hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-07 14:28:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,777 Branches 169 Tags
codeql-cli-2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
971f53870e JS: Include fs externs 
Makes a difference due to the modeling of NodeJSFileSystemAccessRead depending on these, see
412e841d69/javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.qll (L479-L488)

File copied from 7cef4322e7/javascript/externs/nodejs/fs.js
 2024-10-31 13:51:22 +01:00
Alvaro Muñoz
45b7547016 chore: clean up partial.ql debug query 2024-10-31 13:38:38 +01:00
Alvaro Muñoz
0211902116 models: add models for zentered/issue-forms-parser 2024-10-31 13:38:17 +01:00
Alvaro Muñoz
d85ca10772 fix: account for tojson(expr) expressions 2024-10-31 13:36:59 +01:00
Rasmus Wriedt Larsen
b47fa77dc6 JS: Add tests for stdin threat-model sources 2024-10-31 12:59:21 +01:00
Tom Hvitved
d0f9a0b9ce Rust: Add another unused-value test 2024-10-31 11:43:33 +01:00
Tom Hvitved
55a6ed7e8a Rust: Include link to variable in unused value query 2024-10-31 11:42:44 +01:00
Tom Hvitved
2b340b18dd Rust: Exclude results inside macro expansions from unused entity queries 2024-10-31 11:42:43 +01:00
Tom Hvitved
fec31a6da4 Rust: Include variable name in Unused{Variable,Value}.ql 2024-10-31 11:42:41 +01:00
Tom Hvitved
6b60865d7e Ruby: Do not distinguish between symbols and strings in hash keys 2024-10-31 11:42:09 +01:00
Tom Hvitved
2b37c6cd32 Merge pull request #17548 from hvitved/shared/inline-test-post-process 
Shared: Post-processing query for inline test expectations
 2024-10-31 11:40:11 +01:00
Tom Hvitved
f04a55ecb5 Ruby: Update hash extension tests 2024-10-31 11:00:33 +01:00
Alvaro Muñoz
ebd45ace50 feat: add source model for peter-murra/issue-forms-body-parser 2024-10-31 10:59:05 +01:00
Jeroen Ketema
5e3748ac12 C++: Update expected test results 2024-10-31 10:57:12 +01:00
Jeroen Ketema
1a830cdf14 C++: Do not generate IR for functions with multiple entry points in different locations 2024-10-31 10:55:52 +01:00
Jeroen Ketema
8cfd19cf2f C++: Add multiple entry point test 2024-10-31 10:55:48 +01:00
Tom Hvitved
977eb05f31 Merge pull request #17879 from paldepind/rust-speculative-taint 
Rust: Add predicate for speculative taint step
 2024-10-31 10:17:48 +01:00
Paolo Tranquilli
5a045beff9 Swift: turn off SIL verifications 2024-10-31 10:03:08 +01:00
Paolo Tranquilli
ce4273d461 Revert "Swift: use -typecheck in QL tests" 
This reverts commit 34b8b43843.
 2024-10-31 09:52:08 +01:00
Paolo Tranquilli
3aa7123032 Swift: restrict UnresolvedAstNodes to known locations 2024-10-31 09:26:14 +01:00
Simon Friis Vindum
00b8a29da7 Rust: Add predicate for speculative taint step 2024-10-31 09:09:39 +01:00
Simon Friis Vindum
b96698aee3 Merge pull request #17871 from paldepind/rust-data-flow-skeleton 
Rust: Add basic skeleton setup for data flow
 2024-10-31 08:26:11 +01:00
Tom Hvitved
c936468b17 Merge pull request #17739 from hvitved/dataflow/big-step-quadratic 2024-10-31 08:16:16 +01:00
Anders Schack-Mulligen
b556590ef8 Merge pull request #17663 from aschackmull/dataflow/speculative-flow 
Dataflow: Add support for speculative taint flow.
 2024-10-31 08:12:43 +01:00
Paolo Tranquilli
34b8b43843 Swift: use -typecheck in QL tests 2024-10-31 06:41:46 +01:00
Paolo Tranquilli
7f3745cfcd Swift: fix @isolated(any) DB inconsistencies 2024-10-31 06:22:06 +01:00
Alvaro Muñoz
0157bf3297 fix: improve JS require/import poisonable step to account for cwd 2024-10-30 22:12:17 +01:00
Kevin Stubbings
ac411f1254 Second round feedback 2024-10-30 13:52:38 -07:00
Paolo Tranquilli
7e8a09aea1 Merge pull request #17825 from github/redsun82/rust-canonical-path 
Rust: add `extended_canonical_path` and `crate_origin` to `Item`
 2024-10-30 18:13:05 +01:00
Paolo Tranquilli
66e43c4006 Swift: use ubuntu 22.04 2024-10-30 17:16:35 +01:00
Paolo Tranquilli
3877eb8bc9 Swift: tentatively fix type mangling 2024-10-30 17:08:20 +01:00
Paolo Tranquilli
01417025f2 Swift: use ubuntu-latest 2024-10-30 16:20:27 +01:00
Paolo Tranquilli
5e6228cf7c Swift: fix 2024-10-30 16:11:08 +01:00
Simon Friis Vindum
efa59fd2b6 Rust: Make changes based on PR feedback 2024-10-30 16:01:26 +01:00
Paolo Tranquilli
df8184e0dc Swift: fix check-no-override job 2024-10-30 15:59:03 +01:00
Paolo Tranquilli
d325b8e678 Swift: update load.bzl and resources 2024-10-30 15:56:48 +01:00
Anders Schack-Mulligen
570b042645 Dataflow: Rename SpeculativeFlow to SpeculativeGlobal. 2024-10-30 15:23:15 +01:00
Anders Schack-Mulligen
9b493c1e1b Java: Fix bug related to null inference for pattern initializer. 2024-10-30 15:05:36 +01:00
Taus
2ef3ae9860 Python: Improve parser logging/timing/customisability 
Does a bunch of things, unfortunately all in the same place, so my
apologies in advance for a slightly complicated commit.

As for the changes themselves, this commit

- Adds timers for the old and new parsers. This means we get the overall
time spent on these parts of the extractor if the extractor is run with
`DEBUG` output shown.
- Adds logging information (at the `DEBUG` level) to show which
invocations of the parsers happen when, and whether they succeed or not.
- Adds support for using an environment variable named
`CODEQL_PYTHON_DISABLE_OLD_PARSER` to disable using the old parser
entirely. This makes it easier to test the new parser in isolation.
- Fixes a bug where we did not check whether a parse with the new parser
had already succeeded, and so would do a superfluous second parse.
 2024-10-30 13:58:46 +00:00
Anders Schack-Mulligen
b005973317 UniversalFlow: Skip property propagation to null nodes. 2024-10-30 14:08:38 +01:00
Taus
f75615b913 Merge pull request #17822 from github/tausbn/python-more-parser-fixes 
Python: A few more parser fixes
 2024-10-30 13:47:10 +01:00
Arthur Baars
0e511d640b Rust: avoid panics 
If:
* the text for a file_id is not found (likely non-utf data in file)
* path does not appear in Vfs, in which case we fall back on loading the file from disk with no "semantics" available
 2024-10-30 13:18:36 +01:00
Simon Friis Vindum
44bebedae6 Rust: Add basic skeleton setup for data flow 2024-10-30 13:16:26 +01:00
Alvaro Muñoz
a2f162e482 Bump qlpack versions 2024-10-30 12:43:44 +01:00
Alvaro Muñoz
263582c796 feat: Add sanitizers for bash test commands 2024-10-30 12:43:19 +01:00
Paolo Tranquilli
91f683d94c Merge branch 'main' into redsun82/swift-6 2024-10-30 12:27:24 +01:00
Paolo Tranquilli
d3fb2543d2 Swift: try out new builds 2024-10-30 12:26:34 +01:00
Tom Hvitved
495c92df38 Shared: Also take query ID into account in PathProblemSourceTestInput 2024-10-30 10:54:40 +01:00
Chris Smowton
2b678c97ab Merge pull request #17870 from charmander/patch-1 
Fix typo and grammar in InsecureCookie.qhelp
 2024-10-30 09:48:20 +00:00
Chris Smowton
5f31adc1f4 Update InsecureCookie.qhelp 
Gratuitous commit to nudge CI
 2024-10-30 09:34:49 +00:00