mrva/vscode-codeql
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Add signature to ModeledMethod

Browse Source
This commit is contained in:
Robert
2023-07-13 16:36:52 +01:00
parent f927ac9f1c
commit 111dfff7fb
8 changed files with 163 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
extensions/ql-vscode/src/data-extensions-editor/auto-model.ts
View File

@@ -140,6 +140,12 @@ export function parsePredictedClassifications(
input: "",
output: "",
provenance: "ai-generated",
signature,
// predictedBySignature[signature] always has at least element
packageName: predictedMethods[0].package,
typeName: predictedMethods[0].type,
methodName: predictedMethods[0].name,
methodParameters: predictedMethods[0].signature,
};
continue;
}
@@ -157,6 +163,11 @@ export function parsePredictedClassifications(
input: sink.input ?? "",
output: sink.output ?? "",
provenance: "ai-generated",
signature,
packageName: sink.package,
typeName: sink.type,
methodName: sink.name,
methodParameters: sink.signature,
};
}

6
extensions/ql-vscode/src/data-extensions-editor/modeled-method.ts
View File

@@ -1,3 +1,5 @@
import { MethodSignature } from "./external-api-usage";
export type ModeledMethodType =
| "none"
| "source"
@@ -17,13 +19,13 @@ export type Provenance =
// Entered by the user in the editor manually
| "manual";
export type ModeledMethod = {
export interface ModeledMethod extends MethodSignature {
type: ModeledMethodType;
input: string;
output: string;
kind: string;
provenance: Provenance;
};
}
export type ModeledMethodWithSignature = {
signature: string;

112
extensions/ql-vscode/src/data-extensions-editor/predicates.ts
View File

@@ -46,16 +46,24 @@ export const extensiblePredicateDefinitions: Record<
method.modeledMethod.kind,
method.modeledMethod.provenance,
],
readModeledMethod: (row) => ({
signature: readRowToMethod(row),
modeledMethod: {
type: "source",
input: "",
output: row[6] as string,
kind: row[7] as string,
provenance: row[8] as Provenance,
},
}),
readModeledMethod: (row) => {
const signature = readRowToMethod(row);
return {
signature,
modeledMethod: {
type: "source",
input: "",
output: row[6] as string,
kind: row[7] as string,
provenance: row[8] as Provenance,
signature,
packageName: row[0] as string,
typeName: row[1] as string,
methodName: row[3] as string,
methodParameters: row[4] as string,
},
};
},
supportedKinds: ["remote"],
},
sink: {
@@ -75,16 +83,24 @@ export const extensiblePredicateDefinitions: Record<
method.modeledMethod.kind,
method.modeledMethod.provenance,
],
readModeledMethod: (row) => ({
signature: readRowToMethod(row),
modeledMethod: {
type: "sink",
input: row[6] as string,
output: "",
kind: row[7] as string,
provenance: row[8] as Provenance,
},
}),
readModeledMethod: (row) => {
const signature = readRowToMethod(row);
return {
signature,
modeledMethod: {
type: "sink",
input: row[6] as string,
output: "",
kind: row[7] as string,
provenance: row[8] as Provenance,
signature,
packageName: row[0] as string,
typeName: row[1] as string,
methodName: row[3] as string,
methodParameters: row[4] as string,
},
};
},
supportedKinds: ["sql", "xss", "logging"],
},
summary: {
@@ -105,16 +121,24 @@ export const extensiblePredicateDefinitions: Record<
method.modeledMethod.kind,
method.modeledMethod.provenance,
],
readModeledMethod: (row) => ({
signature: readRowToMethod(row),
modeledMethod: {
type: "summary",
input: row[6] as string,
output: row[7] as string,
kind: row[8] as string,
provenance: row[9] as Provenance,
},
}),
readModeledMethod: (row) => {
const signature = readRowToMethod(row);
return {
signature,
modeledMethod: {
type: "summary",
input: row[6] as string,
output: row[7] as string,
kind: row[8] as string,
provenance: row[9] as Provenance,
signature,
packageName: row[0] as string,
typeName: row[1] as string,
methodName: row[3] as string,
methodParameters: row[4] as string,
},
};
},
supportedKinds: ["taint", "value"],
},
neutral: {
@@ -130,16 +154,24 @@ export const extensiblePredicateDefinitions: Record<
method.modeledMethod.kind,
method.modeledMethod.provenance,
],
readModeledMethod: (row) => ({
signature: `${row[0]}.${row[1]}#${row[2]}${row[3]}`,
modeledMethod: {
type: "neutral",
input: "",
output: "",
kind: row[4] as string,
provenance: row[5] as Provenance,
},
}),
readModeledMethod: (row) => {
const signature = `${row[0]}.${row[1]}#${row[2]}${row[3]}`;
return {
signature,
modeledMethod: {
type: "neutral",
input: "",
output: "",
kind: row[4] as string,
provenance: row[5] as Provenance,
signature,
packageName: row[0] as string,
typeName: row[1] as string,
methodName: row[2] as string,
methodParameters: row[3] as string,
},
};
},
supportedKinds: ["summary", "source", "sink"],
},
};

25
extensions/ql-vscode/src/stories/data-extensions-editor/DataExtensionsEditor.stories.tsx
View File

@@ -175,6 +175,11 @@ DataExtensionsEditor.args = {
output: "",
kind: "jndi-injection",
provenance: "df-generated",
signature: "org.sql2o.Sql2o#Sql2o(String)",
packageName: "org.sql2o",
typeName: "Sql2o",
methodName: "Sql2o",
methodParameters: "(String)",
},
"org.sql2o.Connection#createQuery(String)": {
type: "summary",
@@ -182,6 +187,11 @@ DataExtensionsEditor.args = {
output: "ReturnValue",
kind: "taint",
provenance: "df-manual",
signature: "org.sql2o.Connection#createQuery(String)",
packageName: "org.sql2o",
typeName: "Connection",
methodName: "createQuery",
methodParameters: "(String)",
},
"org.sql2o.Sql2o#open()": {
type: "summary",
@@ -189,6 +199,11 @@ DataExtensionsEditor.args = {
output: "ReturnValue",
kind: "taint",
provenance: "manual",
signature: "org.sql2o.Sql2o#open()",
packageName: "org.sql2o",
typeName: "Sql2o",
methodName: "open",
methodParameters: "()",
},
"org.sql2o.Query#executeScalar(Class)": {
type: "neutral",
@@ -196,6 +211,11 @@ DataExtensionsEditor.args = {
output: "",
kind: "",
provenance: "df-generated",
signature: "org.sql2o.Query#executeScalar(Class)",
packageName: "org.sql2o",
typeName: "Query",
methodName: "executeScalar",
methodParameters: "(Class)",
},
"org.sql2o.Sql2o#Sql2o(String,String,String)": {
type: "neutral",
@@ -203,6 +223,11 @@ DataExtensionsEditor.args = {
output: "",
kind: "",
provenance: "df-generated",
signature: "org.sql2o.Sql2o#Sql2o(String,String,String)",
packageName: "org.sql2o",
typeName: "Sql2o",
methodName: "Sql2o",
methodParameters: "(String,String,String)",
},
},
};

5
extensions/ql-vscode/src/stories/data-extensions-editor/MethodRow.stories.tsx
View File

@@ -52,5 +52,10 @@ MethodRow.args = {
output: "ReturnValue",
kind: "taint",
provenance: "manual",
signature: "org.sql2o.Sql2o#open()",
packageName: "org.sql2o",
typeName: "Sql2o",
methodName: "open",
methodParameters: "()",
},
};

5
extensions/ql-vscode/src/view/data-extensions-editor/MethodRow.tsx
View File

@@ -100,6 +100,11 @@ function ModelableMethodRow(props: Props) {
...modeledMethod,
type: e.target.value as ModeledMethodType,
provenance: newProvenance,
signature: externalApiUsage.signature,
packageName: externalApiUsage.packageName,
typeName: externalApiUsage.typeName,
methodName: externalApiUsage.methodName,
methodParameters: externalApiUsage.methodParameters,
});
},
[onChange, externalApiUsage, modeledMethod, argumentsList],

10
extensions/ql-vscode/test/unit-tests/data-extensions-editor/auto-model.test.ts
View File

@@ -221,6 +221,11 @@ describe("createAutoModelRequest", () => {
input: "",
output: "",
provenance: "manual",
signature: "org.sql2o.Sql2o#open()",
packageName: "org.sql2o",
typeName: "Sql2o",
methodName: "open",
methodParameters: "()",
},
"org.sql2o.Sql2o#Sql2o(String)": {
type: "sink",
@@ -228,6 +233,11 @@ describe("createAutoModelRequest", () => {
input: "Argument[0]",
output: "",
provenance: "manual",
signature: "org.sql2o.Sql2o#Sql2o(String)",
packageName: "org.sql2o",
typeName: "Sql2o",
methodName: "Sql2o",
methodParameters: "(String)",
},
};

31
extensions/ql-vscode/test/unit-tests/data-extensions-editor/yaml.test.ts
View File

@@ -47,6 +47,11 @@ describe("createDataExtensionYaml", () => {
output: "",
kind: "sql",
provenance: "df-generated",
signature: "org.sql2o.Connection#createQuery(String)",
packageName: "org.sql2o",
typeName: "Connection",
methodName: "createQuery",
methodParameters: "(String)",
},
},
{
@@ -274,6 +279,11 @@ describe("createDataExtensionYamlsForApplicationMode", () => {
output: "",
kind: "sql",
provenance: "df-generated",
signature: "org.sql2o.Connection#createQuery(String)",
packageName: "org.sql2o",
typeName: "Connection",
methodName: "createQuery",
methodParameters: "(String)",
},
"org.springframework.boot.SpringApplication#run(Class,String[])": {
type: "neutral",
@@ -281,6 +291,12 @@ describe("createDataExtensionYamlsForApplicationMode", () => {
output: "",
kind: "summary",
provenance: "manual",
signature:
"org.springframework.boot.SpringApplication#run(Class,String[])",
packageName: "org.springframework.boot",
typeName: "SpringApplication",
methodName: "run",
methodParameters: "(Class,String[])",
},
"org.sql2o.Sql2o#Sql2o(String,String,String)": {
type: "sink",
@@ -288,6 +304,11 @@ describe("createDataExtensionYamlsForApplicationMode", () => {
output: "",
kind: "jndi",
provenance: "manual",
signature: "org.sql2o.Sql2o#Sql2o(String,String,String)",
packageName: "org.sql2o",
typeName: "Sql2o",
methodName: "Sql2o",
methodParameters: "(String,String,String)",
},
},
);
@@ -439,6 +460,11 @@ describe("createDataExtensionYamlsForFrameworkMode", () => {
output: "",
kind: "sql",
provenance: "df-generated",
signature: "org.sql2o.Connection#createQuery(String)",
packageName: "org.sql2o",
typeName: "Connection",
methodName: "createQuery",
methodParameters: "(String)",
},
"org.sql2o.Sql2o#Sql2o(String,String,String)": {
type: "sink",
@@ -446,6 +472,11 @@ describe("createDataExtensionYamlsForFrameworkMode", () => {
output: "",
kind: "jndi",
provenance: "manual",
signature: "org.sql2o.Sql2o#Sql2o(String,String,String)",
packageName: "org.sql2o",
typeName: "Sql2o",
methodName: "Sql2o",
methodParameters: "(String,String,String)",
},
},
);