Add query suite tests for swift with shared logic

tamasvajk · tamasvajk · commit 4c9aee2cc7bc · 2025-04-25T14:06:15.000+02:00
diff --git a/java/ql/integration-tests/java/query-suite/test.py b/java/ql/integration-tests/java/query-suite/test.py
@@ -1,29 +1,23 @@
-import os
 import runs_on
 import pytest
+import sys
+
+def get_test_module(semmle_code_dir):
+    import importlib.util
+    spec = importlib.util.spec_from_file_location('test-module', semmle_code_dir / 'ql' / 'misc' / 'pytest' / 'lib' / 'query-suite-test.py')
+    mod = importlib.util.module_from_spec(spec)
+    sys.modules["test-module"] = mod
+    spec.loader.exec_module(mod)
+    return mod
 
 well_known_query_suites = ['java-code-quality.qls', 'java-security-and-quality.qls', 'java-security-extended.qls', 'java-code-scanning.qls']
 
 @runs_on.posix
 @pytest.mark.parametrize("query_suite", well_known_query_suites)
 def test(codeql, java, cwd, expected_files, semmle_code_dir, query_suite):
-    actual = codeql.resolve.queries(query_suite, _capture=True).strip()
-    actual = sorted(actual.splitlines())
-    actual = [os.path.relpath(q, semmle_code_dir) for q in actual]
-    actual_file_name = query_suite + '.actual'
-    expected_files.add(actual_file_name)
-    (cwd / actual_file_name).write_text('\n'.join(actual)+'\n')
+    get_test_module(semmle_code_dir).test(codeql, cwd, expected_files, semmle_code_dir, query_suite)
+
 
 @runs_on.posix
 def test_not_included_queries(codeql, java, cwd, expected_files, semmle_code_dir):
-    all_queries = codeql.resolve.queries(semmle_code_dir / 'ql' / 'java' / 'ql' / 'src', _capture=True).strip().splitlines()
-
-    included_in_qls = set()
-    for query_suite in well_known_query_suites:
-        included_in_qls |= set(codeql.resolve.queries(query_suite, _capture=True).strip().splitlines())
-
-    not_included = sorted(set(all_queries) - included_in_qls)
-    not_included = [os.path.relpath(q, semmle_code_dir) for q in not_included]
-    not_included_file_name = 'not_included_in_qls.actual'
-    expected_files.add(not_included_file_name)
-    (cwd / not_included_file_name).write_text('\n'.join(not_included)+'\n')
+    get_test_module(semmle_code_dir).test_not_included_queries(codeql, 'java', cwd, expected_files, semmle_code_dir, well_known_query_suites)
diff --git a/misc/pytest/lib/query-suite-test.py b/misc/pytest/lib/query-suite-test.py
@@ -0,0 +1,23 @@
+
+import os
+
+def test(codeql, cwd, expected_files, semmle_code_dir, query_suite):
+    actual = codeql.resolve.queries(query_suite, _capture=True).strip()
+    actual = sorted(actual.splitlines())
+    actual = [os.path.relpath(q, semmle_code_dir) for q in actual]
+    actual_file_name = query_suite + '.actual'
+    expected_files.add(actual_file_name)
+    (cwd / actual_file_name).write_text('\n'.join(actual)+'\n')
+
+def test_not_included_queries(codeql, lang_folder_name, cwd, expected_files, semmle_code_dir, query_suites):
+    all_queries = codeql.resolve.queries(semmle_code_dir / 'ql' / lang_folder_name / 'ql' / 'src', _capture=True).strip().splitlines()
+
+    included_in_qls = set()
+    for query_suite in query_suites:
+        included_in_qls |= set(codeql.resolve.queries(query_suite, _capture=True).strip().splitlines())
+
+    not_included = sorted(set(all_queries) - included_in_qls)
+    not_included = [os.path.relpath(q, semmle_code_dir) for q in not_included]
+    not_included_file_name = 'not_included_in_qls.actual'
+    expected_files.add(not_included_file_name)
+    (cwd / not_included_file_name).write_text('\n'.join(not_included)+'\n')
diff --git a/swift/ql/integration-tests/posix/query-suite/not_included_in_qls.expected b/swift/ql/integration-tests/posix/query-suite/not_included_in_qls.expected
@@ -0,0 +1,9 @@
+ql/swift/ql/src/AlertSuppression.ql
+ql/swift/ql/src/experimental/Security/CWE-022/UnsafeUnpack.ql
+ql/swift/ql/src/queries/Summary/FlowSources.ql
+ql/swift/ql/src/queries/Summary/QuerySinks.ql
+ql/swift/ql/src/queries/Summary/RegexEvals.ql
+ql/swift/ql/src/queries/Summary/SensitiveExprs.ql
+ql/swift/ql/src/queries/Summary/SummaryStats.ql
+ql/swift/ql/src/queries/Summary/TaintReach.ql
+ql/swift/ql/src/queries/ide-contextual-queries/printAst.ql
diff --git a/swift/ql/integration-tests/posix/query-suite/swift-code-quality.qls.expected b/swift/ql/integration-tests/posix/query-suite/swift-code-quality.qls.expected
@@ -0,0 +1 @@
+
diff --git a/swift/ql/integration-tests/posix/query-suite/swift-code-scanning.qls.expected b/swift/ql/integration-tests/posix/query-suite/swift-code-scanning.qls.expected
@@ -0,0 +1,31 @@
+ql/swift/ql/src/diagnostics/ExtractedFiles.ql
+ql/swift/ql/src/diagnostics/SuccessfullyExtractedLines.ql
+ql/swift/ql/src/diagnostics/internal/AstNodes.ql
+ql/swift/ql/src/diagnostics/internal/ExtractionErrors.ql
+ql/swift/ql/src/diagnostics/internal/UnresolvedAstNodes.ql
+ql/swift/ql/src/queries/Security/CWE-020/IncompleteHostnameRegex.ql
+ql/swift/ql/src/queries/Security/CWE-020/MissingRegexAnchor.ql
+ql/swift/ql/src/queries/Security/CWE-022/PathInjection.ql
+ql/swift/ql/src/queries/Security/CWE-078/CommandInjection.ql
+ql/swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql
+ql/swift/ql/src/queries/Security/CWE-089/SqlInjection.ql
+ql/swift/ql/src/queries/Security/CWE-116/BadTagFilter.ql
+ql/swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql
+ql/swift/ql/src/queries/Security/CWE-1333/ReDoS.ql
+ql/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql
+ql/swift/ql/src/queries/Security/CWE-135/StringLengthConflation.ql
+ql/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
+ql/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql
+ql/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
+ql/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql
+ql/swift/ql/src/queries/Security/CWE-312/CleartextStoragePreferences.ql
+ql/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
+ql/swift/ql/src/queries/Security/CWE-327/ECBEncryption.ql
+ql/swift/ql/src/queries/Security/CWE-328/WeakPasswordHashing.ql
+ql/swift/ql/src/queries/Security/CWE-328/WeakSensitiveDataHashing.ql
+ql/swift/ql/src/queries/Security/CWE-611/XXE.ql
+ql/swift/ql/src/queries/Security/CWE-730/RegexInjection.ql
+ql/swift/ql/src/queries/Security/CWE-757/InsecureTLS.ql
+ql/swift/ql/src/queries/Security/CWE-760/ConstantSalt.ql
+ql/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.ql
+ql/swift/ql/src/queries/Security/CWE-943/PredicateInjection.ql
diff --git a/swift/ql/integration-tests/posix/query-suite/swift-security-and-quality.qls.expected b/swift/ql/integration-tests/posix/query-suite/swift-security-and-quality.qls.expected
@@ -0,0 +1,32 @@
+ql/swift/ql/src/diagnostics/ExtractedFiles.ql
+ql/swift/ql/src/diagnostics/SuccessfullyExtractedLines.ql
+ql/swift/ql/src/diagnostics/internal/AstNodes.ql
+ql/swift/ql/src/diagnostics/internal/ExtractionErrors.ql
+ql/swift/ql/src/diagnostics/internal/UnresolvedAstNodes.ql
+ql/swift/ql/src/queries/Security/CWE-020/IncompleteHostnameRegex.ql
+ql/swift/ql/src/queries/Security/CWE-020/MissingRegexAnchor.ql
+ql/swift/ql/src/queries/Security/CWE-022/PathInjection.ql
+ql/swift/ql/src/queries/Security/CWE-078/CommandInjection.ql
+ql/swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql
+ql/swift/ql/src/queries/Security/CWE-089/SqlInjection.ql
+ql/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
+ql/swift/ql/src/queries/Security/CWE-116/BadTagFilter.ql
+ql/swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql
+ql/swift/ql/src/queries/Security/CWE-1333/ReDoS.ql
+ql/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql
+ql/swift/ql/src/queries/Security/CWE-135/StringLengthConflation.ql
+ql/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
+ql/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql
+ql/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
+ql/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql
+ql/swift/ql/src/queries/Security/CWE-312/CleartextStoragePreferences.ql
+ql/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
+ql/swift/ql/src/queries/Security/CWE-327/ECBEncryption.ql
+ql/swift/ql/src/queries/Security/CWE-328/WeakPasswordHashing.ql
+ql/swift/ql/src/queries/Security/CWE-328/WeakSensitiveDataHashing.ql
+ql/swift/ql/src/queries/Security/CWE-611/XXE.ql
+ql/swift/ql/src/queries/Security/CWE-730/RegexInjection.ql
+ql/swift/ql/src/queries/Security/CWE-757/InsecureTLS.ql
+ql/swift/ql/src/queries/Security/CWE-760/ConstantSalt.ql
+ql/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.ql
+ql/swift/ql/src/queries/Security/CWE-943/PredicateInjection.ql
diff --git a/swift/ql/integration-tests/posix/query-suite/swift-security-extended.qls.expected b/swift/ql/integration-tests/posix/query-suite/swift-security-extended.qls.expected
@@ -0,0 +1,32 @@
+ql/swift/ql/src/diagnostics/ExtractedFiles.ql
+ql/swift/ql/src/diagnostics/SuccessfullyExtractedLines.ql
+ql/swift/ql/src/diagnostics/internal/AstNodes.ql
+ql/swift/ql/src/diagnostics/internal/ExtractionErrors.ql
+ql/swift/ql/src/diagnostics/internal/UnresolvedAstNodes.ql
+ql/swift/ql/src/queries/Security/CWE-020/IncompleteHostnameRegex.ql
+ql/swift/ql/src/queries/Security/CWE-020/MissingRegexAnchor.ql
+ql/swift/ql/src/queries/Security/CWE-022/PathInjection.ql
+ql/swift/ql/src/queries/Security/CWE-078/CommandInjection.ql
+ql/swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql
+ql/swift/ql/src/queries/Security/CWE-089/SqlInjection.ql
+ql/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
+ql/swift/ql/src/queries/Security/CWE-116/BadTagFilter.ql
+ql/swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql
+ql/swift/ql/src/queries/Security/CWE-1333/ReDoS.ql
+ql/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql
+ql/swift/ql/src/queries/Security/CWE-135/StringLengthConflation.ql
+ql/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
+ql/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql
+ql/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
+ql/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql
+ql/swift/ql/src/queries/Security/CWE-312/CleartextStoragePreferences.ql
+ql/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
+ql/swift/ql/src/queries/Security/CWE-327/ECBEncryption.ql
+ql/swift/ql/src/queries/Security/CWE-328/WeakPasswordHashing.ql
+ql/swift/ql/src/queries/Security/CWE-328/WeakSensitiveDataHashing.ql
+ql/swift/ql/src/queries/Security/CWE-611/XXE.ql
+ql/swift/ql/src/queries/Security/CWE-730/RegexInjection.ql
+ql/swift/ql/src/queries/Security/CWE-757/InsecureTLS.ql
+ql/swift/ql/src/queries/Security/CWE-760/ConstantSalt.ql
+ql/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.ql
+ql/swift/ql/src/queries/Security/CWE-943/PredicateInjection.ql
diff --git a/swift/ql/integration-tests/posix/query-suite/test.py b/swift/ql/integration-tests/posix/query-suite/test.py
@@ -0,0 +1,23 @@
+import runs_on
+import pytest
+import sys
+
+def get_test_module(semmle_code_dir):
+    import importlib.util
+    spec = importlib.util.spec_from_file_location('test-module', semmle_code_dir / 'ql' / 'misc' / 'pytest' / 'lib' / 'query-suite-test.py')
+    mod = importlib.util.module_from_spec(spec)
+    sys.modules["test-module"] = mod
+    spec.loader.exec_module(mod)
+    return mod
+
+
+well_known_query_suites = ['swift-code-quality.qls', 'swift-security-and-quality.qls', 'swift-security-extended.qls', 'swift-code-scanning.qls']
+
+@runs_on.posix
+@pytest.mark.parametrize("query_suite", well_known_query_suites)
+def test(codeql, swift, cwd, expected_files, semmle_code_dir, query_suite):
+    get_test_module(semmle_code_dir).test(codeql, cwd, expected_files, semmle_code_dir, query_suite)
+
+@runs_on.posix
+def test_not_included_queries(codeql, swift, cwd, expected_files, semmle_code_dir):
+    get_test_module(semmle_code_dir).test_not_included_queries(codeql, 'swift', cwd, expected_files, semmle_code_dir, well_known_query_suites)
