EAS-2497 : Collect possible GraphQL queries during lowering

atlassian-labs · Nov 26, 2024 · c92e902 · c92e902
2 parents 5dd1729 + 73c1c4b
commit c92e902
Show file tree

Hide file tree

Showing 23 changed files with 1,412 additions and 10,833 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -10,7 +10,7 @@ license = "MIT OR Apache-2.0"
 
 [workspace.dependencies]
 clap = { version = "4.5.4", features = ["derive", "wrap_help"] }
-itertools = "0.12.1"
+itertools = "0.13.0"
 num-bigint = { version = "0.4.4" }
 serde = { version = "1.0.197", features = ["derive"] }
 serde_json = "1.0.115"
@@ -20,9 +20,9 @@ graphql-parser = "0.4.0"
 pretty_assertions = "1.4.0"
 indexmap = { version = "2.2.6", features = ["std"] }
 regex = "1.10.4"
-rustc-hash = "1.1.0"
+rustc-hash = "2.0.0"
 smallvec = { version = "1.13.2", features = ["union", "const_new"] }
-swc_core = { version = "0.90.26", features = [
+swc_core = { version = "0.95.3", features = [
     "common",
     "common_sourcemap",
     "ecma_visit_path",
@@ -55,7 +55,6 @@ forge_permission_resolver = { path = "crates/forge_permission_resolver" }
 rust_2018_idioms = { level = "warn", priority = -1 }
 meta_variable_misuse = "warn"
 missing_abi = "warn"
-unsafe_op_in_unsafe_fn = "deny"
 
 [workspace.lints.clippy]
 too_many_arguments = "allow"

diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM rust:1.74.0 as build-env
+FROM rust:1.82.0 as build-env
 WORKDIR /app
 COPY . /app
 RUN cargo build --release

diff --git a/README.md b/README.md
@@ -4,7 +4,7 @@
 
 A static analysis tool for finding common [Forge][1] vulnerabilities.
 
-[1]: <https://developer.atlassian.com/platform/forge> "Forge platform"
+[1]: https://developer.atlassian.com/platform/forge "Forge platform"
 
 ## Usage
 
@@ -16,8 +16,8 @@ Arguments:
 
   Options:
     -d, --debug
-    --callgraph            Dump a graphviz formatted callgraph
-    --cfg                  Dump a graphviz formatted control flow graph of the function specified in `--function`
+        --dump-ir <DUMP_IR> Dump the IR for the specified function.
+    -dt, --dump-dt <DUMP_DOM_TREE> Dump the Dominator Tree for the specified app
     -f, --function <FUNCTION>  A specific function to scan. Must be an entrypoint specified in `manifest.yml`
     -h, --help                 Print help information
     -V, --version              Print version information
@@ -31,9 +31,9 @@ latest stable release, and adding the toolchain
 
 [^1]: Cargo is technically not required if you want to download every dependency, invoke `rustc`, and link everything manually. However, I wouldn't recommend doing this unless you're extremely bored.
 
-[Rust]: <https://www.rust-lang.org/>
-[Rustup]: <https://github.com/rust-lang/rustup> "Rustup"
-[Cargo]: <https://github.com/rust-lang/cargo>
+[Rust]: https://www.rust-lang.org/
+[Rustup]: https://github.com/rust-lang/rustup "Rustup"
+[Cargo]: https://github.com/rust-lang/cargo
 
 Installing from source:
 
@@ -70,7 +70,7 @@ Contributions to FSRT are welcome! Please see [CONTRIBUTING.md](CONTRIBUTING.md)
 
 ## License
 
-Copyright (c) 2022  Atlassian and others.
+Copyright (c) 2022 Atlassian and others.
 
 FSRT is dual licensed under the MIT and Apache 2.0 licenses.