hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,658 Commits 1,671 Branches 157 Tags
rust-ti-implementing-type-method
Commit Graph

1242 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
03f7968dbf Dataflow: Fix flow-feature bug. 2024-02-16 11:38:30 +01:00
Tony Torralba
551875cb5a Add 'jwt' as valid sink kind 2024-02-14 17:25:08 +01:00
Anders Schack-Mulligen
393251dde6 Merge pull request #15582 from hvitved/dataflow/cache-viable-callable-ext 
Data flow: Cache `viableCallableExt`
 2024-02-14 10:31:43 +01:00
Tom Hvitved
bc8761c51b Data flow: Cache viableCallableExt 2024-02-13 14:12:50 +01:00
Asger F
faefa056eb Merge pull request #15507 from asgerf/shared/outbarrier-bugfix 
Shared: fix a bug in stateful outbarriers
 2024-02-12 21:44:49 +01:00
Nick Rolfe
b2ee5808f0 Merge pull request #15496 from github/nickrolfe/loc-fresh-ids 
Tree-sitter extractors: use fresh IDs for locations
 2024-02-12 09:54:09 +00:00
Tom Hvitved
1ea7717714 Capture flow: Take overwrites in nested scopes into account 2024-02-09 14:49:23 +01:00
Anders Schack-Mulligen
4fcb90298d Dataflow: Add change note. 2024-02-09 11:32:08 +01:00
Anders Schack-Mulligen
b7d4a6926f Dataflow: Add empty provenance column to PathGraph. 2024-02-09 11:27:30 +01:00
github-actions[bot]
b5139078d0 Post-release preparation for codeql-cli-2.16.2 2024-02-06 19:22:35 +00:00
github-actions[bot]
c1b35fbf47 Release preparation for version 2.16.2 2024-02-05 17:58:57 +00:00
Nick Rolfe
514a92d5bd Tree-sitter extractors: use fresh IDs for locations 
Since locations for any given source file are never referenced in any
TRAP files besides the one for that particular source file, it's not
necessary to use global IDs. Using fresh IDs will reduce the size of the
ID pool (both on disk and in memory) and the speed of multi-threaded
TRAP import.

The one exception is the empty location, which still uses a global ID.
 2024-02-02 15:06:10 +00:00
Joe Farebrother
031bd8bd0c Merge pull request #15281 from joefarebrother/android-sensitive-ui-notif 
Java: Add query for exposure of sensitive information to android notifiactions
 2024-01-26 16:42:55 +00:00
Asger F
f15ead6130 Shared: check stateful outBarrier as part of pathStep SCC 2024-01-26 11:14:23 +01:00
Asger F
d1310c74fc Shared: remove old stateful outBarrier check 2024-01-26 11:14:23 +01:00
Mathias Vorreiter Pedersen
2db76c7fad Merge pull request #15434 from MathiasVP/fix-dataflow-join-order 
DataFlow: Fix join order
 2024-01-25 16:32:14 +00:00
Henry Mercer
10343dd822 Merge pull request #15416 from github/post-release-prep/codeql-cli-2.16.1 
Post-release preparation for codeql-cli-2.16.1
 2024-01-25 14:15:25 +00:00
erik-krogh
396da117bb remove an FP in overly-large-range for [@-Z] 2024-01-25 14:15:06 +01:00
Mathias Vorreiter Pedersen
db929ccf9b DataFlow: Fix join order. 2024-01-25 12:51:35 +00:00
github-actions[bot]
d0b74c00fe Post-release preparation for codeql-cli-2.16.1 2024-01-23 23:02:29 +00:00
github-actions[bot]
7ef611e6dc Release preparation for version 2.16.1 2024-01-23 19:45:16 +00:00
Joe Farebrother
0acb647e7d Fix tests and add notification sink kind to model verification 2024-01-23 09:51:41 +00:00
erik-krogh
865df920f9 add change-notes 2024-01-22 19:30:57 +01:00
erik-krogh
8be7eadace delete outdated deprecations 2024-01-22 09:11:35 +01:00
Rasmus Wriedt Larsen
f20d4e22fe Handle only exclude 2024-01-18 13:54:45 +01:00
Rasmus Wriedt Larsen
54c7c5e8be Tree sitter extractor: Proper handling of LGTM_INDEX_FILTERS 
If someone had used `LGTM_INDEX_FILTERS=exclude:**/*\ninclude:*.rb`
before, we would have mistakenly excluded all files :|
(LGTM_INDEX_FILTERS is a prioritized list where later matches take
priority over earlier ones)

This change is needed to support adding `exclude:**/*` as the first
filter if `paths` include a glob, which currently causes bad behavior in
the Python extractor. However, we can first introduce that change once
this PR has been merged.

I realize this change can cause more folders and files to be traversed
(since they are not just skipped with --exclude). We plan to make a
better long term fix which should bring back the previous performance.
 2024-01-18 11:44:31 +01:00
Calum Grant
4660a25d44 Merge pull request #15354 from github/calumgrant/shared-diagnostics 
C++/Swift: Create shared library and share Diagnostics
 2024-01-17 15:40:12 +00:00
Calum Grant
d57fc3d7db C++: Remove unneeded includes 2024-01-17 14:34:28 +00:00
Calum Grant
51c5afff8b Create shared/cpp library and move Diagnostics there 2024-01-17 14:23:18 +00:00
erik-krogh
1a8a70dc1b mark the range [0-?] as good in the overly-large-range query 2024-01-17 13:11:57 +01:00
Alexander Eyers-Taylor
934474681d Merge pull request #15254 from github/post-release-prep/codeql-cli-2.16.0 
Post-release preparation for codeql-cli-2.16.0
 2024-01-16 14:50:40 +00:00
github-actions[bot]
57df8b92df Post-release preparation for codeql-cli-2.16.0 2024-01-15 15:00:50 +00:00
Tom Hvitved
295198744b Ruby: Handle captured yield calls 2024-01-10 14:25:15 +01:00
Tom Hvitved
c9cf2a899c Merge pull request #15260 from hvitved/dataflow/may-benefit-from-cctx-simplify 
Data flow: Remove column from `mayBenefitFromCallContext`
 2024-01-10 11:43:15 +01:00
Tom Hvitved
f90201eb56 Data flow: Remove column from mayBenefitFromCallContext 2024-01-09 11:34:43 +01:00
Ed Minnix
65d05bf3de Add environment-injection to Model Validation 2024-01-08 09:38:43 -05:00
github-actions[bot]
a6c8cc9551 Release preparation for version 2.16.0 2024-01-08 13:11:26 +00:00
Tom Hvitved
25e2271b2f Merge pull request #15157 from hvitved/dataflow/fwd-flow-in-non-linear-rec 
Data flow: Avoid unnecessary non-linear recursion in `fwdFlowIn`
 2024-01-08 10:31:51 +01:00
Aditya Sharad
b1803d0ac2 Merge rc/3.12 into main 2023-12-21 16:40:51 -08:00
Tom Hvitved
5be4fe1887 Data flow: Avoid unnecessary non-linear recursion in fwdFlowIn 2023-12-19 21:03:03 +01:00
github-actions[bot]
8f72b0e4f7 Post-release preparation for codeql-cli-2.15.5 2023-12-19 10:32:57 +00:00
github-actions[bot]
19af35b29a Release preparation for version 2.15.5 2023-12-18 21:22:44 +00:00
yoff
e0c027f13c Merge pull request #14848 from hvitved/python/shared-type-tracking 
Python: Adopt shared type tracking library
 2023-12-18 21:14:42 +01:00
Anders Schack-Mulligen
07ad770437 Dataflow: Deprecate FlowStateString. 2023-12-14 15:05:33 +01:00
Tom Hvitved
84aa9f17a0 Python/Ruby: Use SummaryTypeTracker from typetracking pack 2023-12-14 13:25:18 +01:00
Tom Hvitved
1e24de7e83 Copy SummaryTypeTracker.qll to typetracking pack 2023-12-14 13:22:48 +01:00
Tom Hvitved
4776e9ccd2 Type tracking: Allow for a non-standard flowsTo predicate 2023-12-14 12:36:09 +01:00
Tom Hvitved
c8b4a215bc Merge pull request #14573 from hvitved/flow-summary-impl-param 
Move `FlowSummaryImpl.qll` to `dataflow` pack
 2023-12-14 12:24:15 +01:00
Tom Hvitved
8f0e0b6559 Merge pull request #15090 from hvitved/inline-flow-test-get-arg-string 
InlineFlowTest: Allow for custom `getArgString`
 2023-12-14 10:53:55 +01:00
Tom Hvitved
7da10e0013 Merge pull request #15095 from hvitved/dataflow/boolean-class 
Data flow: Use `Boolean` class
 2023-12-14 10:29:52 +01:00