hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-07 22:31:39 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,777 Branches 169 Tags
codeql-cli-2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
4b1c027359 JS: Integrate RemoteFlowSource with ThreatModelSource 2024-10-25 14:52:49 +02:00
Rasmus Wriedt Larsen
dbfbd2c00a JS: Remove 'response' from default threat-models 
I didn't want to put the configuration file in
`semmle/javascript/frameworks/**/*.model.yml`, so created `ext/` as in other
languages
 2024-10-25 14:52:49 +02:00
Rasmus Wriedt Larsen
05dce8a0be JS: Add test showing default active threat-models 2024-10-25 14:50:59 +02:00
Rasmus Wriedt Larsen
17a6d54e4d JS: Setup basic support for threat-models 
Integration with RemoteFlowSource is not straightforward, so postponing
that for later

Naming in other languages:
- `SourceNode` (for QL only modeling)
- `ThreatModelFlowSource` (for active sources from QL or data-extensions)

However, since we use `LocalSourceNode` in Python, and `SourceNode` in
JS (for local source nodes), it seems a bit confusing to follow the same
naming convention as other languages, and instead I came up with new names.
 2024-10-25 14:50:59 +02:00
Tom Hvitved
c5da712d10 Merge pull request #17840 from hvitved/shared/inline-test-space 
Shared: Add missing spaces in inline test expectation output
 2024-10-25 14:23:55 +02:00
Alvaro Muñoz
fe9c908880 Bump qlpack versions 2024-10-25 14:18:20 +02:00
Paolo Tranquilli
a760b89895 Rust: small tweaks 2024-10-25 14:13:27 +02:00
Paolo Tranquilli
5230b7b041 Rust: reduce log spam and skip debug diagnostics in the DB 2024-10-25 13:47:13 +02:00
Tom Hvitved
7c4d5981dd Shared: Add missing spaces in inline test expectation output 2024-10-25 13:23:03 +02:00
Arthur Baars
f092594a52 Rust: add location definitions for format arguments 2024-10-25 12:57:08 +02:00
Arthur Baars
997a622496 Rust: also implement localReferences.ql 2024-10-25 12:57:06 +02:00
Paolo Tranquilli
45e9c2ff4d Merge pull request #17841 from github/redsun82/rust-fix-qltest-macos 
Rust: fix qltest on macOS, and add CI cross-platform testing of it
 2024-10-25 12:56:23 +02:00
Tom Hvitved
ba600b0791 Merge pull request #17829 from hvitved/rust/cfg-stage 
Rust: Collapse cached CFG logic into one stage
 2024-10-25 12:45:38 +02:00
Arthur Baars
9dc5e2fa36 Merge pull request #17791 from github/aibaars/rust-format-templates 
Rust: parse formatting templates
 2024-10-25 12:42:35 +02:00
Paolo Tranquilli
4485193f57 Rust: skip output redirection QL test on windows for now 2024-10-25 12:33:47 +02:00
Óscar San José
8f7ed21f5d Update macOS version in workflow file 2024-10-25 12:21:27 +02:00
Arthur Baars
8d4bb97b1a Rust: make VariableAccess non-abstract 2024-10-25 12:21:23 +02:00
Óscar San José
c2a644b740 Update macOS version in build workflow 2024-10-25 12:20:25 +02:00
Paolo Tranquilli
4e8b6dc038 Rust: fix qltest on macOS, and add CI cross-platform testing of it 2024-10-25 12:19:46 +02:00
Michael Nebel
0b538313fb Merge pull request #17666 from michaelnebel/csharp/net8models 
C#: Update .NET 8 models.
 2024-10-25 11:24:27 +02:00
Arthur Baars
a08b4b7372 Rust: allow VariableAccess elements to have another primary QL class 2024-10-25 11:02:55 +02:00
Arthur Baars
a6e69eb147 Revert "Rust: avoid classes with multiple getAPrimaryQLClass result" 
This reverts commit 110d2ea775.
 2024-10-25 10:59:31 +02:00
Simon Friis Vindum
334602a50a Rust: Handle calls that might read/write variables through closures 
This implementation is copied and adapted from the Ruby SSA
implementation.
 2024-10-25 10:50:32 +02:00
Simon Friis Vindum
75103f4b26 Merge branch 'main' into rust-saa-additions 2024-10-25 10:43:59 +02:00
Alvaro Muñoz
e6e1704021 Update tests 2024-10-25 10:26:51 +02:00
Alvaro Muñoz
922ae57aba Fix LabelIf ControlCheck so that it recognizes checks not at the beginning of the expression 2024-10-25 10:26:47 +02:00
Alvaro Muñoz
d8f79818d6 Improve extraction of Output/Env assignments 2024-10-25 10:25:47 +02:00
Alvaro Muñoz
6802cd2398 Improve checkout trigger events checks 2024-10-25 10:25:18 +02:00
Paolo Tranquilli
af3be84005 Rust: add codeql analysis workflow 2024-10-25 10:05:28 +02:00
Kylie Stradley
40ec9d623d update existing tests to accomdate for trips from octokit2 example added to support unversioned immutable action ql 2024-10-24 16:55:44 -04:00
Kylie Stradley
030c08e5ae update expected from example originating from main branch merge 2024-10-24 16:54:27 -04:00
Kylie Stradley
f716222801 remove octokit from trusted orgs for now - reduce PR scope 2024-10-24 16:27:53 -04:00
Kylie Stradley
f8be8e768f Merge branch 'master' into immutable-actions 2024-10-24 15:25:31 -04:00
Óscar San José
a467923e9b Remove macos-12 and its variants, deprecated 2024-10-24 18:57:58 +02:00
Paolo Tranquilli
55d092fd3e Merge pull request #17835 from github/redsun82/rust-qltest 
Rust: move `qltest` to rust code, add `options` with cargo check
 2024-10-24 18:29:17 +02:00
Paolo Tranquilli
41d0085918 Rust: address review 2024-10-24 17:54:18 +02:00
Paolo Tranquilli
c79f8180f3 Rust: move down options in query-tests 2024-10-24 17:14:48 +02:00
Arthur Baars
bd19661b60 Address comments 2024-10-24 16:40:19 +02:00
Chris Smowton
4e879e64fc Trim JSP test 
This was only ever testing that Java files relating to the JSPs in question appear in the database, so there's no need for a particularly wide selection.
 2024-10-24 14:19:16 +01:00
Arthur Baars
a7628e7f4e Rust: revert unnecessary changes to VariableImpl.qll 2024-10-24 15:19:01 +02:00
Arthur Baars
2d07270c1e Rust: stop sharing Diagnostics.qll with Ruby :-( 2024-10-24 15:14:13 +02:00
Arthur Baars
bad9262f12 Rust: create locations for Format and FormatArgument 2024-10-24 15:14:11 +02:00
Arthur Baars
017d492348 Rust: implement synthesized Locations 2024-10-24 15:14:10 +02:00
Arthur Baars
110d2ea775 Rust: avoid classes with multiple getAPrimaryQLClass result 2024-10-24 15:14:09 +02:00
Arthur Baars
ca469f6d5c Rust: introduce PathExprBase class 2024-10-24 15:14:07 +02:00
Arthur Baars
2b65e78674 Rust: fix bad join order 2024-10-24 15:13:27 +02:00
Arthur Baars
a3b903f13a Rust: simplify synth constructors 2024-10-24 15:13:25 +02:00
Arthur Baars
8843a7c389 Rust: rename {Implicit,FormatTemplate}VariableAccess 2024-10-24 15:13:24 +02:00
Arthur Baars
fc4ac9bcf8 Rust: implement Format and FormatArgument classes 2024-10-24 15:13:23 +02:00
Arthur Baars
58dfe6c667 Rust: run codegen 2024-10-24 15:13:22 +02:00