C#: Models as Data Documentation

[egregius313]

Introduces Models-as-Data documentation for C#

• Changes Java to use the language-agnostic beta notice
• Introduces C#-specific models-as-data doc

Later follow-up will be to add the threat modeling documentation.

[hvitved]

Thanks a lot for writing this up. Some comments.

[hvitved]

customize analysis -> customize analyses?

[hvitved]

And dataflow analysis -> dataflow analyses.

[egregius313]

Not sure which is better, but that wording is taken from the Java customizing-library-models docs.

[subatoi]

I think analyses is probably better in both contexts, but I don't think the gain in clarity is enough to justify making edits here and in the Java docs, since "analysis" does also technically make sense (at least I think it does!), and it wouldn't just affect this paragraph.

[hvitved]

I'm not familiar with .rst syntax, but the above looks wrong?

[egregius313]

I think the purpose of that is so that only the word sinkModel is rendered as code and be highlighted. But if we think that it's fine to highlight the entirety of sinkModel(namespace, ..., I can change it over.

cf The Java MaD docs:

[hvitved]

Ok, that looks weird to me.

[subatoi]

But if we think that it's fine to highlight the entirety of sinkModel(namespace, ..., I can change it over.

I think this would probably would be best, but it would involve numerous edits to both this documentation and the Java documentation. If you have time to do this, it'd be great, but it's not urgent 👍

[michaelnebel]

@egregius313 : Really good examples!
It would be great, if we could also make something similar to extensible-predicates.rst which is currently java specific (and for some reason not linked from the java documentation).

[egregius313]

It would be great, if we could also make something similar to extensible-predicates.rst which is currently java specific (and for some reason not linked from the java documentation).

@michaelnebel The existing extensible-predicates.rst mentions synthetic fields/globals, but does not explain them? Would fleshing out the documentation for them make sense as well?

[michaelnebel]

It would be great, if we could also make something similar to extensible-predicates.rst which is currently java specific (and for some reason not linked from the java documentation).

@michaelnebel The existing extensible-predicates.rst mentions synthetic fields/globals, but does not explain them? Would fleshing out the documentation for them make sense as well?

That is an excellent question!
I think we could do much more extensive documentation, if we want to. If you are up for providing examples for synthetics that would be great, but if I think that examples for covering Field and Property (only the latter is relevant for C#) would be more important.

That is, if you want to do more examples, then the order of "importance" is probably:

1. Field and Property (the latter only relevant for C#).
2. ArrayElement, MapKey, MapValue (these are only relevant for Java).
3. Attributes (the ext field in the MaD format can be used to capture summaries for callables based on their annotation (java) and attribute (C#).
4. SyntheticField.
5. SyntheticGlobal: Note that there are no C# examples, but I expect this to work, because the FlowSummaryImpl implementation is now shared - but this is untested for C# (at least from a MaD stand point - there are some synthetic globals but they are declared in QL.

You are more than welcome to add more examples - this would be highly appreciated (I do know this is scope creep, but it would be really valuable, if we had these examples), but not strictly required I think.

[egregius313]

You are more than welcome to add more examples - this would be highly appreciated (I do know this is scope creep, but it would be really valuable, if we had these examples), but not strictly required I think.

@michaelnebel I am going to work on extensible-predicate, but in order to avoid scope-creep in this PR, I am going to do those updates in a separate PR. It will make it easier to make sure this is reviewed and ready to merge.

[subatoi]

Thank you! Only minor and super minor (purely docs) comments. This is very clear and matches the Java docs really well.

[subatoi]

But if we think that it's fine to highlight the entirety of sinkModel(namespace, ..., I can change it over.

I think this would probably would be best, but it would involve numerous edits to both this documentation and the Java documentation. If you have time to do this, it'd be great, but it's not urgent 👍

[subatoi]

I think analyses is probably better in both contexts, but I don't think the gain in clarity is enough to justify making edits here and in the Java docs, since "analysis" does also technically make sense (at least I think it does!), and it wouldn't just affect this paragraph.

[michaelnebel]

Looks good to me!

[michaelnebel]

@subatoi @hvitved @jf205 : Are there any objections on merging the documentation?

[subatoi]

@michaelnebel not from me from a Docs point of view 👍

[subatoi]

@michaelnebel Sorry for the late thought: it occurred to us to check this is due to ship with CLI 2.16.3. If so, all good 👍

Edit: 2.16.4, apologies

[michaelnebel]

@michaelnebel Sorry for the late thought: it occurred to us to check this is due to ship with CLI 2.16.3. If so, all good 👍

Alright thank you!
In case it is not shipped, I suppose we can merge most of the content of the PR and just make orphan and not link it from the main documentation?

[intrigus-lgtm]

The type names must be fully qualified.

More curiosity than an actual problem, but why does C# require fully qualified names, but Java doesn't?