hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,658 Commits 1,671 Branches 157 Tags
rust-ti-implementing-type-method
Commit Graph

78658 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
e8505ad33d Rust: Use type inference to resolve method calls and field accesses 2025-03-13 13:23:13 +01:00
Tom Hvitved
62d4e6fe3f Rust: Implement basic type inference in QL 2025-03-13 13:23:11 +01:00
Tom Hvitved
3a58611271 Shared: Add shared type inference library 2025-03-13 13:23:09 +01:00
Taus
f3353dc3fb Python: Ignore special methods with placeholder bodies 
Instances of this include
- Bodies that contain just a docstring (common in Zope interfaces)
- Bodies that do nothing but raise an exception.
 2025-03-13 12:18:43 +00:00
Taus
862b89207d Python: Disable "usused default" logic 
Adds a new boolean parameter `is_unused_default` that indicates whether
the given result is one where a parameter to a special method has a
default value (which will never be used when invoked in the normal way).
These results are somewhat less useful (because the special method
_might_ be invoked directly, in which case the default value would still
be relevant), but it seemed like a shame to simply remove the code, so
instead I opted to disable it in this way.
 2025-03-13 12:18:43 +00:00
Taus
24b2eb24c1 Python: Refactor special method query 
Moves a bunch of `owner.declaredAttribute(name) = f` instances to the
top level, in the process greatly cleaning up the code. The behaviour
should be the unchanged.

Having done this, there's only one place where we depend on points-to,
and that's in the remaining `declaredAttribute` call. This should
greatly simplify the move away from points to.
 2025-03-13 12:18:43 +00:00
Taus
f30ebf1571 Merge pull request #18871 from github/tausbn/python-modernise-special-method-signature-query 
Python: Move min/maxParameter methods to `Function` class
 2025-03-13 13:03:21 +01:00
Asger F
08ee51cbc4 JS: Move some promise-related store steps into PromiseFlow::storeStep 
API graphs calls PromiseFlow::storeStep to propagate promises, which means it missed a store steps added elsewhere in the old promise library model.

We want API graphs to rely on type-tracking steps in general, like in Ruby, but for now just fixing the bug.
 2025-03-13 12:53:04 +01:00
Tom Hvitved
1636abb81b Merge pull request #18985 from hvitved/rust/immediate-child 
Rust/Swift: Add `get(Immediate)Child` predicate
 2025-03-13 12:50:53 +01:00
Napalys
5dff23de6b Added change note. 2025-03-13 12:45:27 +01:00
Napalys
3640e5e425 Added model for tanstack-react useQueries 2025-03-13 12:45:26 +01:00
Napalys
03330ef24d Added test cases for tanstack-react useQueries. 2025-03-13 12:45:25 +01:00
Napalys
6c9aa0e872 Added modeling of tanstack-vue useQueries. 2025-03-13 12:45:23 +01:00
Napalys
4917d64ce7 Added test cases for tanstack-vue useQueries. 2025-03-13 12:45:05 +01:00
Napalys
0c0158899e Added tanstack-vue useQuery modeling 2025-03-13 12:25:07 +01:00
Napalys
7712ca368a Added useQuery tanstack-vue test case 2025-03-13 12:25:05 +01:00
Asger F
89410d07b3 JS: Add failing test 2025-03-13 11:59:23 +01:00
Geoffrey White
1aa223652f Merge pull request #18977 from geoffw0/sourcesinkdoc 
Rust: Source and sink doc / tidy up
 2025-03-13 10:53:44 +00:00
Simon Friis Vindum
3c644144b1 Rust: Extract data flow node and content into separate files 2025-03-13 11:22:04 +01:00
Michael Nebel
b1edd9294b C#: Add some more test cases to cs/local-not-disposed. 2025-03-13 11:19:37 +01:00
Tom Hvitved
dd21dab055 Swift: Add get(Immediate)Child predicate 2025-03-13 11:13:04 +01:00
Tom Hvitved
8777bc42c7 Rust: Add get(Immediate)Child predicate 2025-03-13 11:13:01 +01:00
Michael Nebel
209b9c6114 C#: Re-factor to use inline expectation tests instead. 2025-03-13 11:11:23 +01:00
Michael Nebel
40375a0387 C#: Use stubs for the cs/local-not-disposed tests. 2025-03-13 10:47:45 +01:00
Michael Nebel
5eb9a535a4 C#: Remove disposal test for library code as we are no longer doing CIL extraction or data flow. 2025-03-13 10:45:00 +01:00
Michael Nebel
72c7024c8b Merge pull request #18999 from michaelnebel/csharp/ccr-constant-condition 
C#: Add cs/constant-condition to the CCR suite.
 2025-03-13 10:02:00 +01:00
Arthur Baars
fa79dbc89a Merge pull request #18228 from github/aibaars/crate-graph 
Rust: extract crate graph
 2025-03-13 10:00:48 +01:00
Simon Friis Vindum
4de69c70a8 Rust: Add cleartext transmission query 2025-03-13 08:45:36 +01:00
Andrew Eisenberg
e05b172c88 Merge pull request #19002 from github/aeisenberg/actions-security-and-quality 
Update actions query suites
 2025-03-12 13:43:49 -07:00
yoff
10a9b78bc5 Merge pull request #18738 from github/tausbn/python-fix-match-pruning-logic 
Python: Don't prune any `MatchLiteralPattern`s
 2025-03-12 20:01:26 +01:00
Andrew Eisenberg
02051ff7b1 Update the security experimental suite 2025-03-12 11:46:03 -07:00
Andrew Eisenberg
cd63e7cf54 Fix the actions-security-and-quality.qls suite 
It was not using the proper selectors. It is now the same as
other quality suites in other languages.
 2025-03-12 11:43:59 -07:00
Mathias Vorreiter Pedersen
aeb1acba97 C++: Use the new API in queries. 2025-03-12 17:09:05 +00:00
Mathias Vorreiter Pedersen
66e8b2d7e5 C++: Add an 'asDefinition' overload to check if a definition is certain or not. 2025-03-12 17:07:07 +00:00
Geoffrey White
0df652b297 Rust: Autoformat. 2025-03-12 16:38:00 +00:00
Geoffrey White
64b57679bf Rust: ... one more fix. 2025-03-12 16:32:53 +00:00
Geoffrey White
ee6455a7b1 Rust: ... and extend QuerySink to complete the above. 2025-03-12 16:23:41 +00:00
Geoffrey White
56f6a67d5f Rust: Add sinks for rust/regex-injection to stats. 2025-03-12 16:08:33 +00:00
Geoffrey White
f8112945a8 Merge branch 'main' into sourcesinkdoc 2025-03-12 16:04:56 +00:00
Geoffrey White
df4f117a7c Rust: QLDoc formatting. 2025-03-12 15:59:44 +00:00
Napalys Klicius
40903a9643 Merge pull request #18975 from Napalys/js/tanstack_angular 
JS: Update Angular Client Request's with API graph and `Tanstack` Angular modeling
 2025-03-12 15:30:26 +01:00
yoff
a5101bdae6 Merge pull request #18855 from Kwstubbs/ssrf_documentation 
Python: Add more documentation in regards to SSRF
 2025-03-12 15:27:01 +01:00
Michael Nebel
b76527fa84 C#: Add cs/constant-condition to the CCR suite. 2025-03-12 14:55:20 +01:00
Michael Nebel
e79cb443da Merge pull request #18976 from michaelnebel/csharp/constant-condition 
C#: Increase precision of `cs/constant-condition`.
 2025-03-12 14:42:15 +01:00
Napalys
f867e0fae8 Added angular-query so when it is released it would be still modeled. 2025-03-12 14:00:44 +01:00
Napalys Klicius
bf24f7794f Update javascript/ql/lib/change-notes/2025-03-11-tanstack-angular.md 
Co-authored-by: Asger F <asgerf@github.com>
 2025-03-12 13:58:09 +01:00
Napalys Klicius
86bd3b8d26 Merge pull request #18986 from Napalys/js/remove_dedundant_stats 
JS: Removed auto generated stats file
 2025-03-12 12:51:26 +01:00
Napalys
8a8defd48f Removed redundant stats file genarated from check-db-upgrades-javascript 2025-03-12 11:57:27 +01:00
Napalys
09986bc26c Added change note. 2025-03-12 11:54:57 +01:00
Napalys
770920e738 Add new model configuration for @tanstack/angular-query-experimental. 2025-03-12 11:54:55 +01:00