C++/C#/Java/JavaScript/Python: Remove singleton set literals.

aschackmull · aschackmull · commit 57cb3007598d · 2021-10-14T11:34:22.000+02:00
diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll
@@ -56,7 +56,7 @@ private class MallocAllocationFunction extends AllocationFunction {
       ]) and
     sizeArg = 1
     or
-    hasGlobalName(["HeapAlloc"]) and // HeapAlloc(heap, flags, size)
+    hasGlobalName("HeapAlloc") and // HeapAlloc(heap, flags, size)
     sizeArg = 2
     or
     hasGlobalName([
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll
@@ -239,7 +239,7 @@ module EntityFramework {
   private class SystemDataEntityDbSetSqlQuerySinkModelCsv extends SinkModelCsv {
     override predicate row(string row) {
       row =
-        ["System.Data.Entity;DbSet;false;SqlQuery;(System.String,System.Object[]);;Argument[0];sql"]
+        "System.Data.Entity;DbSet;false;SqlQuery;(System.String,System.Object[]);;Argument[0];sql"
     }
   }
 
diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll
@@ -251,7 +251,7 @@ private class HttpResponseBaseSink extends Sink {
  */
 private class StringContentSinkModelCsv extends SinkModelCsv {
   override predicate row(string row) {
-    row = ["System.Net.Http;StringContent;false;StringContent;;;Argument[0];xss"]
+    row = "System.Net.Http;StringContent;false;StringContent;;;Argument[0];xss"
   }
 }
 
diff --git a/java/ql/lib/semmle/code/java/frameworks/jOOQ.qll b/java/ql/lib/semmle/code/java/frameworks/jOOQ.qll
@@ -24,11 +24,5 @@ predicate jOOQSqlMethod(Method m) {
 }
 
 private class SqlSinkCsv extends SinkModelCsv {
-  override predicate row(string row) {
-    row =
-      [
-        //"package;type;overrides;name;signature;ext;spec;kind"
-        "org.jooq;PlainSQL;false;;;Annotated;Argument[0];sql"
-      ]
-  }
+  override predicate row(string row) { row = "org.jooq;PlainSQL;false;;;Annotated;Argument[0];sql" }
 }
diff --git a/java/ql/lib/semmle/code/java/security/InformationLeak.qll b/java/ql/lib/semmle/code/java/security/InformationLeak.qll
@@ -9,9 +9,7 @@ import semmle.code.java.security.XSS
 private class DefaultInformationLeakSinkModel extends SinkModelCsv {
   override predicate row(string row) {
     row =
-      [
-        "javax.servlet.http;HttpServletResponse;false;sendError;(int,String);;Argument[1];information-leak"
-      ]
+      "javax.servlet.http;HttpServletResponse;false;sendError;(int,String);;Argument[1];information-leak"
   }
 }
 
diff --git a/java/ql/test/library-tests/frameworks/stream/test.ql b/java/ql/test/library-tests/frameworks/stream/test.ql
@@ -4,9 +4,6 @@ import TestUtilities.InlineFlowTest
 class SummaryModelTest extends SummaryModelCsv {
   override predicate row(string row) {
     row =
-      [
-        //"package;type;overrides;name;signature;ext;inputspec;outputspec;kind",
-        "generatedtest;Test;false;getElementSpliterator;(Spliterator);;Element of Argument[0];ReturnValue;value"
-      ]
+      "generatedtest;Test;false;getElementSpliterator;(Spliterator);;Element of Argument[0];ReturnValue;value"
   }
 }
diff --git a/java/ql/test/library-tests/optional/test.ql b/java/ql/test/library-tests/optional/test.ql
@@ -3,10 +3,6 @@ import TestUtilities.InlineFlowTest
 
 class SummaryModelTest extends SummaryModelCsv {
   override predicate row(string row) {
-    row =
-      [
-        //"package;type;overrides;name;signature;ext;inputspec;outputspec;kind",
-        "generatedtest;Test;false;getStreamElement;;;Element of Argument[0];ReturnValue;value"
-      ]
+    row = "generatedtest;Test;false;getStreamElement;;;Element of Argument[0];ReturnValue;value"
   }
 }
diff --git a/java/ql/test/query-tests/security/CWE-079/semmle/tests/XSS.ql b/java/ql/test/query-tests/security/CWE-079/semmle/tests/XSS.ql
@@ -20,7 +20,7 @@ class XSSConfig extends TaintTracking::Configuration {
 class XssTest extends InlineExpectationsTest {
   XssTest() { this = "XssTest" }
 
-  override string getARelevantTag() { result = ["xss"] }
+  override string getARelevantTag() { result = "xss" }
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "xss" and
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Angular2.qll b/javascript/ql/lib/semmle/javascript/frameworks/Angular2.qll
@@ -152,7 +152,7 @@ module Angular2 {
   /** A value that is about to be promoted to a trusted script value. */
   private class AngularCodeInjectionSink extends CodeInjection::Sink {
     AngularCodeInjectionSink() {
-      this = domSanitizer().getAMethodCall(["bypassSecurityTrustScript"]).getArgument(0)
+      this = domSanitizer().getAMethodCall("bypassSecurityTrustScript").getArgument(0)
     }
   }
 
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/ComposedFunctions.qll b/javascript/ql/lib/semmle/javascript/frameworks/ComposedFunctions.qll
@@ -82,7 +82,7 @@ module FunctionCompositionCall {
   /** A call whose arguments are functions `f,g,h` which are composed into `f(g(h(...))` */
   private class RightToLeft extends WithArrayOverloading {
     RightToLeft() {
-      this = DataFlow::moduleImport(["compose-function"]).getACall()
+      this = DataFlow::moduleImport("compose-function").getACall()
       or
       this =
         DataFlow::moduleMember(["redux", "ramda", "@reduxjs/toolkit", "recompose"], "compose")
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/MooTools.qll b/javascript/ql/lib/semmle/javascript/frameworks/MooTools.qll
@@ -35,7 +35,7 @@ module MooTools {
   predicate interpretsNodeAsHtml(DataFlow::Node node) {
     exists(Element e |
       node = e.getAnElementPropertyValue("html") or
-      node = e.getAMethodCall(["appendHtml"]).getArgument(0)
+      node = e.getAMethodCall("appendHtml").getArgument(0)
     )
   }
 }
diff --git a/javascript/ql/lib/semmle/javascript/security/performance/ReDoSUtil.qll b/javascript/ql/lib/semmle/javascript/security/performance/ReDoSUtil.qll
@@ -477,7 +477,7 @@ private module CharacterClasses {
       result = ["0", "9"]
       or
       cc.getValue() = "s" and
-      result = [" "]
+      result = " "
       or
       cc.getValue() = "w" and
       result = ["a", "Z", "_", "0", "9"]
@@ -490,7 +490,7 @@ private module CharacterClasses {
       result = "9"
       or
       cc.getValue() = "s" and
-      result = [" "]
+      result = " "
       or
       cc.getValue() = "w" and
       result = "a"
diff --git a/javascript/ql/test/testUtilities/ConsistencyChecking.qll b/javascript/ql/test/testUtilities/ConsistencyChecking.qll
@@ -62,7 +62,7 @@ private class AssertionComment extends LineComment {
   /**
    * Holds if a consistency issue is expected at this location.
    */
-  predicate expectConsistencyError() { getText().matches(["%[INCONSISTENCY]%"]) }
+  predicate expectConsistencyError() { getText().matches("%[INCONSISTENCY]%") }
 }
 
 private DataFlow::Node getASink() { exists(DataFlow::Configuration cfg | cfg.hasFlow(_, result)) }
diff --git a/python/ql/lib/semmle/python/frameworks/Aiohttp.qll b/python/ql/lib/semmle/python/frameworks/Aiohttp.qll
@@ -424,7 +424,7 @@ module AiohttpWebModel {
 
       override string getAttributeName() { none() }
 
-      override string getMethodName() { result in ["read_nowait"] }
+      override string getMethodName() { result = "read_nowait" }
 
       override string getAsyncMethodName() {
         result in [
diff --git a/python/ql/lib/semmle/python/frameworks/Cryptodome.qll b/python/ql/lib/semmle/python/frameworks/Cryptodome.qll
@@ -116,7 +116,7 @@ private module CryptodomeModel {
         ] and
       this =
         API::moduleImport(["Crypto", "Cryptodome"])
-            .getMember(["Cipher"])
+            .getMember("Cipher")
             .getMember(cipherName)
             .getMember("new")
             .getReturn()
@@ -135,21 +135,21 @@ private module CryptodomeModel {
       or
       // for the following methods, method signatures can be found in
       // https://pycryptodome.readthedocs.io/en/latest/src/cipher/modern.html
-      methodName in ["update"] and
+      methodName = "update" and
       result in [this.getArg(0), this.getArgByName("data")]
       or
       // although `mac_tag` is used as the parameter name in the spec above, some implementations use `received_mac_tag`, for an example, see
       // https://github.com/Legrandin/pycryptodome/blob/5dace638b70ac35bb5d9b565f3e75f7869c9d851/lib/Crypto/Cipher/ChaCha20_Poly1305.py#L207
-      methodName in ["verify"] and
+      methodName = "verify" and
       result in [this.getArg(0), this.getArgByName(["mac_tag", "received_mac_tag"])]
       or
-      methodName in ["hexverify"] and
+      methodName = "hexverify" and
       result in [this.getArg(0), this.getArgByName("mac_tag_hex")]
       or
-      methodName in ["encrypt_and_digest"] and
+      methodName = "encrypt_and_digest" and
       result in [this.getArg(0), this.getArgByName("plaintext")]
       or
-      methodName in ["decrypt_and_verify"] and
+      methodName = "decrypt_and_verify" and
       result in [
           this.getArg(0), this.getArgByName("ciphertext"), this.getArg(1),
           this.getArgByName("mac_tag")
@@ -169,7 +169,7 @@ private module CryptodomeModel {
       methodName in ["sign", "verify"] and
       this =
         API::moduleImport(["Crypto", "Cryptodome"])
-            .getMember(["Signature"])
+            .getMember("Signature")
             .getMember(signatureName)
             .getMember("new")
             .getReturn()
@@ -185,11 +185,11 @@ private module CryptodomeModel {
       methodName = "sign" and
       result in [this.getArg(0), this.getArgByName("msg_hash")] // Cryptodome.Hash instance
       or
-      methodName in ["verify"] and
+      methodName = "verify" and
       (
-        result in [this.getArg(0), this.getArgByName(["msg_hash"])] // Cryptodome.Hash instance
+        result in [this.getArg(0), this.getArgByName("msg_hash")] // Cryptodome.Hash instance
         or
-        result in [this.getArg(1), this.getArgByName(["signature"])]
+        result in [this.getArg(1), this.getArgByName("signature")]
       )
     }
   }
@@ -204,7 +204,7 @@ private module CryptodomeModel {
     CryptodomeGenericHashOperation() {
       exists(API::Node hashModule |
         hashModule =
-          API::moduleImport(["Crypto", "Cryptodome"]).getMember(["Hash"]).getMember(hashName)
+          API::moduleImport(["Crypto", "Cryptodome"]).getMember("Hash").getMember(hashName)
       |
         this = hashModule.getMember("new").getACall()
         or
diff --git a/python/ql/lib/semmle/python/frameworks/Stdlib.qll b/python/ql/lib/semmle/python/frameworks/Stdlib.qll
@@ -1277,7 +1277,7 @@ private module StdlibPrivate {
   /**
    * Gets a name of an attribute of a `pathlib.Path` object that is also a `pathlib.Path` object.
    */
-  private string pathlibPathAttribute() { result in ["parent"] }
+  private string pathlibPathAttribute() { result = "parent" }
 
   /**
    * Gets a name of a method of a `pathlib.Path` object that returns a `pathlib.Path` object.
diff --git a/python/ql/lib/semmle/python/frameworks/Tornado.qll b/python/ql/lib/semmle/python/frameworks/Tornado.qll
@@ -318,7 +318,7 @@ private module Tornado {
               ]
           }
 
-          override string getMethodName() { result in ["full_url"] }
+          override string getMethodName() { result = "full_url" }
 
           override string getAsyncMethodName() { none() }
         }
diff --git a/python/ql/lib/semmle/python/frameworks/Werkzeug.qll b/python/ql/lib/semmle/python/frameworks/Werkzeug.qll
@@ -58,7 +58,7 @@ module Werkzeug {
 
       override string getAttributeName() { none() }
 
-      override string getMethodName() { result in ["getlist"] }
+      override string getMethodName() { result = "getlist" }
 
       override string getAsyncMethodName() { none() }
     }
diff --git a/python/ql/lib/semmle/python/frameworks/Yarl.qll b/python/ql/lib/semmle/python/frameworks/Yarl.qll
@@ -68,7 +68,7 @@ module Yarl {
           ]
       }
 
-      override string getMethodName() { result in ["human_repr"] }
+      override string getMethodName() { result = "human_repr" }
 
       override string getAsyncMethodName() { none() }
     }
diff --git a/python/ql/lib/semmle/python/security/performance/ReDoSUtil.qll b/python/ql/lib/semmle/python/security/performance/ReDoSUtil.qll
@@ -477,7 +477,7 @@ private module CharacterClasses {
       result = ["0", "9"]
       or
       cc.getValue() = "s" and
-      result = [" "]
+      result = " "
       or
       cc.getValue() = "w" and
       result = ["a", "Z", "_", "0", "9"]
@@ -490,7 +490,7 @@ private module CharacterClasses {
       result = "9"
       or
       cc.getValue() = "s" and
-      result = [" "]
+      result = " "
       or
       cc.getValue() = "w" and
       result = "a"
diff --git a/python/ql/test/experimental/meta/ConceptsTest.qll b/python/ql/test/experimental/meta/ConceptsTest.qll
@@ -96,7 +96,7 @@ class EncodingTest extends InlineExpectationsTest {
 class LoggingTest extends InlineExpectationsTest {
   LoggingTest() { this = "LoggingTest" }
 
-  override string getARelevantTag() { result in ["loggingInput"] }
+  override string getARelevantTag() { result = "loggingInput" }
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     exists(location.getFile().getRelativePath()) and
@@ -181,7 +181,7 @@ class EscapingTest extends InlineExpectationsTest {
 class HttpServerRouteSetupTest extends InlineExpectationsTest {
   HttpServerRouteSetupTest() { this = "HttpServerRouteSetupTest" }
 
-  override string getARelevantTag() { result in ["routeSetup"] }
+  override string getARelevantTag() { result = "routeSetup" }
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     exists(location.getFile().getRelativePath()) and

Original file line number	Diff line number	Diff line change
`@@ -239,7 +239,7 @@ module EntityFramework {`
`239`	`239`	`private class SystemDataEntityDbSetSqlQuerySinkModelCsv extends SinkModelCsv {`
`240`	`240`	`override predicate row(string row) {`
`241`	`241`	`row =`
`242`		`- ["System.Data.Entity;DbSet;false;SqlQuery;(System.String,System.Object[]);;Argument[0];sql"]`
	`242`	`+ "System.Data.Entity;DbSet;false;SqlQuery;(System.String,System.Object[]);;Argument[0];sql"`
`243`	`243`	`}`
`244`	`244`	`}`
`245`	`245`
Original file line number	Diff line number	Diff line change
`@@ -251,7 +251,7 @@ private class HttpResponseBaseSink extends Sink {`
`251`	`251`	`*/`
`252`	`252`	`private class StringContentSinkModelCsv extends SinkModelCsv {`
`253`	`253`	`override predicate row(string row) {`
`254`		`- row = ["System.Net.Http;StringContent;false;StringContent;;;Argument[0];xss"]`
	`254`	`+ row = "System.Net.Http;StringContent;false;StringContent;;;Argument[0];xss"`
`255`	`255`	`}`
`256`	`256`	`}`
`257`	`257`
Original file line number	Diff line number	Diff line change
`@@ -24,11 +24,5 @@ predicate jOOQSqlMethod(Method m) {`
`24`	`24`	`}`
`25`	`25`
`26`	`26`	`private class SqlSinkCsv extends SinkModelCsv {`
`27`		`- override predicate row(string row) {`
`28`		`- row =`
`29`		`- [`
`30`		`- //"package;type;overrides;name;signature;ext;spec;kind"`
`31`		`- "org.jooq;PlainSQL;false;;;Annotated;Argument[0];sql"`
`32`		`- ]`
`33`		`- }`
	`27`	`+ override predicate row(string row) { row = "org.jooq;PlainSQL;false;;;Annotated;Argument[0];sql" }`
`34`	`28`	`}`
Original file line number	Diff line number	Diff line change
`@@ -9,9 +9,7 @@ import semmle.code.java.security.XSS`
`9`	`9`	`private class DefaultInformationLeakSinkModel extends SinkModelCsv {`
`10`	`10`	`override predicate row(string row) {`
`11`	`11`	`row =`
`12`		`- [`
`13`		`- "javax.servlet.http;HttpServletResponse;false;sendError;(int,String);;Argument[1];information-leak"`
`14`		`- ]`
	`12`	`+ "javax.servlet.http;HttpServletResponse;false;sendError;(int,String);;Argument[1];information-leak"`
`15`	`13`	`}`
`16`	`14`	`}`
`17`	`15`
Original file line number	Diff line number	Diff line change
`@@ -4,9 +4,6 @@ import TestUtilities.InlineFlowTest`
`4`	`4`	`class SummaryModelTest extends SummaryModelCsv {`
`5`	`5`	`override predicate row(string row) {`
`6`	`6`	`row =`
`7`		`- [`
`8`		`- //"package;type;overrides;name;signature;ext;inputspec;outputspec;kind",`
`9`		`- "generatedtest;Test;false;getElementSpliterator;(Spliterator);;Element of Argument[0];ReturnValue;value"`
`10`		`- ]`
	`7`	`+ "generatedtest;Test;false;getElementSpliterator;(Spliterator);;Element of Argument[0];ReturnValue;value"`
`11`	`8`	`}`
`12`	`9`	`}`
Original file line number	Diff line number	Diff line change
`@@ -3,10 +3,6 @@ import TestUtilities.InlineFlowTest`
`3`	`3`
`4`	`4`	`class SummaryModelTest extends SummaryModelCsv {`
`5`	`5`	`override predicate row(string row) {`
`6`		`- row =`
`7`		`- [`
`8`		`- //"package;type;overrides;name;signature;ext;inputspec;outputspec;kind",`
`9`		`- "generatedtest;Test;false;getStreamElement;;;Element of Argument[0];ReturnValue;value"`
`10`		`- ]`
	`6`	`+ row = "generatedtest;Test;false;getStreamElement;;;Element of Argument[0];ReturnValue;value"`
`11`	`7`	`}`
`12`	`8`	`}`
Original file line number	Diff line number	Diff line change
`@@ -152,7 +152,7 @@ module Angular2 {`
`152`	`152`	`/** A value that is about to be promoted to a trusted script value. */`
`153`	`153`	`private class AngularCodeInjectionSink extends CodeInjection::Sink {`
`154`	`154`	`AngularCodeInjectionSink() {`
`155`		`- this = domSanitizer().getAMethodCall(["bypassSecurityTrustScript"]).getArgument(0)`
	`155`	`+ this = domSanitizer().getAMethodCall("bypassSecurityTrustScript").getArgument(0)`
`156`	`156`	`}`
`157`	`157`	`}`
`158`	`158`