Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

QL4QL: Improvements to RedundantImport query #15043

Merged
merged 2 commits into from Dec 9, 2023

Conversation

hvitved
Copy link
Contributor

@hvitved hvitved commented Dec 8, 2023

On #14573 I observed that the query does not take deprecated imports into account, which is fixed on this PR.

I also removed some restrictions that I could not understand; this results in many new results on github/codeql, and those that I have sampled look legit.

@hvitved hvitved marked this pull request as ready for review December 8, 2023 09:25
@hvitved hvitved requested a review from a team as a code owner December 8, 2023 09:25
@erik-krogh
Copy link
Contributor

You're adding 671 redundant import alerts with this change. (alerts on main, alerts on this branch).

I think the new results are largely due to the line requirement you removed (redundant.getLocation().getStartLine() > imp.getLocation().getStartLine()).

It would be nice to see what happens if you remove all of those redundant imports.
You could e.g. try the JavaScript alerts, as all of those alerts (except for one) are new to this PR.

@hvitved
Copy link
Contributor Author

hvitved commented Dec 8, 2023

I think the new results are largely due to the line requirement you removed (redundant.getLocation().getStartLine() > imp.getLocation().getStartLine()).

Right. I think that restriction only makes sense for the "Duplicate import, the module is already imported by $@." check (to avoid overlapping alerts), and not the "Redundant import, the module is already imported inside $@." check.

@hvitved hvitved requested review from a team as code owners December 8, 2023 15:58
@erik-krogh
Copy link
Contributor

I got the patch to work (see backref).
I tried it out, and it looks OK, so I pushed it here.

@hvitved hvitved added the no-change-note-required This PR does not need a change note label Dec 9, 2023
@hvitved hvitved merged commit 7819dcf into github:main Dec 9, 2023
16 of 17 checks passed
@hvitved hvitved deleted the ql/redundant-import branch December 9, 2023 11:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
ATM JS no-change-note-required This PR does not need a change note QL-for-QL
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants