Closed oldgunner closed 3 months ago
@oldgunner , Can you please post a snippet of where you've added /* sfge-disable-stack ApexFlsViolationRule */
, including the annotation and the method declaration?
(Also, does changing the annotation to simply /* sfge-disable-stack */
resolve the error? ApexFlsViolationRule
is no longer the only "Security" rule, so you may want the directive to disable rules more broadly instead of just that one specific rule.)
@jfeingold35 Can you please post a snippet of where you've added / sfge-disable-stack ApexFlsViolationRule /, including the annotation and the method declaration?
@AuraEnabled
/* sfge-disable-stack ApexFlsViolationRule */
public static String saveDefaultOptions(List<String> optionValues, String optionType) {
(Also, does changing the annotation to simply / sfge-disable-stack / resolve the error? I tried it, there was no success
Also I tried
/* sfge-disable */
public abstract with sharing class ObjectPermissionsController {
error the same - Graph Engine identified your source and sink, but you must manually verify that you have a sanitizer in this path. Then, add an engine directive to skip the path. Next, create a Github issue for the Code Analyzer team that includes the error and stack trace. After we fix this issue, check the Code Analyzer release notes for more info. Error and stacktrace: UnimplementedMethodException: ApexListValue:iterator, vertex=MethodCallExpressionVertex{fullMethodName=idStrings.iterator, referenceVertex=LazyVertex{result=ReferenceExpression{properties={FirstChild=true, Names=[idStrings], BeginLine=15, DefiningType_CaseSafe=utils, LastChild=true, DefiningType=Utils, EndLine=15, Name_CaseSafe=idstrings, childIdx=0, BeginColumn=37, ReferenceType=METHOD, Name=idStrings}}}, chainedNames=[idStrings], properties={FirstChild=true, FullMethodName=idStrings.iterator, BeginLine=15, FullMethodName_CaseSafe=idstrings.iterator, DefiningType_CaseSafe=utils, LastChild=false, DefiningType=Utils, EndLine=15, MethodName_CaseSafe=iterator, childIdx=0, BeginColumn=47, MethodName=iterator}}: com.salesforce.graph.symbols.apex.ApexListValue.apply(ApexListValue.java:310);com.salesforce.graph.symbols.PathScopeVisitor.handleApexValueMethod(PathScopeVisitor.java:1462);com.salesforce.graph.symbols.PathScopeVisitor.afterVisit(PathScopeVisitor.java:1222);com.salesforce.graph.symbols.DefaultSymbolProviderVertexVisitor.afterVisit(DefaultSymbolProviderVertexVisitor.java:749);com.salesforce.graph.vertex.MethodCallExpressionVertex.afterVisit(MethodCallExpressionVertex.java:79);com.salesforce.graph.ops.expander.ApexPathExpander.performAfterVisit(ApexPathExpander.java:577)
Thanks!
@oldgunner , it looks like what's happening here is that the issue is occurring during path expansion, not during path traversal. Since the directive tells the traversal to skip a given rule (or rules) but doesn't impact expansion the directive isn't suppressing the error.
So, let's see what's actually causing the error. The exception says it's coming from a vertex at line 15 of Utils.cls
. What's going on at that line?
@jfeingold35 thanks for response!
on the 15th line of Utils.cls we parse to Set<Id> converted to custom Iterable<String> either List<String> or Set<String>
.
After that we return Set of ids.
static final Pattern idPattern = Pattern.compile('[a-zA-Z0-9]{15}|[a-zA-Z0-9]{18}');
public static Set<Id> parseIds(List<String> idStrings) {
return parseIds((Iterable<String>)idStrings);
}
public static Set<Id> parseIds(Set<String> idStrings) {
return parseIds((Iterable<String>)idStrings);
}
public static Set<Id> parseIds(Iterable<String> idStrings) {
Set<Id> ids = new Set<Id>();
> line 15 is below
Iterator<String> iterator = idStrings.iterator();
while(iterator.hasNext()) {
String value = iterator.next();
if (idPattern.matcher(value).matches()) {
ids.add(Id.valueOf(value));
}
}
return ids;
}
Marking this as a duplicate of https://github.com/forcedotcom/sfdx-scanner/issues/1497
Describe the bug Methods check was disabled via / sfge-disable-stack ApexFlsViolationRule /. But InternalExecutionError error were thrown.
To Reproduce Steps to reproduce the behavior:
Run the first scan. sfdx scanner:run --format=csv --outfile=CodeAnalyzerGeneral.csv --target="./" --category="Security"
Run the second scan. sfdx scanner:run:dfa --format=csv --outfile=CodeAnalyzerDFA.csv --target="./" --projectdir="./" --category="Security"
Expected behavior After running the second scan csv file should be empty or with any errors described in documentation link
Screenshots None
Desktop (please complete the following information):
Additional context Stack trace: Error and stacktrace: UnimplementedMethodException: ApexListValue:iterator, vertex=MethodCallExpressionVertex{fullMethodName=idStrings.iterator, referenceVertex=LazyVertex{result=ReferenceExpression{properties={FirstChild=true, Names=[idStrings], BeginLine=15, DefiningType_CaseSafe=utils, LastChild=true, DefiningType=Utils, EndLine=15, Name_CaseSafe=idstrings, childIdx=0, BeginColumn=37, ReferenceType=METHOD, Name=idStrings}}}, chainedNames=[idStrings], properties={FirstChild=true, FullMethodName=idStrings.iterator, BeginLine=15, FullMethodName_CaseSafe=idstrings.iterator, DefiningType_CaseSafe=utils, LastChild=false, DefiningType=Utils, EndLine=15, MethodName_CaseSafe=iterator, childIdx=0, BeginColumn=47, MethodName=iterator}}: com.salesforce.graph.symbols.apex.ApexListValue.apply(ApexListValue.java:310);com.salesforce.graph.symbols.PathScopeVisitor.handleApexValueMethod(PathScopeVisitor.java:1462);com.salesforce.graph.symbols.PathScopeVisitor.afterVisit(PathScopeVisitor.java:1222);com.salesforce.graph.symbols.DefaultSymbolProviderVertexVisitor.afterVisit(DefaultSymbolProviderVertexVisitor.java:749);com.salesforce.graph.vertex.MethodCallExpressionVertex.afterVisit(MethodCallExpressionVertex.java:79);com.salesforce.graph.ops.expander.ApexPathExpander.performAfterVisit(ApexPathExpander.java:577)
"Workaround": Have you found any ways to sidestep the problem?
"Urgency":"Business stopping"