Robert Marsh
a334dc9b2b
C++: repair Adding365DaysPerYear.ql
2022-10-27 15:06:48 -04:00
Robert Marsh
b7e42e805b
Merge pull request #10994 from rdmarsh2/rdmarsh2/return-cstr-repair
...
C++: repair the ReturnCstr query
2022-10-27 14:25:22 -04:00
Geoffrey White
ca279f4073
Merge pull request #10996 from geoffw0/methods
...
Swift: Add MethodDecl.hasQualifiedName
2022-10-27 19:18:48 +01:00
Chris Smowton
45a4cd89a6
Kotlin: specialise extension receivers the same as other function parameters
...
This arises when a generic class extends one of its parameters; for example, `class G<T> { val T.v; get() = 1 }`, where specialisation `G<List>` should generate a method specialisation `getV(List)`.
2022-10-27 18:31:19 +01:00
Geoffrey White
3507ea3f2a
Swift: Autoformat.
2022-10-27 17:37:21 +01:00
Robert Marsh
24cb36a1e2
C++: constrain indirect out node to constructors
2022-10-27 11:48:17 -04:00
Henry Mercer
19b7e9ebc7
Merge pull request #10997 from github/henrymercer/go-extract-file-locations
...
Go: Extract locations of successfully extracted files
2022-10-27 16:12:15 +01:00
Chris Smowton
5ef99ca5bd
Merge pull request #11003 from smowton/smowton/fix/reintroduce-pointless-wildcards
...
Kotlin: reintroduce pointless wildcards when a Java declaration explicitly uses them
2022-10-27 16:06:21 +01:00
Ian Lynagh
6533e2ea5c
Merge pull request #10976 from igfoo/igfoo/version
...
Kotlin: Ignore tags when comparing versions
2022-10-27 15:50:39 +01:00
Ian Lynagh
b4242dd913
Merge pull request #11012 from igfoo/igfoo/mkdir
...
Kotlin: Fix integration tests on Mac
2022-10-27 15:39:10 +01:00
Mathias Vorreiter Pedersen
20bd30060f
C++: Fix 'StackPointerFlowsToUse' import.
2022-10-27 16:34:04 +02:00
Rasmus Wriedt Larsen
b840e8efb8
Java: Remove MISSING: XssSink annotations from text/plain responses in JaxWs
2022-10-27 15:55:14 +02:00
Erik Krogh Kristensen
bbdda9ef70
Merge pull request #10727 from erik-krogh/js-last-msg
...
JS: fix some more style-guide violations in the alert-messages
2022-10-27 15:48:12 +02:00
Geoffrey White
d0f45180ab
Swift: cache some predicated.
2022-10-27 14:17:51 +01:00
Rasmus Wriedt Larsen
cee9139a0d
Java: Correctly annotate missing XSS sinks in JaxWs modeling
2022-10-27 15:17:17 +02:00
Ian Lynagh
f237360d81
Merge pull request #11011 from igfoo/igfoo/modules
...
Kotlin: Handle /modules/... paths specially too
2022-10-27 13:48:32 +01:00
Ian Lynagh
6c232f95bc
Kotlin: Fix integration tests on Mac
2022-10-27 13:48:04 +01:00
Mathias Vorreiter Pedersen
b4c8a52117
C++: Accept more test changes.
2022-10-27 14:44:43 +02:00
Paolo Tranquilli
507e3b35ad
Merge pull request #10987 from github/redsun82/swift-filesystem
...
Swift: use `std::filesystem` and `picoSHA2`
2022-10-27 14:14:37 +02:00
Taus
503cc560cf
Merge pull request #10943 from bananabr/main
...
Javascript/Python: Tokens built from predictable UUIDs
2022-10-27 14:12:34 +02:00
Rasmus Wriedt Larsen
adf109b624
Merge branch 'main' into inline-fail-tag
2022-10-27 13:42:32 +02:00
Ian Lynagh
bafa80667c
Kotlin: Handle /modules/... paths specially too
...
On Windows, we don't want a C: prefix on these either.
2022-10-27 12:24:28 +01:00
Ian Lynagh
6d77b34323
Merge pull request #11000 from igfoo/igfoo/unknown-binary-location
...
Kotlin: Handle /!unknown-binary-location/... paths specially on Windows
2022-10-27 12:09:32 +01:00
Jeroen Ketema
1d7efd8e82
Merge pull request #10905 from jsoref/spelling-code-scanning-product
...
Spelling code scanning product
2022-10-27 12:55:37 +02:00
Mathias Vorreiter Pedersen
2fc7e6159e
C++: Accept test changes.
2022-10-27 12:12:34 +02:00
Mathias Vorreiter Pedersen
e2a0d62adf
C++: Fix 'asIndirectExpr' when the underlying instruction is a 'VariableAddressInstruction'.
2022-10-27 12:12:34 +02:00
Nick Rolfe
b1da636be0
Ruby: first draft of data flow docs
2022-10-27 11:42:39 +02:00
Arthur Baars
6f646be733
Ruby: document API graphs
2022-10-27 10:59:35 +02:00
Erik Krogh Kristensen
cecb498bf3
Merge pull request #10984 from tyage/add-next-js-source
...
JS: Add Next.js parameters as source
2022-10-27 10:36:12 +02:00
Erik Krogh Kristensen
71f29f037a
Merge pull request #10988 from erik-krogh/passwrd
...
JS: remove some FPs in `js/password-in-configuration-file`
2022-10-27 10:34:56 +02:00
Tamás Vajk
a428ab5f73
Merge pull request #11006 from tamasvajk/kotlin-fix-test-1
...
Kotlin: fix test to expect diagnostic
2022-10-27 10:34:24 +02:00
Paolo Tranquilli
09f549ab38
Merge pull request #11007 from github/redsun82/cmake-generator
...
Swift: fix cmake generator on Linux
2022-10-27 09:52:55 +02:00
Rasmus Wriedt Larsen
4079223151
Misc: Add automatic DataFlow Library label
...
Would just be nice for filtering PRs
2022-10-27 09:40:15 +02:00
Paolo Tranquilli
09a51ecdd5
Swift: fix cmake generator on Linux
2022-10-27 09:32:05 +02:00
Paolo Tranquilli
3fca25310f
Swift: fix copy option
2022-10-27 09:29:05 +02:00
Paolo Tranquilli
22db4932ee
Swift: add overwrite_existing to source archiving
2022-10-27 09:26:57 +02:00
Tamas Vajk
1727fcb845
Kotlin: fix test to expect diagnostic
2022-10-27 09:14:23 +02:00
Rasmus Wriedt Larsen
6d43db43dd
Ruby: Fix tag missing from getARelevantTag
2022-10-27 09:12:06 +02:00
Rasmus Wriedt Larsen
977792070a
Java: Fix tag missing from getARelevantTag
2022-10-27 09:11:24 +02:00
Rasmus Wriedt Larsen
fc7eb5b4fc
InlineExpectationsTest: sync
2022-10-27 09:02:28 +02:00
Rasmus Wriedt Larsen
dbd84b2d37
InlineExpectationsTest: Add quote around missing tag
...
To aid with quickly scanning where the missing tag is. I just had to do
this myself looking over some test failures, and it all just blurred
into each other in the logs.
see https://github.com/github/codeql/actions/runs/3332266045/jobs/5512944867#step:5:467
2022-10-27 09:02:28 +02:00
Tamás Vajk
f1fcb64e94
Merge pull request #10992 from tamasvajk/kotlin-unused-extension
...
Kotlin: do not report on unused `object` extension parameters
2022-10-27 08:50:33 +02:00
tyage
c22f9443f2
Refactoring Next.js parameter
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-10-27 10:28:51 +09:00
tyage
e8b751ae17
Update javascript/ql/src/change-notes/2022-10-26-nextjs-params.md
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-10-27 10:24:08 +09:00
tyage
ac27307a2b
Update javascript/ql/lib/semmle/javascript/frameworks/Next.qll
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-10-27 10:23:59 +09:00
tyage
54050bf1b6
update test result XssWithAdditionalSources
2022-10-27 10:23:37 +09:00
Harry Maclean
bdb143cf83
Merge pull request #10913 from thiggy1342/expand-ruby-ssrf-sinks-faraday-connection-new
...
Ruby: Add Faraday::Connection.new as sink for SSRF query
2022-10-27 10:33:44 +13:00
Dave Bartolomeo
23b572e9b7
Use ${workspace} for intra-workspace dependencies
...
Now that the released CLI supports replacement variables in dependency version ranges, we can now mark our published library packs as depending on whatever version of their dependency is in our workspace, without having to manually bump the dependency version every release.
Note that when the packs are published, the dependencies in the published pack file are rewritten to have the correct specific version.
2022-10-26 16:40:01 -04:00
Jami Cogswell
1bfdfc954b
shorten class/predicate names
2022-10-26 16:30:14 -04:00
erik-krogh
2ace10b294
bump the version of the shared pack in the QL-for-QL qlpack.yml file
2022-10-26 22:16:42 +02:00