hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,824 Commits 1,671 Branches 157 Tags
ginsbach/EnableJavaOverlayCompilation
Commit Graph

80824 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Rolfe
867826466e Ruby/QL: unconditionally generate discard predicates 2025-06-25 15:35:58 +01:00
Nick Rolfe
57b866bbe1 Ruby/Rust/QL: move databaseMetadata to prefix.dbscheme 
This has no effect on ruby.dbscheme, and adds the relation to
ql.dbscheme and rust.dbscheme. (The relation will be required for
overlay support).
 2025-06-25 15:35:08 +01:00
Nick Rolfe
9021168725 QL: fix stats-collection workflow 2025-06-25 15:35:06 +01:00
Nora Dimitrijević
942cfc3bd6 Merge pull request #19842 from d10c/d10c/convert-java-tests-to-qlref 
Java: convert remaining `java-code-scanning.qls` query tests to `.qlref`
 2025-06-25 16:02:28 +02:00
Nicolas Will
710e08088f Crypto: Refactor casing and documentation 2025-06-25 15:29:03 +02:00
Geoffrey White
006f0e8fcf Merge branch 'main' into lifetime 2025-06-25 14:17:00 +01:00
Michael Nebel
bb85e24121 C#: Convert SQL injection test to use inline expectations. 2025-06-25 14:53:09 +02:00
Michael Nebel
af2ebed395 C#: Add stubs for Microsoft.Data.SqlClient. 2025-06-25 14:53:07 +02:00
Paolo Tranquilli
6a0140d3c9 Rust: fix Const test 2025-06-25 14:42:03 +02:00
Paolo Tranquilli
e4056c0a11 Rust: add change note 2025-06-25 14:39:22 +02:00
Paolo Tranquilli
78ecf1814e Rust: add upgrade/downgrade scripts 2025-06-25 14:36:29 +02:00
Paolo Tranquilli
5d3bdb955c Merge branch 'main' into redsun82/rust-item-reorg 2025-06-25 14:34:48 +02:00
Paolo Tranquilli
ab2e7082f3 Merge branch 'main' into redsun82/codegen-use-one-test-file 2025-06-25 14:31:17 +02:00
Paolo Tranquilli
b8b57365c3 Merge pull request #19876 from github/redsun82/rust-qltest-setup-nightly-toolchain 
Rust: fix parallel execution of tests using the nightly toolchain
 2025-06-25 14:30:22 +02:00
Paolo Tranquilli
fa006e3ea5 Rust: fix test 2025-06-25 14:17:14 +02:00
Paolo Tranquilli
1f66f902e5 Rust: fix parallel execution of tests using the nightly toolchain 
Since we dropped checked in toolchain files for tests requiring nightly,
the `setup.sh` script was not doing its job of setting up the toolchains
and the `rust-src` component, occasionally leading to test failures.
 2025-06-25 14:13:43 +02:00
Nick Rolfe
1e68a7e2de Merge pull request #19719 from github/nickrolfe/ruby-discard-predicates 
Ruby: generate overlay discard predicates
 2025-06-25 07:18:29 -04:00
Michael Nebel
92a1b8971c C#: Add Microsoft.Data.SqlClient to the list of stubs. 2025-06-25 12:52:58 +02:00
Nick Rolfe
a9ddf0026b Ruby: generate overlay discard predicates 2025-06-25 11:47:27 +01:00
Nick Rolfe
1bbba2f664 Merge pull request #19684 from github/nickrolfe/ruby-overlay-extraction 
Ruby: add support for extracting overlay databases
 2025-06-25 06:39:30 -04:00
Paolo Tranquilli
355fd85c23 Codegen: remove unneeded has|getNumberOf in instance tests 2025-06-25 12:02:13 +02:00
Paolo Tranquilli
99eaaaa830 Rust: fix QL compilation error 2025-06-25 11:50:49 +02:00
Nick Rolfe
c6ff07ad5a Merge branch 'main' into nickrolfe/ruby-overlay-extraction 2025-06-25 05:46:26 -04:00
Paolo Tranquilli
6bbf1e3bc1 Codegen: use one generated test file per directory 
This collapses all generated test QL sources into a single one per
directory, using query predicates to run the different tests.

This should improve the time required to run generated tests.
 2025-06-25 11:44:54 +02:00
Napalys Klicius
3d9e2f5438 Merge pull request #19858 from Napalys/js/execa 
JS: moved `execa` out of experimental
 2025-06-25 10:34:52 +02:00
Paolo Tranquilli
bcca47c873 Rust: make AssocItem and ExternItem subclasses of Item 2025-06-25 10:25:24 +02:00
Kasper Svendsen
46ac2fd9f0 Add CI workflow to check overlay annotations 2025-06-25 10:19:25 +02:00
Paolo Tranquilli
792ea10577 Merge branch 'redsun82/codegen-new-parent-child' into redsun82/rust-emission-trait 2025-06-25 10:19:10 +02:00
Kasper Svendsen
7186ea5975 Merge pull request #19871 from github/kaspersv/overlay-script-re 
Use regex to match overlay annotations
 2025-06-25 09:39:50 +02:00
Kasper Svendsen
869ba0d246 Use regex to match overlay annotations 2025-06-25 09:30:49 +02:00
Napalys Klicius
73126fef9e JS: update change note. 2025-06-25 09:26:26 +02:00
Jeroen Ketema
2f1cd388d1 C++: Update stats file after DCA and extractor changes 2025-06-25 09:21:56 +02:00
Asger F
d39b68cd41 Merge pull request #19849 from asgerf/js/remove-legacy-actions-queries 
JS: Remove legacy actions queries
 2025-06-25 09:18:33 +02:00
Asger F
853fc1a7cf Merge pull request #19852 from asgerf/js/react-use-server 
JS: Model React 'use' and 'use server'
 2025-06-25 09:13:56 +02:00
Jeroen Ketema
ddae47118b Merge pull request #16075 from jketema/explicit 
C++: Handle explicitly instantiated templates
 2025-06-25 08:53:50 +02:00
Jeroen Ketema
fff23040b3 C++: Update test results 2025-06-25 08:14:22 +02:00
REDMOND\brodes
bd0efbe48c Crypto: Overhaul of EVP final/init/update to now use a more general 'OperationStep' mechanic. 2025-06-24 16:03:25 -04:00
Chuan-kai Lin
9a064de86e Merge pull request #19865 from github/cklin/pick-kotlin-version 
pick-kotlin-version.py: tolerate warnings
 2025-06-24 10:21:13 -07:00
Eric Bickle
b8f8501cf5 Merge pull request #1 from geoffw0/sql 
C++: Fix for the SQL query.
 2025-06-24 10:13:52 -07:00
Aditya Sharad
1c567b9b71 Merge pull request #19867 from adityasharad/qldoc/opcode-script-regex 
QLDoc scripts: Fix overly permissive regex ranges
 2025-06-24 10:11:08 -07:00
Aditya Sharad
a79e3cf604 QLDoc scripts: Fix overly permissive regex ranges 
The range `A-aa-z` was too permissive and
includes special characters between `Z` and `a`.
Low impact, but fix to address an internally
reported code scanning alert.
 2025-06-24 10:00:29 -07:00
Nora Dimitrijević
690446149a Java: add CleartextStorageCookie test 
Given that it's a non-path-problem dataflow query, the InlineExpectationsTest is not as useful.
 2025-06-24 18:12:19 +02:00
Paolo Tranquilli
1dcd60527c Codegen: improve implementation of generated parent/child relationship 
This improves the implementation of the generated parent/child
relationship by adding a new `all_children` field to `ql.Class` which
lists all children (both direct and inherited) of a class, carefully
avoiding duplicating children in case of diamond inheritance. This:
* simplifies the generated code,
* avoid children ambiguities in case of diamond inheritance.

This only comes with some changes in the order of children in the
generated tests (we were previously sorting bases alphabetically there).
For the rest this should be a non-functional change.
 2025-06-24 17:26:24 +02:00
Jeroen Ketema
9a83005730 Merge pull request #19862 from jketema/complex 
C++: Support more complex 16-bit float types
 2025-06-24 17:26:07 +02:00
Chuan-kai Lin
565627847f pick-kotlin-version.py: tolerate warnings 
This commit changes pick-kotlin-version.py to use re.search() instead of
re.match(), so that it can better cope with warning messages.
 2025-06-24 08:13:43 -07:00
Jeroen Ketema
8f249c77bc C++: Support more complex 16-bit float types 2025-06-24 16:56:34 +02:00
Nora Dimitrijević
a49999dd5d PolynomialReDoS: disable diff-informed support 
This is because it was failing the diff-informed consistency check, and like other ReDoS queries (Python?) the query tries to be helpful by showing a substring of a regex, which has a `hasLocation(...)` (intensional) but no corresponding `getLocation()` (extensional). Until the location overrides get updated to support `hasLocation`-based locations, it's probably best to turn off diff-informed support.
 2025-06-24 16:42:41 +02:00
Nora Dimitrijević
b2cb585bf2 UnsafeDeserialization: add missing getASelectedSinkLocation override 
This fixes the failing diff-informed consistency check.
 2025-06-24 16:42:39 +02:00
Nora Dimitrijević
e213e3fc37 Java: convert ImplicitPendingIntents test to .qlref 2025-06-24 16:42:37 +02:00
Nora Dimitrijević
e0311e26c6 Java: convert ImproperIntentVerification test to .qlref 
It's a non-path query, so the InlineExpectationsTest postprocessor doesn't do anything.
 2025-06-24 16:42:35 +02:00