diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 376af8f..755e15a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -19,6 +19,8 @@ jobs: steps: - name: "Checkout" uses: actions/checkout@v4 + with: + submodules: true - name: "Check for changes" uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 diff --git a/.gitmodules b/.gitmodules index 964592a..07b2cdb 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,3 +1,3 @@ [submodule "extractor/tree-sitter"] path = extractor/tree-sitter - url = https://github.com/tree-sitter-grammars/tree-sitter-bicep + url = https://github.com/geekmasher/tree-sitter-bicep diff --git a/Cargo.lock b/Cargo.lock index e6d6b67..b16cd59 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4,9 +4,9 @@ version = 4 [[package]] name = "adler2" -version = "2.0.0" +version = "2.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627" +checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa" [[package]] name = "aho-corasick" @@ -34,9 +34,9 @@ dependencies = [ [[package]] name = "anstream" -version = "0.6.18" +version = "0.6.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8acc5369981196006228e28809f761875c0327210a891e941f4c683b3a99529b" +checksum = "3ae563653d1938f79b1ab1b5e668c87c76a9930414574a6583a7b7e11a8e6192" dependencies = [ "anstyle", "anstyle-parse", @@ -49,44 +49,44 @@ dependencies = [ [[package]] name = "anstyle" -version = "1.0.10" +version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "55cc3b69f167a1ef2e161439aa98aed94e6028e5f9a59be9a6ffb47aef1651f9" +checksum = "862ed96ca487e809f1c8e5a8447f6ee2cf102f846893800b20cebdf541fc6bbd" [[package]] name = "anstyle-parse" -version = "0.2.6" +version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b2d16507662817a6a20a9ea92df6652ee4f94f914589377d69f3b21bc5798a9" +checksum = "4e7644824f0aa2c7b9384579234ef10eb7efb6a0deb83f9630a49594dd9c15c2" dependencies = [ "utf8parse", ] [[package]] name = "anstyle-query" -version = "1.1.2" +version = "1.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "79947af37f4177cfead1110013d678905c37501914fba0efea834c3fe9a8d60c" +checksum = "9e231f6134f61b71076a3eab506c379d4f36122f2af15a9ff04415ea4c3339e2" dependencies = [ - "windows-sys", + "windows-sys 0.60.2", ] [[package]] name = "anstyle-wincon" -version = "3.0.7" +version = "3.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ca3534e77181a9cc07539ad51f2141fe32f6c3ffd4df76db8ad92346b003ae4e" +checksum = "3e0633414522a32ffaac8ac6cc8f748e090c5717661fddeea04219e2344f5f2a" dependencies = [ "anstyle", - "once_cell", - "windows-sys", + "once_cell_polyfill", + "windows-sys 0.60.2", ] [[package]] name = "autocfg" -version = "1.4.0" +version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26" +checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" [[package]] name = "bstr" @@ -100,30 +100,31 @@ dependencies = [ [[package]] name = "bumpalo" -version = "3.17.0" +version = "3.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1628fb46dfa0b37568d12e5edd512553eccf6a22a78e8bde00bb4aed84d5bdbf" +checksum = "46c5e41b57b8bba42a04676d81cb89e9ee8e859a1a66f80a5a72e1cb76b34d43" [[package]] name = "cc" -version = "1.2.18" +version = "1.2.35" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "525046617d8376e3db1deffb079e91cef90a89fc3ca5c185bbf8c9ecdd15cd5c" +checksum = "590f9024a68a8c40351881787f1934dc11afd69090f5edb6831464694d836ea3" dependencies = [ + "find-msvc-tools", "shlex", ] [[package]] name = "cfg-if" -version = "1.0.0" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" +checksum = "2fd1289c04a9ea8cb22300a459a72a385d7c73d3259e2ed7dcb2af674838cfa9" [[package]] name = "chrono" -version = "0.4.40" +version = "0.4.41" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a7964611d71df112cb1730f2ee67324fcf4d0fc6606acbbe9bfe06df124637c" +checksum = "c469d952047f47f91b68d1cba3f10d63c11d73e4636f24f08daf0278abf01c4d" dependencies = [ "android-tzdata", "iana-time-zone", @@ -136,9 +137,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.35" +version = "4.5.47" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d8aa86934b44c19c50f87cc2790e19f54f7a67aedb64101c2e1a2e5ecfb73944" +checksum = "7eac00902d9d136acd712710d71823fb8ac8004ca445a89e73a41d45aa712931" dependencies = [ "clap_builder", "clap_derive", @@ -146,9 +147,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.35" +version = "4.5.47" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2414dbb2dd0695280da6ea9261e327479e9d37b0630f6b53ba2a11c60c679fd9" +checksum = "2ad9bbf750e73b5884fb8a211a9424a1906c1e156724260fdae972f31d70e1d6" dependencies = [ "anstream", "anstyle", @@ -158,9 +159,9 @@ dependencies = [ [[package]] name = "clap_derive" -version = "4.5.32" +version = "4.5.47" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09176aae279615badda0765c0c0b3f6ed53f4709118af73cf4655d85d1530cd7" +checksum = "bbfd7eae0b0f1a6e63d4b13c9c478de77c2eb546fba158ad50b4203dc24b9f9c" dependencies = [ "heck", "proc-macro2", @@ -170,9 +171,9 @@ dependencies = [ [[package]] name = "clap_lex" -version = "0.7.4" +version = "0.7.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f46ad14479a25103f283c0f10005961cf086d8dc42205bb44c46ac563475dca6" +checksum = "b94f61472cee1439c0b966b47e3aca9ae07e45d070759512cd390ea2bebc6675" [[package]] name = "codeql-extractor" @@ -211,9 +212,9 @@ dependencies = [ [[package]] name = "colorchoice" -version = "1.0.3" +version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990" +checksum = "b05b61dc5112cbb17e4b6cd61790d9845d13888356391624cbe7e41efeac1e75" [[package]] name = "core-foundation-sys" @@ -223,9 +224,9 @@ checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b" [[package]] name = "crc32fast" -version = "1.4.2" +version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a97769d94ddab943e4510d138150169a2758b5ef3eb191a9ee688de3e23ef7b3" +checksum = "9481c1c90cbf2ac953f07c8d4a58aa3945c425b7185c9154d67a65e4230da511" dependencies = [ "cfg-if", ] @@ -325,11 +326,23 @@ version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a246d82be1c9d791c5dfde9a2bd045fc3cbba3fa2b11ad558f27d01712f00569" +[[package]] +name = "equivalent" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f" + +[[package]] +name = "find-msvc-tools" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e178e4fba8a2726903f6ba98a6d221e76f9c12c650d5dc0e6afdc50677b49650" + [[package]] name = "flate2" -version = "1.1.1" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ced92e76e966ca2fd84c8f7aa01a4aea65b0eb6648d72f7c8f3e2764a67fece" +checksum = "4a3d7db9596fecd151c5f638c0ee5d5bd487b6e0ea232e5dc96d5250f6f94b1d" dependencies = [ "crc32fast", "miniz_oxide", @@ -344,10 +357,16 @@ dependencies = [ "aho-corasick", "bstr", "log", - "regex-automata 0.4.9", - "regex-syntax 0.8.5", + "regex-automata", + "regex-syntax", ] +[[package]] +name = "hashbrown" +version = "0.15.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9229cfe53dfd69f0609a49f65461bd93001ea1ef889cd5529dd176593f5338a1" + [[package]] name = "heck" version = "0.5.0" @@ -356,9 +375,9 @@ checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" [[package]] name = "hermit-abi" -version = "0.3.9" +version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d231dfb89cfffdbc30e7fc41579ed6066ad03abda9e567ccafae602b97ec5024" +checksum = "fc0fef456e4baa96da950455cd02c081ca953b141298e41db3fc7e36b1da849c" [[package]] name = "iana-time-zone" @@ -384,6 +403,16 @@ dependencies = [ "cc", ] +[[package]] +name = "indexmap" +version = "2.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2481980430f9f78649238835720ddccc57e52df14ffce1c6f37391d61b563e9" +dependencies = [ + "equivalent", + "hashbrown", +] + [[package]] name = "is_terminal_polyfill" version = "1.70.1" @@ -398,9 +427,9 @@ checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c" [[package]] name = "js-sys" -version = "0.3.77" +version = "0.3.78" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1cfaf33c695fc6e08064efbc1f72ec937429614f25eef83af942d0e227c3a28f" +checksum = "0c0b063578492ceec17683ef2f8c5e89121fbd0b172cbc280635ab7567db2738" dependencies = [ "once_cell", "wasm-bindgen", @@ -414,48 +443,47 @@ checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" [[package]] name = "libc" -version = "0.2.171" +version = "0.2.175" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c19937216e9d3aa9956d9bb8dfc0b0c8beb6058fc4f7a4dc4d850edf86a237d6" +checksum = "6a82ae493e598baaea5209805c49bbf2ea7de956d50d7da0da1164f9c6d28543" [[package]] name = "log" -version = "0.4.27" +version = "0.4.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94" +checksum = "34080505efa8e45a4b816c349525ebe327ceaa8559756f0356cba97ef3bf7432" [[package]] name = "matchers" -version = "0.1.0" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8263075bb86c5a1b1427b5ae862e8889656f126e9f77c484496e8b47cf5c5558" +checksum = "d1525a2a28c7f4fa0fc98bb91ae755d1e2d1505079e05539e35bc876b5d65ae9" dependencies = [ - "regex-automata 0.1.10", + "regex-automata", ] [[package]] name = "memchr" -version = "2.7.4" +version = "2.7.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3" +checksum = "32a282da65faaf38286cf3be983213fcf1d2e2a58700e808f83f4ea9a4804bc0" [[package]] name = "miniz_oxide" -version = "0.8.8" +version = "0.8.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3be647b768db090acb35d5ec5db2b0e1f1de11133ca123b9eacf5137868f892a" +checksum = "1fa76a2c86f704bdb222d66965fb3d63269ce38518b83cb0575fca855ebb6316" dependencies = [ "adler2", ] [[package]] name = "nu-ansi-term" -version = "0.46.0" +version = "0.50.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77a8165726e8236064dbb45459242600304b42a5ea24ee2948e18e023bf7ba84" +checksum = "d4a28e057d01f97e61255210fcff094d74ed0466038633e95017f5beb68e4399" dependencies = [ - "overload", - "winapi", + "windows-sys 0.52.0", ] [[package]] @@ -469,9 +497,9 @@ dependencies = [ [[package]] name = "num_cpus" -version = "1.16.0" +version = "1.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" +checksum = "91df4bbde75afed763b708b7eee1e8e7651e02d97f6d5dd763e89367e957b23b" dependencies = [ "hermit-abi", "libc", @@ -484,10 +512,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" [[package]] -name = "overload" -version = "0.1.1" +name = "once_cell_polyfill" +version = "1.70.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39" +checksum = "a4895175b425cb1f87721b59f0f286c2092bd4af812243672510e1ac53e2e0ad" [[package]] name = "pin-project-lite" @@ -497,9 +525,9 @@ checksum = "3b3cff922bd51709b605d9ead9aa71031d81447142d828eb4a6eba76fe619f9b" [[package]] name = "proc-macro2" -version = "1.0.94" +version = "1.0.101" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a31971752e70b8b2686d7e46ec17fb38dad4051d94024c88df49b667caea9c84" +checksum = "89ae43fd86e4158d6db51ad8e2b80f313af9cc74f5c0e03ccb87de09998732de" dependencies = [ "unicode-ident", ] @@ -515,9 +543,9 @@ dependencies = [ [[package]] name = "rayon" -version = "1.10.0" +version = "1.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b418a60154510ca1a002a752ca9714984e21e4241e804d32555251faf8b78ffa" +checksum = "368f01d005bf8fd9b1206fb6fa653e6c4a81ceb1466406b81792d87c5677a58f" dependencies = [ "either", "rayon-core", @@ -525,9 +553,9 @@ dependencies = [ [[package]] name = "rayon-core" -version = "1.12.1" +version = "1.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1465873a3dfdaa8ae7cb14b4383657caab0b3e8a0aa9ae8e04b044854c8dfce2" +checksum = "22e18b0f0062d30d4230b2e85ff77fdfe4326feb054b9783a3460d8435c8ab91" dependencies = [ "crossbeam-deque", "crossbeam-utils", @@ -535,53 +563,38 @@ dependencies = [ [[package]] name = "regex" -version = "1.11.1" +version = "1.11.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b544ef1b4eac5dc2db33ea63606ae9ffcfac26c1416a2806ae0bf5f56b201191" +checksum = "23d7fd106d8c02486a8d64e778353d1cffe08ce79ac2e82f540c86d0facf6912" dependencies = [ "aho-corasick", "memchr", - "regex-automata 0.4.9", - "regex-syntax 0.8.5", -] - -[[package]] -name = "regex-automata" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132" -dependencies = [ - "regex-syntax 0.6.29", + "regex-automata", + "regex-syntax", ] [[package]] name = "regex-automata" -version = "0.4.9" +version = "0.4.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "809e8dc61f6de73b46c85f4c96486310fe304c434cfa43669d7b40f711150908" +checksum = "6b9458fa0bfeeac22b5ca447c63aaf45f28439a709ccd244698632f9aa6394d6" dependencies = [ "aho-corasick", "memchr", - "regex-syntax 0.8.5", + "regex-syntax", ] [[package]] name = "regex-syntax" -version = "0.6.29" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" - -[[package]] -name = "regex-syntax" -version = "0.8.5" +version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c" +checksum = "caf4aa5b0f434c91fe5c7f1ecb6a5ece2130b02ad2a590589dda5146df959001" [[package]] name = "rustversion" -version = "1.0.20" +version = "1.0.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eded382c5f5f786b989652c49544c4877d9f015cc22e145a5ea8ea66c2921cd2" +checksum = "b39cdef0fa800fc44525c84ccb54a029961a8215f9619753635a9c0d2538d46d" [[package]] name = "ryu" @@ -611,10 +624,11 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.140" +version = "1.0.143" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "20068b6e96dc6c9bd23e01df8827e6c7e1f2fddd43c21810382803c136b99373" +checksum = "d401abef1d108fbd9cbaebc3e46611f4b1021f714a0597a71f41ee463f5f4a5a" dependencies = [ + "indexmap", "itoa", "memchr", "ryu", @@ -638,9 +652,9 @@ checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" [[package]] name = "smallvec" -version = "1.15.0" +version = "1.15.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8917285742e9f3e1683f0a9c4e6b57960b7314d0b08d30d1ecd426713ee2eee9" +checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03" [[package]] name = "streaming-iterator" @@ -656,9 +670,9 @@ checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" [[package]] name = "syn" -version = "2.0.100" +version = "2.0.106" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b09a44accad81e1ba1cd74a32461ba89dee89095ba17b32f5d03683b1b1fc2a0" +checksum = "ede7c438028d4436d71104916910f5bb611972c5cfd7f89b8300a8186e6fada6" dependencies = [ "proc-macro2", "quote", @@ -667,12 +681,11 @@ dependencies = [ [[package]] name = "thread_local" -version = "1.1.8" +version = "1.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b9ef9bad013ada3808854ceac7b46812a6465ba368859a37e2100283d2d719c" +checksum = "f60246a4944f24f6e018aa17cdeffb7818b76356965d03b07d6a9886e8962185" dependencies = [ "cfg-if", - "once_cell", ] [[package]] @@ -688,9 +701,9 @@ dependencies = [ [[package]] name = "tracing-attributes" -version = "0.1.28" +version = "0.1.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "395ae124c09f9e6918a2310af6038fba074bcf474ac352496d5910dd59a2226d" +checksum = "81383ab64e72a7a8b8e13130c49e3dab29def6d0c7d76a03087b3cf71c5c6903" dependencies = [ "proc-macro2", "quote", @@ -699,9 +712,9 @@ dependencies = [ [[package]] name = "tracing-core" -version = "0.1.33" +version = "0.1.34" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e672c95779cf947c5311f83787af4fa8fffd12fb27e4993211a84bdfd9610f9c" +checksum = "b9d12581f227e93f094d3af2ae690a574abb8a2b9b7a96e7cfe9647b2b617678" dependencies = [ "once_cell", "valuable", @@ -720,14 +733,14 @@ dependencies = [ [[package]] name = "tracing-subscriber" -version = "0.3.19" +version = "0.3.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e8189decb5ac0fa7bc8b96b7cb9b2701d60d48805aca84a238004d665fcc4008" +checksum = "2054a14f5307d601f88daf0553e1cbf472acc4f2c51afab632431cdcd72124d5" dependencies = [ "matchers", "nu-ansi-term", "once_cell", - "regex", + "regex-automata", "sharded-slab", "smallvec", "thread_local", @@ -738,13 +751,14 @@ dependencies = [ [[package]] name = "tree-sitter" -version = "0.24.7" +version = "0.25.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a5387dffa7ffc7d2dae12b50c6f7aab8ff79d6210147c6613561fc3d474c6f75" +checksum = "6d7b8994f367f16e6fa14b5aebbcb350de5d7cbea82dc5b00ae997dd71680dd2" dependencies = [ "cc", "regex", - "regex-syntax 0.8.5", + "regex-syntax", + "serde_json", "streaming-iterator", "tree-sitter-language", ] @@ -784,21 +798,22 @@ checksum = "ba73ea9cf16a25df0c8caa16c51acb937d5712a8429db78a3ee29d5dcacd3a65" [[package]] name = "wasm-bindgen" -version = "0.2.100" +version = "0.2.101" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1edc8929d7499fc4e8f0be2262a241556cfc54a0bea223790e71446f2aab1ef5" +checksum = "7e14915cadd45b529bb8d1f343c4ed0ac1de926144b746e2710f9cd05df6603b" dependencies = [ "cfg-if", "once_cell", "rustversion", "wasm-bindgen-macro", + "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-backend" -version = "0.2.100" +version = "0.2.101" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f0a0651a5c2bc21487bde11ee802ccaf4c51935d0d3d42a6101f98161700bc6" +checksum = "e28d1ba982ca7923fd01448d5c30c6864d0a14109560296a162f80f305fb93bb" dependencies = [ "bumpalo", "log", @@ -810,9 +825,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.100" +version = "0.2.101" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7fe63fc6d09ed3792bd0897b314f53de8e16568c2b3f7982f468c0bf9bd0b407" +checksum = "7c3d463ae3eff775b0c45df9da45d68837702ac35af998361e2c84e7c5ec1b0d" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -820,9 +835,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.100" +version = "0.2.101" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ae87ea40c9f689fc23f209965b6fb8a99ad69aeeb0231408be24920604395de" +checksum = "7bb4ce89b08211f923caf51d527662b75bdc9c9c7aab40f86dcb9fb85ac552aa" dependencies = [ "proc-macro2", "quote", @@ -833,40 +848,18 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.100" +version = "0.2.101" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a05d73b933a847d6cccdda8f838a22ff101ad9bf93e33684f39c1f5f0eece3d" +checksum = "f143854a3b13752c6950862c906306adb27c7e839f7414cec8fea35beab624c1" dependencies = [ "unicode-ident", ] -[[package]] -name = "winapi" -version = "0.3.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" -dependencies = [ - "winapi-i686-pc-windows-gnu", - "winapi-x86_64-pc-windows-gnu", -] - -[[package]] -name = "winapi-i686-pc-windows-gnu" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" - -[[package]] -name = "winapi-x86_64-pc-windows-gnu" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" - [[package]] name = "windows-core" -version = "0.61.0" +version = "0.61.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4763c1de310c86d75a878046489e2e5ba02c649d185f21c67d4cf8a56d098980" +checksum = "c0fdd3ddb90610c7638aa2b3a3ab2904fb9e5cdbecc643ddb3647212781c4ae3" dependencies = [ "windows-implement", "windows-interface", @@ -899,35 +892,44 @@ dependencies = [ [[package]] name = "windows-link" -version = "0.1.1" +version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "76840935b766e1b0a05c0066835fb9ec80071d4c09a16f6bd5f7e655e3c14c38" +checksum = "5e6ad25900d524eaabdbbb96d20b4311e1e7ae1699af4fb28c17ae66c80d798a" [[package]] name = "windows-result" -version = "0.3.2" +version = "0.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c64fd11a4fd95df68efcfee5f44a294fe71b8bc6a91993e2791938abcc712252" +checksum = "56f42bd332cc6c8eac5af113fc0c1fd6a8fd2aa08a0119358686e5160d0586c6" dependencies = [ "windows-link", ] [[package]] name = "windows-strings" -version = "0.4.0" +version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a2ba9642430ee452d5a7aa78d72907ebe8cfda358e8cb7918a2050581322f97" +checksum = "56e6c93f3a0c3b36176cb1327a4958a0353d5d166c2a35cb268ace15e91d3b57" dependencies = [ "windows-link", ] [[package]] name = "windows-sys" -version = "0.59.0" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" +checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets", + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-sys" +version = "0.60.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2f500e4d28234f72040990ec9d39e3a6b950f9f22d3dba18416c35882612bcb" +dependencies = [ + "windows-targets 0.53.3", ] [[package]] @@ -936,14 +938,31 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" dependencies = [ - "windows_aarch64_gnullvm", - "windows_aarch64_msvc", - "windows_i686_gnu", - "windows_i686_gnullvm", - "windows_i686_msvc", - "windows_x86_64_gnu", - "windows_x86_64_gnullvm", - "windows_x86_64_msvc", + "windows_aarch64_gnullvm 0.52.6", + "windows_aarch64_msvc 0.52.6", + "windows_i686_gnu 0.52.6", + "windows_i686_gnullvm 0.52.6", + "windows_i686_msvc 0.52.6", + "windows_x86_64_gnu 0.52.6", + "windows_x86_64_gnullvm 0.52.6", + "windows_x86_64_msvc 0.52.6", +] + +[[package]] +name = "windows-targets" +version = "0.53.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5fe6031c4041849d7c496a8ded650796e7b6ecc19df1a431c1a363342e5dc91" +dependencies = [ + "windows-link", + "windows_aarch64_gnullvm 0.53.0", + "windows_aarch64_msvc 0.53.0", + "windows_i686_gnu 0.53.0", + "windows_i686_gnullvm 0.53.0", + "windows_i686_msvc 0.53.0", + "windows_x86_64_gnu 0.53.0", + "windows_x86_64_gnullvm 0.53.0", + "windows_x86_64_msvc 0.53.0", ] [[package]] @@ -952,44 +971,92 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86b8d5f90ddd19cb4a147a5fa63ca848db3df085e25fee3cc10b39b6eebae764" + [[package]] name = "windows_aarch64_msvc" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" +[[package]] +name = "windows_aarch64_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7651a1f62a11b8cbd5e0d42526e55f2c99886c77e007179efff86c2b137e66c" + [[package]] name = "windows_i686_gnu" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" +[[package]] +name = "windows_i686_gnu" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1dc67659d35f387f5f6c479dc4e28f1d4bb90ddd1a5d3da2e5d97b42d6272c3" + [[package]] name = "windows_i686_gnullvm" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" +[[package]] +name = "windows_i686_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ce6ccbdedbf6d6354471319e781c0dfef054c81fbc7cf83f338a4296c0cae11" + [[package]] name = "windows_i686_msvc" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" +[[package]] +name = "windows_i686_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "581fee95406bb13382d2f65cd4a908ca7b1e4c2f1917f143ba16efe98a589b5d" + [[package]] name = "windows_x86_64_gnu" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" +[[package]] +name = "windows_x86_64_gnu" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e55b5ac9ea33f2fc1716d1742db15574fd6fc8dadc51caab1c16a3d3b4190ba" + [[package]] name = "windows_x86_64_gnullvm" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a6e035dd0599267ce1ee132e51c27dd29437f63325753051e71dd9e42406c57" + [[package]] name = "windows_x86_64_msvc" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486" diff --git a/extractor/Cargo.toml b/extractor/Cargo.toml index 883007f..7bf1087 100644 --- a/extractor/Cargo.toml +++ b/extractor/Cargo.toml @@ -10,11 +10,11 @@ edition = "2021" flate2 = "1.0" clap = { version = "4.4", features = ["derive"] } tracing = "0.1" -tracing-subscriber = { version = "0.3.17", features = ["env-filter"] } +tracing-subscriber = { version = "0.3", features = ["env-filter"] } rayon = "1.8" -regex = "1.11.1" +regex = "1.11" # Tree Sitter tree-sitter-bicep = { path = "./tree-sitter" } -tree-sitter = "^0.24" +tree-sitter = "^0.25" # CodeQL - v2.20.4 codeql-extractor = { git = "https://github.com/github/codeql", rev = "c524a98eb91c769cb2994b8373181c2ebd27c20f" } diff --git a/extractor/tree-sitter b/extractor/tree-sitter index bff5988..70abd89 160000 --- a/extractor/tree-sitter +++ b/extractor/tree-sitter @@ -1 +1 @@ -Subproject commit bff59884307c0ab009bd5e81afd9324b46a6c0f9 +Subproject commit 70abd894971f87fa4c7ed7d164bd14d216ef390b diff --git a/ql/lib/bicep.dbscheme b/ql/lib/bicep.dbscheme index 6f45a1d..97c2a04 100644 --- a/ql/lib/bicep.dbscheme +++ b/ql/lib/bicep.dbscheme @@ -109,18 +109,26 @@ yaml_locations(unique int locatable: @yaml_locatable ref, @yaml_locatable = @yaml_node | @yaml_error; /*- BICEP dbscheme -*/ +@bicep_underscore_declaration = @bicep_assert_statement | @bicep_metadata_declaration | @bicep_module_declaration | @bicep_output_declaration | @bicep_parameter_declaration | @bicep_resource_declaration | @bicep_test_block | @bicep_type_declaration | @bicep_user_defined_function | @bicep_variable_declaration + +@bicep_underscore_expression = @bicep_assignment_expression | @bicep_binary_expression | @bicep_lambda_expression | @bicep_ternary_expression | @bicep_unary_expression | @bicep_underscore_primary_expression + +@bicep_underscore_primary_expression = @bicep_array | @bicep_call_expression | @bicep_for_statement | @bicep_member_expression | @bicep_object | @bicep_parenthesized_expression | @bicep_resource_expression | @bicep_string__ | @bicep_subscript_expression | @bicep_token_boolean | @bicep_token_identifier | @bicep_token_null | @bicep_token_number + +@bicep_underscore_statement = @bicep_decorators | @bicep_import_functionality | @bicep_import_statement | @bicep_import_with_statement | @bicep_target_scope_assignment | @bicep_underscore_declaration | @bicep_using_statement + #keyset[bicep_arguments, index] bicep_arguments_child( int bicep_arguments: @bicep_arguments ref, int index: int ref, - unique int child: @bicep_expression ref + unique int child: @bicep_underscore_expression ref ); bicep_arguments_def( unique int id: @bicep_arguments ); -@bicep_array_child_type = @bicep_decorators | @bicep_expression +@bicep_array_child_type = @bicep_decorators | @bicep_underscore_expression #keyset[bicep_array, index] bicep_array_child( @@ -141,7 +149,7 @@ bicep_array_type_def( bicep_assert_statement_def( unique int id: @bicep_assert_statement, int name: @bicep_token_identifier ref, - int child: @bicep_expression ref + int child: @bicep_underscore_expression ref ); @bicep_assignment_expression_left_type = @bicep_member_expression | @bicep_parenthesized_expression | @bicep_resource_expression | @bicep_subscript_expression | @bicep_token_identifier @@ -149,7 +157,7 @@ bicep_assert_statement_def( bicep_assignment_expression_def( unique int id: @bicep_assignment_expression, int left: @bicep_assignment_expression_left_type ref, - int right: @bicep_expression ref + int right: @bicep_underscore_expression ref ); case @bicep_binary_expression.operator of @@ -175,9 +183,9 @@ case @bicep_binary_expression.operator of bicep_binary_expression_def( unique int id: @bicep_binary_expression, - int left: @bicep_expression ref, + int left: @bicep_underscore_expression ref, int operator: int ref, - int right: @bicep_expression ref + int right: @bicep_underscore_expression ref ); bicep_call_expression_child( @@ -188,7 +196,7 @@ bicep_call_expression_child( bicep_call_expression_def( unique int id: @bicep_call_expression, int arguments: @bicep_arguments ref, - int function: @bicep_expression ref + int function: @bicep_underscore_expression ref ); bicep_compatible_identifier_def( @@ -196,8 +204,6 @@ bicep_compatible_identifier_def( int child: @bicep_token_identifier ref ); -@bicep_declaration = @bicep_assert_statement | @bicep_metadata_declaration | @bicep_module_declaration | @bicep_output_declaration | @bicep_parameter_declaration | @bicep_resource_declaration | @bicep_test_block | @bicep_type_declaration | @bicep_user_defined_function | @bicep_variable_declaration - bicep_decorator_def( unique int id: @bicep_decorator, int child: @bicep_call_expression ref @@ -214,8 +220,6 @@ bicep_decorators_def( unique int id: @bicep_decorators ); -@bicep_expression = @bicep_assignment_expression | @bicep_binary_expression | @bicep_lambda_expression | @bicep_primary_expression | @bicep_ternary_expression | @bicep_unary_expression - @bicep_for_loop_parameters_child_type = @bicep_token_loop_enumerator | @bicep_token_loop_variable #keyset[bicep_for_loop_parameters, index] @@ -229,14 +233,14 @@ bicep_for_loop_parameters_def( unique int id: @bicep_for_loop_parameters ); -@bicep_for_statement_body_type = @bicep_expression | @bicep_if_statement +@bicep_for_statement_body_type = @bicep_if_statement | @bicep_underscore_expression bicep_for_statement_initializer( unique int bicep_for_statement: @bicep_for_statement ref, unique int initializer: @bicep_token_identifier ref ); -@bicep_for_statement_child_type = @bicep_expression | @bicep_for_loop_parameters +@bicep_for_statement_child_type = @bicep_for_loop_parameters | @bicep_underscore_expression #keyset[bicep_for_statement, index] bicep_for_statement_child( @@ -289,7 +293,7 @@ bicep_import_statement_def( unique int id: @bicep_import_statement ); -@bicep_import_with_statement_child_type = @bicep_expression | @bicep_string__ | @bicep_token_identifier +@bicep_import_with_statement_child_type = @bicep_string__ | @bicep_token_identifier | @bicep_underscore_expression #keyset[bicep_import_with_statement, index] bicep_import_with_statement_child( @@ -306,7 +310,7 @@ bicep_import_with_statement_def( bicep_infrastructure_child( int bicep_infrastructure: @bicep_infrastructure ref, int index: int ref, - unique int child: @bicep_statement ref + unique int child: @bicep_underscore_statement ref ); bicep_infrastructure_def( @@ -315,21 +319,21 @@ bicep_infrastructure_def( bicep_interpolation_def( unique int id: @bicep_interpolation, - int child: @bicep_expression ref + int child: @bicep_underscore_expression ref ); #keyset[bicep_lambda_expression, index] bicep_lambda_expression_child( int bicep_lambda_expression: @bicep_lambda_expression ref, int index: int ref, - unique int child: @bicep_expression ref + unique int child: @bicep_underscore_expression ref ); bicep_lambda_expression_def( unique int id: @bicep_lambda_expression ); -@bicep_member_expression_object_type = @bicep_expression | @bicep_parameterized_type +@bicep_member_expression_object_type = @bicep_parameterized_type | @bicep_underscore_expression bicep_member_expression_def( unique int id: @bicep_member_expression, @@ -337,7 +341,7 @@ bicep_member_expression_def( int property: @bicep_token_property_identifier ref ); -@bicep_metadata_declaration_child_type = @bicep_expression | @bicep_token_identifier +@bicep_metadata_declaration_child_type = @bicep_token_identifier | @bicep_underscore_expression #keyset[bicep_metadata_declaration, index] bicep_metadata_declaration_child( @@ -368,7 +372,7 @@ bicep_negated_type_def( int child: @bicep_type__ ref ); -@bicep_nullable_type_child_type = @bicep_array_type | @bicep_expression | @bicep_parenthesized_type | @bicep_token_primitive_type +@bicep_nullable_type_child_type = @bicep_array_type | @bicep_parenthesized_type | @bicep_token_primitive_type | @bicep_underscore_expression bicep_nullable_type_def( unique int id: @bicep_nullable_type, @@ -388,7 +392,7 @@ bicep_object_def( unique int id: @bicep_object ); -@bicep_object_property_child_type = @bicep_array_type | @bicep_compatible_identifier | @bicep_expression | @bicep_nullable_type | @bicep_parameterized_type | @bicep_resource_declaration | @bicep_string__ | @bicep_token_identifier | @bicep_token_primitive_type | @bicep_union_type +@bicep_object_property_child_type = @bicep_array_type | @bicep_compatible_identifier | @bicep_nullable_type | @bicep_parameterized_type | @bicep_resource_declaration | @bicep_string__ | @bicep_token_identifier | @bicep_token_primitive_type | @bicep_underscore_expression | @bicep_union_type #keyset[bicep_object_property, index] bicep_object_property_child( @@ -401,7 +405,7 @@ bicep_object_property_def( unique int id: @bicep_object_property ); -@bicep_output_declaration_child_type = @bicep_expression | @bicep_token_identifier | @bicep_type__ +@bicep_output_declaration_child_type = @bicep_token_identifier | @bicep_type__ | @bicep_underscore_expression #keyset[bicep_output_declaration, index] bicep_output_declaration_child( @@ -427,7 +431,7 @@ bicep_parameter_def( unique int id: @bicep_parameter ); -@bicep_parameter_declaration_child_type = @bicep_expression | @bicep_token_identifier | @bicep_type__ +@bicep_parameter_declaration_child_type = @bicep_token_identifier | @bicep_type__ | @bicep_underscore_expression #keyset[bicep_parameter_declaration, index] bicep_parameter_declaration_child( @@ -468,7 +472,7 @@ bicep_parameters_def( bicep_parenthesized_expression_child( int bicep_parenthesized_expression: @bicep_parenthesized_expression ref, int index: int ref, - unique int child: @bicep_expression ref + unique int child: @bicep_underscore_expression ref ); bicep_parenthesized_expression_def( @@ -480,8 +484,6 @@ bicep_parenthesized_type_def( int child: @bicep_type__ ref ); -@bicep_primary_expression = @bicep_array | @bicep_call_expression | @bicep_for_statement | @bicep_member_expression | @bicep_object | @bicep_parenthesized_expression | @bicep_resource_expression | @bicep_string__ | @bicep_subscript_expression | @bicep_token_boolean | @bicep_token_identifier | @bicep_token_null | @bicep_token_number - @bicep_resource_declaration_child_type = @bicep_for_statement | @bicep_if_statement | @bicep_object | @bicep_string__ | @bicep_token_identifier #keyset[bicep_resource_declaration, index] @@ -497,12 +499,10 @@ bicep_resource_declaration_def( bicep_resource_expression_def( unique int id: @bicep_resource_expression, - int object: @bicep_expression ref, + int object: @bicep_underscore_expression ref, int resource: @bicep_token_identifier ref ); -@bicep_statement = @bicep_declaration | @bicep_decorators | @bicep_import_functionality | @bicep_import_statement | @bicep_import_with_statement | @bicep_target_scope_assignment | @bicep_using_statement - @bicep_string_child_type = @bicep_interpolation | @bicep_token_escape_sequence | @bicep_token_string_content #keyset[bicep_string__, index] @@ -518,8 +518,8 @@ bicep_string_def( bicep_subscript_expression_def( unique int id: @bicep_subscript_expression, - int index: @bicep_expression ref, - int object: @bicep_expression ref + int index: @bicep_underscore_expression ref, + int object: @bicep_underscore_expression ref ); bicep_target_scope_assignment_def( @@ -529,9 +529,9 @@ bicep_target_scope_assignment_def( bicep_ternary_expression_def( unique int id: @bicep_ternary_expression, - int alternative: @bicep_expression ref, - int condition: @bicep_expression ref, - int consequence: @bicep_expression ref + int alternative: @bicep_underscore_expression ref, + int condition: @bicep_underscore_expression ref, + int consequence: @bicep_underscore_expression ref ); @bicep_test_block_child_type = @bicep_object | @bicep_string__ | @bicep_token_identifier @@ -565,7 +565,7 @@ bicep_type_arguments_def( unique int id: @bicep_type_arguments ); -@bicep_type_declaration_child_type = @bicep_array_type | @bicep_expression | @bicep_nullable_type | @bicep_parameterized_type | @bicep_token_identifier | @bicep_union_type +@bicep_type_declaration_child_type = @bicep_array_type | @bicep_nullable_type | @bicep_parameterized_type | @bicep_token_identifier | @bicep_underscore_expression | @bicep_union_type #keyset[bicep_type_declaration, index] bicep_type_declaration_child( @@ -586,11 +586,11 @@ case @bicep_unary_expression.operator of bicep_unary_expression_def( unique int id: @bicep_unary_expression, - int argument: @bicep_expression ref, + int argument: @bicep_underscore_expression ref, int operator: int ref ); -@bicep_union_type_child_type = @bicep_array_type | @bicep_expression | @bicep_member_expression | @bicep_negated_type | @bicep_nullable_type | @bicep_object | @bicep_parameterized_type | @bicep_parenthesized_type | @bicep_string__ | @bicep_token_boolean | @bicep_token_identifier | @bicep_token_null | @bicep_token_number | @bicep_token_primitive_type +@bicep_union_type_child_type = @bicep_array_type | @bicep_member_expression | @bicep_negated_type | @bicep_nullable_type | @bicep_object | @bicep_parameterized_type | @bicep_parenthesized_type | @bicep_string__ | @bicep_token_boolean | @bicep_token_identifier | @bicep_token_null | @bicep_token_number | @bicep_token_primitive_type | @bicep_underscore_expression #keyset[bicep_union_type, index] bicep_union_type_child( @@ -603,7 +603,7 @@ bicep_union_type_def( unique int id: @bicep_union_type ); -@bicep_user_defined_function_child_type = @bicep_expression | @bicep_parameters +@bicep_user_defined_function_child_type = @bicep_parameters | @bicep_underscore_expression #keyset[bicep_user_defined_function, index] bicep_user_defined_function_child( @@ -623,7 +623,7 @@ bicep_using_statement_def( int child: @bicep_string__ ref ); -@bicep_variable_declaration_child_type = @bicep_expression | @bicep_token_identifier +@bicep_variable_declaration_child_type = @bicep_token_identifier | @bicep_underscore_expression #keyset[bicep_variable_declaration, index] bicep_variable_declaration_child( diff --git a/ql/lib/codeql/bicep/AST.qll b/ql/lib/codeql/bicep/AST.qll index e656b2a..5798087 100644 --- a/ql/lib/codeql/bicep/AST.qll +++ b/ql/lib/codeql/bicep/AST.qll @@ -1,5 +1,6 @@ import ast.AstNodes import ast.Literals +import ast.Conditionals import ast.Calls import ast.Expr import ast.Stmts diff --git a/ql/lib/codeql/bicep/ast/AstNodes.qll b/ql/lib/codeql/bicep/ast/AstNodes.qll index 94a99f6..6239ac9 100644 --- a/ql/lib/codeql/bicep/ast/AstNodes.qll +++ b/ql/lib/codeql/bicep/ast/AstNodes.qll @@ -4,6 +4,7 @@ private import codeql.bicep.ast.internal.TreeSitter private import codeql.bicep.ast.internal.AstNodes private import codeql.bicep.ast.internal.TreeSitter private import codeql.bicep.controlflow.ControlFlowGraph +private import Variables /** * An AST node of a Bicep program. @@ -112,6 +113,20 @@ class AstNode extends TAstNode { * * This returns the name of the most specific QL class that describes this node. * Used primarily for debugging and toString() representations. + * Gets the lexical scope containing this AST node. + */ + cached + Scope getScope() { + result = this.getParent+() and + not exists(AstNode mid | + mid = this.getParent+() and + mid instanceof Scope and + mid.getParent+() = result + ) + } + + /** + * Gets the primary QL class for the ast node. */ string getAPrimaryQlClass() { result = "???" } } diff --git a/ql/lib/codeql/bicep/ast/Calls.qll b/ql/lib/codeql/bicep/ast/Calls.qll index 805c254..097f913 100644 --- a/ql/lib/codeql/bicep/ast/Calls.qll +++ b/ql/lib/codeql/bicep/ast/Calls.qll @@ -1,30 +1,32 @@ private import AstNodes private import Expr +private import Stmts private import Idents private import Misc -private import internal.Arguments +private import internal.Calls private import internal.CallExpression +private import internal.LambdaExpression /** * Represents a callable expression in the AST, such as a function or method call. - * + * * This abstract class serves as the base for any expression that represents * a call to a function or method. It provides common functionality for accessing * the name and identifier of the called entity. */ -abstract class Callable extends Expr { +class Callable extends Expr, Stmts instanceof CallableImpl { /** * Gets the identifier of the callable expression. - * + * * This is the name token that identifies what function or method is being called. - * + * * @return The identifier node of the callable */ abstract Idents getIdentifier(); /** * Gets the name of the callable expression as a string. - * + * * This is a convenience method that returns the name from the identifier. * * @return The name of the callable @@ -33,7 +35,7 @@ abstract class Callable extends Expr { /** * Checks if the callable expression has a specific name. - * + * * This is useful for identifying calls to known functions by name. * * @param name The name to check against @@ -42,77 +44,96 @@ abstract class Callable extends Expr { predicate hasName(string name) { this.getName() = name } } +class Call extends Expr instanceof CallImpl { } + /** * Represents a function or method call expression in the AST. - * + * * This class models a function call in Bicep, consisting of an identifier * (the function name) followed by arguments in parentheses. Function calls * invoke functions defined in the language, user-defined functions, or * module functions to compute values or perform operations. */ -class CallExpression extends Expr instanceof CallExpressionImpl { - /** +class CallExpression extends Call instanceof CallExpressionImpl { + /** * Gets the identifier of the call expression. - * + * * This is the name token that identifies what function is being called. - * + * * @return The identifier node of the function being called */ Idents getIdentifier() { result = CallExpressionImpl.super.getIdentifier() } - /** + /** * Gets the name of the call expression as a string. - * + * * This is a convenience method that returns the name from the identifier. - * + * * @return The name of the function being called */ string getName() { result = this.getIdentifier().getName() } - /** + /** * Gets the argument at the specified index. - * + * * @param index The zero-based index of the argument to retrieve * @return The expression node of the argument at the specified index */ Expr getArgument(int index) { result = this.getDeclaredArguments().getArgument(index) } - /** + /** * Gets all arguments of the call expression. - * + * * @return All argument expressions passed to the function */ Expr getArguments() { result = this.getDeclaredArguments().getArguments() } - /** + /** * Gets the arguments collection node of the call expression. - * + * * This provides access to the AST node that contains all the arguments. - * + * * @return The arguments node of the call expression */ Arguments getDeclaredArguments() { result = CallExpressionImpl.super.getArguments() } } /** - * Represents a collection of arguments in a function call. - * - * This class models the set of arguments passed to a function, allowing - * access to individual arguments by index or to the complete set of arguments. + * A lambda expression in the AST, which represents an anonymous function. + * + * Represents an anonymous function in Bicep, typically used for callbacks, + * filters, or other functional programming patterns. A lambda expression + * consists of parameters and a body that defines the computation to be performed. */ -class Arguments extends AstNode instanceof ArgumentsImpl { - /** - * Gets the argument at the specified index. - * - * @param index The zero-based index of the argument to retrieve - * @return The expression node of the argument at the specified index +class LambdaExpression extends Expr instanceof LambdaExpressionImpl { + Idents getIdentifier() { none() } + + /** + * Gets the parameters of this lambda expression. + * + * @return The parameters of the lambda expression */ - Expr getArgument(int index) { result = ArgumentsImpl.super.getArgument(index) } + Expr getParameters() { result = LambdaExpressionImpl.super.getParameters() } - /** - * Gets all arguments in the collection. - * - * @return All argument expressions in this arguments collection + /** + * Gets the parameter at the specified index. + * + * @param n The index of the parameter to retrieve + * @return The parameter at the specified index + */ + Expr getParameter(int n) { result = LambdaExpressionImpl.super.getParameter(n) } + + /** + * Gets the body of this lambda expression. + * + * @return The body of the lambda expression + */ + Stmts getBody() { result = LambdaExpressionImpl.super.getBody() } + + /** + * Gets the number of parameters in this lambda expression. + * + * @return The number of parameters */ - Expr getArguments() { result = ArgumentsImpl.super.getArguments() } + int getNumberOfParameters() { result = LambdaExpressionImpl.super.getNumberOfParameters() } } diff --git a/ql/lib/codeql/bicep/ast/Conditionals.qll b/ql/lib/codeql/bicep/ast/Conditionals.qll new file mode 100644 index 0000000..2e89e27 --- /dev/null +++ b/ql/lib/codeql/bicep/ast/Conditionals.qll @@ -0,0 +1,27 @@ +/** + * Loop statements are not supported in `bicep` code. + */ + +private import Expr +private import Stmts +private import internal.Conditionals + + + class Conditionals extends Stmts instanceof ConditionalsImpl { + /** + * Gets the condition expression of this conditional statement, if any. + * + * For if/elseif statements, this is the boolean expression in parentheses. + * For switch statements, this is the expression being switched on. + * For else clauses and default cases, this returns no result as they have no condition. + */ + Expr getCondition() { result = ConditionalsImpl.super.getCondition() } + + /** + * Gets the branch (statement sequence) executed when this conditional is satisfied. + * + * This represents the code that runs when the condition is true or when + * this branch is selected in a switch/match statement. + */ + StmtSequence getBranch() { result = ConditionalsImpl.super.getBranch() } +} \ No newline at end of file diff --git a/ql/lib/codeql/bicep/ast/Expr.qll b/ql/lib/codeql/bicep/ast/Expr.qll index 9b31db1..e841d83 100644 --- a/ql/lib/codeql/bicep/ast/Expr.qll +++ b/ql/lib/codeql/bicep/ast/Expr.qll @@ -6,18 +6,17 @@ private import AstNodes private import internal.AstNodes private import internal.TreeSitter private import internal.Expr +private import internal.Arguments private import internal.AssignmentExpression private import internal.BinaryExpression -private import internal.Expression private import internal.Interpolation -private import internal.LambdaExpression private import internal.MemberExpression private import internal.NullableType private import internal.ParenthesizedExpression -private import internal.PrimaryExpression private import internal.ResourceExpression private import internal.TernaryExpression private import internal.UnaryExpression +private import Stmts private import Idents private import Resources @@ -29,7 +28,31 @@ private import Resources * Expressions can be nested and can appear in various contexts such as assignments, * parameter values, and return statements. */ -final class Expr extends AstNode instanceof ExprImpl { } +class Expr extends Stmts instanceof ExprImpl { } + +/** + * Represents a collection of arguments in a function call. + * + * This class models the set of arguments passed to a function, allowing + * access to individual arguments by index or to the complete set of arguments. + * Arguments are expressions that are passed to a function or method call. + */ +class Arguments extends Expr instanceof ArgumentsImpl { + /** + * Gets the argument at the specified index. + * + * @param index The zero-based index of the argument to retrieve + * @return The expression node of the argument at the specified index + */ + Expr getArgument(int index) { result = ArgumentsImpl.super.getArgument(index) } + + /** + * Gets all arguments in the collection. + * + * @return All argument expressions in this arguments collection + */ + Expr getArguments() { result = ArgumentsImpl.super.getArguments() } +} /** * An assignment expression in the AST. @@ -87,15 +110,6 @@ class BinaryExpression extends Expr instanceof BinaryExpressionImpl { string getOperator() { result = BinaryExpressionImpl.super.getOperator() } } -/** - * A generic expression in the AST. - * - * This class represents any expression that doesn't fit into other more - * specific expression categories. It serves as a base implementation for - * expressions in the Bicep language. - */ -final class Expression extends Expr instanceof ExpressionImpl { } - /** * An interpolation expression in the AST. * @@ -103,7 +117,7 @@ final class Expression extends Expr instanceof ExpressionImpl { } * string literals. Interpolations allow embedding dynamic values or expressions * within string literals. */ -final class Interpolation extends Expr instanceof InterpolationImpl { +class Interpolation extends Expr instanceof InterpolationImpl { /** * Gets the expression contained within the interpolation. * @@ -124,14 +138,7 @@ final class Interpolation extends Expr instanceof InterpolationImpl { } } -/** - * A lambda expression in the AST. - * - * Represents an anonymous function in Bicep, typically used for callbacks, - * filters, or other functional programming patterns. A lambda expression - * consists of parameters and a body that defines the computation to be performed. - */ -final class LambdaExpression extends Expr instanceof LambdaExpressionImpl { } + /** * A member expression in the AST. @@ -171,7 +178,7 @@ class MemberExpression extends Expr instanceof MemberExpressionImpl { * * This alias provides a shorter name for convenience. */ -final class MemberExpr = MemberExpression; +class MemberExpr = MemberExpression; /** * A nullable type expression in the AST. @@ -180,7 +187,7 @@ final class MemberExpr = MemberExpression; * after the type name (e.g., `string?`). Nullable types explicitly allow * the value to be null in addition to values of the underlying type. */ -final class NullableType extends Expr instanceof NullableTypeImpl { } +class NullableType extends Expr instanceof NullableTypeImpl { } /** * A parenthesized expression in the AST. @@ -212,15 +219,6 @@ class ParenthesizedExpression extends Expr instanceof ParenthesizedExpressionImp } } -/** - * A primary expression in the AST. - * - * Represents a basic, self-contained expression such as a literal value, - * identifier, or other fundamental expression type. Primary expressions - * serve as the building blocks for more complex expressions. - */ -final class PrimaryExpression extends Expr instanceof PrimaryExpressionImpl { } - /** * A resource expression in the AST. * @@ -228,7 +226,7 @@ final class PrimaryExpression extends Expr instanceof PrimaryExpressionImpl { } * Resource expressions are fundamental to Bicep as they define the * infrastructure resources to be provisioned. */ -final class ResourceExpression extends Expr instanceof ResourceExpressionImpl { } +class ResourceExpression extends Expr instanceof ResourceExpressionImpl { } /** * A ternary expression in the AST. @@ -237,7 +235,7 @@ final class ResourceExpression extends Expr instanceof ResourceExpressionImpl { * The expression evaluates the condition and returns one of two values based on whether * the condition is true or false. */ -final class TernaryExpression extends Expr instanceof TernaryExpressionImpl { } +class TernaryExpression extends Expr instanceof TernaryExpressionImpl { } /** * A unary expression in the AST. @@ -246,4 +244,4 @@ final class TernaryExpression extends Expr instanceof TernaryExpressionImpl { } * Examples include negation (`!expr`), numeric negation (`-expr`), * and other operations that apply to a single value. */ -final class UnaryExpression extends Expr instanceof UnaryExpressionImpl { } +class UnaryExpression extends Expr instanceof UnaryExpressionImpl { } diff --git a/ql/lib/codeql/bicep/ast/Literals.qll b/ql/lib/codeql/bicep/ast/Literals.qll index 8c57fe7..dbfa92c 100644 --- a/ql/lib/codeql/bicep/ast/Literals.qll +++ b/ql/lib/codeql/bicep/ast/Literals.qll @@ -20,7 +20,7 @@ private import internal.SubscriptExpression /** * A literal value in the AST. - * + * * This is the base class for all literal values in Bicep, such as strings, * numbers, booleans, null, and arrays. Literals represent fixed values that * are directly expressed in the source code rather than computed. @@ -29,22 +29,22 @@ final class Literals extends AstNode instanceof LiteralsImpl { } /** * An array literal in the AST. - * - * Represents an array literal in the Bicep language, which is a comma-separated - * list of expressions enclosed in square brackets, such as `[1, 2, 3]` or + * + * Represents an array literal in the Bicep language, which is a comma-separated + * list of expressions enclosed in square brackets, such as `[1, 2, 3]` or * `['a', 'b', 'c']`. Arrays can contain elements of different types. */ class Array extends Literals instanceof ArrayImpl { /** * Gets all elements of the array. - * + * * @return All expressions contained in the array literal */ Expr getElements() { result = ArrayImpl.super.getElements() } /** * Gets the element at the specified index in the array. - * + * * @param index The zero-based index of the element to retrieve * @return The expression at the specified index in the array */ @@ -53,15 +53,15 @@ class Array extends Literals instanceof ArrayImpl { /** * A subscript expression in the AST. - * - * Represents an array element access using the subscript notation, such as - * `array[0]` or `collection[indexExpr]`. A subscript expression consists of + * + * Represents an array element access using the subscript notation, such as + * `array[0]` or `collection[indexExpr]`. A subscript expression consists of * an array/collection and an index expression within square brackets. */ class SubscriptExpression extends Expr instanceof SubscriptExpressionImpl { /** * Gets the index expression of the subscript. - * + * * This is the expression inside the square brackets that determines which * element to access from the array or collection. */ @@ -69,18 +69,18 @@ class SubscriptExpression extends Expr instanceof SubscriptExpressionImpl { /** * Gets the identifier of the object being subscripted. - * + * * This is the name of the array or collection being accessed. */ Idents getIdentifier() { result = SubscriptExpressionImpl.super.getObject() } /** * Gets the array that this subscript expression is indexing into. - * + * * This method attempts to resolve the array by finding a variable declaration * with a matching name in the same scope and retrieving its initializer if * that initializer is an array. - * + * * @return The array being indexed, if it can be determined */ Array getArray() { @@ -95,7 +95,7 @@ class SubscriptExpression extends Expr instanceof SubscriptExpressionImpl { /** * A boolean literal in the AST. - * + * * Represents a boolean literal in Bicep, which can have the value `true` or `false`. * Boolean literals are used in logical expressions, conditions, and other contexts * where a truth value is needed. @@ -103,7 +103,7 @@ class SubscriptExpression extends Expr instanceof SubscriptExpressionImpl { class Boolean extends Literals instanceof BooleanImpl { /** * Gets the boolean value of this literal as a QL boolean. - * + * * @return `true` if the literal is the boolean value "true", `false` otherwise */ boolean getBool() { @@ -118,26 +118,24 @@ class Boolean extends Literals instanceof BooleanImpl { /** * Gets the boolean value of this literal. - * + * * This is an alias for getBool(). - * + * * @return The boolean value of this literal */ - boolean getValue() { - result = this.getBool() - } + boolean getValue() { result = this.getBool() } } /** * An alias for the Boolean literal in the AST. - * + * * This provides a more descriptive name to match other literal classes. */ class BooleanLiteral = Boolean; /** * A null literal in the AST. - * + * * Represents the `null` literal in Bicep, which denotes the absence of a value * or a reference that doesn't point to any object. Null literals are often used * to indicate optional values or to represent uninitialized state. @@ -146,7 +144,7 @@ final class NullLiteral extends Literals instanceof NullImpl { } /** * A nullable return type literal in the AST. - * + * * Represents a function return type annotation that indicates the function may * return null in addition to values of another type. This typically appears in * function declarations and is denoted with a question mark after the type name. @@ -155,7 +153,7 @@ final class NullableReturnTypeLiteral extends Literals instanceof NullableReturn /** * A number literal in the AST. - * + * * Represents a numeric literal in Bicep, such as `42`, `3.14`, or `-10`. * Number literals can be used in arithmetic expressions, array indices, * parameter values, and any other context where numeric values are expected. @@ -163,10 +161,10 @@ final class NullableReturnTypeLiteral extends Literals instanceof NullableReturn class Number extends Literals instanceof NumberImpl { /** * Gets the integer value of the number literal. - * + * * Note: This method currently only handles integer values. If the number * is a floating-point value, it will be converted to an integer. - * + * * @return The integer value of the number literal */ int getValue() { result = NumberImpl.super.getValue().toInt() } @@ -174,14 +172,14 @@ class Number extends Literals instanceof NumberImpl { /** * An alias for StringLiteral. - * + * * This provides a shorter name for convenience. */ class String = StringLiteral; /** * A string literal in the AST. - * + * * Represents a string literal in Bicep, which can be a single-quoted string, * double-quoted string, or a string with interpolated expressions. String literals * may contain plain text content and/or interpolated expressions (${...}). @@ -189,36 +187,21 @@ class String = StringLiteral; class StringLiteral extends Literals instanceof StringImpl { /** * Gets the value of the string literal. - * + * * This concatenates all the string contents and interpolated expressions * to form the complete string value. For interpolated expressions, their * string representation is included in the result. - * + * * @return The complete string value */ - string getValue() { - result = - concat(int index, string output | - exists(StringContentLiteral content | - content = StringImpl.super.getChild(index) and - output = content.getValue() - ) - or - exists(Interpolation interpolation | - interpolation = StringImpl.super.getChild(index) and - output = interpolation.getValue() - ) - | - output order by index - ) - } + string getValue() { result = StringImpl.super.getValue() } /** * Gets the interpolation expression at the specified index within the string. - * + * * String literals can contain embedded expressions using the ${...} syntax. * This method returns the interpolation at the given position in the string. - * + * * @param index The index of the interpolation to retrieve * @return The interpolation expression at that index */ @@ -227,7 +210,7 @@ class StringLiteral extends Literals instanceof StringImpl { /** * A string content literal in the AST. - * + * * Represents a segment of plain text within a string literal, without any * interpolation. String literals are composed of one or more StringContentLiteral * instances, possibly interspersed with Interpolation expressions. @@ -235,7 +218,7 @@ class StringLiteral extends Literals instanceof StringImpl { class StringContentLiteral extends Literals instanceof StringContentImpl { /** * Gets the text value of this string content. - * + * * @return The literal text content */ string getValue() { result = StringContentImpl.super.getValue() } diff --git a/ql/lib/codeql/bicep/ast/Loops.qll b/ql/lib/codeql/bicep/ast/Loops.qll index 271afa8..c7db069 100644 --- a/ql/lib/codeql/bicep/ast/Loops.qll +++ b/ql/lib/codeql/bicep/ast/Loops.qll @@ -1,4 +1,72 @@ +private import AstNodes +private import Expr +private import Idents +private import Stmts +private import internal.Loops +private import internal.ForStatement + +class Loops extends Stmts instanceof LoopsImpl { + /** + * Gets the condition expression of the loop. + * + * This is the expression that determines whether the loop continues executing. + * For while and for loops, this is the explicit condition expression. + * For do-while loops, this is the condition evaluated after each iteration. + * For foreach loops, this represents an implicit condition checking if there are more elements. + */ + abstract Expr getCondition(); + + /** + * Gets the body of the loop. + * + * The body contains the statements that are executed in each iteration of the loop. + * In the CFG, control typically flows back from the end of the body to the loop condition + * or to the update expression (in for loops). + */ + abstract Stmts getBody(); + + /** + * Gets the initializer of the loop, if any. + * + * For for loops, this includes the variables initialized before the loop starts. + * For foreach loops, this includes the key and value variables declared for iteration. + * Other loop types may not have initializers. + */ + abstract Idents getInitializer(); +} /** - * Loop statements are not supported in `bicep` code. + * A for statement in Bicep. + * + * In Bicep, for loops are used to iterate over arrays, integer ranges, or object properties. + * They can be used to create multiple instances of resources, modules, variables, or properties. + * + * Example: + * ```bicep + * // Creating multiple storage accounts using a for loop with range + * resource storageAcct 'Microsoft.Storage/storageAccounts@2023-05-01' = [for i in range(0, storageCount): { + * name: '${i}storage${uniqueString(resourceGroup().id)}' + * location: location + * sku: { + * name: 'Standard_LRS' + * } + * kind: 'Storage' + * }] + * ``` */ +class ForStatement extends Loops instanceof ForStatementImpl { + /** Gets the condition expression of this for loop. */ + override Expr getCondition() { + result = ForStatementImpl.super.getCondition() + } + + /** Gets the body of this for loop. */ + override Stmts getBody() { + result = ForStatementImpl.super.getBody() + } + + /** Gets the initializer of this for loop. */ + override Idents getInitializer() { + result = ForStatementImpl.super.getInitializer() + } +} diff --git a/ql/lib/codeql/bicep/ast/Misc.qll b/ql/lib/codeql/bicep/ast/Misc.qll index fe02bd5..79568c7 100644 --- a/ql/lib/codeql/bicep/ast/Misc.qll +++ b/ql/lib/codeql/bicep/ast/Misc.qll @@ -3,7 +3,6 @@ private import internal.Array private import internal.ArrayType private import internal.Boolean private import internal.CompatibleIdentifier -private import internal.Declaration private import internal.Decorator private import internal.Decorators private import internal.DiagnosticComment @@ -38,11 +37,6 @@ class ArrayType extends AstNode instanceof ArrayTypeImpl { } */ class CompatibleIdentifier extends AstNode instanceof CompatibleIdentifierImpl { } -/** - * A Declaration unknown AST node. - */ -class Declaration extends AstNode instanceof DeclarationImpl { } - /** * A Decorator unknown AST node. */ diff --git a/ql/lib/codeql/bicep/ast/Resources.qll b/ql/lib/codeql/bicep/ast/Resources.qll index 25503e9..53f1534 100644 --- a/ql/lib/codeql/bicep/ast/Resources.qll +++ b/ql/lib/codeql/bicep/ast/Resources.qll @@ -51,6 +51,8 @@ class Object extends Expr instanceof ObjectImpl { result = property.getValue() ) } + + override string toString() { result = "Object" } } /** diff --git a/ql/lib/codeql/bicep/ast/Stmts.qll b/ql/lib/codeql/bicep/ast/Stmts.qll index 1e4ef91..ff4c324 100644 --- a/ql/lib/codeql/bicep/ast/Stmts.qll +++ b/ql/lib/codeql/bicep/ast/Stmts.qll @@ -5,6 +5,7 @@ private import AstNodes private import Idents private import Expr +private import Calls private import Misc private import internal.AstNodes private import internal.TreeSitter @@ -15,7 +16,6 @@ private import internal.IfStatement private import internal.ImportStatement private import internal.ImportWithStatement private import internal.Infrastructure -private import internal.Statement private import internal.UsingStatement private import internal.Parameter private import internal.Parameters @@ -55,6 +55,47 @@ class Stmts extends AstNode instanceof StmtsImpl { AstNode getAControlFlowEntryNode() { result = CfgImpl::getAControlFlowEntryNode(this) } } +/** + * A sequence of statements in the PHP AST. + * + * This represents a list of statements that appear together in sequence. + */ +class StmtSequence extends AstNode instanceof StmtSequenceImpl { + /** + * Gets all statements in this sequence. + */ + Stmts getStmts() { none() } + + /** + * Gets the statement at the specified index within this sequence. + */ + Stmts getStmt(int index) { none() } + + /** + * Get all callables defined in this program. + */ + Callable getCallables() { + result = this.getStmts() + } + + /** + * Get a callable by its name. + */ + Callable getCallable(string name) { + exists(Callable c | c = this.getCallables() and c.getName() = name | result = c) + } + + /** + * Gets the number of statements in this sequence. + */ + int getNumberOfStatements() { result = count(int i | exists(this.getStmt(i))) } + + /** + * Gets the last statement of the sequence + */ + Stmts getLastStmt() { result = this.getStmt(this.getNumberOfStatements() - 1) } +} + /** * An assert statement in the AST. * @@ -118,14 +159,10 @@ final class ImportStatementStmt extends Stmts instanceof ImportStatementImpl { } * statements and declarations that define the infrastructure to be deployed. * This is essentially the entry point of a Bicep program. */ -class Infrastructure extends AstNode instanceof InfrastructureImpl { - /** - * Gets the statement at the specified index in the infrastructure. - * - * @param index The index of the statement to retrieve - * @return The statement at the specified index - */ - Stmts getStatement(int index) { result = InfrastructureImpl.super.getStatement(index) } +class Infrastructure extends StmtSequence instanceof InfrastructureImpl { + override Stmts getStmts() { result = InfrastructureImpl.super.getStmts() } + + override Stmts getStmt(int index) { result = InfrastructureImpl.super.getStmt(index) } } /** @@ -304,7 +341,7 @@ class UserDefinedFunction extends Stmts instanceof UserDefinedFunctionImpl { * and a type, which constrains the kind of values that can be passed to the function * for that parameter. */ -class Parameter extends AstNode instanceof ParameterImpl { +class Parameter extends Expr instanceof ParameterImpl { /** * Gets the identifier of the parameter. * @@ -340,7 +377,7 @@ class Parameter extends AstNode instanceof ParameterImpl { * This class represents the collection of parameters in a function declaration, * allowing access to the individual parameter nodes. */ -class Parameters extends AstNode instanceof ParametersImpl { +class Parameters extends Expr instanceof ParametersImpl { /** * Gets the parameter at the specified index. * @@ -360,15 +397,6 @@ class Parameters extends AstNode instanceof ParametersImpl { */ final class ImportWithStatementStmt extends Stmts instanceof ImportWithStatementImpl { } -/** - * A generic statement in the AST. - * - * This class represents any statement that doesn't fit into other more specific - * statement categories. It serves as a base implementation for statements - * in the Bicep language. - */ -final class StatementStmt extends Stmts instanceof StatementImpl { } - /** * A using statement in the AST. * diff --git a/ql/lib/codeql/bicep/ast/Variables.qll b/ql/lib/codeql/bicep/ast/Variables.qll index 2469520..a4da736 100644 --- a/ql/lib/codeql/bicep/ast/Variables.qll +++ b/ql/lib/codeql/bicep/ast/Variables.qll @@ -7,6 +7,7 @@ private import AstNodes private import Calls private import Idents private import Stmts +private import internal.Variables private import codeql.bicep.controlflow.BasicBlocks as BasicBlocks private import codeql.bicep.controlflow.ControlFlowGraph // Internal @@ -14,7 +15,7 @@ private import internal.VariableDeclaration /** * Represents a variable declaration in the AST. - * + * * This class models a variable declaration in Bicep, which associates a name * with a value. Variable declarations allow storing and reusing values throughout * a template, making the template more readable and maintainable. They can refer @@ -23,317 +24,213 @@ private import internal.VariableDeclaration class VariableDeclaration extends AstNode instanceof VariableDeclarationImpl { /** * Gets the identifier of the variable declaration. - * + * * This is the name token of the variable as it appears in the source code. - * + * * @return The identifier node of the variable */ Idents getIdentifier() { result = VariableDeclarationImpl.super.getIdentifier() } /** * Gets the initializer expression of the variable declaration. - * + * * This is the expression that provides the value for the variable. * It could be a literal, a reference to another variable, a complex * expression, or any other expression that produces a value. - * + * * @return The initializer expression of the variable */ Expr getInitializer() { result = VariableDeclarationImpl.super.getInitializer() } } -private predicate variableDecl(AstNode node, string name) { - exists(ParameterDeclaration param | - param.getName() = name and - node = param - ) - or - exists(VariableDeclaration vardelc | - vardelc.getIdentifier().getName() = name and - node = vardelc - ) - or - exists(Resource resource | - resource.getIdentifier().getName() = name and - node = resource.getResourceDeclaration() - ) - or - exists(OutputDeclaration output | - output.getIdentifier().getName() = name and - node = output - ) -} +class Scope extends AstNode instanceof ScopeImpl { + override string getAPrimaryQlClass() { result = "Scope" } -/** - * Represents a variable definition in the Bicep program. - * - * This class models any named entity that can be referenced elsewhere in the code, - * including parameters, variables, outputs, and resources. It provides a unified - * interface for accessing information about variables regardless of their specific - * declaration type. - */ -class Variable extends MkVariable { - private AstNode node; - private string name; + /** + * Gets the name of this scope. + */ + string getName() { result = this.getAPrimaryQlClass() } + + /** + * Gets the enclosing scope, if any. + */ + Scope getOuterScope() { result = super.getOuterScope() } - Variable() { this = MkVariable(node, name) } + /** + * Gets a variable declared in this scope. + */ + Variable getVariables() { exists(Variable v | v.getScope() = this | result = v) } + + /** + * Gets a callable (function or method) declared in this scope. + */ + Callable getCallables() { exists(Callable c | c.getScope() = this | result = c) } + /** + * Gets a variable with the given name in this scope. + */ + Variable getVariable(string name) { + exists(Variable v | v.getName() = name and v.getScope() = this | result = v) + } +} + +class Variable instanceof VariableImpl { /** * Gets the name of this variable. - * - * @return The name of the variable as a string */ - string getName() { result = name } + string getName() { result = super.getName() } + + string toString() { result = "Variable[" + this.getName() + "]" } /** - * Gets a string representation of this variable. - * - * @return A string in the format "Variable[name]" + * Gets the AST node corresponding to this variable. */ - string toString() { result = "Variable[" + name + "]" } + final AstNode getAstNode() { result = super.getAstNode() } /** - * Gets the AST node that defines this variable. - * - * This could be a parameter declaration, variable declaration, resource declaration, etc. - * - * @return The AST node that defines this variable + * Gets the location of this variable in the source code. */ - AstNode getAstNode() { result = node } + Location getLocation() { result = super.getLocation() } /** - * Gets the source location of this variable. - * - * This is the location of the AST node that defines the variable. - * - * @return The source location of the variable definition + * Gets this variable as an expression, if it can be represented as one. */ - Location getLocation() { result = node.getLocation() } + Expr asExpr() { result = super.asExpr() } /** - * Gets an access to this variable. - * - * This returns any usage of the variable in the code. - * - * @return A variable access that refers to this variable + * Gets an access to this variable in the program. */ VariableAccess getAnAccess() { result.getVariable() = this } /** - * Gets the type of this variable, if it can be determined. - * - * This method attempts to find the type by looking at the variable's declaration, - * either as a parameter or an output. - * - * @return The type of the variable, if available + * Gets the type of this variable, if any. */ - Type getType() { - result = this.getParameter().getType() - or - result = this.getOutput().getType() - } + Type getType() { result = super.getType() } /** - * Gets the parameter declaration for this variable, if it is a parameter. - * - * @return The parameter declaration for this variable, if any + * Gets the parameter associated with this variable, if it represents a function parameter. */ - ParameterDeclaration getParameter() { - exists(ParameterDeclaration param | - param.getName() = this.getName() and - param.getEnclosingCfgScope() = this.getEnclosingCfgScope() and - result = param - ) - } + ParameterDeclaration getParameter() { result = super.getParameter() } /** - * Gets the output declaration for this variable, if it is an output. - * - * @return The output declaration for this variable, if any + * Gets the control flow scope containing this variable. */ - OutputDeclaration getOutput() { - exists(OutputDeclaration output | - output.getIdentifier().getName() = this.getName() and - output.getEnclosingCfgScope() = this.getEnclosingCfgScope() and - result = output - ) - } + CfgScope getCfgScope() { result = this.getAstNode().getEnclosingCfgScope() } + + /** + * Gets the scope containing this variable. + */ + Scope getScope() { result = super.getScope() } /** - * Gets the enclosing scope of this variable, if any. + * Gets the parent scopes */ - CfgScope getEnclosingCfgScope() { result = node.getEnclosingCfgScope() } + Scope getScopes() { result = super.getScopes() } - // Expr getInitializer() { } string getAPrimaryQlClass() { result = "Variable" } -} -private predicate access(AstNode node, Variable v, string name) { - exists(Identifier ident | - ident.getName() = name and - // Make sure they are not in a declare statement - not ident.getParent() instanceof VariableDeclaration and - // not ident.getParent() instanceof ParameterDeclaration and - // not ident.getParent() instanceof OutputDeclaration and - // Make sure they are in the same scope - ident.getName() = v.getName() and - ident.getEnclosingCfgScope() = v.getEnclosingCfgScope() and - ident = node - ) + /** + * Holds if this variable is captured by a closure or similar construct. + * A variable is captured when it's accessed in a scope different from its definition scope. + */ + final predicate isCaptured() { this.getAnAccess().isCapturedAccess() } } -/** - * Represents an access to a variable in the code. - * - * This class models any usage of a variable (parameter, declared variable, - * resource, output) within the Bicep code. It provides information about - * where the variable is accessed and which variable is being accessed. - */ -class VariableAccess extends MkVariableAccess, TVariableAccess { - private string name; - private AstNode node; - private Variable v; +class VariableAccess instanceof VariableAccessImpl { + /** + * Gets the name of the accessed variable. + */ + string getName() { result = super.getName() } - VariableAccess() { this = MkVariableAccess(node, v, name) } + /** + * Gets the AST node corresponding to this variable access. + */ + final AstNode getAstNode() { result = super.getAstNode() } /** - * Gets the name of the variable being accessed. - * - * @return The name of the variable as a string + * Gets the variable being accessed. */ - string getName() { result = name } + Variable getVariable() { result = super.getVariable() } + + string toString() { result = "VariableAccess[" + this.getName() + "]" } /** - * Gets the AST node that represents this variable access. - * - * This is typically an identifier node in the syntax tree. - * - * @return The AST node for this variable access + * Gets the location of this variable access in the source code. */ - AstNode getAstNode() { result = node } + Location getLocation() { result = super.getLocation() } /** - * Gets the variable being accessed. - * - * @return The variable that this access refers to + * Gets this variable access as an expression. */ - Variable getVariable() { result = v } + Expr asExpr() { result = this.getAstNode() } /** - * Gets a string representation of this variable access. - * - * @return A string in the format "VariableAccess[name]" + * Gets the type of the accessed variable, if any. */ - string toString() { result = "VariableAccess[" + name + "]" } + Type getType() { + // Get type from the variable itself + result = this.getVariable().getType() + } /** - * Gets the source location of this variable access. - * - * This is the location in the source code where the variable is referenced. - * - * @return The source location of the variable access + * Gets the control flow scope containing this variable access. */ - Location getLocation() { result = node.getLocation() } + CfgScope getCfgScope() { result = super.getAstNode().getEnclosingCfgScope() } /** - * Gets the type of the variable being accessed, if it can be determined. - * - * @return The type of the variable, if available + * Gets the scope containing this variable access. */ - Type getType() { result = this.getVariable().getType() } + Scope getScope() { result = super.getScope() } + + Scope getScopes() { result = super.getScopes() } /** - * Gets the enclosing CFG scope of this variable access. - * - * This is the control flow graph scope that contains this access. - * - * @return The enclosing CFG scope + * Holds if this access captures a variable from an outer scope. + * + * An access captures a variable when it occurs in a scope different + * from the variable's definition scope. */ - CfgScope getEnclosingCfgScope() { result = v.getEnclosingCfgScope() } + final predicate isCapturedAccess() { + exists(Scope scope1, CfgScope scope2 | + scope1 = this.getVariable().getScopes() and + scope2 = this.getCfgScope() and + scope1 != scope2 + ) + } /** * Gets the primary QL class for this AST node. - * + * * @return The name of the QL class ("VariableAccess") */ string getAPrimaryQlClass() { result = "VariableAccess" } } -/** - * Represents a write access to a variable. - * - * This class models places in the code where a variable's value is being - * defined or assigned. This includes declarations of parameters, variables, - * resources, and outputs. - */ -class VariableWriteAccess extends VariableAccess { - VariableWriteAccess() { - // Parameter - this.getAstNode().getParent() instanceof ParameterDeclaration - or - // SET - this.getAstNode().getParent() instanceof VariableDeclaration - or - this.getAstNode().getParent() instanceof ResourceDeclaration - or - // Output - this.getAstNode().getParent() instanceof OutputDeclaration - } +class VariableWriteAccess extends VariableAccess instanceof VariableWriteAccessImpl { + override string getAPrimaryQlClass() { result = "VariableWrite" } + + override string toString() { result = "VariableWrite[" + this.getName() + "]" } /** - * Gets the primary QL class for this AST node. - * - * @return The name of the QL class ("VariableWrite") + * Gets this variable write access as an expression. */ - override string getAPrimaryQlClass() { result = "VariableWrite" } + override Expr asExpr() { result = this.getAstNode() } } -/** - * Represents a read access to a variable. - * - * This class models places in the code where a variable's value is being - * used but not modified. This includes using the variable in expressions, - * passing it as an argument to functions, or referencing it in other contexts. - */ -class VariableReadAccess extends VariableAccess { +class VariableReadAccess extends VariableAccess instanceof VariableReadAccessImpl { VariableReadAccess() { not this instanceof VariableWriteAccess } /** * Gets the primary QL class for this AST node. - * + * * @return The name of the QL class ("VariableRead") */ override string getAPrimaryQlClass() { result = "VariableRead" } -} -/** - * Holds if the variable is written too. - */ -// private predicate variableWrite(Variable node) { -// exists(Parameter param | -// param.getName() = node.getName() and -// param.getEnclosingCfgScope() = node.getEnclosingCfgScope() -// ) -// } -cached -private module Cached { - cached - newtype TVariable = - TResource(Resource resource, string name) { resource.getIdentifier().getName() = name } or - TVariableDecl(VariableDeclaration varDecl, string name) { - varDecl.getIdentifier().getName() = name - } or - TParameter(ParameterDeclaration param, string name) { param.getName() = name } or - TOutput(OutputDeclaration output, string name) { output.getIdentifier().getName() = name } or - MkVariable(AstNode definingNode, string name) { variableDecl(definingNode, name) } - - cached - newtype TVariableAccess = - TIdent(Identifier ident, string name) { ident.getName() = name } or - MkVariableAccess(AstNode node, Variable v, string name) { variableAccess(node, v, name) } - - cached - predicate variableAccess(AstNode node, Variable v, string name) { access(node, v, name) } -} + override string toString() { result = "VariableRead[" + this.getName() + "]" } -private import Cached + /** + * Gets this variable read access as an expression. + */ + override Expr asExpr() { result = this.getAstNode() } +} diff --git a/ql/lib/codeql/bicep/ast/internal/Arguments.qll b/ql/lib/codeql/bicep/ast/internal/Arguments.qll index 0e28877..e222677 100644 --- a/ql/lib/codeql/bicep/ast/internal/Arguments.qll +++ b/ql/lib/codeql/bicep/ast/internal/Arguments.qll @@ -1,17 +1,15 @@ /** * Internal implementation for Arguments - * - * WARNING: this file is generated, do not edit manually */ + private import AstNodes private import TreeSitter -private import codeql.bicep.ast.AstNodes private import Expr /** - * A Arguments AST Node. + * A Arguments AST Node representing a collection of function call arguments. */ -class ArgumentsImpl extends TArguments, AstNode { +class ArgumentsImpl extends TArguments, ExprImpl { private BICEP::Arguments ast; override string getAPrimaryQlClass() { result = "Arguments" } @@ -20,11 +18,17 @@ class ArgumentsImpl extends TArguments, AstNode { override string toString() { result = ast.toString() } - ExprImpl getArgument(int index ) { - toTreeSitter(result) = ast.getChild(index) - } + /** + * Gets the argument at the specified index. + */ + ExprImpl getArgument(int index) { toTreeSitter(result) = ast.getChild(index) } + + ExprImpl getArgumentByName(string name) { none() } + + /** + * Gets all arguments in the collection. + */ + ExprImpl getArguments() { toTreeSitter(result) = ast.getChild(_) } - ExprImpl getArguments() { - toTreeSitter(result) = ast.getChild(_) - } -} \ No newline at end of file + int getNumberOfArguments() { result = count(int i | exists(this.getArgument(i))) } +} diff --git a/ql/lib/codeql/bicep/ast/internal/AstNodes.qll b/ql/lib/codeql/bicep/ast/internal/AstNodes.qll index 01adc1b..99dff6b 100644 --- a/ql/lib/codeql/bicep/ast/internal/AstNodes.qll +++ b/ql/lib/codeql/bicep/ast/internal/AstNodes.qll @@ -15,12 +15,10 @@ newtype TAstNode = TCallExpression(BICEP::CallExpression r) or TComment(BICEP::Comment r) or TCompatibleIdentifier(BICEP::CompatibleIdentifier r) or - TDeclaration(BICEP::Declaration r) or TDecorator(BICEP::Decorator r) or TDecorators(BICEP::Decorators r) or TDiagnosticComment(BICEP::DiagnosticComment r) or TEscapeSequence(BICEP::EscapeSequence r) or - TExpression(BICEP::Expression r) or TForLoopParameters(BICEP::ForLoopParameters r) or TForStatement(BICEP::ForStatement r) or TIdentifier(BICEP::Identifier r) or @@ -50,12 +48,10 @@ newtype TAstNode = TParameters(BICEP::Parameters r) or TParenthesizedExpression(BICEP::ParenthesizedExpression r) or TParenthesizedType(BICEP::ParenthesizedType r) or - TPrimaryExpression(BICEP::PrimaryExpression r) or TPrimitiveType(BICEP::PrimitiveType r) or TPropertyIdentifier(BICEP::PropertyIdentifier r) or TResourceDeclaration(BICEP::ResourceDeclaration r) or TResourceExpression(BICEP::ResourceExpression r) or - TStatement(BICEP::Statement r) or TString(BICEP::String r) or TStringContent(BICEP::StringContent r) or TSubscriptExpression(BICEP::SubscriptExpression r) or @@ -87,23 +83,39 @@ class TIdents = TIdentifier or TPropertyIdentifier; * A statement in a Bicep program */ class TStmts = - TInfrastructure or TAssertStatement or TForStatement or TIfStatement or TImportStatement or - TImportWithStatement or TStatement or TUsingStatement or TVariableDeclaration or + TExpr or TInfrastructure or TAssertStatement or TForStatement or TIfStatement or + TImportStatement or TImportWithStatement or TUsingStatement or TVariableDeclaration or TParameterDeclaration or TOutputDeclaration or TUserDefinedFunction; +class TStmtSeq = TInfrastructure; + +class TScopes = TInfrastructure; + /** * A expersion value in a Bicep program */ class TExpr = - TLiterals or TConditionalExpr or TStmts or TIdents or TObject or TObjectProperty or - TAssignmentExpression or TBinaryExpression or TCallExpression or TExpression or - TLambdaExpression or TMemberExpression or TParenthesizedExpression or TPrimaryExpression or - TResourceExpression or TSubscriptExpression or TTernaryExpression or TUnaryExpression; + TLiterals or TConditionals or TCall or TCallable or TIdents or TObject or TObjectProperty or + TAssignmentExpression or TArguments or TBinaryExpression or TCallExpression or + TLambdaExpression or TMemberExpression or TParenthesizedExpression or TParameter or + TParameters or TResourceExpression or TSubscriptExpression or TTernaryExpression or + TUnaryExpression; + +class TConditionals = TIfStatement; /** - * A expersion value in a Bicep program + * Call expression */ -class TConditionalExpr = TIfStatement; +class TCall = TCallExpression; + +/** + * Callable functions, etc. + */ +class TCallable = TUserDefinedFunction or TLambdaExpression; + +class TLoops = TForStatement; + +class TTypes = TType or TTypeArguments; cached BICEP::AstNode toTreeSitter(TAstNode n) { @@ -117,12 +129,10 @@ BICEP::AstNode toTreeSitter(TAstNode n) { n = TCallExpression(result) or n = TComment(result) or n = TCompatibleIdentifier(result) or - n = TDeclaration(result) or n = TDecorator(result) or n = TDecorators(result) or n = TDiagnosticComment(result) or n = TEscapeSequence(result) or - n = TExpression(result) or n = TForLoopParameters(result) or n = TForStatement(result) or n = TIdentifier(result) or @@ -152,12 +162,10 @@ BICEP::AstNode toTreeSitter(TAstNode n) { n = TParameters(result) or n = TParenthesizedExpression(result) or n = TParenthesizedType(result) or - n = TPrimaryExpression(result) or n = TPrimitiveType(result) or n = TPropertyIdentifier(result) or n = TResourceDeclaration(result) or n = TResourceExpression(result) or - n = TStatement(result) or n = TString(result) or n = TStringContent(result) or n = TSubscriptExpression(result) or diff --git a/ql/lib/codeql/bicep/ast/internal/Call.qll b/ql/lib/codeql/bicep/ast/internal/Call.qll deleted file mode 100644 index 6911557..0000000 --- a/ql/lib/codeql/bicep/ast/internal/Call.qll +++ /dev/null @@ -1,4 +0,0 @@ - -/** - * Calls - */ diff --git a/ql/lib/codeql/bicep/ast/internal/CallExpression.qll b/ql/lib/codeql/bicep/ast/internal/CallExpression.qll index c1f6175..ec00ba6 100644 --- a/ql/lib/codeql/bicep/ast/internal/CallExpression.qll +++ b/ql/lib/codeql/bicep/ast/internal/CallExpression.qll @@ -7,7 +7,7 @@ private import AstNodes private import TreeSitter private import codeql.bicep.ast.AstNodes private import Expr -private import Expression +private import Calls private import Idents private import Arguments private import NullableReturnType @@ -15,7 +15,7 @@ private import NullableReturnType /** * A CallExpression AST Node. */ -class CallExpressionImpl extends TCallExpression, ExprImpl { +class CallExpressionImpl extends TCallExpression, CallImpl { private BICEP::CallExpression ast; override string getAPrimaryQlClass() { result = "CallExpression" } @@ -24,14 +24,26 @@ class CallExpressionImpl extends TCallExpression, ExprImpl { override string toString() { result = ast.toString() } - IdentsImpl getIdentifier() { + override IdentsImpl getIdentifier() { toTreeSitter(result) = ast.getFunction() } - ArgumentsImpl getArguments() { + override ArgumentsImpl getArguments() { toTreeSitter(result) = ast.getArguments() } + override ExprImpl getArgument(int n) { + result = this.getArguments().getArgument(n) + } + + override ExprImpl getArgumentByName(string name) { + result = this.getArguments().getArgumentByName(name) + } + + override IdentsImpl getReceiver() { none() } + + override int getNumberOfArguments() { result = this.getArguments().getNumberOfArguments() } + NullableReturnTypeImpl getReturnType() { toTreeSitter(result) = ast.getChild() } diff --git a/ql/lib/codeql/bicep/ast/internal/Calls.qll b/ql/lib/codeql/bicep/ast/internal/Calls.qll new file mode 100644 index 0000000..b9d4eb3 --- /dev/null +++ b/ql/lib/codeql/bicep/ast/internal/Calls.qll @@ -0,0 +1,62 @@ + +/** + * Calls + */ +private import codeql.bicep.ast.AstNodes +private import AstNodes +private import TreeSitter +private import Expr +private import Idents +private import Stmts +private import Type + +abstract class CallableImpl extends ExprImpl, TCallable { + override string getAPrimaryQlClass() { result = "Callable" } + + override string toString() { result = this.getAPrimaryQlClass() } + + abstract AstNode getIdentifier(); + + predicate hasIdentifier() { exists(this.getIdentifier()) } + + string getName() { result = this.getIdentifier().(IdentsImpl).getName() } + + abstract ExprImpl getParameters(); + + abstract ExprImpl getParameter(int n); + + abstract StmtSequenceImpl getBody(); + + int getNumberOfParameters() { result = count(int i | exists(this.getParameter(i))) } + + abstract TypeImpl getType(); + + string getTypeValue() { result = this.getType().getType() } +} + +/** + * Call Expression + */ +abstract class CallImpl extends ExprImpl, TCall { + override string getAPrimaryQlClass() { result = "Calls" } + + override string toString() { result = this.getAPrimaryQlClass() } + + abstract AstNode getIdentifier(); + + string getName() { result = this.getIdentifier().(IdentsImpl).getName() } + + abstract ExprImpl getArguments(); + + abstract ExprImpl getArgument(int n); + + abstract ExprImpl getArgumentByName(string name); + + abstract IdentsImpl getReceiver(); + + string getReceiverName() { + exists(IdentsImpl ident | ident = this.getReceiver() | result = ident.getName()) + } + + abstract int getNumberOfArguments(); +} \ No newline at end of file diff --git a/ql/lib/codeql/bicep/ast/internal/Conditionals.qll b/ql/lib/codeql/bicep/ast/internal/Conditionals.qll index 1cfbc13..f629c0a 100644 --- a/ql/lib/codeql/bicep/ast/internal/Conditionals.qll +++ b/ql/lib/codeql/bicep/ast/internal/Conditionals.qll @@ -6,12 +6,17 @@ private import codeql.bicep.ast.AstNodes private import AstNodes private import TreeSitter private import Expr +private import Stmts +// Re-exports +import ForStatement /** * Conditional statements. */ -class ConditionalExprImpl extends ExprImpl, TConditionalExpr { +class ConditionalsImpl extends StmtsImpl, TConditionals { override string getAPrimaryQlClass() { result = "Conditional" } abstract ExprImpl getCondition(); + + abstract StmtSequenceImpl getBranch(); } \ No newline at end of file diff --git a/ql/lib/codeql/bicep/ast/internal/Declaration.qll b/ql/lib/codeql/bicep/ast/internal/Declaration.qll deleted file mode 100644 index 8f99ecb..0000000 --- a/ql/lib/codeql/bicep/ast/internal/Declaration.qll +++ /dev/null @@ -1,24 +0,0 @@ -/** - * Internal implementation for Declaration - * - * WARNING: this file is generated, do not edit manually - */ -private import AstNodes -private import TreeSitter -private import codeql.bicep.ast.AstNodes - -/** - * A Declaration AST Node. - */ -class DeclarationImpl extends TDeclaration, AstNode { - private BICEP::Declaration ast; - - override string getAPrimaryQlClass() { result = "Declaration" } - - DeclarationImpl() { this = TDeclaration(ast) } - - override string toString() { result = ast.toString() } - - - -} \ No newline at end of file diff --git a/ql/lib/codeql/bicep/ast/internal/Expr.qll b/ql/lib/codeql/bicep/ast/internal/Expr.qll index b39e463..a36cc19 100644 --- a/ql/lib/codeql/bicep/ast/internal/Expr.qll +++ b/ql/lib/codeql/bicep/ast/internal/Expr.qll @@ -1,10 +1,13 @@ private import codeql.bicep.ast.AstNodes private import AstNodes private import TreeSitter +private import Stmts /** * A Bicep expression. */ -class ExprImpl extends AstNode, TExpr { +class ExprImpl extends StmtsImpl, TExpr { override string getAPrimaryQlClass() { result = "Expr" } + + override string toString() { none() } } diff --git a/ql/lib/codeql/bicep/ast/internal/Expression.qll b/ql/lib/codeql/bicep/ast/internal/Expression.qll deleted file mode 100644 index 01c8921..0000000 --- a/ql/lib/codeql/bicep/ast/internal/Expression.qll +++ /dev/null @@ -1,26 +0,0 @@ -/** - * Internal implementation for Expression - * - * WARNING: this file is generated, do not edit manually - */ -private import AstNodes -private import TreeSitter -private import codeql.bicep.ast.AstNodes -private import Expr - - -/** - * A Expression AST Node. - */ -class ExpressionImpl extends TExpression, ExprImpl { - private BICEP::Expression ast; - - override string getAPrimaryQlClass() { result = "Expression" } - - ExpressionImpl() { this = TExpression(ast) } - - override string toString() { result = ast.toString() } - - - -} \ No newline at end of file diff --git a/ql/lib/codeql/bicep/ast/internal/ForStatement.qll b/ql/lib/codeql/bicep/ast/internal/ForStatement.qll index c512396..ec1f90d 100644 --- a/ql/lib/codeql/bicep/ast/internal/ForStatement.qll +++ b/ql/lib/codeql/bicep/ast/internal/ForStatement.qll @@ -1,18 +1,19 @@ /** * Internal implementation for ForStatement - * - * WARNING: this file is generated, do not edit manually */ + private import AstNodes private import TreeSitter private import codeql.bicep.ast.AstNodes private import Stmts - +private import Loops +private import Expr +private import Idents /** * A ForStatement AST Node. */ -class ForStatementImpl extends TForStatement, StmtsImpl { +class ForStatementImpl extends TForStatement, LoopsImpl { private BICEP::ForStatement ast; override string getAPrimaryQlClass() { result = "ForStatement" } @@ -20,7 +21,21 @@ class ForStatementImpl extends TForStatement, StmtsImpl { ForStatementImpl() { this = TForStatement(ast) } override string toString() { result = ast.toString() } - - - -} \ No newline at end of file + + override ExprImpl getCondition() { + // In Bicep, for loops don't have explicit conditions like other languages, + // but the loop enumeration object can be considered the condition + // We use child index 1 which should be the loop condition/enumeration + toTreeSitter(result) = ast.getChild(1) + } + + override ExprImpl getBody() { + // The body is the part to execute for each iteration + toTreeSitter(result) = ast.getBody() + } + + override IdentsImpl getInitializer() { + // The initializer is the loop variable + toTreeSitter(result) = ast.getInitializer() + } +} diff --git a/ql/lib/codeql/bicep/ast/internal/Infrastructure.qll b/ql/lib/codeql/bicep/ast/internal/Infrastructure.qll index bf72d66..929d914 100644 --- a/ql/lib/codeql/bicep/ast/internal/Infrastructure.qll +++ b/ql/lib/codeql/bicep/ast/internal/Infrastructure.qll @@ -3,17 +3,16 @@ * * WARNING: this file is generated, do not edit manually */ + private import AstNodes private import TreeSitter private import codeql.bicep.ast.AstNodes private import Stmts -private import Statement - /** * A Infrastructure AST Node. */ -class InfrastructureImpl extends TInfrastructure, AstNode { +class InfrastructureImpl extends TInfrastructure, StmtSequenceImpl { private BICEP::Infrastructure ast; override string getAPrimaryQlClass() { result = "Infrastructure" } @@ -22,7 +21,7 @@ class InfrastructureImpl extends TInfrastructure, AstNode { override string toString() { result = ast.toString() } - StatementImpl getStatement(int index) { - toTreeSitter(result) = ast.getChild(index) - } -} \ No newline at end of file + override StmtsImpl getStmt(int index) { toTreeSitter(result) = ast.getChild(index) } + + override StmtsImpl getStmts() { result = this.getStmt(_) } +} diff --git a/ql/lib/codeql/bicep/ast/internal/LambdaExpression.qll b/ql/lib/codeql/bicep/ast/internal/LambdaExpression.qll index fe3c03a..9d32e1d 100644 --- a/ql/lib/codeql/bicep/ast/internal/LambdaExpression.qll +++ b/ql/lib/codeql/bicep/ast/internal/LambdaExpression.qll @@ -6,13 +6,19 @@ private import AstNodes private import TreeSitter private import codeql.bicep.ast.AstNodes +private import Calls private import Expr +private import Idents +private import Stmts +private import Parameter +private import Parameters +private import Type /** * A LambdaExpression AST Node. */ -class LambdaExpressionImpl extends TLambdaExpression, ExprImpl { +class LambdaExpressionImpl extends TLambdaExpression, CallableImpl { private BICEP::LambdaExpression ast; override string getAPrimaryQlClass() { result = "LambdaExpression" } @@ -20,7 +26,29 @@ class LambdaExpressionImpl extends TLambdaExpression, ExprImpl { LambdaExpressionImpl() { this = TLambdaExpression(ast) } override string toString() { result = ast.toString() } - - - + + override AstNode getIdentifier() { + // LambdaExpression doesn't have a direct identifier, so we return nothing + none() + } + + override ParametersImpl getParameters() { + toTreeSitter(result) = ast.getChild(0) + } + + override ParameterImpl getParameter(int n) { + result = this.getParameters().getParameter(n) + } + + override StmtSequenceImpl getBody() { + // Return the body of the lambda expression + toTreeSitter(result) = ast.getChild(1) + } + + override TypeImpl getType() { + // For LambdaExpression, we might not have a direct type + none() + } + + override int getNumberOfParameters() { result = count(int i | exists(this.getParameter(i))) } } \ No newline at end of file diff --git a/ql/lib/codeql/bicep/ast/internal/Loops.qll b/ql/lib/codeql/bicep/ast/internal/Loops.qll index a5ccfae..0c6f004 100644 --- a/ql/lib/codeql/bicep/ast/internal/Loops.qll +++ b/ql/lib/codeql/bicep/ast/internal/Loops.qll @@ -1,4 +1,23 @@ - /** - * Loop statements are not supported in `bicep` code. - */ \ No newline at end of file + * Loop statements in Bicep code. + * + * Bicep supports for loops for iterating over collections, ranges, or object properties. + * These loops are used to create multiple instances of resources, variables, or other elements. + */ + +private import AstNodes +private import TreeSitter +private import codeql.bicep.ast.AstNodes +private import Idents +private import Stmts +private import Expr + +abstract class LoopsImpl extends AstNode, TLoops { + override string getAPrimaryQlClass() { result = "Loops" } + + abstract ExprImpl getCondition(); + + abstract ExprImpl getBody(); + + abstract IdentsImpl getInitializer(); +} diff --git a/ql/lib/codeql/bicep/ast/internal/Object.qll b/ql/lib/codeql/bicep/ast/internal/Object.qll index d1cfcf4..4cc5a6c 100644 --- a/ql/lib/codeql/bicep/ast/internal/Object.qll +++ b/ql/lib/codeql/bicep/ast/internal/Object.qll @@ -19,7 +19,7 @@ class ObjectImpl extends TObject, AstNode { ObjectImpl() { this = TObject(ast) } - override string toString() { result = ast.toString() } + // override string toString() { result = ast.toString() } ObjectPropertyImpl getProperty(int index) { toTreeSitter(result) = ast.getChild(index) } diff --git a/ql/lib/codeql/bicep/ast/internal/Parameter.qll b/ql/lib/codeql/bicep/ast/internal/Parameter.qll index 7acfedc..0a4f225 100644 --- a/ql/lib/codeql/bicep/ast/internal/Parameter.qll +++ b/ql/lib/codeql/bicep/ast/internal/Parameter.qll @@ -13,7 +13,7 @@ private import Type /** * A Parameter AST Node. */ -class ParameterImpl extends TParameter, AstNode { +class ParameterImpl extends TParameter, ExprImpl { private BICEP::Parameter ast; override string getAPrimaryQlClass() { result = "Parameter" } diff --git a/ql/lib/codeql/bicep/ast/internal/Parameters.qll b/ql/lib/codeql/bicep/ast/internal/Parameters.qll index 7f26bac..e8293b7 100644 --- a/ql/lib/codeql/bicep/ast/internal/Parameters.qll +++ b/ql/lib/codeql/bicep/ast/internal/Parameters.qll @@ -7,11 +7,12 @@ private import AstNodes private import TreeSitter private import codeql.bicep.ast.AstNodes private import Parameter +private import Expr /** * A Parameters AST Node. */ -class ParametersImpl extends TParameters, AstNode { +class ParametersImpl extends TParameters, ExprImpl { private BICEP::Parameters ast; override string getAPrimaryQlClass() { result = "Parameters" } diff --git a/ql/lib/codeql/bicep/ast/internal/PrimaryExpression.qll b/ql/lib/codeql/bicep/ast/internal/PrimaryExpression.qll deleted file mode 100644 index 42fbbd9..0000000 --- a/ql/lib/codeql/bicep/ast/internal/PrimaryExpression.qll +++ /dev/null @@ -1,26 +0,0 @@ -/** - * Internal implementation for PrimaryExpression - * - * WARNING: this file is generated, do not edit manually - */ -private import AstNodes -private import TreeSitter -private import codeql.bicep.ast.AstNodes -private import Expr - - -/** - * A PrimaryExpression AST Node. - */ -class PrimaryExpressionImpl extends TPrimaryExpression, ExprImpl { - private BICEP::PrimaryExpression ast; - - override string getAPrimaryQlClass() { result = "PrimaryExpression" } - - PrimaryExpressionImpl() { this = TPrimaryExpression(ast) } - - override string toString() { result = ast.toString() } - - - -} \ No newline at end of file diff --git a/ql/lib/codeql/bicep/ast/internal/Statement.qll b/ql/lib/codeql/bicep/ast/internal/Statement.qll deleted file mode 100644 index 3356e22..0000000 --- a/ql/lib/codeql/bicep/ast/internal/Statement.qll +++ /dev/null @@ -1,26 +0,0 @@ -/** - * Internal implementation for Statement - * - * WARNING: this file is generated, do not edit manually - */ -private import AstNodes -private import TreeSitter -private import codeql.bicep.ast.AstNodes -private import Stmts - - -/** - * A Statement AST Node. - */ -class StatementImpl extends TStatement, StmtsImpl { - private BICEP::Statement ast; - - override string getAPrimaryQlClass() { result = "Statement" } - - StatementImpl() { this = TStatement(ast) } - - override string toString() { result = ast.toString() } - - - -} \ No newline at end of file diff --git a/ql/lib/codeql/bicep/ast/internal/Stmts.qll b/ql/lib/codeql/bicep/ast/internal/Stmts.qll index ce8a96a..88b2135 100644 --- a/ql/lib/codeql/bicep/ast/internal/Stmts.qll +++ b/ql/lib/codeql/bicep/ast/internal/Stmts.qll @@ -9,3 +9,11 @@ private import Expr class StmtsImpl extends AstNode, TStmts { override string getAPrimaryQlClass() { result = "Stmts" } } + +class StmtSequenceImpl extends AstNode, TStmtSeq { + override string getAPrimaryQlClass() { result = "StmtSequence" } + + abstract StmtsImpl getStmts(); + + abstract StmtsImpl getStmt(int index); +} diff --git a/ql/lib/codeql/bicep/ast/internal/TreeSitter.qll b/ql/lib/codeql/bicep/ast/internal/TreeSitter.qll index 73ad3bd..5219645 100644 --- a/ql/lib/codeql/bicep/ast/internal/TreeSitter.qll +++ b/ql/lib/codeql/bicep/ast/internal/TreeSitter.qll @@ -48,13 +48,21 @@ module BICEP { final override string getAPrimaryQlClass() { result = "ReservedWord" } } + class UnderscoreDeclaration extends @bicep_underscore_declaration, AstNode { } + + class UnderscoreExpression extends @bicep_underscore_expression, AstNode { } + + class UnderscorePrimaryExpression extends @bicep_underscore_primary_expression, AstNode { } + + class UnderscoreStatement extends @bicep_underscore_statement, AstNode { } + /** A class representing `arguments` nodes. */ class Arguments extends @bicep_arguments, AstNode { /** Gets the name of the primary QL class for this element. */ final override string getAPrimaryQlClass() { result = "Arguments" } /** Gets the `i`th child of this node. */ - final Expression getChild(int i) { bicep_arguments_child(this, i, result) } + final UnderscoreExpression getChild(int i) { bicep_arguments_child(this, i, result) } /** Gets a field or child node of this node. */ final override AstNode getAFieldOrChild() { bicep_arguments_child(this, _, result) } @@ -93,7 +101,7 @@ module BICEP { final Identifier getName() { bicep_assert_statement_def(this, result, _) } /** Gets the child of this node. */ - final Expression getChild() { bicep_assert_statement_def(this, _, result) } + final UnderscoreExpression getChild() { bicep_assert_statement_def(this, _, result) } /** Gets a field or child node of this node. */ final override AstNode getAFieldOrChild() { @@ -110,7 +118,7 @@ module BICEP { final AstNode getLeft() { bicep_assignment_expression_def(this, result, _) } /** Gets the node corresponding to the field `right`. */ - final Expression getRight() { bicep_assignment_expression_def(this, _, result) } + final UnderscoreExpression getRight() { bicep_assignment_expression_def(this, _, result) } /** Gets a field or child node of this node. */ final override AstNode getAFieldOrChild() { @@ -125,7 +133,7 @@ module BICEP { final override string getAPrimaryQlClass() { result = "BinaryExpression" } /** Gets the node corresponding to the field `left`. */ - final Expression getLeft() { bicep_binary_expression_def(this, result, _, _) } + final UnderscoreExpression getLeft() { bicep_binary_expression_def(this, result, _, _) } /** Gets the node corresponding to the field `operator`. */ final string getOperator() { @@ -167,7 +175,7 @@ module BICEP { } /** Gets the node corresponding to the field `right`. */ - final Expression getRight() { bicep_binary_expression_def(this, _, _, result) } + final UnderscoreExpression getRight() { bicep_binary_expression_def(this, _, _, result) } /** Gets a field or child node of this node. */ final override AstNode getAFieldOrChild() { @@ -191,7 +199,7 @@ module BICEP { final Arguments getArguments() { bicep_call_expression_def(this, result, _) } /** Gets the node corresponding to the field `function`. */ - final Expression getFunction() { bicep_call_expression_def(this, _, result) } + final UnderscoreExpression getFunction() { bicep_call_expression_def(this, _, result) } /** Gets the child of this node. */ final NullableReturnType getChild() { bicep_call_expression_child(this, result) } @@ -222,8 +230,6 @@ module BICEP { final override AstNode getAFieldOrChild() { bicep_compatible_identifier_def(this, result) } } - class Declaration extends @bicep_declaration, AstNode { } - /** A class representing `decorator` nodes. */ class Decorator extends @bicep_decorator, AstNode { /** Gets the name of the primary QL class for this element. */ @@ -260,8 +266,6 @@ module BICEP { final override string getAPrimaryQlClass() { result = "EscapeSequence" } } - class Expression extends @bicep_expression, AstNode { } - /** A class representing `for_loop_parameters` nodes. */ class ForLoopParameters extends @bicep_for_loop_parameters, AstNode { /** Gets the name of the primary QL class for this element. */ @@ -356,7 +360,7 @@ module BICEP { final override string getAPrimaryQlClass() { result = "Infrastructure" } /** Gets the `i`th child of this node. */ - final Statement getChild(int i) { bicep_infrastructure_child(this, i, result) } + final UnderscoreStatement getChild(int i) { bicep_infrastructure_child(this, i, result) } /** Gets a field or child node of this node. */ final override AstNode getAFieldOrChild() { bicep_infrastructure_child(this, _, result) } @@ -368,7 +372,7 @@ module BICEP { final override string getAPrimaryQlClass() { result = "Interpolation" } /** Gets the child of this node. */ - final Expression getChild() { bicep_interpolation_def(this, result) } + final UnderscoreExpression getChild() { bicep_interpolation_def(this, result) } /** Gets a field or child node of this node. */ final override AstNode getAFieldOrChild() { bicep_interpolation_def(this, result) } @@ -380,7 +384,7 @@ module BICEP { final override string getAPrimaryQlClass() { result = "LambdaExpression" } /** Gets the `i`th child of this node. */ - final Expression getChild(int i) { bicep_lambda_expression_child(this, i, result) } + final UnderscoreExpression getChild(int i) { bicep_lambda_expression_child(this, i, result) } /** Gets a field or child node of this node. */ final override AstNode getAFieldOrChild() { bicep_lambda_expression_child(this, _, result) } @@ -571,7 +575,9 @@ module BICEP { final override string getAPrimaryQlClass() { result = "ParenthesizedExpression" } /** Gets the `i`th child of this node. */ - final Expression getChild(int i) { bicep_parenthesized_expression_child(this, i, result) } + final UnderscoreExpression getChild(int i) { + bicep_parenthesized_expression_child(this, i, result) + } /** Gets a field or child node of this node. */ final override AstNode getAFieldOrChild() { @@ -591,8 +597,6 @@ module BICEP { final override AstNode getAFieldOrChild() { bicep_parenthesized_type_def(this, result) } } - class PrimaryExpression extends @bicep_primary_expression, AstNode { } - /** A class representing `primitive_type` tokens. */ class PrimitiveType extends @bicep_token_primitive_type, Token { /** Gets the name of the primary QL class for this element. */ @@ -623,7 +627,7 @@ module BICEP { final override string getAPrimaryQlClass() { result = "ResourceExpression" } /** Gets the node corresponding to the field `object`. */ - final Expression getObject() { bicep_resource_expression_def(this, result, _) } + final UnderscoreExpression getObject() { bicep_resource_expression_def(this, result, _) } /** Gets the node corresponding to the field `resource`. */ final Identifier getResource() { bicep_resource_expression_def(this, _, result) } @@ -635,8 +639,6 @@ module BICEP { } } - class Statement extends @bicep_statement, AstNode { } - /** A class representing `string` nodes. */ class String extends @bicep_string__, AstNode { /** Gets the name of the primary QL class for this element. */ @@ -661,10 +663,10 @@ module BICEP { final override string getAPrimaryQlClass() { result = "SubscriptExpression" } /** Gets the node corresponding to the field `index`. */ - final Expression getIndex() { bicep_subscript_expression_def(this, result, _) } + final UnderscoreExpression getIndex() { bicep_subscript_expression_def(this, result, _) } /** Gets the node corresponding to the field `object`. */ - final Expression getObject() { bicep_subscript_expression_def(this, _, result) } + final UnderscoreExpression getObject() { bicep_subscript_expression_def(this, _, result) } /** Gets a field or child node of this node. */ final override AstNode getAFieldOrChild() { @@ -691,13 +693,13 @@ module BICEP { final override string getAPrimaryQlClass() { result = "TernaryExpression" } /** Gets the node corresponding to the field `alternative`. */ - final Expression getAlternative() { bicep_ternary_expression_def(this, result, _, _) } + final UnderscoreExpression getAlternative() { bicep_ternary_expression_def(this, result, _, _) } /** Gets the node corresponding to the field `condition`. */ - final Expression getCondition() { bicep_ternary_expression_def(this, _, result, _) } + final UnderscoreExpression getCondition() { bicep_ternary_expression_def(this, _, result, _) } /** Gets the node corresponding to the field `consequence`. */ - final Expression getConsequence() { bicep_ternary_expression_def(this, _, _, result) } + final UnderscoreExpression getConsequence() { bicep_ternary_expression_def(this, _, _, result) } /** Gets a field or child node of this node. */ final override AstNode getAFieldOrChild() { @@ -761,7 +763,7 @@ module BICEP { final override string getAPrimaryQlClass() { result = "UnaryExpression" } /** Gets the node corresponding to the field `argument`. */ - final Expression getArgument() { bicep_unary_expression_def(this, result, _) } + final UnderscoreExpression getArgument() { bicep_unary_expression_def(this, result, _) } /** Gets the node corresponding to the field `operator`. */ final string getOperator() { diff --git a/ql/lib/codeql/bicep/ast/internal/Variables.qll b/ql/lib/codeql/bicep/ast/internal/Variables.qll new file mode 100644 index 0000000..f94a6c6 --- /dev/null +++ b/ql/lib/codeql/bicep/ast/internal/Variables.qll @@ -0,0 +1,335 @@ +private import AstNodes +private import TreeSitter +private import codeql.bicep.ast.AstNodes +private import codeql.bicep.AST +private import codeql.bicep.CFG +private import codeql.Locations +private import Expr + +/** + * A scope in a Bicep program. + * + * Represents a lexical scope in Bicep, which can contain variable declarations, + * parameters, resources, and other scoped entities. Scopes can be nested, with + * each scope having an outer scope (except for the global scope). Scopes are + * used to determine the visibility and lifetime of variables and other entities. + */ +class ScopeImpl extends AstNode, TScopes { + ScopeImpl() { not this.getParent() instanceof Callable } + + ScopeImpl getOuterScope() { result = this.getParent+() } +} + +/** + * Represents a variable definition in the Bicep program. + * + * This class models any named entity that can be referenced elsewhere in the code, + * including parameters, variables, outputs, and resources. It provides a unified + * interface for accessing information about variables regardless of their specific + * declaration type. + */ +class VariableImpl extends MkVariable { + private AstNode node; + private string name; + + VariableImpl() { this = MkVariable(node, name) } + + /** + * Gets the name of this variable. + * + * @return The name of the variable as a string + */ + string getName() { result = name } + + /** + * Gets a string representation of this variable. + * + * @return A string in the format "Variable[name]" + */ + string toString() { result = "Variable[" + name + "]" } + + /** + * Gets the AST node that defines this variable. + * + * This could be a parameter declaration, variable declaration, resource declaration, etc. + * + * @return The AST node that defines this variable + */ + AstNode getAstNode() { result = node } + + ExprImpl asExpr() { result = node } + + /** + * Gets the source location of this variable. + * + * This is the location of the AST node that defines the variable. + * + * @return The source location of the variable definition + */ + Location getLocation() { result = node.getLocation() } + + /** + * Gets an access to this variable. + * + * This returns any usage of the variable in the code. + * + * @return A variable access that refers to this variable + */ + VariableAccessImpl getAnAccess() { result.getVariable() = this } + + ScopeImpl getScope() { result = any(ScopeImpl scope | this.getAstNode().getParent+() = scope) } + + ScopeImpl getScopes() { result = any(ScopeImpl scope | this.getAstNode().getParent*() = scope) } + + /** + * Gets the type of this variable, if it can be determined. + * + * This method attempts to find the type by looking at the variable's declaration, + * either as a parameter or an output. + * + * @return The type of the variable, if available + */ + Type getType() { + result = this.getParameter().getType() + or + result = this.getOutput().getType() + } + + /** + * Gets the parameter declaration for this variable, if it is a parameter. + * + * @return The parameter declaration for this variable, if any + */ + ParameterDeclaration getParameter() { + exists(ParameterDeclaration param | + param.getName() = this.getName() and + param.getEnclosingCfgScope() = this.getEnclosingCfgScope() and + result = param + ) + } + + /** + * Gets the output declaration for this variable, if it is an output. + * + * @return The output declaration for this variable, if any + */ + OutputDeclaration getOutput() { + exists(OutputDeclaration output | + output.getIdentifier().getName() = this.getName() and + output.getEnclosingCfgScope() = this.getEnclosingCfgScope() and + result = output + ) + } + + /** + * Gets the enclosing scope of this variable, if any. + */ + CfgScope getEnclosingCfgScope() { result = node.getEnclosingCfgScope() } + + // Expr getInitializer() { } + string getAPrimaryQlClass() { result = "Variable" } +} + +/** + * Represents an access to a variable in the code. + * + * This class models any usage of a variable (parameter, declared variable, + * resource, output) within the Bicep code. It provides information about + * where the variable is accessed and which variable is being accessed. + */ +class VariableAccessImpl extends MkVariableAccess, TVariableAccess { + private string name; + private AstNode node; + private VariableImpl v; + + VariableAccessImpl() { this = MkVariableAccess(node, v, name) } + + /** + * Gets the name of the variable being accessed. + * + * @return The name of the variable as a string + */ + string getName() { result = name } + + /** + * Gets the AST node that represents this variable access. + * + * This is typically an identifier node in the syntax tree. + * + * @return The AST node for this variable access + */ + AstNode getAstNode() { result = node } + + /** + * Gets the variable being accessed. + * + * @return The variable that this access refers to + */ + VariableImpl getVariable() { result = v } + + /** + * Gets a string representation of this variable access. + * + * @return A string in the format "VariableAccess[name]" + */ + string toString() { result = "VariableAccess[" + name + "]" } + + /** + * Gets the source location of this variable access. + * + * This is the location in the source code where the variable is referenced. + * + * @return The source location of the variable access + */ + Location getLocation() { result = node.getLocation() } + + /** + * Gets the type of the variable being accessed, if it can be determined. + * + * @return The type of the variable, if available + */ + Type getType() { result = this.getVariable().getType() } + + /** + * Gets the enclosing CFG scope of this variable access. + * + * This is the control flow graph scope that contains this access. + * + * @return The enclosing CFG scope + */ + CfgScope getEnclosingCfgScope() { result = v.getEnclosingCfgScope() } + + ScopeImpl getScope() { result = v.getScope() } + + ScopeImpl getScopes() { result = v.getScopes() } + + /** + * Gets the primary QL class for this AST node. + * + * @return The name of the QL class ("VariableAccess") + */ + string getAPrimaryQlClass() { result = "VariableAccess" } +} + +/** + * Represents a write access to a variable. + * + * This class models places in the code where a variable's value is being + * defined or assigned. This includes declarations of parameters, variables, + * resources, and outputs. + */ +class VariableWriteAccessImpl extends VariableAccessImpl { + VariableWriteAccessImpl() { writeAccess(this) } + + /** + * Gets the primary QL class for this AST node. + * + * @return The name of the QL class ("VariableWrite") + */ + override string getAPrimaryQlClass() { result = "VariableWrite" } +} + +/** + * Represents a read access to a variable. + * + * This class models places in the code where a variable's value is being + * used but not modified. This includes using the variable in expressions, + * passing it as an argument to functions, or referencing it in other contexts. + */ +class VariableReadAccessImpl extends VariableAccessImpl { + VariableReadAccessImpl() { not this instanceof VariableWriteAccessImpl } + + /** + * Gets the primary QL class for this AST node. + * + * @return The name of the QL class ("VariableRead") + */ + override string getAPrimaryQlClass() { result = "VariableRead" } +} + +/** + * Implements all of the Variable declarations for a Bicep project + */ +private predicate decl(AstNode node, string name) { + exists(ParameterDeclaration param | + param.getName() = name and + node = param + ) + or + exists(VariableDeclaration vardelc | + vardelc.getIdentifier().getName() = name and + node = vardelc + ) + or + exists(Resource resource | + resource.getIdentifier().getName() = name and + node = resource.getResourceDeclaration() + ) + or + exists(OutputDeclaration output | + output.getIdentifier().getName() = name and + node = output + ) +} + +/** + * Implements all of the Variable access (reads / writes) for a Bicep project + */ +private predicate access(AstNode node, VariableImpl v, string name) { + exists(Identifier ident | + ident.getName() = name and + // Make sure they are not in a declare statement + not ident.getParent() instanceof VariableDeclaration and + // not ident.getParent() instanceof ParameterDeclaration and + // not ident.getParent() instanceof OutputDeclaration and + // Make sure they are in the same scope + ident.getName() = v.getName() and + ident.getEnclosingCfgScope() = v.getEnclosingCfgScope() and + ident = node + ) +} + +/** + * Holds if the variable is written too. + */ +private predicate write(VariableAccessImpl node) { + // Parameter + node.getAstNode().getParent() instanceof ParameterDeclaration + or + // SET + node.getAstNode().getParent() instanceof VariableDeclaration + or + node.getAstNode().getParent() instanceof ResourceDeclaration + or + // Output + node.getAstNode().getParent() instanceof OutputDeclaration +} + +cached +private module Cached { + cached + newtype TVariable = + TResource(Resource resource, string name) { resource.getIdentifier().getName() = name } or + TVariableDecl(VariableDeclaration varDecl, string name) { + varDecl.getIdentifier().getName() = name + } or + TParameterDecl(ParameterDeclaration param, string name) { param.getName() = name } or + TOutput(OutputDeclaration output, string name) { output.getIdentifier().getName() = name } or + MkVariable(AstNode definingNode, string name) { variableDecl(definingNode, name) } + + cached + newtype TVariableAccess = + TIdent(Identifier ident, string name) { ident.getName() = name } or + MkVariableAccess(AstNode node, VariableImpl v, string name) { variableAccess(node, v, name) } + + cached + predicate variableDecl(AstNode node, string name) { decl(node, name) } + + cached + predicate variableAccess(AstNode node, VariableImpl v, string name) { access(node, v, name) } + + cached + predicate writeAccess(VariableAccessImpl node) { write(node) } +} + +private import Cached diff --git a/ql/lib/codeql/bicep/controlflow/internal/ControlFlowGraphImpl.qll b/ql/lib/codeql/bicep/controlflow/internal/ControlFlowGraphImpl.qll index 42889f7..1f0d74d 100644 --- a/ql/lib/codeql/bicep/controlflow/internal/ControlFlowGraphImpl.qll +++ b/ql/lib/codeql/bicep/controlflow/internal/ControlFlowGraphImpl.qll @@ -64,7 +64,7 @@ private module CfgImpl = Make; import CfgImpl class InfrastructureScopeTree extends StandardTree, PreOrderTree, PostOrderTree, Scope::InfrastructureScope { - override AstNode getChildNode(int i) { result = super.getStatement(i) } + override AstNode getChildNode(int i) { result = super.getStmt(i) } } class StmtsTree extends StandardPostOrderTree instanceof Stmts { diff --git a/ql/lib/codeql/bicep/controlflow/internal/Scope.qll b/ql/lib/codeql/bicep/controlflow/internal/Scope.qll index ff77006..83758b3 100644 --- a/ql/lib/codeql/bicep/controlflow/internal/Scope.qll +++ b/ql/lib/codeql/bicep/controlflow/internal/Scope.qll @@ -17,7 +17,7 @@ final class CfgScope = CfgScopeImpl; * A Infrastructure is a Sequence of statements. */ final class InfrastructureScope extends CfgScopeImpl, Infrastructure { - override predicate scopeFirst(AstNode first) { first(this.getStatement(0), first) } + override predicate scopeFirst(AstNode first) { first(this.getStmt(0), first) } override predicate scopeLast(AstNode last, Completion c) { last(this, last, c) } } diff --git a/ql/lib/codeql/bicep/frameworks/Microsoft/AKS.qll b/ql/lib/codeql/bicep/frameworks/Microsoft/AKS.qll index 9c66fdf..b588030 100644 --- a/ql/lib/codeql/bicep/frameworks/Microsoft/AKS.qll +++ b/ql/lib/codeql/bicep/frameworks/Microsoft/AKS.qll @@ -709,7 +709,7 @@ module AKS { */ predicate hasCount() { exists(this.getCount()) } - string toString() { result = "AgentPoolProfile" } + override string toString() { result = "AgentPoolProfile" } } /** @@ -738,7 +738,7 @@ module AKS { */ StringLiteral getPrivateDnsZone() { result = this.getProperty("privateDnsZone") } - string toString() { result = "ApiServerAccessProfile" } + override string toString() { result = "ApiServerAccessProfile" } } /** @@ -758,7 +758,7 @@ module AKS { */ AddonKubeDashboard getKubeDashboard() { result = this.getProperty("kubeDashboard") } - string toString() { result = "AddonProfiles" } + override string toString() { result = "AddonProfiles" } } /** @@ -781,7 +781,7 @@ module AKS { result = this.getEnabled().getBool() } - string toString() { result = "AddonKubeDashboard" } + override string toString() { result = "AddonKubeDashboard" } } /** @@ -800,7 +800,7 @@ module AKS { */ Boolean getEnabled() { result = this.getProperty("enabled") } - string toString() { result = "AddonAzurePolicy" } + override string toString() { result = "AddonAzurePolicy" } } /** @@ -849,7 +849,7 @@ module AKS { */ predicate hasAdminGroupObjectIDs() { exists(this.getAdminGroupObjectIDs()) } - string toString() { result = "AADProfile" } + override string toString() { result = "AADProfile" } } /** @@ -913,7 +913,7 @@ module AKS { */ Boolean getSkipNodesWithSystemPods() { result = this.getProperty("skipNodesWithSystemPods") } - string toString() { result = "AutoScalerProfile" } + override string toString() { result = "AutoScalerProfile" } } /** @@ -947,7 +947,7 @@ module AKS { */ Expr getAutoUpgradeChannels() { result = this.getProperty("autoUpgradeChannels") } - string toString() { result = "AutoUpgradeProfile" } + override string toString() { result = "AutoUpgradeProfile" } } /** @@ -976,7 +976,7 @@ module AKS { */ Expr getProfiles() { result = this.getProperty("profiles") } - string toString() { result = "AzureMonitorProfile" } + override string toString() { result = "AzureMonitorProfile" } } @@ -1001,7 +1001,7 @@ module AKS { */ Boolean getIstioEnabled() { result = this.getProperty("istioEnabled") } - string toString() { result = "ServiceMeshProfile" } + override string toString() { result = "ServiceMeshProfile" } } /** @@ -1025,7 +1025,7 @@ module AKS { */ Expr getVerticalPodAutoscaler() { result = this.getProperty("verticalPodAutoscaler") } - string toString() { result = "WorkloadAutoScalerProfile" } + override string toString() { result = "WorkloadAutoScalerProfile" } } /** @@ -1059,7 +1059,7 @@ module AKS { */ StringLiteral getTrustedCa() { result = this.getProperty("trustedCa") } - string toString() { result = "HttpProxyConfig" } + override string toString() { result = "HttpProxyConfig" } } /** @@ -1083,7 +1083,7 @@ module AKS { */ Boolean getUserAssignedIdentityExceptions() { result = this.getProperty("userAssignedIdentityExceptions") } - string toString() { result = "PodIdentityProfile" } + override string toString() { result = "PodIdentityProfile" } } /** @@ -1107,7 +1107,7 @@ module AKS { */ StringLiteral getSecret() { result = this.getProperty("secret") } - string toString() { result = "ServicePrincipalProfile" } + override string toString() { result = "ServicePrincipalProfile" } } /** @@ -1126,7 +1126,7 @@ module AKS { */ Expr getWebApplicationFirewallProfile() { result = this.getProperty("webApplicationFirewallProfile") } - string toString() { result = "IngressProfile" } + override string toString() { result = "IngressProfile" } } /** @@ -1145,7 +1145,7 @@ module AKS { */ Boolean getEnabled() { result = this.getProperty("enabled") } - string toString() { result = "MetricsProfile" } + override string toString() { result = "MetricsProfile" } } /** @@ -1169,7 +1169,7 @@ module AKS { */ StringLiteral getIssuerURL() { result = this.getProperty("issuerURL") } - string toString() { result = "OidcIssuerProfile" } + override string toString() { result = "OidcIssuerProfile" } } /** @@ -1188,7 +1188,7 @@ module AKS { */ Boolean getEnabled() { result = this.getProperty("enabled") } - string toString() { result = "SafeguardsProfile" } + override string toString() { result = "SafeguardsProfile" } } /** @@ -1207,7 +1207,7 @@ module AKS { */ Boolean getEnabled() { result = this.getProperty("enabled") } - string toString() { result = "AIToolchainOperatorProfile" } + override string toString() { result = "AIToolchainOperatorProfile" } } } } diff --git a/ql/lib/codeql/bicep/frameworks/Microsoft/Cache.qll b/ql/lib/codeql/bicep/frameworks/Microsoft/Cache.qll index 18c8a4b..a53a523 100644 --- a/ql/lib/codeql/bicep/frameworks/Microsoft/Cache.qll +++ b/ql/lib/codeql/bicep/frameworks/Microsoft/Cache.qll @@ -507,7 +507,7 @@ module Cache { /** * Returns a string representation of the RedisConfiguration object. */ - string toString() { result = "RedisConfiguration" } + override string toString() { result = "RedisConfiguration" } } } } diff --git a/ql/lib/codeql/bicep/frameworks/Microsoft/Compute.qll b/ql/lib/codeql/bicep/frameworks/Microsoft/Compute.qll index d6e80e7..1beedcc 100644 --- a/ql/lib/codeql/bicep/frameworks/Microsoft/Compute.qll +++ b/ql/lib/codeql/bicep/frameworks/Microsoft/Compute.qll @@ -101,7 +101,7 @@ module Compute { /** * Returns a string representation of the hardware profile. */ - string toString() { result = "HardwareProfile" } + override string toString() { result = "HardwareProfile" } /** * Returns the vmSize property of the hardware profile. diff --git a/ql/lib/codeql/bicep/frameworks/Microsoft/Containers.qll b/ql/lib/codeql/bicep/frameworks/Microsoft/Containers.qll index 8fea5b4..1b44edd 100644 --- a/ql/lib/codeql/bicep/frameworks/Microsoft/Containers.qll +++ b/ql/lib/codeql/bicep/frameworks/Microsoft/Containers.qll @@ -246,7 +246,7 @@ module Containers { */ StringLiteral getTargetLabel() { result = this.getProperty("targetLabel") } - string toString() { result = "ContainerConfiguration" } + override string toString() { result = "ContainerConfiguration" } } /** @@ -270,7 +270,7 @@ module Containers { */ StringLiteral getValue() { result = this.getProperty("value") } - string toString() { result = "ContainerSecret" } + override string toString() { result = "ContainerSecret" } } /** @@ -333,7 +333,7 @@ module Containers { result = this.getProperty("containers").(Array).getElement(index) } - string toString() { result = "ContainerTemplate" } + override string toString() { result = "ContainerTemplate" } } /** @@ -384,7 +384,7 @@ module Containers { ) } - string toString() { result = "ContainerProperty" } + override string toString() { result = "ContainerProperty" } } /** @@ -415,7 +415,7 @@ module Containers { */ StringLiteral getMemory() { result = this.getProperty("memory") } - string toString() { result = "ContainerResourceProperties" } + override string toString() { result = "ContainerResourceProperties" } } /** @@ -444,7 +444,7 @@ module Containers { */ StringLiteral getValue() { result = this.getProperty("value") } - string toString() { result = "ContainerEnv" } + override string toString() { result = "ContainerEnv" } } class ContainerRegistry extends Object { @@ -476,7 +476,7 @@ module Containers { result = this.getProperty("password") } - string toString() { result = "ContainerRegistry" } + override string toString() { result = "ContainerRegistry" } } } } diff --git a/ql/lib/codeql/bicep/frameworks/Microsoft/Dashboards.qll b/ql/lib/codeql/bicep/frameworks/Microsoft/Dashboards.qll index 5518e19..acf2c20 100644 --- a/ql/lib/codeql/bicep/frameworks/Microsoft/Dashboards.qll +++ b/ql/lib/codeql/bicep/frameworks/Microsoft/Dashboards.qll @@ -15,9 +15,7 @@ module Dashboards { /** * Constructs a GrafanaResource for Microsoft.Dashboard/grafana resources. */ - GrafanaResource() { - this.getResourceType().regexpMatch("^Microsoft.Dashboard/grafana@.*") - } + GrafanaResource() { this.getResourceType().regexpMatch("^Microsoft.Dashboard/grafana@.*") } /** * Returns the identity property. @@ -99,163 +97,131 @@ module Dashboards { /** * Returns the autoGeneratedDomainNameLabelScope property. */ - StringLiteral getAutoGeneratedDomainNameLabelScope() { - result = this.getProperty("autoGeneratedDomainNameLabelScope") + StringLiteral getAutoGeneratedDomainNameLabelScope() { + result = this.getProperty("autoGeneratedDomainNameLabelScope") } /** * Returns the value of the autoGeneratedDomainNameLabelScope. */ - string autoGeneratedDomainNameLabelScope() { - result = this.getAutoGeneratedDomainNameLabelScope().getValue() + string autoGeneratedDomainNameLabelScope() { + result = this.getAutoGeneratedDomainNameLabelScope().getValue() } /** * Returns true if autoGeneratedDomainNameLabelScope is defined. */ - predicate hasAutoGeneratedDomainNameLabelScope() { - exists(this.getAutoGeneratedDomainNameLabelScope()) + predicate hasAutoGeneratedDomainNameLabelScope() { + exists(this.getAutoGeneratedDomainNameLabelScope()) } /** * Returns the deterministicOutboundIP property. */ - StringLiteral getDeterministicOutboundIP() { - result = this.getProperty("deterministicOutboundIP") + StringLiteral getDeterministicOutboundIP() { + result = this.getProperty("deterministicOutboundIP") } /** * Returns the value of the deterministicOutboundIP ('Enabled' or 'Disabled'). */ - string deterministicOutboundIP() { - result = this.getDeterministicOutboundIP().getValue() - } + string deterministicOutboundIP() { result = this.getDeterministicOutboundIP().getValue() } /** * Returns true if deterministicOutboundIP is defined. */ - predicate hasDeterministicOutboundIP() { - exists(this.getDeterministicOutboundIP()) - } + predicate hasDeterministicOutboundIP() { exists(this.getDeterministicOutboundIP()) } /** * Returns the enterpriseConfigurations property. */ - EnterpriseConfigurations getEnterpriseConfigurations() { - result = this.getProperty("enterpriseConfigurations") + EnterpriseConfigurations getEnterpriseConfigurations() { + result = this.getProperty("enterpriseConfigurations") } /** * Returns true if enterpriseConfigurations is defined. */ - predicate hasEnterpriseConfigurations() { - exists(this.getEnterpriseConfigurations()) - } + predicate hasEnterpriseConfigurations() { exists(this.getEnterpriseConfigurations()) } /** * Returns the grafanaConfigurations property. */ - GrafanaConfigurations getGrafanaConfigurations() { - result = this.getProperty("grafanaConfigurations") + GrafanaConfigurations getGrafanaConfigurations() { + result = this.getProperty("grafanaConfigurations") } /** * Returns true if grafanaConfigurations is defined. */ - predicate hasGrafanaConfigurations() { - exists(this.getGrafanaConfigurations()) - } + predicate hasGrafanaConfigurations() { exists(this.getGrafanaConfigurations()) } /** * Returns the grafanaIntegrations property. */ - GrafanaIntegrations getGrafanaIntegrations() { - result = this.getProperty("grafanaIntegrations") + GrafanaIntegrations getGrafanaIntegrations() { + result = this.getProperty("grafanaIntegrations") } /** * Returns true if grafanaIntegrations is defined. */ - predicate hasGrafanaIntegrations() { - exists(this.getGrafanaIntegrations()) - } + predicate hasGrafanaIntegrations() { exists(this.getGrafanaIntegrations()) } /** * Returns the grafanaMajorVersion property. */ - StringLiteral getGrafanaMajorVersion() { - result = this.getProperty("grafanaMajorVersion") - } + StringLiteral getGrafanaMajorVersion() { result = this.getProperty("grafanaMajorVersion") } /** * Returns the value of the grafanaMajorVersion. */ - string grafanaMajorVersion() { - result = this.getGrafanaMajorVersion().getValue() - } + string grafanaMajorVersion() { result = this.getGrafanaMajorVersion().getValue() } /** * Returns true if grafanaMajorVersion is defined. */ - predicate hasGrafanaMajorVersion() { - exists(this.getGrafanaMajorVersion()) - } + predicate hasGrafanaMajorVersion() { exists(this.getGrafanaMajorVersion()) } /** * Returns the grafanaPlugins property. */ - Object getGrafanaPlugins() { - result = this.getProperty("grafanaPlugins") - } + Object getGrafanaPlugins() { result = this.getProperty("grafanaPlugins") } /** * Returns true if grafanaPlugins is defined. */ - predicate hasGrafanaPlugins() { - exists(this.getGrafanaPlugins()) - } + predicate hasGrafanaPlugins() { exists(this.getGrafanaPlugins()) } /** * Returns the publicNetworkAccess property. */ - StringLiteral getPublicNetworkAccess() { - result = this.getProperty("publicNetworkAccess") - } + StringLiteral getPublicNetworkAccess() { result = this.getProperty("publicNetworkAccess") } /** * Returns the value of the publicNetworkAccess ('Enabled' or 'Disabled'). */ - string publicNetworkAccess() { - result = this.getPublicNetworkAccess().getValue() - } + string publicNetworkAccess() { result = this.getPublicNetworkAccess().getValue() } /** * Returns true if publicNetworkAccess is defined. */ - predicate hasPublicNetworkAccess() { - exists(this.getPublicNetworkAccess()) - } + predicate hasPublicNetworkAccess() { exists(this.getPublicNetworkAccess()) } /** * Returns the zoneRedundancy property. */ - StringLiteral getZoneRedundancy() { - result = this.getProperty("zoneRedundancy") - } + StringLiteral getZoneRedundancy() { result = this.getProperty("zoneRedundancy") } /** * Returns the value of the zoneRedundancy ('Enabled' or 'Disabled'). */ - string zoneRedundancy() { - result = this.getZoneRedundancy().getValue() - } + string zoneRedundancy() { result = this.getZoneRedundancy().getValue() } /** * Returns true if zoneRedundancy is defined. */ - predicate hasZoneRedundancy() { - exists(this.getZoneRedundancy()) - } + predicate hasZoneRedundancy() { exists(this.getZoneRedundancy()) } override string toString() { result = "GrafanaProperties" } } @@ -274,46 +240,34 @@ module Dashboards { /** * Returns the marketplaceAutoRenew property. */ - StringLiteral getMarketplaceAutoRenew() { - result = this.getProperty("marketplaceAutoRenew") - } + StringLiteral getMarketplaceAutoRenew() { result = this.getProperty("marketplaceAutoRenew") } /** * Returns the value of the marketplaceAutoRenew ('Enabled' or 'Disabled'). */ - string marketplaceAutoRenew() { - result = this.getMarketplaceAutoRenew().getValue() - } + string marketplaceAutoRenew() { result = this.getMarketplaceAutoRenew().getValue() } /** * Returns true if marketplaceAutoRenew is defined. */ - predicate hasMarketplaceAutoRenew() { - exists(this.getMarketplaceAutoRenew()) - } + predicate hasMarketplaceAutoRenew() { exists(this.getMarketplaceAutoRenew()) } /** * Returns the marketplacePlanId property. */ - StringLiteral getMarketplacePlanId() { - result = this.getProperty("marketplacePlanId") - } + StringLiteral getMarketplacePlanId() { result = this.getProperty("marketplacePlanId") } /** * Returns the value of the marketplacePlanId. */ - string marketplacePlanId() { - result = this.getMarketplacePlanId().getValue() - } + string marketplacePlanId() { result = this.getMarketplacePlanId().getValue() } /** * Returns true if marketplacePlanId is defined. */ - predicate hasMarketplacePlanId() { - exists(this.getMarketplacePlanId()) - } + predicate hasMarketplacePlanId() { exists(this.getMarketplacePlanId()) } - string toString() { result = "EnterpriseConfigurations" } + override string toString() { result = "EnterpriseConfigurations" } } /** @@ -330,74 +284,56 @@ module Dashboards { /** * Returns the security property. */ - Security getSecurity() { - result = this.getProperty("security") - } + Security getSecurity() { result = this.getProperty("security") } /** * Returns true if security is defined. */ - predicate hasSecurity() { - exists(this.getSecurity()) - } + predicate hasSecurity() { exists(this.getSecurity()) } /** * Returns the smtp property. */ - Smtp getSmtp() { - result = this.getProperty("smtp") - } + Smtp getSmtp() { result = this.getProperty("smtp") } /** * Returns true if smtp is defined. */ - predicate hasSmtp() { - exists(this.getSmtp()) - } + predicate hasSmtp() { exists(this.getSmtp()) } /** * Returns the snapshots property. */ - Snapshots getSnapshots() { - result = this.getProperty("snapshots") - } + Snapshots getSnapshots() { result = this.getProperty("snapshots") } /** * Returns true if snapshots is defined. */ - predicate hasSnapshots() { - exists(this.getSnapshots()) - } + predicate hasSnapshots() { exists(this.getSnapshots()) } /** * Returns the unifiedAlertingScreenshots property. */ - UnifiedAlertingScreenshots getUnifiedAlertingScreenshots() { - result = this.getProperty("unifiedAlertingScreenshots") + UnifiedAlertingScreenshots getUnifiedAlertingScreenshots() { + result = this.getProperty("unifiedAlertingScreenshots") } /** * Returns true if unifiedAlertingScreenshots is defined. */ - predicate hasUnifiedAlertingScreenshots() { - exists(this.getUnifiedAlertingScreenshots()) - } + predicate hasUnifiedAlertingScreenshots() { exists(this.getUnifiedAlertingScreenshots()) } /** * Returns the users property. */ - Users getUsers() { - result = this.getProperty("users") - } + Users getUsers() { result = this.getProperty("users") } /** * Returns true if users is defined. */ - predicate hasUsers() { - exists(this.getUsers()) - } + predicate hasUsers() { exists(this.getUsers()) } - string toString() { result = "GrafanaConfigurations" } + override string toString() { result = "GrafanaConfigurations" } } /** @@ -414,25 +350,19 @@ module Dashboards { /** * Returns the csrfAlwaysCheck property. */ - Boolean getCsrfAlwaysCheck() { - result = this.getProperty("csrfAlwaysCheck") - } + Boolean getCsrfAlwaysCheck() { result = this.getProperty("csrfAlwaysCheck") } /** * Returns the value of csrfAlwaysCheck as a boolean. */ - boolean csrfAlwaysCheck() { - result = this.getCsrfAlwaysCheck().getBool() - } + boolean csrfAlwaysCheck() { result = this.getCsrfAlwaysCheck().getBool() } /** * Returns true if csrfAlwaysCheck is defined. */ - predicate hasCsrfAlwaysCheck() { - exists(this.getCsrfAlwaysCheck()) - } + predicate hasCsrfAlwaysCheck() { exists(this.getCsrfAlwaysCheck()) } - string toString() { result = "Security" } + override string toString() { result = "Security" } } /** @@ -449,172 +379,124 @@ module Dashboards { /** * Returns the enabled property. */ - Boolean getEnabled() { - result = this.getProperty("enabled") - } + Boolean getEnabled() { result = this.getProperty("enabled") } /** * Returns the value of enabled as a boolean. */ - boolean enabled() { - result = this.getEnabled().getBool() - } + boolean enabled() { result = this.getEnabled().getBool() } /** * Returns true if enabled is defined. */ - predicate hasEnabled() { - exists(this.getEnabled()) - } + predicate hasEnabled() { exists(this.getEnabled()) } /** * Returns the fromAddress property. */ - StringLiteral getFromAddress() { - result = this.getProperty("fromAddress") - } + StringLiteral getFromAddress() { result = this.getProperty("fromAddress") } /** * Returns the value of fromAddress. */ - string fromAddress() { - result = this.getFromAddress().getValue() - } + string fromAddress() { result = this.getFromAddress().getValue() } /** * Returns true if fromAddress is defined. */ - predicate hasFromAddress() { - exists(this.getFromAddress()) - } + predicate hasFromAddress() { exists(this.getFromAddress()) } /** * Returns the fromName property. */ - StringLiteral getFromName() { - result = this.getProperty("fromName") - } + StringLiteral getFromName() { result = this.getProperty("fromName") } /** * Returns the value of fromName. */ - string fromName() { - result = this.getFromName().getValue() - } + string fromName() { result = this.getFromName().getValue() } /** * Returns true if fromName is defined. */ - predicate hasFromName() { - exists(this.getFromName()) - } + predicate hasFromName() { exists(this.getFromName()) } /** * Returns the host property. */ - StringLiteral getHost() { - result = this.getProperty("host") - } + StringLiteral getHost() { result = this.getProperty("host") } /** * Returns the value of host. */ - string host() { - result = this.getHost().getValue() - } + string host() { result = this.getHost().getValue() } /** * Returns true if host is defined. */ - predicate hasHost() { - exists(this.getHost()) - } + predicate hasHost() { exists(this.getHost()) } /** * Returns the password property. */ - StringLiteral getPassword() { - result = this.getProperty("password") - } + StringLiteral getPassword() { result = this.getProperty("password") } /** * Returns the value of password. */ - string password() { - result = this.getPassword().getValue() - } + string password() { result = this.getPassword().getValue() } /** * Returns true if password is defined. */ - predicate hasPassword() { - exists(this.getPassword()) - } + predicate hasPassword() { exists(this.getPassword()) } /** * Returns the skipVerify property. */ - Boolean getSkipVerify() { - result = this.getProperty("skipVerify") - } + Boolean getSkipVerify() { result = this.getProperty("skipVerify") } /** * Returns the value of skipVerify as a boolean. */ - boolean skipVerify() { - result = this.getSkipVerify().getBool() - } + boolean skipVerify() { result = this.getSkipVerify().getBool() } /** * Returns true if skipVerify is defined. */ - predicate hasSkipVerify() { - exists(this.getSkipVerify()) - } + predicate hasSkipVerify() { exists(this.getSkipVerify()) } /** * Returns the startTLSPolicy property. */ - StringLiteral getStartTLSPolicy() { - result = this.getProperty("startTLSPolicy") - } + StringLiteral getStartTLSPolicy() { result = this.getProperty("startTLSPolicy") } /** * Returns the value of startTLSPolicy. */ - string startTLSPolicy() { - result = this.getStartTLSPolicy().getValue() - } + string startTLSPolicy() { result = this.getStartTLSPolicy().getValue() } /** * Returns true if startTLSPolicy is defined. */ - predicate hasStartTLSPolicy() { - exists(this.getStartTLSPolicy()) - } + predicate hasStartTLSPolicy() { exists(this.getStartTLSPolicy()) } /** * Returns the user property. */ - StringLiteral getUser() { - result = this.getProperty("user") - } + StringLiteral getUser() { result = this.getProperty("user") } /** * Returns the value of user. */ - string user() { - result = this.getUser().getValue() - } + string user() { result = this.getUser().getValue() } /** * Returns true if user is defined. */ - predicate hasUser() { - exists(this.getUser()) - } + predicate hasUser() { exists(this.getUser()) } - string toString() { result = "Smtp" } + override string toString() { result = "Smtp" } } /** @@ -631,25 +513,19 @@ module Dashboards { /** * Returns the externalEnabled property. */ - Boolean getExternalEnabled() { - result = this.getProperty("externalEnabled") - } + Boolean getExternalEnabled() { result = this.getProperty("externalEnabled") } /** * Returns the value of externalEnabled as a boolean. */ - boolean externalEnabled() { - result = this.getExternalEnabled().getBool() - } + boolean externalEnabled() { result = this.getExternalEnabled().getBool() } /** * Returns true if externalEnabled is defined. */ - predicate hasExternalEnabled() { - exists(this.getExternalEnabled()) - } + predicate hasExternalEnabled() { exists(this.getExternalEnabled()) } - string toString() { result = "Snapshots" } + override string toString() { result = "Snapshots" } } /** @@ -661,30 +537,26 @@ module Dashboards { /** * Constructs a UnifiedAlertingScreenshots object. */ - UnifiedAlertingScreenshots() { this = grafanaConfigurations.getProperty("unifiedAlertingScreenshots") } + UnifiedAlertingScreenshots() { + this = grafanaConfigurations.getProperty("unifiedAlertingScreenshots") + } /** * Returns the captureEnabled property. */ - Boolean getCaptureEnabled() { - result = this.getProperty("captureEnabled") - } + Boolean getCaptureEnabled() { result = this.getProperty("captureEnabled") } /** * Returns the value of captureEnabled as a boolean. */ - boolean captureEnabled() { - result = this.getCaptureEnabled().getBool() - } + boolean captureEnabled() { result = this.getCaptureEnabled().getBool() } /** * Returns true if captureEnabled is defined. */ - predicate hasCaptureEnabled() { - exists(this.getCaptureEnabled()) - } + predicate hasCaptureEnabled() { exists(this.getCaptureEnabled()) } - string toString() { result = "UnifiedAlertingScreenshots" } + override string toString() { result = "UnifiedAlertingScreenshots" } } /** @@ -701,46 +573,34 @@ module Dashboards { /** * Returns the editorsCanAdmin property. */ - Boolean getEditorsCanAdmin() { - result = this.getProperty("editorsCanAdmin") - } + Boolean getEditorsCanAdmin() { result = this.getProperty("editorsCanAdmin") } /** * Returns the value of editorsCanAdmin as a boolean. */ - boolean editorsCanAdmin() { - result = this.getEditorsCanAdmin().getBool() - } + boolean editorsCanAdmin() { result = this.getEditorsCanAdmin().getBool() } /** * Returns true if editorsCanAdmin is defined. */ - predicate hasEditorsCanAdmin() { - exists(this.getEditorsCanAdmin()) - } + predicate hasEditorsCanAdmin() { exists(this.getEditorsCanAdmin()) } /** * Returns the viewersCanEdit property. */ - Boolean getViewersCanEdit() { - result = this.getProperty("viewersCanEdit") - } + Boolean getViewersCanEdit() { result = this.getProperty("viewersCanEdit") } /** * Returns the value of viewersCanEdit as a boolean. */ - boolean viewersCanEdit() { - result = this.getViewersCanEdit().getBool() - } + boolean viewersCanEdit() { result = this.getViewersCanEdit().getBool() } /** * Returns true if viewersCanEdit is defined. */ - predicate hasViewersCanEdit() { - exists(this.getViewersCanEdit()) - } + predicate hasViewersCanEdit() { exists(this.getViewersCanEdit()) } - string toString() { result = "Users" } + override string toString() { result = "Users" } } /** @@ -757,25 +617,25 @@ module Dashboards { /** * Returns the azureMonitorWorkspaceIntegrations property. */ - Array getAzureMonitorWorkspaceIntegrations() { - result = this.getProperty("azureMonitorWorkspaceIntegrations") + Array getAzureMonitorWorkspaceIntegrations() { + result = this.getProperty("azureMonitorWorkspaceIntegrations") } /** * Returns a specific AzureMonitorWorkspaceIntegration by index. */ - AzureMonitorWorkspaceIntegration getAzureMonitorWorkspaceIntegration(int index) { - result = this.getAzureMonitorWorkspaceIntegrations().getElement(index) + AzureMonitorWorkspaceIntegration getAzureMonitorWorkspaceIntegration(int index) { + result = this.getAzureMonitorWorkspaceIntegrations().getElement(index) } /** * Returns true if azureMonitorWorkspaceIntegrations is defined. */ - predicate hasAzureMonitorWorkspaceIntegrations() { - exists(this.getAzureMonitorWorkspaceIntegrations()) + predicate hasAzureMonitorWorkspaceIntegrations() { + exists(this.getAzureMonitorWorkspaceIntegrations()) } - string toString() { result = "GrafanaIntegrations" } + override string toString() { result = "GrafanaIntegrations" } } /** @@ -787,32 +647,32 @@ module Dashboards { /** * Constructs an AzureMonitorWorkspaceIntegration object. */ - AzureMonitorWorkspaceIntegration() { - this = grafanaIntegrations.getAzureMonitorWorkspaceIntegrations().getElements() + AzureMonitorWorkspaceIntegration() { + this = grafanaIntegrations.getAzureMonitorWorkspaceIntegrations().getElements() } /** * Returns the azureMonitorWorkspaceResourceId property. */ - StringLiteral getAzureMonitorWorkspaceResourceId() { - result = this.getProperty("azureMonitorWorkspaceResourceId") + StringLiteral getAzureMonitorWorkspaceResourceId() { + result = this.getProperty("azureMonitorWorkspaceResourceId") } /** * Returns the value of azureMonitorWorkspaceResourceId. */ - string azureMonitorWorkspaceResourceId() { - result = this.getAzureMonitorWorkspaceResourceId().getValue() + string azureMonitorWorkspaceResourceId() { + result = this.getAzureMonitorWorkspaceResourceId().getValue() } /** * Returns true if azureMonitorWorkspaceResourceId is defined. */ - predicate hasAzureMonitorWorkspaceResourceId() { - exists(this.getAzureMonitorWorkspaceResourceId()) + predicate hasAzureMonitorWorkspaceResourceId() { + exists(this.getAzureMonitorWorkspaceResourceId()) } - string toString() { result = "AzureMonitorWorkspaceIntegration" } + override string toString() { result = "AzureMonitorWorkspaceIntegration" } } } } diff --git a/ql/lib/codeql/bicep/frameworks/Microsoft/Databases.qll b/ql/lib/codeql/bicep/frameworks/Microsoft/Databases.qll index 180cc95..901fdfa 100644 --- a/ql/lib/codeql/bicep/frameworks/Microsoft/Databases.qll +++ b/ql/lib/codeql/bicep/frameworks/Microsoft/Databases.qll @@ -25,16 +25,12 @@ module Databases { /** * Returns the version property as a StringLiteral, if present. */ - StringLiteral getVersion() { - result = this.getProperties().getProperty("version") - } + StringLiteral getVersion() { result = this.getProperties().getProperty("version") } /** * Returns the version property of the database resource, if present. */ - string version() { - result = this.getVersion().getValue() - } + string version() { result = this.getVersion().getValue() } /** * Returns the publicNetworkAccess property as a StringLiteral, if present. @@ -46,9 +42,7 @@ module Databases { /** * Returns the value of the publicNetworkAccess property, if present. */ - string publicNetworkAccess() { - result = this.getPublicNetworkAccess().getValue() - } + string publicNetworkAccess() { result = this.getPublicNetworkAccess().getValue() } /** * Returns the sslEnforcement property as a StringLiteral, if present. @@ -60,15 +54,14 @@ module Databases { /** * Returns the sslEnforcement property of the database resource, if present. */ - string sslEnforcement() { - result = this.getSslEnforcement().getValue() - } + string sslEnforcement() { result = this.getSslEnforcement().getValue() } /** * Returns the infrastructureEncryption property of the database resource, if present. */ string infrastructureEncryption() { - result = this.getProperties().getProperty("infrastructureEncryption").(StringLiteral).getValue() + result = + this.getProperties().getProperty("infrastructureEncryption").(StringLiteral).getValue() } /** @@ -81,9 +74,7 @@ module Databases { /** * Returns the minimalTlsVersion property of the database resource, if present. */ - string minimalTlsVersion() { - result = this.getMinimalTlsVersion().getValue() - } + string minimalTlsVersion() { result = this.getMinimalTlsVersion().getValue() } /** * Returns the storage profile for the database resource, if present. @@ -265,7 +256,8 @@ module Databases { /** * Represents a database resource with a weak TLS version configuration. */ - private class WeakDatabaseTlsVersion extends Cryptography::WeakTlsVersion instanceof DatabaseResource { + private class WeakDatabaseTlsVersion extends Cryptography::WeakTlsVersion instanceof DatabaseResource + { /** * Returns the minimalTlsVersion property as a StringLiteral for weak TLS version detection. */ @@ -291,9 +283,7 @@ module Databases { */ Resource getResource() { result = resource } - override string toString() { - result = "DatabaseProperties[" + resource.databaseType() + "]" - } + override string toString() { result = "DatabaseProperties[" + resource.databaseType() + "]" } } /** @@ -310,7 +300,7 @@ module Databases { /** * Returns a string representation of the backup object. */ - string toString() { result = "Backup" } + override string toString() { result = "Backup" } /** * Returns the geoRedundantBackup property of the backup object. @@ -334,7 +324,7 @@ module Databases { /** * Returns a string representation of the backup policy object. */ - string toString() { result = "BackupPolicy" } + override string toString() { result = "BackupPolicy" } /** * Returns the type of the backup policy. @@ -366,21 +356,17 @@ module Databases { /** * Returns a string representation of the storage profile object. */ - string toString() { result = "StorageProfile" } + override string toString() { result = "StorageProfile" } /** * Returns the storageMB property of the storage profile. */ - int storageMB() { - result = this.getProperty("storageMB").(Number).getValue() - } + int storageMB() { result = this.getProperty("storageMB").(Number).getValue() } /** * Returns the autoGrow property of the storage profile. */ - string autoGrow() { - result = this.getProperty("autoGrow").(StringLiteral).getValue() - } + string autoGrow() { result = this.getProperty("autoGrow").(StringLiteral).getValue() } } } } diff --git a/ql/lib/codeql/bicep/frameworks/Microsoft/General.qll b/ql/lib/codeql/bicep/frameworks/Microsoft/General.qll index 1bbc080..c4caa55 100644 --- a/ql/lib/codeql/bicep/frameworks/Microsoft/General.qll +++ b/ql/lib/codeql/bicep/frameworks/Microsoft/General.qll @@ -9,6 +9,7 @@ * - Sku: Represents the SKU of a resource, with access to name and tier. * - Tags: Represents the tags of a resource, with access to tag values by key. */ + private import bicep /** @@ -18,18 +19,21 @@ private import bicep abstract class AzureResource extends Resource { /** * Gets the location of the resource as a string value. + * * @return The Azure region/location of the resource (e.g., "eastus"). */ string resourceLocation() { result = this.getProperty("location").(StringLiteral).getValue() } /** * Gets the SKU object for the resource. + * * @return The SKU object representing the resource's SKU. */ Sku getSku() { result = this.getProperty("sku") } /** * Gets the Tags object for the resource. + * * @return The Tags object representing the resource's tags. */ Tags getTags() { result = this.getProperty("tags") } @@ -43,7 +47,7 @@ abstract class ResourceProperties extends Object { /** * Returns a string representation of the resource properties object. */ - string toString() { result = "ResourceProperties" } + override string toString() { result = "ResourceProperties" } } /** @@ -60,29 +64,33 @@ class Sku extends Object { /** * Gets the SKU name as a StringLiteral. + * * @return The SKU name property as a StringLiteral. */ StringLiteral getName() { result = this.getProperty("name") } /** * Returns the SKU name (e.g., Basic, Standard, Premium). + * * @return The SKU name as a string. */ string name() { result = this.getName().getValue() } /** * Gets the SKU tier as a StringLiteral. + * * @return The SKU tier property as a StringLiteral. */ StringLiteral getTier() { result = this.getProperty("tier") } /** * Returns the SKU tier (e.g., Basic, Standard, Premium). + * * @return The SKU tier as a string. */ string tier() { result = this.getTier().getValue() } - string toString() { result = "SKU" } + override string toString() { result = "SKU" } } /** @@ -99,10 +107,11 @@ class Tags extends Object { /** * Gets the value of a tag by its key. + * * @param key The tag key to look up. * @return The value of the tag as a Literals object, or undefined if not present. */ Literals getTag(string key) { result = this.getProperty(key) } - string toString() { result = "Tags" } + override string toString() { result = "Tags" } } diff --git a/ql/lib/codeql/bicep/frameworks/Microsoft/KeyVault.qll b/ql/lib/codeql/bicep/frameworks/Microsoft/KeyVault.qll index a734581..7c6cec3 100644 --- a/ql/lib/codeql/bicep/frameworks/Microsoft/KeyVault.qll +++ b/ql/lib/codeql/bicep/frameworks/Microsoft/KeyVault.qll @@ -33,9 +33,7 @@ module KeyVault { /** * Gets the network ACLs for the Key Vault resource. */ - Network::NetworkAcl getNetworkAcls() { - result = this.getProperties().getNetworkAcls() - } + Network::NetworkAcl getNetworkAcls() { result = this.getProperties().getNetworkAcls() } override string toString() { result = "Key Vault Resource" } } @@ -172,9 +170,7 @@ module KeyVault { /** * Gets the network ACLs for the Key Vault. */ - Network::NetworkAcl getNetworkAcls() { - result = this.getProperty("networkAcls") - } + Network::NetworkAcl getNetworkAcls() { result = this.getProperty("networkAcls") } /** * Gets all access policies for the Key Vault. @@ -190,9 +186,7 @@ module KeyVault { result = this.getProperty("accessPolicies").(Array).getElement(index) } - override string toString() { - result = "Key Vault Properties" - } + override string toString() { result = "Key Vault Properties" } } /** @@ -219,7 +213,7 @@ module KeyVault { /** * Returns a string representation of the access policy. */ - string toString() { result = "AccessPolicy" } + override string toString() { result = "AccessPolicy" } } /** @@ -276,7 +270,7 @@ module KeyVault { /** * Returns a string representation of the access policy permissions. */ - string toString() { result = "AccessPolicyPermissions" } + override string toString() { result = "AccessPolicyPermissions" } } } } diff --git a/ql/lib/codeql/bicep/frameworks/Microsoft/Network.qll b/ql/lib/codeql/bicep/frameworks/Microsoft/Network.qll index a4c8d6f..fd2eb59 100644 --- a/ql/lib/codeql/bicep/frameworks/Microsoft/Network.qll +++ b/ql/lib/codeql/bicep/frameworks/Microsoft/Network.qll @@ -134,7 +134,7 @@ module Network { IpRule getIpRules() { result = this.getProperty("ipRules").(Array).getElements() } - string toString() { result = "Network ACL" } + override string toString() { result = "Network ACL" } } class IpRule extends Object { @@ -146,7 +146,7 @@ module Network { StringLiteral getValue() { result = this.getProperty("value") } - string toString() { result = "IP Rule" } + override string toString() { result = "IP Rule" } } /** @@ -206,7 +206,7 @@ module Network { */ boolean allowInsecure() { result = this.getAllowInsecure().getBool() } - string toString() { result = "NetworkIngress" } + override string toString() { result = "NetworkIngress" } } /** @@ -224,9 +224,7 @@ module Network { /** * Returns the 'allowCredentials' property as a Boolean. */ - Boolean getAllowCredentials() { - result = this.getProperty("allowCredentials") - } + Boolean getAllowCredentials() { result = this.getProperty("allowCredentials") } /** * Returns the 'allowCredentials' property as a boolean. @@ -236,37 +234,29 @@ module Network { /** * Returns the 'allowedOrigins' property as an array of StringLiterals. */ - Array getAllowedOrigins() { - result = this.getProperty("allowedOrigins") - } + Array getAllowedOrigins() { result = this.getProperty("allowedOrigins") } /** * Returns the 'allowedMethods' property as an array of StringLiterals. */ - Array getAllowedMethods() { - result = this.getProperty("allowedMethods") - } + Array getAllowedMethods() { result = this.getProperty("allowedMethods") } /** * Returns the 'allowedHeaders' property as an array of StringLiterals. */ - Array getAllowedHeaders() { - result = this.getProperty("allowedHeaders") - } + Array getAllowedHeaders() { result = this.getProperty("allowedHeaders") } /** * Returns the 'exposedHeaders' property as an array of StringLiterals. */ - Array getExposedHeaders() { - result = this.getProperty("exposedHeaders") - } + Array getExposedHeaders() { result = this.getProperty("exposedHeaders") } /** * Returns the 'maxAge' property as a Number. */ Number getMaxAge() { result = this.getProperty("maxAge") } - string toString() { result = "CorsPolicy" } + override string toString() { result = "CorsPolicy" } } module VirtualNetworkProperties { @@ -342,6 +332,6 @@ module Network { string networkPolicy() { result = this.getNetworkPolicy().getValue() } - string toString() { result = "NetworkProfile" } + override string toString() { result = "NetworkProfile" } } } diff --git a/ql/lib/codeql/bicep/frameworks/Microsoft/Profiles.qll b/ql/lib/codeql/bicep/frameworks/Microsoft/Profiles.qll index d4cc3ba..4903ece 100644 --- a/ql/lib/codeql/bicep/frameworks/Microsoft/Profiles.qll +++ b/ql/lib/codeql/bicep/frameworks/Microsoft/Profiles.qll @@ -45,7 +45,7 @@ module OsProfiles { SshConfig getSshConfig() { result = this.getProperty("ssh") } - string toString() { result = "OsProfile[" + profileType + "]" } + override string toString() { result = "OsProfile[" + profileType + "]" } } /** @@ -108,7 +108,7 @@ module OsProfiles { /** * Returns a string representation of the SSH configuration. */ - string toString() { result = "SshConfig" } + override string toString() { result = "SshConfig" } } class SshPublicKey extends Object { @@ -127,7 +127,7 @@ module OsProfiles { /** * Returns a string representation of the SSH public key. */ - string toString() { result = "SshConfigPublicKey" } + override string toString() { result = "SshConfigPublicKey" } } } @@ -196,7 +196,7 @@ module NetworkingProfiles { /** * Returns a string representation of the network profile. */ - string toString() { result = "NetworkProfile" } + override string toString() { result = "NetworkProfile" } } } @@ -237,7 +237,7 @@ module StorageProfiles { */ Expr getSnapshotController() { result = this.getProperty("snapshotController") } - string toString() { result = "StorageProfile" } + override string toString() { result = "StorageProfile" } } /** @@ -311,6 +311,6 @@ module SecurityProfiles { */ Expr getWorkloadIdentity() { result = this.getProperty("workloadIdentity") } - string toString() { result = "SecurityProfile" } + override string toString() { result = "SecurityProfile" } } } diff --git a/ql/lib/codeql/bicep/frameworks/Microsoft/Storage.qll b/ql/lib/codeql/bicep/frameworks/Microsoft/Storage.qll index 783b35e..d34a705 100644 --- a/ql/lib/codeql/bicep/frameworks/Microsoft/Storage.qll +++ b/ql/lib/codeql/bicep/frameworks/Microsoft/Storage.qll @@ -326,7 +326,7 @@ module Storage { /** * Converts the disk reference object to a string representation. */ - string toString() { result = "DiskRef" } + override string toString() { result = "DiskRef" } } } @@ -369,7 +369,7 @@ module Storage { */ Services getServices() { result = this.getProperty("services") } - string toString() { result = "EncryptionSettings" } + override string toString() { result = "EncryptionSettings" } } /** @@ -431,7 +431,7 @@ module Storage { /** * Gets the file service encryption settings. */ - ServiceEncryption getFile() { result = this.getProperty("file") } + ServiceEncryption getFileProperty() { result = this.getProperty("file") } /** * Gets the queue service encryption settings. diff --git a/ql/lib/codeql/bicep/frameworks/Microsoft/Web.qll b/ql/lib/codeql/bicep/frameworks/Microsoft/Web.qll index 48d835b..fde84c1 100644 --- a/ql/lib/codeql/bicep/frameworks/Microsoft/Web.qll +++ b/ql/lib/codeql/bicep/frameworks/Microsoft/Web.qll @@ -364,7 +364,7 @@ module Web { */ String getType() { result = this.getProperty("type") } - string toString() { result = "ExtendedLocation" } + override string toString() { result = "ExtendedLocation" } } /** @@ -398,7 +398,7 @@ module Web { */ String getName() { result = this.getProperty("name") } - string toString() { result = "HostingEnvironmentProfile" } + override string toString() { result = "HostingEnvironmentProfile" } } /** @@ -412,7 +412,7 @@ module Web { */ ApplicationStack() { this = parent.getProperty("applicationStack") } - string toString() { result = "ApplicationStack" } + override string toString() { result = "ApplicationStack" } } /** @@ -426,7 +426,7 @@ module Web { */ AppSettings() { this = parent.getProperty("appSettings") } - string toString() { result = "AppSettings" } + override string toString() { result = "AppSettings" } } /** @@ -440,7 +440,7 @@ module Web { */ UserAssignedIdentities() { this = parent.getProperty("userAssignedIdentities") } - string toString() { result = "UserAssignedIdentities" } + override string toString() { result = "UserAssignedIdentities" } } /** @@ -459,7 +459,7 @@ module Web { */ String getName() { result = this.getProperty("name") } - string toString() { result = "RepositoryBranch" } + override string toString() { result = "RepositoryBranch" } } /** @@ -484,7 +484,7 @@ module Web { */ String getThumbprint() { result = this.getProperty("thumbprint") } - string toString() { result = "HttpsCertificate" } + override string toString() { result = "HttpsCertificate" } } /** @@ -834,7 +834,7 @@ module Web { */ String getHealthCheckPath() { result = this.getProperty("healthCheckPath") } - string toString() { result = "SiteConfig" } + override string toString() { result = "SiteConfig" } } /** @@ -868,7 +868,7 @@ module Web { ) } - string toString() { result = "CorsSettings" } + override string toString() { result = "CorsSettings" } } /** @@ -934,7 +934,7 @@ module Web { result = this.getProperty("userAssignedIdentities") } - string toString() { result = "SiteIdentity" } + override string toString() { result = "SiteIdentity" } } } @@ -1085,7 +1085,7 @@ module Web { */ string subnetId() { result = this.getSubnetId().getValue() } - string toString() { result = "VnetConfiguration" } + override string toString() { result = "VnetConfiguration" } } } diff --git a/ql/test/library-tests/ast/AST.expected b/ql/test/library-tests/ast/AST.expected deleted file mode 100644 index 0f9c4b0..0000000 --- a/ql/test/library-tests/ast/AST.expected +++ /dev/null @@ -1,1209 +0,0 @@ -ast -| conditions.bicep:1:1:1:39 | ParameterDeclaration | -| conditions.bicep:1:1:1:39 | ParameterDeclaration | -| conditions.bicep:1:1:1:39 | ParameterDeclaration | -| conditions.bicep:1:1:12:2 | Infrastructure | -| conditions.bicep:1:7:1:26 | enableStorageAccount | -| conditions.bicep:1:7:1:26 | enableStorageAccount | -| conditions.bicep:1:7:1:26 | enableStorageAccount | -| conditions.bicep:1:28:1:31 | Type | -| conditions.bicep:1:28:1:31 | bool | -| conditions.bicep:1:35:1:39 | false | -| conditions.bicep:1:35:1:39 | false | -| conditions.bicep:1:35:1:39 | false | -| conditions.bicep:2:1:2:54 | ParameterDeclaration | -| conditions.bicep:2:1:2:54 | ParameterDeclaration | -| conditions.bicep:2:1:2:54 | ParameterDeclaration | -| conditions.bicep:2:7:2:24 | storageAccountName | -| conditions.bicep:2:7:2:24 | storageAccountName | -| conditions.bicep:2:7:2:24 | storageAccountName | -| conditions.bicep:2:26:2:31 | Type | -| conditions.bicep:2:26:2:31 | string | -| conditions.bicep:2:35:2:54 | String | -| conditions.bicep:2:35:2:54 | String | -| conditions.bicep:2:35:2:54 | String | -| conditions.bicep:2:36:2:53 | examplestorageacct | -| conditions.bicep:4:1:12:1 | ResourceDeclaration | -| conditions.bicep:4:1:12:1 | ResourceDeclaration | -| conditions.bicep:4:1:12:1 | ResourceDeclaration | -| conditions.bicep:4:10:4:23 | storageAccount | -| conditions.bicep:4:10:4:23 | storageAccount | -| conditions.bicep:4:10:4:23 | storageAccount | -| conditions.bicep:4:25:4:70 | String | -| conditions.bicep:4:25:4:70 | String | -| conditions.bicep:4:25:4:70 | String | -| conditions.bicep:4:26:4:69 | Microsoft.Storage/storageAccounts@2022-09-01 | -| conditions.bicep:4:74:12:1 | IfStatement | -| conditions.bicep:4:77:4:98 | ParenthesizedExpression | -| conditions.bicep:4:77:4:98 | ParenthesizedExpression | -| conditions.bicep:4:77:4:98 | ParenthesizedExpression | -| conditions.bicep:4:78:4:97 | enableStorageAccount | -| conditions.bicep:4:78:4:97 | enableStorageAccount | -| conditions.bicep:4:78:4:97 | enableStorageAccount | -| conditions.bicep:4:100:12:1 | Object | -| conditions.bicep:4:100:12:1 | Object | -| conditions.bicep:4:100:12:1 | Object | -| conditions.bicep:5:3:5:6 | name | -| conditions.bicep:5:3:5:6 | name | -| conditions.bicep:5:3:5:6 | name | -| conditions.bicep:5:3:5:26 | ObjectProperty | -| conditions.bicep:5:9:5:26 | storageAccountName | -| conditions.bicep:5:9:5:26 | storageAccountName | -| conditions.bicep:5:9:5:26 | storageAccountName | -| conditions.bicep:6:3:6:10 | location | -| conditions.bicep:6:3:6:10 | location | -| conditions.bicep:6:3:6:10 | location | -| conditions.bicep:6:3:6:36 | ObjectProperty | -| conditions.bicep:6:13:6:25 | resourceGroup | -| conditions.bicep:6:13:6:25 | resourceGroup | -| conditions.bicep:6:13:6:25 | resourceGroup | -| conditions.bicep:6:13:6:27 | CallExpression | -| conditions.bicep:6:13:6:27 | CallExpression | -| conditions.bicep:6:13:6:27 | CallExpression | -| conditions.bicep:6:13:6:36 | MemberExpression | -| conditions.bicep:6:13:6:36 | MemberExpression | -| conditions.bicep:6:13:6:36 | MemberExpression | -| conditions.bicep:6:26:6:27 | Arguments | -| conditions.bicep:6:29:6:36 | location | -| conditions.bicep:7:3:7:5 | sku | -| conditions.bicep:7:3:7:5 | sku | -| conditions.bicep:7:3:7:5 | sku | -| conditions.bicep:7:3:9:3 | ObjectProperty | -| conditions.bicep:7:8:9:3 | Object | -| conditions.bicep:7:8:9:3 | Object | -| conditions.bicep:7:8:9:3 | Object | -| conditions.bicep:8:5:8:8 | name | -| conditions.bicep:8:5:8:8 | name | -| conditions.bicep:8:5:8:8 | name | -| conditions.bicep:8:5:8:24 | ObjectProperty | -| conditions.bicep:8:11:8:24 | String | -| conditions.bicep:8:11:8:24 | String | -| conditions.bicep:8:11:8:24 | String | -| conditions.bicep:8:12:8:23 | Standard_LRS | -| conditions.bicep:10:3:10:6 | kind | -| conditions.bicep:10:3:10:6 | kind | -| conditions.bicep:10:3:10:6 | kind | -| conditions.bicep:10:3:10:19 | ObjectProperty | -| conditions.bicep:10:9:10:19 | String | -| conditions.bicep:10:9:10:19 | String | -| conditions.bicep:10:9:10:19 | String | -| conditions.bicep:10:10:10:18 | StorageV2 | -| conditions.bicep:11:3:11:12 | properties | -| conditions.bicep:11:3:11:12 | properties | -| conditions.bicep:11:3:11:12 | properties | -| conditions.bicep:11:3:11:16 | ObjectProperty | -| conditions.bicep:11:15:11:16 | Object | -| conditions.bicep:11:15:11:16 | Object | -| conditions.bicep:11:15:11:16 | Object | -| data.bicep:1:1:1:10 | Comment | -| data.bicep:1:1:62:4 | Infrastructure | -| data.bicep:2:1:6:1 | VariableDeclaration | -| data.bicep:2:1:6:1 | VariableDeclaration | -| data.bicep:2:1:6:1 | VariableDeclaration | -| data.bicep:2:5:2:18 | multiLineArray | -| data.bicep:2:5:2:18 | multiLineArray | -| data.bicep:2:5:2:18 | multiLineArray | -| data.bicep:2:22:6:1 | Array | -| data.bicep:2:22:6:1 | Array | -| data.bicep:2:22:6:1 | Array | -| data.bicep:3:3:3:7 | String | -| data.bicep:3:3:3:7 | String | -| data.bicep:3:3:3:7 | String | -| data.bicep:3:4:3:6 | abc | -| data.bicep:4:3:4:7 | String | -| data.bicep:4:3:4:7 | String | -| data.bicep:4:3:4:7 | String | -| data.bicep:4:4:4:6 | def | -| data.bicep:5:3:5:7 | String | -| data.bicep:5:3:5:7 | String | -| data.bicep:5:3:5:7 | String | -| data.bicep:5:4:5:6 | ghi | -| data.bicep:8:1:8:43 | VariableDeclaration | -| data.bicep:8:1:8:43 | VariableDeclaration | -| data.bicep:8:1:8:43 | VariableDeclaration | -| data.bicep:8:5:8:19 | singleLineArray | -| data.bicep:8:5:8:19 | singleLineArray | -| data.bicep:8:5:8:19 | singleLineArray | -| data.bicep:8:23:8:43 | Array | -| data.bicep:8:23:8:43 | Array | -| data.bicep:8:23:8:43 | Array | -| data.bicep:8:24:8:28 | String | -| data.bicep:8:24:8:28 | String | -| data.bicep:8:24:8:28 | String | -| data.bicep:8:25:8:27 | abc | -| data.bicep:8:31:8:35 | String | -| data.bicep:8:31:8:35 | String | -| data.bicep:8:31:8:35 | String | -| data.bicep:8:32:8:34 | def | -| data.bicep:8:38:8:42 | String | -| data.bicep:8:38:8:42 | String | -| data.bicep:8:38:8:42 | String | -| data.bicep:8:39:8:41 | ghi | -| data.bicep:10:1:11:10 | VariableDeclaration | -| data.bicep:10:1:11:10 | VariableDeclaration | -| data.bicep:10:1:11:10 | VariableDeclaration | -| data.bicep:10:5:10:14 | mixedArray | -| data.bicep:10:5:10:14 | mixedArray | -| data.bicep:10:5:10:14 | mixedArray | -| data.bicep:10:18:11:10 | Array | -| data.bicep:10:18:11:10 | Array | -| data.bicep:10:18:11:10 | Array | -| data.bicep:10:19:10:23 | String | -| data.bicep:10:19:10:23 | String | -| data.bicep:10:19:10:23 | String | -| data.bicep:10:20:10:22 | abc | -| data.bicep:10:26:10:30 | String | -| data.bicep:10:26:10:30 | String | -| data.bicep:10:26:10:30 | String | -| data.bicep:10:27:10:29 | def | -| data.bicep:11:5:11:9 | String | -| data.bicep:11:5:11:9 | String | -| data.bicep:11:5:11:9 | String | -| data.bicep:11:6:11:8 | ghi | -| data.bicep:13:1:13:28 | VariableDeclaration | -| data.bicep:13:1:13:28 | VariableDeclaration | -| data.bicep:13:1:13:28 | VariableDeclaration | -| data.bicep:13:5:13:16 | exampleArray | -| data.bicep:13:5:13:16 | exampleArray | -| data.bicep:13:5:13:16 | exampleArray | -| data.bicep:13:20:13:28 | Array | -| data.bicep:13:20:13:28 | Array | -| data.bicep:13:20:13:28 | Array | -| data.bicep:13:21:13:21 | 1 | -| data.bicep:13:21:13:21 | 1 | -| data.bicep:13:21:13:21 | 1 | -| data.bicep:13:24:13:24 | 2 | -| data.bicep:13:24:13:24 | 2 | -| data.bicep:13:24:13:24 | 2 | -| data.bicep:13:27:13:27 | 3 | -| data.bicep:13:27:13:27 | 3 | -| data.bicep:13:27:13:27 | 3 | -| data.bicep:14:1:14:41 | OutputDeclaration | -| data.bicep:14:1:14:41 | OutputDeclaration | -| data.bicep:14:1:14:41 | OutputDeclaration | -| data.bicep:14:8:14:19 | firstElement | -| data.bicep:14:8:14:19 | firstElement | -| data.bicep:14:8:14:19 | firstElement | -| data.bicep:14:21:14:23 | Type | -| data.bicep:14:21:14:23 | int | -| data.bicep:14:27:14:38 | exampleArray | -| data.bicep:14:27:14:38 | exampleArray | -| data.bicep:14:27:14:38 | exampleArray | -| data.bicep:14:27:14:41 | SubscriptExpression | -| data.bicep:14:27:14:41 | SubscriptExpression | -| data.bicep:14:27:14:41 | SubscriptExpression | -| data.bicep:14:40:14:40 | 0 | -| data.bicep:14:40:14:40 | 0 | -| data.bicep:14:40:14:40 | 0 | -| data.bicep:14:43:14:46 | Comment | -| data.bicep:15:1:15:41 | OutputDeclaration | -| data.bicep:15:1:15:41 | OutputDeclaration | -| data.bicep:15:1:15:41 | OutputDeclaration | -| data.bicep:15:8:15:19 | thirdElement | -| data.bicep:15:8:15:19 | thirdElement | -| data.bicep:15:8:15:19 | thirdElement | -| data.bicep:15:21:15:23 | Type | -| data.bicep:15:21:15:23 | int | -| data.bicep:15:27:15:38 | exampleArray | -| data.bicep:15:27:15:38 | exampleArray | -| data.bicep:15:27:15:38 | exampleArray | -| data.bicep:15:27:15:41 | SubscriptExpression | -| data.bicep:15:27:15:41 | SubscriptExpression | -| data.bicep:15:27:15:41 | SubscriptExpression | -| data.bicep:15:40:15:40 | 2 | -| data.bicep:15:40:15:40 | 2 | -| data.bicep:15:40:15:40 | 2 | -| data.bicep:15:43:15:46 | Comment | -| data.bicep:17:1:17:13 | VariableDeclaration | -| data.bicep:17:1:17:13 | VariableDeclaration | -| data.bicep:17:1:17:13 | VariableDeclaration | -| data.bicep:17:5:17:9 | index | -| data.bicep:17:5:17:9 | index | -| data.bicep:17:5:17:9 | index | -| data.bicep:17:13:17:13 | 1 | -| data.bicep:17:13:17:13 | 1 | -| data.bicep:17:13:17:13 | 1 | -| data.bicep:18:1:18:46 | OutputDeclaration | -| data.bicep:18:1:18:46 | OutputDeclaration | -| data.bicep:18:1:18:46 | OutputDeclaration | -| data.bicep:18:8:18:20 | secondElement | -| data.bicep:18:8:18:20 | secondElement | -| data.bicep:18:8:18:20 | secondElement | -| data.bicep:18:22:18:24 | Type | -| data.bicep:18:22:18:24 | int | -| data.bicep:18:28:18:39 | exampleArray | -| data.bicep:18:28:18:39 | exampleArray | -| data.bicep:18:28:18:39 | exampleArray | -| data.bicep:18:28:18:46 | SubscriptExpression | -| data.bicep:18:28:18:46 | SubscriptExpression | -| data.bicep:18:28:18:46 | SubscriptExpression | -| data.bicep:18:41:18:45 | index | -| data.bicep:18:41:18:45 | index | -| data.bicep:18:41:18:45 | index | -| data.bicep:18:48:18:51 | Comment | -| data.bicep:20:1:20:11 | Comment | -| data.bicep:21:1:21:29 | ParameterDeclaration | -| data.bicep:21:1:21:29 | ParameterDeclaration | -| data.bicep:21:1:21:29 | ParameterDeclaration | -| data.bicep:21:7:21:17 | exampleBool | -| data.bicep:21:7:21:17 | exampleBool | -| data.bicep:21:7:21:17 | exampleBool | -| data.bicep:21:19:21:22 | Type | -| data.bicep:21:19:21:22 | bool | -| data.bicep:21:26:21:29 | true | -| data.bicep:21:26:21:29 | true | -| data.bicep:21:26:21:29 | true | -| data.bicep:23:1:23:11 | Comment | -| data.bicep:24:1:24:24 | ParameterDeclaration | -| data.bicep:24:1:24:24 | ParameterDeclaration | -| data.bicep:24:1:24:24 | ParameterDeclaration | -| data.bicep:24:7:24:16 | exampleInt | -| data.bicep:24:7:24:16 | exampleInt | -| data.bicep:24:7:24:16 | exampleInt | -| data.bicep:24:18:24:20 | Type | -| data.bicep:24:18:24:20 | int | -| data.bicep:24:24:24:24 | 1 | -| data.bicep:24:24:24:24 | 1 | -| data.bicep:24:24:24:24 | 1 | -| data.bicep:26:1:26:10 | Comment | -| data.bicep:27:1:27:92 | ParameterDeclaration | -| data.bicep:27:1:27:92 | ParameterDeclaration | -| data.bicep:27:1:27:92 | ParameterDeclaration | -| data.bicep:27:7:27:22 | singleLineObject | -| data.bicep:27:7:27:22 | singleLineObject | -| data.bicep:27:7:27:22 | singleLineObject | -| data.bicep:27:24:27:29 | Type | -| data.bicep:27:24:27:29 | object | -| data.bicep:27:33:27:92 | Object | -| data.bicep:27:33:27:92 | Object | -| data.bicep:27:33:27:92 | Object | -| data.bicep:27:34:27:37 | name | -| data.bicep:27:34:27:37 | name | -| data.bicep:27:34:27:37 | name | -| data.bicep:27:34:27:50 | ObjectProperty | -| data.bicep:27:40:27:50 | String | -| data.bicep:27:40:27:50 | String | -| data.bicep:27:40:27:50 | String | -| data.bicep:27:41:27:49 | test name | -| data.bicep:27:53:27:54 | id | -| data.bicep:27:53:27:54 | id | -| data.bicep:27:53:27:54 | id | -| data.bicep:27:53:27:65 | ObjectProperty | -| data.bicep:27:57:27:65 | String | -| data.bicep:27:57:27:65 | String | -| data.bicep:27:57:27:65 | String | -| data.bicep:27:58:27:64 | 123-abc | -| data.bicep:27:68:27:76 | isCurrent | -| data.bicep:27:68:27:76 | isCurrent | -| data.bicep:27:68:27:76 | isCurrent | -| data.bicep:27:68:27:82 | ObjectProperty | -| data.bicep:27:79:27:82 | true | -| data.bicep:27:79:27:82 | true | -| data.bicep:27:79:27:82 | true | -| data.bicep:27:85:27:88 | tier | -| data.bicep:27:85:27:88 | tier | -| data.bicep:27:85:27:88 | tier | -| data.bicep:27:85:27:91 | ObjectProperty | -| data.bicep:27:91:27:91 | 1 | -| data.bicep:27:91:27:91 | 1 | -| data.bicep:27:91:27:91 | 1 | -| data.bicep:29:1:34:1 | ParameterDeclaration | -| data.bicep:29:1:34:1 | ParameterDeclaration | -| data.bicep:29:1:34:1 | ParameterDeclaration | -| data.bicep:29:7:29:21 | multiLineObject | -| data.bicep:29:7:29:21 | multiLineObject | -| data.bicep:29:7:29:21 | multiLineObject | -| data.bicep:29:23:29:28 | Type | -| data.bicep:29:23:29:28 | object | -| data.bicep:29:32:34:1 | Object | -| data.bicep:29:32:34:1 | Object | -| data.bicep:29:32:34:1 | Object | -| data.bicep:30:3:30:6 | name | -| data.bicep:30:3:30:6 | name | -| data.bicep:30:3:30:6 | name | -| data.bicep:30:3:30:19 | ObjectProperty | -| data.bicep:30:9:30:19 | String | -| data.bicep:30:9:30:19 | String | -| data.bicep:30:9:30:19 | String | -| data.bicep:30:10:30:18 | test name | -| data.bicep:31:3:31:4 | id | -| data.bicep:31:3:31:4 | id | -| data.bicep:31:3:31:4 | id | -| data.bicep:31:3:31:15 | ObjectProperty | -| data.bicep:31:7:31:15 | String | -| data.bicep:31:7:31:15 | String | -| data.bicep:31:7:31:15 | String | -| data.bicep:31:8:31:14 | 123-abc | -| data.bicep:32:3:32:11 | isCurrent | -| data.bicep:32:3:32:11 | isCurrent | -| data.bicep:32:3:32:11 | isCurrent | -| data.bicep:32:3:32:17 | ObjectProperty | -| data.bicep:32:14:32:17 | true | -| data.bicep:32:14:32:17 | true | -| data.bicep:32:14:32:17 | true | -| data.bicep:33:3:33:6 | tier | -| data.bicep:33:3:33:6 | tier | -| data.bicep:33:3:33:6 | tier | -| data.bicep:33:3:33:9 | ObjectProperty | -| data.bicep:33:9:33:9 | 1 | -| data.bicep:33:9:33:9 | 1 | -| data.bicep:33:9:33:9 | 1 | -| data.bicep:36:1:37:12 | ParameterDeclaration | -| data.bicep:36:1:37:12 | ParameterDeclaration | -| data.bicep:36:1:37:12 | ParameterDeclaration | -| data.bicep:36:7:36:17 | mixedObject | -| data.bicep:36:7:36:17 | mixedObject | -| data.bicep:36:7:36:17 | mixedObject | -| data.bicep:36:19:36:24 | Type | -| data.bicep:36:19:36:24 | object | -| data.bicep:36:28:37:12 | Object | -| data.bicep:36:28:37:12 | Object | -| data.bicep:36:28:37:12 | Object | -| data.bicep:36:29:36:32 | name | -| data.bicep:36:29:36:32 | name | -| data.bicep:36:29:36:32 | name | -| data.bicep:36:29:36:45 | ObjectProperty | -| data.bicep:36:35:36:45 | String | -| data.bicep:36:35:36:45 | String | -| data.bicep:36:35:36:45 | String | -| data.bicep:36:36:36:44 | test name | -| data.bicep:36:48:36:49 | id | -| data.bicep:36:48:36:49 | id | -| data.bicep:36:48:36:49 | id | -| data.bicep:36:48:36:60 | ObjectProperty | -| data.bicep:36:52:36:60 | String | -| data.bicep:36:52:36:60 | String | -| data.bicep:36:52:36:60 | String | -| data.bicep:36:53:36:59 | 123-abc | -| data.bicep:36:63:36:71 | isCurrent | -| data.bicep:36:63:36:71 | isCurrent | -| data.bicep:36:63:36:71 | isCurrent | -| data.bicep:36:63:36:77 | ObjectProperty | -| data.bicep:36:74:36:77 | true | -| data.bicep:36:74:36:77 | true | -| data.bicep:36:74:36:77 | true | -| data.bicep:37:5:37:8 | tier | -| data.bicep:37:5:37:8 | tier | -| data.bicep:37:5:37:8 | tier | -| data.bicep:37:5:37:11 | ObjectProperty | -| data.bicep:37:11:37:11 | 1 | -| data.bicep:37:11:37:11 | 1 | -| data.bicep:37:11:37:11 | 1 | -| data.bicep:39:1:39:10 | Comment | -| data.bicep:40:1:40:28 | Comment | -| data.bicep:41:1:41:25 | VariableDeclaration | -| data.bicep:41:1:41:25 | VariableDeclaration | -| data.bicep:41:1:41:25 | VariableDeclaration | -| data.bicep:41:5:41:9 | myVar | -| data.bicep:41:5:41:9 | myVar | -| data.bicep:41:5:41:9 | myVar | -| data.bicep:41:13:41:25 | String | -| data.bicep:41:13:41:25 | String | -| data.bicep:41:13:41:25 | String | -| data.bicep:41:14:41:17 | what | -| data.bicep:41:18:41:19 | \\' | -| data.bicep:41:20:41:24 | s up? | -| data.bicep:42:1:42:52 | TypeDeclaration | -| data.bicep:42:1:42:52 | TypeDeclaration | -| data.bicep:42:1:42:52 | TypeDeclaration | -| data.bicep:42:6:42:14 | direction | -| data.bicep:42:6:42:14 | direction | -| data.bicep:42:6:42:14 | direction | -| data.bicep:42:18:42:24 | String | -| data.bicep:42:18:42:24 | String | -| data.bicep:42:18:42:24 | String | -| data.bicep:42:18:42:52 | UnionType | -| data.bicep:42:19:42:23 | north | -| data.bicep:42:28:42:34 | String | -| data.bicep:42:28:42:34 | String | -| data.bicep:42:28:42:34 | String | -| data.bicep:42:29:42:33 | south | -| data.bicep:42:38:42:43 | String | -| data.bicep:42:38:42:43 | String | -| data.bicep:42:38:42:43 | String | -| data.bicep:42:38:42:52 | BinaryExpression | -| data.bicep:42:38:42:52 | BinaryExpression | -| data.bicep:42:39:42:42 | east | -| data.bicep:42:47:42:52 | String | -| data.bicep:42:47:42:52 | String | -| data.bicep:42:47:42:52 | String | -| data.bicep:42:48:42:51 | west | -| data.bicep:43:1:43:62 | VariableDeclaration | -| data.bicep:43:1:43:62 | VariableDeclaration | -| data.bicep:43:1:43:62 | VariableDeclaration | -| data.bicep:43:5:43:15 | storageName | -| data.bicep:43:5:43:15 | storageName | -| data.bicep:43:5:43:15 | storageName | -| data.bicep:43:19:43:62 | String | -| data.bicep:43:19:43:62 | String | -| data.bicep:43:19:43:62 | String | -| data.bicep:43:20:43:26 | storage | -| data.bicep:43:27:43:61 | Interpolation | -| data.bicep:43:29:43:40 | uniqueString | -| data.bicep:43:29:43:40 | uniqueString | -| data.bicep:43:29:43:40 | uniqueString | -| data.bicep:43:29:43:60 | CallExpression | -| data.bicep:43:29:43:60 | CallExpression | -| data.bicep:43:29:43:60 | CallExpression | -| data.bicep:43:41:43:60 | Arguments | -| data.bicep:43:42:43:54 | resourceGroup | -| data.bicep:43:42:43:54 | resourceGroup | -| data.bicep:43:42:43:54 | resourceGroup | -| data.bicep:43:42:43:56 | CallExpression | -| data.bicep:43:42:43:56 | CallExpression | -| data.bicep:43:42:43:56 | CallExpression | -| data.bicep:43:42:43:59 | MemberExpression | -| data.bicep:43:42:43:59 | MemberExpression | -| data.bicep:43:42:43:59 | MemberExpression | -| data.bicep:43:55:43:56 | Arguments | -| data.bicep:43:58:43:59 | id | -| data.bicep:45:1:45:24 | Comment | -| data.bicep:46:1:46:24 | VariableDeclaration | -| data.bicep:46:1:46:24 | VariableDeclaration | -| data.bicep:46:1:46:24 | VariableDeclaration | -| data.bicep:46:5:46:9 | myVar | -| data.bicep:46:5:46:9 | myVar | -| data.bicep:46:5:46:9 | myVar | -| data.bicep:46:13:46:24 | String | -| data.bicep:46:13:46:24 | String | -| data.bicep:46:13:46:24 | String | -| data.bicep:46:16:46:21 | hello! | -| data.bicep:48:1:48:61 | Comment | -| data.bicep:49:1:50:9 | VariableDeclaration | -| data.bicep:49:1:50:9 | VariableDeclaration | -| data.bicep:49:1:50:9 | VariableDeclaration | -| data.bicep:49:5:49:10 | myVar2 | -| data.bicep:49:5:49:10 | myVar2 | -| data.bicep:49:5:49:10 | myVar2 | -| data.bicep:49:14:50:9 | String | -| data.bicep:49:14:50:9 | String | -| data.bicep:49:14:50:9 | String | -| data.bicep:49:17:50:6 | \nhello! | -| data.bicep:52:1:52:64 | Comment | -| data.bicep:53:1:55:3 | VariableDeclaration | -| data.bicep:53:1:55:3 | VariableDeclaration | -| data.bicep:53:1:55:3 | VariableDeclaration | -| data.bicep:53:5:53:10 | myVar3 | -| data.bicep:53:5:53:10 | myVar3 | -| data.bicep:53:5:53:10 | myVar3 | -| data.bicep:53:14:55:3 | String | -| data.bicep:53:14:55:3 | String | -| data.bicep:53:14:55:3 | String | -| data.bicep:53:17:54:7 | \nhello!\n | -| data.bicep:57:1:57:50 | Comment | -| data.bicep:58:1:62:3 | VariableDeclaration | -| data.bicep:58:1:62:3 | VariableDeclaration | -| data.bicep:58:1:62:3 | VariableDeclaration | -| data.bicep:58:5:58:10 | myVar4 | -| data.bicep:58:5:58:10 | myVar4 | -| data.bicep:58:5:58:10 | myVar4 | -| data.bicep:58:14:62:3 | String | -| data.bicep:58:14:62:3 | String | -| data.bicep:58:14:62:3 | String | -| data.bicep:58:17:61:15 | \n this\n is\n indented\n | -| sample.bicep:1:1:1:48 | ParameterDeclaration | -| sample.bicep:1:1:1:48 | ParameterDeclaration | -| sample.bicep:1:1:1:48 | ParameterDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | -| sample.bicep:1:7:1:14 | location | -| sample.bicep:1:7:1:14 | location | -| sample.bicep:1:7:1:14 | location | -| sample.bicep:1:16:1:21 | Type | -| sample.bicep:1:16:1:21 | string | -| sample.bicep:1:25:1:37 | resourceGroup | -| sample.bicep:1:25:1:37 | resourceGroup | -| sample.bicep:1:25:1:37 | resourceGroup | -| sample.bicep:1:25:1:39 | CallExpression | -| sample.bicep:1:25:1:39 | CallExpression | -| sample.bicep:1:25:1:39 | CallExpression | -| sample.bicep:1:25:1:48 | MemberExpression | -| sample.bicep:1:25:1:48 | MemberExpression | -| sample.bicep:1:25:1:48 | MemberExpression | -| sample.bicep:1:38:1:39 | Arguments | -| sample.bicep:1:41:1:48 | location | -| sample.bicep:2:1:2:80 | ParameterDeclaration | -| sample.bicep:2:1:2:80 | ParameterDeclaration | -| sample.bicep:2:1:2:80 | ParameterDeclaration | -| sample.bicep:2:7:2:24 | storageAccountName | -| sample.bicep:2:7:2:24 | storageAccountName | -| sample.bicep:2:7:2:24 | storageAccountName | -| sample.bicep:2:26:2:31 | Type | -| sample.bicep:2:26:2:31 | string | -| sample.bicep:2:35:2:80 | String | -| sample.bicep:2:35:2:80 | String | -| sample.bicep:2:35:2:80 | String | -| sample.bicep:2:36:2:44 | toylaunch | -| sample.bicep:2:45:2:79 | Interpolation | -| sample.bicep:2:47:2:58 | uniqueString | -| sample.bicep:2:47:2:58 | uniqueString | -| sample.bicep:2:47:2:58 | uniqueString | -| sample.bicep:2:47:2:78 | CallExpression | -| sample.bicep:2:47:2:78 | CallExpression | -| sample.bicep:2:47:2:78 | CallExpression | -| sample.bicep:2:59:2:78 | Arguments | -| sample.bicep:2:60:2:72 | resourceGroup | -| sample.bicep:2:60:2:72 | resourceGroup | -| sample.bicep:2:60:2:72 | resourceGroup | -| sample.bicep:2:60:2:74 | CallExpression | -| sample.bicep:2:60:2:74 | CallExpression | -| sample.bicep:2:60:2:74 | CallExpression | -| sample.bicep:2:60:2:77 | MemberExpression | -| sample.bicep:2:60:2:77 | MemberExpression | -| sample.bicep:2:60:2:77 | MemberExpression | -| sample.bicep:2:73:2:74 | Arguments | -| sample.bicep:2:76:2:77 | id | -| sample.bicep:3:1:3:28 | ParameterDeclaration | -| sample.bicep:3:1:3:28 | ParameterDeclaration | -| sample.bicep:3:1:3:28 | ParameterDeclaration | -| sample.bicep:3:7:3:12 | vmName | -| sample.bicep:3:7:3:12 | vmName | -| sample.bicep:3:7:3:12 | vmName | -| sample.bicep:3:14:3:19 | Type | -| sample.bicep:3:14:3:19 | string | -| sample.bicep:3:23:3:28 | String | -| sample.bicep:3:23:3:28 | String | -| sample.bicep:3:23:3:28 | String | -| sample.bicep:3:24:3:27 | myVM | -| sample.bicep:4:1:4:40 | ParameterDeclaration | -| sample.bicep:4:1:4:40 | ParameterDeclaration | -| sample.bicep:4:1:4:40 | ParameterDeclaration | -| sample.bicep:4:7:4:19 | adminUsername | -| sample.bicep:4:7:4:19 | adminUsername | -| sample.bicep:4:7:4:19 | adminUsername | -| sample.bicep:4:21:4:26 | Type | -| sample.bicep:4:21:4:26 | string | -| sample.bicep:4:30:4:40 | String | -| sample.bicep:4:30:4:40 | String | -| sample.bicep:4:30:4:40 | String | -| sample.bicep:4:31:4:39 | azureuser | -| sample.bicep:5:1:5:43 | ParameterDeclaration | -| sample.bicep:5:1:5:43 | ParameterDeclaration | -| sample.bicep:5:1:5:43 | ParameterDeclaration | -| sample.bicep:5:7:5:19 | adminPassword | -| sample.bicep:5:7:5:19 | adminPassword | -| sample.bicep:5:7:5:19 | adminPassword | -| sample.bicep:5:21:5:26 | Type | -| sample.bicep:5:21:5:26 | string | -| sample.bicep:5:30:5:43 | String | -| sample.bicep:5:30:5:43 | String | -| sample.bicep:5:30:5:43 | String | -| sample.bicep:5:31:5:42 | P@ssw0rd123! | -| sample.bicep:6:1:6:32 | ParameterDeclaration | -| sample.bicep:6:1:6:32 | ParameterDeclaration | -| sample.bicep:6:1:6:32 | ParameterDeclaration | -| sample.bicep:6:7:6:14 | vnetName | -| sample.bicep:6:7:6:14 | vnetName | -| sample.bicep:6:7:6:14 | vnetName | -| sample.bicep:6:16:6:21 | Type | -| sample.bicep:6:16:6:21 | string | -| sample.bicep:6:25:6:32 | String | -| sample.bicep:6:25:6:32 | String | -| sample.bicep:6:25:6:32 | String | -| sample.bicep:6:26:6:31 | myVnet | -| sample.bicep:7:1:7:36 | ParameterDeclaration | -| sample.bicep:7:1:7:36 | ParameterDeclaration | -| sample.bicep:7:1:7:36 | ParameterDeclaration | -| sample.bicep:7:7:7:16 | subnetName | -| sample.bicep:7:7:7:16 | subnetName | -| sample.bicep:7:7:7:16 | subnetName | -| sample.bicep:7:18:7:23 | Type | -| sample.bicep:7:18:7:23 | string | -| sample.bicep:7:27:7:36 | String | -| sample.bicep:7:27:7:36 | String | -| sample.bicep:7:27:7:36 | String | -| sample.bicep:7:28:7:35 | mySubnet | -| sample.bicep:8:1:8:40 | ParameterDeclaration | -| sample.bicep:8:1:8:40 | ParameterDeclaration | -| sample.bicep:8:1:8:40 | ParameterDeclaration | -| sample.bicep:8:7:8:18 | publicIpName | -| sample.bicep:8:7:8:18 | publicIpName | -| sample.bicep:8:7:8:18 | publicIpName | -| sample.bicep:8:20:8:25 | Type | -| sample.bicep:8:20:8:25 | string | -| sample.bicep:8:29:8:40 | String | -| sample.bicep:8:29:8:40 | String | -| sample.bicep:8:29:8:40 | String | -| sample.bicep:8:30:8:39 | myPublicIP | -| sample.bicep:9:1:9:30 | ParameterDeclaration | -| sample.bicep:9:1:9:30 | ParameterDeclaration | -| sample.bicep:9:1:9:30 | ParameterDeclaration | -| sample.bicep:9:7:9:13 | nicName | -| sample.bicep:9:7:9:13 | nicName | -| sample.bicep:9:7:9:13 | nicName | -| sample.bicep:9:15:9:20 | Type | -| sample.bicep:9:15:9:20 | string | -| sample.bicep:9:24:9:30 | String | -| sample.bicep:9:24:9:30 | String | -| sample.bicep:9:24:9:30 | String | -| sample.bicep:9:25:9:29 | myNIC | -| sample.bicep:11:1:21:1 | ResourceDeclaration | -| sample.bicep:11:1:21:1 | ResourceDeclaration | -| sample.bicep:11:1:21:1 | ResourceDeclaration | -| sample.bicep:11:10:11:23 | storageAccount | -| sample.bicep:11:10:11:23 | storageAccount | -| sample.bicep:11:10:11:23 | storageAccount | -| sample.bicep:11:25:11:70 | String | -| sample.bicep:11:25:11:70 | String | -| sample.bicep:11:25:11:70 | String | -| sample.bicep:11:26:11:69 | Microsoft.Storage/storageAccounts@2021-06-01 | -| sample.bicep:11:74:21:1 | Object | -| sample.bicep:11:74:21:1 | Object | -| sample.bicep:11:74:21:1 | Object | -| sample.bicep:12:3:12:6 | name | -| sample.bicep:12:3:12:6 | name | -| sample.bicep:12:3:12:6 | name | -| sample.bicep:12:3:12:26 | ObjectProperty | -| sample.bicep:12:9:12:26 | storageAccountName | -| sample.bicep:12:9:12:26 | storageAccountName | -| sample.bicep:12:9:12:26 | storageAccountName | -| sample.bicep:13:3:13:10 | location | -| sample.bicep:13:3:13:10 | location | -| sample.bicep:13:3:13:10 | location | -| sample.bicep:13:3:13:20 | ObjectProperty | -| sample.bicep:13:13:13:20 | location | -| sample.bicep:13:13:13:20 | location | -| sample.bicep:13:13:13:20 | location | -| sample.bicep:14:3:14:5 | sku | -| sample.bicep:14:3:14:5 | sku | -| sample.bicep:14:3:14:5 | sku | -| sample.bicep:14:3:16:3 | ObjectProperty | -| sample.bicep:14:8:16:3 | Object | -| sample.bicep:14:8:16:3 | Object | -| sample.bicep:14:8:16:3 | Object | -| sample.bicep:15:5:15:8 | name | -| sample.bicep:15:5:15:8 | name | -| sample.bicep:15:5:15:8 | name | -| sample.bicep:15:5:15:24 | ObjectProperty | -| sample.bicep:15:11:15:24 | String | -| sample.bicep:15:11:15:24 | String | -| sample.bicep:15:11:15:24 | String | -| sample.bicep:15:12:15:23 | Standard_LRS | -| sample.bicep:17:3:17:6 | kind | -| sample.bicep:17:3:17:6 | kind | -| sample.bicep:17:3:17:6 | kind | -| sample.bicep:17:3:17:19 | ObjectProperty | -| sample.bicep:17:9:17:19 | String | -| sample.bicep:17:9:17:19 | String | -| sample.bicep:17:9:17:19 | String | -| sample.bicep:17:10:17:18 | StorageV2 | -| sample.bicep:18:3:18:12 | properties | -| sample.bicep:18:3:18:12 | properties | -| sample.bicep:18:3:18:12 | properties | -| sample.bicep:18:3:20:3 | ObjectProperty | -| sample.bicep:18:15:20:3 | Object | -| sample.bicep:18:15:20:3 | Object | -| sample.bicep:18:15:20:3 | Object | -| sample.bicep:19:5:19:14 | accessTier | -| sample.bicep:19:5:19:14 | accessTier | -| sample.bicep:19:5:19:14 | accessTier | -| sample.bicep:19:5:19:21 | ObjectProperty | -| sample.bicep:19:17:19:21 | String | -| sample.bicep:19:17:19:21 | String | -| sample.bicep:19:17:19:21 | String | -| sample.bicep:19:18:19:20 | Hot | -| sample.bicep:23:1:41:1 | ResourceDeclaration | -| sample.bicep:23:1:41:1 | ResourceDeclaration | -| sample.bicep:23:1:41:1 | ResourceDeclaration | -| sample.bicep:23:10:23:13 | vnet | -| sample.bicep:23:10:23:13 | vnet | -| sample.bicep:23:10:23:13 | vnet | -| sample.bicep:23:15:23:60 | String | -| sample.bicep:23:15:23:60 | String | -| sample.bicep:23:15:23:60 | String | -| sample.bicep:23:16:23:59 | Microsoft.Network/virtualNetworks@2021-05-01 | -| sample.bicep:23:64:41:1 | Object | -| sample.bicep:23:64:41:1 | Object | -| sample.bicep:23:64:41:1 | Object | -| sample.bicep:24:3:24:6 | name | -| sample.bicep:24:3:24:6 | name | -| sample.bicep:24:3:24:6 | name | -| sample.bicep:24:3:24:16 | ObjectProperty | -| sample.bicep:24:9:24:16 | vnetName | -| sample.bicep:24:9:24:16 | vnetName | -| sample.bicep:24:9:24:16 | vnetName | -| sample.bicep:25:3:25:10 | location | -| sample.bicep:25:3:25:10 | location | -| sample.bicep:25:3:25:10 | location | -| sample.bicep:25:3:25:20 | ObjectProperty | -| sample.bicep:25:13:25:20 | location | -| sample.bicep:25:13:25:20 | location | -| sample.bicep:25:13:25:20 | location | -| sample.bicep:26:3:26:12 | properties | -| sample.bicep:26:3:26:12 | properties | -| sample.bicep:26:3:26:12 | properties | -| sample.bicep:26:3:40:3 | ObjectProperty | -| sample.bicep:26:15:40:3 | Object | -| sample.bicep:26:15:40:3 | Object | -| sample.bicep:26:15:40:3 | Object | -| sample.bicep:27:5:27:16 | addressSpace | -| sample.bicep:27:5:27:16 | addressSpace | -| sample.bicep:27:5:27:16 | addressSpace | -| sample.bicep:27:5:31:5 | ObjectProperty | -| sample.bicep:27:19:31:5 | Object | -| sample.bicep:27:19:31:5 | Object | -| sample.bicep:27:19:31:5 | Object | -| sample.bicep:28:7:28:21 | addressPrefixes | -| sample.bicep:28:7:28:21 | addressPrefixes | -| sample.bicep:28:7:28:21 | addressPrefixes | -| sample.bicep:28:7:30:7 | ObjectProperty | -| sample.bicep:28:24:30:7 | Array | -| sample.bicep:28:24:30:7 | Array | -| sample.bicep:28:24:30:7 | Array | -| sample.bicep:29:9:29:21 | String | -| sample.bicep:29:9:29:21 | String | -| sample.bicep:29:9:29:21 | String | -| sample.bicep:29:10:29:20 | 10.0.0.0/16 | -| sample.bicep:32:5:32:11 | subnets | -| sample.bicep:32:5:32:11 | subnets | -| sample.bicep:32:5:32:11 | subnets | -| sample.bicep:32:5:39:5 | ObjectProperty | -| sample.bicep:32:14:39:5 | Array | -| sample.bicep:32:14:39:5 | Array | -| sample.bicep:32:14:39:5 | Array | -| sample.bicep:33:7:38:7 | Object | -| sample.bicep:33:7:38:7 | Object | -| sample.bicep:33:7:38:7 | Object | -| sample.bicep:34:9:34:12 | name | -| sample.bicep:34:9:34:12 | name | -| sample.bicep:34:9:34:12 | name | -| sample.bicep:34:9:34:24 | ObjectProperty | -| sample.bicep:34:15:34:24 | subnetName | -| sample.bicep:34:15:34:24 | subnetName | -| sample.bicep:34:15:34:24 | subnetName | -| sample.bicep:35:9:35:18 | properties | -| sample.bicep:35:9:35:18 | properties | -| sample.bicep:35:9:35:18 | properties | -| sample.bicep:35:9:37:9 | ObjectProperty | -| sample.bicep:35:21:37:9 | Object | -| sample.bicep:35:21:37:9 | Object | -| sample.bicep:35:21:37:9 | Object | -| sample.bicep:36:11:36:23 | addressPrefix | -| sample.bicep:36:11:36:23 | addressPrefix | -| sample.bicep:36:11:36:23 | addressPrefix | -| sample.bicep:36:11:36:38 | ObjectProperty | -| sample.bicep:36:26:36:38 | String | -| sample.bicep:36:26:36:38 | String | -| sample.bicep:36:26:36:38 | String | -| sample.bicep:36:27:36:37 | 10.0.0.0/24 | -| sample.bicep:43:1:49:1 | ResourceDeclaration | -| sample.bicep:43:1:49:1 | ResourceDeclaration | -| sample.bicep:43:1:49:1 | ResourceDeclaration | -| sample.bicep:43:10:43:17 | publicIp | -| sample.bicep:43:10:43:17 | publicIp | -| sample.bicep:43:10:43:17 | publicIp | -| sample.bicep:43:19:43:66 | String | -| sample.bicep:43:19:43:66 | String | -| sample.bicep:43:19:43:66 | String | -| sample.bicep:43:20:43:65 | Microsoft.Network/publicIPAddresses@2021-05-01 | -| sample.bicep:43:70:49:1 | Object | -| sample.bicep:43:70:49:1 | Object | -| sample.bicep:43:70:49:1 | Object | -| sample.bicep:44:3:44:6 | name | -| sample.bicep:44:3:44:6 | name | -| sample.bicep:44:3:44:6 | name | -| sample.bicep:44:3:44:20 | ObjectProperty | -| sample.bicep:44:9:44:20 | publicIpName | -| sample.bicep:44:9:44:20 | publicIpName | -| sample.bicep:44:9:44:20 | publicIpName | -| sample.bicep:45:3:45:10 | location | -| sample.bicep:45:3:45:10 | location | -| sample.bicep:45:3:45:10 | location | -| sample.bicep:45:3:45:20 | ObjectProperty | -| sample.bicep:45:13:45:20 | location | -| sample.bicep:45:13:45:20 | location | -| sample.bicep:45:13:45:20 | location | -| sample.bicep:46:3:46:12 | properties | -| sample.bicep:46:3:46:12 | properties | -| sample.bicep:46:3:46:12 | properties | -| sample.bicep:46:3:48:3 | ObjectProperty | -| sample.bicep:46:15:48:3 | Object | -| sample.bicep:46:15:48:3 | Object | -| sample.bicep:46:15:48:3 | Object | -| sample.bicep:47:5:47:28 | publicIPAllocationMethod | -| sample.bicep:47:5:47:28 | publicIPAllocationMethod | -| sample.bicep:47:5:47:28 | publicIPAllocationMethod | -| sample.bicep:47:5:47:39 | ObjectProperty | -| sample.bicep:47:31:47:39 | String | -| sample.bicep:47:31:47:39 | String | -| sample.bicep:47:31:47:39 | String | -| sample.bicep:47:32:47:38 | Dynamic | -| sample.bicep:51:1:70:1 | ResourceDeclaration | -| sample.bicep:51:1:70:1 | ResourceDeclaration | -| sample.bicep:51:1:70:1 | ResourceDeclaration | -| sample.bicep:51:10:51:12 | nic | -| sample.bicep:51:10:51:12 | nic | -| sample.bicep:51:10:51:12 | nic | -| sample.bicep:51:14:51:61 | String | -| sample.bicep:51:14:51:61 | String | -| sample.bicep:51:14:51:61 | String | -| sample.bicep:51:15:51:60 | Microsoft.Network/networkInterfaces@2021-05-01 | -| sample.bicep:51:65:70:1 | Object | -| sample.bicep:51:65:70:1 | Object | -| sample.bicep:51:65:70:1 | Object | -| sample.bicep:52:3:52:6 | name | -| sample.bicep:52:3:52:6 | name | -| sample.bicep:52:3:52:6 | name | -| sample.bicep:52:3:52:15 | ObjectProperty | -| sample.bicep:52:9:52:15 | nicName | -| sample.bicep:52:9:52:15 | nicName | -| sample.bicep:52:9:52:15 | nicName | -| sample.bicep:53:3:53:10 | location | -| sample.bicep:53:3:53:10 | location | -| sample.bicep:53:3:53:10 | location | -| sample.bicep:53:3:53:20 | ObjectProperty | -| sample.bicep:53:13:53:20 | location | -| sample.bicep:53:13:53:20 | location | -| sample.bicep:53:13:53:20 | location | -| sample.bicep:54:3:54:12 | properties | -| sample.bicep:54:3:54:12 | properties | -| sample.bicep:54:3:54:12 | properties | -| sample.bicep:54:3:69:3 | ObjectProperty | -| sample.bicep:54:15:69:3 | Object | -| sample.bicep:54:15:69:3 | Object | -| sample.bicep:54:15:69:3 | Object | -| sample.bicep:55:5:55:20 | ipConfigurations | -| sample.bicep:55:5:55:20 | ipConfigurations | -| sample.bicep:55:5:55:20 | ipConfigurations | -| sample.bicep:55:5:68:5 | ObjectProperty | -| sample.bicep:55:23:68:5 | Array | -| sample.bicep:55:23:68:5 | Array | -| sample.bicep:55:23:68:5 | Array | -| sample.bicep:56:7:67:7 | Object | -| sample.bicep:56:7:67:7 | Object | -| sample.bicep:56:7:67:7 | Object | -| sample.bicep:57:9:57:12 | name | -| sample.bicep:57:9:57:12 | name | -| sample.bicep:57:9:57:12 | name | -| sample.bicep:57:9:57:25 | ObjectProperty | -| sample.bicep:57:15:57:25 | String | -| sample.bicep:57:15:57:25 | String | -| sample.bicep:57:15:57:25 | String | -| sample.bicep:57:16:57:24 | ipconfig1 | -| sample.bicep:58:9:58:18 | properties | -| sample.bicep:58:9:58:18 | properties | -| sample.bicep:58:9:58:18 | properties | -| sample.bicep:58:9:66:9 | ObjectProperty | -| sample.bicep:58:21:66:9 | Object | -| sample.bicep:58:21:66:9 | Object | -| sample.bicep:58:21:66:9 | Object | -| sample.bicep:59:11:59:16 | subnet | -| sample.bicep:59:11:59:16 | subnet | -| sample.bicep:59:11:59:16 | subnet | -| sample.bicep:59:11:61:11 | ObjectProperty | -| sample.bicep:59:19:61:11 | Object | -| sample.bicep:59:19:61:11 | Object | -| sample.bicep:59:19:61:11 | Object | -| sample.bicep:60:13:60:14 | id | -| sample.bicep:60:13:60:14 | id | -| sample.bicep:60:13:60:14 | id | -| sample.bicep:60:13:60:45 | ObjectProperty | -| sample.bicep:60:17:60:20 | vnet | -| sample.bicep:60:17:60:20 | vnet | -| sample.bicep:60:17:60:20 | vnet | -| sample.bicep:60:17:60:31 | MemberExpression | -| sample.bicep:60:17:60:31 | MemberExpression | -| sample.bicep:60:17:60:31 | MemberExpression | -| sample.bicep:60:17:60:39 | MemberExpression | -| sample.bicep:60:17:60:39 | MemberExpression | -| sample.bicep:60:17:60:39 | MemberExpression | -| sample.bicep:60:17:60:42 | SubscriptExpression | -| sample.bicep:60:17:60:42 | SubscriptExpression | -| sample.bicep:60:17:60:42 | SubscriptExpression | -| sample.bicep:60:17:60:45 | MemberExpression | -| sample.bicep:60:17:60:45 | MemberExpression | -| sample.bicep:60:17:60:45 | MemberExpression | -| sample.bicep:60:22:60:31 | properties | -| sample.bicep:60:33:60:39 | subnets | -| sample.bicep:60:41:60:41 | 0 | -| sample.bicep:60:41:60:41 | 0 | -| sample.bicep:60:41:60:41 | 0 | -| sample.bicep:60:44:60:45 | id | -| sample.bicep:62:11:62:35 | privateIPAllocationMethod | -| sample.bicep:62:11:62:35 | privateIPAllocationMethod | -| sample.bicep:62:11:62:35 | privateIPAllocationMethod | -| sample.bicep:62:11:62:46 | ObjectProperty | -| sample.bicep:62:38:62:46 | String | -| sample.bicep:62:38:62:46 | String | -| sample.bicep:62:38:62:46 | String | -| sample.bicep:62:39:62:45 | Dynamic | -| sample.bicep:63:11:63:25 | publicIPAddress | -| sample.bicep:63:11:63:25 | publicIPAddress | -| sample.bicep:63:11:63:25 | publicIPAddress | -| sample.bicep:63:11:65:11 | ObjectProperty | -| sample.bicep:63:28:65:11 | Object | -| sample.bicep:63:28:65:11 | Object | -| sample.bicep:63:28:65:11 | Object | -| sample.bicep:64:13:64:14 | id | -| sample.bicep:64:13:64:14 | id | -| sample.bicep:64:13:64:14 | id | -| sample.bicep:64:13:64:27 | ObjectProperty | -| sample.bicep:64:17:64:24 | publicIp | -| sample.bicep:64:17:64:24 | publicIp | -| sample.bicep:64:17:64:24 | publicIp | -| sample.bicep:64:17:64:27 | MemberExpression | -| sample.bicep:64:17:64:27 | MemberExpression | -| sample.bicep:64:17:64:27 | MemberExpression | -| sample.bicep:64:26:64:27 | id | -| sample.bicep:72:1:103:1 | ResourceDeclaration | -| sample.bicep:72:1:103:1 | ResourceDeclaration | -| sample.bicep:72:1:103:1 | ResourceDeclaration | -| sample.bicep:72:10:72:11 | vm | -| sample.bicep:72:10:72:11 | vm | -| sample.bicep:72:10:72:11 | vm | -| sample.bicep:72:13:72:58 | String | -| sample.bicep:72:13:72:58 | String | -| sample.bicep:72:13:72:58 | String | -| sample.bicep:72:14:72:57 | Microsoft.Compute/virtualMachines@2021-07-01 | -| sample.bicep:72:62:103:1 | Object | -| sample.bicep:72:62:103:1 | Object | -| sample.bicep:72:62:103:1 | Object | -| sample.bicep:73:3:73:6 | name | -| sample.bicep:73:3:73:6 | name | -| sample.bicep:73:3:73:6 | name | -| sample.bicep:73:3:73:14 | ObjectProperty | -| sample.bicep:73:9:73:14 | vmName | -| sample.bicep:73:9:73:14 | vmName | -| sample.bicep:73:9:73:14 | vmName | -| sample.bicep:74:3:74:10 | location | -| sample.bicep:74:3:74:10 | location | -| sample.bicep:74:3:74:10 | location | -| sample.bicep:74:3:74:20 | ObjectProperty | -| sample.bicep:74:13:74:20 | location | -| sample.bicep:74:13:74:20 | location | -| sample.bicep:74:13:74:20 | location | -| sample.bicep:75:3:75:12 | properties | -| sample.bicep:75:3:75:12 | properties | -| sample.bicep:75:3:75:12 | properties | -| sample.bicep:75:3:102:3 | ObjectProperty | -| sample.bicep:75:15:102:3 | Object | -| sample.bicep:75:15:102:3 | Object | -| sample.bicep:75:15:102:3 | Object | -| sample.bicep:76:5:76:19 | hardwareProfile | -| sample.bicep:76:5:76:19 | hardwareProfile | -| sample.bicep:76:5:76:19 | hardwareProfile | -| sample.bicep:76:5:78:5 | ObjectProperty | -| sample.bicep:76:22:78:5 | Object | -| sample.bicep:76:22:78:5 | Object | -| sample.bicep:76:22:78:5 | Object | -| sample.bicep:77:7:77:12 | vmSize | -| sample.bicep:77:7:77:12 | vmSize | -| sample.bicep:77:7:77:12 | vmSize | -| sample.bicep:77:7:77:31 | ObjectProperty | -| sample.bicep:77:15:77:31 | String | -| sample.bicep:77:15:77:31 | String | -| sample.bicep:77:15:77:31 | String | -| sample.bicep:77:16:77:30 | Standard_DS1_v2 | -| sample.bicep:79:5:79:13 | osProfile | -| sample.bicep:79:5:79:13 | osProfile | -| sample.bicep:79:5:79:13 | osProfile | -| sample.bicep:79:5:83:5 | ObjectProperty | -| sample.bicep:79:16:83:5 | Object | -| sample.bicep:79:16:83:5 | Object | -| sample.bicep:79:16:83:5 | Object | -| sample.bicep:80:7:80:18 | computerName | -| sample.bicep:80:7:80:18 | computerName | -| sample.bicep:80:7:80:18 | computerName | -| sample.bicep:80:7:80:26 | ObjectProperty | -| sample.bicep:80:21:80:26 | vmName | -| sample.bicep:80:21:80:26 | vmName | -| sample.bicep:80:21:80:26 | vmName | -| sample.bicep:81:7:81:19 | adminUsername | -| sample.bicep:81:7:81:19 | adminUsername | -| sample.bicep:81:7:81:19 | adminUsername | -| sample.bicep:81:7:81:34 | ObjectProperty | -| sample.bicep:81:22:81:34 | adminUsername | -| sample.bicep:81:22:81:34 | adminUsername | -| sample.bicep:81:22:81:34 | adminUsername | -| sample.bicep:82:7:82:19 | adminPassword | -| sample.bicep:82:7:82:19 | adminPassword | -| sample.bicep:82:7:82:19 | adminPassword | -| sample.bicep:82:7:82:34 | ObjectProperty | -| sample.bicep:82:22:82:34 | adminPassword | -| sample.bicep:82:22:82:34 | adminPassword | -| sample.bicep:82:22:82:34 | adminPassword | -| sample.bicep:84:5:84:18 | storageProfile | -| sample.bicep:84:5:84:18 | storageProfile | -| sample.bicep:84:5:84:18 | storageProfile | -| sample.bicep:84:5:94:5 | ObjectProperty | -| sample.bicep:84:21:94:5 | Object | -| sample.bicep:84:21:94:5 | Object | -| sample.bicep:84:21:94:5 | Object | -| sample.bicep:85:7:85:20 | imageReference | -| sample.bicep:85:7:85:20 | imageReference | -| sample.bicep:85:7:85:20 | imageReference | -| sample.bicep:85:7:90:7 | ObjectProperty | -| sample.bicep:85:23:90:7 | Object | -| sample.bicep:85:23:90:7 | Object | -| sample.bicep:85:23:90:7 | Object | -| sample.bicep:86:9:86:17 | publisher | -| sample.bicep:86:9:86:17 | publisher | -| sample.bicep:86:9:86:17 | publisher | -| sample.bicep:86:9:86:30 | ObjectProperty | -| sample.bicep:86:20:86:30 | String | -| sample.bicep:86:20:86:30 | String | -| sample.bicep:86:20:86:30 | String | -| sample.bicep:86:21:86:29 | Canonical | -| sample.bicep:87:9:87:13 | offer | -| sample.bicep:87:9:87:13 | offer | -| sample.bicep:87:9:87:13 | offer | -| sample.bicep:87:9:87:29 | ObjectProperty | -| sample.bicep:87:16:87:29 | String | -| sample.bicep:87:16:87:29 | String | -| sample.bicep:87:16:87:29 | String | -| sample.bicep:87:17:87:28 | UbuntuServer | -| sample.bicep:88:9:88:11 | sku | -| sample.bicep:88:9:88:11 | sku | -| sample.bicep:88:9:88:11 | sku | -| sample.bicep:88:9:88:24 | ObjectProperty | -| sample.bicep:88:14:88:24 | String | -| sample.bicep:88:14:88:24 | String | -| sample.bicep:88:14:88:24 | String | -| sample.bicep:88:15:88:23 | 18.04-LTS | -| sample.bicep:89:9:89:15 | version | -| sample.bicep:89:9:89:15 | version | -| sample.bicep:89:9:89:15 | version | -| sample.bicep:89:9:89:25 | ObjectProperty | -| sample.bicep:89:18:89:25 | String | -| sample.bicep:89:18:89:25 | String | -| sample.bicep:89:18:89:25 | String | -| sample.bicep:89:19:89:24 | latest | -| sample.bicep:91:7:91:12 | osDisk | -| sample.bicep:91:7:91:12 | osDisk | -| sample.bicep:91:7:91:12 | osDisk | -| sample.bicep:91:7:93:7 | ObjectProperty | -| sample.bicep:91:15:93:7 | Object | -| sample.bicep:91:15:93:7 | Object | -| sample.bicep:91:15:93:7 | Object | -| sample.bicep:92:9:92:20 | createOption | -| sample.bicep:92:9:92:20 | createOption | -| sample.bicep:92:9:92:20 | createOption | -| sample.bicep:92:9:92:33 | ObjectProperty | -| sample.bicep:92:23:92:33 | String | -| sample.bicep:92:23:92:33 | String | -| sample.bicep:92:23:92:33 | String | -| sample.bicep:92:24:92:32 | FromImage | -| sample.bicep:95:5:95:18 | networkProfile | -| sample.bicep:95:5:95:18 | networkProfile | -| sample.bicep:95:5:95:18 | networkProfile | -| sample.bicep:95:5:101:5 | ObjectProperty | -| sample.bicep:95:21:101:5 | Object | -| sample.bicep:95:21:101:5 | Object | -| sample.bicep:95:21:101:5 | Object | -| sample.bicep:96:7:96:23 | networkInterfaces | -| sample.bicep:96:7:96:23 | networkInterfaces | -| sample.bicep:96:7:96:23 | networkInterfaces | -| sample.bicep:96:7:100:7 | ObjectProperty | -| sample.bicep:96:26:100:7 | Array | -| sample.bicep:96:26:100:7 | Array | -| sample.bicep:96:26:100:7 | Array | -| sample.bicep:97:9:99:9 | Object | -| sample.bicep:97:9:99:9 | Object | -| sample.bicep:97:9:99:9 | Object | -| sample.bicep:98:11:98:12 | id | -| sample.bicep:98:11:98:12 | id | -| sample.bicep:98:11:98:12 | id | -| sample.bicep:98:11:98:20 | ObjectProperty | -| sample.bicep:98:15:98:17 | nic | -| sample.bicep:98:15:98:17 | nic | -| sample.bicep:98:15:98:17 | nic | -| sample.bicep:98:15:98:20 | MemberExpression | -| sample.bicep:98:15:98:20 | MemberExpression | -| sample.bicep:98:15:98:20 | MemberExpression | -| sample.bicep:98:19:98:20 | id | -infra -| conditions.bicep:1:1:12:2 | Infrastructure | 0 | conditions.bicep:1:1:1:39 | ParameterDeclaration | -| conditions.bicep:1:1:12:2 | Infrastructure | 1 | conditions.bicep:2:1:2:54 | ParameterDeclaration | -| conditions.bicep:1:1:12:2 | Infrastructure | 2 | conditions.bicep:4:1:12:1 | ResourceDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 0 | data.bicep:2:1:6:1 | VariableDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 1 | data.bicep:8:1:8:43 | VariableDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 2 | data.bicep:10:1:11:10 | VariableDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 3 | data.bicep:13:1:13:28 | VariableDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 4 | data.bicep:14:1:14:41 | OutputDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 5 | data.bicep:15:1:15:41 | OutputDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 6 | data.bicep:17:1:17:13 | VariableDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 7 | data.bicep:18:1:18:46 | OutputDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 8 | data.bicep:21:1:21:29 | ParameterDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 9 | data.bicep:24:1:24:24 | ParameterDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 10 | data.bicep:27:1:27:92 | ParameterDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 11 | data.bicep:29:1:34:1 | ParameterDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 12 | data.bicep:36:1:37:12 | ParameterDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 13 | data.bicep:41:1:41:25 | VariableDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 14 | data.bicep:42:1:42:52 | TypeDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 15 | data.bicep:43:1:43:62 | VariableDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 16 | data.bicep:46:1:46:24 | VariableDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 17 | data.bicep:49:1:50:9 | VariableDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 18 | data.bicep:53:1:55:3 | VariableDeclaration | -| data.bicep:1:1:62:4 | Infrastructure | 19 | data.bicep:58:1:62:3 | VariableDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 0 | sample.bicep:1:1:1:48 | ParameterDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 1 | sample.bicep:2:1:2:80 | ParameterDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 2 | sample.bicep:3:1:3:28 | ParameterDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 3 | sample.bicep:4:1:4:40 | ParameterDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 4 | sample.bicep:5:1:5:43 | ParameterDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 5 | sample.bicep:6:1:6:32 | ParameterDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 6 | sample.bicep:7:1:7:36 | ParameterDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 7 | sample.bicep:8:1:8:40 | ParameterDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 8 | sample.bicep:9:1:9:30 | ParameterDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 9 | sample.bicep:11:1:21:1 | ResourceDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 10 | sample.bicep:23:1:41:1 | ResourceDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 11 | sample.bicep:43:1:49:1 | ResourceDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 12 | sample.bicep:51:1:70:1 | ResourceDeclaration | -| sample.bicep:1:1:103:1 | Infrastructure | 13 | sample.bicep:72:1:103:1 | ResourceDeclaration | -strings -| conditions.bicep:2:35:2:54 | String | examplestorageacct | -| conditions.bicep:4:25:4:70 | String | Microsoft.Storage/storageAccounts@2022-09-01 | -| conditions.bicep:8:11:8:24 | String | Standard_LRS | -| conditions.bicep:10:9:10:19 | String | StorageV2 | -| data.bicep:3:3:3:7 | String | abc | -| data.bicep:4:3:4:7 | String | def | -| data.bicep:5:3:5:7 | String | ghi | -| data.bicep:8:24:8:28 | String | abc | -| data.bicep:8:31:8:35 | String | def | -| data.bicep:8:38:8:42 | String | ghi | -| data.bicep:10:19:10:23 | String | abc | -| data.bicep:10:26:10:30 | String | def | -| data.bicep:11:5:11:9 | String | ghi | -| data.bicep:27:40:27:50 | String | test name | -| data.bicep:27:57:27:65 | String | 123-abc | -| data.bicep:30:9:30:19 | String | test name | -| data.bicep:31:7:31:15 | String | 123-abc | -| data.bicep:36:35:36:45 | String | test name | -| data.bicep:36:52:36:60 | String | 123-abc | -| data.bicep:41:13:41:25 | String | whats up? | -| data.bicep:42:18:42:24 | String | north | -| data.bicep:42:28:42:34 | String | south | -| data.bicep:42:38:42:43 | String | east | -| data.bicep:42:47:42:52 | String | west | -| data.bicep:43:19:43:62 | String | storage${CallExpression} | -| data.bicep:46:13:46:24 | String | hello! | -| data.bicep:49:14:50:9 | String | \nhello! | -| data.bicep:53:14:55:3 | String | \nhello!\n | -| data.bicep:58:14:62:3 | String | \n this\n is\n indented\n | -| sample.bicep:2:35:2:80 | String | toylaunch${CallExpression} | -| sample.bicep:3:23:3:28 | String | myVM | -| sample.bicep:4:30:4:40 | String | azureuser | -| sample.bicep:5:30:5:43 | String | P@ssw0rd123! | -| sample.bicep:6:25:6:32 | String | myVnet | -| sample.bicep:7:27:7:36 | String | mySubnet | -| sample.bicep:8:29:8:40 | String | myPublicIP | -| sample.bicep:9:24:9:30 | String | myNIC | -| sample.bicep:11:25:11:70 | String | Microsoft.Storage/storageAccounts@2021-06-01 | -| sample.bicep:15:11:15:24 | String | Standard_LRS | -| sample.bicep:17:9:17:19 | String | StorageV2 | -| sample.bicep:19:17:19:21 | String | Hot | -| sample.bicep:23:15:23:60 | String | Microsoft.Network/virtualNetworks@2021-05-01 | -| sample.bicep:29:9:29:21 | String | 10.0.0.0/16 | -| sample.bicep:36:26:36:38 | String | 10.0.0.0/24 | -| sample.bicep:43:19:43:66 | String | Microsoft.Network/publicIPAddresses@2021-05-01 | -| sample.bicep:47:31:47:39 | String | Dynamic | -| sample.bicep:51:14:51:61 | String | Microsoft.Network/networkInterfaces@2021-05-01 | -| sample.bicep:57:15:57:25 | String | ipconfig1 | -| sample.bicep:62:38:62:46 | String | Dynamic | -| sample.bicep:72:13:72:58 | String | Microsoft.Compute/virtualMachines@2021-07-01 | -| sample.bicep:77:15:77:31 | String | Standard_DS1_v2 | -| sample.bicep:86:20:86:30 | String | Canonical | -| sample.bicep:87:16:87:29 | String | UbuntuServer | -| sample.bicep:88:14:88:24 | String | 18.04-LTS | -| sample.bicep:89:18:89:25 | String | latest | -| sample.bicep:92:23:92:33 | String | FromImage | -ifCondition -| conditions.bicep:4:74:12:1 | IfStatement | conditions.bicep:4:77:4:98 | ParenthesizedExpression | conditions.bicep:4:100:12:1 | Object | diff --git a/ql/test/library-tests/ast/Variables.expected b/ql/test/library-tests/ast/Variables.expected deleted file mode 100644 index 537c5b1..0000000 --- a/ql/test/library-tests/ast/Variables.expected +++ /dev/null @@ -1,150 +0,0 @@ -variables -| conditions.bicep:1:1:1:39 | Variable[enableStorageAccount] | -| conditions.bicep:2:1:2:54 | Variable[storageAccountName] | -| conditions.bicep:4:1:12:1 | Variable[storageAccount] | -| data.bicep:2:1:6:1 | Variable[multiLineArray] | -| data.bicep:8:1:8:43 | Variable[singleLineArray] | -| data.bicep:10:1:11:10 | Variable[mixedArray] | -| data.bicep:13:1:13:28 | Variable[exampleArray] | -| data.bicep:14:1:14:41 | Variable[firstElement] | -| data.bicep:15:1:15:41 | Variable[thirdElement] | -| data.bicep:17:1:17:13 | Variable[index] | -| data.bicep:18:1:18:46 | Variable[secondElement] | -| data.bicep:21:1:21:29 | Variable[exampleBool] | -| data.bicep:24:1:24:24 | Variable[exampleInt] | -| data.bicep:27:1:27:92 | Variable[singleLineObject] | -| data.bicep:29:1:34:1 | Variable[multiLineObject] | -| data.bicep:36:1:37:12 | Variable[mixedObject] | -| data.bicep:41:1:41:25 | Variable[myVar] | -| data.bicep:43:1:43:62 | Variable[storageName] | -| data.bicep:46:1:46:24 | Variable[myVar] | -| data.bicep:49:1:50:9 | Variable[myVar2] | -| data.bicep:53:1:55:3 | Variable[myVar3] | -| data.bicep:58:1:62:3 | Variable[myVar4] | -| sample.bicep:1:1:1:48 | Variable[location] | -| sample.bicep:2:1:2:80 | Variable[storageAccountName] | -| sample.bicep:3:1:3:28 | Variable[vmName] | -| sample.bicep:4:1:4:40 | Variable[adminUsername] | -| sample.bicep:5:1:5:43 | Variable[adminPassword] | -| sample.bicep:6:1:6:32 | Variable[vnetName] | -| sample.bicep:7:1:7:36 | Variable[subnetName] | -| sample.bicep:8:1:8:40 | Variable[publicIpName] | -| sample.bicep:9:1:9:30 | Variable[nicName] | -| sample.bicep:11:1:21:1 | Variable[storageAccount] | -| sample.bicep:23:1:41:1 | Variable[vnet] | -| sample.bicep:43:1:49:1 | Variable[publicIp] | -| sample.bicep:51:1:70:1 | Variable[nic] | -| sample.bicep:72:1:103:1 | Variable[vm] | -variableAccess -| conditions.bicep:1:1:1:39 | Variable[enableStorageAccount] | conditions.bicep:1:7:1:26 | VariableAccess[enableStorageAccount] | -| conditions.bicep:1:1:1:39 | Variable[enableStorageAccount] | conditions.bicep:4:78:4:97 | VariableAccess[enableStorageAccount] | -| conditions.bicep:2:1:2:54 | Variable[storageAccountName] | conditions.bicep:2:7:2:24 | VariableAccess[storageAccountName] | -| conditions.bicep:2:1:2:54 | Variable[storageAccountName] | conditions.bicep:5:9:5:26 | VariableAccess[storageAccountName] | -| conditions.bicep:4:1:12:1 | Variable[storageAccount] | conditions.bicep:4:10:4:23 | VariableAccess[storageAccount] | -| data.bicep:13:1:13:28 | Variable[exampleArray] | data.bicep:14:27:14:38 | VariableAccess[exampleArray] | -| data.bicep:13:1:13:28 | Variable[exampleArray] | data.bicep:15:27:15:38 | VariableAccess[exampleArray] | -| data.bicep:13:1:13:28 | Variable[exampleArray] | data.bicep:18:28:18:39 | VariableAccess[exampleArray] | -| data.bicep:14:1:14:41 | Variable[firstElement] | data.bicep:14:8:14:19 | VariableAccess[firstElement] | -| data.bicep:15:1:15:41 | Variable[thirdElement] | data.bicep:15:8:15:19 | VariableAccess[thirdElement] | -| data.bicep:17:1:17:13 | Variable[index] | data.bicep:18:41:18:45 | VariableAccess[index] | -| data.bicep:18:1:18:46 | Variable[secondElement] | data.bicep:18:8:18:20 | VariableAccess[secondElement] | -| data.bicep:21:1:21:29 | Variable[exampleBool] | data.bicep:21:7:21:17 | VariableAccess[exampleBool] | -| data.bicep:24:1:24:24 | Variable[exampleInt] | data.bicep:24:7:24:16 | VariableAccess[exampleInt] | -| data.bicep:27:1:27:92 | Variable[singleLineObject] | data.bicep:27:7:27:22 | VariableAccess[singleLineObject] | -| data.bicep:29:1:34:1 | Variable[multiLineObject] | data.bicep:29:7:29:21 | VariableAccess[multiLineObject] | -| data.bicep:36:1:37:12 | Variable[mixedObject] | data.bicep:36:7:36:17 | VariableAccess[mixedObject] | -| sample.bicep:1:1:1:48 | Variable[location] | sample.bicep:1:7:1:14 | VariableAccess[location] | -| sample.bicep:1:1:1:48 | Variable[location] | sample.bicep:13:3:13:10 | VariableAccess[location] | -| sample.bicep:1:1:1:48 | Variable[location] | sample.bicep:13:13:13:20 | VariableAccess[location] | -| sample.bicep:1:1:1:48 | Variable[location] | sample.bicep:25:3:25:10 | VariableAccess[location] | -| sample.bicep:1:1:1:48 | Variable[location] | sample.bicep:25:13:25:20 | VariableAccess[location] | -| sample.bicep:1:1:1:48 | Variable[location] | sample.bicep:45:3:45:10 | VariableAccess[location] | -| sample.bicep:1:1:1:48 | Variable[location] | sample.bicep:45:13:45:20 | VariableAccess[location] | -| sample.bicep:1:1:1:48 | Variable[location] | sample.bicep:53:3:53:10 | VariableAccess[location] | -| sample.bicep:1:1:1:48 | Variable[location] | sample.bicep:53:13:53:20 | VariableAccess[location] | -| sample.bicep:1:1:1:48 | Variable[location] | sample.bicep:74:3:74:10 | VariableAccess[location] | -| sample.bicep:1:1:1:48 | Variable[location] | sample.bicep:74:13:74:20 | VariableAccess[location] | -| sample.bicep:2:1:2:80 | Variable[storageAccountName] | sample.bicep:2:7:2:24 | VariableAccess[storageAccountName] | -| sample.bicep:2:1:2:80 | Variable[storageAccountName] | sample.bicep:12:9:12:26 | VariableAccess[storageAccountName] | -| sample.bicep:3:1:3:28 | Variable[vmName] | sample.bicep:3:7:3:12 | VariableAccess[vmName] | -| sample.bicep:3:1:3:28 | Variable[vmName] | sample.bicep:73:9:73:14 | VariableAccess[vmName] | -| sample.bicep:3:1:3:28 | Variable[vmName] | sample.bicep:80:21:80:26 | VariableAccess[vmName] | -| sample.bicep:4:1:4:40 | Variable[adminUsername] | sample.bicep:4:7:4:19 | VariableAccess[adminUsername] | -| sample.bicep:4:1:4:40 | Variable[adminUsername] | sample.bicep:81:7:81:19 | VariableAccess[adminUsername] | -| sample.bicep:4:1:4:40 | Variable[adminUsername] | sample.bicep:81:22:81:34 | VariableAccess[adminUsername] | -| sample.bicep:5:1:5:43 | Variable[adminPassword] | sample.bicep:5:7:5:19 | VariableAccess[adminPassword] | -| sample.bicep:5:1:5:43 | Variable[adminPassword] | sample.bicep:82:7:82:19 | VariableAccess[adminPassword] | -| sample.bicep:5:1:5:43 | Variable[adminPassword] | sample.bicep:82:22:82:34 | VariableAccess[adminPassword] | -| sample.bicep:6:1:6:32 | Variable[vnetName] | sample.bicep:6:7:6:14 | VariableAccess[vnetName] | -| sample.bicep:6:1:6:32 | Variable[vnetName] | sample.bicep:24:9:24:16 | VariableAccess[vnetName] | -| sample.bicep:7:1:7:36 | Variable[subnetName] | sample.bicep:7:7:7:16 | VariableAccess[subnetName] | -| sample.bicep:7:1:7:36 | Variable[subnetName] | sample.bicep:34:15:34:24 | VariableAccess[subnetName] | -| sample.bicep:8:1:8:40 | Variable[publicIpName] | sample.bicep:8:7:8:18 | VariableAccess[publicIpName] | -| sample.bicep:8:1:8:40 | Variable[publicIpName] | sample.bicep:44:9:44:20 | VariableAccess[publicIpName] | -| sample.bicep:9:1:9:30 | Variable[nicName] | sample.bicep:9:7:9:13 | VariableAccess[nicName] | -| sample.bicep:9:1:9:30 | Variable[nicName] | sample.bicep:52:9:52:15 | VariableAccess[nicName] | -| sample.bicep:11:1:21:1 | Variable[storageAccount] | sample.bicep:11:10:11:23 | VariableAccess[storageAccount] | -| sample.bicep:23:1:41:1 | Variable[vnet] | sample.bicep:23:10:23:13 | VariableAccess[vnet] | -| sample.bicep:23:1:41:1 | Variable[vnet] | sample.bicep:60:17:60:20 | VariableAccess[vnet] | -| sample.bicep:43:1:49:1 | Variable[publicIp] | sample.bicep:43:10:43:17 | VariableAccess[publicIp] | -| sample.bicep:43:1:49:1 | Variable[publicIp] | sample.bicep:64:17:64:24 | VariableAccess[publicIp] | -| sample.bicep:51:1:70:1 | Variable[nic] | sample.bicep:51:10:51:12 | VariableAccess[nic] | -| sample.bicep:51:1:70:1 | Variable[nic] | sample.bicep:98:15:98:17 | VariableAccess[nic] | -| sample.bicep:72:1:103:1 | Variable[vm] | sample.bicep:72:10:72:11 | VariableAccess[vm] | -variableRead -| conditions.bicep:4:78:4:97 | VariableAccess[enableStorageAccount] | -| conditions.bicep:5:9:5:26 | VariableAccess[storageAccountName] | -| data.bicep:14:27:14:38 | VariableAccess[exampleArray] | -| data.bicep:15:27:15:38 | VariableAccess[exampleArray] | -| data.bicep:18:28:18:39 | VariableAccess[exampleArray] | -| data.bicep:18:41:18:45 | VariableAccess[index] | -| sample.bicep:12:9:12:26 | VariableAccess[storageAccountName] | -| sample.bicep:13:3:13:10 | VariableAccess[location] | -| sample.bicep:13:13:13:20 | VariableAccess[location] | -| sample.bicep:24:9:24:16 | VariableAccess[vnetName] | -| sample.bicep:25:3:25:10 | VariableAccess[location] | -| sample.bicep:25:13:25:20 | VariableAccess[location] | -| sample.bicep:34:15:34:24 | VariableAccess[subnetName] | -| sample.bicep:44:9:44:20 | VariableAccess[publicIpName] | -| sample.bicep:45:3:45:10 | VariableAccess[location] | -| sample.bicep:45:13:45:20 | VariableAccess[location] | -| sample.bicep:52:9:52:15 | VariableAccess[nicName] | -| sample.bicep:53:3:53:10 | VariableAccess[location] | -| sample.bicep:53:13:53:20 | VariableAccess[location] | -| sample.bicep:60:17:60:20 | VariableAccess[vnet] | -| sample.bicep:64:17:64:24 | VariableAccess[publicIp] | -| sample.bicep:73:9:73:14 | VariableAccess[vmName] | -| sample.bicep:74:3:74:10 | VariableAccess[location] | -| sample.bicep:74:13:74:20 | VariableAccess[location] | -| sample.bicep:80:21:80:26 | VariableAccess[vmName] | -| sample.bicep:81:7:81:19 | VariableAccess[adminUsername] | -| sample.bicep:81:22:81:34 | VariableAccess[adminUsername] | -| sample.bicep:82:7:82:19 | VariableAccess[adminPassword] | -| sample.bicep:82:22:82:34 | VariableAccess[adminPassword] | -| sample.bicep:98:15:98:17 | VariableAccess[nic] | -variableWrite -| conditions.bicep:1:7:1:26 | VariableAccess[enableStorageAccount] | -| conditions.bicep:2:7:2:24 | VariableAccess[storageAccountName] | -| conditions.bicep:4:10:4:23 | VariableAccess[storageAccount] | -| data.bicep:14:8:14:19 | VariableAccess[firstElement] | -| data.bicep:15:8:15:19 | VariableAccess[thirdElement] | -| data.bicep:18:8:18:20 | VariableAccess[secondElement] | -| data.bicep:21:7:21:17 | VariableAccess[exampleBool] | -| data.bicep:24:7:24:16 | VariableAccess[exampleInt] | -| data.bicep:27:7:27:22 | VariableAccess[singleLineObject] | -| data.bicep:29:7:29:21 | VariableAccess[multiLineObject] | -| data.bicep:36:7:36:17 | VariableAccess[mixedObject] | -| sample.bicep:1:7:1:14 | VariableAccess[location] | -| sample.bicep:2:7:2:24 | VariableAccess[storageAccountName] | -| sample.bicep:3:7:3:12 | VariableAccess[vmName] | -| sample.bicep:4:7:4:19 | VariableAccess[adminUsername] | -| sample.bicep:5:7:5:19 | VariableAccess[adminPassword] | -| sample.bicep:6:7:6:14 | VariableAccess[vnetName] | -| sample.bicep:7:7:7:16 | VariableAccess[subnetName] | -| sample.bicep:8:7:8:18 | VariableAccess[publicIpName] | -| sample.bicep:9:7:9:13 | VariableAccess[nicName] | -| sample.bicep:11:10:11:23 | VariableAccess[storageAccount] | -| sample.bicep:23:10:23:13 | VariableAccess[vnet] | -| sample.bicep:43:10:43:17 | VariableAccess[publicIp] | -| sample.bicep:51:10:51:12 | VariableAccess[nic] | -| sample.bicep:72:10:72:11 | VariableAccess[vm] | diff --git a/ql/test/library-tests/ast/basic/AST.expected b/ql/test/library-tests/ast/basic/AST.expected new file mode 100644 index 0000000..c3579dd --- /dev/null +++ b/ql/test/library-tests/ast/basic/AST.expected @@ -0,0 +1,315 @@ +ast +| sample.bicep:1:1:1:48 | ParameterDeclaration | +| sample.bicep:1:1:103:1 | Infrastructure | +| sample.bicep:1:7:1:14 | location | +| sample.bicep:1:16:1:21 | Type | +| sample.bicep:1:16:1:21 | string | +| sample.bicep:1:25:1:37 | resourceGroup | +| sample.bicep:1:25:1:39 | CallExpression | +| sample.bicep:1:25:1:48 | MemberExpression | +| sample.bicep:1:38:1:39 | Arguments | +| sample.bicep:1:41:1:48 | location | +| sample.bicep:2:1:2:80 | ParameterDeclaration | +| sample.bicep:2:7:2:24 | storageAccountName | +| sample.bicep:2:26:2:31 | Type | +| sample.bicep:2:26:2:31 | string | +| sample.bicep:2:35:2:80 | String | +| sample.bicep:2:36:2:44 | toylaunch | +| sample.bicep:2:45:2:79 | Interpolation | +| sample.bicep:2:47:2:58 | uniqueString | +| sample.bicep:2:47:2:78 | CallExpression | +| sample.bicep:2:59:2:78 | Arguments | +| sample.bicep:2:60:2:72 | resourceGroup | +| sample.bicep:2:60:2:74 | CallExpression | +| sample.bicep:2:60:2:77 | MemberExpression | +| sample.bicep:2:73:2:74 | Arguments | +| sample.bicep:2:76:2:77 | id | +| sample.bicep:3:1:3:28 | ParameterDeclaration | +| sample.bicep:3:7:3:12 | vmName | +| sample.bicep:3:14:3:19 | Type | +| sample.bicep:3:14:3:19 | string | +| sample.bicep:3:23:3:28 | String | +| sample.bicep:3:24:3:27 | myVM | +| sample.bicep:4:1:4:40 | ParameterDeclaration | +| sample.bicep:4:7:4:19 | adminUsername | +| sample.bicep:4:21:4:26 | Type | +| sample.bicep:4:21:4:26 | string | +| sample.bicep:4:30:4:40 | String | +| sample.bicep:4:31:4:39 | azureuser | +| sample.bicep:5:1:5:43 | ParameterDeclaration | +| sample.bicep:5:7:5:19 | adminPassword | +| sample.bicep:5:21:5:26 | Type | +| sample.bicep:5:21:5:26 | string | +| sample.bicep:5:30:5:43 | String | +| sample.bicep:5:31:5:42 | P@ssw0rd123! | +| sample.bicep:6:1:6:32 | ParameterDeclaration | +| sample.bicep:6:7:6:14 | vnetName | +| sample.bicep:6:16:6:21 | Type | +| sample.bicep:6:16:6:21 | string | +| sample.bicep:6:25:6:32 | String | +| sample.bicep:6:26:6:31 | myVnet | +| sample.bicep:7:1:7:36 | ParameterDeclaration | +| sample.bicep:7:7:7:16 | subnetName | +| sample.bicep:7:18:7:23 | Type | +| sample.bicep:7:18:7:23 | string | +| sample.bicep:7:27:7:36 | String | +| sample.bicep:7:28:7:35 | mySubnet | +| sample.bicep:8:1:8:40 | ParameterDeclaration | +| sample.bicep:8:7:8:18 | publicIpName | +| sample.bicep:8:20:8:25 | Type | +| sample.bicep:8:20:8:25 | string | +| sample.bicep:8:29:8:40 | String | +| sample.bicep:8:30:8:39 | myPublicIP | +| sample.bicep:9:1:9:30 | ParameterDeclaration | +| sample.bicep:9:7:9:13 | nicName | +| sample.bicep:9:15:9:20 | Type | +| sample.bicep:9:15:9:20 | string | +| sample.bicep:9:24:9:30 | String | +| sample.bicep:9:25:9:29 | myNIC | +| sample.bicep:11:1:21:1 | ResourceDeclaration | +| sample.bicep:11:10:11:23 | storageAccount | +| sample.bicep:11:25:11:70 | String | +| sample.bicep:11:26:11:69 | Microsoft.Storage/storageAccounts@2021-06-01 | +| sample.bicep:11:74:21:1 | Object | +| sample.bicep:12:3:12:6 | name | +| sample.bicep:12:3:12:26 | ObjectProperty | +| sample.bicep:12:9:12:26 | storageAccountName | +| sample.bicep:13:3:13:10 | location | +| sample.bicep:13:3:13:20 | ObjectProperty | +| sample.bicep:13:13:13:20 | location | +| sample.bicep:14:3:14:5 | sku | +| sample.bicep:14:3:16:3 | ObjectProperty | +| sample.bicep:14:8:16:3 | SKU | +| sample.bicep:15:5:15:8 | name | +| sample.bicep:15:5:15:24 | ObjectProperty | +| sample.bicep:15:11:15:24 | String | +| sample.bicep:15:12:15:23 | Standard_LRS | +| sample.bicep:17:3:17:6 | kind | +| sample.bicep:17:3:17:19 | ObjectProperty | +| sample.bicep:17:9:17:19 | String | +| sample.bicep:17:10:17:18 | StorageV2 | +| sample.bicep:18:3:18:12 | properties | +| sample.bicep:18:3:20:3 | ObjectProperty | +| sample.bicep:18:15:20:3 | (no string representation) | +| sample.bicep:19:5:19:14 | accessTier | +| sample.bicep:19:5:19:21 | ObjectProperty | +| sample.bicep:19:17:19:21 | String | +| sample.bicep:19:18:19:20 | Hot | +| sample.bicep:23:1:41:1 | ResourceDeclaration | +| sample.bicep:23:10:23:13 | vnet | +| sample.bicep:23:15:23:60 | String | +| sample.bicep:23:16:23:59 | Microsoft.Network/virtualNetworks@2021-05-01 | +| sample.bicep:23:64:41:1 | Object | +| sample.bicep:24:3:24:6 | name | +| sample.bicep:24:3:24:16 | ObjectProperty | +| sample.bicep:24:9:24:16 | vnetName | +| sample.bicep:25:3:25:10 | location | +| sample.bicep:25:3:25:20 | ObjectProperty | +| sample.bicep:25:13:25:20 | location | +| sample.bicep:26:3:26:12 | properties | +| sample.bicep:26:3:40:3 | ObjectProperty | +| sample.bicep:26:15:40:3 | Object | +| sample.bicep:27:5:27:16 | addressSpace | +| sample.bicep:27:5:31:5 | ObjectProperty | +| sample.bicep:27:19:31:5 | Object | +| sample.bicep:28:7:28:21 | addressPrefixes | +| sample.bicep:28:7:30:7 | ObjectProperty | +| sample.bicep:28:24:30:7 | Array | +| sample.bicep:29:9:29:21 | String | +| sample.bicep:29:10:29:20 | 10.0.0.0/16 | +| sample.bicep:32:5:32:11 | subnets | +| sample.bicep:32:5:39:5 | ObjectProperty | +| sample.bicep:32:14:39:5 | Array | +| sample.bicep:33:7:38:7 | Object | +| sample.bicep:34:9:34:12 | name | +| sample.bicep:34:9:34:24 | ObjectProperty | +| sample.bicep:34:15:34:24 | subnetName | +| sample.bicep:35:9:35:18 | properties | +| sample.bicep:35:9:37:9 | ObjectProperty | +| sample.bicep:35:21:37:9 | Object | +| sample.bicep:36:11:36:23 | addressPrefix | +| sample.bicep:36:11:36:38 | ObjectProperty | +| sample.bicep:36:26:36:38 | String | +| sample.bicep:36:27:36:37 | 10.0.0.0/24 | +| sample.bicep:43:1:49:1 | ResourceDeclaration | +| sample.bicep:43:10:43:17 | publicIp | +| sample.bicep:43:19:43:66 | String | +| sample.bicep:43:20:43:65 | Microsoft.Network/publicIPAddresses@2021-05-01 | +| sample.bicep:43:70:49:1 | Object | +| sample.bicep:44:3:44:6 | name | +| sample.bicep:44:3:44:20 | ObjectProperty | +| sample.bicep:44:9:44:20 | publicIpName | +| sample.bicep:45:3:45:10 | location | +| sample.bicep:45:3:45:20 | ObjectProperty | +| sample.bicep:45:13:45:20 | location | +| sample.bicep:46:3:46:12 | properties | +| sample.bicep:46:3:48:3 | ObjectProperty | +| sample.bicep:46:15:48:3 | Object | +| sample.bicep:47:5:47:28 | publicIPAllocationMethod | +| sample.bicep:47:5:47:39 | ObjectProperty | +| sample.bicep:47:31:47:39 | String | +| sample.bicep:47:32:47:38 | Dynamic | +| sample.bicep:51:1:70:1 | ResourceDeclaration | +| sample.bicep:51:10:51:12 | nic | +| sample.bicep:51:14:51:61 | String | +| sample.bicep:51:15:51:60 | Microsoft.Network/networkInterfaces@2021-05-01 | +| sample.bicep:51:65:70:1 | Object | +| sample.bicep:52:3:52:6 | name | +| sample.bicep:52:3:52:15 | ObjectProperty | +| sample.bicep:52:9:52:15 | nicName | +| sample.bicep:53:3:53:10 | location | +| sample.bicep:53:3:53:20 | ObjectProperty | +| sample.bicep:53:13:53:20 | location | +| sample.bicep:54:3:54:12 | properties | +| sample.bicep:54:3:69:3 | ObjectProperty | +| sample.bicep:54:15:69:3 | Object | +| sample.bicep:55:5:55:20 | ipConfigurations | +| sample.bicep:55:5:68:5 | ObjectProperty | +| sample.bicep:55:23:68:5 | Array | +| sample.bicep:56:7:67:7 | Object | +| sample.bicep:57:9:57:12 | name | +| sample.bicep:57:9:57:25 | ObjectProperty | +| sample.bicep:57:15:57:25 | String | +| sample.bicep:57:16:57:24 | ipconfig1 | +| sample.bicep:58:9:58:18 | properties | +| sample.bicep:58:9:66:9 | ObjectProperty | +| sample.bicep:58:21:66:9 | Object | +| sample.bicep:59:11:59:16 | subnet | +| sample.bicep:59:11:61:11 | ObjectProperty | +| sample.bicep:59:19:61:11 | Object | +| sample.bicep:60:13:60:14 | id | +| sample.bicep:60:13:60:45 | ObjectProperty | +| sample.bicep:60:17:60:20 | vnet | +| sample.bicep:60:17:60:31 | MemberExpression | +| sample.bicep:60:17:60:39 | MemberExpression | +| sample.bicep:60:17:60:42 | SubscriptExpression | +| sample.bicep:60:17:60:45 | MemberExpression | +| sample.bicep:60:22:60:31 | properties | +| sample.bicep:60:33:60:39 | subnets | +| sample.bicep:60:41:60:41 | 0 | +| sample.bicep:60:44:60:45 | id | +| sample.bicep:62:11:62:35 | privateIPAllocationMethod | +| sample.bicep:62:11:62:46 | ObjectProperty | +| sample.bicep:62:38:62:46 | String | +| sample.bicep:62:39:62:45 | Dynamic | +| sample.bicep:63:11:63:25 | publicIPAddress | +| sample.bicep:63:11:65:11 | ObjectProperty | +| sample.bicep:63:28:65:11 | Object | +| sample.bicep:64:13:64:14 | id | +| sample.bicep:64:13:64:27 | ObjectProperty | +| sample.bicep:64:17:64:24 | publicIp | +| sample.bicep:64:17:64:27 | MemberExpression | +| sample.bicep:64:26:64:27 | id | +| sample.bicep:72:1:103:1 | ResourceDeclaration | +| sample.bicep:72:10:72:11 | vm | +| sample.bicep:72:13:72:58 | String | +| sample.bicep:72:14:72:57 | Microsoft.Compute/virtualMachines@2021-07-01 | +| sample.bicep:72:62:103:1 | Object | +| sample.bicep:73:3:73:6 | name | +| sample.bicep:73:3:73:14 | ObjectProperty | +| sample.bicep:73:9:73:14 | vmName | +| sample.bicep:74:3:74:10 | location | +| sample.bicep:74:3:74:20 | ObjectProperty | +| sample.bicep:74:13:74:20 | location | +| sample.bicep:75:3:75:12 | properties | +| sample.bicep:75:3:102:3 | ObjectProperty | +| sample.bicep:75:15:102:3 | (no string representation) | +| sample.bicep:76:5:76:19 | hardwareProfile | +| sample.bicep:76:5:78:5 | ObjectProperty | +| sample.bicep:76:22:78:5 | HardwareProfile | +| sample.bicep:77:7:77:12 | vmSize | +| sample.bicep:77:7:77:31 | ObjectProperty | +| sample.bicep:77:15:77:31 | String | +| sample.bicep:77:16:77:30 | Standard_DS1_v2 | +| sample.bicep:79:5:79:13 | osProfile | +| sample.bicep:79:5:83:5 | ObjectProperty | +| sample.bicep:79:16:83:5 | OsProfile[general] | +| sample.bicep:80:7:80:18 | computerName | +| sample.bicep:80:7:80:26 | ObjectProperty | +| sample.bicep:80:21:80:26 | vmName | +| sample.bicep:81:7:81:19 | adminUsername | +| sample.bicep:81:7:81:34 | ObjectProperty | +| sample.bicep:81:22:81:34 | adminUsername | +| sample.bicep:82:7:82:19 | adminPassword | +| sample.bicep:82:7:82:34 | ObjectProperty | +| sample.bicep:82:22:82:34 | adminPassword | +| sample.bicep:84:5:84:18 | storageProfile | +| sample.bicep:84:5:94:5 | ObjectProperty | +| sample.bicep:84:21:94:5 | StorageProfile | +| sample.bicep:85:7:85:20 | imageReference | +| sample.bicep:85:7:90:7 | ObjectProperty | +| sample.bicep:85:23:90:7 | Object | +| sample.bicep:86:9:86:17 | publisher | +| sample.bicep:86:9:86:30 | ObjectProperty | +| sample.bicep:86:20:86:30 | String | +| sample.bicep:86:21:86:29 | Canonical | +| sample.bicep:87:9:87:13 | offer | +| sample.bicep:87:9:87:29 | ObjectProperty | +| sample.bicep:87:16:87:29 | String | +| sample.bicep:87:17:87:28 | UbuntuServer | +| sample.bicep:88:9:88:11 | sku | +| sample.bicep:88:9:88:24 | ObjectProperty | +| sample.bicep:88:14:88:24 | String | +| sample.bicep:88:15:88:23 | 18.04-LTS | +| sample.bicep:89:9:89:15 | version | +| sample.bicep:89:9:89:25 | ObjectProperty | +| sample.bicep:89:18:89:25 | String | +| sample.bicep:89:19:89:24 | latest | +| sample.bicep:91:7:91:12 | osDisk | +| sample.bicep:91:7:93:7 | ObjectProperty | +| sample.bicep:91:15:93:7 | Object | +| sample.bicep:92:9:92:20 | createOption | +| sample.bicep:92:9:92:33 | ObjectProperty | +| sample.bicep:92:23:92:33 | String | +| sample.bicep:92:24:92:32 | FromImage | +| sample.bicep:95:5:95:18 | networkProfile | +| sample.bicep:95:5:101:5 | ObjectProperty | +| sample.bicep:95:21:101:5 | NetworkProfile | +| sample.bicep:96:7:96:23 | networkInterfaces | +| sample.bicep:96:7:100:7 | ObjectProperty | +| sample.bicep:96:26:100:7 | Array | +| sample.bicep:97:9:99:9 | Object | +| sample.bicep:98:11:98:12 | id | +| sample.bicep:98:11:98:20 | ObjectProperty | +| sample.bicep:98:15:98:17 | nic | +| sample.bicep:98:15:98:20 | MemberExpression | +| sample.bicep:98:19:98:20 | id | +infra +| sample.bicep:1:1:103:1 | Infrastructure | 0 | sample.bicep:1:1:1:48 | ParameterDeclaration | +| sample.bicep:1:1:103:1 | Infrastructure | 1 | sample.bicep:2:1:2:80 | ParameterDeclaration | +| sample.bicep:1:1:103:1 | Infrastructure | 2 | sample.bicep:3:1:3:28 | ParameterDeclaration | +| sample.bicep:1:1:103:1 | Infrastructure | 3 | sample.bicep:4:1:4:40 | ParameterDeclaration | +| sample.bicep:1:1:103:1 | Infrastructure | 4 | sample.bicep:5:1:5:43 | ParameterDeclaration | +| sample.bicep:1:1:103:1 | Infrastructure | 5 | sample.bicep:6:1:6:32 | ParameterDeclaration | +| sample.bicep:1:1:103:1 | Infrastructure | 6 | sample.bicep:7:1:7:36 | ParameterDeclaration | +| sample.bicep:1:1:103:1 | Infrastructure | 7 | sample.bicep:8:1:8:40 | ParameterDeclaration | +| sample.bicep:1:1:103:1 | Infrastructure | 8 | sample.bicep:9:1:9:30 | ParameterDeclaration | +strings +| sample.bicep:2:35:2:80 | String | Interpolation | +| sample.bicep:2:35:2:80 | String | toylaunch | +| sample.bicep:3:23:3:28 | String | myVM | +| sample.bicep:4:30:4:40 | String | azureuser | +| sample.bicep:5:30:5:43 | String | P@ssw0rd123! | +| sample.bicep:6:25:6:32 | String | myVnet | +| sample.bicep:7:27:7:36 | String | mySubnet | +| sample.bicep:8:29:8:40 | String | myPublicIP | +| sample.bicep:9:24:9:30 | String | myNIC | +| sample.bicep:11:25:11:70 | String | Microsoft.Storage/storageAccounts@2021-06-01 | +| sample.bicep:15:11:15:24 | String | Standard_LRS | +| sample.bicep:17:9:17:19 | String | StorageV2 | +| sample.bicep:19:17:19:21 | String | Hot | +| sample.bicep:23:15:23:60 | String | Microsoft.Network/virtualNetworks@2021-05-01 | +| sample.bicep:29:9:29:21 | String | 10.0.0.0/16 | +| sample.bicep:36:26:36:38 | String | 10.0.0.0/24 | +| sample.bicep:43:19:43:66 | String | Microsoft.Network/publicIPAddresses@2021-05-01 | +| sample.bicep:47:31:47:39 | String | Dynamic | +| sample.bicep:51:14:51:61 | String | Microsoft.Network/networkInterfaces@2021-05-01 | +| sample.bicep:57:15:57:25 | String | ipconfig1 | +| sample.bicep:62:38:62:46 | String | Dynamic | +| sample.bicep:72:13:72:58 | String | Microsoft.Compute/virtualMachines@2021-07-01 | +| sample.bicep:77:15:77:31 | String | Standard_DS1_v2 | +| sample.bicep:86:20:86:30 | String | Canonical | +| sample.bicep:87:16:87:29 | String | UbuntuServer | +| sample.bicep:88:14:88:24 | String | 18.04-LTS | +| sample.bicep:89:18:89:25 | String | latest | +| sample.bicep:92:23:92:33 | String | FromImage | diff --git a/ql/test/library-tests/ast/AST.ql b/ql/test/library-tests/ast/basic/AST.ql similarity index 54% rename from ql/test/library-tests/ast/AST.ql rename to ql/test/library-tests/ast/basic/AST.ql index 95d60df..2854b06 100644 --- a/ql/test/library-tests/ast/AST.ql +++ b/ql/test/library-tests/ast/basic/AST.ql @@ -3,12 +3,7 @@ private import bicep query predicate ast(AstNode ast) { any() } query predicate infra(Infrastructure infra, int index, Stmts stmts) { - stmts = infra.getStatement(index) + stmts = infra.getStmt(index) } query predicate strings(String str, string output) { output = str.getValue() } - -query predicate ifCondition(IfStatement ifStmt, Expr condition, Expr body) { - ifStmt.getCondition() = condition and - ifStmt.getBody() = body -} diff --git a/ql/test/library-tests/ast/sample.bicep b/ql/test/library-tests/ast/basic/sample.bicep similarity index 100% rename from ql/test/library-tests/ast/sample.bicep rename to ql/test/library-tests/ast/basic/sample.bicep diff --git a/ql/test/library-tests/ast/calls/Calls.expected b/ql/test/library-tests/ast/calls/Calls.expected new file mode 100644 index 0000000..670eb4e --- /dev/null +++ b/ql/test/library-tests/ast/calls/Calls.expected @@ -0,0 +1,22 @@ +call +| calls.bicep:1:32:1:63 | CallExpression | +| calls.bicep:1:45:1:59 | CallExpression | +| calls.bicep:4:111:4:121 | CallExpression | +| calls.bicep:22:26:22:65 | CallExpression | +| calls.bicep:23:30:23:82 | CallExpression | +| calls.bicep:23:62:23:81 | CallExpression | +| calls.bicep:24:32:24:53 | CallExpression | +| calls.bicep:25:26:25:42 | CallExpression | +| calls.bicep:26:29:26:48 | CallExpression | +callArguments +| calls.bicep:1:32:1:63 | CallExpression | calls.bicep:1:45:1:62 | MemberExpression | +| calls.bicep:4:111:4:121 | CallExpression | calls.bicep:4:117:4:120 | path | +| calls.bicep:22:26:22:65 | CallExpression | calls.bicep:22:35:22:38 | true | +| calls.bicep:22:26:22:65 | CallExpression | calls.bicep:22:41:22:55 | String | +| calls.bicep:22:26:22:65 | CallExpression | calls.bicep:22:58:22:64 | String | +| calls.bicep:23:30:23:82 | CallExpression | calls.bicep:23:34:23:51 | Array | +| calls.bicep:23:30:23:82 | CallExpression | calls.bicep:23:54:23:81 | LambdaExpression | +| calls.bicep:23:62:23:81 | CallExpression | calls.bicep:23:77:23:80 | name | +| calls.bicep:24:32:24:53 | CallExpression | calls.bicep:24:47:24:52 | String | +| calls.bicep:25:26:25:42 | CallExpression | calls.bicep:25:36:25:41 | String | +| calls.bicep:26:29:26:48 | CallExpression | calls.bicep:26:42:26:47 | String | diff --git a/ql/test/library-tests/calls/Calls.ql b/ql/test/library-tests/ast/calls/Calls.ql similarity index 100% rename from ql/test/library-tests/calls/Calls.ql rename to ql/test/library-tests/ast/calls/Calls.ql diff --git a/ql/test/library-tests/calls/Functions.expected b/ql/test/library-tests/ast/calls/Functions.expected similarity index 100% rename from ql/test/library-tests/calls/Functions.expected rename to ql/test/library-tests/ast/calls/Functions.expected diff --git a/ql/test/library-tests/calls/Functions.ql b/ql/test/library-tests/ast/calls/Functions.ql similarity index 100% rename from ql/test/library-tests/calls/Functions.ql rename to ql/test/library-tests/ast/calls/Functions.ql diff --git a/ql/test/library-tests/calls/Parameters.expected b/ql/test/library-tests/ast/calls/Parameters.expected similarity index 100% rename from ql/test/library-tests/calls/Parameters.expected rename to ql/test/library-tests/ast/calls/Parameters.expected diff --git a/ql/test/library-tests/calls/Parameters.ql b/ql/test/library-tests/ast/calls/Parameters.ql similarity index 100% rename from ql/test/library-tests/calls/Parameters.ql rename to ql/test/library-tests/ast/calls/Parameters.ql diff --git a/ql/test/library-tests/calls/calls.bicep b/ql/test/library-tests/ast/calls/calls.bicep similarity index 100% rename from ql/test/library-tests/calls/calls.bicep rename to ql/test/library-tests/ast/calls/calls.bicep diff --git a/ql/test/library-tests/ast/conditionals/Conditionals.expected b/ql/test/library-tests/ast/conditionals/Conditionals.expected new file mode 100644 index 0000000..b8483b7 --- /dev/null +++ b/ql/test/library-tests/ast/conditionals/Conditionals.expected @@ -0,0 +1,4 @@ +conditional +| conditions.bicep:4:74:12:1 | IfStatement | +ifCondition +| conditions.bicep:4:74:12:1 | IfStatement | conditions.bicep:4:77:4:98 | ParenthesizedExpression | conditions.bicep:4:100:12:1 | Object | diff --git a/ql/test/library-tests/ast/conditionals/Conditionals.ql b/ql/test/library-tests/ast/conditionals/Conditionals.ql new file mode 100644 index 0000000..0db4106 --- /dev/null +++ b/ql/test/library-tests/ast/conditionals/Conditionals.ql @@ -0,0 +1,8 @@ +private import bicep + +query predicate conditional(Conditionals ast) { any() } + +query predicate ifCondition(IfStatement ifStmt, Expr condition, Expr body) { + ifStmt.getCondition() = condition and + ifStmt.getBody() = body +} diff --git a/ql/test/library-tests/ast/conditions.bicep b/ql/test/library-tests/ast/conditionals/conditions.bicep similarity index 100% rename from ql/test/library-tests/ast/conditions.bicep rename to ql/test/library-tests/ast/conditionals/conditions.bicep diff --git a/ql/test/library-tests/ast/loops/Loops.expected b/ql/test/library-tests/ast/loops/Loops.expected new file mode 100644 index 0000000..00ceccd --- /dev/null +++ b/ql/test/library-tests/ast/loops/Loops.expected @@ -0,0 +1,15 @@ +loops +| loops.bicep:28:75:39:2 | ForStatement | +| loops.bicep:43:67:54:2 | ForStatement | +| loops.bicep:58:57:69:2 | ForStatement | +| loops.bicep:73:85:84:2 | ForStatement | +| loops.bicep:88:98:96:2 | ForStatement | +| loops.bicep:109:14:117:6 | ForStatement | +| loops.bicep:126:77:137:2 | ForStatement | +| loops.bicep:140:34:143:2 | ForStatement | +| loops.bicep:145:31:148:2 | ForStatement | +loopsConditionals +| loops.bicep:58:57:69:2 | ForStatement | loops.bicep:58:78:58:93 | environmentNames | +| loops.bicep:88:98:96:2 | ForStatement | loops.bicep:88:119:88:134 | environmentNames | +| loops.bicep:109:14:117:6 | ForStatement | loops.bicep:109:35:109:50 | environmentNames | +| loops.bicep:145:31:148:2 | ForStatement | loops.bicep:145:52:145:67 | environmentNames | diff --git a/ql/test/library-tests/ast/loops/Loops.ql b/ql/test/library-tests/ast/loops/Loops.ql new file mode 100644 index 0000000..dc8f209 --- /dev/null +++ b/ql/test/library-tests/ast/loops/Loops.ql @@ -0,0 +1,7 @@ +private import bicep + +query predicate loops(Loops loops) { any() } + +query predicate loopsConditionals(Loops loops, Expr condition) { + loops.getCondition() = condition +} diff --git a/ql/test/library-tests/ast/loops/loops.bicep b/ql/test/library-tests/ast/loops/loops.bicep new file mode 100644 index 0000000..7b19846 --- /dev/null +++ b/ql/test/library-tests/ast/loops/loops.bicep @@ -0,0 +1,148 @@ +// Examples of for loops in Bicep + +// Parameters for the examples +param location string = resourceGroup().location +param storageCount int = 3 +param environmentNames array = [ + 'dev' + 'test' + 'prod' +] +param resourceConfigs object = { + small: { + sku: 'Standard_LRS' + kind: 'StorageV2' + } + medium: { + sku: 'Standard_GRS' + kind: 'StorageV2' + } + large: { + sku: 'Premium_LRS' + kind: 'BlockBlobStorage' + } +} + +// Example 1: For loop with an integer index (range) +// Creates multiple storage accounts with indexed names +resource storageAccounts 'Microsoft.Storage/storageAccounts@2023-05-01' = [for i in range(0, storageCount): { + name: 'store${i}${uniqueString(resourceGroup().id)}' + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + tags: { + index: '${i}' + purpose: 'Example 1' + } +}] + +// Example 2: For loop with array elements +// Creates resources with names from an array +resource appServicePlans 'Microsoft.Web/serverfarms@2022-03-01' = [for envName in environmentNames: { + name: 'plan-${envName}' + location: location + sku: { + name: envName == 'prod' ? 'P1v2' : 'B1' + tier: envName == 'prod' ? 'PremiumV2' : 'Basic' + } + tags: { + environment: envName + purpose: 'Example 2' + } +}] + +// Example 3: For loop with array and index +// Creates resources using both the array element and index +resource appServices 'Microsoft.Web/sites@2022-03-01' = [for (envName, i) in environmentNames: { + name: 'app-${envName}-${i}' + location: location + properties: { + serverFarmId: appServicePlans[i].id + } + tags: { + environment: envName + index: '${i}' + purpose: 'Example 3' + } +}] + +// Example 4: For loop with object/dictionary +// Iterates over object properties using items() +resource configuredStorageAccounts 'Microsoft.Storage/storageAccounts@2023-05-01' = [for config in items(resourceConfigs): { + name: 'store${config.key}${uniqueString(resourceGroup().id)}' + location: location + sku: { + name: config.value.sku + } + kind: config.value.kind + tags: { + size: config.key + purpose: 'Example 4' + } +}] + +// Example 5: For loop with condition +// Creates resources conditionally +resource conditionalNetworkSecurityGroups 'Microsoft.Network/networkSecurityGroups@2023-11-01' = [for (envName, i) in environmentNames: if (envName != 'dev') { + name: 'nsg-${envName}' + location: location + tags: { + environment: envName + index: '${i}' + purpose: 'Example 5' + } +}] + +// Example 6: For loop in an object property +// Using a for loop within an object definition +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-11-01' = { + name: 'vnet-main' + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + subnets: [for (envName, i) in environmentNames: { + name: 'subnet-${envName}' + properties: { + addressPrefix: '10.0.${i}.0/24' + networkSecurityGroup: envName != 'dev' ? { + id: conditionalNetworkSecurityGroups[i - (environmentNames[0] == 'dev' ? 1 : 0)].id + } : null + } + }] + } + tags: { + purpose: 'Example 6' + } +} + +// Example 7: Batch size decorator for serial deployment +@batchSize(1) +resource batchedDeployment 'Microsoft.Storage/storageAccounts@2023-05-01' = [for i in range(0, storageCount): { + name: 'batch${i}${uniqueString(resourceGroup().id)}' + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + tags: { + index: '${i}' + purpose: 'Example 7' + } +}] + +// Outputs using for loops +output storageAccountIds array = [for i in range(0, storageCount): { + name: storageAccounts[i].name + id: storageAccounts[i].id +}] + +output appServiceUrls array = [for (envName, i) in environmentNames: { + environment: envName + url: 'https://${appServices[i].properties.defaultHostName}' +}] diff --git a/ql/test/library-tests/ast/variables/Variables.expected b/ql/test/library-tests/ast/variables/Variables.expected new file mode 100644 index 0000000..105224f --- /dev/null +++ b/ql/test/library-tests/ast/variables/Variables.expected @@ -0,0 +1,47 @@ +variables +| data.bicep:2:1:6:1 | Variable[multiLineArray] | +| data.bicep:8:1:8:43 | Variable[singleLineArray] | +| data.bicep:10:1:11:10 | Variable[mixedArray] | +| data.bicep:13:1:13:28 | Variable[exampleArray] | +| data.bicep:14:1:14:41 | Variable[firstElement] | +| data.bicep:15:1:15:41 | Variable[thirdElement] | +| data.bicep:17:1:17:13 | Variable[index] | +| data.bicep:18:1:18:46 | Variable[secondElement] | +| data.bicep:21:1:21:29 | Variable[exampleBool] | +| data.bicep:24:1:24:24 | Variable[exampleInt] | +| data.bicep:27:1:27:92 | Variable[singleLineObject] | +| data.bicep:29:1:34:1 | Variable[multiLineObject] | +| data.bicep:36:1:37:12 | Variable[mixedObject] | +| data.bicep:41:1:41:25 | Variable[myVar] | +| data.bicep:43:1:43:62 | Variable[storageName] | +| data.bicep:46:1:46:24 | Variable[myVar] | +| data.bicep:49:1:50:9 | Variable[myVar2] | +| data.bicep:53:1:55:3 | Variable[myVar3] | +| data.bicep:58:1:62:3 | Variable[myVar4] | +variableAccess +| data.bicep:13:1:13:28 | Variable[exampleArray] | data.bicep:14:27:14:38 | VariableRead[exampleArray] | +| data.bicep:13:1:13:28 | Variable[exampleArray] | data.bicep:15:27:15:38 | VariableRead[exampleArray] | +| data.bicep:13:1:13:28 | Variable[exampleArray] | data.bicep:18:28:18:39 | VariableRead[exampleArray] | +| data.bicep:14:1:14:41 | Variable[firstElement] | data.bicep:14:8:14:19 | VariableWrite[firstElement] | +| data.bicep:15:1:15:41 | Variable[thirdElement] | data.bicep:15:8:15:19 | VariableWrite[thirdElement] | +| data.bicep:17:1:17:13 | Variable[index] | data.bicep:18:41:18:45 | VariableRead[index] | +| data.bicep:18:1:18:46 | Variable[secondElement] | data.bicep:18:8:18:20 | VariableWrite[secondElement] | +| data.bicep:21:1:21:29 | Variable[exampleBool] | data.bicep:21:7:21:17 | VariableWrite[exampleBool] | +| data.bicep:24:1:24:24 | Variable[exampleInt] | data.bicep:24:7:24:16 | VariableWrite[exampleInt] | +| data.bicep:27:1:27:92 | Variable[singleLineObject] | data.bicep:27:7:27:22 | VariableWrite[singleLineObject] | +| data.bicep:29:1:34:1 | Variable[multiLineObject] | data.bicep:29:7:29:21 | VariableWrite[multiLineObject] | +| data.bicep:36:1:37:12 | Variable[mixedObject] | data.bicep:36:7:36:17 | VariableWrite[mixedObject] | +variableRead +| data.bicep:14:27:14:38 | VariableRead[exampleArray] | +| data.bicep:15:27:15:38 | VariableRead[exampleArray] | +| data.bicep:18:28:18:39 | VariableRead[exampleArray] | +| data.bicep:18:41:18:45 | VariableRead[index] | +variableWrite +| data.bicep:14:8:14:19 | VariableWrite[firstElement] | +| data.bicep:15:8:15:19 | VariableWrite[thirdElement] | +| data.bicep:18:8:18:20 | VariableWrite[secondElement] | +| data.bicep:21:7:21:17 | VariableWrite[exampleBool] | +| data.bicep:24:7:24:16 | VariableWrite[exampleInt] | +| data.bicep:27:7:27:22 | VariableWrite[singleLineObject] | +| data.bicep:29:7:29:21 | VariableWrite[multiLineObject] | +| data.bicep:36:7:36:17 | VariableWrite[mixedObject] | diff --git a/ql/test/library-tests/ast/Variables.ql b/ql/test/library-tests/ast/variables/Variables.ql similarity index 100% rename from ql/test/library-tests/ast/Variables.ql rename to ql/test/library-tests/ast/variables/Variables.ql diff --git a/ql/test/library-tests/ast/data.bicep b/ql/test/library-tests/ast/variables/data.bicep similarity index 100% rename from ql/test/library-tests/ast/data.bicep rename to ql/test/library-tests/ast/variables/data.bicep diff --git a/ql/test/library-tests/calls/Calls.expected b/ql/test/library-tests/calls/Calls.expected deleted file mode 100644 index 9cea492..0000000 --- a/ql/test/library-tests/calls/Calls.expected +++ /dev/null @@ -1,43 +0,0 @@ -call -| calls.bicep:1:32:1:63 | CallExpression | -| calls.bicep:1:45:1:59 | CallExpression | -| calls.bicep:4:111:4:121 | CallExpression | -| calls.bicep:22:26:22:65 | CallExpression | -| calls.bicep:23:30:23:82 | CallExpression | -| calls.bicep:23:62:23:81 | CallExpression | -| calls.bicep:24:32:24:53 | CallExpression | -| calls.bicep:25:26:25:42 | CallExpression | -| calls.bicep:26:29:26:48 | CallExpression | -callArguments -| calls.bicep:1:32:1:63 | CallExpression | calls.bicep:1:45:1:62 | MemberExpression | -| calls.bicep:1:32:1:63 | CallExpression | calls.bicep:1:45:1:62 | MemberExpression | -| calls.bicep:1:32:1:63 | CallExpression | calls.bicep:1:45:1:62 | MemberExpression | -| calls.bicep:4:111:4:121 | CallExpression | calls.bicep:4:117:4:120 | path | -| calls.bicep:4:111:4:121 | CallExpression | calls.bicep:4:117:4:120 | path | -| calls.bicep:4:111:4:121 | CallExpression | calls.bicep:4:117:4:120 | path | -| calls.bicep:22:26:22:65 | CallExpression | calls.bicep:22:35:22:38 | true | -| calls.bicep:22:26:22:65 | CallExpression | calls.bicep:22:35:22:38 | true | -| calls.bicep:22:26:22:65 | CallExpression | calls.bicep:22:35:22:38 | true | -| calls.bicep:22:26:22:65 | CallExpression | calls.bicep:22:41:22:55 | String | -| calls.bicep:22:26:22:65 | CallExpression | calls.bicep:22:41:22:55 | String | -| calls.bicep:22:26:22:65 | CallExpression | calls.bicep:22:41:22:55 | String | -| calls.bicep:22:26:22:65 | CallExpression | calls.bicep:22:58:22:64 | String | -| calls.bicep:22:26:22:65 | CallExpression | calls.bicep:22:58:22:64 | String | -| calls.bicep:22:26:22:65 | CallExpression | calls.bicep:22:58:22:64 | String | -| calls.bicep:23:30:23:82 | CallExpression | calls.bicep:23:34:23:51 | Array | -| calls.bicep:23:30:23:82 | CallExpression | calls.bicep:23:34:23:51 | Array | -| calls.bicep:23:30:23:82 | CallExpression | calls.bicep:23:34:23:51 | Array | -| calls.bicep:23:30:23:82 | CallExpression | calls.bicep:23:54:23:81 | LambdaExpression | -| calls.bicep:23:30:23:82 | CallExpression | calls.bicep:23:54:23:81 | LambdaExpression | -| calls.bicep:23:62:23:81 | CallExpression | calls.bicep:23:77:23:80 | name | -| calls.bicep:23:62:23:81 | CallExpression | calls.bicep:23:77:23:80 | name | -| calls.bicep:23:62:23:81 | CallExpression | calls.bicep:23:77:23:80 | name | -| calls.bicep:24:32:24:53 | CallExpression | calls.bicep:24:47:24:52 | String | -| calls.bicep:24:32:24:53 | CallExpression | calls.bicep:24:47:24:52 | String | -| calls.bicep:24:32:24:53 | CallExpression | calls.bicep:24:47:24:52 | String | -| calls.bicep:25:26:25:42 | CallExpression | calls.bicep:25:36:25:41 | String | -| calls.bicep:25:26:25:42 | CallExpression | calls.bicep:25:36:25:41 | String | -| calls.bicep:25:26:25:42 | CallExpression | calls.bicep:25:36:25:41 | String | -| calls.bicep:26:29:26:48 | CallExpression | calls.bicep:26:42:26:47 | String | -| calls.bicep:26:29:26:48 | CallExpression | calls.bicep:26:42:26:47 | String | -| calls.bicep:26:29:26:48 | CallExpression | calls.bicep:26:42:26:47 | String | diff --git a/ql/test/library-tests/cfg/Cfg.expected b/ql/test/library-tests/cfg/Cfg.expected index fdf8230..2c2124c 100644 --- a/ql/test/library-tests/cfg/Cfg.expected +++ b/ql/test/library-tests/cfg/Cfg.expected @@ -1,52 +1,19 @@ | sample.bicep:1:1:1:48 | ParameterDeclaration | sample.bicep:1:1:103:1 | Infrastructure | | -| sample.bicep:1:1:1:48 | ParameterDeclaration | sample.bicep:1:1:103:1 | Infrastructure | | | sample.bicep:1:1:1:48 | ParameterDeclaration | sample.bicep:1:7:1:14 | location | | | sample.bicep:1:1:103:1 | Infrastructure | sample.bicep:1:1:103:1 | exit Infrastructure (normal) | | +| sample.bicep:1:1:103:1 | enter Infrastructure | sample.bicep:1:1:1:48 | ParameterDeclaration | | | sample.bicep:1:1:103:1 | enter Infrastructure | sample.bicep:1:7:1:14 | location | | -| sample.bicep:1:1:103:1 | enter Infrastructure | sample.bicep:1:7:1:14 | location | | -| sample.bicep:1:1:103:1 | enter Infrastructure | sample.bicep:1:7:1:14 | location | | -| sample.bicep:1:1:103:1 | enter Infrastructure | sample.bicep:1:25:1:37 | resourceGroup | | -| sample.bicep:1:1:103:1 | enter Infrastructure | sample.bicep:1:25:1:37 | resourceGroup | | | sample.bicep:1:1:103:1 | enter Infrastructure | sample.bicep:1:25:1:37 | resourceGroup | | +| sample.bicep:1:1:103:1 | enter Infrastructure | sample.bicep:1:38:1:39 | Arguments | | | sample.bicep:1:1:103:1 | enter Infrastructure | sample.bicep:1:41:1:48 | location | | | sample.bicep:1:1:103:1 | exit Infrastructure (normal) | sample.bicep:1:1:103:1 | exit Infrastructure | | | sample.bicep:1:7:1:14 | location | sample.bicep:1:1:1:48 | ParameterDeclaration | | -| sample.bicep:1:7:1:14 | location | sample.bicep:1:1:1:48 | ParameterDeclaration | | -| sample.bicep:1:7:1:14 | location | sample.bicep:1:1:1:48 | ParameterDeclaration | | -| sample.bicep:1:7:1:14 | location | sample.bicep:1:1:1:48 | ParameterDeclaration | | -| sample.bicep:1:7:1:14 | location | sample.bicep:1:1:1:48 | ParameterDeclaration | | -| sample.bicep:1:7:1:14 | location | sample.bicep:1:1:1:48 | ParameterDeclaration | | -| sample.bicep:1:7:1:14 | location | sample.bicep:1:25:1:37 | resourceGroup | | -| sample.bicep:1:7:1:14 | location | sample.bicep:1:25:1:37 | resourceGroup | | | sample.bicep:1:7:1:14 | location | sample.bicep:1:25:1:37 | resourceGroup | | +| sample.bicep:1:7:1:14 | location | sample.bicep:1:38:1:39 | Arguments | | | sample.bicep:1:7:1:14 | location | sample.bicep:1:41:1:48 | location | | | sample.bicep:1:25:1:37 | resourceGroup | sample.bicep:1:25:1:39 | CallExpression | | -| sample.bicep:1:25:1:37 | resourceGroup | sample.bicep:1:25:1:39 | CallExpression | | -| sample.bicep:1:25:1:37 | resourceGroup | sample.bicep:1:25:1:39 | CallExpression | | -| sample.bicep:1:25:1:37 | resourceGroup | sample.bicep:1:25:1:39 | CallExpression | | -| sample.bicep:1:25:1:37 | resourceGroup | sample.bicep:1:25:1:39 | CallExpression | | -| sample.bicep:1:25:1:37 | resourceGroup | sample.bicep:1:25:1:39 | CallExpression | | -| sample.bicep:1:25:1:37 | resourceGroup | sample.bicep:1:25:1:39 | CallExpression | | -| sample.bicep:1:25:1:37 | resourceGroup | sample.bicep:1:25:1:39 | CallExpression | | -| sample.bicep:1:25:1:37 | resourceGroup | sample.bicep:1:25:1:39 | CallExpression | | -| sample.bicep:1:25:1:39 | CallExpression | sample.bicep:1:25:1:48 | MemberExpression | | -| sample.bicep:1:25:1:39 | CallExpression | sample.bicep:1:25:1:48 | MemberExpression | | -| sample.bicep:1:25:1:39 | CallExpression | sample.bicep:1:25:1:48 | MemberExpression | | -| sample.bicep:1:25:1:39 | CallExpression | sample.bicep:1:25:1:48 | MemberExpression | | -| sample.bicep:1:25:1:39 | CallExpression | sample.bicep:1:25:1:48 | MemberExpression | | -| sample.bicep:1:25:1:39 | CallExpression | sample.bicep:1:25:1:48 | MemberExpression | | -| sample.bicep:1:25:1:39 | CallExpression | sample.bicep:1:25:1:48 | MemberExpression | | -| sample.bicep:1:25:1:39 | CallExpression | sample.bicep:1:25:1:48 | MemberExpression | | | sample.bicep:1:25:1:39 | CallExpression | sample.bicep:1:25:1:48 | MemberExpression | | | sample.bicep:1:25:1:48 | MemberExpression | sample.bicep:1:1:1:48 | ParameterDeclaration | | -| sample.bicep:1:25:1:48 | MemberExpression | sample.bicep:1:1:1:48 | ParameterDeclaration | | -| sample.bicep:1:25:1:48 | MemberExpression | sample.bicep:1:1:1:48 | ParameterDeclaration | | -| sample.bicep:1:25:1:48 | MemberExpression | sample.bicep:1:1:1:48 | ParameterDeclaration | | -| sample.bicep:1:25:1:48 | MemberExpression | sample.bicep:1:1:1:48 | ParameterDeclaration | | -| sample.bicep:1:25:1:48 | MemberExpression | sample.bicep:1:1:1:48 | ParameterDeclaration | | | sample.bicep:1:25:1:48 | MemberExpression | sample.bicep:1:1:103:1 | Infrastructure | , BooleanSuccessor, BooleanSuccessor | -| sample.bicep:1:25:1:48 | MemberExpression | sample.bicep:1:1:103:1 | Infrastructure | , BooleanSuccessor, BooleanSuccessor | -| sample.bicep:1:25:1:48 | MemberExpression | sample.bicep:1:1:103:1 | Infrastructure | , BooleanSuccessor, BooleanSuccessor | -| sample.bicep:1:41:1:48 | location | sample.bicep:1:25:1:48 | MemberExpression | | -| sample.bicep:1:41:1:48 | location | sample.bicep:1:25:1:48 | MemberExpression | | +| sample.bicep:1:38:1:39 | Arguments | sample.bicep:1:25:1:39 | CallExpression | | | sample.bicep:1:41:1:48 | location | sample.bicep:1:25:1:48 | MemberExpression | | diff --git a/ql/test/queries-tests/security/CWE-200/PublicResource/PublicBucket.expected b/ql/test/queries-tests/security/CWE-200/PublicResource/PublicBucket.expected index 6191f85..0be2d32 100644 --- a/ql/test/queries-tests/security/CWE-200/PublicResource/PublicBucket.expected +++ b/ql/test/queries-tests/security/CWE-200/PublicResource/PublicBucket.expected @@ -1,3 +1 @@ | app.bicep:6:26:6:34 | String | Resource 'publicdbserver' is publicly accessible to the Internet. | -| app.bicep:6:26:6:34 | String | Resource 'publicdbserver' is publicly accessible to the Internet. | -| app.bicep:6:26:6:34 | String | Resource 'publicdbserver' is publicly accessible to the Internet. | diff --git a/ql/test/queries-tests/security/CWE-693/RedisCacheNoBackup/RedisCacheNoBackup.expected b/ql/test/queries-tests/security/CWE-693/RedisCacheNoBackup/RedisCacheNoBackup.expected index 5d66771..082af51 100644 --- a/ql/test/queries-tests/security/CWE-693/RedisCacheNoBackup/RedisCacheNoBackup.expected +++ b/ql/test/queries-tests/security/CWE-693/RedisCacheNoBackup/RedisCacheNoBackup.expected @@ -1,6 +1,6 @@ -| app.bicep:62:15:69:3 | Object | Redis Cache 'nobackup-redis' has both AOF and RDB backups disabled (or not configured), risking data loss. | -| app.bicep:82:25:85:5 | Object | Redis Cache 'aof-backup-redis' has both AOF and RDB backups disabled (or not configured), risking data loss. | -| app.bicep:82:25:85:5 | Object | Redis Cache 'both-backup-redis' has both AOF and RDB backups disabled (or not configured), risking data loss. | -| app.bicep:82:25:85:5 | Object | Redis Cache 'disabled-backup-redis' has both AOF and RDB backups disabled (or not configured), risking data loss. | -| app.bicep:82:25:85:5 | Object | Redis Cache 'nobackup-redis' has both AOF and RDB backups disabled (or not configured), risking data loss. | -| app.bicep:82:25:85:5 | Object | Redis Cache 'rdb-backup-redis' has both AOF and RDB backups disabled (or not configured), risking data loss. | +| app.bicep:62:15:69:3 | CacheProperties[nobackup-redis] | Redis Cache 'nobackup-redis' has both AOF and RDB backups disabled (or not configured), risking data loss. | +| app.bicep:82:25:85:5 | RedisConfiguration | Redis Cache 'aof-backup-redis' has both AOF and RDB backups disabled (or not configured), risking data loss. | +| app.bicep:82:25:85:5 | RedisConfiguration | Redis Cache 'both-backup-redis' has both AOF and RDB backups disabled (or not configured), risking data loss. | +| app.bicep:82:25:85:5 | RedisConfiguration | Redis Cache 'disabled-backup-redis' has both AOF and RDB backups disabled (or not configured), risking data loss. | +| app.bicep:82:25:85:5 | RedisConfiguration | Redis Cache 'nobackup-redis' has both AOF and RDB backups disabled (or not configured), risking data loss. | +| app.bicep:82:25:85:5 | RedisConfiguration | Redis Cache 'rdb-backup-redis' has both AOF and RDB backups disabled (or not configured), risking data loss. |