search

Fraunhofer-AISEC / codyze

Codyze is a static analyzer for Java, C, C++ based on code property graphs
https://www.codyze.io
Apache License 2.0
87 stars 18 forks source link

Combine Only and Never Evaluator #875

Closed CodingDepot closed 1 month ago

CodingDepot commented 4 months ago

The Only- and Never-Evaluators have a lot of overlap in their logic, which makes sense regarding their very similar purpose. However, this also causes them to use duplicated code to achieve the same result.

Furthermore, over time slight differences in the implementations emerged which makes it increasingly annoying to implement changes for both Evaluators. For example, the Only-Evalutor created a pass-Finding for each valid call while the Never-Evaluator did not. Combining both evaluators makes it more easy to keep the functionality synchronized while still allowing for smaller differences depending on the chosen functionality.

This PR also includes an example for a new functionality for both Evaluators. Each finding generated by a Never- or Only- Evaluator will now include usages of the code as relatedLocations.

codecov[bot] commented 4 months ago

Codecov Report

Attention: Patch coverage is 89.65517% with 3 lines in your changes missing coverage. Please review.

Project coverage is 77.46%. Comparing base (d0c45be) to head (f137a7a). Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
.../codyze/backends/cpg/coko/dsl/ImplementationDsl.kt 83.33% 0 Missing and 2 partials :warning:
...backends/cpg/coko/evaluators/OnlyNeverEvaluator.kt 93.33% 0 Missing and 1 partial :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #875 +/- ## ============================================ - Coverage 77.58% 77.46% -0.12% + Complexity 273 263 -10 ============================================ Files 61 60 -1 Lines 1972 1966 -6 Branches 280 282 +2 ============================================ - Hits 1530 1523 -7 Misses 313 313 - Partials 129 130 +1 ``` | [Flag](https://app.codecov.io/gh/Fraunhofer-AISEC/codyze/pull/875/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Fraunhofer-AISEC) | Coverage Δ | | |---|---|---| | [unittests](https://app.codecov.io/gh/Fraunhofer-AISEC/codyze/pull/875/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Fraunhofer-AISEC) | `77.46% <89.65%> (-0.12%)` | :arrow_down: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Fraunhofer-AISEC#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.