hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

78334 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
159d31d494 Reenable problematic test 2025-04-11 08:24:08 +02:00
yoff
8555e8c8c8 ruby: add change notes 2025-04-11 03:07:19 +02:00
yoff
53c88da91b ruby: refine query for uninitialised local variables 
- there are places where uninitialised reads are intentional
- there are also some places where they are impossible
 2025-04-11 03:07:19 +02:00
yoff
1ca25b2ccb ruby: add test of rb/uninitialized-local-variable 2025-04-11 03:00:05 +02:00
Aditya Sharad
283503b06d Actions: Fix handling of paths-ignore in autobuild scripts 
Always concatenate the default filters with the user-provided filters.
This ensures that when `paths-ignore` is provided,
we begin with the default path inclusions,
not all YAML files.
This makes the `paths-ignore-only` integration test variant
under `filters` pass.

The handling of `paths` is unchanged:
if provided, this overrides the default filters.
 2025-04-10 11:18:45 -07:00
Aditya Sharad
30ce0c5cbf Actions: Add integration tests for configured path filters 
Use the common structure from the existing test
for default filters.

Check both query output finding workflows and actions,
and source archive output showing all extracted YAML files.

The test for only `paths-ignore` fails in this commit,
demonstrating a bug: we start with all YAML files
rather than starting with the default includes.

The tests for `paths` reflect current behaviour
which is consistent with other languages:
`paths` overrides the default inclusions,
and only files under `paths` are included.

This may not be the best user experience for Actions,
since we want to scan all workflow and action files
even in the presence of `paths`, but that is not
currently addressed.
 2025-04-10 11:17:51 -07:00
Tom Hvitved
7ed8a85e08 Merge pull request #19246 from hvitved/rust/cache-tweaks 2025-04-10 19:02:25 +02:00
Felicity Chapman
c2baf9a052 Merge pull request #19270 from github/felicitymay-patch-1 
CodeQL docs: Fix ordering in side navigation bar for Query help
 2025-04-10 15:10:14 +01:00
Owen Mansel-Chan
4f5bdbb517 Add new query to java-code-quality.qls.expected 2025-04-10 14:37:11 +01:00
Mathias Vorreiter Pedersen
3bb249f580 C++: Ensure we always have 'Position's even if there are no calls in the DB. 2025-04-10 14:28:40 +01:00
Mathias Vorreiter Pedersen
b678112f4d C++: Add a few predicates to 'ReturnKind'. 2025-04-10 14:28:38 +01:00
Mathias Vorreiter Pedersen
960e9900af C++: Move the 'getArgumentIndex' into the abstract 'Position' class. It is implemented in all subclasses anyway. 2025-04-10 14:28:36 +01:00
Mathias Vorreiter Pedersen
94e08e318d C++: Expose a few predicates from 'ExternalFlow'. 2025-04-10 14:18:47 +01:00
Napalys Klicius
43bf0beae9 Merge pull request #19263 from Napalys/js/make-dir-lib 
JS: Add support for `make-dir` package
 2025-04-10 15:09:43 +02:00
Napalys
86b64afa13 Added NextResponse to the ResponseCall class it models similar near idential behaviour. 2025-04-10 15:06:44 +02:00
Mathias Vorreiter Pedersen
ea3bb8cf0c Shared: Provide a hook to MaD generation to modify the 'ReturnValue' string. 2025-04-10 14:02:31 +01:00
Mathias Vorreiter Pedersen
6c348b5855 Rust: Fixup MaD input. 2025-04-10 14:01:20 +01:00
Mathias Vorreiter Pedersen
b6c658767e Java: Fixup MaD input. 2025-04-10 14:01:11 +01:00
Mathias Vorreiter Pedersen
04bf908a4b C#: Fixup MaD input. 2025-04-10 14:01:00 +01:00
Mathias Vorreiter Pedersen
c484945f39 Shared: Move 'getEnclosingCallable' and 'getAsExprEnclosingCallable' out of the class signature. 2025-04-10 14:00:11 +01:00
Mathias Vorreiter Pedersen
732fcbf1c9 Shared: Move 'asParameter' out of the class signature. 2025-04-10 13:58:59 +01:00
Napalys
8acb0243ad Added test cases for NextResponse and Response 2025-04-10 14:57:40 +02:00
Mathias Vorreiter Pedersen
a1dc87496a Shared: Replace a 'count' with a 'strictcount' to prevent a CP when testing on C++. 2025-04-10 13:56:38 +01:00
Napalys
63a3953b0c Enhance Next.js API endpoint handling for compatibility with both Pages and App Router structures. 2025-04-10 14:48:17 +02:00
Napalys
81cba7fa2f Added test cases with missing alerts for Request and NextRequest. 2025-04-10 14:43:48 +02:00
Asger F
eac14b9837 Merge pull request #19200 from asgerf/js/web-response 
JS: Add sinks for calls to 'new Response()'
 2025-04-10 14:41:32 +02:00
Napalys
171a84609e Applied copilot suggestion. 2025-04-10 14:13:48 +02:00
Felicity Chapman
78a26cfdb2 Update index.rst 2025-04-10 13:09:51 +01:00
Joe Farebrother
7f7fca9e27 Merge pull request #19165 from joefarebrother/python-qual-loop-var-capture 
Python: Modernize the Loop Variable Capture query
 2025-04-10 13:07:05 +01:00
Owen Mansel-Chan
acfcc6d490 Sort ids in java-code-quality.qls 2025-04-10 12:35:42 +01:00
Owen Mansel-Chan
576f4cf19f Update tags 2025-04-10 12:21:09 +01:00
Owen Mansel-Chan
ad89e7980e Tweak documentation 2025-04-10 12:21:08 +01:00
Owen Mansel-Chan
3ea5cc1b66 Add query to code-quality query suite 2025-04-10 12:21:06 +01:00
Owen Mansel-Chan
e1c5517de7 Keep COMPLIANT and NON_COMPLIANT comments in test 2025-04-10 12:21:05 +01:00
Owen Mansel-Chan
04ec1d7830 Update test expectations 2025-04-10 12:21:03 +01:00
Owen Mansel-Chan
626a7d5007 Fix punctuation 2025-04-10 12:21:02 +01:00
Owen Mansel-Chan
c4e56b1ec8 Add quality and cwe tag to query 
CWE-1176: Inefficient CPU Computation
 2025-04-10 12:21:00 +01:00
Owen Mansel-Chan
042fe07494 Adjust alert message 2025-04-10 11:47:19 +01:00
Owen Mansel-Chan
fea3d10b97 Update qhelp 2025-04-10 11:47:18 +01:00
Owen Mansel-Chan
441c79ebdf Use existing class StringReplaceAllCall 2025-04-10 11:47:17 +01:00
Owen Mansel-Chan
b5b252b10f Convert test to inline expectations 2025-04-10 11:47:15 +01:00
Owen Mansel-Chan
ff2947a0e5 Adjust query name 2025-04-10 11:47:14 +01:00
Owen Mansel-Chan
041adcd63a Java: Add initial version of string replaceAll with no regex query 2025-04-10 11:46:59 +01:00
Asger F
d2a4f1e17a Merge pull request #19267 from asgerf/js/json-array-trailing-comma 
JS: Tolerate trailing commas in JSON arrays
 2025-04-10 12:38:16 +02:00
Joe Farebrother
6802037c89 Update qhelp formatting 2025-04-10 09:52:18 +01:00
Joe Farebrother
00999baf9a Apply docs review suggestion - Reword query description. 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-04-10 09:06:01 +01:00
Asger F
3da1f261f7 JS: Change note 2025-04-10 07:21:48 +02:00
Asger F
cfa1a9b603 JS: Update extractor version string 2025-04-10 07:20:53 +02:00
Asger F
1434f7acd2 JS: Tolerate trailing comma in JSON array 
Previously we'd fail to extract some tsconfig.json files because of this.
 2025-04-10 07:20:51 +02:00
Asger F
800dd168c2 JS: Add failing TRAP test for trailing comma 2025-04-10 07:20:49 +02:00