hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-18 21:27:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,295 Commits 1,759 Branches 167 Tags
josefs/phpExtractor
Commit Graph

86295 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josef Svenningsson
77dc871b21 Use SSA and type-aware dispatch in the PHP extractor 2026-03-06 09:52:03 +00:00
Josef Svenningsson
57ff0bb2c8 Improve the PHP dataflow analysis and add queries 2026-03-05 17:02:06 +00:00
Josef Svenningsson
cea862bfb3 PHP extractor and query library, built with AI 
This is built with copilot, via a number
of iterations and run various test. But it should
by no means be considered production ready. I'm
looking for feeback on how to take this forward.
 2026-03-05 17:02:05 +00:00
Asger F
c9fa7fa283 Merge pull request #21369 from asgerf/js/this-bindings 
JS: Emit variables for 'this'
 2026-03-05 13:36:38 +01:00
Anders Schack-Mulligen
8ef4be49aa Merge pull request #21412 from aschackmull/java/binary-assignment 
Java: Make Assignment extend BinaryExpr.
 2026-03-05 13:19:45 +01:00
Anders Schack-Mulligen
3e7a966c0d Merge pull request #21408 from aschackmull/guards/perf-tweak 
Guards: Improve performance of forall in guardDeterminesPhiInput.
 2026-03-05 12:42:06 +01:00
Owen Mansel-Chan
926725a87f Merge pull request #21405 from owen-mc/java/consistent-inline-expectation-tests 
Inline expectation tests should always have space before and after `$`
 2026-03-05 11:27:37 +00:00
Owen Mansel-Chan
c82f75604a Add change notes 2026-03-05 10:34:30 +00:00
Anders Schack-Mulligen
ea77c0d86c Java: Add change note. 2026-03-05 11:32:00 +01:00
Anders Schack-Mulligen
ec1d034ee0 Java: Make Assignment extend BinaryExpr. 2026-03-05 11:31:59 +01:00
Anders Schack-Mulligen
37a8fc85eb Guards: Use unique aggregate. 2026-03-05 11:20:24 +01:00
Tom Hvitved
b5bf1c578c Merge pull request #21404 from hvitved/dataflow/no-enclosing-stack-flow-feature 
Data flow: Add `FeatureEscapesSourceCallContext(OrEqualSourceSinkCallContext)` flow feature
 2026-03-05 09:36:48 +01:00
Tom Hvitved
f3898329d6 Merge pull request #21413 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2026-03-05 09:28:47 +01:00
github-actions[bot]
1c5afb2306 Add changed framework coverage reports 2026-03-05 00:32:15 +00:00
Mathias Vorreiter Pedersen
5b30e945ef Merge pull request #21410 from MathiasVP/add-WebSocket-ReceiveAsync-model 
C#: Add `System.Net.WebSockets.ReceiveAsync` as a remote flow source
 2026-03-04 16:09:50 +00:00
Owen Mansel-Chan
2b3111441d Add space before $ in xml test file 2026-03-04 15:03:24 +00:00
Owen Mansel-Chan
99a4fe4828 Update expected test output column numbers 2026-03-04 15:02:53 +00:00
Owen Mansel-Chan
aa28c94562 Remove double space after $ in inline expectations tests 2026-03-04 14:12:42 +00:00
Owen Mansel-Chan
501485b9f6 Update library to require space after $ 
We cannot easily require a space before $ because some languages, like
C#, strip whitespace from the beginning of the comment text.
 2026-03-04 14:06:59 +00:00
Tom Hvitved
db491fc985 Address review comments 2026-03-04 14:53:01 +01:00
Owen Mansel-Chan
1950fd33db Ruby: Inline expectation should have space before $ 2026-03-04 13:11:41 +00:00
Owen Mansel-Chan
91b6801db1 py: Inline expectation should have space before $ 2026-03-04 13:11:38 +00:00
Owen Mansel-Chan
ea30f02271 js: Inline expectation should have space before $ 2026-03-04 13:11:35 +00:00
Owen Mansel-Chan
f41c30e335 java: Inline expectation should have space before $ 2026-03-04 13:11:33 +00:00
Owen Mansel-Chan
ddebdad9e1 c++: Inline expectation should have space before $ 2026-03-04 13:11:30 +00:00
Mathias Vorreiter Pedersen
f8f8991d36 C#: Accept more test changes. 2026-03-04 13:06:59 +00:00
Anders Schack-Mulligen
3c129fcd23 Java: Align BinaryExpr.getOp() with AssignOp.getOp(). 2026-03-04 13:46:04 +01:00
Owen Mansel-Chan
6001c735ff Ruby: Inline expectation should have space after $ 
This was a regex-find-replace from `# \$(?! )` (using a negative lookahead) to `# $ `.
 2026-03-04 12:45:06 +00:00
Owen Mansel-Chan
5a97348e78 python: Inline expectation should have space after $ 
This was a regex-find-replace from `# \$(?! )` (using a negative lookahead) to `# $ `.
 2026-03-04 12:45:05 +00:00
Owen Mansel-Chan
0eccd902c2 js: Inline expectation should have space after $ 
This was a regex-find-replace from `// \$(?! )` (using a negative lookahead) to `// $ `.
 2026-03-04 12:45:03 +00:00
Owen Mansel-Chan
45eb14975a C#: Inline expectation should have space after $ 
This was a regex-find-replace from `// \$(?! )` (using a negative lookahead) to `// $ `.
 2026-03-04 12:45:02 +00:00
Owen Mansel-Chan
badfa1a5c5 C++: Inline expectation should have space after $ 
This was a regex-find-replace from `// \$(?! )` (using a negative lookahead) to `// $ `.
 2026-03-04 12:45:00 +00:00
Owen Mansel-Chan
b475f14575 Replace // $:tag with // $ tag in 2 tests 2026-03-04 12:44:59 +00:00
Owen Mansel-Chan
d4ba2d68f9 Go: Inline expectation should have space after $ 
This was a regex-find-replace from `// \$(?! )` (using a negative lookahead) to `// $ `.
 2026-03-04 12:44:57 +00:00
Owen Mansel-Chan
05a77a2005 Java: Update test expectations 2026-03-04 12:44:56 +00:00
Owen Mansel-Chan
ef345a3279 Java: Inline expectation should have space after $ 
This was a regex-find-replace from `// \$(?! )` (using a negative lookahead) to `// $ `.
 2026-03-04 12:44:54 +00:00
Mathias Vorreiter Pedersen
2357ef07cc C#: Add change note. 2026-03-04 12:35:15 +00:00
Mathias Vorreiter Pedersen
088913d925 C#: Accept test changes. 2026-03-04 12:26:07 +00:00
Mathias Vorreiter Pedersen
83155df1f7 C#: Add 'System.Net.WebSockets.ReceiveAsync' flow source. 2026-03-04 12:26:05 +00:00
Mathias Vorreiter Pedersen
b7992ed8cd C#: Add test. 2026-03-04 12:25:08 +00:00
Michael Nebel
219ea28217 Merge pull request #21400 from michaelnebel/csharp/implicitconversionreverseflowtaint 
C#: Add default taint step from an implicit operator call to its argument.
 2026-03-04 12:40:59 +01:00
Michael Nebel
fbf40ef02a Update csharp/ql/lib/semmle/code/csharp/dataflow/internal/TaintTrackingPrivate.qll 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2026-03-04 12:28:07 +01:00
Anders Schack-Mulligen
2782d90d0f Merge pull request #21403 from aschackmull/cfg/tweaks 
Cfg: Small tweaks.
 2026-03-04 11:17:15 +01:00
Anders Schack-Mulligen
ad5ab9f270 Gaurds: Improve perf of forall in guardDeterminesPhiInput. 2026-03-04 10:56:51 +01:00
Tom Hvitved
4474e252fe Add change note 2026-03-04 10:44:26 +01:00
Tom Hvitved
18d2f586b3 Rust: Update AccessAfterLifetime query to use FeatureEscapesSourceCallContextOrEqualSourceSinkCallContext 2026-03-04 10:44:25 +01:00
Tom Hvitved
189c16095d Data flow: Add FeatureEscapesSourceCallContext(OrEqualSourceSinkCallContext) flow feature 2026-03-04 10:44:23 +01:00
Michael Nebel
a604a68fe9 C#: Add change-note. 2026-03-04 08:03:32 +01:00
Michael Nebel
4e2a93df55 C#: Remove comment. 2026-03-04 07:58:55 +01:00
Mathias Vorreiter Pedersen
6a904eddd4 Merge pull request #21390 from MathiasVP/less-reevaluation-4 
C++: Reduce re-evaluation
 2026-03-03 15:09:55 +00:00