From 7c0aa78e391acaedbeaa312284262d60f0510ec8 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 10 Sep 2025 16:03:11 +0200 Subject: [PATCH 1/4] Python: Add many medium precision queries to the code-quality-extended suite. --- python/ql/src/Classes/OverwritingAttributeInSuperClass.ql | 6 +++--- python/ql/src/Classes/ShouldBeContextManager.ql | 5 +++-- python/ql/src/Classes/UselessClass.ql | 4 +++- python/ql/src/Expressions/NonPortableComparisonUsingIs.ql | 5 +++-- python/ql/src/Functions/ReturnValueIgnored.ql | 7 +++---- python/ql/src/Imports/FromImportOfMutableAttribute.ql | 6 +++--- python/ql/src/Statements/AssertLiteralConstant.ql | 3 ++- python/ql/src/Statements/BreakOrReturnInFinally.ql | 6 ++++-- python/ql/src/Statements/DocStrings.ql | 4 +++- python/ql/src/Statements/ReturnOrYieldOutsideFunction.ql | 3 ++- python/ql/src/Variables/ShadowBuiltin.ql | 4 +++- python/ql/src/Variables/ShadowGlobal.ql | 4 +++- python/ql/src/Variables/UndefinedPlaceHolder.ql | 3 ++- python/ql/src/Variables/UninitializedLocal.ql | 3 ++- python/ql/src/Variables/UnusedParameter.ql | 5 ++++- 15 files changed, 43 insertions(+), 25 deletions(-) diff --git a/python/ql/src/Classes/OverwritingAttributeInSuperClass.ql b/python/ql/src/Classes/OverwritingAttributeInSuperClass.ql index 248872211410..699e4387a144 100644 --- a/python/ql/src/Classes/OverwritingAttributeInSuperClass.ql +++ b/python/ql/src/Classes/OverwritingAttributeInSuperClass.ql @@ -2,9 +2,9 @@ * @name Overwriting attribute in super-class or sub-class * @description Assignment to self attribute overwrites attribute previously defined in subclass or superclass `__init__` method. * @kind problem - * @tags reliability - * maintainability - * modularity + * @tags quality + * reliability + * correctness * @problem.severity warning * @sub-severity low * @precision medium diff --git a/python/ql/src/Classes/ShouldBeContextManager.ql b/python/ql/src/Classes/ShouldBeContextManager.ql index bdcc6dc28634..2423206e3cfc 100644 --- a/python/ql/src/Classes/ShouldBeContextManager.ql +++ b/python/ql/src/Classes/ShouldBeContextManager.ql @@ -3,9 +3,10 @@ * @description Making a class a context manager allows instances to be used in a 'with' statement. * This improves resource handling and code readability. * @kind problem - * @tags maintainability + * @tags quality + * maintainability * readability - * convention + * performance * @problem.severity recommendation * @sub-severity high * @precision medium diff --git a/python/ql/src/Classes/UselessClass.ql b/python/ql/src/Classes/UselessClass.ql index 19d21c7e7caa..7e33660dafc4 100644 --- a/python/ql/src/Classes/UselessClass.ql +++ b/python/ql/src/Classes/UselessClass.ql @@ -2,8 +2,10 @@ * @name Useless class * @description Class only defines one public method (apart from `__init__` or `__new__`) and should be replaced by a function * @kind problem - * @tags maintainability + * @tags quality + * maintainability * useless-code + * complexity * @problem.severity recommendation * @sub-severity low * @precision medium diff --git a/python/ql/src/Expressions/NonPortableComparisonUsingIs.ql b/python/ql/src/Expressions/NonPortableComparisonUsingIs.ql index d9a0f7016351..894cc78c8f44 100644 --- a/python/ql/src/Expressions/NonPortableComparisonUsingIs.ql +++ b/python/ql/src/Expressions/NonPortableComparisonUsingIs.ql @@ -2,8 +2,9 @@ * @name Non-portable comparison using is when operands support `__eq__` * @description Comparison using 'is' when equivalence is not the same as identity and may not be portable. * @kind problem - * @tags portability - * maintainability + * @tags quality + * reliability + * correctness * @problem.severity recommendation * @sub-severity low * @precision medium diff --git a/python/ql/src/Functions/ReturnValueIgnored.ql b/python/ql/src/Functions/ReturnValueIgnored.ql index b7f272dcc2df..d8f81534b8ad 100644 --- a/python/ql/src/Functions/ReturnValueIgnored.ql +++ b/python/ql/src/Functions/ReturnValueIgnored.ql @@ -2,11 +2,10 @@ * @name Ignored return value * @description Ignoring return values may result in discarding errors or loss of information. * @kind problem - * @tags reliability + * @tags quality + * reliability + * correctness * readability - * convention - * statistical - * non-attributable * external/cwe/cwe-252 * @problem.severity recommendation * @sub-severity high diff --git a/python/ql/src/Imports/FromImportOfMutableAttribute.ql b/python/ql/src/Imports/FromImportOfMutableAttribute.ql index cbb74977a032..c66a7578de61 100644 --- a/python/ql/src/Imports/FromImportOfMutableAttribute.ql +++ b/python/ql/src/Imports/FromImportOfMutableAttribute.ql @@ -2,9 +2,9 @@ * @name Importing value of mutable attribute * @description Importing the value of a mutable attribute directly means that changes in global state will not be observed locally. * @kind problem - * @tags reliability - * maintainability - * modularity + * @tags quality + * reliability + * correctness * @problem.severity warning * @sub-severity high * @precision medium diff --git a/python/ql/src/Statements/AssertLiteralConstant.ql b/python/ql/src/Statements/AssertLiteralConstant.ql index 73bd16458589..60c09951c069 100644 --- a/python/ql/src/Statements/AssertLiteralConstant.ql +++ b/python/ql/src/Statements/AssertLiteralConstant.ql @@ -3,7 +3,8 @@ * @description An assert statement testing a literal constant value may exhibit * different behavior when optimizations are enabled. * @kind problem - * @tags reliability + * @tags quality + * reliability * correctness * @problem.severity recommendation * @sub-severity low diff --git a/python/ql/src/Statements/BreakOrReturnInFinally.ql b/python/ql/src/Statements/BreakOrReturnInFinally.ql index 02f501e0bfd5..dc9800eba8a6 100644 --- a/python/ql/src/Statements/BreakOrReturnInFinally.ql +++ b/python/ql/src/Statements/BreakOrReturnInFinally.ql @@ -3,8 +3,10 @@ * @description Using a Break or Return statement in a finally block causes the * Try-finally block to exit, discarding the exception. * @kind problem - * @tags reliability - * maintainability + * @tags quality + * reliability + * error-handling + * correctness * external/cwe/cwe-584 * @problem.severity warning * @sub-severity low diff --git a/python/ql/src/Statements/DocStrings.ql b/python/ql/src/Statements/DocStrings.ql index 355aff93f17f..e5c14e9fd034 100644 --- a/python/ql/src/Statements/DocStrings.ql +++ b/python/ql/src/Statements/DocStrings.ql @@ -3,7 +3,9 @@ * @description Omitting documentation strings from public classes, functions or methods * makes it more difficult for other developers to maintain the code. * @kind problem - * @tags maintainability + * @tags quality + * maintainability + * readability * @problem.severity recommendation * @sub-severity low * @precision medium diff --git a/python/ql/src/Statements/ReturnOrYieldOutsideFunction.ql b/python/ql/src/Statements/ReturnOrYieldOutsideFunction.ql index a940dc601232..7bb0161f1309 100644 --- a/python/ql/src/Statements/ReturnOrYieldOutsideFunction.ql +++ b/python/ql/src/Statements/ReturnOrYieldOutsideFunction.ql @@ -2,7 +2,8 @@ * @name Use of 'return' or 'yield' outside a function * @description Using 'return' or 'yield' outside a function causes a 'SyntaxError' at runtime. * @kind problem - * @tags reliability + * @tags quality + * reliability * correctness * @problem.severity error * @sub-severity low diff --git a/python/ql/src/Variables/ShadowBuiltin.ql b/python/ql/src/Variables/ShadowBuiltin.ql index 7e4a8580a93f..51b74b7109cf 100644 --- a/python/ql/src/Variables/ShadowBuiltin.ql +++ b/python/ql/src/Variables/ShadowBuiltin.ql @@ -4,8 +4,10 @@ * makes the built-in object unusable within the current scope and makes the code * more difficult to read. * @kind problem - * @tags maintainability + * @tags quality + * maintainability * readability + * correctness * @problem.severity recommendation * @sub-severity low * @precision medium diff --git a/python/ql/src/Variables/ShadowGlobal.ql b/python/ql/src/Variables/ShadowGlobal.ql index 79d74d272aeb..2f06e4fe57d7 100644 --- a/python/ql/src/Variables/ShadowGlobal.ql +++ b/python/ql/src/Variables/ShadowGlobal.ql @@ -4,8 +4,10 @@ * makes the global variable unusable within the current scope and makes the code * more difficult to read. * @kind problem - * @tags maintainability + * @tags quality + * maintainability * readability + * correctness * @problem.severity recommendation * @sub-severity low * @precision medium diff --git a/python/ql/src/Variables/UndefinedPlaceHolder.ql b/python/ql/src/Variables/UndefinedPlaceHolder.ql index 7f7794e60a12..b0eeeda871ac 100644 --- a/python/ql/src/Variables/UndefinedPlaceHolder.ql +++ b/python/ql/src/Variables/UndefinedPlaceHolder.ql @@ -2,7 +2,8 @@ * @name Use of an undefined placeholder variable * @description Using a variable before it is initialized causes an exception. * @kind problem - * @tags reliability + * @tags quality + * reliability * correctness * @problem.severity error * @sub-severity low diff --git a/python/ql/src/Variables/UninitializedLocal.ql b/python/ql/src/Variables/UninitializedLocal.ql index 3a2461ee3e72..a6ac7d490ce6 100644 --- a/python/ql/src/Variables/UninitializedLocal.ql +++ b/python/ql/src/Variables/UninitializedLocal.ql @@ -2,7 +2,8 @@ * @name Potentially uninitialized local variable * @description Using a local variable before it is initialized causes an UnboundLocalError. * @kind problem - * @tags reliability + * @tags quality + * reliability * correctness * @problem.severity error * @sub-severity low diff --git a/python/ql/src/Variables/UnusedParameter.ql b/python/ql/src/Variables/UnusedParameter.ql index 74e1c2ac5368..7228974b7c73 100644 --- a/python/ql/src/Variables/UnusedParameter.ql +++ b/python/ql/src/Variables/UnusedParameter.ql @@ -2,7 +2,10 @@ * @name Unused parameter * @description Parameter is defined but not used * @kind problem - * @tags maintainability + * @tags quality + * reliability + * correctness + * readability * @problem.severity recommendation * @sub-severity high * @precision medium From 7c58098f12b09c7e82edce989205210e6194818c Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 10 Sep 2025 16:08:14 +0200 Subject: [PATCH 2/4] Python: Update integration tests expected output. --- .../query-suite/not_included_in_qls.expected | 9 --------- .../python-code-quality-extended.qls.expected | 15 +++++++++++++++ 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/python/ql/integration-tests/query-suite/not_included_in_qls.expected b/python/ql/integration-tests/query-suite/not_included_in_qls.expected index 05108abc2060..55cba5e97d97 100644 --- a/python/ql/integration-tests/query-suite/not_included_in_qls.expected +++ b/python/ql/integration-tests/query-suite/not_included_in_qls.expected @@ -1,11 +1,7 @@ ql/python/ql/src/AlertSuppression.ql ql/python/ql/src/Classes/MaybeUndefinedClassAttribute.ql -ql/python/ql/src/Classes/ShouldBeContextManager.ql ql/python/ql/src/Classes/UndefinedClassAttribute.ql -ql/python/ql/src/Classes/UselessClass.ql -ql/python/ql/src/Expressions/NonPortableComparisonUsingIs.ql ql/python/ql/src/Filters/ClassifyFiles.ql -ql/python/ql/src/Functions/ReturnValueIgnored.ql ql/python/ql/src/Imports/ImportShadowedByLoopVar.ql ql/python/ql/src/Imports/ImportStarUsed.ql ql/python/ql/src/Imports/Imports.ql @@ -59,16 +55,11 @@ ql/python/ql/src/Metrics/TransitiveImports.ql ql/python/ql/src/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.ql ql/python/ql/src/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.ql ql/python/ql/src/Security/CWE-798/HardcodedCredentials.ql -ql/python/ql/src/Statements/AssertLiteralConstant.ql ql/python/ql/src/Statements/C_StyleParentheses.ql -ql/python/ql/src/Statements/DocStrings.ql ql/python/ql/src/Statements/ExecUsed.ql ql/python/ql/src/Statements/StringConcatenationInLoop.ql ql/python/ql/src/Variables/Global.ql -ql/python/ql/src/Variables/ShadowBuiltin.ql -ql/python/ql/src/Variables/ShadowGlobal.ql ql/python/ql/src/Variables/UndefinedGlobal.ql -ql/python/ql/src/Variables/UnusedParameter.ql ql/python/ql/src/analysis/CallGraphEfficiency.ql ql/python/ql/src/analysis/CallGraphMarginalEfficiency.ql ql/python/ql/src/analysis/Consistency.ql diff --git a/python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected b/python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected index b0cb45325412..e00fa4ad1acf 100644 --- a/python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected +++ b/python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected @@ -10,7 +10,10 @@ ql/python/ql/src/Classes/DefineEqualsWhenAddingAttributes.ql ql/python/ql/src/Classes/InconsistentMRO.ql ql/python/ql/src/Classes/InitCallsSubclass/InitCallsSubclassMethod.ql ql/python/ql/src/Classes/MutatingDescriptor.ql +ql/python/ql/src/Classes/OverwritingAttributeInSuperClass.ql +ql/python/ql/src/Classes/ShouldBeContextManager.ql ql/python/ql/src/Classes/SubclassShadowing/SubclassShadowing.ql +ql/python/ql/src/Classes/UselessClass.ql ql/python/ql/src/Classes/WrongNameForArgumentInClassInstantiation.ql ql/python/ql/src/Classes/WrongNumberArgumentsInClassInstantiation.ql ql/python/ql/src/Exceptions/CatchingBaseException.ql @@ -37,6 +40,7 @@ ql/python/ql/src/Expressions/Formatting/WrongNumberArgumentsFor3101Format.ql ql/python/ql/src/Expressions/HashedButNoHash.ql ql/python/ql/src/Expressions/IncorrectComparisonUsingIs.ql ql/python/ql/src/Expressions/NonCallableCalled.ql +ql/python/ql/src/Expressions/NonPortableComparisonUsingIs.ql ql/python/ql/src/Expressions/Regex/BackspaceEscape.ql ql/python/ql/src/Expressions/Regex/DuplicateCharacterInSet.ql ql/python/ql/src/Expressions/Regex/MissingPartSpecialGroup.ql @@ -61,10 +65,12 @@ ql/python/ql/src/Functions/NonCls.ql ql/python/ql/src/Functions/NonSelf.ql ql/python/ql/src/Functions/OverlyComplexDelMethod.ql ql/python/ql/src/Functions/ReturnConsistentTupleSizes.ql +ql/python/ql/src/Functions/ReturnValueIgnored.ql ql/python/ql/src/Functions/SignatureOverriddenMethod.ql ql/python/ql/src/Functions/SignatureSpecialMethods.ql ql/python/ql/src/Functions/UseImplicitNoneReturnValue.ql ql/python/ql/src/Imports/EncodingError.ql +ql/python/ql/src/Imports/FromImportOfMutableAttribute.ql ql/python/ql/src/Imports/ImportandImportFrom.ql ql/python/ql/src/Imports/ModuleImportsItself.ql ql/python/ql/src/Imports/MultipleImports.ql @@ -73,8 +79,11 @@ ql/python/ql/src/Imports/UnintentionalImport.ql ql/python/ql/src/Imports/UnusedImport.ql ql/python/ql/src/Lexical/CommentedOutCode.ql ql/python/ql/src/Resources/FileNotAlwaysClosed.ql +ql/python/ql/src/Statements/AssertLiteralConstant.ql ql/python/ql/src/Statements/AssertOnTuple.ql +ql/python/ql/src/Statements/BreakOrReturnInFinally.ql ql/python/ql/src/Statements/ConstantInConditional.ql +ql/python/ql/src/Statements/DocStrings.ql ql/python/ql/src/Statements/IterableStringOrSequence.ql ql/python/ql/src/Statements/MismatchInMultipleAssignment.ql ql/python/ql/src/Statements/ModificationOfLocals.ql @@ -82,6 +91,7 @@ ql/python/ql/src/Statements/NestedLoopsSameVariable.ql ql/python/ql/src/Statements/NestedLoopsSameVariableWithReuse.ql ql/python/ql/src/Statements/NonIteratorInForLoop.ql ql/python/ql/src/Statements/RedundantAssignment.ql +ql/python/ql/src/Statements/ReturnOrYieldOutsideFunction.ql ql/python/ql/src/Statements/ShouldUseWithStatement.ql ql/python/ql/src/Statements/SideEffectInAssert.ql ql/python/ql/src/Statements/StatementNoEffect.ql @@ -95,7 +105,12 @@ ql/python/ql/src/Testing/ImpreciseAssert.ql ql/python/ql/src/Variables/GlobalAtModuleLevel.ql ql/python/ql/src/Variables/LoopVariableCapture/LoopVariableCapture.ql ql/python/ql/src/Variables/MultiplyDefined.ql +ql/python/ql/src/Variables/ShadowBuiltin.ql +ql/python/ql/src/Variables/ShadowGlobal.ql ql/python/ql/src/Variables/SuspiciousUnusedLoopIterationVariable.ql ql/python/ql/src/Variables/UndefinedExport.ql +ql/python/ql/src/Variables/UndefinedPlaceHolder.ql +ql/python/ql/src/Variables/UninitializedLocal.ql ql/python/ql/src/Variables/UnusedLocalVariable.ql ql/python/ql/src/Variables/UnusedModuleVariable.ql +ql/python/ql/src/Variables/UnusedParameter.ql From a774c651627f05d42fa3b2aadb4303077d34e802 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Thu, 11 Sep 2025 08:41:33 +0200 Subject: [PATCH 3/4] Python: Remove py/missing-docstring from code-quality-extended. --- python/ql/src/Statements/DocStrings.ql | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/python/ql/src/Statements/DocStrings.ql b/python/ql/src/Statements/DocStrings.ql index e5c14e9fd034..903207f7ccb7 100644 --- a/python/ql/src/Statements/DocStrings.ql +++ b/python/ql/src/Statements/DocStrings.ql @@ -3,8 +3,7 @@ * @description Omitting documentation strings from public classes, functions or methods * makes it more difficult for other developers to maintain the code. * @kind problem - * @tags quality - * maintainability + * @tags maintainability * readability * @problem.severity recommendation * @sub-severity low From c2628fe1df2a6512d2fa253232b3865a836d27b3 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Thu, 11 Sep 2025 08:44:18 +0200 Subject: [PATCH 4/4] Python: Update integration tests expected output. --- .../integration-tests/query-suite/not_included_in_qls.expected | 1 + .../query-suite/python-code-quality-extended.qls.expected | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/python/ql/integration-tests/query-suite/not_included_in_qls.expected b/python/ql/integration-tests/query-suite/not_included_in_qls.expected index 55cba5e97d97..8d0e0814d538 100644 --- a/python/ql/integration-tests/query-suite/not_included_in_qls.expected +++ b/python/ql/integration-tests/query-suite/not_included_in_qls.expected @@ -56,6 +56,7 @@ ql/python/ql/src/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData ql/python/ql/src/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.ql ql/python/ql/src/Security/CWE-798/HardcodedCredentials.ql ql/python/ql/src/Statements/C_StyleParentheses.ql +ql/python/ql/src/Statements/DocStrings.ql ql/python/ql/src/Statements/ExecUsed.ql ql/python/ql/src/Statements/StringConcatenationInLoop.ql ql/python/ql/src/Variables/Global.ql diff --git a/python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected b/python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected index e00fa4ad1acf..cc8d0fd7f5e8 100644 --- a/python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected +++ b/python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected @@ -83,7 +83,6 @@ ql/python/ql/src/Statements/AssertLiteralConstant.ql ql/python/ql/src/Statements/AssertOnTuple.ql ql/python/ql/src/Statements/BreakOrReturnInFinally.ql ql/python/ql/src/Statements/ConstantInConditional.ql -ql/python/ql/src/Statements/DocStrings.ql ql/python/ql/src/Statements/IterableStringOrSequence.ql ql/python/ql/src/Statements/MismatchInMultipleAssignment.ql ql/python/ql/src/Statements/ModificationOfLocals.ql