You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst
+17-8Lines changed: 17 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -410,19 +410,28 @@ The following components are supported:
410
410
Provenance
411
411
----------
412
412
413
-
The **provenance** column is used to specify the provenance (origin) of the model definition.
414
-
413
+
The **provenance** column is used to specify the provenance (origin) of the model definition and how the model was verified.
415
414
The following values are supported:
416
415
417
-
- **manual**: The model was manually created (or verified by a human) and added to the extensible predicate.
418
-
- **generated**: The model was generated by the model generator and added to the extensible predicate.
419
-
- **ai-generated**: The model was generated by AI and added to the extensible predicate.
416
+
- **manual**: The model was manually created and added to the extensible predicate.
417
+
418
+
or values in the form **origin-verification**, where origin is one of:
419
+
420
+
- **ai**: The model was generated by AI.
421
+
- **df**: The model was generated by the dataflow model generator.
422
+
- **tb**: The model was generated by the type based model generator.
423
+
- **hq**: The model was generated using a heuristic query.
424
+
425
+
and verification is one of:
426
+
427
+
- **manual**: The model was verified by a human.
428
+
- **generated**: The model was generated, but not verified by a human.
420
429
421
-
The provenance is used to distinguish between models that are manually added to the extensible predicate and models that are automatically generated.
430
+
The provenance is used to distinguish between models that are manually added (or verified) to the extensible predicate and models that are automatically generated.
422
431
Furthermore, it impacts the data flow analysis in the following way:
423
432
424
-
- A **manual** model takes precedence over **generated** models. If a **manual** model exists for an element then all generated models are ignored.
425
-
- A **generated** or **ai-generated** model is ignored during analysis, if the source code of the element it is modeling is available.
433
+
- A **manual** model takes precedence over **generated** models. If a **manual** model exists for an element then all **generated** models are ignored.
434
+
- A **generated** model is ignored during analysis, if the source code of the element it is modeling is available.
426
435
427
436
That is, generated models are less trusted than manual models and only used if neither source code nor a manual model is available.
0 commit comments