Skip to content

Rust: Re-categorize tokio-postgres sources as remote. #18752

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
geoffw0 wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

Rust: Re-categorize tokio-postgres sources as remote. #18752

geoffw0 wants to merge 3 commits into from

Conversation

@geoffw0
Copy link
Contributor

@geoffw0 geoffw0 commented Feb 12, 2025
edited
Loading

Re-categorize tokio-postgres sources as remote. It turns out their existing type, database, is a local source type and this leads to the sources being disabled in the default configuration. The new type, remote, reflects the fact that tokio_postgres is intended to connect to remote (and local) databases, so these are potentially remote data sources.

@GeekMasher FYI

Update: if we do this, we will want to update the sources from #18577 as well.

@geoffw0 geoffw0 added the Rust Pull requests that update Rust code label Feb 12, 2025
Copilot AI review requested due to automatic review settings February 12, 2025 09:10
Copilot AI reviewed Feb 12, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR Overview

This pull request updates the type categorization for tokio-postgres sources from "database" to "remote" to better reflect the intended usage of the library.

  • Update the classification in the tokio-postgres model YAML file.

Changes

File Description
rust/ql/lib/codeql/rust/frameworks/tokio-postgres.model.yml Updated source type from "database" to "remote" to align the configuration with the library’s connectivity characteristics

Copilot reviewed 1 out of 1 changed files in this pull request and generated no comments.

Tip: Copilot only keeps its highest confidence comments to reduce noise and keep you focused. Learn more

@geoffw0
Copy link
Contributor Author

geoffw0 commented Feb 12, 2025
edited
Loading

There is an alternative approach, which is to reconsider database sources being a sub-category of local and thus disabled in the default configuration. We'd have to loop in a few more people if we want to go that route, since the default configuration affects analysis in all languages.

@geoffw0 geoffw0 mentioned this pull request Feb 12, 2025
Merged
@geoffw0 geoffw0 marked this pull request as draft February 12, 2025 17:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

Rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@geoffw0