New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clean up CodeQL issues #275

Merged

Freezor merged 30 commits into eclipse-aaspe:main from Freezor:freezor/fix-code-scanning-allerts

Jun 13, 2024

Contributor

Freezor commented Jun 13, 2024

Description

This PR addresses several CodeQL issues identified across various files in the project. The changes include removing unused variables, fixing potentially dangerous logic, and ensuring proper implementation of methods like Equals(object).

Motivation and Context

These changes are necessary to improve code quality and maintainability by resolving CodeQL alerts related to unused variables, dangerous logic patterns, and missing method implementations.

Type of change

Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

The changes have been tested by running unit tests and verifying the affected functionality in a development environment. Detailed tests were conducted to ensure that the fixes are effective and do not introduce regressions.

Screenshots (if appropriate):

Checklist:

My code follows the style guidelines of this project
I have commented my code, particularly in hard-to-understand areas
I have made corresponding changes to the documentation
I have added tests that prove my fix is effective or that my feature works

Freezor added 29 commits

June 13, 2024 15:56


          update changelog_configuration.json

6de88fc


          Merge remote-tracking branch 'origin/main'

c27f854


          update project version

adec6bf


          add dockerfiles to solution

714432e


          update changelog configuration to be more accurate

c68cb09


          Add comment to job

4bc31ca


          Make prerelease build check for changes before running and add Cron-J…

ccfa56c

…ob to run nightly, to basically change into a nightly build


          update workflow name

68e8029


          fix env outpu

7df5e74


          build nightly on push for testing purpose

2df9d66


          fix check previous build job

c55531b


          fix the nightly build and allow manual workflow triggering

39cc172


          fix csproj version tag


          apply new information

611dd28


          improve CONTRIBUTING.md and README.md based on newest release workflo…

860c11b

…w changes


          Fix documentation

8039e0e


          Create SECURITY.md

285950d


          Fix grammar

cd8a1f8


          update changelog categories

e6c5410


          Merge remote-tracking branch 'origin/main'

9c51401


          Remove not accessed variable and fix format

52dd8ce


          apply format to Program.cs

6596d97


          fix format

08e06a2


          FIx Potentially dangerous use of non-short-circuit logic in ExtendObj…

c0f8e01

…ect.cs


          FIx invalid String formatting

f21a5ae


          Remove unused local variables in SampleNodeManager.cs

fe07c54


          Fix Class does not implement Equals(object) for SearchResultItem in A…

561874c

…dminShellUtil.cs


          Fix Class does not implement Equals(object) in types.cs

a670d98


          Fix Class does not implement Equals(object) in types.cs

4d26906

Freezor added the bug label


          Fix build

7b18dd3

Freezor merged commit 06d4538 into eclipse-aaspe:main

3 of 4 checks passed

github-advanced-security bot found potential problems

View reviewed changes

src/AasxCsharpLibrary/AasxCompatibilityModels/V20/AdminShellUtil.cs

                           }
                           // now, "salt" the strings
                           for (int i = 0; i < 32; i++)
                           {
                               var c = Convert.ToChar(48 + MyRnd.Next(10));
-                              decimals += c;
-                              hexamals += c;
+                              decimals  += c;

Check notice

Code scanning / CodeQL

String concatenation in loop Note

String concatenation in loop: use 'StringBuilder'.

src/AasxCsharpLibrary/AasxCompatibilityModels/V20/AdminShellUtil.cs

-                              decimals += c;
-                              hexamals += c;
+                              decimals  += c;
+                              hexamals  += c;

Check notice

Code scanning / CodeQL

String concatenation in loop Note

String concatenation in loop: use 'StringBuilder'.

src/AasxCsharpLibrary/AasxCompatibilityModels/V20/AdminShellUtil.cs

@@ @@ -606,20 +623,18 @@ @@
                           {
                               if (tpli == 'D' && decimals.Length > 0)
                               {
-                                  id += decimals[0];
-                                  decimals = decimals.Remove(0, 1);
+                                  id       += decimals[ 0 ];

Check notice

Code scanning / CodeQL

String concatenation in loop Note

String concatenation in loop: use 'StringBuilder'.

src/AasxCsharpLibrary/AasxCompatibilityModels/V20/AdminShellUtil.cs

                               {
-                                  id += hexamals[0];
-                                  hexamals = hexamals.Remove(0, 1);
+                                  id       += hexamals[ 0 ];

Check notice

Code scanning / CodeQL

String concatenation in loop Note

String concatenation in loop: use 'StringBuilder'.

src/AasxCsharpLibrary/AasxCompatibilityModels/V20/AdminShellUtil.cs

                               {
-                                  id += alphamals[0];
-                                  alphamals = alphamals.Remove(0, 1);
+                                  id        += alphamals[ 0 ];

Check notice

Code scanning / CodeQL

String concatenation in loop Note

String concatenation in loop: use 'StringBuilder'.

src/AasxCsharpLibrary/AasxCompatibilityModels/V20/AdminShellUtil.cs

@@ @@ -339,6 +343,19 @@ @@
                                      this.foundText == other.foundText &&
                                      this.foundHash == other.foundHash;
                           }
+                          public override bool Equals(object obj) => obj is SearchResultItem item && Equals(item);

Check warning

Code scanning / CodeQL

Equals should not apply "is" Warning

SearchResultItem.Equals(object) should not use "is" on its parameter, as it will not work properly for subclasses of SearchResultItem.

Freezor deleted the freezor/fix-code-scanning-allerts branch

June 18, 2024 11:28

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug