hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,920 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.2
Commit Graph

3180 Commits

Author SHA1 Message Date
Michael Nebel
ddde1d4607 C#: Remove default clears content. 2022-05-22 15:16:44 +02:00
Ian Lynagh
9844ae703e Merge pull request #9219 from igfoo/igfoo/livelits 
Improve LiveLiterals
 2022-05-20 11:42:16 +01:00
Anders Schack-Mulligen
8beef45599 Merge pull request #9195 from aschackmull/java/perf-local-flow 
Java: Performance fixes for local flow relation
 2022-05-20 12:38:02 +02:00
Michael Nebel
20af134ff0 Merge pull request #9210 from michaelnebel/dataflow/summarizedcallablerefactor 
DataFlow - SummarizedCallable refactor
 2022-05-20 09:32:30 +02:00
Tony Torralba
5498f41248 Apply code review suggestion to increase precision in getValue 2022-05-19 17:35:34 +01:00
Tony Torralba
bc84ff2031 Improve docs of LiveLiteral 
Also remove transitive closure from calls
 2022-05-19 17:35:27 +01:00
Tom Hvitved
f83deb6571 Data flow: Sync files 2022-05-19 15:20:43 +02:00
Tom Hvitved
2b2ac06128 Data flow: Sync files 2022-05-19 13:28:56 +02:00
Anders Schack-Mulligen
651d9d0a44 Java: Ensure cached predicates are in the same stage. 2022-05-19 11:39:41 +02:00
Anders Schack-Mulligen
0e830f6052 C#/Ruby/Java: Fix pragmas. 2022-05-19 11:26:38 +02:00
Michael Nebel
94a72ec051 Java: Refactor SummarizedCallable. 2022-05-19 11:10:58 +02:00
Erik Krogh Kristensen
215a6a72cc Merge branch 'main' into useStringComp 2022-05-18 10:55:31 +02:00
Anders Schack-Mulligen
a4dac9fd2b Merge pull request #9201 from Marcono1234/marcono1234/NumericType-type-qll 
Java: Move `NumericType` to `Type.qll`
 2022-05-18 10:31:40 +02:00
Anders Schack-Mulligen
af7df79289 Autoformat 2022-05-18 09:38:11 +02:00
Anders Schack-Mulligen
a4a004a322 Java: Simplify recursion prevention. 2022-05-18 09:27:55 +02:00
Anders Schack-Mulligen
d4c9fddae3 Java: Use fastTC. 2022-05-18 09:27:54 +02:00
Anders Schack-Mulligen
25fda206b2 Java: Prevent accidental recursion through AdditionalValueStep. 2022-05-18 09:25:23 +02:00
Anders Schack-Mulligen
1d3b3204df Merge pull request #9190 from hvitved/dataflow/summary-arg-param-no-materialize 
Data flow: Do not materialize `summaryArgParam`
 2022-05-18 09:17:57 +02:00
Erik Krogh Kristensen
7245591468 Merge pull request #7763 from erik-krogh/unused-field 
QL: add unused-field query
 2022-05-18 09:15:16 +02:00
Marcono1234
c53d315697 Java: Move NumericType to Type.qll 2022-05-18 01:40:17 +02:00
Erik Krogh Kristensen
86e97c32d6 fix all ql/use-string-compare 2022-05-17 14:11:05 +02:00
Tony Torralba
dbf249b199 Accept only EOL comments as Kotlin expectation comments 2022-05-17 13:05:51 +02:00
Tom Hvitved
284357d2a0 Data flow: Do not materialize summaryArgParam 2022-05-17 12:50:01 +02:00
Anders Schack-Mulligen
4f5ccfd76c Merge pull request #9181 from Marcono1234/marcono1234/FloatingPointLiteral-rename 
Java: Rename `FloatingPointLiteral` to `FloatLiteral`
 2022-05-17 10:08:49 +02:00
Tamás Vajk
350d137b2e Merge pull request #9145 from tamasvajk/kotlin-useless-param 
Kotlin: Respect `override` modifier in useless parameter query
 2022-05-17 08:43:59 +02:00
Marcono1234
4e1a73f4d9 Java: Rename FloatingPointLiteral to FloatLiteral 
"Floating point" refers to both `double` and `float`, and is also used by
the JLS in this way. Therefore the old CodeQL class name for `float` literals
was misleading.
 2022-05-16 22:06:04 +02:00
Nick Rolfe
c518150b49 Merge pull request #9132 from github/nickrolfe/misspelling 
QL for QL: generalise non-US spelling query
 2022-05-16 16:03:36 +01:00
Anders Schack-Mulligen
83f817ca45 Merge pull request #9134 from aschackmull/dataflow/perf-std-order 
Dataflow: Improve standard order through easier type check elimination.
 2022-05-16 10:05:17 +02:00
Tony Torralba
616b12d011 Merge pull request #8956 from atorralba/atorralba/intent-redirection-sanitizer-fix 
Java: Fix Intent Redirection sanitizer
 2022-05-16 09:21:04 +02:00
Tony Torralba
168a184602 Merge pull request #9127 from atorralba/atorralba/sensitive-info-log-improvs 
Java: Sensitive Info Log query improvements
 2022-05-13 16:57:32 +02:00
Tony Torralba
b9f3b3bd37 Apply code review suggestion 2022-05-13 15:09:06 +02:00
Ian Lynagh
624cd41bd5 Merge pull request #9136 from igfoo/igfoo/qldoc 
Kotlin: QLDoc tweaks from intrigus
 2022-05-13 12:17:28 +01:00
Tamas Vajk
5ce2573cc1 Kotlin: Respect override modifier in useless parameter query 2022-05-13 11:08:35 +02:00
Chris Smowton
5ec9390482 Autoformat 2022-05-12 22:37:54 +01:00
Chris Smowton
63dadd88aa Revert "Identify data classes during extraction" 
This reverts commit a61ba65c9f2182a578a7f4dbdb1c1657197f16cd, pending
adding a proper upgrade script for the DB change.
 2022-05-12 22:37:30 +01:00
Tony Torralba
e3c2656ef1 Update java/ql/lib/semmle/code/java/frameworks/KotlinStdLib.qll 2022-05-12 22:37:06 +01:00
Tamas Vajk
fbae0f5053 Revert dataflow changes, extract actual iterator function 2022-05-12 22:37:06 +01:00
Tamas Vajk
538e05995a Fix dataflow for kotlin.Array.iterator() 2022-05-12 22:37:03 +01:00
Tamas Vajk
25fce5f6bb Identify data classes during extraction 2022-05-12 22:36:28 +01:00
Nick Rolfe
6c52831143 Java: sync spelling correction in shared qll 2022-05-12 16:11:29 +01:00
Nick Rolfe
1115227f9d Merge remote-tracking branch 'origin/main' into nickrolfe/misspelling 2022-05-12 16:10:27 +01:00
Anders Schack-Mulligen
8c8440a58a Merge pull request #9101 from hvitved/dataflow/include-hidden 
Data flow: Add `Configuration::includeHiddenNodes()`
 2022-05-12 15:36:12 +02:00
Nick Rolfe
128fac4414 Java: fix typos in comments 2022-05-12 14:28:49 +01:00
Ian Lynagh
75ca116ef9 Kotlin: QLDoc tweaks from intrigus 2022-05-12 14:12:01 +01:00
Joe Farebrother
59e400d2e0 Merge pull request #7723 from joefarebrother/redos 
Java: Add ReDoS queries
 2022-05-12 13:50:38 +01:00
Anders Schack-Mulligen
adb56dfa39 Dataflow: Improve standard order through easier type check elimination. 2022-05-12 14:31:38 +02:00
Nick Rolfe
234a36ff61 Merge pull request #9119 from github/nickrolfe/non-us-spelling-fixes 
Fix non-US spellings and the corresponding query
 2022-05-12 12:29:14 +01:00
Tony Torralba
f0a0ac100b Add live literals as sanitizers for sensitive logging 2022-05-12 11:57:44 +02:00
Tom Hvitved
0a7892797e Merge pull request #8938 from hvitved/ruby/with-without-mad-tokens 
Ruby: Introduce `With(out)Element` MaD input tokens
 2022-05-12 11:49:51 +02:00
Tony Torralba
5db8306fef Stop considering usernames sensitive info 
Require variables to be static to be considered constants
 2022-05-12 11:46:52 +02:00