f06ba05405
The issue was originally caused by high number of flows paths per alert
generated by the LDAP federation module. That was identified taking the
SARIF file generated and running:
```
jq '.runs[0].results | map({query_id: .rule.id, numPaths: .codeFlows |
length})' java.sarif
```
Together we reduced the number of flows paths, adding optimizations to
skip some paths and avoid false alerts.
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Closes #10203
Co-authored-by: Joshua Mulliken <joshua@mulliken.net>
25 lines
1 KiB
Bash
Executable file
25 lines
1 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
CODEQL_BINARY="./codeql/codeql"
|
|
|
|
# Check if the binary exists
|
|
if [ ! -f "$CODEQL_BINARY" ];
|
|
then
|
|
printf "CodeQL binary not found!"
|
|
exit 1
|
|
fi
|
|
|
|
# Create the database based on the specifics per language
|
|
if [ "$1" = "java" ];
|
|
then
|
|
printf "Creating CodeQL Java database"
|
|
$CODEQL_BINARY database create "$1-database" --no-run-unnecessary-builds --language="$1" --command='mvn clean install -Dmaven.test.skip -DskipQuarkus -DskipTestsuite -DskipExamples -DskipTests'
|
|
elif [ "$1" = "javascript" ];
|
|
then
|
|
printf "Creating themes database"
|
|
$CODEQL_BINARY database create themes-database --no-run-unnecessary-builds --language=javascript --source-root=themes/ --command='mvn install -Dmaven.test.skip -DskipQuarkus -DskipTestsuite -DskipExamples -DskipTests'
|
|
printf "Creating js-adapter database"
|
|
$CODEQL_BINARY database create js-adapter-database --no-run-unnecessary-builds --language=javascript --source-root=adapters/oidc/js/ --command='mvn install -Dmaven.test.skip -DskipQuarkus -DskipTestsuite -DskipExamples -DskipTests'
|
|
fi
|
|
|
|
|