diff --git a/go/documentation/library-coverage/frameworks.csv b/go/documentation/library-coverage/frameworks.csv index bd5a92490687..b5a4c6d65b8c 100644 --- a/go/documentation/library-coverage/frameworks.csv +++ b/go/documentation/library-coverage/frameworks.csv @@ -3,6 +3,7 @@ Standard library,https://pkg.go.dev/std, archive/* bufio bytes cmp compress/* co appleboy/gin-jwt,https://github.com/appleboy/gin-jwt,github.com/appleboy/gin-jwt* Afero,https://github.com/spf13/afero,github.com/spf13/afero* beego,https://beego.me/,github.com/astaxie/beego* github.com/beego/beego* +bigquery,https://pkg.go.dev/cloud.google.com/go/bigquery,cloud.google.com/go/bigquery* Bun,https://bun.uptrace.dev/,github.com/uptrace/bun* CleverGo,https://github.com/clevergo/clevergo,clevergo.tech/clevergo* github.com/clevergo/clevergo* Couchbase official client(gocb),https://github.com/couchbase/gocb,github.com/couchbase/gocb* gopkg.in/couchbase/gocb* @@ -35,7 +36,7 @@ golang.org/x/net,https://pkg.go.dev/golang.org/x/net,golang.org/x/net* goproxy,https://github.com/elazarl/goproxy,github.com/elazarl/goproxy* gorilla/mux,https://github.com/gorilla/mux,github.com/gorilla/mux* gorilla/websocket,https://github.com/gorilla/websocket,github.com/gorilla/websocket* -gorqlite,https://github.com/rqlite/gorqlite,github.com/raindog308/gorqlite* github.com/rqlite/gorqlite* +gorqlite,https://github.com/rqlite/gorqlite,github.com/raindog308/gorqlite* github.com/rqlite/gorqlite* github.com/kanikanema/gorqlite* goxpath,https://github.com/ChrisTrenkamp/goxpath/wiki,github.com/ChrisTrenkamp/goxpath* htmlquery,https://github.com/antchfx/htmlquery,github.com/antchfx/htmlquery* Iris,https://www.iris-go.com/,github.com/kataras/iris* diff --git a/go/ql/lib/change-notes/2025-05-22-bigquery-client-query-sql-injection.md b/go/ql/lib/change-notes/2025-05-22-bigquery-client-query-sql-injection.md new file mode 100644 index 000000000000..49d040dc4096 --- /dev/null +++ b/go/ql/lib/change-notes/2025-05-22-bigquery-client-query-sql-injection.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The first argument of `Client.Query` in `cloud.google.com/go/bigquery` is now recognized as a SQL injection sink. diff --git a/go/ql/lib/ext/cloud.google.com.go.bigquery.model.yml b/go/ql/lib/ext/cloud.google.com.go.bigquery.model.yml new file mode 100644 index 000000000000..e2d51e9c6ae2 --- /dev/null +++ b/go/ql/lib/ext/cloud.google.com.go.bigquery.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: codeql/go-all + extensible: sinkModel + data: + - ["cloud.google.com/go/bigquery", "Client", True, "Query", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/QueryString.expected b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/QueryString.expected new file mode 100644 index 000000000000..42831abaf155 --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/QueryString.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/QueryString.ql b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/QueryString.ql new file mode 100644 index 000000000000..fa869181ed94 --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/QueryString.ql @@ -0,0 +1,56 @@ +import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation +import utils.test.InlineExpectationsTest + +module SqlTest implements TestSig { + string getARelevantTag() { result = "query" } + + predicate hasActualResult(Location location, string element, string tag, string value) { + tag = "query" and + exists(SQL::Query q, SQL::QueryString qs | qs = q.getAQueryString() | + q.getLocation() = location and + element = q.toString() and + value = qs.toString() + ) + } +} + +module QueryString implements TestSig { + string getARelevantTag() { result = "querystring" } + + predicate hasActualResult(Location location, string element, string tag, string value) { + tag = "querystring" and + element = "" and + exists(SQL::QueryString qs | not exists(SQL::Query q | qs = q.getAQueryString()) | + qs.getLocation() = location and + value = qs.toString() + ) + } +} + +module Config implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node n) { n.asExpr() instanceof StringLit } + + predicate isSink(DataFlow::Node n) { + n = any(DataFlow::CallNode cn | cn.getTarget().getName() = "sink").getAnArgument() + } +} + +module Flow = TaintTracking::Global; + +module TaintFlow implements TestSig { + string getARelevantTag() { result = "flowfrom" } + + predicate hasActualResult(Location location, string element, string tag, string value) { + tag = "flowfrom" and + element = "" and + exists(DataFlow::Node fromNode, DataFlow::Node toNode | + toNode.getLocation() = location and + Flow::flow(fromNode, toNode) and + value = fromNode.asExpr().(StringLit).getValue() + ) + } +} + +import MakeTest> diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/bigquery.expected b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/bigquery.expected new file mode 100644 index 000000000000..f0954e9491b7 --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/bigquery.expected @@ -0,0 +1 @@ +| bigquery.go:17:15:17:23 | untrusted | cloud.google.com/go/bigquery.Client | Query | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/bigquery.go b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/bigquery.go new file mode 100644 index 000000000000..ae721c3a5679 --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/bigquery.go @@ -0,0 +1,18 @@ +package main + +//go:generate depstubber -vendor cloud.google.com/go/bigquery Client + +import ( + "cloud.google.com/go/bigquery" +) + +func getUntrustedString() string { + return "trouble" +} + +func main() { + untrusted := getUntrustedString() + var client *bigquery.Client + + client.Query(untrusted) // $ querystring=untrusted +} diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/bigquery.ql b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/bigquery.ql new file mode 100644 index 000000000000..ba7d0de1650a --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/bigquery.ql @@ -0,0 +1,7 @@ +import go + +from SQL::QueryString qs, Function func, string a, string b +where + func.hasQualifiedName(a, b) and + qs = func.getACall().getSyntacticArgument(_) +select qs, a, b diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/go.mod b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/go.mod new file mode 100644 index 000000000000..0211ae17fea5 --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/go.mod @@ -0,0 +1,50 @@ +module bigquerytest + +go 1.24 + +require cloud.google.com/go/bigquery v1.68.0 + +require ( + cloud.google.com/go v0.121.0 // indirect + cloud.google.com/go/auth v0.16.1 // indirect + cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect + cloud.google.com/go/compute/metadata v0.6.0 // indirect + cloud.google.com/go/iam v1.5.2 // indirect + github.com/apache/arrow/go/v15 v15.0.2 // indirect + github.com/felixge/httpsnoop v1.0.4 // indirect + github.com/go-logr/logr v1.4.2 // indirect + github.com/go-logr/stdr v1.2.2 // indirect + github.com/goccy/go-json v0.10.2 // indirect + github.com/google/flatbuffers v23.5.26+incompatible // indirect + github.com/google/s2a-go v0.1.9 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect + github.com/googleapis/gax-go/v2 v2.14.1 // indirect + github.com/klauspost/compress v1.16.7 // indirect + github.com/klauspost/cpuid/v2 v2.2.5 // indirect + github.com/pierrec/lz4/v4 v4.1.18 // indirect + github.com/zeebo/xxh3 v1.0.2 // indirect + go.opentelemetry.io/auto/sdk v1.1.0 // indirect + go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect + go.opentelemetry.io/otel v1.35.0 // indirect + go.opentelemetry.io/otel/metric v1.35.0 // indirect + go.opentelemetry.io/otel/trace v1.35.0 // indirect + golang.org/x/crypto v0.37.0 // indirect + golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect + golang.org/x/mod v0.23.0 // indirect + golang.org/x/net v0.39.0 // indirect + golang.org/x/oauth2 v0.29.0 // indirect + golang.org/x/sync v0.14.0 // indirect + golang.org/x/sys v0.32.0 // indirect + golang.org/x/text v0.24.0 // indirect + golang.org/x/time v0.11.0 // indirect + golang.org/x/tools v0.30.0 // indirect + golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da // indirect + google.golang.org/api v0.231.0 // indirect + google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20250428153025-10db94c68c34 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20250428153025-10db94c68c34 // indirect + google.golang.org/grpc v1.72.0 // indirect + google.golang.org/protobuf v1.36.6 // indirect +) diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/vendor/cloud.google.com/go/bigquery/stub.go b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/vendor/cloud.google.com/go/bigquery/stub.go new file mode 100644 index 000000000000..5f7b3e51f59a --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/vendor/cloud.google.com/go/bigquery/stub.go @@ -0,0 +1,1125 @@ +// Code generated by depstubber. DO NOT EDIT. +// This is a simple stub for cloud.google.com/go/bigquery, strictly for use in testing. + +// See the LICENSE file for information about the licensing of the original library. +// Source: cloud.google.com/go/bigquery (exports: Client; functions: ) + +// Package bigquery is a stub of cloud.google.com/go/bigquery, generated by depstubber. +package bigquery + +import ( + context "context" + time "time" +) + +type AccessEntry struct { + Role AccessRole + EntityType EntityType + Entity string + View *Table + Routine *Routine + Dataset *DatasetAccessEntry + Condition *Expr +} + +type AccessRole string + +type ArrowIterator interface { + Next() (*ArrowRecordBatch, error) + Schema() Schema + SerializedArrowSchema() []byte +} + +type ArrowRecordBatch struct { + Data []byte + Schema []byte + PartitionID string +} + +func (_ *ArrowRecordBatch) Read(_ []byte) (int, error) { + return 0, nil +} + +type AvroOptions struct { + UseAvroLogicalTypes bool +} + +type BigLakeConfiguration struct { + ConnectionID string + StorageURI string + FileFormat BigLakeFileFormat + TableFormat BigLakeTableFormat +} + +type BigLakeFileFormat string + +type BigLakeTableFormat string + +type CSVOptions struct { + AllowJaggedRows bool + AllowQuotedNewlines bool + Encoding Encoding + FieldDelimiter string + Quote string + ForceZeroQuote bool + SkipLeadingRows int64 + NullMarker string + PreserveASCIIControlCharacters bool +} + +type Client struct { + Location string +} + +func (_ *Client) Close() error { + return nil +} + +func (_ *Client) Dataset(_ string) *Dataset { + return nil +} + +func (_ *Client) DatasetInProject(_ string, _ string) *Dataset { + return nil +} + +func (_ *Client) Datasets(_ context.Context) *DatasetIterator { + return nil +} + +func (_ *Client) DatasetsInProject(_ context.Context, _ string) *DatasetIterator { + return nil +} + +func (_ *Client) EnableStorageReadClient(_ context.Context, _ ...interface{}) error { + return nil +} + +func (_ *Client) JobFromID(_ context.Context, _ string) (*Job, error) { + return nil, nil +} + +func (_ *Client) JobFromIDLocation(_ context.Context, _ string, _ string) (*Job, error) { + return nil, nil +} + +func (_ *Client) JobFromProject(_ context.Context, _ string, _ string, _ string) (*Job, error) { + return nil, nil +} + +func (_ *Client) Jobs(_ context.Context) *JobIterator { + return nil +} + +func (_ *Client) Project() string { + return "" +} + +func (_ *Client) Query(_ string) *Query { + return nil +} + +type CloneDefinition struct { + BaseTableReference *Table + CloneTime time.Time +} + +type Clustering struct { + Fields []string +} + +type ColumnNameCharacterMap string + +type ColumnReference struct { + ReferencingColumn string + ReferencedColumn string +} + +type Compression string + +type ConnectionProperty struct { + Key string + Value string +} + +type Copier struct { + JobIDConfig + CopyConfig +} + +func (_ *Copier) Run(_ context.Context) (*Job, error) { + return nil, nil +} + +type CopyConfig struct { + Srcs []*Table + Dst *Table + CreateDisposition TableCreateDisposition + WriteDisposition TableWriteDisposition + Labels map[string]string + DestinationEncryptionConfig *EncryptionConfig + OperationType TableCopyOperationType + JobTimeout time.Duration + Reservation string +} + +type DataFormat string + +type Dataset struct { + ProjectID string + DatasetID string +} + +func (_ *Dataset) Create(_ context.Context, _ *DatasetMetadata) error { + return nil +} + +func (_ *Dataset) CreateWithOptions(_ context.Context, _ *DatasetMetadata, _ ...DatasetOption) error { + return nil +} + +func (_ *Dataset) Delete(_ context.Context) error { + return nil +} + +func (_ *Dataset) DeleteWithContents(_ context.Context) error { + return nil +} + +func (_ *Dataset) Identifier(_ IdentifierFormat) (string, error) { + return "", nil +} + +func (_ *Dataset) Metadata(_ context.Context) (*DatasetMetadata, error) { + return nil, nil +} + +func (_ *Dataset) MetadataWithOptions(_ context.Context, _ ...DatasetOption) (*DatasetMetadata, error) { + return nil, nil +} + +func (_ *Dataset) Model(_ string) *Model { + return nil +} + +func (_ *Dataset) Models(_ context.Context) *ModelIterator { + return nil +} + +func (_ *Dataset) Routine(_ string) *Routine { + return nil +} + +func (_ *Dataset) Routines(_ context.Context) *RoutineIterator { + return nil +} + +func (_ *Dataset) Table(_ string) *Table { + return nil +} + +func (_ *Dataset) Tables(_ context.Context) *TableIterator { + return nil +} + +func (_ *Dataset) Update(_ context.Context, _ DatasetMetadataToUpdate, _ string) (*DatasetMetadata, error) { + return nil, nil +} + +func (_ *Dataset) UpdateWithOptions(_ context.Context, _ DatasetMetadataToUpdate, _ string, _ ...DatasetOption) (*DatasetMetadata, error) { + return nil, nil +} + +type DatasetAccessEntry struct { + Dataset *Dataset + TargetTypes []string +} + +type DatasetIterator struct { + ListHidden bool + Filter string + ProjectID string +} + +func (_ *DatasetIterator) Next() (*Dataset, error) { + return nil, nil +} + +func (_ *DatasetIterator) PageInfo() interface{} { + return nil +} + +type DatasetMetadata struct { + Name string + Description string + Location string + DefaultTableExpiration time.Duration + Labels map[string]string + Access []*AccessEntry + DefaultEncryptionConfig *EncryptionConfig + DefaultPartitionExpiration time.Duration + DefaultCollation string + ExternalDatasetReference *ExternalDatasetReference + MaxTimeTravel time.Duration + StorageBillingModel string + CreationTime time.Time + LastModifiedTime time.Time + FullID string + Tags []*DatasetTag + IsCaseInsensitive bool + ETag string +} + +type DatasetMetadataToUpdate struct { + Description interface{} + Name interface{} + DefaultTableExpiration interface{} + DefaultPartitionExpiration interface{} + DefaultEncryptionConfig *EncryptionConfig + DefaultCollation interface{} + ExternalDatasetReference *ExternalDatasetReference + MaxTimeTravel interface{} + StorageBillingModel interface{} + Access []*AccessEntry + IsCaseInsensitive interface{} +} + +func (_ *DatasetMetadataToUpdate) DeleteLabel(_ string) {} + +func (_ *DatasetMetadataToUpdate) SetLabel(_ string, _ string) {} + +type DatasetOption func(interface{}) + +type DatasetTag struct { + TagKey string + TagValue string +} + +type DecimalTargetType string + +type Encoding string + +type EncryptionConfig struct { + KMSKeyName string +} + +type EntityType int + +type Error struct { + Location string + Message string + Reason string +} + +func (_ Error) Error() string { + return "" +} + +type Expr struct { + Expression string + Title string + Description string + Location string +} + +type ExternalData interface{} + +type ExternalDataConfig struct { + SourceFormat DataFormat + SourceURIs []string + Schema Schema + AutoDetect bool + Compression Compression + IgnoreUnknownValues bool + MaxBadRecords int64 + Options ExternalDataConfigOptions + HivePartitioningOptions *HivePartitioningOptions + DecimalTargetTypes []DecimalTargetType + ConnectionID string + ReferenceFileSchemaURI string + MetadataCacheMode MetadataCacheMode +} + +type ExternalDataConfigOptions interface{} + +type ExternalDatasetReference struct { + Connection string + ExternalSource string +} + +type ExtractConfig struct { + Src *Table + SrcModel *Model + Dst *GCSReference + DisableHeader bool + Labels map[string]string + UseAvroLogicalTypes bool + JobTimeout time.Duration + Reservation string +} + +type Extractor struct { + JobIDConfig + ExtractConfig +} + +func (_ *Extractor) Run(_ context.Context) (*Job, error) { + return nil, nil +} + +type FieldSchema struct { + Name string + Description string + Repeated bool + Required bool + Type FieldType + PolicyTags *PolicyTagList + Schema Schema + MaxLength int64 + Precision int64 + Scale int64 + DefaultValueExpression string + Collation string + RangeElementType *RangeElementType + RoundingMode RoundingMode +} + +type FieldType string + +type FileConfig struct { + SourceFormat DataFormat + AutoDetect bool + MaxBadRecords int64 + IgnoreUnknownValues bool + Schema Schema + CSVOptions + ParquetOptions *ParquetOptions + AvroOptions *AvroOptions +} + +type ForeignKey struct { + Name string + ReferencedTable *Table + ColumnReferences []*ColumnReference +} + +type GCSReference struct { + URIs []string + FileConfig + DestinationFormat DataFormat + Compression Compression +} + +type HivePartitioningMode string + +type HivePartitioningOptions struct { + Mode HivePartitioningMode + SourceURIPrefix string + RequirePartitionFilter bool +} + +type IdentifierFormat string + +type Inserter struct { + SkipInvalidRows bool + IgnoreUnknownValues bool + TableTemplateSuffix string +} + +func (_ *Inserter) Put(_ context.Context, _ interface{}) error { + return nil +} + +type IntervalValue struct { + Years int32 + Months int32 + Days int32 + Hours int32 + Minutes int32 + Seconds int32 + SubSecondNanos int32 +} + +func (_ *IntervalValue) Canonicalize() *IntervalValue { + return nil +} + +func (_ *IntervalValue) IsCanonical() bool { + return false +} + +func (_ *IntervalValue) String() string { + return "" +} + +func (_ *IntervalValue) ToDuration() time.Duration { + return 0 +} + +type Job struct{} + +func (_ *Job) Cancel(_ context.Context) error { + return nil +} + +func (_ *Job) Children(_ context.Context) *JobIterator { + return nil +} + +func (_ *Job) Config() (JobConfig, error) { + return nil, nil +} + +func (_ *Job) Delete(_ context.Context) error { + return nil +} + +func (_ *Job) Email() string { + return "" +} + +func (_ *Job) ID() string { + return "" +} + +func (_ *Job) LastStatus() *JobStatus { + return nil +} + +func (_ *Job) Location() string { + return "" +} + +func (_ *Job) ProjectID() string { + return "" +} + +func (_ *Job) Read(_ context.Context) (*RowIterator, error) { + return nil, nil +} + +func (_ *Job) Status(_ context.Context) (*JobStatus, error) { + return nil, nil +} + +func (_ *Job) Wait(_ context.Context) (*JobStatus, error) { + return nil, nil +} + +type JobConfig interface{} + +type JobIDConfig struct { + JobID string + AddJobIDSuffix bool + Location string + ProjectID string +} + +type JobIterator struct { + ProjectID string + AllUsers bool + State State + MinCreationTime time.Time + MaxCreationTime time.Time + ParentJobID string +} + +func (_ *JobIterator) Next() (*Job, error) { + return nil, nil +} + +func (_ *JobIterator) PageInfo() interface{} { + return nil +} + +type JobStatistics struct { + CreationTime time.Time + StartTime time.Time + EndTime time.Time + TotalBytesProcessed int64 + Details Statistics + TotalSlotDuration time.Duration + ReservationUsage []*ReservationUsage + ReservationID string + NumChildJobs int64 + ParentJobID string + ScriptStatistics *ScriptStatistics + TransactionInfo *TransactionInfo + SessionInfo *SessionInfo + FinalExecutionDuration time.Duration + Edition ReservationEdition +} + +type JobStatus struct { + State State + Errors []*Error + Statistics *JobStatistics +} + +func (_ *JobStatus) Done() bool { + return false +} + +func (_ *JobStatus) Err() error { + return nil +} + +type LoadConfig struct { + Src LoadSource + Dst *Table + CreateDisposition TableCreateDisposition + WriteDisposition TableWriteDisposition + Labels map[string]string + TimePartitioning *TimePartitioning + RangePartitioning *RangePartitioning + Clustering *Clustering + DestinationEncryptionConfig *EncryptionConfig + SchemaUpdateOptions []string + UseAvroLogicalTypes bool + ProjectionFields []string + HivePartitioningOptions *HivePartitioningOptions + DecimalTargetTypes []DecimalTargetType + JobTimeout time.Duration + ReferenceFileSchemaURI string + CreateSession bool + ConnectionProperties []*ConnectionProperty + MediaOptions []interface{} + ColumnNameCharacterMap ColumnNameCharacterMap + Reservation string +} + +type LoadSource interface{} + +type Loader struct { + JobIDConfig + LoadConfig +} + +func (_ *Loader) Run(_ context.Context) (*Job, error) { + return nil, nil +} + +type MaterializedViewDefinition struct { + EnableRefresh bool + LastRefreshTime time.Time + Query string + RefreshInterval time.Duration + AllowNonIncrementalDefinition bool + MaxStaleness *IntervalValue +} + +type MetadataCacheMode string + +type Model struct { + ProjectID string + DatasetID string + ModelID string +} + +func (_ *Model) Delete(_ context.Context) error { + return nil +} + +func (_ *Model) ExtractorTo(_ *GCSReference) *Extractor { + return nil +} + +func (_ *Model) FullyQualifiedName() string { + return "" +} + +func (_ *Model) Identifier(_ IdentifierFormat) (string, error) { + return "", nil +} + +func (_ *Model) Metadata(_ context.Context) (*ModelMetadata, error) { + return nil, nil +} + +func (_ *Model) Update(_ context.Context, _ ModelMetadataToUpdate, _ string) (*ModelMetadata, error) { + return nil, nil +} + +type ModelIterator struct{} + +func (_ *ModelIterator) Next() (*Model, error) { + return nil, nil +} + +func (_ *ModelIterator) PageInfo() interface{} { + return nil +} + +type ModelMetadata struct { + Description string + Name string + Type string + CreationTime time.Time + LastModifiedTime time.Time + ExpirationTime time.Time + Location string + EncryptionConfig *EncryptionConfig + Labels map[string]string + ETag string +} + +func (_ *ModelMetadata) RawFeatureColumns() ([]*StandardSQLField, error) { + return nil, nil +} + +func (_ *ModelMetadata) RawLabelColumns() ([]*StandardSQLField, error) { + return nil, nil +} + +func (_ *ModelMetadata) RawTrainingRuns() []*TrainingRun { + return nil +} + +type ModelMetadataToUpdate struct { + Description interface{} + Name interface{} + ExpirationTime time.Time + EncryptionConfig *EncryptionConfig +} + +func (_ *ModelMetadataToUpdate) DeleteLabel(_ string) {} + +func (_ *ModelMetadataToUpdate) SetLabel(_ string, _ string) {} + +type ParquetOptions struct { + EnumAsString bool + EnableListInference bool +} + +type PolicyTagList struct { + Names []string +} + +type PrimaryKey struct { + Columns []string +} + +type Query struct { + JobIDConfig + QueryConfig +} + +func (_ *Query) Read(_ context.Context) (*RowIterator, error) { + return nil, nil +} + +func (_ *Query) Run(_ context.Context) (*Job, error) { + return nil, nil +} + +type QueryConfig struct { + Dst *Table + Q string + DefaultProjectID string + DefaultDatasetID string + TableDefinitions map[string]ExternalData + CreateDisposition TableCreateDisposition + WriteDisposition TableWriteDisposition + DisableQueryCache bool + DisableFlattenedResults bool + AllowLargeResults bool + Priority QueryPriority + MaxBillingTier int + MaxBytesBilled int64 + UseStandardSQL bool + UseLegacySQL bool + Parameters []QueryParameter + TimePartitioning *TimePartitioning + RangePartitioning *RangePartitioning + Clustering *Clustering + Labels map[string]string + DryRun bool + DestinationEncryptionConfig *EncryptionConfig + SchemaUpdateOptions []string + CreateSession bool + ConnectionProperties []*ConnectionProperty + JobTimeout time.Duration + Reservation string +} + +type QueryParameter struct { + Name string + Value interface{} +} + +type QueryPriority string + +type RangeElementType struct { + Type FieldType +} + +type RangePartitioning struct { + Field string + Range *RangePartitioningRange +} + +type RangePartitioningRange struct { + Start int64 + End int64 + Interval int64 +} + +type RemoteFunctionOptions struct { + Connection string + Endpoint string + MaxBatchingRows int64 + UserDefinedContext map[string]string +} + +type ReservationEdition string + +type ReservationUsage struct { + SlotMillis int64 + Name string +} + +type RoundingMode string + +type Routine struct { + ProjectID string + DatasetID string + RoutineID string +} + +func (_ *Routine) Create(_ context.Context, _ *RoutineMetadata) error { + return nil +} + +func (_ *Routine) Delete(_ context.Context) error { + return nil +} + +func (_ *Routine) FullyQualifiedName() string { + return "" +} + +func (_ *Routine) Identifier(_ IdentifierFormat) (string, error) { + return "", nil +} + +func (_ *Routine) Metadata(_ context.Context) (*RoutineMetadata, error) { + return nil, nil +} + +func (_ *Routine) Update(_ context.Context, _ *RoutineMetadataToUpdate, _ string) (*RoutineMetadata, error) { + return nil, nil +} + +type RoutineArgument struct { + Name string + Kind string + Mode string + DataType *StandardSQLDataType +} + +type RoutineDeterminism string + +type RoutineIterator struct{} + +func (_ *RoutineIterator) Next() (*Routine, error) { + return nil, nil +} + +func (_ *RoutineIterator) PageInfo() interface{} { + return nil +} + +type RoutineMetadata struct { + ETag string + Type string + CreationTime time.Time + Description string + DeterminismLevel RoutineDeterminism + LastModifiedTime time.Time + Language string + Arguments []*RoutineArgument + RemoteFunctionOptions *RemoteFunctionOptions + ReturnType *StandardSQLDataType + ReturnTableType *StandardSQLTableType + ImportedLibraries []string + Body string + DataGovernanceType string +} + +type RoutineMetadataToUpdate struct { + Arguments []*RoutineArgument + Description interface{} + DeterminismLevel interface{} + Type interface{} + Language interface{} + Body interface{} + ImportedLibraries []string + ReturnType *StandardSQLDataType + ReturnTableType *StandardSQLTableType + DataGovernanceType interface{} +} + +type RowIterator struct { + StartIndex uint64 + Schema Schema + TotalRows uint64 +} + +func (_ *RowIterator) ArrowIterator() (ArrowIterator, error) { + return nil, nil +} + +func (_ *RowIterator) IsAccelerated() bool { + return false +} + +func (_ *RowIterator) Next(_ interface{}) error { + return nil +} + +func (_ *RowIterator) PageInfo() interface{} { + return nil +} + +func (_ *RowIterator) QueryID() string { + return "" +} + +func (_ *RowIterator) SourceJob() *Job { + return nil +} + +type Schema []*FieldSchema + +func (_ Schema) Relax() Schema { + return nil +} + +func (_ Schema) ToJSONFields() ([]byte, error) { + return nil, nil +} + +type ScriptStackFrame struct { + StartLine int64 + StartColumn int64 + EndLine int64 + EndColumn int64 + ProcedureID string + Text string +} + +type ScriptStatistics struct { + EvaluationKind string + StackFrames []*ScriptStackFrame +} + +type SessionInfo struct { + SessionID string +} + +type SnapshotDefinition struct { + BaseTableReference *Table + SnapshotTime time.Time +} + +type StandardSQLDataType struct { + ArrayElementType *StandardSQLDataType + RangeElementType *StandardSQLDataType + StructType *StandardSQLStructType + TypeKind string +} + +type StandardSQLField struct { + Name string + Type *StandardSQLDataType +} + +type StandardSQLStructType struct { + Fields []*StandardSQLField +} + +type StandardSQLTableType struct { + Columns []*StandardSQLField +} + +type State int + +type Statistics interface{} + +type StreamingBuffer struct { + EstimatedBytes uint64 + EstimatedRows uint64 + OldestEntryTime time.Time +} + +type Table struct { + ProjectID string + DatasetID string + TableID string +} + +func (_ *Table) CopierFrom(_ ...*Table) *Copier { + return nil +} + +func (_ *Table) Create(_ context.Context, _ *TableMetadata) error { + return nil +} + +func (_ *Table) Delete(_ context.Context) error { + return nil +} + +func (_ *Table) ExtractorTo(_ *GCSReference) *Extractor { + return nil +} + +func (_ *Table) FullyQualifiedName() string { + return "" +} + +func (_ *Table) IAM() interface{} { + return nil +} + +func (_ *Table) Identifier(_ IdentifierFormat) (string, error) { + return "", nil +} + +func (_ *Table) Inserter() *Inserter { + return nil +} + +func (_ *Table) LoaderFrom(_ LoadSource) *Loader { + return nil +} + +func (_ *Table) Metadata(_ context.Context, _ ...TableMetadataOption) (*TableMetadata, error) { + return nil, nil +} + +func (_ *Table) Read(_ context.Context) *RowIterator { + return nil +} + +func (_ *Table) Update(_ context.Context, _ TableMetadataToUpdate, _ string, _ ...TableUpdateOption) (*TableMetadata, error) { + return nil, nil +} + +func (_ *Table) Uploader() *Inserter { + return nil +} + +type TableConstraints struct { + PrimaryKey *PrimaryKey + ForeignKeys []*ForeignKey +} + +type TableCopyOperationType string + +type TableCreateDisposition string + +type TableIterator struct{} + +func (_ *TableIterator) Next() (*Table, error) { + return nil, nil +} + +func (_ *TableIterator) PageInfo() interface{} { + return nil +} + +type TableMetadata struct { + Name string + Location string + Description string + Schema Schema + MaterializedView *MaterializedViewDefinition + ViewQuery string + UseLegacySQL bool + UseStandardSQL bool + TimePartitioning *TimePartitioning + RangePartitioning *RangePartitioning + RequirePartitionFilter bool + Clustering *Clustering + ExpirationTime time.Time + Labels map[string]string + ExternalDataConfig *ExternalDataConfig + EncryptionConfig *EncryptionConfig + FullID string + Type TableType + CreationTime time.Time + LastModifiedTime time.Time + NumBytes int64 + NumLongTermBytes int64 + NumRows uint64 + SnapshotDefinition *SnapshotDefinition + CloneDefinition *CloneDefinition + StreamingBuffer *StreamingBuffer + ETag string + DefaultCollation string + TableConstraints *TableConstraints + MaxStaleness *IntervalValue + ResourceTags map[string]string + BigLakeConfiguration *BigLakeConfiguration +} + +type TableMetadataOption func(interface{}) + +type TableMetadataToUpdate struct { + Description interface{} + Name interface{} + Schema Schema + Clustering *Clustering + EncryptionConfig *EncryptionConfig + ExpirationTime time.Time + ExternalDataConfig *ExternalDataConfig + ViewQuery interface{} + UseLegacySQL interface{} + MaterializedView *MaterializedViewDefinition + TimePartitioning *TimePartitioning + RequirePartitionFilter interface{} + DefaultCollation interface{} + TableConstraints *TableConstraints + MaxStaleness *IntervalValue + ResourceTags map[string]string + BigLakeConfiguration *BigLakeConfiguration +} + +func (_ *TableMetadataToUpdate) DeleteLabel(_ string) {} + +func (_ *TableMetadataToUpdate) SetLabel(_ string, _ string) {} + +type TableType string + +type TableUpdateOption func(interface{}) + +type TableWriteDisposition string + +type TimePartitioning struct { + Type TimePartitioningType + Expiration time.Duration + Field string + RequirePartitionFilter bool +} + +type TimePartitioningType string + +type TrainingRun struct { + ClassLevelGlobalExplanations []interface{} + DataSplitResult interface{} + EvaluationMetrics interface{} + ModelLevelGlobalExplanation interface{} + Results []interface{} + StartTime string + TrainingOptions interface{} + TrainingStartTime int64 + VertexAiModelId string + VertexAiModelVersion string + ForceSendFields []string + NullFields []string +} + +type TransactionInfo struct { + TransactionID string +} diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/vendor/modules.txt b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/vendor/modules.txt new file mode 100644 index 000000000000..1c7d4c630814 --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery/vendor/modules.txt @@ -0,0 +1,129 @@ +# cloud.google.com/go/bigquery v1.68.0 +## explicit +cloud.google.com/go/bigquery +# cloud.google.com/go v0.121.0 +## explicit +cloud.google.com/go/bigquery +# cloud.google.com/go/auth v0.16.1 +## explicit +cloud.google.com/go/auth +# cloud.google.com/go/auth/oauth2adapt v0.2.8 +## explicit +cloud.google.com/go/auth/oauth2adapt +# cloud.google.com/go/compute/metadata v0.6.0 +## explicit +cloud.google.com/go/compute/metadata +# cloud.google.com/go/iam v1.5.2 +## explicit +cloud.google.com/go/iam +# github.com/apache/arrow/go/v15 v15.0.2 +## explicit +github.com/apache/arrow/go/v15 +# github.com/felixge/httpsnoop v1.0.4 +## explicit +github.com/felixge/httpsnoop +# github.com/go-logr/logr v1.4.2 +## explicit +github.com/go-logr/logr +# github.com/go-logr/stdr v1.2.2 +## explicit +github.com/go-logr/stdr +# github.com/goccy/go-json v0.10.2 +## explicit +github.com/goccy/go-json +# github.com/google/flatbuffers v23.5.26+incompatible +## explicit +github.com/google/flatbuffers +# github.com/google/s2a-go v0.1.9 +## explicit +github.com/google/s2a-go +# github.com/google/uuid v1.6.0 +## explicit +github.com/google/uuid +# github.com/googleapis/enterprise-certificate-proxy v0.3.6 +## explicit +github.com/googleapis/enterprise-certificate-proxy +# github.com/googleapis/gax-go/v2 v2.14.1 +## explicit +github.com/googleapis/gax-go/v2 +# github.com/klauspost/compress v1.16.7 +## explicit +github.com/klauspost/compress +# github.com/klauspost/cpuid/v2 v2.2.5 +## explicit +github.com/klauspost/cpuid/v2 +# github.com/pierrec/lz4/v4 v4.1.18 +## explicit +github.com/pierrec/lz4/v4 +# github.com/zeebo/xxh3 v1.0.2 +## explicit +github.com/zeebo/xxh3 +# go.opentelemetry.io/auto/sdk v1.1.0 +## explicit +go.opentelemetry.io/auto/sdk +# go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 +## explicit +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc +# go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 +## explicit +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp +# go.opentelemetry.io/otel v1.35.0 +## explicit +go.opentelemetry.io/otel +# go.opentelemetry.io/otel/metric v1.35.0 +## explicit +go.opentelemetry.io/otel/metric +# go.opentelemetry.io/otel/trace v1.35.0 +## explicit +go.opentelemetry.io/otel/trace +# golang.org/x/crypto v0.37.0 +## explicit +golang.org/x/crypto +# golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 +## explicit +golang.org/x/exp +# golang.org/x/mod v0.23.0 +## explicit +golang.org/x/mod +# golang.org/x/net v0.39.0 +## explicit +golang.org/x/net +# golang.org/x/oauth2 v0.29.0 +## explicit +golang.org/x/oauth2 +# golang.org/x/sync v0.14.0 +## explicit +golang.org/x/sync +# golang.org/x/sys v0.32.0 +## explicit +golang.org/x/sys +# golang.org/x/text v0.24.0 +## explicit +golang.org/x/text +# golang.org/x/time v0.11.0 +## explicit +golang.org/x/time +# golang.org/x/tools v0.30.0 +## explicit +golang.org/x/tools +# golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da +## explicit +golang.org/x/xerrors +# google.golang.org/api v0.231.0 +## explicit +google.golang.org/api +# google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb +## explicit +google.golang.org/genproto +# google.golang.org/genproto/googleapis/api v0.0.0-20250428153025-10db94c68c34 +## explicit +google.golang.org/genproto/googleapis/api +# google.golang.org/genproto/googleapis/rpc v0.0.0-20250428153025-10db94c68c34 +## explicit +google.golang.org/genproto/googleapis/rpc +# google.golang.org/grpc v1.72.0 +## explicit +google.golang.org/grpc +# google.golang.org/protobuf v1.36.6 +## explicit +google.golang.org/protobuf