Ruby: Include query results in test

hmac · hmac · commit 8f3578c92af1 · 2022-04-05T10:20:02.000+12:00
diff --git a/ruby/ql/test/query-tests/security/cwe-300/InsecureDependency.expected b/ruby/ql/test/query-tests/security/cwe-300/InsecureDependency.expected
@@ -0,0 +1,16 @@
+failures
+#select
+| Gemfile:2:8:2:28 | "http://rubygems.org" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. |
+| Gemfile:3:8:3:27 | "ftp://rubygems.org" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. |
+| Gemfile:8:18:8:36 | "http://github.com" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. |
+| Gemfile:9:18:9:35 | "ftp://github.com" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. |
+| Gemfile:14:25:14:51 | "http://github.com/#{...}" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. |
+| Gemfile:15:25:15:50 | "ftp://github.com/#{...}" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. |
+| Gemfile:25:5:25:31 | "http://github.com/#{...}" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. |
+| Gemfile:29:5:29:30 | "ftp://github.com/#{...}" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. |
+| Gemfile:41:26:41:57 | "http://github.com/jwt/ruby-jwt" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. |
+| Gemfile:42:26:42:56 | "ftp://github.com/jwt/ruby-jwt" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. |
+| Gemfile:47:29:47:60 | "http://github.com/jwt/ruby-jwt" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. |
+| Gemfile:48:29:48:59 | "ftp://github.com/jwt/ruby-jwt" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. |
+| Gemfile:53:29:53:49 | "http://rubygems.org" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. |
+| Gemfile:54:29:54:48 | "ftp://rubygems.org" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. |
diff --git a/ruby/ql/test/query-tests/security/cwe-300/InsecureDependency.ql b/ruby/ql/test/query-tests/security/cwe-300/InsecureDependency.ql
@@ -2,8 +2,8 @@ import ruby
 import TestUtilities.InlineExpectationsTest
 import codeql.ruby.security.InsecureDependencyQuery
 
-class InsecureDependencyResolutionTest extends InlineExpectationsTest {
-  InsecureDependencyResolutionTest() { this = "InsecureDependencyResolutionTest" }
+class InsecureDependencyTest extends InlineExpectationsTest {
+  InsecureDependencyTest() { this = "InsecureDependencyTest" }
 
   override string getARelevantTag() { result = "BAD" }
 
@@ -17,3 +17,7 @@ class InsecureDependencyResolutionTest extends InlineExpectationsTest {
     )
   }
 }
+
+from Expr url, string msg
+where insecureDependencyUrl(url, msg)
+select url, msg
diff --git a/ruby/ql/test/query-tests/security/cwe-300/InsecureDependencyResolution.expected b/ruby/ql/test/query-tests/security/cwe-300/InsecureDependencyResolution.expected

Original file line number	Diff line number	Diff line change
`@@ -2,8 +2,8 @@ import ruby`
`2`	`2`	`import TestUtilities.InlineExpectationsTest`
`3`	`3`	`import codeql.ruby.security.InsecureDependencyQuery`
`4`	`4`
`5`		`-class InsecureDependencyResolutionTest extends InlineExpectationsTest {`
`6`		`- InsecureDependencyResolutionTest() { this = "InsecureDependencyResolutionTest" }`
	`5`	`+class InsecureDependencyTest extends InlineExpectationsTest {`
	`6`	`+ InsecureDependencyTest() { this = "InsecureDependencyTest" }`
`7`	`7`
`8`	`8`	`override string getARelevantTag() { result = "BAD" }`
`9`	`9`
`@@ -17,3 +17,7 @@ class InsecureDependencyResolutionTest extends InlineExpectationsTest {`
`17`	`17`	`)`
`18`	`18`	`}`
`19`	`19`	`}`
	`20`	`+`
	`21`	`+from Expr url, string msg`
	`22`	`+where insecureDependencyUrl(url, msg)`
	`23`	`+select url, msg`