hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

4228 Commits

Author SHA1 Message Date
Alexandre Boulgakov
5bb2eb4155 Swift: TSP message wording changes. 
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
 2023-05-19 14:37:18 +01:00
Alexandre Boulgakov
137b4a99ef Swift: TSP message wording changes. 
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
 2023-05-19 14:36:24 +01:00
Alexandre Boulgakov
ddcac20a94 Swift: TSP message wording changes. 
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
 2023-05-19 14:36:14 +01:00
Alexandre Boulgakov
8a15af5614 Swift: TSP message wording changes. 
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
 2023-05-19 14:36:04 +01:00
Geoffrey White
68bdd51dd3 Swift: Add QLDoc encouraging this pattern. 2023-05-19 14:35:08 +01:00
Geoffrey White
0d8aa825d9 Swift: Use asNominalType() more widely to include things declared in extensions. 2023-05-19 14:19:32 +01:00
Geoffrey White
ccbd041875 Swift: Use asNominalTypeDecl() to simplify models. 2023-05-19 14:04:49 +01:00
Mathias Vorreiter Pedersen
2206216dbb Merge pull request #13221 from geoffw0/filepath 
Swift: Taint model for FilePath
 2023-05-19 14:01:22 +01:00
Geoffrey White
c8dfc87dae Swift: getName -> getFullName. 2023-05-19 12:18:17 +01:00
Geoffrey White
13755ad5f5 Swift: Remove placeholder lines I had left in. 2023-05-19 11:42:00 +01:00
Geoffrey White
6dfad79972 Swift: Model FilePath. 2023-05-18 18:56:08 +01:00
Geoffrey White
371bcc55fa Swift: Consolidate and extend tests of taint flow through FilePath. 2023-05-18 18:01:38 +01:00
Alexandre Boulgakov
fa52c32564 Merge pull request #13170 from github/sashabu/internal-error-tsp 
Swift: Emit diagnostics on assertion/expectation violations.
 2023-05-18 17:19:43 +01:00
Geoffrey White
d26a86185f Swift: Codegen. 2023-05-18 09:43:13 +01:00
Geoffrey White
f0ce5b09c6 Swift: Address QL-for-QL warning. 2023-05-18 09:43:07 +01:00
Geoffrey White
3539e55bb2 Swift: Autoformat. 2023-05-17 19:21:41 +01:00
Geoffrey White
6c35bbf5c2 Swift: Simplify / focus the test. 2023-05-17 19:15:27 +01:00
Geoffrey White
95caaecd71 Swift: Add EnumDecl.getEnumElement(_). 2023-05-17 19:05:27 +01:00
Geoffrey White
66b13e2294 Swift: Add a test of enum decls. 2023-05-17 19:01:57 +01:00
Alex Denisov
7e15386376 Swift: bump all versions to 0.1.0 2023-05-17 11:28:28 +02:00
Alexandre Boulgakov
060a48571a Swift: Emit diagnostics on assertion/expectation violations. 2023-05-16 19:40:00 +01:00
Alexandre Boulgakov
7ada125299 Swift: Support fmtlib for assertions/expectations. 
Specifically, this adds custom formatters using `path::operator string()` and `error_code::message()` and dereferences a (non-empty) optional. `fmtlib` provides formatters for these standard library types in `fmt/std.h`, but that file also requires RTTI (which we disable) for `std::exception` so we can't use it without either patching `fmtlib` (which they're open to: https://github.com/fmtlib/fmt/issues/3170) or enabling RTTI (which will require some consideration).
 2023-05-16 18:33:28 +01:00
Mathias Vorreiter Pedersen
99545420d5 Merge pull request #13177 from MathiasVP/recommend-secure-randomness 
Swift: Recommend a proper source of randomness in `swift/hardcoded-key`
 2023-05-16 18:04:13 +01:00
Mathias Vorreiter Pedersen
9def3dd440 Update swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.swift 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-05-16 17:42:34 +01:00
Geoffrey White
3bd16fa1d8 Merge pull request #13184 from geoffw0/docconsistency 
Swift: Mirror changes made in the tutorial docs.
 2023-05-16 17:42:03 +01:00
Mathias Vorreiter Pedersen
f5be8cfe58 Merge pull request #13167 from geoffw0/sensitivefps 
Swift: Fix some FPs from the sensitive data library
 2023-05-16 17:12:47 +01:00
Paolo Tranquilli
42d40900d3 Swift: reword TSP diagnostics after doc team review 2023-05-16 17:52:02 +02:00
Paolo Tranquilli
fc9fe13278 Merge pull request #13181 from github/redsun82/swift-diagnostics-enable-warnings 
Swift: turn internal error into a TSP warning
 2023-05-16 17:20:46 +02:00
Paolo Tranquilli
7e61e99e4a Swift: make help links optional argument more explicit 2023-05-16 16:52:22 +02:00
Geoffrey White
35b35ec377 Swift: Mirror changes made in the docs. 2023-05-16 14:26:16 +01:00
Paolo Tranquilli
8291b2229a Swift: turn internal error into a TSP warning 2023-05-16 15:18:29 +02:00
Geoffrey White
94b4ebe38b Update swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-05-16 14:16:30 +01:00
Mathias Vorreiter Pedersen
03ef18b286 Swift: Recommend a proper source of randomness in 'swift/hardcoded-key'. 2023-05-16 11:59:41 +01:00
Alexandre Boulgakov
8db945a11e Swift: Use ... to find and run all Bazel tests instead of having to list them. 2023-05-15 20:51:31 +01:00
Geoffrey White
5019d3befa Swift: Update test annotations. 2023-05-15 18:23:48 +01:00
Geoffrey White
3f206cce00 Swift: Simplify out toLowerCase(). 2023-05-15 18:23:33 +01:00
Geoffrey White
047494dc95 Swift: Bank account numbers are a credential now, I guess they don't need to be private data as well. 2023-05-15 18:22:55 +01:00
Geoffrey White
252b72b573 Swift: Add some special cases to preserve (for now) result quality. 2023-05-15 18:22:50 +01:00
Geoffrey White
245e8fbc92 Swift: Use SensitiveDataHeuristics.qll in SensitiveCredential. 2023-05-15 18:14:52 +01:00
Geoffrey White
a91c45049e Swift: Add some special cases to preserve (for now) result quality. 2023-05-15 18:06:33 +01:00
Geoffrey White
e2080c5d00 Swift: SensitiveDataHeuristics.qll expects function names without an (argument:list:). 2023-05-15 17:45:56 +01:00
Geoffrey White
35e2e5d785 Swift: Use SensitiveDataHeuristics.qll in regexpProbablySafe. 2023-05-15 17:44:54 +01:00
Geoffrey White
cc72bfbbbb Swift: Add the shared SensitiveDataHeuristics.qll to Swift. 2023-05-15 17:38:14 +01:00
Geoffrey White
4781881a6a Swift: Improve mobile/phone number regexp. 2023-05-15 15:30:30 +01:00
Geoffrey White
a0cba8cb6b Swift: Address boolean value FPs. 2023-05-15 14:24:18 +01:00
Geoffrey White
27c8eb301e Swift: Fix URL-related FPs. 2023-05-15 14:08:43 +01:00
Geoffrey White
e59d7e0345 Swift: Remove assumption that 'username' is not sensitive (in the tests). 2023-05-15 13:58:44 +01:00
Geoffrey White
dba951111a Swift: Add more sensitive data test cases. 2023-05-15 13:58:44 +01:00
Paolo Tranquilli
10d084fbbf Swift: update comment 2023-05-15 13:48:24 +02:00
Paolo Tranquilli
cfcd26cf0d Swift: support markdown TSP diagnostics 2023-05-15 13:48:24 +02:00