Commit Graph

87274 Commits

Author SHA1 Message Date
Paolo Tranquilli
408968a417 Swift: fix swift compilation in QL tests 2022-10-21 15:20:38 +02:00
Asger F
84ae17dcbb Ruby: ensure Object is a transitive superclass 2022-10-21 15:18:59 +02:00
Philip Ginsbach
0dc7123ded documentation for type signature members 2022-10-21 13:42:12 +01:00
Chris Smowton
5e28e5a170 Merge pull request #10909 from smowton/smowton/fix/kotlin-varargs-dataflow
Kotlin: Fix varargs dataflow, and varargs default handling
2022-10-21 13:32:34 +01:00
Paolo Tranquilli
bd62f2be0e Merge branch 'main' into redsun82/swift-fix-qltest-failure-reporting 2022-10-21 14:07:19 +02:00
Paolo Tranquilli
04f6debb88 Swift: fix bazel packaging 2022-10-21 13:42:24 +02:00
Asger F
23697dba26 Docs: Mention new navigation commands
Document the changes in this PR:
  https://github.com/github/vscode-codeql/pull/1568
2022-10-21 13:33:08 +02:00
Chris Smowton
b80bf4a73e Account for route to IrSimpleType.kotlinType changing as of v1.7.0 2022-10-21 11:55:15 +01:00
Paolo Tranquilli
dbdf6ea489 Swift: fix qltest failure reporting
`qltest.sh` was not exiting with a failure when the extractor was
failing.
2022-10-21 12:54:09 +02:00
Paolo Tranquilli
cf7a5f877b Swift: add qltest.sh tests 2022-10-21 12:54:09 +02:00
Jonas Jensen
7a8c9e7644 Merge pull request #10919 from kaspersv/kaspersv/document-equiv-rel-module
QL language spec: Document built-in equivalence relation module
2022-10-21 12:47:29 +02:00
Ian Lynagh
2e6d6e1538 Merge pull request #10894 from igfoo/igfoo/psi
Kotlin: Refactor PSI handling
2022-10-21 11:43:49 +01:00
Chris Smowton
1fe9e8457f Kotlin: Fix varargs dataflow, and varargs default handling
Dataflow requires accounting for the fact that the varargs parameter isn't necessarily last in the parameter list in a couple more places. Default handling just requires that if the only null parameter is the varargs argument, and it has no default value, then no $default method is required-- the caller is expected to simply pass nothing (at QL
/ source level) or an empty array (at JVM level).
2022-10-21 11:14:41 +01:00
Kasper Svendsen
b29ed3b85a Address reviewer comments from @jbj 2022-10-21 12:08:51 +02:00
Arthur Baars
a56ed88db2 Merge pull request #10920 from github/post-release-prep/codeql-cli-2.11.2
Post-release preparation for codeql-cli-2.11.2
2022-10-21 11:58:12 +02:00
Chris Smowton
7889d9cffa Kotlin: ignore enhanced nullability when extracting primitive types
Otherwise we'll mistake `@NotNull Integer` for `int` and similar, causing a mismatch vs. Java signatures.
2022-10-21 10:55:26 +01:00
Tom Hvitved
4422327c00 Ruby: Call-context sensitivity for singleton method calls 2022-10-21 11:48:25 +02:00
Asger F
3fd2b9ad7b Ruby: add a comment
This would have saved me some time
2022-10-21 11:44:12 +02:00
Asger F
ee7970afcb Ruby: treat String as a builtin 2022-10-21 11:44:11 +02:00
Asger F
db58e3357b Ruby: allow speculative container qname resolution 2022-10-21 11:44:11 +02:00
Kasper Svendsen
925fd2eb45 Accept reviewer reformulation
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
2022-10-21 11:34:48 +02:00
Kasper Svendsen
6fe0de8a9e Accept auto-format suggestion
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
2022-10-21 11:32:37 +02:00
Kasper Svendsen
7faea53c18 QL language spec: Document built-in equivalence relation module 2022-10-21 11:03:01 +02:00
Rasmus Wriedt Larsen
8e8fb3d34f Merge pull request #10911 from RasmusWL/location-debug
Python: add `debug based on location` snippet
2022-10-21 10:59:51 +02:00
Tony Torralba
7a43bdbf05 Apply suggestions from code review
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
2022-10-21 10:20:01 +02:00
Tamás Vajk
352c20b0c8 Merge pull request #10885 from tamasvajk/kotlin-const-loop-cond-fp
Kotlin: Add test case for false positive with modified captured variable
2022-10-21 10:08:02 +02:00
github-actions[bot]
be7693283b Post-release preparation for codeql-cli-2.11.2 2022-10-21 08:07:17 +00:00
Tom Hvitved
6feff7e3ed Ruby: Add more data-flow call sensitivity tests 2022-10-21 09:36:34 +02:00
Tom Hvitved
cf35299d08 Merge pull request #10910 from hvitved/ruby/call-graph-refactor
Ruby: Refactor call graph logic for singleton methods
2022-10-21 09:36:13 +02:00
Asger F
d26b0892cf Ruby: also add an AST test 2022-10-21 09:23:21 +02:00
Asger F
038bdecad7 Ruby: add test with compound assignment to a constant 2022-10-21 09:20:03 +02:00
Tamas Vajk
9d1af76c02 Add more test cases 2022-10-21 08:51:11 +02:00
Tamas Vajk
7559d3095f Revert "Kotlin: Exclude captured variables from constant loop condition check"
This reverts commit 3e476f96bd.
2022-10-21 08:38:30 +02:00
Tom Hvitved
db699ae314 Ruby: Refactor call graph logic for singleton methods 2022-10-21 07:27:41 +02:00
Jami Cogswell
345e4e0e8f remove unnecessary 'exists' 2022-10-20 23:52:31 -04:00
thiggy1342
4e5c1f210d Update ruby/ql/lib/change-notes/2022-10-20-expand-faraday-model-for-ssrf-sink
Co-authored-by: Rahul Zhade <rzhade3@users.noreply.github.com>
2022-10-20 17:33:17 -04:00
thiggy1342
ffd596b295 Merge branch 'main' into expand-ruby-ssrf-sinks-faraday-connection-new 2022-10-20 17:12:08 -04:00
Chris Smowton
ac013f9d19 Merge pull request #10889 from smowton/smowton/fix/enum-entry-class-warning
Kotlin: Don't warn on extracting an enum-entry class
2022-10-20 22:08:29 +01:00
thiggy1342
244a3329e0 Merge branch 'main' into expand-ruby-ssrf-sinks-faraday-connection-new 2022-10-20 16:37:57 -04:00
thiggy1342
4c3e3e442a Add Faraday::Connection.new as sink for SSRF query 2022-10-20 20:32:08 +00:00
Jeroen Ketema
4b5674af32 C++: Update test result after extractor changes 2022-10-20 22:18:32 +02:00
Rasmus Wriedt Larsen
ad915e2698 Python: add debug based on location snippet 2022-10-20 21:20:24 +02:00
Geoffrey White
138643519c Merge pull request #10757 from geoffw0/sqlinject
Swift: Query for SQL injection
2022-10-20 18:55:38 +01:00
Geoffrey White
661106c1a0 Apply suggestions from code review
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
2022-10-20 17:54:40 +01:00
Chuan-kai Lin
2e9c8c759c Merge pull request #10907 from cklin/document-assume-small-delta
QL language spec: pragma[assume_small_delta]
2022-10-20 09:00:45 -07:00
Chris Smowton
f2749a8878 Don't warn on extracting an enum-entry class 2022-10-20 16:09:45 +01:00
Chuan-kai Lin
9df725901b QL language spec: pragma[assume_small_delta] 2022-10-20 07:30:02 -07:00
Asger F
8c2c28dd56 Ruby: add test showing missing superclass edge 2022-10-20 15:56:58 +02:00
Arthur Baars
a520de3986 Merge pull request #10902 from github/release-prep/2.11.2
Release preparation for version 2.11.2
codeql-cli/v2.11.2
2022-10-20 15:55:44 +02:00
Arthur Baars
c59c6f6eb6 Update go/ql/src/CHANGELOG.md
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
2022-10-20 15:22:54 +02:00