mirror of
https://github.com/github/codeql.git
synced 2026-05-14 11:19:27 +02:00
af6e921da5
Previously, a bare child pattern in a query took whatever the next
child of the iterator was and either matched or failed: it would not
scan ahead to find a match. So `(foo ("baz"))` against a `foo` whose
implicit `child` field was `["bar", "baz"]` would fail (the pattern
took "bar" first).
Switch to forward-scan semantics: a SingleNode matcher advances through
the iterator until it finds a child that matches its sub-query. Patterns
that are named-only continue to skip past unnamed children for free.
Order is preserved across multiple bare patterns at the same level —
each pattern advances the shared iterator past whatever it consumed —
so a query cannot match children out of source order.
Captures from a failed match attempt are rolled back via a snapshot, so
partial captures from a complex sub-query do not leak across attempts.
Add two regression tests against the `do` body wrapper in a Ruby
for-loop, whose implicit `child` field contains [do, identifier, end]:
- a query for ("end") matches by skipping past `do` and the identifier
- a query for ("end") then ("do") fails, demonstrating order preservation
CodeQL Shared Libraries
This folder contains shared, language-agnostic CodeQL libraries.
Libraries are organized into separate query packs, in order to allow for
individual versioning. For example, the shared static single assignment (SSA)
library exists in the codeql/ssa pack, which can be referenced by adding
dependencies:
codeql/ssa: 0.0.1
to qlpack.yml.
All shared libraries will belong to a codeql/<name> pack, and live in the
namespace codeql.<name>.