hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 20:56:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,673 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Simon Friis Vindum
fb718660d9 Rust: Generate more sinks and update query description 2025-03-13 17:35:32 +01:00
Mathias Vorreiter Pedersen
6f4e9ed136 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 16:00:36 +00:00
Mathias Vorreiter Pedersen
0e5fa1b5eb Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 16:00:23 +00:00
Mathias Vorreiter Pedersen
470321e8b6 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 16:00:15 +00:00
Mathias Vorreiter Pedersen
9cde2bb94d Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 15:59:57 +00:00
Mathias Vorreiter Pedersen
68b414d169 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 15:59:48 +00:00
Napalys Klicius
28d1152250 Merge pull request #19009 from Napalys/js/unescape 
JS: Add support for `unescape`
 2025-03-13 16:59:01 +01:00
Paolo Tranquilli
8cc39af190 Rust: fix qltest.sh for some versions of macOS 
Turns out some version of macOS do not support the way `mktemp` was
being used. In any case it wasn't really necessary, see
https://github.com/github/codeql/pull/18918#discussion_r1979444850
(which I forgot to follow up on at the time after approval).
 2025-03-13 16:54:27 +01:00
Taus
3d643c02be Merge pull request #18921 from github/tausbn/python-fix-unused-global-variable-in-forward-annotation-fp 
Python: Add support for forward references in unused var query
 2025-03-13 16:37:25 +01:00
Owen Mansel-Chan
6ca9a1ff9a Add change note 2025-03-13 15:05:32 +00:00
Owen Mansel-Chan
a8e993c942 Fix FP for always-locked fields 2025-03-13 15:03:32 +00:00
Owen Mansel-Chan
dc2cbf7402 Add tests for always-locked fields 2025-03-13 15:02:26 +00:00
Tom Hvitved
255f06b65a Rust: Update expected test output 2025-03-13 15:51:33 +01:00
Michael Nebel
e2699586db C#: Add cs/useless-gethashcode-call to the CCR suite. 2025-03-13 15:42:28 +01:00
Mathias Vorreiter Pedersen
0fe77154e1 C++: Add library change note. 2025-03-13 14:29:34 +00:00
Tom Hvitved
3bb89ea863 Rust: Move type inference/path resolution out of elements folder 2025-03-13 15:05:00 +01:00
Tom Hvitved
af91152f5c Address review comments 2025-03-13 15:04:59 +01:00
Simon Friis Vindum
1ae28c7907 Merge branch 'main' into rust-cleartext-transmission 2025-03-13 15:01:11 +01:00
Paolo Tranquilli
179021ea69 Upgrade rules_rust to 0.58.0 2025-03-13 14:47:34 +01:00
Michael Nebel
4681f28f92 Merge pull request #19005 from michaelnebel/csharp/local-not-disposed 
C#: Revisit `cs/local-not-disposed` tests.
 2025-03-13 14:04:48 +01:00
Owen Mansel-Chan
aed51644ba Convert to inline expectations test 2025-03-13 12:55:02 +00:00
Napalys
0df2069575 Added change note. 2025-03-13 13:47:46 +01:00
Napalys
de5c7efd63 Added test case for unescape. 2025-03-13 13:47:42 +01:00
Michael Nebel
dff66c7b28 C#: Add change-note. 2025-03-13 13:42:58 +01:00
Michael Nebel
36a524929f C#: Update tests and test expected output. 2025-03-13 13:38:13 +01:00
Tom Hvitved
78280af570 Rust: Use 'infer' instead of 'resolve' in type inference library 2025-03-13 13:34:43 +01:00
Michael Nebel
4b02198652 C#: Only consider calling GetHashCode on byte, sbyte, short, ushort and int as useless. 2025-03-13 13:32:22 +01:00
Michael Nebel
a6ec8b6a25 C#: Convert tests cs/useless-gethashcode-call to inline tests. 2025-03-13 13:31:20 +01:00
Tom Hvitved
2394f2fab8 Rust: Fix bug in path resolution library 2025-03-13 13:23:18 +01:00
Tom Hvitved
795ba25895 Rust: Add more consistency checks 2025-03-13 13:23:16 +01:00
Tom Hvitved
fcdffc4e73 Rust: Use type inference in path resolution test 2025-03-13 13:23:14 +01:00
Tom Hvitved
e8505ad33d Rust: Use type inference to resolve method calls and field accesses 2025-03-13 13:23:13 +01:00
Tom Hvitved
62d4e6fe3f Rust: Implement basic type inference in QL 2025-03-13 13:23:11 +01:00
Tom Hvitved
3a58611271 Shared: Add shared type inference library 2025-03-13 13:23:09 +01:00
Taus
f3353dc3fb Python: Ignore special methods with placeholder bodies 
Instances of this include
- Bodies that contain just a docstring (common in Zope interfaces)
- Bodies that do nothing but raise an exception.
 2025-03-13 12:18:43 +00:00
Taus
862b89207d Python: Disable "usused default" logic 
Adds a new boolean parameter `is_unused_default` that indicates whether
the given result is one where a parameter to a special method has a
default value (which will never be used when invoked in the normal way).
These results are somewhat less useful (because the special method
_might_ be invoked directly, in which case the default value would still
be relevant), but it seemed like a shame to simply remove the code, so
instead I opted to disable it in this way.
 2025-03-13 12:18:43 +00:00
Taus
24b2eb24c1 Python: Refactor special method query 
Moves a bunch of `owner.declaredAttribute(name) = f` instances to the
top level, in the process greatly cleaning up the code. The behaviour
should be the unchanged.

Having done this, there's only one place where we depend on points-to,
and that's in the remaining `declaredAttribute` call. This should
greatly simplify the move away from points to.
 2025-03-13 12:18:43 +00:00
Taus
f30ebf1571 Merge pull request #18871 from github/tausbn/python-modernise-special-method-signature-query 
Python: Move min/maxParameter methods to `Function` class
 2025-03-13 13:03:21 +01:00
Asger F
08ee51cbc4 JS: Move some promise-related store steps into PromiseFlow::storeStep 
API graphs calls PromiseFlow::storeStep to propagate promises, which means it missed a store steps added elsewhere in the old promise library model.

We want API graphs to rely on type-tracking steps in general, like in Ruby, but for now just fixing the bug.
 2025-03-13 12:53:04 +01:00
Tom Hvitved
1636abb81b Merge pull request #18985 from hvitved/rust/immediate-child 
Rust/Swift: Add `get(Immediate)Child` predicate
 2025-03-13 12:50:53 +01:00
Napalys
5dff23de6b Added change note. 2025-03-13 12:45:27 +01:00
Napalys
3640e5e425 Added model for tanstack-react useQueries 2025-03-13 12:45:26 +01:00
Napalys
03330ef24d Added test cases for tanstack-react useQueries. 2025-03-13 12:45:25 +01:00
Napalys
6c9aa0e872 Added modeling of tanstack-vue useQueries. 2025-03-13 12:45:23 +01:00
Napalys
4917d64ce7 Added test cases for tanstack-vue useQueries. 2025-03-13 12:45:05 +01:00
Napalys
0c0158899e Added tanstack-vue useQuery modeling 2025-03-13 12:25:07 +01:00
Napalys
7712ca368a Added useQuery tanstack-vue test case 2025-03-13 12:25:05 +01:00
Asger F
89410d07b3 JS: Add failing test 2025-03-13 11:59:23 +01:00
Geoffrey White
1aa223652f Merge pull request #18977 from geoffw0/sourcesinkdoc 
Rust: Source and sink doc / tidy up
 2025-03-13 10:53:44 +00:00
Simon Friis Vindum
3c644144b1 Rust: Extract data flow node and content into separate files 2025-03-13 11:22:04 +01:00