-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathDatabaseQualityDiagnostics.ql
More file actions
41 lines (36 loc) · 1.52 KB
/
DatabaseQualityDiagnostics.ql
File metadata and controls
41 lines (36 loc) · 1.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
/**
* @name Low Java analysis quality
* @description Low Java analysis quality
* @kind diagnostic
* @id java/diagnostic/database-quality
*/
import java
import DatabaseQuality
private newtype TDbQualityDiagnostic =
TTheDbQualityDiagnostic() {
exists(float percentageGood |
CallTargetStatsReport::percentageOfOk(_, percentageGood)
or
ExprTypeStatsReport::percentageOfOk(_, percentageGood)
|
percentageGood < 95
)
}
class DbQualityDiagnostic extends TDbQualityDiagnostic {
string toString() {
result =
"There were significant issues scanning Java code. " +
"This may be caused by problems identifying dependencies or use of generated source code, among other reasons -- "
+ "see other CodeQL diagnostics reported on the CodeQL status page for more details of possible causes. " +
"Addressing these warnings is advisable to avoid false-positive or missing results. If not, consider scanning Java " +
"using either the `autobuild` or `manual` [build modes](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#comparison-of-the-build-modes)."
}
}
query predicate diagnosticAttributes(DbQualityDiagnostic e, string key, string value) {
e = e and // Quieten warning about unconstrained 'e'
key = ["visibilityCliSummaryTable", "visibilityTelemetry", "visibilityStatusPage"] and
value = "true"
}
from DbQualityDiagnostic d
select d, d.toString(), 1
/* Warning severity */