hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-13 08:51:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,785 Branches 169 Tags
codeql-cli-2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamás Vajk
3b44b131b9 Merge pull request #16311 from tamasvajk/fix/resx 
C#: Do not download `Microsoft.CodeAnalysis.ResxSourceGenerator` when…
 2024-04-24 13:49:55 +02:00
Tamas Vajk
4a97f95890 Improve code quality 2024-04-24 13:47:25 +02:00
Paolo Tranquilli
a23327c399 Merge branch 'main' into HEAD 2024-04-24 13:39:44 +02:00
Paolo Tranquilli
4aa0a8ebae Kotlin: make wrapper more robust for windows 2024-04-24 13:39:32 +02:00
Tamás Vajk
84ea3a9a2c Merge pull request #16310 from tamasvajk/buildless/nuget_versions 
C#: Add integration test with multiple versions of the same nuget pac…
 2024-04-24 13:33:27 +02:00
Nick Rolfe
8f2e51faa6 Ruby: do fewer regexp matches in SensitiveActions 2024-04-24 12:32:49 +01:00
Owen Mansel-Chan
f828f8ea65 Merge pull request #16250 from owen-mc/go/rename-untrusted-flow-source 
Go: Rename `UntrustedFlowSource` to `RemoteFlowSource` to match other language libraries
 2024-04-24 11:37:00 +01:00
Tom Hvitved
95d579d9de Data flow: Fix bad join 
```
Evaluated relational algebra for predicate _DataFlowImpl::Impl<HardcodedDataInterpretedAsCodeQuery::HardcodedDataInterpretedAsCodeFlow::C>::ret__#count_range@d112335l with tuple counts:
            285176  ~2%    {3} r1 = SCAN `_DataFlowDispatch::DataFlowCall.getEnclosingCallable/0#dispred#b7b78b19_DataFlowImpl::Impl<Hardcoded__#shared` OUTPUT In.1, In.0, In.2
        3265592261  ~3%    {5}    | JOIN WITH `DataFlowImpl::Impl<HardcodedDataInterpretedAsCodeQuery::HardcodedDataInterpretedAsCodeFlow::C>::returnCallEdge1/4#d02cae42_2301#join_rhs` ON FIRST 2 OUTPUT Lhs.0, Lhs.2, Rhs.2, Lhs.1, Rhs.3
             39070  ~8%    {6}    | JOIN WITH `DataFlowImplCommon::Cached::viableImplInCallContextExt/2#58e931ad` ON FIRST 3 OUTPUT Lhs.0, Lhs.3, Lhs.1, Lhs.2, Lhs.4, _
             39070  ~0%    {6}    | REWRITE WITH Out.5 := 1
                           return r1
```
 2024-04-24 12:22:28 +02:00
Tamas Vajk
f3daba510b C#: Fix global.json and packages.config lookup 2024-04-24 11:57:45 +02:00
Tamas Vajk
88e67715a1 C#: Do not download Microsoft.CodeAnalysis.ResxSourceGenerator when there are no resx files to process 2024-04-24 11:53:29 +02:00
Tamas Vajk
53eb753346 C#: Add integration test with multiple versions of the same nuget package 2024-04-24 11:50:43 +02:00
Mathias Vorreiter Pedersen
037114b336 Merge pull request #16309 from geoffw0/newtests 
C++: Add test cases
 2024-04-24 10:06:51 +01:00
Nick Rolfe
af72c0848e Merge pull request #16306 from github/nickrolfe/js-sensitive 
JS: do fewer regexp matches in SensitiveActions
 2024-04-24 09:49:44 +01:00
Tamás Vajk
de58ee5a22 Merge pull request #16225 from tamasvajk/buildless/resx 
C#: Add resource generator
 2024-04-24 10:10:45 +02:00
Tom Hvitved
a1a93c7331 Merge pull request #16304 from hvitved/csharp/fix-bad-join 
C#: Fix a bad join
 2024-04-24 08:11:25 +02:00
Asger F
db07c162e4 JS: Allow generated models to use (package) 2024-04-23 20:25:55 +02:00
Asger F
9d00f660f1 Update ModelGeneration.expected 2024-04-23 20:08:21 +02:00
Owen Mansel-Chan
0311888fd4 Update change note 
Co-authored-by: Michael B. Gale <mbg@github.com>
 2024-04-23 19:07:02 +01:00
Asger F
e4f23b31c6 JS: Add quotes around package name to correct parsing 2024-04-23 20:04:23 +02:00
Geoffrey White
57a53891e9 C++: Effect of recent QL changes. 2024-04-23 18:12:05 +01:00
Geoffrey White
b6703bc25c C++: Add test cases inspired by QA results differences. 2024-04-23 18:06:12 +01:00
Nick Rolfe
003d208574 JS: do fewer regexp matches in SensitiveActions 2024-04-23 15:31:38 +01:00
Tom Hvitved
d8d7688f88 C#: Fix another bad join 2024-04-23 15:39:59 +02:00
Paolo Tranquilli
c014cd84f4 Bazel: fix kotlin wrapper version dependency 2024-04-23 15:15:38 +02:00
Paolo Tranquilli
5b143cee96 Kotlin: make wrapper install quietly unless --select is explicit 
This allows `kotlinc -version` to always produce something parseable.
 2024-04-23 15:15:38 +02:00
Alvaro Muñoz
944bd84a58 Add missing spaces 2024-04-23 15:15:16 +02:00
Alvaro Muñoz
16cf60af00 Add double quotes to env var 2024-04-23 15:05:40 +02:00
Paolo Tranquilli
072e2edd34 Merge branch 'main' into redsun82/kotlin 2024-04-23 14:29:33 +02:00
Alvaro Muñoz
6237a8e24c Update action.yml 2024-04-23 13:27:44 +02:00
Alvaro Muñoz
5cd8d70a9c Bump qlpack versions 2024-04-23 13:09:06 +02:00
Alvaro Muñoz
858df49012 Generate yaml file 2024-04-23 13:08:27 +02:00
Anders Schack-Mulligen
830b83f653 Dataflow: Use doublyBoundedFastTC. 2024-04-23 13:07:20 +02:00
Alvaro Muñoz
a2ed07ec35 Update scan action 2024-04-23 12:43:23 +02:00
Mathias Vorreiter Pedersen
3592e76269 Merge pull request #16302 from MathiasVP/fieldflowbranchlimit-follow-up-1 
C++: `fieldFlowBranchLimit` follow-up (1)
 2024-04-23 11:35:49 +01:00
Tom Hvitved
6aa4c5c187 C#: Fix a bad join 2024-04-23 11:47:55 +02:00
Michael B. Gale
fb8ee07b43 Merge pull request #16262 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/two-go-mods-not-nested/src/subdir1/golang.org/x/net-0.23.0 2024-04-23 10:44:54 +01:00
Michael B. Gale
4ccff1a630 Merge pull request #16263 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/ninja-sample/src/golang.org/x/net-0.23.0 2024-04-23 10:44:17 +01:00
Michael B. Gale
4b7160d4b2 Merge pull request #16267 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/go-mod-without-version/src/golang.org/x/net-0.23.0 2024-04-23 10:43:43 +01:00
Michael B. Gale
5cce5008a3 Merge pull request #16264 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/single-go-work-not-in-root/src/modules/subdir2/golang.org/x/net-0.23.0 2024-04-23 10:42:53 +01:00
Michael B. Gale
5b6ce56ca2 Merge pull request #16268 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/single-go-mod-not-in-root/src/subdir/golang.org/x/net-0.23.0 2024-04-23 10:42:24 +01:00
Michael B. Gale
2b81b6c323 Merge pull request #16265 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/golang.org/x/net-0.23.0 2024-04-23 10:41:50 +01:00
Alvaro Muñoz
f73571a752 fix: fix shell comments 2024-04-23 11:20:52 +02:00
Mathias Vorreiter Pedersen
a39d8b7c7c C++: Ensure that each node type gets mapped to an instruction by 'getAnInstruction'. 2024-04-23 09:44:30 +01:00
Mathias Vorreiter Pedersen
553c09ada3 Merge pull request #16301 from MathiasVP/proper-coroutine-cfg-support-2 
C++: Implement proper coroutine support in IR
 2024-04-23 09:19:15 +01:00
Anders Schack-Mulligen
b2f09949df Merge pull request #15599 from aschackmull/dataflow/fieldflowbranchlimit-v2 
Dataflow: update fieldFlowBranchLimit semantics
 2024-04-23 10:08:05 +02:00
Rasmus Wriedt Larsen
1bc085c8f7 Python: Fixup for callGraphConfig 2024-04-23 09:42:35 +02:00
Rasmus Wriedt Larsen
bb00d6919a Python: Move dataflow TestUtil to importable location 2024-04-23 09:40:59 +02:00
Rasmus Wriedt Larsen
e0e405bb31 Python: replace dataflow-test location in files 2024-04-23 09:40:59 +02:00
Rasmus Wriedt Larsen
ce711f7d2f Python: Move dataflow tests out of experimental 2024-04-23 09:40:44 +02:00
Rasmus Wriedt Larsen
19974f04c9 Merge pull request #16245 from github/tausbn/python-rename-StrConst-to-StringLiteral 
Python: Rename `StrConst` to `StringLiteral`
 2024-04-23 09:35:24 +02:00