Skip to content

Java: StaticInitializationVector with postprocess #18848

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 25, 2025
Merged

Java: StaticInitializationVector with postprocess #18848

merged 1 commit into from
Feb 25, 2025

Conversation

jbj
Copy link
Contributor

@jbj jbj commented Feb 24, 2025

Use the new postprocess feature for the test of StaticInitializationVector.ql. This makes it easier to modify and test this query for diff-informed operation.

@jbj
Java: StaticInitializationVector with postprocess
11a0a9f 
Use the new `postprocess` feature for the test of
`StaticInitializationVector.ql`. This makes it easier to modify and test
this query for diff-informed operation.
@jbj jbj added the no-change-note-required This PR does not need a change note label Feb 24, 2025
@Copilot Copilot AI review requested due to automatic review settings February 24, 2025 12:35
@jbj jbj requested a review from a team as a code owner February 24, 2025 12:35
@github-actions github-actions bot added the Java label Feb 24, 2025
Copilot
Copilot AI reviewed Feb 24, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR Overview

This PR updates the marker comments in the StaticInitializationVector test file to leverage the new postprocess feature, making it easier to modify and test the query.

  • Updated marker comments from "$staticInitializationVector" to "$Alert" on cipher initialization lines.
  • Added "$Source" markers to IV definition lines for clearer source annotation.

Reviewed Changes

File Description
java/ql/test/query-tests/security/CWE-1204/StaticInitializationVector.java Updated marker comments to support the new postprocess feature

Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.

Comments suppressed due to low confidence (2)

java/ql/test/query-tests/security/CWE-1204/StaticInitializationVector.java:19

  • Ensure that the updated marker '$Alert' is correctly configured in the postprocess feature. Verify that all similar cipher initialization lines are consistently updated and recognized by the testing framework.
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $Alert

java/ql/test/query-tests/security/CWE-1204/StaticInitializationVector.java:13

  • Confirm that the '$Source' marker is appropriately handled by the new postprocess system and maintains its intended annotation purpose.
byte[] iv = new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5 }; // $Source

Tip: If you use Visual Studio Code, you can request a review from Copilot before you push from the "Source Control" tab. Learn more

@jbj jbj merged commit 2edc9af into github:main Feb 25, 2025
10 checks passed
@jbj jbj deleted the StaticInitializationVector-postprocess branch February 25, 2025 11:44
@d10c d10c mentioned this pull request Jun 19, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@owen-mc owen-mc owen-mc approved these changes

Assignees
No one assigned
Labels
Java no-change-note-required This PR does not need a change note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jbj @owen-mc