Merge pull request #8143 from erik-krogh/pred-ql-style

QL: add ql-for-ql query for detecting bad predicate qldoc

Author: erik-krogh

javascript/ql/examples/queries/dataflow/StoredXss/StoredXssTypeTracking.ql

@@ -13,7 +13,7 @@ import semmle.javascript.security.dataflow.StoredXssQuery
 import DataFlow::PathGraph
 
 /**
- * An instance of `mysql.createConnection()`, tracked globally.
+ * Gets an instance of `mysql.createConnection()`, tracked globally.
  */
 DataFlow::SourceNode mysqlConnection(DataFlow::TypeTracker t) {
   t.start() and
@@ -23,7 +23,7 @@ DataFlow::SourceNode mysqlConnection(DataFlow::TypeTracker t) {
 }
 
 /**
- * An instance of `mysql.createConnection()`, tracked globally.
+ * Gets an instance of `mysql.createConnection()`, tracked globally.
  */
 DataFlow::SourceNode mysqlConnection() { result = mysqlConnection(DataFlow::TypeTracker::end()) }
 

javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll

@@ -134,7 +134,7 @@ int getNumCharsInFunction(Function f) {
 }
 
 /**
- * The maximum number of characters a feature can be.
+ * Gets the maximum number of characters a feature can be.
  * The evaluator string limit is 5395415 characters. We choose a limit lower than this.
  */
 private int getMaxChars() { result = 1000000 }

javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractMisclassifiedEndpointFeatures.ql

@@ -12,7 +12,7 @@ import experimental.adaptivethreatmodeling.EndpointFeatures as EndpointFeatures
 import experimental.adaptivethreatmodeling.EndpointTypes
 import semmle.javascript.security.dataflow.NosqlInjectionCustomizations
 
-/** The positive endpoint type for which you wish to find misclassified examples. */
+/** Gets the positive endpoint type for which you wish to find misclassified examples. */
 EndpointType getEndpointType() { result instanceof NosqlInjectionSinkType }
 
 /** Get a positive endpoint. This will be run through the classifier to determine whether it is misclassified. */

javascript/ql/lib/semmle/javascript/Arrays.qll

@@ -16,7 +16,7 @@ module ArrayTaintTracking {
   }
 
   /**
-   * A taint propagating data flow edge from `pred` to `succ` caused by a call `call` to a builtin array functions.
+   * Holds if there is a taint propagating data flow edge from `pred` to `succ` caused by a call `call` to a builtin array functions.
    */
   predicate arrayFunctionTaintStep(DataFlow::Node pred, DataFlow::Node succ, DataFlow::CallNode call) {
     // `array.map(function (elt, i, ary) { ... })`: if `array` is tainted, then so are
@@ -357,7 +357,7 @@ private module ArrayLibraries {
   }
 
   /**
-   * A call to a library that copies the elements of an array into another array.
+   * Gets a call to a library that copies the elements of an array into another array.
    * E.g. `array-union` that creates a union of multiple arrays, or `array-uniq` that creates an array with unique elements.
    */
   DataFlow::CallNode arrayCopyCall(DataFlow::Node array) {

javascript/ql/lib/semmle/javascript/DOM.qll

@@ -300,7 +300,7 @@ module DOM {
     }
 
     /**
-     * A data flow node that might refer to some form.
+     * Gets a data flow node that might refer to some form.
      * Either by a read like `document.forms[0]`, or a property read from `document` with some constant property-name.
      * E.g. if `<form name="foobar">..</form>` exists, then `document.foobar` refers to that form.
      */

javascript/ql/lib/semmle/javascript/JsonSchema.qll

@@ -56,7 +56,7 @@ module JsonSchema {
 
   /** Provides a model of the `ajv` library. */
   module Ajv {
-    /** A method on `Ajv` that returns `this`. */
+    /** Gets a method on `Ajv` that returns `this`. */
     private string chainedMethod() {
       result =
         ["addSchema", "addMetaSchema", "removeSchema", "addFormat", "addKeyword", "removeKeyword"]
@@ -141,7 +141,7 @@ module JsonSchema {
 
   /** Provides a model for working with the [`joi`](https://npmjs.org/package/joi) library. */
   module Joi {
-    /** A schema created using `joi.object()` or other schemas that might refer an object schema. */
+    /** Gets a schema created using `joi.object()` or other schemas that might refer an object schema. */
     private API::Node objectSchema() {
       // A call that creates a schema that might be an object schema.
       result =

javascript/ql/lib/semmle/javascript/SSA.qll

@@ -503,7 +503,7 @@ class SsaExplicitDefinition extends SsaDefinition, TExplicitDef {
   /** This SSA definition corresponds to the definition of `v` at `def`. */
   predicate defines(VarDef d, SsaSourceVariable v) { this = TExplicitDef(_, _, d, v) }
 
-  /** The variable definition wrapped by this SSA definition. */
+  /** Gets the variable definition wrapped by this SSA definition. */
   VarDef getDef() { this = TExplicitDef(_, _, result, _) }
 
   /** Gets the basic block to which this definition belongs. */

javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll

@@ -787,16 +787,16 @@ class MemberKind extends string {
 }
 
 module MemberKind {
-  /** The kind of a method, such as `m() {}` */
+  /** Gets the kind of a method, such as `m() {}` */
   MemberKind method() { result = "method" }
 
-  /** The kind of a getter accessor, such as `get f() {}`. */
+  /** Gets the kind of a getter accessor, such as `get f() {}`. */
   MemberKind getter() { result = "getter" }
 
-  /** The kind of a setter accessor, such as `set f() {}`. */
+  /** Gets the kind of a setter accessor, such as `set f() {}`. */
   MemberKind setter() { result = "setter" }
 
-  /** The `getter` and `setter` kinds. */
+  /** Gets the `getter` and `setter` kinds. */
   MemberKind accessor() { result = getter() or result = setter() }
 
   /**

javascript/ql/lib/semmle/javascript/dataflow/TaintTracking.qll

@@ -804,13 +804,13 @@ module TaintTracking {
   }
 
   /**
-   * A pseudo-property a `URL` that stores a value that can be obtained
+   * Gets a pseudo-property a `URL` that stores a value that can be obtained
    * with a `get` or `getAll` call to the `searchParams` property.
    */
   private string hiddenUrlPseudoProperty() { result = "$hiddenSearchPararms" }
 
   /**
-   * A pseudo-property on a `URLSearchParams` that can be obtained
+   * Gets a pseudo-property on a `URLSearchParams` that can be obtained
    * with a `get` or `getAll` call.
    */
   private string getableUrlPseudoProperty() { result = "$gettableSearchPararms" }

javascript/ql/lib/semmle/javascript/dataflow/internal/FlowSteps.qll

@@ -480,7 +480,7 @@ private module CachedSteps {
   }
 
   /**
-   * A step from `pred` to `succ` through a call to an identity function.
+   * Holds if there is a step from `pred` to `succ` through a call to an identity function.
    */
   cached
   predicate identityFunctionStep(DataFlow::Node pred, DataFlow::CallNode succ) {