Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replacing OverflowDB with CPG in-memory Graph #226

Merged
merged 45 commits into from
Jul 13, 2021
Merged

Replacing OverflowDB with CPG in-memory Graph #226

merged 45 commits into from
Jul 13, 2021

Conversation

oxisto
Copy link
Member

@oxisto oxisto commented Jul 2, 2021
edited
Loading

This PR removes OverflowDB and Gremlin. This is slightly blocked with support for CPG 4.0 (see #184), because otherwise we cannot add new features to the CPG graph, should we need them. That is why this is currently based on a specific CPG commit (using JitPack) that already has the following PRs merged in:

This PR deprecates the CLI Jython-based console, because it was unmaintained for a while and the cpg-console of the cpg project might be a good replacement for it; or rather we could extend the cpg-console, but I want to keep this as a separate PR.

Closes #218
Blocked by:

@oxisto
Replacing OverflowDB with CPG in-memory Graph
105658f 
This is the start of the removal of OverflowDB. I will do this gradually and trying not to brake too many things at once. The first step is to move the Evaluator into a LegacyEvaluator and start with a new Evaluator class.

This is slightly blocked with support for CPG 4.0 (see #184), because otherwise we cannot add new features to the CPG graph if we need them.

Closes #218
@oxisto
Making progress to rule evaluation
083a4df
@oxisto
Moving MarkContext to Legacy
c8d7d7e
@oxisto
More lgeacy conversion
bd9a6e2
@oxisto
++
b26e501
@oxisto oxisto added the blocked label Jul 4, 2021
@oxisto
Copy link
Member Author

oxisto commented Jul 4, 2021

The first test in MarkCppTest seems to work!

oxisto added 18 commits July 4, 2021 23:18
@oxisto
Added new forbidden evaluator
c52c22a
@oxisto
Switched test to new evaluator. Only 59 tests fail
1dde144
@oxisto
Only 55 test failures
85d2176
@oxisto
Fixed builtins. 50 test fails
ccabdd5
@oxisto
Started converting the NFA order evaluator
8172b88
@oxisto
Fixed region in NFA evaluation. 43 test fails
ea03316
@oxisto
Fixed issue with missing types. 37 test fails
181415f
@oxisto
Fixed error in MarkContextHolder::createNullResult. 32 test failures
935c58f
@oxisto
Fixed Expression.getBaseOfInitializerArgument. 18 test fails
19e54ae
@oxisto
Some cleanup
92c4a7c
@oxisto
+
4a1d31e
@oxisto
Bultin fixes. 14 test fails
c5b930c
@oxisto
More builtins. 12 test fails
bdb9096
@oxisto
First try at the WPDS. Still not complete
b00efed
@oxisto
Made WPDS work. 2 test fails remaining
7e13c50
@oxisto
Fixed small error in getBaseOfInitializerArgument
e2e98ad
@oxisto
Dealing with wrong test results of ID_2_2_02
cc6f50e
@oxisto
Fixed tests
da950c4
@oxisto
Copy link
Member Author

oxisto commented Jul 5, 2021

The initial pass is done. @fwendland how should we proceed? Directly remove all the legacy files? I really do not want to keep them too long, they were primarily my reference in building the new evaluator.

oxisto and others added 6 commits July 5, 2021 18:15
@oxisto
Merge branch 'main' into remove-overflow-db
6c4f02d
@fwendland @oxisto
Adds builtin _now() and _year() (#229)
76805d3 
Builtin `_now()` returns the current time at execution as seconds
since epoch -- 1970-01-01T00:00:00Z.

Builtin `_year()` takes an integer argument, interprets it as seconds
since epoch and returns the current year.

`_now()` and `_year()` can be used in conjunction to create time
dependent rules. For instance, one can write rules that are valid
for a predetermined number of years. Afterwards, these rules are
considered obsolete.

To implement zero parameter builtins, `Builtin` was retrofitted with
a flag to indicate whether it has parameters.
@oxisto
Updated to main
55ba918
@oxisto
Removed Overflow DB
6f31ced
@oxisto
Merge remote-tracking branch 'origin/main' into remove-overflow-db
2d10225
@oxisto
Code cleanup
87c9619
@oxisto oxisto marked this pull request as ready for review July 8, 2021 12:37
@oxisto oxisto mentioned this pull request Jul 8, 2021
Merged
@fwendland fwendland removed the blocked label Jul 12, 2021
@fwendland fwendland self-requested a review July 13, 2021 16:32
fwendland
fwendland approved these changes Jul 13, 2021
View reviewed changes
Copy link
Collaborator

@fwendland fwendland left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@oxisto oxisto enabled auto-merge (squash) July 13, 2021 16:34
@sonarcloud
Copy link

sonarcloud bot commented Jul 13, 2021

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 24 Code Smells

84.2% 84.2% Coverage
0.0% 0.0% Duplication

@oxisto oxisto merged commit 84c2b3d into main Jul 13, 2021
@oxisto oxisto deleted the remove-overflow-db branch July 13, 2021 16:35
fwendland added a commit that referenced this pull request Apr 15, 2024
@oxisto @fwendland
Replacing OverflowDB with CPG in-memory Graph (#226)
3b52393 
Co-authored-by: Wendland, Florian <florian.wendland@aisec.fraunhofer.de>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fwendland fwendland fwendland approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Remove OverflowDB
2 participants
@oxisto @fwendland