use new DollarAtString class to return metadata using notation

Author: Stephan Brandauer

java/ql/src/Telemetry/AutomodelFrameworkModeExtractCandidates.ql

@@ -13,6 +13,7 @@
  */
 
 private import AutomodelFrameworkModeCharacteristics
+private import AutomodelSharedUtil
 
 from
   Endpoint endpoint, string message, MetadataExtractor meta, string package, string type,
@@ -41,5 +42,9 @@ select endpoint,
   message + "\nrelated locations: $@, $@." + "\nmetadata: $@, $@, $@, $@, $@, $@.", //
   CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, MethodDoc()), "MethodDoc", //
   CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, ClassDoc()), "ClassDoc", //
-  package, "package", type, "type", subtypes.toString(), "subtypes", name, "name", signature,
-  "signature", input.toString(), "input" //
+  package.(DollarAtString), "package", //
+  type.(DollarAtString), "type", //
+  subtypes.toString().(DollarAtString), "subtypes", //
+  name.(DollarAtString), "name", //
+  signature.(DollarAtString), "signature", //
+  input.toString().(DollarAtString), "input" //

java/ql/src/Telemetry/AutomodelFrameworkModeExtractNegativeExamples.ql

@@ -10,6 +10,7 @@
 
 private import AutomodelFrameworkModeCharacteristics
 private import AutomodelEndpointTypes
+private import AutomodelSharedUtil
 
 from
   Endpoint endpoint, EndpointCharacteristic characteristic, float confidence, string message,
@@ -38,5 +39,9 @@ select endpoint,
   message + "\nrelated locations: $@, $@." + "\nmetadata: $@, $@, $@, $@, $@, $@.", //
   CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, MethodDoc()), "MethodDoc", //
   CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, ClassDoc()), "ClassDoc", //
-  package, "package", type, "type", subtypes.toString(), "subtypes", name, "name", signature,
-  "signature", input.toString(), "input" //
+  package.(DollarAtString), "package", //
+  type.(DollarAtString), "type", //
+  subtypes.toString().(DollarAtString), "subtypes", //
+  name.(DollarAtString), "name", //
+  signature.(DollarAtString), "signature", //
+  input.toString().(DollarAtString), "input" //

java/ql/src/Telemetry/AutomodelFrameworkModeExtractPositiveExamples.ql

@@ -10,6 +10,7 @@
 
 private import AutomodelFrameworkModeCharacteristics
 private import AutomodelEndpointTypes
+private import AutomodelSharedUtil
 
 from
   Endpoint endpoint, SinkType sinkType, MetadataExtractor meta, string package, string type,
@@ -25,5 +26,9 @@ select endpoint,
   sinkType + "\nrelated locations: $@, $@." + "\nmetadata: $@, $@, $@, $@, $@, $@.", //
   CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, MethodDoc()), "MethodDoc", //
   CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, ClassDoc()), "ClassDoc", //
-  package, "package", type, "type", subtypes.toString(), "subtypes", name, "name", signature,
-  "signature", input.toString(), "input" //
+  package.(DollarAtString), "package", //
+  type.(DollarAtString), "type", //
+  subtypes.toString().(DollarAtString), "subtypes", //
+  name.(DollarAtString), "name", //
+  signature.(DollarAtString), "signature", //
+  input.toString().(DollarAtString), "input" //

java/ql/src/Telemetry/AutomodelSharedUtil.qll

@@ -0,0 +1,22 @@
+/**
+ * Helper class to represent a string value that can be returned by a query using $@ notation.
+ *
+ * It extends `string`, but adds a mock `getURL` method that returns the string itself as a data URL.
+ *
+ * Use this, when you want to return a string value from a query using $@ notation — the string value
+ * will be included in the sarif file.
+ *
+ * Note that the string should be URL-encoded, or the resulting URL will be invalid (this may be OK in your use case).
+ *
+ * Background information:
+ *  - data URLs: https://developer.mozilla.org/en-US/docs/web/http/basics_of_http/data_urls
+ *  - `getURL`:
+ *      https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/#providing-urls
+ */
+class DollarAtString extends string {
+  bindingset[this]
+  DollarAtString() { any() }
+
+  bindingset[this]
+  string getURL() { result = "data:text/plain," + this }
+}