codeql icon indicating copy to clipboard operation
codeql copied to clipboard

Published 20 hours ago verified publisher icon github

C#: Add source models for `file` threat model/source kind for .NET standard library

Open egregius313 opened this issue 1 year ago • 1 comments
trafficstars

WIP, but adds source and summary models related to file (streams) in System.IO.

egregius313 avatar Mar 01 '24 20:03 egregius313

:warning: The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged.

Click to show differences in coverage

csharp

Generated file changes for csharp

  • Changes to framework-coverage-csharp.rst:
-    System,"``System.*``, ``System``",30,11864,67,9
+    System,"``System.*``, ``System``",44,11872,67,9
-    Totals,,42,13418,409,9
+    Totals,,56,13426,409,9
  • Changes to framework-coverage-csharp.csv:
- System,67,30,11864,,8,8,9,,,4,5,,33,2,3,1,17,3,4,,9898,1966
+ System,67,44,11872,,8,8,9,,,4,5,,33,2,3,15,17,3,4,,9906,1966

github-actions[bot] avatar Mar 01 '24 20:03 github-actions[bot]

This PR needs to be re-based and the flow summaries test needs to be updated (due to https://github.com/github/codeql/pull/15940)

michaelnebel avatar Mar 21 '24 07:03 michaelnebel

DCA looks good. We find 30+ more results with the new sources and summaries and it doesn't appear to have any impact on performance.

michaelnebel avatar Mar 22 '24 09:03 michaelnebel