Python: fix some of the TODOs

github · Jan 23, 2025 · 6d41b4a · 6d41b4a
1 parent d92acec
commit 6d41b4a
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 13 deletions.
diff --git a/python/ql/lib/semmle/python/security/dataflow/WeakSensitiveDataHashingQuery.qll b/python/ql/lib/semmle/python/security/dataflow/WeakSensitiveDataHashingQuery.qll
@@ -34,11 +34,7 @@ module NormalHashFunction {
       sensitiveDataExtraStepForCalls(node1, node2)
     }
 
-    predicate observeDiffInformedIncrementalMode() {
-      // TODO(diff-informed): Manually verify if config can be diff-informed.
-      // ql/lib/semmle/python/security/dataflow/WeakSensitiveDataHashingQuery.qll:88: Flow call outside 'select' clause
-      none()
-    }
+    predicate observeDiffInformedIncrementalMode() { any() }
   }
 
   /** Global taint-tracking for detecting "use of a broken or weak cryptographic hashing algorithm on sensitive data" vulnerabilities. */
@@ -70,11 +66,7 @@ module ComputationallyExpensiveHashFunction {
       sensitiveDataExtraStepForCalls(node1, node2)
     }
 
-    predicate observeDiffInformedIncrementalMode() {
-      // TODO(diff-informed): Manually verify if config can be diff-informed.
-      // ql/lib/semmle/python/security/dataflow/WeakSensitiveDataHashingQuery.qll:95: Flow call outside 'select' clause
-      none()
-    }
+    predicate observeDiffInformedIncrementalMode() { any() }
   }
 
   /** Global taint-tracking for detecting "use of a broken or weak cryptographic hashing algorithm on passwords" vulnerabilities. */

diff --git a/python/ql/src/experimental/semmle/python/libraries/SmtpLib.qll b/python/ql/src/experimental/semmle/python/libraries/SmtpLib.qll
@@ -40,9 +40,7 @@ module SmtpLib {
     }
 
     predicate observeDiffInformedIncrementalMode() {
-      // TODO(diff-informed): Manually verify if config can be diff-informed.
-      // ql/src/experimental/semmle/python/libraries/SmtpLib.qll:91: Flow call outside 'select' clause
-      none()
+      none() // Used in library model
     }
   }