Skip to content

Codeql improvements#919

Merged
ekharkunov merged 10 commits intodevfrom
codeql-improvements
Apr 15, 2026
Merged

Codeql improvements#919
ekharkunov merged 10 commits intodevfrom
codeql-improvements

Conversation

@ekharkunov
Copy link
Copy Markdown
Contributor

@ekharkunov ekharkunov commented Apr 15, 2026

  • Fixed possible resource leaks
  • Added more validations for include flags
  • Added more validation for debugSourcePath
  • Handle redirects in DefoldSdkService when switch https->http happened
  • Verification of defolsdk failed now if defoldsdk checksum is not available

@ekharkunov ekharkunov requested a review from britzl April 15, 2026 07:49
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 15, 2026

Summary - Extender code coverage report

Summary
Generated on: 04/15/2026 - 07:51:32
Coverage date: 04/15/2026 - 07:50:55
Parser: JaCoCo
Assemblies: 13
Classes: 83
Files: 83
Line coverage: 33.9% (1910 of 5618)
Covered lines: 1910
Uncovered lines: 3708
Coverable lines: 5618
Total lines: 11536
Branch coverage: 37.6% (807 of 2146)
Covered branches: 807
Total branches: 2146
Method coverage: Feature is only available for sponsors
Tag: 185_24442823605

Coverage

com/defold/extender - 28.2%
Name Line Branch
com/defold/extender 28.2% 33.2%
com/defold/extender/AppManifestConfiguration 100%
com/defold/extender/AppManifestPlatformConfig 100%
com/defold/extender/AsyncBuilder 0% 0%
com/defold/extender/BuilderConstants 0%
com/defold/extender/Configuration 100%
com/defold/extender/Extender 11.4% 10.3%
com/defold/extender/ExtenderApplication 0%
com/defold/extender/ExtenderBuildState 63.1% 57.1%
com/defold/extender/ExtenderConst 0%
com/defold/extender/ExtenderController 17.7% 21.9%
com/defold/extender/ExtenderException 42.8%
com/defold/extender/ExtenderUtil 66.6% 57.6%
com/defold/extender/ExtenderYamlSafeConstructor 100%
com/defold/extender/ExtensionManifestValidator 94.3% 84.6%
com/defold/extender/ManifestConfiguration 100%
com/defold/extender/ManifestPlatformConfig 100%
com/defold/extender/PlatformConfig 100%
com/defold/extender/PlatformNotSupportedException 0%
com/defold/extender/SandboxedPath 70.9% 69%
com/defold/extender/TemplateExecutor 33.3% 50%
com/defold/extender/Timer 0%
com/defold/extender/TreePrinter 0% 0%
com/defold/extender/Version 0%
com/defold/extender/VersionNotSupportedException 0%
com/defold/extender/WebSecurityConfig 0% 0%
com/defold/extender/WhitelistConfig 100%
com/defold/extender/ZipUtils 65.8% 56.2%
com/defold/extender/builders - 0%
Name Line Branch
com/defold/extender/builders 0% 0%
com/defold/extender/builders/CSharpBuilder 0% 0%
com/defold/extender/cache - 32.4%
Name Line Branch
com/defold/extender/cache 32.4% 16.6%
com/defold/extender/cache/CacheEntry 64.7% 75%
com/defold/extender/cache/CacheKeyGenerator 81.8% 100%
com/defold/extender/cache/DataCache
com/defold/extender/cache/DataCacheException 0%
com/defold/extender/cache/DataCacheFactory 5% 0%
com/defold/extender/cache/DummyDataCache 80%
com/defold/extender/cache/GCPDataCache 0% 0%
com/defold/extender/cache/LocalDiskDataCache 64.7% 16.6%
com/defold/extender/cache/info - 100%
Name Line Branch
com/defold/extender/cache/info 100% ****
com/defold/extender/cache/info/CacheInfoFileParser 100%
com/defold/extender/cache/info/CacheInfoFileWriter 100%
com/defold/extender/cache/info/CacheInfoWrapper 100%
com/defold/extender/log - 0%
Name Line Branch
com/defold/extender/log 0% 0%
com/defold/extender/log/ExtenderLogEnhancer 0% 0%
com/defold/extender/log/ExtenderLogEnhancerConfiguration 0% 0%
com/defold/extender/log/Markers 0%
com/defold/extender/metrics - 7.4%
Name Line Branch
com/defold/extender/metrics 7.4% ****
com/defold/extender/metrics/MetricsWriter 7.4%
com/defold/extender/process - 10.4%
Name Line Branch
com/defold/extender/process 10.4% 7.1%
com/defold/extender/process/ProcessExecutor 12.3% 8.8%
com/defold/extender/process/ProcessUtils 0% 0%
com/defold/extender/remote - 4.9%
Name Line Branch
com/defold/extender/remote 4.9% 0%
com/defold/extender/remote/RemoteBuildException 0%
com/defold/extender/remote/RemoteEngineBuilder 0% 0%
com/defold/extender/remote/RemoteHostConfiguration 0%
com/defold/extender/remote/RemoteInstanceConfig 87.5%
com/defold/extender/services - 43.8%
Name Line Branch
com/defold/extender/services 43.8% 40.8%
com/defold/extender/services/DataCacheService 79.8% 61.9%
com/defold/extender/services/DefoldSdkService 76.4% 63.8%
com/defold/extender/services/DefoldSdkServiceConfiguration
com/defold/extender/services/GCPInstanceService 0% 0%
com/defold/extender/services/GradleService 0%
com/defold/extender/services/GradleServiceInterface
com/defold/extender/services/HealthReporterService 80% 55.2%
com/defold/extender/services/MockGradleService 0%
com/defold/extender/services/RealGradleService 0% 0%
com/defold/extender/services/UserUpdateService 0% 0%
com/defold/extender/services/cocoapods - 51.8%
Name Line Branch
com/defold/extender/services/cocoapods 51.8% 55.2%
com/defold/extender/services/cocoapods/CocoaPodsService 2.1% 1.8%
com/defold/extender/services/cocoapods/CocoaPodsServiceBuildState 16.6% 0%
com/defold/extender/services/cocoapods/CreateBuildSpecArgs 60.7%
com/defold/extender/services/cocoapods/IConfigParser
com/defold/extender/services/cocoapods/LanguageSet 66.6% 50%
com/defold/extender/services/cocoapods/MainPodfile 20%
com/defold/extender/services/cocoapods/PlatformAndLanguageSet 0% 0%
com/defold/extender/services/cocoapods/PlatformSet 0% 0%
com/defold/extender/services/cocoapods/PlistBuddyWrapper 0% 0%
com/defold/extender/services/cocoapods/PodBuildSpec 81.8% 65.9%
com/defold/extender/services/cocoapods/PodfileParser 93.9% 82%
com/defold/extender/services/cocoapods/PodfileParsingException 100%
com/defold/extender/services/cocoapods/PodSpec 60.4% 40%
com/defold/extender/services/cocoapods/PodSpecParser 89.5% 79.1%
com/defold/extender/services/cocoapods/PodUtils 63% 51.4%
com/defold/extender/services/cocoapods/ResolvedPods 52.7% 45.6%
com/defold/extender/services/cocoapods/XCConfigParser 94.6% 88.4%
com/defold/extender/services/data - 80.7%
Name Line Branch
com/defold/extender/services/data 80.7% 75%
com/defold/extender/services/data/DefoldSdk 87.5% 75%
com/defold/extender/services/data/GCPInstanceState 0%
com/defold/extender/tracing - 18.7%
Name Line Branch
com/defold/extender/tracing 18.7% 12.5%
com/defold/extender/tracing/ExtenderExecutor 0% 0%
com/defold/extender/tracing/ExtenderTracerInterceptor 85.7% 50%
com/defold/extender/tracing/TraceIdInResponseServletFilter 0% 0%
com/defold/extender/utils - 0%
Name Line Branch
com/defold/extender/utils 0% 0%
com/defold/extender/utils/FrameworkUtil 0% 0%
com/defold/extender/utils/PodBuildUtil 0% 0%

github-advanced-security[bot]
github-advanced-security AI found potential problems Apr 15, 2026
View reviewed changes
Comment thread server/src/main/java/com/defold/extender/Extender.java
}

LOGGER.info("Using context for platform: {}", buildState.fullPlatform);
LOGGER.info("Using context for platform: {}", builder.platform);
Comment thread server/src/main/java/com/defold/extender/services/DefoldSdkService.java Fixed
Comment thread server/src/main/java/com/defold/extender/services/DefoldSdkService.java Fixed
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Apr 15, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a95d576746

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread server/src/main/java/com/defold/extender/services/DefoldSdkService.java Outdated
}
return response;
} while(counter < maxRedirects);
throw new NullPointerException(String.format("Mac redirect count reached for request {}", url.toString()));
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Throw IOException when redirect limit is exceeded

doRequestWithRedirects throws a NullPointerException when redirect handling fails, but its callers in SDK/mappings download paths only handle IOException. In a redirect loop or over-limit redirect chain, this runtime exception bypasses the existing retry/fallback branches and aborts the whole fetch instead of being handled like other transport failures. Returning an IOException here keeps failure behavior consistent with the surrounding error-handling logic.

Useful? React with 👍 / 👎.

Comment thread server/src/main/java/com/defold/extender/services/DefoldSdkService.java Outdated
continue;
}
return response;
} while(counter < maxRedirects);
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Enforce maxRedirectCount without off-by-one

The loop increments counter before making the request and then checks while (counter < maxRedirects), which means a configured limit of N only allows N-1 redirects (for example, maxRedirectCount=1 allows none). This can fail valid redirect chains exactly at the configured limit and makes the maxRedirectCount setting behave unexpectedly.

Useful? React with 👍 / 👎.

@ekharkunov ekharkunov merged commit 0f501ad into dev Apr 15, 2026
3 of 5 checks passed
@ekharkunov ekharkunov deleted the codeql-improvements branch April 15, 2026 08:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

@britzl britzl britzl approved these changes

+1 more reviewer

@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ekharkunov @britzl @github-advanced-security