diff --git a/.github/workflows/query-list.yml b/.github/workflows/query-list.yml
index a383e381d90..8c736379f8a 100644
--- a/.github/workflows/query-list.yml
+++ b/.github/workflows/query-list.yml
@@ -31,7 +31,7 @@ jobs:
with:
python-version: 3.8
- name: Download CodeQL CLI
- # Look under the `codeql` directory, as this is where we checked out the `github/codeql` repo
+ # Look under the `codeql` directory, as this is where we checked out the `github/codeql` repo
uses: ./codeql/.github/actions/fetch-codeql
- name: Build code scanning query list
run: |
diff --git a/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md b/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md
index de3307550ad..6060354b134 100644
--- a/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md
+++ b/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md
@@ -32,7 +32,7 @@ jobs:
- uses: actions/setup-node@v1
- run: |
- npm install # scripts in package.json from PR would be executed here
+ npm install # scripts in package.json from PR would be executed here
npm build
- uses: completely/fakeaction@v2
diff --git a/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md b/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md
index de3307550ad..6060354b134 100644
--- a/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md
+++ b/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md
@@ -32,7 +32,7 @@ jobs:
- uses: actions/setup-node@v1
- run: |
- npm install # scripts in package.json from PR would be executed here
+ npm install # scripts in package.json from PR would be executed here
npm build
- uses: completely/fakeaction@v2
diff --git a/actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md b/actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md
index de3307550ad..6060354b134 100644
--- a/actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md
+++ b/actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md
@@ -32,7 +32,7 @@ jobs:
- uses: actions/setup-node@v1
- run: |
- npm install # scripts in package.json from PR would be executed here
+ npm install # scripts in package.json from PR would be executed here
npm build
- uses: completely/fakeaction@v2
diff --git a/docs/codeql/ql-language-reference/expressions.rst b/docs/codeql/ql-language-reference/expressions.rst
index 5c73681f7aa..327cabb6181 100644
--- a/docs/codeql/ql-language-reference/expressions.rst
+++ b/docs/codeql/ql-language-reference/expressions.rst
@@ -625,7 +625,7 @@ Then the evaluation of the ``depth`` predicate proceeds as follows:
+-----------+--------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| **Stage** | **depth** | **Comments** |
+===========+============================================+==========================================================================================================================================================================+
-| 0 | | We always begin with the empty set. |
+| 0 | | We always begin with the empty set. |
+-----------+--------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| 1 | ``(0, b), (0, d), (0, e)`` | The nodes with no children have depth 0. The recursive step for **a** and **c** fails to produce a value, since some of their children do not have values for ``depth``. |
+-----------+--------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
diff --git a/go/old-change-notes/2020-10-01-gomod-extraction.md b/go/old-change-notes/2020-10-01-gomod-extraction.md
index ca0c0c72d50..a975a15973a 100644
--- a/go/old-change-notes/2020-10-01-gomod-extraction.md
+++ b/go/old-change-notes/2020-10-01-gomod-extraction.md
@@ -1,2 +1,2 @@
lgtm,codescanning
-* The extractor now only extracts go.mod files belonging to extracted packages. In particular, vendored go.mod files will no longer be extracted unless the vendored package is explicitly passed to the extractor. This will remove unexpected `GoModExpr` and similar expressions seen by queries.
+* The extractor now only extracts go.mod files belonging to extracted packages. In particular, vendored go.mod files will no longer be extracted unless the vendored package is explicitly passed to the extractor. This will remove unexpected `GoModExpr` and similar expressions seen by queries.
diff --git a/go/ql/lib/semmle/go/Architectures.qll b/go/ql/lib/semmle/go/Architectures.qll
index e509de4bc68..bb4face2407 100644
--- a/go/ql/lib/semmle/go/Architectures.qll
+++ b/go/ql/lib/semmle/go/Architectures.qll
@@ -28,7 +28,7 @@ class Architecture extends string {
}
/**
- * Gets the integer and pointer type width for this architecture.
+ * Gets the integer and pointer type width for this architecture.
*
* As of the time of writing, this appears to always be identical -- there aren't
* Go architectures with 64-bit pointers but 32-bit ints, for example.
diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll
index a770f047d65..20a147a6454 100644
--- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll
+++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll
@@ -994,7 +994,7 @@ module Public {
class ComponentReadNode extends ReadNode {
override IR::ComponentReadInstruction insn;
- /** Gets the data-flow node representing the base from which the field or element is read. */
+ /** Gets the data-flow node representing the base from which the field or element is read. */
Node getBase() { result = DataFlow::instructionNode(insn.getBase()) }
}
diff --git a/go/ql/lib/semmle/go/frameworks/Beego.qll b/go/ql/lib/semmle/go/frameworks/Beego.qll
index a9e296a1f97..952958cebf0 100644
--- a/go/ql/lib/semmle/go/frameworks/Beego.qll
+++ b/go/ql/lib/semmle/go/frameworks/Beego.qll
@@ -109,7 +109,7 @@ module Beego {
override string getAContentType() {
// Super-method provides content-types for `Body`, which requires us to search
- // for `ContentType` and `Header` calls against the same `BeegoOutput` instance
+ // for `ContentType` and `Header` calls against the same `BeegoOutput` instance
result = super.getAContentType()
or
// Specifically describe methods that set the content-type and body in one operation:
diff --git a/go/ql/src/InconsistentCode/MissingErrorCheck.qhelp b/go/ql/src/InconsistentCode/MissingErrorCheck.qhelp
index d542a728cfe..0d5610e1391 100644
--- a/go/ql/src/InconsistentCode/MissingErrorCheck.qhelp
+++ b/go/ql/src/InconsistentCode/MissingErrorCheck.qhelp
@@ -22,7 +22,7 @@ the returned pointer.
-The corrected version of user checks err before using ptr.
+The corrected version of user checks err before using ptr.
diff --git a/go/ql/src/InconsistentCode/MissingErrorCheck.ql b/go/ql/src/InconsistentCode/MissingErrorCheck.ql
index 8e277c6ae74..6a68904427d 100644
--- a/go/ql/src/InconsistentCode/MissingErrorCheck.ql
+++ b/go/ql/src/InconsistentCode/MissingErrorCheck.ql
@@ -22,7 +22,7 @@ predicate isNil(DataFlow::Node node) { node = Builtin::nil().getARead() }
/**
* Matches if `call` may return a nil pointer alongside an error value.
*
- * This is both an over- and under-estimate: over in that we assume opaque functions may use this
+ * This is both an over- and under-estimate: over in that we assume opaque functions may use this
* convention, and under in that functions with bodies are only recognized if they use a literal
* `nil` for the pointer return value at some return site.
*/
diff --git a/go/ql/src/Security/CWE-327/InsecureTLS.ql b/go/ql/src/Security/CWE-327/InsecureTLS.ql
index a4a9ab1f549..dba6f2d54ca 100644
--- a/go/ql/src/Security/CWE-327/InsecureTLS.ql
+++ b/go/ql/src/Security/CWE-327/InsecureTLS.ql
@@ -211,7 +211,7 @@ module TlsInsecureCipherSuitesFlow = TaintTracking::Global {
- const { target } = req.body;
+ const { target } = req.body;
try {
// BAD: `target` is controlled by the attacker
diff --git a/javascript/ql/src/experimental/Security/CWE-918/SSRFGood.js b/javascript/ql/src/experimental/Security/CWE-918/SSRFGood.js
index 10ab26e607b..e91c1131338 100644
--- a/javascript/ql/src/experimental/Security/CWE-918/SSRFGood.js
+++ b/javascript/ql/src/experimental/Security/CWE-918/SSRFGood.js
@@ -2,7 +2,7 @@ const axios = require('axios');
const validator = require('validator');
export const handler = async (req, res, next) => {
- const { target } = req.body;
+ const { target } = req.body;
if (!validator.isAlphanumeric(target)) {
return next(new Error('Bad request'));
diff --git a/javascript/ql/test/library-tests/TypeScript/RegressionTests/EmptyName/test.ts b/javascript/ql/test/library-tests/TypeScript/RegressionTests/EmptyName/test.ts
index 3082f40600f..8e25b67918a 100644
--- a/javascript/ql/test/library-tests/TypeScript/RegressionTests/EmptyName/test.ts
+++ b/javascript/ql/test/library-tests/TypeScript/RegressionTests/EmptyName/test.ts
@@ -1,9 +1,9 @@
type Mapped = {
- [mk in MK]: string
+ [mk in MK]: string
};
export function fn(ev: Mapped) {
- const props: Mapped = {
- ...ev
- };
+ const props: Mapped = {
+ ...ev
+ };
}
diff --git a/javascript/ql/test/library-tests/TypeScript/RegressionTests/SemicolonInName/test.ts b/javascript/ql/test/library-tests/TypeScript/RegressionTests/SemicolonInName/test.ts
index 1726e5abafb..a3ed2046836 100644
--- a/javascript/ql/test/library-tests/TypeScript/RegressionTests/SemicolonInName/test.ts
+++ b/javascript/ql/test/library-tests/TypeScript/RegressionTests/SemicolonInName/test.ts
@@ -1,9 +1,9 @@
type Mapped = {
- [mk in MK]: string
+ [mk in MK]: string
};
export function fn(ev: Mapped) {
- const props: Mapped = {
- ...ev
- };
+ const props: Mapped = {
+ ...ev
+ };
}
diff --git a/misc/scripts/shared-code-metrics.py b/misc/scripts/shared-code-metrics.py
index 94679693186..62a14be6749 100755
--- a/misc/scripts/shared-code-metrics.py
+++ b/misc/scripts/shared-code-metrics.py
@@ -159,7 +159,7 @@ class Package(SharedAsset):
def containsDirectory(self, dir):
return self.path.parent.parts == dir.parts[:len(self.path.parent.parts)]
- # dir.startsWith(self.path.parent)
+ # dir.startsWith(self.path.parent)
# Constructs a list of transitive depedencies of this package.
def calculateDependencies(self, packageNameMap):
diff --git a/python/extractor/tsg-python/python.tsg b/python/extractor/tsg-python/python.tsg
index 7ad0f3f1424..00e231ee6d5 100644
--- a/python/extractor/tsg-python/python.tsg
+++ b/python/extractor/tsg-python/python.tsg
@@ -174,7 +174,7 @@
{ let @unaryop.node = (ast-node @unaryop "UnaryOp") }
(exec_statement) @exec
-{ let @exec.node = (ast-node @exec "Exec") }
+{ let @exec.node = (ast-node @exec "Exec") }
(print_statement) @print
{ let @print.node = (ast-node @print "Print") }
@@ -3040,7 +3040,7 @@
if some @is_kwarg {
attr (@lambda.function -> @name.node) kwonlyargs = (named-child-index @param)
}
- else {
+ else {
attr (@lambda.function -> @name.node) args = (named-child-index @param)
}
@@ -3153,7 +3153,7 @@
if some @is_kwarg {
attr (@funcdef.function -> @name.node) kwonlyargs = (named-child-index @param)
}
- else {
+ else {
attr (@funcdef.function -> @name.node) args = (named-child-index @param)
}
@@ -3284,7 +3284,7 @@
attr (@last.node) func = @exp.node
edge @last.node -> @funcdef.funcexpr
attr (@last.node -> @funcdef.funcexpr) positional_args = 0
- attr (@last.node) _location_end = (location-end @exp)
+ attr (@last.node) _location_end = (location-end @exp)
}
(decorated_definition
@@ -3296,7 +3296,7 @@
attr (@last.node) func = @exp.node
edge @last.node -> @class.class_expr
attr (@last.node -> @class.class_expr) positional_args = 0
- attr (@last.node) _location_end = (location-end @exp)
+ attr (@last.node) _location_end = (location-end @exp)
}
;;; Type parameters
diff --git a/python/ql/test/library-tests/dataflow/global-flow/known.py b/python/ql/test/library-tests/dataflow/global-flow/known.py
index ab60b991452..f9bdbd7af54 100644
--- a/python/ql/test/library-tests/dataflow/global-flow/known.py
+++ b/python/ql/test/library-tests/dataflow/global-flow/known.py
@@ -1 +1 @@
-known_attr = [1000] #$ writes=known_attr
+known_attr = [1000] #$ writes=known_attr
diff --git a/python/ql/test/library-tests/dataflow/typetracking/attribute_tests.py b/python/ql/test/library-tests/dataflow/typetracking/attribute_tests.py
index 2cc6346527f..8df3ef51f88 100644
--- a/python/ql/test/library-tests/dataflow/typetracking/attribute_tests.py
+++ b/python/ql/test/library-tests/dataflow/typetracking/attribute_tests.py
@@ -35,7 +35,7 @@ def set_foo(some_class_instance): # $ tracked=foo
some_class_instance.foo = tracked # $ tracked=foo tracked
def test_set_x():
- x = SomeClass() # $ MISSING: tracked=foo
+ x = SomeClass() # $ MISSING: tracked=foo
set_foo(x) # $ MISSING: tracked=foo
print(x.foo) # $ MISSING: tracked=foo tracked
@@ -51,7 +51,7 @@ def test_create_with_foo():
def test_global_attribute_assignment():
global global_var
- global_var.foo = tracked # $ tracked tracked=foo
+ global_var.foo = tracked # $ tracked tracked=foo
def test_global_attribute_read():
x = global_var.foo # $ tracked tracked=foo
@@ -61,7 +61,7 @@ def test_local_attribute_assignment():
# In this case, we don't want flow going to the `ModuleVariableNode` for `local_var`
# (which is referenced in `test_local_attribute_read`).
local_var = object() # $ tracked=foo
- local_var.foo = tracked # $ tracked tracked=foo
+ local_var.foo = tracked # $ tracked tracked=foo
def test_local_attribute_read():
x = local_var.foo
@@ -129,7 +129,7 @@ def dunder_dict_indirect_write():
x = SomeClass() # $ MISSING: tracked=foo
x.__dict__[attr] = tracked # $tracked MISSING: tracked=foo
y = x.foo # $ MISSING: tracked tracked=foo
- do_stuff(y) # $ MISSING: tracked
+ do_stuff(y) # $ MISSING: tracked
def dunder_dict_indirect_read():
attr = "foo"
@@ -153,7 +153,7 @@ class MyClass2(object):
def print_foo(self): # $ MISSING: tracked=foo
print(self.foo) # $ MISSING: tracked=foo tracked
- def possibly_uncalled_method(self): # $ MISSING: tracked=foo
+ def possibly_uncalled_method(self): # $ MISSING: tracked=foo
print(self.foo) # $ MISSING: tracked=foo tracked
instance = MyClass2()
@@ -170,7 +170,7 @@ class MyClass3(object):
def print_foo(self): # $ tracked=foo
print(self.foo) # $ tracked=foo tracked
- def possibly_uncalled_method(self): # $ MISSING: tracked=foo
+ def possibly_uncalled_method(self): # $ MISSING: tracked=foo
print(self.foo) # $ MISSING: tracked=foo tracked
instance = MyClass3() # $ tracked=foo
diff --git a/ruby/ql/src/experimental/insecure-randomness/examples/InsecureRandomnessBad.rb b/ruby/ql/src/experimental/insecure-randomness/examples/InsecureRandomnessBad.rb
index d4a94a8b18b..044d257096a 100644
--- a/ruby/ql/src/experimental/insecure-randomness/examples/InsecureRandomnessBad.rb
+++ b/ruby/ql/src/experimental/insecure-randomness/examples/InsecureRandomnessBad.rb
@@ -1,6 +1,6 @@
def generate_password()
chars = ('a'..'z').to_a + ('A'..'Z').to_a + ('0'..'9').to_a + ['!', '@', '#', '$', '%']
- # BAD: rand is not cryptographically secure
+ # BAD: rand is not cryptographically secure
password = (1..10).collect { chars[rand(chars.size)] }.join
end
diff --git a/ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.rb b/ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.rb
index 516b282ece5..116957137b5 100644
--- a/ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.rb
+++ b/ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.rb
@@ -2,7 +2,7 @@ require 'securerandom'
def generate_password_1(length)
chars = ('a'..'z').to_a + ('A'..'Z').to_a + ('0'..'9').to_a + ['!', '@', '#', '$', '%']
- # BAD: rand is not cryptographically secure
+ # BAD: rand is not cryptographically secure
password = (1..length).collect { chars[rand(chars.size)] }.join
end
diff --git a/ruby/ql/test/query-tests/security/cwe-915/test.rb b/ruby/ql/test/query-tests/security/cwe-915/test.rb
index a60def5d201..c72ad536ef7 100644
--- a/ruby/ql/test/query-tests/security/cwe-915/test.rb
+++ b/ruby/ql/test/query-tests/security/cwe-915/test.rb
@@ -46,7 +46,7 @@ class UserController < ActionController::Base
def create4
x = params[:user]
x.permit!
- User.new(x) # BAD
+ User.new(x) # BAD
User.new(x.permit(:name,:address)) # GOOD
User.new(params.permit(user: {})) # BAD
User.new(params.permit(user: [:name, :address, {friends:{}}])) # BAD