Skip to content

Compiled CodeQL packs cannot reference another pack from one of its query suites #8412

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Jeeppler opened this issue Mar 11, 2022 · 4 comments · Fixed by #8553
Closed

Compiled CodeQL packs cannot reference another pack from one of its query suites #8412

Jeeppler opened this issue Mar 11, 2022 · 4 comments · Fixed by #8553
Assignees
@aeisenberg
Labels
question Further information is requested

Comments

@Jeeppler
Copy link

Description of the issue

I am unable to run queries for a project written in C. The queries keep failing with the same error: Compiled CodeQL packs cannot reference another pack from one of its query suites.

$ codeql database analyze c-lang ~/.codeql/packages/codeql/cpp-queries/0.0.10/codeql-suites/cpp-code-scanning.qls --format=sarifv2.1.0 --output=c-lang.sarif
Running queries.
A fatal error occurred: Compiled CodeQL packs cannot reference another pack from one of its query suites. 'codeql/cpp-queries@0.0.10' references 'codeql/cpp-queries'.

CodeQL CLI version:

codeql --version
CodeQL command-line toolchain release 2.8.2.
Copyright (C) 2019-2022 GitHub, Inc.

I was unable to find anything regarding the issue in the documentation. What are Compiled CodeQL packs? Why do I get this error?
@Jeeppler Jeeppler added the question Further information is requested label Mar 11, 2022
@hvitved
Copy link
Contributor

hvitved commented Mar 16, 2022

@dbartol or @aeisenberg could you take a look, please?

@igrr igrr mentioned this issue Mar 18, 2022
Closed
@aeisenberg aeisenberg self-assigned this Mar 24, 2022
@aeisenberg
Copy link
Contributor

I was on vacation and back now. I'll pick this up.

@aeisenberg
Copy link
Contributor

The reason behind this error is that we need to ensure that all of a compiled query pack's dependencies are contained within the pack. This ensures that once a pack is compiled, the query results will remain constant because it does not depend on anything external that can change.

There are two things here:

  1. The failing query suite specifies a qlpack name even though it does not need to. Deleting line 6 (from: codeql/cpp-queries) of ~/.codeql/packages/codeql/cpp-queries/0.0.10/codeql-suites/cpp-code-scanning.qls will allow the command to pass.
  2. The codeql CLI is being too strict with its check. If the qlpack referenced in the from directive is the same pack that contains the suite being run, then we should not be throwing an error here.

I will make both fixes. @Jeeppler, you can manually edit the compiled qlpack as I describe in (1), which should get this working again.

aeisenberg added a commit that referenced this issue Mar 24, 2022
@aeisenberg
Suites: Remove self-referential from directives
99f14af 
Fixes #8412

See #8412 (comment)
for more detail.
@aeisenberg aeisenberg mentioned this issue Mar 24, 2022
Merged
@aeisenberg
Copy link
Contributor

aeisenberg commented Mar 25, 2022
edited
Loading

Will be fixed in the 2.9.0 CodeQL CLI release.

@prdngr prdngr mentioned this issue Nov 4, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aeisenberg aeisenberg

Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Suites: Remove self-referential from directives github/codeql
3 participants
@aeisenberg @Jeeppler @hvitved