mrva/vscode-codeql
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Gate loading ML models behind a hidden setting

Browse Source
This commit is contained in:
Henry Mercer
2021-11-18 15:30:01 +00:00
committed by Henry Mercer
parent 84ecbfc7a1
commit ed0553c6b6
2 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
extensions/ql-vscode/src/config.ts
View File

@@ -333,3 +333,15 @@ export function getRemoteControllerRepo(): string | undefined {
export async function setRemoteControllerRepo(repo: string | undefined) {
await REMOTE_CONTROLLER_REPO.updateValue(repo, ConfigurationTarget.Global);
}
/**
* Whether to insecurely load ML models from CodeQL packs.
*
* This setting is for internal users only.
*/
const SHOULD_INSECURELY_LOAD_MODELS_FROM_PACKS =
new Setting('shouldInsecurelyLoadModelsFromPacks', RUNNING_QUERIES_SETTING);
export function shouldInsecurelyLoadMlModelsFromPacks(): boolean {
return SHOULD_INSECURELY_LOAD_MODELS_FROM_PACKS.getValue<boolean>();
}

13
extensions/ql-vscode/src/run-queries.ts
View File

@@ -8,7 +8,8 @@ import {
TextDocument,
TextEditor,
Uri,
window
window,
workspace
} from 'vscode';
import { ErrorCodes, ResponseError } from 'vscode-languageclient';
@@ -617,12 +618,18 @@ export async function compileAndRunQueryAgainstDatabase(
}
let availableMlModels: cli.MlModelInfo[] = [];
if (await cliServer.cliConstraints.supportsResolveMlModels()) {
// The `capabilities.untrustedWorkspaces.restrictedConfigurations` entry in package.json doesn't
// work with hidden settings, so we manually check that the workspace is trusted before looking at
// whether the `shouldInsecurelyLoadMlModelsFromPacks` setting is enabled.
if (workspace.isTrusted &&
config.shouldInsecurelyLoadMlModelsFromPacks() &&
await cliServer.cliConstraints.supportsResolveMlModels()) {
try {
availableMlModels = (await cliServer.resolveMlModels(diskWorkspaceFolders)).models;
void logger.log(`Found available ML models at the following paths: ${availableMlModels.map(x => `'${x.path}'`).join(', ')}.`);
} catch (e) {
const message = `Couldn't resolve available ML models for ${qlProgram.queryPath}: ${e}`;
const message = `Couldn't resolve available ML models for ${qlProgram.queryPath}. Running the ` +
`query without any ML models: ${e}.`;
void logger.log(message);
void showAndLogErrorMessage(message);
}