization.rb:50:8:50:10 | arg | improper_memoization.rb:51:3:53:5 | ... \|\|= ... |
 | improper_memoization.rb:58:1:63:3 | m8 | improper_memoization.rb:58:8:58:10 | arg | improper_memoization.rb:59:3:61:5 | ... \|\|= ... |
--- a/ruby/ql/test/query-tests/experimental/improper-memoization/improper_memoization.rb
+++ b/ruby/ql/test/query-tests/experimental/improper-memoization/improper_memoization.rb
@@ -101,4 +101,4 @@ def m14(arg)
  @m14 ||= {}
  key = "foo/#{arg}"
  @m14[key] ||= long_running_method(arg)
-end
+end # $ SPURIOUS: result=BAD