hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,540 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.8
Commit Graph

9615 Commits

Author SHA1 Message Date
Michael Nebel
7c0aa78e39 Python: Add many medium precision queries to the code-quality-extended suite. 2025-09-10 16:06:38 +02:00
Joe Farebrother
f9e094de61 Simplify choosaASignatureMismatchWitness for improved performance 2025-09-09 17:25:48 +01:00
Joe Farebrother
ea562de3e6 Fix tests 2025-09-09 15:17:16 +01:00
Joe Farebrother
ec40ea800d Update qldoc 2025-09-09 13:46:52 +01:00
Joe Farebrother
b01b40b51b Update test output 2025-09-09 13:44:03 +01:00
Joe Farebrother
e382f7cd43 Improve check for containment in with statement 2025-09-09 11:26:17 +01:00
Joe Farebrother
eb246f6f71 Performance experiment - add getFunctionFIle for better join order 2025-09-08 09:43:22 +01:00
Joe Farebrother
869b7e09d7 Merge pull request #19932 from joefarebrother/python-qual-init-del-calls 
Python: Modernize 4 queries for missing/multiple calls to init/del methods
 2025-09-08 09:29:38 +01:00
Joe Farebrother
ff4c11f503 Update test output. Accepting some FNs due to dataflow issue. 2025-09-06 00:45:15 +01:00
Joe Farebrother
0b293eaba5 Update test output 2025-09-05 22:43:21 +01:00
Joe Farebrother
bd3fa7fb21 Switch to dataflow check for guards exceptions 
This reduces some confusing FPs, though appears to introduce another
 2025-09-05 16:03:55 +01:00
Arthur Baars
5d3ec35e29 Remove non-breaking spaces from code 2025-09-05 09:41:15 +02:00
Taus
f6732a927b Python: Bump extractor version 2025-09-03 11:56:54 +00:00
Taus
13a93c7e32 Python: Add suggestions from Copilot 2025-09-03 11:55:49 +00:00
Joe Farebrother
71dec0b23e Fix typos 2025-09-03 11:22:46 +01:00
Joe Farebrother
9fa630faf5 Add comments documenting helper predicates, and add call resolve condition to callMatchesSignature to avoid cartesian product 2025-09-03 11:00:59 +01:00
Joe Farebrother
cd6a151d9b Add missing predicate + update test output 2025-09-03 09:48:07 +01:00
Joe Farebrother
2dcf3c7c45 Remove erronous private 2025-09-02 22:16:41 +01:00
Taus
9802ad77dc Python: Update types_new.py and test output 2025-09-02 12:41:57 +00:00
Taus
235822d782 Python: Improve handling of syntax errors 
Rather than relying on matching arbitrary nodes inside tree-sitter-graph
and then checking whether they are of type ERROR or MISSING (which seems
to have stopped working in later versions of tree-sitter), we now
explicitly go through the tree-sitter tree, locating all of the error
and missing nodes along the way. We then add these on to the graph
output in the same format as was previously produced by
tree-sitter-graph.

Note that it's very likely that some of the syntax errors will move
around a bit as a consequence of this change. In general, we don't
expect syntax errors to have stable locations, as small changes in the
grammar can cause an error to appear in a different position, even if
the underlying (erroneous) code has not changed.
 2025-09-02 12:41:57 +00:00
Taus
b108d47b26 Python: Update parser test output 
It seems that with a newer version of tree-sitter, we no longer parse
the (not actually valid!) syntax `Spam[**P2]` as if the `**` is an
exponentiation operation (with a missing left operand).
 2025-09-02 12:41:55 +00:00
Taus
76f15a890c Python: Update tree-sitter dependency 
Updates the Python extractor to depend on version 0.24.7 of tree-sitter
(and 0.12.0 of tree-sitter-graph).

A few changes were needed in order to make the code build and run after
updating the dependencies:

- In `main.rs`, the `Language` parameter is now passed as a reference.
- In `python.tsg`, many queries had captures that were not actually used
in the body of the stanza. This is no longer allowed (unless the
captures start with an underscore), as it may indicate an error. To fix
this, I added underscores in the appropriate places (and verified that
none of these unused captures were in fact bugs).
 2025-09-02 12:40:20 +00:00
Michael Nebel
31852985e5 Merge pull request #20335 from michaelnebel/shared/ql4ql 
Shared and Sync: Fix some Ql4Ql violations.
 2025-09-02 14:37:34 +02:00
Arthur Baars
0bb7fdccf6 Merge pull request #20347 from github/post-release-prep/codeql-cli-2.23.0 
Post-release preparation for codeql-cli-2.23.0
 2025-09-02 14:14:03 +02:00
Anders Schack-Mulligen
f833fe0e6e Merge pull request #20300 from aschackmull/cfg/successortype 
Shared: Add a shared SuccessorType implementation
 2025-09-02 14:09:35 +02:00
Michael Nebel
d3d737b383 Merge pull request #20330 from michaelnebel/python/ql4ql 
Python: Fix some Ql4Ql violations.
 2025-09-02 14:01:54 +02:00
Michael Nebel
7490d8ddd2 Shared and Sync: Fix some Ql4Ql violations. 2025-09-02 13:54:22 +02:00
github-actions[bot]
e8a2600a0c Post-release preparation for codeql-cli-2.23.0 2025-09-02 11:46:23 +00:00
github-actions[bot]
0bfa93828b Release preparation for version 2.23.0 2025-09-02 11:09:32 +00:00
Michael Nebel
90caded4fe Apply suggestion from @aschackmull 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2025-09-02 13:08:31 +02:00
Joe Farebrother
318d1cd392 Increase precision in detecting call matches signature 2025-09-02 12:02:08 +01:00
Joe Farebrother
125c6534b7 Use new option name 2025-09-01 23:41:28 +01:00
Joe Farebrother
6587ad435e Update python/ql/src/Functions/SignatureOverriddenMethod.ql 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-01 16:31:24 +01:00
Joe Farebrother
0a83c11f42 Add changenote.+ fix typo 2025-09-01 16:31:18 +01:00
Joe Farebrother
900a5cd9d7 Update documentation 2025-09-01 16:31:11 +01:00
Joe Farebrother
502ea82c91 Updae other test output 2025-09-01 16:31:04 +01:00
Joe Farebrother
2bbf24b3ea Add additional test cases 2025-09-01 16:30:53 +01:00
Joe Farebrother
f429b9038c Update tests, update alert messages 2025-09-01 16:30:44 +01:00
Joe Farebrother
067c98d3ee Include conditional alert messages for various cases 2025-09-01 16:30:35 +01:00
Joe Farebrother
4212d1b5b6 Update alert messages and choose one witness 2025-09-01 16:30:26 +01:00
Joe Farebrother
5ba5007076 Modernize signature mismatch 2025-09-01 16:30:17 +01:00
Joe Farebrother
f7097136f1 Rank multiple calls so only the first 2 calls are alerted 2025-09-01 16:23:42 +01:00
Henry Mercer
d71991fdc0 Merge pull request #20320 from github/henrymercer/default-queries 
Specify default queries in `codeql-extractor.yml`
 2025-09-01 15:52:47 +01:00
Joe Farebrother
8545c7d36f Fix doc typo 2025-09-01 15:12:52 +01:00
Joe Farebrother
8c9c66c002 Fix typo in example 2025-09-01 15:12:52 +01:00
Joe Farebrother
ba68fe9a0f Adress review suggestions - cleanups 2025-09-01 15:12:52 +01:00
Joe Farebrother
fb0380bfbc Inline locationBefore 2025-09-01 15:12:52 +01:00
Joe Farebrother
cc486ddb08 Remove tostring 2025-09-01 15:12:51 +01:00
Joe Farebrother
72df584e9b Update integration test outout and fix qhelp 2025-09-01 15:12:51 +01:00
Joe Farebrother
c9dc54abf8 Fix typos 2025-09-01 15:11:59 +01:00