robojerk/codeql-action

Only add ML-powered queries pack if the user didn't manually request it

Browse source
This commit is contained in:
Henry Mercer 2022-02-04 16:28:09 +00:00
parent 1cddec9558
commit 9f32fc9b9d
6 changed files with 86 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

8
lib/config-utils.js generated
View file

@ -124,11 +124,13 @@ async function addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, suite
if (!found) { if (!found) {
throw new Error(getQueryUsesInvalid(configFile, suiteName)); throw new Error(getQueryUsesInvalid(configFile, suiteName));
} }
// If we're running the JavaScript security-extended analysis (or a superset of it) and the repo // If we're running the JavaScript security-extended analysis (or a superset of it), the repo is
// is opted into the ML-powered queries beta, then add the ML-powered query pack so that we run // opted into the ML-powered queries beta, and a user hasn't already added the ML-powered query
// the ML-powered queries. // pack, then add the ML-powered query pack so that we run ML-powered queries.
if (languages.includes("javascript") && if (languages.includes("javascript") &&
(found === "security-extended" || found === "security-and-quality") && (found === "security-extended" || found === "security-and-quality") &&
!(packs.javascript &&
packs.javascript.some((pack) => pack.packName === util_1.ML_POWERED_JS_QUERIES_PACK_NAME)) &&
(await featureFlags.getValue(feature_flags_1.FeatureFlag.MlPoweredQueriesEnabled)) && (await featureFlags.getValue(feature_flags_1.FeatureFlag.MlPoweredQueriesEnabled)) &&
(await (0, util_1.codeQlVersionAbove)(codeQL, codeql_1.CODEQL_VERSION_ML_POWERED_QUERIES))) { (await (0, util_1.codeQlVersionAbove)(codeQL, codeql_1.CODEQL_VERSION_ML_POWERED_QUERIES))) {
if (!packs.javascript) { if (!packs.javascript) {

2
lib/config-utils.js.map
View file

File diff suppressed because one or more lines are too long

30
lib/config-utils.test.js generated
View file

@ -872,7 +872,7 @@ parseInputAndConfigErrorMacro.title = (providedTitle) => `Parse Packs input and
(0, ava_1.default)("input with + only", parseInputAndConfigErrorMacro, {}, " + ", [languages_1.Language.cpp], /remove the '\+'/); (0, ava_1.default)("input with + only", parseInputAndConfigErrorMacro, {}, " + ", [languages_1.Language.cpp], /remove the '\+'/);
(0, ava_1.default)("input with invalid pack name", parseInputAndConfigErrorMacro, {}, " xxx", [languages_1.Language.cpp], /"xxx" is not a valid pack/); (0, ava_1.default)("input with invalid pack name", parseInputAndConfigErrorMacro, {}, " xxx", [languages_1.Language.cpp], /"xxx" is not a valid pack/);
const mlPoweredQueriesMacro = ava_1.default.macro({ const mlPoweredQueriesMacro = ava_1.default.macro({
exec: async (t, codeQLVersion, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries) => { exec: async (t, codeQLVersion, isMlPoweredQueriesFlagEnabled, packsInput, queriesInput, expectedVersionString) => {
return await util.withTmpDir(async (tmpDir) => { return await util.withTmpDir(async (tmpDir) => {
const codeQL = (0, codeql_1.setCodeQL)({ const codeQL = (0, codeql_1.setCodeQL)({
async getVersion() { async getVersion() {
@ -888,15 +888,15 @@ const mlPoweredQueriesMacro = ava_1.default.macro({
}; };
}, },
}); });
const { packs } = await configUtils.initConfig("javascript", queriesInput, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)(isMlPoweredQueriesFlagEnabled const { packs } = await configUtils.initConfig("javascript", queriesInput, packsInput, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)(isMlPoweredQueriesFlagEnabled
? [feature_flags_1.FeatureFlag.MlPoweredQueriesEnabled] ? [feature_flags_1.FeatureFlag.MlPoweredQueriesEnabled]
: []), (0, logging_1.getRunnerLogger)(true)); : []), (0, logging_1.getRunnerLogger)(true));
if (shouldRunMlPoweredQueries) { if (expectedVersionString !== undefined) {
t.deepEqual(packs, { t.deepEqual(packs, {
[languages_1.Language.javascript]: [ [languages_1.Language.javascript]: [
{ {
packName: "codeql/javascript-experimental-atm-queries", packName: "codeql/javascript-experimental-atm-queries",
version: "~0.0.2", version: expectedVersionString,
}, },
], ],
}); });
@ -906,17 +906,15 @@ const mlPoweredQueriesMacro = ava_1.default.macro({
} }
}); });
}, },
title: (_providedTitle, codeQLVersion, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries) => { title: (_providedTitle, codeQLVersion, isMlPoweredQueriesFlagEnabled, packsInput, queriesInput, expectedVersionString) => `ML-powered queries ${expectedVersionString !== undefined
const queriesInputDescription = queriesInput ? `${expectedVersionString} are`
? `'queries: ${queriesInput}'` : "aren't"} loaded for packs: ${packsInput}, queries: ${queriesInput} using CLI v${codeQLVersion} when feature flag is ${isMlPoweredQueriesFlagEnabled ? "enabled" : "disabled"}`,
: "default config";
return `ML-powered queries ${shouldRunMlPoweredQueries ? "are" : "aren't"} loaded for ${queriesInputDescription} using CLI v${codeQLVersion} when feature flag is ${isMlPoweredQueriesFlagEnabled ? "enabled" : "disabled"}`;
},
}); });
// macro, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries // macro, isMlPoweredQueriesFlagEnabled, packsInput, queriesInput, versionString
(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.4", true, "security-extended", false); (0, ava_1.default)(mlPoweredQueriesMacro, "2.7.4", true, undefined, "security-extended", undefined);
(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", false, "security-extended", false); (0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", false, undefined, "security-extended", undefined);
(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, undefined, false); (0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, undefined, undefined, undefined);
(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, "security-extended", true); (0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, undefined, "security-extended", "~0.0.2");
(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, "security-and-quality", true); (0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, undefined, "security-and-quality", "~0.0.2");
(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, "codeql/javascript-experimental-atm-queries@0.0.1", "security-and-quality", "0.0.1");
//# sourceMappingURL=config-utils.test.js.map //# sourceMappingURL=config-utils.test.js.map

2
lib/config-utils.test.js.map
View file

File diff suppressed because one or more lines are too long

77
src/config-utils.test.ts
View file

@ -1713,8 +1713,9 @@ const mlPoweredQueriesMacro = test.macro({
t: ExecutionContext, t: ExecutionContext,
codeQLVersion: string, codeQLVersion: string,
isMlPoweredQueriesFlagEnabled: boolean, isMlPoweredQueriesFlagEnabled: boolean,
packsInput: string | undefined,
queriesInput: string | undefined, queriesInput: string | undefined,
shouldRunMlPoweredQueries: boolean expectedVersionString: string | undefined
) => { ) => {
return await util.withTmpDir(async (tmpDir) => { return await util.withTmpDir(async (tmpDir) => {
const codeQL = setCodeQL({ const codeQL = setCodeQL({
@ -1735,7 +1736,7 @@ const mlPoweredQueriesMacro = test.macro({
const { packs } = await configUtils.initConfig( const { packs } = await configUtils.initConfig(
"javascript", "javascript",
queriesInput, queriesInput,
undefined, packsInput,
undefined, undefined,
undefined, undefined,
false, false,
@ -1755,12 +1756,12 @@ const mlPoweredQueriesMacro = test.macro({
), ),
getRunnerLogger(true) getRunnerLogger(true)
); );
if (shouldRunMlPoweredQueries) { if (expectedVersionString !== undefined) {
t.deepEqual(packs as unknown, { t.deepEqual(packs as unknown, {
[Language.javascript]: [ [Language.javascript]: [
{ {
packName: "codeql/javascript-experimental-atm-queries", packName: "codeql/javascript-experimental-atm-queries",
version: "~0.0.2", version: expectedVersionString,
}, },
], ],
}); });
@ -1773,24 +1774,58 @@ const mlPoweredQueriesMacro = test.macro({
_providedTitle: string | undefined, _providedTitle: string | undefined,
codeQLVersion: string, codeQLVersion: string,
isMlPoweredQueriesFlagEnabled: boolean, isMlPoweredQueriesFlagEnabled: boolean,
packsInput: string | undefined,
queriesInput: string | undefined, queriesInput: string | undefined,
shouldRunMlPoweredQueries: boolean expectedVersionString: string | undefined
) => { ) =>
const queriesInputDescription = queriesInput `ML-powered queries ${
? `'queries: ${queriesInput}'` expectedVersionString !== undefined
: "default config"; ? `${expectedVersionString} are`
: "aren't"
return `ML-powered queries ${ } loaded for packs: ${packsInput}, queries: ${queriesInput} using CLI v${codeQLVersion} when feature flag is ${
shouldRunMlPoweredQueries ? "are" : "aren't"
} loaded for ${queriesInputDescription} using CLI v${codeQLVersion} when feature flag is ${
isMlPoweredQueriesFlagEnabled ? "enabled" : "disabled" isMlPoweredQueriesFlagEnabled ? "enabled" : "disabled"
}`; }`,
},
}); });
// macro, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries // macro, isMlPoweredQueriesFlagEnabled, packsInput, queriesInput, versionString
test(mlPoweredQueriesMacro, "2.7.4", true, "security-extended", false); test(
test(mlPoweredQueriesMacro, "2.7.5", false, "security-extended", false); mlPoweredQueriesMacro,
test(mlPoweredQueriesMacro, "2.7.5", true, undefined, false); "2.7.4",
test(mlPoweredQueriesMacro, "2.7.5", true, "security-extended", true); true,
test(mlPoweredQueriesMacro, "2.7.5", true, "security-and-quality", true); undefined,
"security-extended",
undefined
);
test(
mlPoweredQueriesMacro,
"2.7.5",
false,
undefined,
"security-extended",
undefined
);
test(mlPoweredQueriesMacro, "2.7.5", true, undefined, undefined, undefined);
test(
mlPoweredQueriesMacro,
"2.7.5",
true,
undefined,
"security-extended",
"~0.0.2"
);
test(
mlPoweredQueriesMacro,
"2.7.5",
true,
undefined,
"security-and-quality",
"~0.0.2"
);
test(
mlPoweredQueriesMacro,
"2.7.5",
true,
"codeql/javascript-experimental-atm-queries@0.0.1",
"security-and-quality",
"0.0.1"
);

12
src/config-utils.ts
View file

@ -289,12 +289,18 @@ async function addBuiltinSuiteQueries(
throw new Error(getQueryUsesInvalid(configFile, suiteName)); throw new Error(getQueryUsesInvalid(configFile, suiteName));
} }
// If we're running the JavaScript security-extended analysis (or a superset of it) and the repo // If we're running the JavaScript security-extended analysis (or a superset of it), the repo is
// is opted into the ML-powered queries beta, then add the ML-powered query pack so that we run // opted into the ML-powered queries beta, and a user hasn't already added the ML-powered query
// the ML-powered queries. // pack, then add the ML-powered query pack so that we run ML-powered queries.
if ( if (
languages.includes("javascript") && languages.includes("javascript") &&
(found === "security-extended" || found === "security-and-quality") && (found === "security-extended" || found === "security-and-quality") &&
!(
packs.javascript &&
packs.javascript.some(
(pack) => pack.packName === ML_POWERED_JS_QUERIES_PACK_NAME
)
) &&
(await featureFlags.getValue(FeatureFlag.MlPoweredQueriesEnabled)) && (await featureFlags.getValue(FeatureFlag.MlPoweredQueriesEnabled)) &&
(await codeQlVersionAbove(codeQL, CODEQL_VERSION_ML_POWERED_QUERIES)) (await codeQlVersionAbove(codeQL, CODEQL_VERSION_ML_POWERED_QUERIES))
) { ) {