It's not very useful to look at, and it's a mess when you change any
tests to see all the changes lines in the expected output that you
really do not care about!
I guess we could have done this at the very start of introducing this
test in this PR, but I think the last commit was mostly inspired from
looking at all the things that evidently was re-exported from the trace
import, even when I knew they were not available because of the
`__all__` definition.
However, we can see that `from <pkg> import *` and `import pkg` are
handled differently. Would have liked `has_defined_all_indirection` to
behave in the same way no matter how the import was made.
Notice that `has_defined_all_indirection` all have both
`all_defined_bar_copy` and `all_defined_foo_copy` marked as exported,
even though only `all_defined_foo_copy` is available.
For `from <pkg> import <attr>` we would use to treat the `<pkg>`
(ImportExpr) as a definition of the name `<attr>`.
Since this removes bad import-flow, and nothing broke, I'm guessing this
was never intentional.
However, as illustrated by the `CWE-327-InsecureProtocol` test, this fix
is NOT good enough, since now even the `secure_context` is considered to
be insecure (for both versions). Ouch.
Will fix this in a later commit, since it was only discoverd late on.
While the internal registry was being cleaned up from files removed by
codegen itself, it was not dropping files removed outside of codegen.
Because of this files removed by the user were not being regenerated
again if no change was staged to them, unless `--force` was provided.
This also fixes some such "ghost" entries in the registry and some
missing generated files.
> Out of curiosity: What is the end goal that we're trying to get to with this?
Up until now we would be writing that predicate by hand, see [this example](29c8260004/swift/ql/lib/codeql/swift/elements/expr/MethodLookupExpr.qll (L29-L30)). Now this will be given to us from the get go.
For me this was prompted to give a nicer live demo later at my presentation 🙂
This will add helpers to get the underlying raw entities or constructor
arguments on stubs for synthesized classes.
For example a schema like:
```
@synth.from_class(A)
class B:
pass
@synth.on_arguments(base=A, index=int)
class C:
pass
```
will generate
```
cached
private Raw::A getUnderlyingEntity() { this = Synth::TB(result) }
```
in the `B.qll` stub and
```
cached
private Raw::A getUnderlyingBase() { this = Synth::TC(result, _) }
cached
private int getUnderlyingIndex() { this = Synth::TC(_, result) }
```
in the `C.qll` stub.
As stubs these can be freely changed later on.
