hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-25 13:16:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,673 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Napalys
8086c25abe Removed Union as standard character class is already an union. 2025-03-05 10:07:20 +01:00
Michael Nebel
5c931fa897 C#: Improve comments. 2025-03-05 09:50:52 +01:00
Napalys
8099423b6d Renamed character class operators lists to elements. 2025-03-05 09:34:21 +01:00
Napalys
9ea89cd63f Added a test case from #18854 2025-03-05 09:34:20 +01:00
Napalys
c7f03df1eb Added change note 2025-03-05 09:34:18 +01:00
Michael Nebel
d5ee93dbbc C#: Anonymous types should not be considered unknown. 2025-03-05 09:04:58 +01:00
Michael Nebel
3b764b0640 C#: Update test expected output. 2025-03-05 09:04:56 +01:00
Michael Nebel
fc5a49ef84 C#: Handle some broken types in BMN. 2025-03-05 09:04:54 +01:00
Michael Nebel
e835d8b168 C#: Change the populate logic context. It looks like a mistake that the only flag set is Standalone. 2025-03-05 09:04:53 +01:00
Michael Nebel
c2b835da40 C#: Re-factor the check whether we are in standalone mode. 2025-03-05 09:04:52 +01:00
Michael Nebel
9af170f60e C#: Add BMN test using broken types. 2025-03-05 09:04:50 +01:00
Michael Nebel
5551aebaa9 C#: Add a primary ql class for UnknownType. 2025-03-05 09:04:49 +01:00
Ed Minnix
133c6fa400 Fix test expectations 2025-03-05 01:13:31 -05:00
Ed Minnix
22e958b245 Fix jump node by using associated property 2025-03-05 01:13:29 -05:00
Ed Minnix
8ea6974868 XSS qlref 2025-03-05 01:13:27 -05:00
Ed Minnix
97e00ae053 Fix formatting 2025-03-05 01:13:26 -05:00
Ed Minnix
824b182ca5 fixup! Add Name and NameList test classes 2025-03-05 01:13:12 -05:00
Ed Minnix
17da291910 fixup! Component parameter passing step 2025-03-05 01:13:09 -05:00
Ed Minnix
0463f48565 Add Name and NameList test classes 2025-03-05 01:13:03 -05:00
Ed Minnix
48b90b28c7 Component parameter passing step 2025-03-05 01:13:00 -05:00
Taus
bf3d9ee6a9 Python: Address review comments 2025-03-04 22:30:55 +00:00
REDMOND\brodes
cce5f24b38 Initial OpenSSL modeling work. 2025-03-04 15:52:57 -05:00
Jeroen Ketema
e50ebfc8c2 C++: Improve query description and fix alignment of the text 2025-03-04 20:50:27 +01:00
Taus
f246ef764a Python: Update change note 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2025-03-04 18:09:54 +01:00
Jeroen Ketema
795a2e1175 Merge pull request #18923 from jketema/template-arguments 
C++: Update template test to also output the value of template arguments
 2025-03-04 17:56:14 +01:00
Chuan-kai Lin
c7dc8a364c Merge pull request #18925 from github/mergeback-2.20.6 
Mergeback codeql-cli-2.20.6 to rc/3.17
 2025-03-04 08:36:09 -08:00
Paolo Tranquilli
7a78766584 Merge pull request #18789 from github/redsun82/cargo-upgrade 
Upgrade cargo dependencies
 2025-03-04 17:34:58 +01:00
Jami Cogswell
82062e2847 Java: update test 2025-03-04 11:15:00 -05:00
Taus
50a01b1244 Python: Remove superfluous reference to FunctionExpr 
This way we also get annotations that appear in `Lambda`s
 2025-03-04 15:53:34 +00:00
Jami Cogswell
746f022cfa Java: add 'Spring' prefix to public class names 2025-03-04 10:34:16 -05:00
Jeroen Ketema
324499e447 C++: Update template test to also output the value of template arguments 
These values are currently the same as the result that `getTemplateArgument`
yields. However, this will change with the upcoming frontend update.
 2025-03-04 16:24:21 +01:00
Chuan-kai Lin
dbffe91a20 Merge pull request #18917 from github/smowton/admin/jdk-24-2.20.6 
Update supported Java version
codeql-cli/v2.20.6 		2025-03-04 07:10:10 -08:00
Owen Mansel-Chan
e2456ea59e Update go/ql/lib/change-notes/2025-03-04-improve-models-for-sync-map.md 
Co-authored-by: Michael B. Gale <mbg@github.com>
 2025-03-04 15:07:24 +00:00
Taus
5d3b40d514 Python: Add change note 2025-03-04 14:47:03 +00:00
Taus
88615f427b Python: Add support for forward declarations in unused var query 
Fixes the false positive reported in
https://github.com/github/codeql/issues/18910

Adds a new `Annotation` class (subclass of `Expr`) which encompasses all
possible kinds of annotations in Python.

Using this, we look for string literals which are part of an annotation,
and which have the same content as the name of a (potentially) unused
global variable, and in that case we do not produce an alert.

In future, we may want to support inspecting such string literals more
deeply (e.g. to support stuff like "list[unused_var]"), but I think for
now this level of support is sufficient.
 2025-03-04 14:41:45 +00:00
Tom Hvitved
b8dd2e551e Merge pull request #18919 from hvitved/rust/ast-consistency-internal 
Rust: Move `AstConsistency.qll` into `internal`
 2025-03-04 15:35:34 +01:00
Simon Friis Vindum
980ed23e63 Merge pull request #18922 from paldepind/rust-model-generation-require-name 
Rust: Exclude functions without canonical path from model generation
 2025-03-04 15:35:08 +01:00
Jeroen Ketema
45c4f3f898 Merge pull request #18914 from github/esteffin/bmn-include-file-resolution-statistics 
C++ query to extract the number of errors due to include file resolution failure
 2025-03-04 15:13:45 +01:00
Enrico Steffinlongo
e230166fe2 Add C++ query to extract the status of include file resolution 2025-03-04 13:57:17 +00:00
Taus
301ebcb12b Python: Extend test cases for "unused global var" query 
Adds two test cases having to do with type annotations. The first one
demonstrates that type annotations (even if they are never executed by
the Python interpreter) count as uses for the purposes of the unused
variable query. The second one demonstrates that this is _not_ the case
if all such uses are inside strings (i.e. forward declarations), as we
do not currently inspect the content of these strings.
 2025-03-04 13:52:31 +00:00
Paolo Tranquilli
e91911b4b4 Merge branch 'main' into redsun82/cargo-upgrade 2025-03-04 14:09:28 +01:00
Simon Friis Vindum
c89e648738 Rust: Exclude function without canonical path from model generation 2025-03-04 13:56:10 +01:00
Owen Mansel-Chan
07c041483d Add change note 2025-03-04 12:14:43 +00:00
Owen Mansel-Chan
36908e8ef0 Do not track taint for keys in sync.Map 
There is no way to get the value of a key out of a `sync.Map`.
 2025-03-04 12:11:49 +00:00
Paolo Tranquilli
4d10c4110a Rust: address review 2025-03-04 13:05:59 +01:00
Tom Hvitved
1f13f0009f Rust: Move AstConsistency.qll into internal 2025-03-04 13:00:09 +01:00
Jami
c22b05a6f4 Merge pull request #18900 from jcogs33/jcogs33/java/unreleased-lock-fp 
Java: handle lock state check stored in variable for `java/unreleased-lock`
 2025-03-04 06:38:56 -05:00
Paolo Tranquilli
e0d0dc9a80 Rust: tweak qltest logs 
* verbosity is raised to DEBUG to have more information in the logs
* color codes are now skipped in the `qltest.log` file
* they are still printed out on the console when running with
  `--show-extractor-output`.
 2025-03-04 12:33:14 +01:00
Anders Schack-Mulligen
6c89602691 SSA: Add some qldoc. 2025-03-04 12:24:25 +01:00
Anders Schack-Mulligen
f5eb2d94bc SSA: Use Definition.getLocation in DefinitionExt. 2025-03-04 12:24:25 +01:00