Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Python: Allow provenance in additional taint steps #16512

Merged
merged 4 commits into from
May 17, 2024
Merged

Python: Allow provenance in additional taint steps #16512

merged 4 commits into from
May 17, 2024

Conversation

yoff
Copy link
Contributor

@yoff yoff commented May 16, 2024

Taint steps can have a provenance string that shows up in path explanations. For steps added via the AdditionalTaintStep class, this string used to be hardcoded to "AdditionalTaintStep". Now it is possible to overwrite this string.

@yoff yoff added the no-change-note-required This PR does not need a change note label May 16, 2024
@yoff yoff requested a review from a team as a code owner May 16, 2024 12:08
tausbn
tausbn reviewed May 16, 2024
View reviewed changes
Copy link
Contributor

@tausbn tausbn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice! Remember to add QLDoc for the step/3 predicate.

Also, should we perhaps discourage the use of step/2 in general, and move towards a scheme where all taint steps have an "explanation" for why they are present (or are there taint steps for which this doesn't make sense)?

@yoff
Copy link
Contributor Author

yoff commented May 16, 2024

Also, should we perhaps discourage the use of step/2 in general, and move towards a scheme where all taint steps have an "explanation" for why they are present (or are there taint steps for which this doesn't make sense)?

I was thinking we could move towards an "all explained" situation incrementally.

yoff added 2 commits May 17, 2024 09:49
@yoff
python: add qldoc and refactor
e66cce7 
The logic of which steps an `AdditionalTaintStep` has defined
is now pushed into the defitnion of `AdditionalTaintStep`.
@yoff
Python: update test expectations
a568873
@yoff yoff requested a review from tausbn May 17, 2024 09:50
tausbn
tausbn approved these changes May 17, 2024
View reviewed changes
Copy link
Contributor

@tausbn tausbn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice! 👍

@yoff yoff merged commit a7a12f1 into github:main May 17, 2024
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tausbn tausbn tausbn approved these changes

Assignees
No one assigned
Labels
no-change-note-required This PR does not need a change note Python
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@yoff @tausbn