Share XML discard predicates #20873
Share XML discard predicates #20873
Conversation
asgerf
force-pushed
the
shared-xml-discard
branch
from
8ed22e1 to
dbf14c1
Compare
There was a problem hiding this comment.
Pull request overview
This PR refactors XML discard predicates by extracting them into shared OverlayXml.qll modules across five languages (Python, JavaScript, Java, Go, and C#). The shared code is synchronized via the identical-files.json configuration since parameterized modules and qlpacks cannot be used in this case.
- Introduces identical
OverlayXml.qllfiles in each language's internal directory - Removes duplicate XML handling code from existing
Overlay.qllfiles - Adds imports to the new shared modules
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| python/ql/lib/semmle/python/internal/OverlayXml.qll | New shared module containing XML discard predicates for overlay analysis |
| python/ql/lib/semmle/python/Overlay.qll | Removes duplicate XML handling code and imports the new OverlayXml module |
| javascript/ql/lib/semmle/javascript/internal/OverlayXml.qll | New shared module containing XML discard predicates for overlay analysis |
| javascript/ql/lib/semmle/javascript/internal/Overlay.qll | Removes xmllocations reference and imports the new OverlayXml module |
| java/ql/lib/semmle/code/xml/XML.qll | Removes unnecessary Overlay import and discardable XML classes |
| java/ql/lib/semmle/code/java/internal/OverlayXml.qll | New shared module containing XML discard predicates for overlay analysis |
| java/ql/lib/semmle/code/java/Overlay.qll | Removes duplicate XML handling code, updates getRawFile to exclude xmllocations, and imports the new OverlayXml module |
| go/ql/lib/semmle/go/internal/OverlayXml.qll | New shared module containing XML discard predicates for overlay analysis |
| go/ql/lib/semmle/go/Overlay.qll | Removes duplicate XML predicates and imports the new OverlayXml module |
| csharp/ql/lib/semmle/code/csharp/internal/OverlayXml.qll | New shared module containing XML discard predicates for overlay analysis |
| csharp/ql/lib/semmle/code/csharp/internal/Overlay.qll | Removes duplicate XML handling code and imports the new OverlayXml module |
| config/identical-files.json | Registers all five OverlayXml.qll files as synchronized identical files |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| */ | ||
| private predicate isOverlay() { databaseMetadata("isOverlay", "true") } | ||
|
|
||
| private @file getXmlFile(@xmllocatable locatable) { |
There was a problem hiding this comment.
Do all languages extract @file using named trap ids? Because if not, then this identification change from string to @file won't work. I'm guessing that they do, but this is a subtle change, so I figured it would be best to check.
There was a problem hiding this comment.
If string is the more robust option, let's go with that.
asgerf
dismissed stale reviews from tausbn, owen-mc, and michaelnebel
via
6257bed
Shares the discard predicates for XML entities.
This happens via synchronized-files since parameterised modules and qlpacks can't be used in this case.