Merge 4-0-242 to backup_sync #171
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
Removes the old frontend and related CLI arguments. Hard deadline 20 Sept 2024.
Profiled `ArrayTests` to detect ambiguity and decisions with high lookaheads and modified test fixture to print profiler logs if enabled. This led to converting certain array rules to use more specific rules and fall back to more general rules less often. Some small improvements on `railsgoat` measured with `time` command on `joern-parse`: ``` // With ambiguity 75.58s user 1.98s system 356% cpu 21.762 total 73.56s user 2.61s system 492% cpu 15.452 total 66.52s user 2.01s system 387% cpu 17.667 total // With reduced ambiguity 65.42s user 1.94s system 443% cpu 15.189 total 74.58s user 2.01s system 557% cpu 13.744 total 74.39s user 1.75s system 560% cpu 13.595 total ```
…and detect project and configuration names automatically (joernio#4934) Fix android project detection and automatic name detection for gradle dependency fetcher
There were some unused parser rules adding unnecessary complexity to the parser
Added `simpleCommandArgumentList` to allow multiple call args for `methodInvocationWithoutParentheses`
* fix assignmentModulo
* fix assignmentXor
* fix assignmentOr
* fix assignmentAnd
* fix assignmentExponentiation
* fix assignmentShiftLeft
* fix assignment{Logical,Arithmetic}ShiftRight
* scalafmt
…#4954) These synthetic METHOD nodes did not have an offset at all. For: https://shiftleftinc.atlassian.net/browse/SEN-3250
…o#4955) As soon as `FullNameSemantics` started logging duplicate semantics (in joernio#4954), it was observed that `SemanticTestCpg` was passing a fresh Semantics instance to `EngineContext` instead of passing the one used by `OssDataFlow`. By coincidence, however, they were the same. Nevertheless, this patch guarantees they are the same.
Using the CDT API (getContainingFilename) now. For: joernio#4924
* [ruby] ANTLR Profiler Summary * Introduced global profiling to summarize rule and parse performance across the project * Added a shutdown hook to dump a summary of the profiler rules in a file `antlr_summary.log` at the root of the project with this information * Check parent exists before dumping. May not be there during test cases * Added note around shutdown hook
Sometimes AST trees would be thrown away, specifically when long chained expressions would be compressed into temporary cache variables. This only happens with expressions, and closures typically write directly to the diff graph. This PR minimizes what is written directly to the diff graph from function creation, and extends `x2cpg.Ast` to also include `CAPTURE` edges. This also introduces `closureToRefs` map to track which `Block` nodes already have live method ASTs in the diff graph.
…rnio#4983) This reverts commit 3c27bf6.
* [ruby] Changed handling of ForEach loops * [ruby] fixed double _astIn reference to identifier * [ruby] fix failing tests
…" (joernio#4985) * Revert "Revert "[ruby] Ignore "Throwaway" AST Structures (joernio#4982)" (joernio#4983)" This reverts commit 464480d. * [ruby] Re-implemented "Ignore "Throwaway" AST Structures (joernio#4982)" This correctly prevents re-use of nodes that are already being used elsewhere by ensuring deep copies.
`RubyExpression` nodes don't inherently consider the `span` in the calculation of its hash, so when put into any hashed context, nodes that only rely on `span` alone will collide in these contexts.
Just discovered the latest addition to joernio#5256 of the sarif config was `val` and would not be able to be redefined for tools extending the REPL.
* [sarif] Add Reporting Descriptors & More "Optionality" * Added reporting descriptors which allow one to add more meta data to rules, and link findings to a given existing entry. * Moved the sarif instantiation to the RunBeforeCode object which separates actions from tools deriving from Joern * Using more "optional" properties where possible on properties which are not required by the sarif schema * Moved parameter to back * Test expectations
…o#5273) GitHub code scanning has strict requirements on SARIF files that need to be enforced, such as minimum elements in an array, line number > 0, etc. Some validators emit warnings on this, but GH fails the pipeline. Additionally, GitHub makes use of fingerprinting to avoid duplication between versions. The SARIF conversion has been adapted to accommodate the above.
… file signature format (joernio#5274) * First version of a JVM binary signature calculator for java parser classes. * Add binary signatures to javasrc nodes * Add generic signature for native foreach iterator tmp local * Do some cleanup * Add test for type parameter with multiple interface bounds * Add generic tests description and add unspecified type to lambda type decls --------- Co-authored-by: Markus Lottmann <[email protected]>
* [pysrc2cpg] Refactor convert methods for function lowering. Use shared implementation. * Separate method full names for redefined functions. * Fmt
…151) (joernio#5286) * handle errors gracefully * use scala best practices * trim dependency names and versions * test for asserting if version is trimmed Co-authored-by: Karan Batavia <[email protected]>
…ls (joernio#5290) * [c#] initial support for replacing setter assignments with setter calls * translateBinaryOperatorName -> binaryOperatorsMap
* Using Block Scope fix (#109) * fix methodFullName inside using block * code refactoring * Try handling change * added curly braces * fix import * review comments --------- Co-authored-by: Ankit Kumar <[email protected]>
* fix - partial ast gen result in case of failure --------- Co-authored-by: PallaviShreshtha <[email protected]>
In the case where an unexpected string in placed in the `filename` property, default to attempting URI construction within a `Try` and returning a `None` on failure
* [c#] fix synthetic set_* method call signature * [c#] support setter assignments via += et al assignments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Created by Github action