Skip to content

C#: Add most medium precision queries to the code-quality-extended suite. #20292

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
michaelnebel merged 9 commits into from
Sep 17, 2025
Merged

C#: Add most medium precision queries to the code-quality-extended suite. #20292

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
17735a9
C#: Add queries medium precision queries to the code-quality-extended…
michaelnebel Sep 5, 2025
906e9de
C#: Update query-suite integration tests expected output.
michaelnebel Aug 28, 2025
c9a761f
C#: Remove the cs/xmldoc/missing-xmldoc from the code-quality-extended.
michaelnebel Sep 8, 2025
47873c2
C#: Fix incorrect tagging.
michaelnebel Sep 8, 2025
cdd3791
C#: Remove cs/captured-foreach-variable from the code-quality-extende…
michaelnebel Sep 10, 2025
0ce0e83
C#: Update integration tests expected output.
michaelnebel Sep 10, 2025
98a7cd2
C#: Remove all cs/xmldoc/* queries from the code-quality-extended suite.
michaelnebel Sep 11, 2025
f9cecfb
C#: Update integration test expected output.
michaelnebel Sep 11, 2025
d903448
C#: Add change note.
michaelnebel Sep 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 38 additions & 1 deletion csharp/ql/integration-tests/posix/query-suite/csharp-code-quality-extended.qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,29 +1,50 @@
ql/csharp/ql/src/API Abuse/CallToGCCollect.ql
ql/csharp/ql/src/API Abuse/CallToObsoleteMethod.ql
ql/csharp/ql/src/API Abuse/ClassDoesNotImplementEquals.ql
ql/csharp/ql/src/API Abuse/ClassImplementsICloneable.ql
ql/csharp/ql/src/API Abuse/DisposeNotCalledOnException.ql
ql/csharp/ql/src/API Abuse/FormatInvalid.ql
ql/csharp/ql/src/API Abuse/InconsistentEqualsGetHashCode.ql
ql/csharp/ql/src/API Abuse/IncorrectCompareToSignature.ql
ql/csharp/ql/src/API Abuse/IncorrectEqualsSignature.ql
ql/csharp/ql/src/API Abuse/NoDisposeCallOnLocalIDisposable.ql
ql/csharp/ql/src/API Abuse/NonOverridingMethod.ql
ql/csharp/ql/src/API Abuse/NullArgumentToEquals.ql
ql/csharp/ql/src/ASP/BlockCodeResponseWrite.ql
ql/csharp/ql/src/ASP/SplitControlStructure.ql
ql/csharp/ql/src/Bad Practices/CallsUnmanagedCode.ql
ql/csharp/ql/src/Bad Practices/CatchOfNullReferenceException.ql
ql/csharp/ql/src/Bad Practices/Comments/CommentedOutCode.ql
ql/csharp/ql/src/Bad Practices/Comments/TodoComments.ql
ql/csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
ql/csharp/ql/src/Bad Practices/Declarations/LocalScopeVariableShadowsMember.ql
ql/csharp/ql/src/Bad Practices/Declarations/NoConstantsOnly.ql
ql/csharp/ql/src/Bad Practices/EmptyCatchBlock.ql
ql/csharp/ql/src/Bad Practices/ErroneousClassCompare.ql
ql/csharp/ql/src/Bad Practices/Implementation Hiding/AbstractToConcreteCollection.ql
ql/csharp/ql/src/Bad Practices/Implementation Hiding/ExposeRepresentation.ql
ql/csharp/ql/src/Bad Practices/Implementation Hiding/StaticArray.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/ConfusingMethodNames.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/ConfusingOverridesNames.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/ControlNamePrefixes.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/DefaultControlNames.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/FieldMasksSuperField.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/SameNameAsSuper.ql
ql/csharp/ql/src/Bad Practices/PathCombine.ql
ql/csharp/ql/src/Bad Practices/UnmanagedCodeCheck.ql
ql/csharp/ql/src/Bad Practices/UseOfSystemOutputStream.ql
ql/csharp/ql/src/Bad Practices/VirtualCallInConstructorOrDestructor.ql
ql/csharp/ql/src/CSI/CompareIdenticalValues.ql
ql/csharp/ql/src/CSI/NullAlways.ql
ql/csharp/ql/src/CSI/NullMaybe.ql
ql/csharp/ql/src/Concurrency/FutileSyncOnField.ql
ql/csharp/ql/src/Concurrency/LockOrder.ql
ql/csharp/ql/src/Concurrency/LockThis.ql
ql/csharp/ql/src/Concurrency/LockedWait.ql
ql/csharp/ql/src/Concurrency/SynchSetUnsynchGet.ql
ql/csharp/ql/src/Concurrency/UnsafeLazyInitialization.ql
ql/csharp/ql/src/Concurrency/UnsynchronizedStaticAccess.ql
ql/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql
ql/csharp/ql/src/Documentation/XmldocMissingSummary.ql
ql/csharp/ql/src/Language Abuse/CastThisToTypeParameter.ql
ql/csharp/ql/src/Language Abuse/CatchOfGenericException.ql
ql/csharp/ql/src/Language Abuse/DubiousDowncastOfThis.ql
Expand All @@ -35,27 +56,42 @@ ql/csharp/ql/src/Language Abuse/NestedIf.ql
ql/csharp/ql/src/Language Abuse/RethrowException.ql
ql/csharp/ql/src/Language Abuse/SimplifyBoolExpr.ql
ql/csharp/ql/src/Language Abuse/UnusedPropertyValue.ql
ql/csharp/ql/src/Language Abuse/UselessCastToSelf.ql
ql/csharp/ql/src/Language Abuse/UselessIsBeforeAs.ql
ql/csharp/ql/src/Language Abuse/UselessNullCoalescingExpression.ql
ql/csharp/ql/src/Language Abuse/UselessTypeTest.ql
ql/csharp/ql/src/Language Abuse/UselessUpcast.ql
ql/csharp/ql/src/Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql
ql/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql
ql/csharp/ql/src/Likely Bugs/Collections/ReadOnlyContainer.ql
ql/csharp/ql/src/Likely Bugs/Collections/WriteOnlyContainer.ql
ql/csharp/ql/src/Likely Bugs/ConstantComparison.ql
ql/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql
ql/csharp/ql/src/Likely Bugs/Dynamic/BadDynamicCall.ql
ql/csharp/ql/src/Likely Bugs/EqualityCheckOnFloats.ql
ql/csharp/ql/src/Likely Bugs/EqualsArray.ql
ql/csharp/ql/src/Likely Bugs/EqualsUsesAs.ql
ql/csharp/ql/src/Likely Bugs/EqualsUsesIs.ql
ql/csharp/ql/src/Likely Bugs/HashedButNoHash.ql
ql/csharp/ql/src/Likely Bugs/ImpossibleArrayCast.ql
ql/csharp/ql/src/Likely Bugs/IncomparableEquals.ql
ql/csharp/ql/src/Likely Bugs/InconsistentCompareTo.ql
ql/csharp/ql/src/Likely Bugs/LeapYear/UnsafeYearConstruction.ql
ql/csharp/ql/src/Likely Bugs/MishandlingJapaneseEra.ql
ql/csharp/ql/src/Likely Bugs/NestedLoopsSameVariable.ql
ql/csharp/ql/src/Likely Bugs/ObjectComparison.ql
ql/csharp/ql/src/Likely Bugs/PossibleLossOfPrecision.ql
ql/csharp/ql/src/Likely Bugs/RecursiveEquals.ql
ql/csharp/ql/src/Likely Bugs/RecursiveOperatorEquals.ql
ql/csharp/ql/src/Likely Bugs/ReferenceEqualsOnValueTypes.ql
ql/csharp/ql/src/Likely Bugs/SelfAssignment.ql
ql/csharp/ql/src/Likely Bugs/Statements/EmptyBlock.ql
ql/csharp/ql/src/Likely Bugs/Statements/EmptyLockStatement.ql
ql/csharp/ql/src/Likely Bugs/Statements/UseBraces.ql
ql/csharp/ql/src/Likely Bugs/StaticFieldWrittenByInstance.ql
ql/csharp/ql/src/Likely Bugs/StringBuilderCharInit.ql
ql/csharp/ql/src/Likely Bugs/UncheckedCastInEquals.ql
ql/csharp/ql/src/Linq/BadMultipleIteration.ql
ql/csharp/ql/src/Linq/MissedAllOpportunity.ql
ql/csharp/ql/src/Linq/MissedCastOpportunity.ql
ql/csharp/ql/src/Linq/MissedOfTypeOpportunity.ql
Expand All @@ -68,5 +104,6 @@ ql/csharp/ql/src/Performance/UseTryGetValue.ql
ql/csharp/ql/src/Useless code/DefaultToString.ql
ql/csharp/ql/src/Useless code/FutileConditional.ql
ql/csharp/ql/src/Useless code/IntGetHashCode.ql
ql/csharp/ql/src/Useless code/PointlessForwardingMethod.ql
ql/csharp/ql/src/Useless code/RedundantToStringCall.ql
ql/csharp/ql/src/Useless code/UnusedLabel.ql
1 change: 0 additions & 1 deletion csharp/ql/integration-tests/posix/query-suite/csharp-code-quality.qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@ ql/csharp/ql/src/Concurrency/LockOrder.ql
ql/csharp/ql/src/Concurrency/LockThis.ql
ql/csharp/ql/src/Concurrency/LockedWait.ql
ql/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql
ql/csharp/ql/src/Documentation/XmldocMissingSummary.ql
ql/csharp/ql/src/Language Abuse/CastThisToTypeParameter.ql
ql/csharp/ql/src/Language Abuse/CatchOfGenericException.ql
ql/csharp/ql/src/Language Abuse/DubiousDowncastOfThis.ql
Expand Down
13 changes: 0 additions & 13 deletions csharp/ql/integration-tests/posix/query-suite/not_included_in_qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,31 +1,20 @@
ql/csharp/ql/src/API Abuse/MissingDisposeCall.ql
ql/csharp/ql/src/API Abuse/MissingDisposeMethod.ql
ql/csharp/ql/src/API Abuse/NonOverridingMethod.ql
ql/csharp/ql/src/API Abuse/UncheckedReturnValue.ql
ql/csharp/ql/src/ASP/ComplexInlineCode.ql
ql/csharp/ql/src/ASP/NonInternationalizedText.ql
ql/csharp/ql/src/ASP/SplitControlStructure.ql
ql/csharp/ql/src/AlertSuppression.ql
ql/csharp/ql/src/Architecture/Dependencies/MutualDependency.ql
ql/csharp/ql/src/Architecture/Refactoring Opportunities/FeatureEnvy.ql
ql/csharp/ql/src/Bad Practices/Comments/CommentedOutCode.ql
ql/csharp/ql/src/Bad Practices/Comments/TodoComments.ql
ql/csharp/ql/src/Bad Practices/Declarations/EmptyInterface.ql
ql/csharp/ql/src/Bad Practices/Declarations/NoConstantsOnly.ql
ql/csharp/ql/src/Bad Practices/Implementation Hiding/StaticArray.ql
ql/csharp/ql/src/Bad Practices/LeftoverDebugCode.ql
ql/csharp/ql/src/Bad Practices/Magic Constants/MagicConstantsNumbers.ql
ql/csharp/ql/src/Bad Practices/Magic Constants/MagicConstantsString.ql
ql/csharp/ql/src/Bad Practices/Magic Constants/MagicNumbersUseConstant.ql
ql/csharp/ql/src/Bad Practices/Magic Constants/MagicStringsUseConstant.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/ConfusingMethodNames.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/ConfusingOverridesNames.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/ConstantNaming.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/ControlNamePrefixes.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/DefaultControlNames.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/VariableNameTooShort.ql
ql/csharp/ql/src/Bad Practices/UseOfHtmlInputHidden.ql
ql/csharp/ql/src/Bad Practices/UseOfSystemOutputStream.ql
ql/csharp/ql/src/Configuration/PasswordInConfigurationFile.ql
ql/csharp/ql/src/Dead Code/DeadRefTypes.ql
ql/csharp/ql/src/Dead Code/NonAssignedFields.ql
Expand All @@ -39,7 +28,6 @@ ql/csharp/ql/src/Documentation/XmldocMissingParam.ql
ql/csharp/ql/src/Documentation/XmldocMissingReturn.ql
ql/csharp/ql/src/Documentation/XmldocMissingTypeParam.ql
ql/csharp/ql/src/Language Abuse/ForeachCapture.ql
ql/csharp/ql/src/Language Abuse/UselessIsBeforeAs.ql
ql/csharp/ql/src/Likely Bugs/BadCheckOdd.ql
ql/csharp/ql/src/Likely Bugs/RandomUsedOnce.ql
ql/csharp/ql/src/Metrics/Callables/CCyclomaticComplexity.ql
Expand Down Expand Up @@ -93,7 +81,6 @@ ql/csharp/ql/src/Security Features/CWE-611/UseXmlSecureResolver.ql
ql/csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql
ql/csharp/ql/src/Security Features/CWE-798/HardcodedCredentials.ql
ql/csharp/ql/src/Security Features/CWE-838/InappropriateEncoding.ql
ql/csharp/ql/src/Useless code/PointlessForwardingMethod.ql
ql/csharp/ql/src/definitions.ql
ql/csharp/ql/src/experimental/CWE-099/TaintedWebClient.ql
ql/csharp/ql/src/experimental/CWE-918/RequestForgery.ql
Expand Down
5 changes: 3 additions & 2 deletions csharp/ql/src/API Abuse/ClassDoesNotImplementEquals.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,9 @@
* @problem.severity error
* @precision medium
* @id cs/class-missing-equals
* @tags reliability
* maintainability
* @tags quality
* reliability
* correctness
*/

import csharp
Expand Down
6 changes: 4 additions & 2 deletions csharp/ql/src/API Abuse/DisposeNotCalledOnException.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,10 @@
* @problem.severity warning
* @precision medium
* @id cs/dispose-not-called-on-throw
* @tags efficiency
* maintainability
* @tags quality
* reliability
* error-handling
* performance
* external/cwe/cwe-404
* external/cwe/cwe-459
* external/cwe/cwe-460
Expand Down
5 changes: 3 additions & 2 deletions csharp/ql/src/API Abuse/InconsistentEqualsGetHashCode.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,9 @@
* @problem.severity warning
* @precision medium
* @id cs/inconsistent-equals-and-gethashcode
* @tags reliability
* maintainability
* @tags quality
* reliability
* correctness
* external/cwe/cwe-581
*/

Expand Down
5 changes: 3 additions & 2 deletions csharp/ql/src/API Abuse/IncorrectCompareToSignature.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,9 @@
* @problem.severity warning
* @precision medium
* @id cs/wrong-compareto-signature
* @tags reliability
* maintainability
* @tags quality
* reliability
* correctness
*/

import csharp
Expand Down
5 changes: 3 additions & 2 deletions csharp/ql/src/API Abuse/IncorrectEqualsSignature.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,9 @@
* @problem.severity warning
* @precision medium
* @id cs/wrong-equals-signature
* @tags reliability
* maintainability
* @tags quality
* reliability
* correctness
*/

import csharp
Expand Down
5 changes: 3 additions & 2 deletions csharp/ql/src/API Abuse/NonOverridingMethod.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,10 @@
* @problem.severity recommendation
* @precision medium
* @id cs/nonoverriding-method
* @tags reliability
* @tags quality
* reliability
* correctness
* readability
* naming
*/

import csharp
Expand Down
5 changes: 3 additions & 2 deletions csharp/ql/src/ASP/SplitControlStructure.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,9 @@
* @problem.severity recommendation
* @precision medium
* @id cs/asp/split-control-structure
* @tags maintainability
* frameworks/asp.net
* @tags quality
* maintainability
* readability
*/

import semmle.code.asp.AspNet
Expand Down
6 changes: 3 additions & 3 deletions csharp/ql/src/Bad Practices/Comments/CommentedOutCode.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@
* @problem.severity recommendation
* @precision medium
* @id cs/commented-out-code
* @tags maintainability
* statistical
* non-attributable
* @tags quality
* maintainability
* readability
*/

import csharp
Expand Down
3 changes: 2 additions & 1 deletion csharp/ql/src/Bad Practices/Comments/TodoComments.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,8 @@
* @problem.severity recommendation
* @precision medium
* @id cs/todo-comment
* @tags maintainability
* @tags quality
* maintainability
* external/cwe/cwe-546
*/

Expand Down
5 changes: 3 additions & 2 deletions csharp/ql/src/Bad Practices/Declarations/NoConstantsOnly.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,9 @@
* @problem.severity recommendation
* @precision medium
* @id cs/constants-only-interface
* @tags maintainability
* modularity
* @tags quality
* maintainability
* readability
*/

import csharp
Expand Down
3 changes: 2 additions & 1 deletion csharp/ql/src/Bad Practices/ErroneousClassCompare.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@
* @problem.severity warning
* @precision medium
* @id cs/class-name-comparison
* @tags reliability
* @tags quality
* reliability
* correctness
* external/cwe/cwe-486
*/
Expand Down
6 changes: 3 additions & 3 deletions csharp/ql/src/Bad Practices/Implementation Hiding/AbstractToConcreteCollection.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@
* @problem.severity warning
* @precision medium
* @id cs/cast-from-abstract-to-concrete-collection
* @tags reliability
* maintainability
* modularity
* @tags quality
* reliability
* correctness
* external/cwe/cwe-485
*/

Expand Down
6 changes: 3 additions & 3 deletions csharp/ql/src/Bad Practices/Implementation Hiding/StaticArray.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@
* @problem.severity recommendation
* @precision medium
* @id cs/static-array
* @tags reliability
* maintainability
* modularity
* @tags quality
* reliability
* correctness
* external/cwe/cwe-582
*/

Expand Down
4 changes: 2 additions & 2 deletions csharp/ql/src/Bad Practices/Naming Conventions/ConfusingMethodNames.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@
* @problem.severity recommendation
* @precision medium
* @id cs/confusing-method-name
* @tags maintainability
* @tags quality
* maintainability
* readability
* naming
*/

import csharp
Expand Down
5 changes: 3 additions & 2 deletions csharp/ql/src/Bad Practices/Naming Conventions/ConfusingOverridesNames.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,10 @@
* @problem.severity recommendation
* @precision medium
* @id cs/confusing-override-name
* @tags reliability
* @tags quality
* maintainability
* readability
* naming
* correctness
*/

import csharp
Expand Down
4 changes: 3 additions & 1 deletion csharp/ql/src/Bad Practices/Naming Conventions/ControlNamePrefixes.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,9 @@
* @problem.severity recommendation
* @precision medium
* @id cs/web/unprefixed-control-name
* @tags maintainability
* @tags quality
* maintainability
* readability
*/

import csharp
Expand Down
5 changes: 3 additions & 2 deletions csharp/ql/src/Bad Practices/Naming Conventions/DefaultControlNames.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,9 @@
* @problem.severity recommendation
* @precision medium
* @id cs/forms/default-control-name
* @tags readability
* naming
* @tags quality
* maintainability
* readability
*/

import csharp
Expand Down
4 changes: 3 additions & 1 deletion csharp/ql/src/Bad Practices/UseOfSystemOutputStream.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,9 @@
* @problem.severity recommendation
* @precision medium
* @id cs/console-output
* @tags maintainability
* @tags quality
* reliability
* error-handling
*/

import csharp
Expand Down
6 changes: 3 additions & 3 deletions csharp/ql/src/Bad Practices/VirtualCallInConstructorOrDestructor.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@
* @precision medium
* @id cs/virtual-call-in-constructor
* @alternate-ids cs/virtual-call-in-constructor-or-destructor
* @tags reliability
* maintainability
* modularity
* @tags quality
* reliability
* correctness
*/

import csharp
Expand Down
4 changes: 3 additions & 1 deletion csharp/ql/src/Concurrency/SynchSetUnsynchGet.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,10 @@
* @problem.severity error
* @precision medium
* @id cs/unsynchronized-getter
* @tags correctness
* @tags quality
* reliability
* concurrency
* correctness
* external/cwe/cwe-662
*/

Expand Down
Loading
Loading