From 21fc06cd54e7fd4386f980a156e5244d5fa3f194 Mon Sep 17 00:00:00 2001 From: kamael Date: Mon, 8 Dec 2025 15:27:38 +0800 Subject: [PATCH 1/2] Change MethodAccess to MethodCall in query example MethodAccess has been deprecated. --- .../codeql-language-guides/basic-query-for-java-code.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst b/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst index 63944d25d433..78713bd2557e 100644 --- a/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst +++ b/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst @@ -42,7 +42,7 @@ Running a quick query .. code-block:: ql - from MethodAccess ma + from MethodCall ma where ma.getMethod().hasName("equals") and ma.getArgument(0).(StringLiteral).getValue() = "" @@ -72,9 +72,9 @@ After the initial ``import`` statement, this simple query comprises three parts +==================================================================================================+===================================================================================================================+===================================================================================================+ | ``import java`` | Imports the standard CodeQL libraries for Java and Kotlin. | Every query begins with one or more ``import`` statements. | +--------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------+ -| ``from MethodAccess ma`` | Defines the variables for the query. | We use: | +| ``from MethodCall ma`` | Defines the variables for the query. | We use: | | | Declarations are of the form: | | -| | `` `` | - a ``MethodAccess`` variable for call expressions | +| | `` `` | - a ``MethodCall`` variable for call expressions | +--------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------+ | ``where ma.getMethod().hasName("equals") and ma.getArgument(0).(StringLiteral).getValue() = ""`` | Defines a condition on the variables. | ``ma.getMethod().hasName("equals")`` restricts ``ma`` to only calls to methods call ``equals``. | | | | | @@ -141,4 +141,4 @@ Further reading .. |image-quick-query| image:: ../images/codeql-for-visual-studio-code/quick-query-tab-java.png -.. |result-col-1| replace:: The first column corresponds to the expression ``ma`` and is linked to the location in the source code of the project where ``ma`` occurs. \ No newline at end of file +.. |result-col-1| replace:: The first column corresponds to the expression ``ma`` and is linked to the location in the source code of the project where ``ma`` occurs. From cb31f82ea538902c8124e7b4dfd6afac92aa01fe Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com> Date: Mon, 8 Dec 2025 09:49:35 +0000 Subject: [PATCH 2/2] Also rename variable from `ma` to `mc` This is slightly less confusing, given the type name is now `MethodCall`. --- .../basic-query-for-java-code.rst | 26 +++++++++++-------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst b/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst index 78713bd2557e..436269e0b5c7 100644 --- a/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst +++ b/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst @@ -46,7 +46,11 @@ Running a quick query where ma.getMethod().hasName("equals") and ma.getArgument(0).(StringLiteral).getValue() = "" - select ma, "This comparison to empty string is inefficient, use isEmpty() instead." + from MethodCall mc + where + mc.getMethod().hasName("equals") and + mc.getArgument(0).(StringLiteral).getValue() = "" + select mc, "This comparison to empty string is inefficient, use isEmpty() instead." Note that CodeQL treats Java and Kotlin as part of the same language, so even though this query starts with ``import java``, it will work for both Java and Kotlin code. @@ -55,7 +59,7 @@ Running a quick query .. image:: ../images/codeql-for-visual-studio-code/basic-java-query-results-1.png :align: center -If any matching code is found, click a link in the ``ma`` column to view the ``.equals`` expression in the code viewer. +If any matching code is found, click a link in the ``mc`` column to view the ``.equals`` expression in the code viewer. .. image:: ../images/codeql-for-visual-studio-code/basic-java-query-results-2.png :align: center @@ -72,15 +76,15 @@ After the initial ``import`` statement, this simple query comprises three parts +==================================================================================================+===================================================================================================================+===================================================================================================+ | ``import java`` | Imports the standard CodeQL libraries for Java and Kotlin. | Every query begins with one or more ``import`` statements. | +--------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------+ -| ``from MethodCall ma`` | Defines the variables for the query. | We use: | +| ``from MethodCall mc`` | Defines the variables for the query. | We use: | | | Declarations are of the form: | | | | `` `` | - a ``MethodCall`` variable for call expressions | +--------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------+ -| ``where ma.getMethod().hasName("equals") and ma.getArgument(0).(StringLiteral).getValue() = ""`` | Defines a condition on the variables. | ``ma.getMethod().hasName("equals")`` restricts ``ma`` to only calls to methods call ``equals``. | +| ``where mc.getMethod().hasName("equals") and mc.getArgument(0).(StringLiteral).getValue() = ""`` | Defines a condition on the variables. | ``mc.getMethod().hasName("equals")`` restricts ``mc`` to only calls to methods call ``equals``. | | | | | -| | | ``ma.getArgument(0).(StringLiteral).getValue() = ""`` says the argument must be literal ``""``. | +| | | ``mc.getArgument(0).(StringLiteral).getValue() = ""`` says the argument must be literal ``""``. | +--------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------+ -| ``select ma, "This comparison to empty string is inefficient, use isEmpty() instead."`` | Defines what to report for each match. | Reports the resulting ``.equals`` expression with a string that explains the problem. | +| ``select mc, "This comparison to empty string is inefficient, use isEmpty() instead."`` | Defines what to report for each match. | Reports the resulting ``.equals`` expression with a string that explains the problem. | | | | | | | ``select`` statements for queries that are used to find instances of poor coding practice are always in the form: | | | | ``select , ""`` | | @@ -110,7 +114,7 @@ In this case, it is not possible to simply use ``o.isEmpty()`` instead, as ``o`` .. code-block:: ql - ma.getQualifier().getType() instanceof TypeString + mc.getQualifier().getType() instanceof TypeString The ``where`` clause is now: @@ -119,7 +123,9 @@ In this case, it is not possible to simply use ``o.isEmpty()`` instead, as ``o`` where ma.getQualifier().getType() instanceof TypeString and ma.getMethod().hasName("equals") and - ma.getArgument(0).(StringLiteral).getValue() = "" + mc.getQualifier().getType() instanceof TypeString and + mc.getMethod().hasName("equals") and + mc.getArgument(0).(StringLiteral).getValue() = "" #. Re-run the query. @@ -137,8 +143,6 @@ Further reading .. |language-code| replace:: ``java`` -.. |example-url| replace:: https://github.com/apache/activemq - .. |image-quick-query| image:: ../images/codeql-for-visual-studio-code/quick-query-tab-java.png -.. |result-col-1| replace:: The first column corresponds to the expression ``ma`` and is linked to the location in the source code of the project where ``ma`` occurs. +.. |result-col-1| replace:: The first column corresponds to the expression ``mc`` and is linked to the location in the source code of the project where ``mc`` occurs.