hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 13:11:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
bedb80346a700a0f721f1985a113dbf754a74236
codeql/java/ql/src/Telemetry/DatabaseQualityDiagnostics.ql

58 lines
2.0 KiB
Plaintext
Raw Blame History

/**
* @name Low Java analysis quality
* @description Low Java analysis quality
* @kind diagnostic
* @id java/diagnostic/database-quality
*/
import java
import DatabaseQuality
private predicate diagnostic(string msg, float value, float threshold) {
CallTargetStatsReport::percentageOfOk(msg, value) and
threshold = 85
or
ExprTypeStatsReport::percentageOfOk(msg, value) and
threshold = 85
}
private newtype TDbQualityDiagnostic =
TTheDbQualityDiagnostic() {
exists(float percentageGood, float threshold |
diagnostic(_, percentageGood, threshold) and
percentageGood < threshold
)
}
private string getDbHealth() {
result =
strictconcat(string msg, float value, float threshold |
diagnostic(msg, value, threshold)
|
msg + ": " + value.floor() + " % (threshold " + threshold.floor() + " %)", ". "
)
}
class DbQualityDiagnostic extends TDbQualityDiagnostic {
string toString() {
result =
"Scanning Java code completed successfully, but the scan encountered issues. " +
"This may be caused by problems identifying dependencies or use of generated source code. " +
"Some metrics of the database quality are: " + getDbHealth() + ". " +
"Ideally these metrics should be above their thresholds. " +
"Addressing these issues is advisable to avoid false-positives or missing results. If they cannot be addressed, consider scanning Java "
+
"using either the `autobuild` or `manual` [build modes](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#comparison-of-the-build-modes)."
}
}
query predicate diagnosticAttributes(DbQualityDiagnostic e, string key, string value) {
exists(e) and // Quieten warning about unconstrained 'e'
key = ["visibilityCliSummaryTable", "visibilityTelemetry", "visibilityStatusPage"] and
value = "true"
}
from DbQualityDiagnostic d
select d, d.toString(), 1
/* Warning severity */
Reference in New Issue View Git Blame Copy Permalink