hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,247 Commits 1,671 Branches 157 Tags
revert-update
Commit Graph

3928 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
8b6baa250c Merge pull request #6878 from aschackmull/remove-singleton-setliteral 
C++/C#/Java/JavaScript/Python: Remove singleton set literals.
 2021-10-14 14:53:05 +02:00
Mathias Vorreiter Pedersen
47a85bbb1d Merge pull request #6869 from MathiasVP/fix-prefix/suffix-equality 
Java/JS/Python: Replace '.prefix'/'.suffix' with '.matches'
 2021-10-14 13:47:03 +01:00
Tom Hvitved
f5420333e2 Sync shared files 2021-10-14 11:49:02 +02:00
Anders Schack-Mulligen
57cb300759 C++/C#/Java/JavaScript/Python: Remove singleton set literals. 2021-10-14 11:34:22 +02:00
Tom Hvitved
c14dcfbfe4 Data flow: Sync 2021-10-13 20:13:28 +02:00
Andrew Eisenberg
878203f1d0 Merge pull request #6862 from github/aeisenberg/tutorial 
Move tutorial directly into each qlpack
 2021-10-13 09:29:37 -07:00
Andrew Eisenberg
0d1632a5d2 Move tutorial directly into each qlpack 
Previously, the tutorial was injected during build time. This is much
simpler.
 2021-10-13 08:37:04 -07:00
Anders Schack-Mulligen
169cc75c88 Merge pull request #6840 from aschackmull/java/misc-perf 
Java: Fix some performance issues.
 2021-10-13 15:53:49 +02:00
Mathias Vorreiter Pedersen
d85d009a54 Java: Replace '.prefix'/'.suffix' with '.matches'. 2021-10-13 13:19:06 +01:00
Anders Schack-Mulligen
306388a6bc Update java/ql/src/Likely Bugs/Comparison/StringComparison.ql 2021-10-13 08:57:31 +02:00
github-actions[bot]
2f27a0c9f9 Add changed framework coverage reports 2021-10-13 00:09:35 +00:00
Andrew Eisenberg
bbb2637bcc QlPacks: Add the defaultSuite to query packs that are missing it 
Also, change some examples pack names from `codeql-lang-examples` to
`codeql/lang-examples`. This doesn't affect behaviour since internally,
the legacy name is converted to the modern name.
 2021-10-12 11:54:50 -07:00
Anders Schack-Mulligen
0e5f89a03c Merge pull request #6463 from smowton/smowton/admin/gson-unsafe-deserialization 
Java: add Gson support to unsafe-deserialization query
 2021-10-12 16:15:27 +02:00
Tom Hvitved
10739b11ee Merge pull request #6841 from hvitved/dataflow/incorrect-summary-chaining 
Data flow: Add tests for missing summary flow
 2021-10-12 15:44:21 +02:00
Chris Smowton
83c6406167 Update javadoc 2021-10-12 13:51:02 +01:00
Tom Hvitved
cc305ed766 Data flow: Sync 2021-10-12 14:37:33 +02:00
Tom Hvitved
296e268339 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-10-12 14:28:32 +02:00
Chris Smowton
3c96e62be7 Remove duplicate declaration 2021-10-12 12:35:05 +01:00
Chris Smowton
8816aa1431 Improve Android stub fidelity to the point that all relevant tests work 
Note these still aren't entirely mechanically generated stubs matching the real Android 9.
 2021-10-12 12:35:05 +01:00
Chris Smowton
205b6fe6d7 Fix bad merge on Uri.java 2021-10-12 12:35:05 +01:00
Chris Smowton
5da392ebfe Introduce TaintInheritingContent 2021-10-12 12:35:05 +01:00
Chris Smowton
1afc03b9b5 Remove redundant import 2021-10-12 12:35:05 +01:00
Chris Smowton
9e0b112f05 Remove now-unnecessary models and tests 2021-10-12 12:35:05 +01:00
Chris Smowton
490168fb05 Fix comments 2021-10-12 12:35:05 +01:00
Chris Smowton
1dffbcd0bd Fix tests disrupted by re-modelling and stubbing Android 9: 
* Account for changed dataflow graph shape using external flow
* Account for BaseBundle only existing as of Android 5
* Properly implement Parcelable, which we previously got away with due to a partial stub
* Restore an Android 11 function that had been added to the Android 9 Context class (I won't get into enforcing the difference in this PR)
 2021-10-12 12:35:05 +01:00
Chris Smowton
81c0e66b1d Add change note and update qhelp 2021-10-12 12:35:05 +01:00
Chris Smowton
fc0b18cf61 Add tests for Android flow steps 2021-10-12 12:35:05 +01:00
Chris Smowton
cd2c9e9ca3 Add Gson support to unsafe deserialization query 2021-10-12 12:35:04 +01:00
Anders Schack-Mulligen
6b4ca31783 Merge pull request #6849 from Marcono1234/marcono1234/improvements 
Java: Serialization query improvements
 2021-10-12 13:30:45 +02:00
Tony Torralba
a8aa8e3bb4 Use InlineExpectationsTest directly 2021-10-11 16:38:20 +02:00
Owen Mansel-Chan
058a04f756 Merge pull request #6795 from owen-mc/inline-expectation-test-trivial-change 
Change class name in InlineExpectationTest to avoid clash
 2021-10-11 15:35:17 +01:00
Marcono1234
ba0dbd5871 Java: Improve IncorrectSerializableMethods.ql; address review comments 2021-10-11 14:29:10 +02:00
Tom Hvitved
68ea3e7b49 Data flow: Add debugging predicates for rendering data flow graphs for summarized callables 2021-10-11 11:29:08 +02:00
Tom Hvitved
d5955f1ae1 Java: Add test for missing summary flow 2021-10-11 11:29:08 +02:00
github-actions[bot]
ea0a0522a7 Add changed framework coverage reports 2021-10-11 00:08:32 +00:00
Marcono1234
a7670fbcab Java: Enhance IncorrectSerializableMethods.ql 2021-10-11 02:05:53 +02:00
Marcono1234
12936ff5fe Java: Fix IncorrectSerializableMethods.ql using wrong readObject signature 2021-10-11 02:05:53 +02:00
Marcono1234
b009886664 Java: Add TypeObjectInputStream 2021-10-11 02:05:50 +02:00
Marcono1234
a74d423d82 Java: Improve AnnotationPresentCheck.ql 2021-10-11 01:03:46 +02:00
Anders Schack-Mulligen
2185a654de Java: Fix some performance issues. 2021-10-08 15:53:14 +02:00
Anders Schack-Mulligen
5d0e72755d Merge pull request #6770 from aschackmull/java/stream-model 
Java: Add models for java.util.stream.
 2021-10-08 15:48:50 +02:00
Tony Torralba
2df30dc107 Use InlineFlowTest for local and remote flow tests 2021-10-08 11:48:35 +02:00
Anders Schack-Mulligen
446c738f20 Merge pull request #6790 from aschackmull/dataflow/force-precision 
Dataflow: Force high precision of certain Contents.
 2021-10-08 11:44:26 +02:00
Anders Schack-Mulligen
1bec58dee5 Dataflow: Fix more qldoc: s/accesspath/access path/. 2021-10-08 09:41:26 +02:00
github-actions[bot]
062250741a Add changed framework coverage reports 2021-10-08 00:08:55 +00:00
Chris Smowton
39640efc9b Remove no-longer-needed TaintPreservingCallables and update test expectations 2021-10-07 14:33:39 +01:00
Anders Schack-Mulligen
2b88a2aa0c Dataflow: Fix qldoc: s/accesspath/access path/. 2021-10-07 14:46:24 +02:00
Anders Schack-Mulligen
f885751107 Java: Add change note. 2021-10-07 14:42:19 +02:00
Anders Schack-Mulligen
fc69acee46 Java: Add test. 2021-10-07 13:28:02 +02:00
Chris Smowton
b7448d55ed Introduce TaintInheritingContent instead of using parts of DataFlowPrivate 2021-10-07 11:20:19 +01:00