hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 11:46:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,246 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.0
Commit Graph

5817 Commits

Author SHA1 Message Date
Benjamin Muskalla
f9918cc63c Test generator uses InlineFlowTest 2021-09-14 11:58:56 +02:00
Chris Smowton
122ffca049 Merge pull request #6645 from Marcono1234/marcono1234/spurious-javadoc-param-generic-class 
Java: Detect spurious param Javadoc tag of generic classes
 2021-09-13 16:41:06 +01:00
Anders Schack-Mulligen
818e75bb8f Java: Fix compilation error in telemetry lib. 2021-09-13 15:50:21 +02:00
Marcono1234
d117593d72 Java: Remove duplicate classes modeling Object.clone 2021-09-12 02:05:57 +02:00
Chris Smowton
9b488207eb Add support for the Flexjson framework to the unsafe-deserialization query 2021-09-10 16:27:23 +01:00
Chris Smowton
2d03840fde Add experimental variants of java/xxe, incorporating new sinks and a version that uses local sources. 
Originally authored by @haby0, squashed to clean up a tangled commit history.
 2021-09-10 13:49:31 +01:00
Benjamin Muskalla
a1b7437f8d Merge branch 'main' into thirdpartyapitelemtry 2021-09-09 11:11:42 +02:00
Marcono1234
a173d9593b Java: Detect spurious param Javadoc tag of generic classes 2021-09-09 00:11:02 +02:00
Benjamin Muskalla
67eaa1b735 Fix qldoc 2021-09-08 13:08:28 +02:00
Benjamin Muskalla
f7ad894495 Fix name of api filter predicate 2021-09-07 14:28:58 +02:00
Benjamin Muskalla
22df141761 Rename API name predicate 2021-09-07 14:17:13 +02:00
Andrew Eisenberg
6a47fcaf1f Packaging: Normalize all qlpack.yml files for all languages 
This commit ensures consistency among all of our qlpacks. Here are the
changes:

1. Ensure only modern references are used (codeql-{lang} is converted to
   codeql/{lang}-all or codeql/{lang}-queries where appropriate).
2. Use consistent version numbers. All languages are at 0.0.2 except
   javascript, which is 0.0.3.
3. Convert all `libraryPathDependencies` to `dependencies` with version
   constraints
4. Dependencies from query packs to other packs are always `"*"` since
   these dependencies are always from source and we should get the
   latest.
5. Dependencies from codeql/{lang}-lib to codeql/{lang}-upgrades must
   be strict since there is a tight connection between the libary
   and its relevant upgrades.
 2021-09-03 11:53:28 -07:00
Benjamin Muskalla
51475d2fb0 Merge branch 'main' into thirdpartyapitelemtry 2021-09-03 14:23:31 +02:00
Benjamin Muskalla
ab5c1d6bdd Rework filter to exclude simple constructors 2021-09-03 13:38:01 +02:00
Chris Smowton
0dd463dd2b Merge pull request #6520 from smowton/smowton/feature/allow-local-interfaces 
Java: Allow local interfaces
 2021-09-03 12:01:36 +01:00
Benjamin Muskalla
9ed14b438e Use readble format for APIs 2021-09-03 11:53:18 +02:00
Benjamin Muskalla
7d3131ca49 Move usage count into where clause 2021-09-03 11:32:14 +02:00
Benjamin Muskalla
89ce04dcb9 Pull usage count into where clause 2021-09-03 11:26:22 +02:00
Benjamin Muskalla
2edb32f344 Fix naming 2021-09-03 10:59:35 +02:00
Benjamin Muskalla
6ede08e3c9 Remove dead code 2021-09-03 10:53:24 +02:00
Chris Smowton
c259d0204a Move unreachable cases of IndirectType into getAContainedType 2021-09-02 17:53:52 +01:00
Chris Smowton
b9afccc015 Remove impossible lines from Stubs.qll 2021-09-02 17:14:38 +01:00
Chris Smowton
608d24f75e Rename QL elements that refer to local classes 2021-09-02 14:51:50 +01:00
Chris Smowton
e048a729db Add Interface.isLocal and use it where appropriate 
Some EJB logic regrettably needs to be renamed out of the way. Hopefully the churn caused by this is less than would be caused if Interface's isLocal needed to be named differently from Class.isLocal.
 2021-09-02 14:51:46 +01:00
Sauyon Lee
7156dee270 Merge pull request #6521 from sauyon/java/test-gen-improvements 
Java: generate more realistic tests
 2021-08-31 10:06:08 -07:00
Chris Smowton
b38a23daee Fix test cases featuring primitive arrays 
Previously we couldn't print the name of types like `byte[]` for example.
 2021-08-31 15:12:47 +01:00
Chris Smowton
f94d8c341d Abbreviate multi-column min 2021-08-31 11:57:49 +01:00
Chris Smowton
510f5abb9a Add missing qldoc 2021-08-31 11:56:03 +01:00
Chris Smowton
5dddc48e60 autoformat 2021-08-31 11:53:13 +01:00
Sauyon Lee
adcb90aa8c fixup generateflowtestcase chaneg 2021-08-27 11:25:03 -07:00
Sauyon Lee
23b9028d2c Correctly determine which support method definitions are required 2021-08-27 11:25:03 -07:00
Sauyon Lee
04e04b3031 Use array allocation syntax 2021-08-27 11:25:03 -07:00
Sauyon Lee
97faeb026f Fix side of stack that gen method types are used 2021-08-27 11:25:03 -07:00
Sauyon Lee
119de6c60c Replace type variables before attempting to match to an array generation 2021-08-27 11:25:03 -07:00
Sauyon Lee
9d66761eeb Consider a callable to ambiguous if it has a varargs parameter 2021-08-27 11:25:02 -07:00
Sauyon Lee
0d174f2daf Only include support methods and imports from working test cases 2021-08-27 11:25:02 -07:00
Sauyon Lee
2132ee52d5 Restrict the size of appliesTo for default methods 2021-08-26 08:02:21 -07:00
Sauyon Lee
abf3bbbe8d Add qldoc for public elements 2021-08-26 08:02:21 -07:00
Sauyon Lee
e7611ab641 Move getCall and appliesTo to relevant classes 2021-08-26 08:02:21 -07:00
Sauyon Lee
ce8d14e6ef Add a priority predicate for test generation support methods 2021-08-26 08:02:21 -07:00
Sauyon Lee
1bd5eb5120 Use if statement instead of manual disjuction 2021-08-26 08:02:21 -07:00
Sauyon Lee
73d6177477 Java test gen: make char zero '\0' 2021-08-26 08:02:20 -07:00
Chris Smowton
2b0f6a2723 Java: Generate more realistic tests 2021-08-26 08:02:20 -07:00
Chris Smowton
33c727e6b9 Split up GenerateFlowTestCase.qll 
This doesn't change any behaviour or alter any predicate bodies
 2021-08-26 08:02:19 -07:00
Chris Smowton
7a0555ecb3 Merge pull request #6357 from artem-smotrakov/static-iv 
Java: Static initialization vector
 2021-08-26 13:45:43 +01:00
Fosstars
1dd4bf00ac Simplify StaticInitializationVectorSource 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-08-26 09:42:23 +02:00
Artem Smotrakov
23e2322635 Simplify ArrayUpdate 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-08-25 19:43:43 +02:00
Artem Smotrakov
f41828e5db Better qldoc in StaticInitializationVectorQuery.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-08-25 19:38:33 +02:00
Fosstars
f97c8bb049 Removed sanitizer in StaticInitializationVectorConfig 2021-08-25 12:40:48 +02:00
Fosstars
86b7b2b86d Updated qldoc for ArrayUpdate 2021-08-25 12:14:36 +02:00