Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Python: New FileSystem Access #14406

Merged
merged 11 commits into from
Nov 16, 2023
Merged

Python: New FileSystem Access #14406

merged 11 commits into from
Nov 16, 2023

Conversation

am0o0
Copy link
Contributor

@am0o0 am0o0 commented Oct 8, 2023

No description provided.

@github-actions github-actions bot added the Python label Oct 8, 2023
@am0o0 am0o0 mentioned this pull request Oct 8, 2023
Closed
2 tasks
@ghsecuritylab ghsecuritylab marked this pull request as ready for review October 24, 2023 09:37
@ghsecuritylab ghsecuritylab requested a review from a team as a code owner October 24, 2023 09:37
RasmusWL
RasmusWL requested changes Nov 6, 2023
View reviewed changes
Copy link
Member

@RasmusWL RasmusWL left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this PR 🙏 💪 The modeling you've added looks good, and thanks for adding tests that use the ConceptsTest setup 🙌

The one major thing I need from you is to restructure the modeling. So far we've kept an (unwritten) policy of using one .qll file for each library we've modeled, so while it's a little less boilerplate code to group them together in FileSystemAccess.qll, I would like you to split them into separate .qll files (anyio, aiofile).

I'm going to add a change-note to highlight this modeling 👍

python/ql/lib/semmle/python/frameworks/Starlette.qll Outdated Show resolved Hide resolved
python/ql/test/library-tests/frameworks/FileSystemAccess/Query.ql Outdated Show resolved Hide resolved
python/ql/test/library-tests/frameworks/FileSystemAccess/starlette.py Outdated Show resolved Hide resolved
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 6, 2023
View reviewed changes
python/ql/lib/semmle/python/frameworks/Sanic.qll
/**
* Provides models for Sanic applications (an instance of `sanic.Sanic`).
*/
module App {

Check warning

Code scanning / CodeQL

Dead code Warning

This code is never used, and it's not publicly exported.
python/ql/test/library-tests/frameworks/FileSystemAccess/Query.ql Fixed Show fixed Hide fixed
@am0o0
Copy link
Contributor Author

am0o0 commented Nov 6, 2023

@RasmusWL do you think there is a need to add a query file to just add a small framework that just has less than 10 functions total? I'm just curious about this I'll make changes according to your review.

@RasmusWL
Copy link
Member

RasmusWL commented Nov 6, 2023

@RasmusWL do you think there is a need to add a query file to just add a small framework that just has less than 10 functions total? I'm just curious about this I'll make changes according to your review.

please do all .qll files (like you did for python/ql/lib/semmle/python/frameworks/Cherrypy.qll), don't add any query (.ql) files

@am0o0
Copy link
Contributor Author

am0o0 commented Nov 6, 2023
edited
Loading

please do all .qll files (like you did for python/ql/lib/semmle/python/frameworks/Cherrypy.qll), don't add any query (.ql) files

Ahh sorry, I wrongly wrote the query file instead of the library file.

@RasmusWL do you think there is a need to add a library file to add a small framework that only has less than 10 functions total? I'm just curious about this I'll make changes according to your review.

@RasmusWL
Copy link
Member

RasmusWL commented Nov 6, 2023

@RasmusWL do you think there is a need to add a library file to add a small framework that only has less than 10 functions total? I'm just curious about this I'll make changes according to your review.

Yes, please do. I know it's a little more boilerplate code, but I would like to keep our structured approach for now 🙏

RasmusWL
RasmusWL reviewed Nov 15, 2023
View reviewed changes
Copy link
Member

@RasmusWL RasmusWL left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for making these changes 🙌 great work 👍

python/ql/test/library-tests/frameworks/baize/FileSystemAccess.py Outdated Show resolved Hide resolved
RasmusWL
RasmusWL approved these changes Nov 15, 2023
View reviewed changes
Copy link
Member

@RasmusWL RasmusWL left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With that little thing fixed, I think we're good to go overall 👍 (will just do a performance test as well for good measure)

@RasmusWL
Copy link
Member

Performance looks fine 👍

@RasmusWL RasmusWL merged commit df144f3 into github:main Nov 16, 2023
13 checks passed
@am0o0 am0o0 deleted the amammad-python-FileSystemAccess branch September 14, 2024 11:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RasmusWL RasmusWL RasmusWL approved these changes

Assignees
No one assigned
Labels
documentation external-contribution Python
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@am0o0 @RasmusWL