Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes for parsing OpenStack #1985

Closed
wants to merge 19 commits into from
Closed

Fixes for parsing OpenStack #1985

wants to merge 19 commits into from

Conversation

oxisto
Copy link
Member

@oxisto oxisto commented Jan 25, 2025
edited
Loading

This PR is a union of the following PRs

It is needed to properly parse the Openstack project with this library. This is needed because of an external dependency that needs one combined branch. This gives us some time to properly review the individual PRs.

We will most likely not merge this PR, but the individual ones and I will regularly update / rebase this branch until all contained PRs are merged.

@codecov Codecov
Copy link

codecov bot commented Jan 25, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 84.79263% with 33 lines in your changes missing coverage. Please review.

Project coverage is 78.05%. Comparing base (3a7107a) to head (a54a606).
Report is 3 commits behind head on main.

Files with missing lines Patch % Lines
...rc/main/kotlin/de/fraunhofer/aisec/codyze/Sarif.kt 73.07% 4 Missing and 17 partials ⚠️
.../main/kotlin/de/fraunhofer/aisec/codyze/Project.kt 88.23% 2 Missing and 2 partials ⚠️
...ain/kotlin/de/fraunhofer/aisec/codyze/QueryHost.kt 62.50% 1 Missing and 2 partials ⚠️
...nhofer/aisec/codyze/compliance/ProjectExtension.kt 92.00% 0 Missing and 2 partials ⚠️
...n/de/fraunhofer/aisec/codyze/compliance/Command.kt 90.90% 0 Missing and 1 partial ⚠️
...n/de/fraunhofer/aisec/cpg/passes/SymbolResolver.kt 96.66% 0 Missing and 1 partial ⚠️
...raunhofer/aisec/cpg/passes/inference/PassHelper.kt 83.33% 0 Missing and 1 partial ⚠️
Additional details and impacted files
Files with missing lines Coverage Δ
...fraunhofer/aisec/codyze/compliance/SecurityGoal.kt 73.17% <ø> (ø)
...e/fraunhofer/aisec/codyze/QueryScriptDefinition.kt 91.30% <100.00%> (+3.06%) ⬆️
...kotlin/de/fraunhofer/aisec/cpg/graph/Extensions.kt 62.82% <100.00%> (+0.29%) ⬆️
...ofer/aisec/cpg/frontends/java/ExpressionHandler.kt 77.97% <100.00%> (+0.06%) ⬆️
...n/de/fraunhofer/aisec/codyze/compliance/Command.kt 88.88% <90.90%> (-4.22%) ⬇️
...n/de/fraunhofer/aisec/cpg/passes/SymbolResolver.kt 88.02% <96.66%> (+0.88%) ⬆️
...raunhofer/aisec/cpg/passes/inference/PassHelper.kt 80.14% <83.33%> (-0.31%) ⬇️
...nhofer/aisec/codyze/compliance/ProjectExtension.kt 92.00% <92.00%> (ø)
...ain/kotlin/de/fraunhofer/aisec/codyze/QueryHost.kt 72.72% <62.50%> (-8.53%) ⬇️
.../main/kotlin/de/fraunhofer/aisec/codyze/Project.kt 88.88% <88.23%> (+3.17%) ⬆️
... and 1 more

... and 3 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@oxisto oxisto added the publish-to-github-packages If added to a PR, builds from it will be published as a GitHub package label Jan 25, 2025
@oxisto oxisto self-assigned this Jan 25, 2025
@oxisto oxisto force-pushed the openstack-fixes branch 6 times, most recently from 4511db7 to 20803a7 Compare January 26, 2025 17:31
@oxisto oxisto mentioned this pull request Jan 26, 2025
Open
@oxisto oxisto force-pushed the openstack-fixes branch 17 times, most recently from 09e5d73 to bfd705e Compare January 31, 2025 07:04
oxisto and others added 16 commits January 31, 2025 10:28
@oxisto
Added cpg-concepts to query host
581a4cb
@oxisto
Fixed problem with hard cast
4efd414
@oxisto
Proper file:// URIs
dc70096
@oxisto
Addressed code review
25a84f6
@oxisto
Make the SymbolResolver more extensible
2b1214a 
This PR makes all the necessary handle functions `open` so that someone external to this library can extend and replace this pass, if needed. Furthermore, we make all functions we do NOT wish to be overriden `private` (mostly because we consider them part of a legacy API).

Furthermore, this PR adds more documentation to this pass.
@oxisto
Reorganisation of member call candidates to make it easier to overrid…
aed0743 
…e from outside
@oxisto
Getting rid of CXX special cases
96bad97
@oxisto
Trying to remove more legacy code
f7c17c8
@oxisto
Removing legacy resolveMember function
e1bfc16
@oxisto
Added more documentation
b23559e
@KuechA @oxisto
Do not enter local scopes in python
2b9bf44
@KuechA @oxisto
Revert wronge change
d5e11f7
@oxisto
Addressed code review
68ab156
@oxisto
Basic implementation of following context-sensitive calls in `followN…
c87bd0a 
…extDFGUntilHit`

I am not sure if this really solves *all* the problems, but at least this tries to use the information that we have in the calling context in/out so that we are properly following dataflows into functions and out of functions using the correct call (stack).
@oxisto
Using a cloned stack, but somehow still does not work
e946174
@oxisto
More robust implementation
a54a606
@oxisto
Copy link
Member Author

oxisto commented Jan 31, 2025

All PRs are merged, we can close this

@oxisto oxisto closed this Jan 31, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fwendland fwendland Awaiting requested review from fwendland fwendland will be requested when the pull request is marked ready for review fwendland is a code owner

@konradweiss konradweiss Awaiting requested review from konradweiss konradweiss will be requested when the pull request is marked ready for review konradweiss is a code owner

@KuechA KuechA Awaiting requested review from KuechA KuechA will be requested when the pull request is marked ready for review KuechA is a code owner

Assignees

@oxisto oxisto

Labels
publish-to-github-packages If added to a PR, builds from it will be published as a GitHub package
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@oxisto @KuechA