Expose Remote Query language (#1173)
This commit is contained in:
Charis Kyriakou
@@ -77,6 +77,7 @@ export class RemoteQueriesInterfaceManager {
|
|||||||
queryFileName: queryFileName,
|
queryFileName: queryFileName,
|
||||||
queryFilePath: query.queryFilePath,
|
queryFilePath: query.queryFilePath,
|
||||||
queryText: query.queryText,
|
queryText: query.queryText,
|
||||||
|
language: query.language,
|
||||||
workflowRunUrl: `https://github.com/${query.controllerRepository.owner}/${query.controllerRepository.name}/actions/runs/${query.actionsWorkflowRunId}`,
|
workflowRunUrl: `https://github.com/${query.controllerRepository.owner}/${query.controllerRepository.name}/actions/runs/${query.actionsWorkflowRunId}`,
|
||||||
totalRepositoryCount: query.repositories.length,
|
totalRepositoryCount: query.repositories.length,
|
||||||
affectedRepositoryCount: affectedRepositories.length,
|
affectedRepositoryCount: affectedRepositories.length,
|
||||||
|
|||||||
@@ -4,6 +4,7 @@ export interface RemoteQuery {
|
|||||||
queryName: string;
|
queryName: string;
|
||||||
queryFilePath: string;
|
queryFilePath: string;
|
||||||
queryText: string;
|
queryText: string;
|
||||||
|
language: string;
|
||||||
controllerRepository: Repository;
|
controllerRepository: Repository;
|
||||||
repositories: Repository[];
|
repositories: Repository[];
|
||||||
executionStartTime: number; // Use number here since it needs to be serialized and desserialized.
|
executionStartTime: number; // Use number here since it needs to be serialized and desserialized.
|
||||||
|
|||||||
@@ -314,7 +314,15 @@ export async function runRemoteQuery(
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
const remoteQuery = await buildRemoteQueryEntity(repositories, queryFile, queryMetadata, owner, repo, queryStartTime, workflowRunId);
|
const remoteQuery = await buildRemoteQueryEntity(
|
||||||
|
repositories,
|
||||||
|
queryFile,
|
||||||
|
queryMetadata,
|
||||||
|
owner,
|
||||||
|
repo,
|
||||||
|
queryStartTime,
|
||||||
|
workflowRunId,
|
||||||
|
language);
|
||||||
|
|
||||||
// don't return the path because it has been deleted
|
// don't return the path because it has been deleted
|
||||||
return { query: remoteQuery };
|
return { query: remoteQuery };
|
||||||
@@ -437,7 +445,8 @@ async function buildRemoteQueryEntity(
|
|||||||
controllerRepoOwner: string,
|
controllerRepoOwner: string,
|
||||||
controllerRepoName: string,
|
controllerRepoName: string,
|
||||||
queryStartTime: number,
|
queryStartTime: number,
|
||||||
workflowRunId: number
|
workflowRunId: number,
|
||||||
|
language: string
|
||||||
): Promise<RemoteQuery> {
|
): Promise<RemoteQuery> {
|
||||||
// The query name is either the name as specified in the query metadata, or the file name.
|
// The query name is either the name as specified in the query metadata, or the file name.
|
||||||
const queryName = queryMetadata?.name ?? path.basename(queryFilePath);
|
const queryName = queryMetadata?.name ?? path.basename(queryFilePath);
|
||||||
@@ -453,6 +462,7 @@ async function buildRemoteQueryEntity(
|
|||||||
queryName,
|
queryName,
|
||||||
queryFilePath,
|
queryFilePath,
|
||||||
queryText,
|
queryText,
|
||||||
|
language,
|
||||||
controllerRepository: {
|
controllerRepository: {
|
||||||
owner: controllerRepoOwner,
|
owner: controllerRepoOwner,
|
||||||
name: controllerRepoName,
|
name: controllerRepoName,
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ export const sampleRemoteQuery: RemoteQuery = {
|
|||||||
queryName: 'Inefficient regular expression',
|
queryName: 'Inefficient regular expression',
|
||||||
queryFilePath: '/Users/foo/dev/vscode-codeql-starter/ql/javascript/ql/src/Performance/ReDoS.ql',
|
queryFilePath: '/Users/foo/dev/vscode-codeql-starter/ql/javascript/ql/src/Performance/ReDoS.ql',
|
||||||
queryText: '/**\n * @name Inefficient regular expression\n * @description A regular expression that requires exponential time to match certain inputs\n * can be a performance bottleneck, and may be vulnerable to denial-of-service\n * attacks.\n * @kind problem\n * @problem.severity error\n * @security-severity 7.5\n * @precision high\n * @id js/redos\n * @tags security\n * external/cwe/cwe-1333\n * external/cwe/cwe-730\n * external/cwe/cwe-400\n */\n\nimport javascript\nimport semmle.javascript.security.performance.ReDoSUtil\nimport semmle.javascript.security.performance.ExponentialBackTracking\n\nfrom RegExpTerm t, string pump, State s, string prefixMsg\nwhere hasReDoSResult(t, pump, s, prefixMsg)\nselect t,\n "This part of the regular expression may cause exponential backtracking on strings " + prefixMsg +\n "containing many repetitions of \'" + pump + "\'."\n',
|
queryText: '/**\n * @name Inefficient regular expression\n * @description A regular expression that requires exponential time to match certain inputs\n * can be a performance bottleneck, and may be vulnerable to denial-of-service\n * attacks.\n * @kind problem\n * @problem.severity error\n * @security-severity 7.5\n * @precision high\n * @id js/redos\n * @tags security\n * external/cwe/cwe-1333\n * external/cwe/cwe-730\n * external/cwe/cwe-400\n */\n\nimport javascript\nimport semmle.javascript.security.performance.ReDoSUtil\nimport semmle.javascript.security.performance.ExponentialBackTracking\n\nfrom RegExpTerm t, string pump, State s, string prefixMsg\nwhere hasReDoSResult(t, pump, s, prefixMsg)\nselect t,\n "This part of the regular expression may cause exponential backtracking on strings " + prefixMsg +\n "containing many repetitions of \'" + pump + "\'."\n',
|
||||||
|
language: 'javascript',
|
||||||
controllerRepository: {
|
controllerRepository: {
|
||||||
owner: 'big-corp',
|
owner: 'big-corp',
|
||||||
name: 'controller-repo'
|
name: 'controller-repo'
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ export interface RemoteQueryResult {
|
|||||||
queryFileName: string;
|
queryFileName: string;
|
||||||
queryFilePath: string;
|
queryFilePath: string;
|
||||||
queryText: string;
|
queryText: string;
|
||||||
|
language: string;
|
||||||
workflowRunUrl: string;
|
workflowRunUrl: string;
|
||||||
totalRepositoryCount: number;
|
totalRepositoryCount: number;
|
||||||
affectedRepositoryCount: number;
|
affectedRepositoryCount: number;
|
||||||
|
|||||||
@@ -25,6 +25,7 @@ const emptyQueryResult: RemoteQueryResult = {
|
|||||||
queryFileName: '',
|
queryFileName: '',
|
||||||
queryFilePath: '',
|
queryFilePath: '',
|
||||||
queryText: '',
|
queryText: '',
|
||||||
|
language: '',
|
||||||
workflowRunUrl: '',
|
workflowRunUrl: '',
|
||||||
totalRepositoryCount: 0,
|
totalRepositoryCount: 0,
|
||||||
affectedRepositoryCount: 0,
|
affectedRepositoryCount: 0,
|
||||||
|
|||||||
Reference in New Issue
Block a user