You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: java/ql/automodel/src/README.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ This pack contains the automodel extraction queries for Java.
4
4
5
5
## Extraction Queries in `java/ql/automodel/src`
6
6
7
-
This pack contains extraction queries for application mode and framework mode.
7
+
Included in this pack are queries for both application mode and framework mode.
8
8
9
9
| Kind | Mode | Query File |
10
10
|------|------|------------|
@@ -17,7 +17,7 @@ This pack contains extraction queries for application mode and framework mode.
17
17
18
18
## Running the Queries
19
19
20
-
The extraction queries are part of a separate query pack, `java-automodel-queries`. Use this pack to run them. The queries are tagged appropriately, you can use the tags (example here: https://github.com/github/codeql/blob/main/java/ql/automodel/src/AutomodelApplicationModeExtractNegativeExamples.ql#L8) to construct query suites.
20
+
The extraction queries are part of a separate query pack, `codeql/java-automodel-queries`. Use this pack to run them. The queries are tagged appropriately, you can use the tags (example here: https://github.com/github/codeql/blob/main/java/ql/automodel/src/AutomodelApplicationModeExtractNegativeExamples.ql#L8) to construct query suites.
21
21
22
22
For example, a query suite selecting all example extraction queries (positive and negative) for application mode looks like this:
23
23
@@ -41,7 +41,7 @@ For example, a query suite selecting all example extraction queries (positive an
41
41
42
42
### Concept: `Endpoint`
43
43
44
-
Endpoints are source code locations of interest. All +/- examples and all candidates are endpoints, but not all endpoints are examples or candidates. Each mode decides what endpoints are relevant. For instance, if the Java application mode wants to support candidates for sinks that are arguments passed to unknown method calls, then the Java application mode implementation needs to make sure that method arguments are endpoints. If you look at the `TApplicationModeEndpoint` implementation in [AutomodelApplicationModeCharacteristics.qll](https://github.com/github/codeql/blob/main/java/ql/automodel/src/AutomodelApplicationModeCharacteristics.qll), you can see that this is the case: the `TExplicitArgument` implements this behavior.
44
+
Endpoints are source code locations of interest. All +/- examples and all candidates are endpoints, but not all endpoints are examples or candidates. Each mode decides which endpoints are relevant. For instance, if the Java application mode wants to support candidates for sinks that are arguments passed to unknown method calls, then the Java application mode implementation needs to make sure that method arguments are endpoints. If you look at the `TApplicationModeEndpoint` implementation in [AutomodelApplicationModeCharacteristics.qll](https://github.com/github/codeql/blob/main/java/ql/automodel/src/AutomodelApplicationModeCharacteristics.qll), you can see that this is the case: the `TExplicitArgument` implements this behavior.
45
45
46
46
Whether or not an endpoint is a +/- example, or a candidate depends on the individual extraction queries.
47
47
@@ -57,7 +57,7 @@ The +/- and candidate extraction queries largely<sup>[1](#largely-use-characteri
57
57
58
58
#### :warning: Warning
59
59
60
-
Do not to "fix" shortcomings that could be fixed by a better prompt or better example selection by adding language- or mode-specific characteristics . Those "fixes" tend to be confusing downstream when questions like "why wasn't this location selected as a candidate?" becomes progressively harder and harder to answer. It's best to rely on characteristics in the code that is shared across all languages and modes (see [Shared Code](#shared-code)).
60
+
Do not try to "fix" shortcomings that could be fixed by a better prompt or better example selection by adding language- or mode-specific characteristics . Those "fixes" tend to be confusing downstream when questions like "why wasn't this location selected as a candidate?" becomes progressively harder and harder to answer. It's best to rely on characteristics in the code that is shared across all languages and modes (see [Shared Code](#shared-code)).
61
61
62
62
## Shared Code
63
63
@@ -117,7 +117,7 @@ Source candidates are a bit more varied than sink candidates:
117
117
118
118
##### Parameters as Source Candidates
119
119
120
-
A parameter could be a source, eg. when a framework passes user-controlled data to a handler defined in customer code.
120
+
A parameter could be a source, e.g. when a framework passes user-controlled data to a handler defined in customer code.
0 commit comments