From a8ec6ec735c0e7336e9e7ebbc8383d8cd6a9595c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 28 Feb 2025 12:05:43 +0000 Subject: [PATCH 1/3] Use `CdlService.getImplementation` instead of duplicating logic There is a performance issue with getCdsDeclaration, so ensure we're using a single definition. --- .../advanced_security/javascript/frameworks/cap/CDS.qll | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/javascript/frameworks/cap/lib/advanced_security/javascript/frameworks/cap/CDS.qll b/javascript/frameworks/cap/lib/advanced_security/javascript/frameworks/cap/CDS.qll index 6f250e458..75af9f1bf 100644 --- a/javascript/frameworks/cap/lib/advanced_security/javascript/frameworks/cap/CDS.qll +++ b/javascript/frameworks/cap/lib/advanced_security/javascript/frameworks/cap/CDS.qll @@ -442,13 +442,7 @@ abstract class UserDefinedApplicationService extends UserDefinedService { /** * Gets the CDS definition of this service. */ - CdlService getCdsDeclaration() { - exists(CdsFile cdsFile | - cdsFile.getStem() = this.getFile().getStem() + ".cds" and - cdsFile.getParentContainer() = this.getFile().getParentContainer() and - result.getFile() = cdsFile - ) - } + CdlService getCdsDeclaration() { result.getImplementation() = this } /** * Gets the name of this service. From 273352372cf787dc3ff40643f379259d68c6195c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 28 Feb 2025 12:13:22 +0000 Subject: [PATCH 2/3] Address typo in matching CDS services to implementations This now restricts the files to exist in the same directory, not just the same name. --- .../lib/advanced_security/javascript/frameworks/cap/CDL.qll | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/javascript/frameworks/cap/lib/advanced_security/javascript/frameworks/cap/CDL.qll b/javascript/frameworks/cap/lib/advanced_security/javascript/frameworks/cap/CDL.qll index fb680fbd6..94b054fdb 100644 --- a/javascript/frameworks/cap/lib/advanced_security/javascript/frameworks/cap/CDL.qll +++ b/javascript/frameworks/cap/lib/advanced_security/javascript/frameworks/cap/CDL.qll @@ -165,8 +165,9 @@ class CdlService extends CdlElement { CdlService() { kind = CdlServiceKind(this.getPropStringValue("kind")) } UserDefinedApplicationService getImplementation() { + // This file base name will be .cds.json, so the stem will be .cds this.getFile().getStem() = result.getFile().getStem() + ".cds" and - this.getFile().getParentContainer() = this.getFile().getParentContainer() + this.getFile().getParentContainer() = result.getFile().getParentContainer() } /** From fc5bcfb17557a92cf5a905e9d549f3d43ee69e3a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 28 Feb 2025 12:38:26 +0000 Subject: [PATCH 3/3] Simplify the matching of locations --- .../lib/advanced_security/javascript/frameworks/cap/CDL.qll | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/javascript/frameworks/cap/lib/advanced_security/javascript/frameworks/cap/CDL.qll b/javascript/frameworks/cap/lib/advanced_security/javascript/frameworks/cap/CDL.qll index 94b054fdb..a67469cb8 100644 --- a/javascript/frameworks/cap/lib/advanced_security/javascript/frameworks/cap/CDL.qll +++ b/javascript/frameworks/cap/lib/advanced_security/javascript/frameworks/cap/CDL.qll @@ -165,9 +165,8 @@ class CdlService extends CdlElement { CdlService() { kind = CdlServiceKind(this.getPropStringValue("kind")) } UserDefinedApplicationService getImplementation() { - // This file base name will be .cds.json, so the stem will be .cds - this.getFile().getStem() = result.getFile().getStem() + ".cds" and - this.getFile().getParentContainer() = result.getFile().getParentContainer() + result.getFile().getRelativePath().regexpReplaceAll("\\.[^.]+$", ".cds.json") = + this.getFile().getRelativePath() } /**