hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
32,307 Commits 1,741 Branches 165 Tags
005dfdffdb87c1991d4171d274cbbebfc4355ff8
Commit Graph

32307 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
8dcec2e037 apply suggestions from doc review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-01-31 13:17:26 +01:00
Erik Krogh Kristensen
ec1a8cc826 apply suggestions from doc review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-01-31 12:32:12 +01:00
Tom Hvitved
2354281721 C#: Add DB down/upgrade scripts 2022-01-31 11:46:10 +01:00
Tom Hvitved
32e58add7b C#: Extend compiler_generated to include event accessors 2022-01-31 11:45:23 +01:00
Rasmus Lerchedahl Petersen
211345c010 python: remove more annotations 2022-01-31 11:20:59 +01:00
Michael Nebel
7cbeffc8a7 C#: Refactor and use new language features. 2022-01-31 09:24:31 +01:00
Rasmus Lerchedahl Petersen
cac3862659 python: remove library annotation 
to clean up QL warnings.
Should put these in a private module instead?
 2022-01-31 08:50:37 +01:00
Rasmus Lerchedahl Petersen
0c3bce1415 python: deprecation 
I am slightly concerned that the test now generates many more
intermediate results. I suppose that maes the analysis heavy.
Should the new library get a new name instead, so the old code
does not get evaluated?
 2022-01-31 08:32:24 +01:00
BACK Yonah
d7313f3a82 C/C++ : Useless test 2022-01-30 14:33:32 +01:00
Mathias Vorreiter Pedersen
bb2feda8fb Merge pull request #7703 from geoffw0/getslocal 2022-01-28 19:35:15 +00:00
Geoffrey White
8a1b49f816 C++: Recognize password struct fields. 2022-01-28 19:10:46 +00:00
Arthur Baars
abf3ce6223 Ruby: expressions in pin operator ^ 2022-01-28 19:47:31 +01:00
Arthur Baars
00fb4d3776 Ruby: Values in Hash literals and keyword arguments can be omitted 2022-01-28 19:47:31 +01:00
Arthur Baars
3e2ca61c01 Ruby: support anonymous block parameters/arguments 2022-01-28 19:47:31 +01:00
Arthur Baars
b9258e78ca Ruby: non-local variables in variable reference pattern 2022-01-28 19:47:31 +01:00
Arthur Baars
966b8be5f9 Ruby: add downgrade scripts 2022-01-28 19:47:31 +01:00
Arthur Baars
e5eb01ca45 Ruby: add upgrade scripts 2022-01-28 19:47:31 +01:00
Arthur Baars
c85012460a Ruby: update dbscheme stats 2022-01-28 19:47:31 +01:00
Arthur Baars
c6a36a50c2 Ruby: regenerate dbscheme and library 2022-01-28 19:47:31 +01:00
Arthur Baars
bfbc9fe144 Ruby: update tree-sitter-ruby 2022-01-28 19:47:25 +01:00
Mathias Vorreiter Pedersen
0f239e315c Merge pull request #7782 from geoffw0/clrtxt7 
C++: Fix FPs for cpp/cleartext-storage-file
 2022-01-28 17:24:05 +00:00
Geoffrey White
0396a84c3c C++: Remove empty predicate / extends. 2022-01-28 17:11:38 +00:00
Geoffrey White
af09dd8af1 C++: Fixes to gets models. 2022-01-28 16:04:23 +00:00
Geoffrey White
036e1495b8 Merge branch 'main' into getslocal 2022-01-28 15:58:13 +00:00
Ian Wright
aceeb7324c restrict AST nodes according to string length 2022-01-28 15:06:10 +00:00
Geoffrey White
a695f02af4 C++: Add change note. 2022-01-28 12:38:27 +00:00
Tom Hvitved
82cceb0a29 C#: Mark event accessors without bodies as compiler generated 2022-01-28 13:11:34 +01:00
Tom Hvitved
682163962a Data flow: Sync files 2022-01-28 13:01:24 +01:00
Tom Hvitved
4bf07825a1 Data flow: Reduce non-linear recursion in SummaryComponentStack::bottom 
Before:
```
[2022-01-28 09:45:34] (449s) Tuple counts for FlowSummaryImpl::Public::SummaryComponentStack::bottom_dispred#ff/2@i23#25a5eew4 after 432ms:
                      0       ~0%     {2} r1 = SCAN FlowSummaryImpl::Public::SummaryComponentStack::length#ff#prev_delta OUTPUT In.0 'this', (In.1 - 1)
                      0       ~0%     {2} r2 = JOIN r1 WITH FlowSummaryImpl::Public::SummaryComponentStack::drop#fff#prev ON FIRST 2 OUTPUT Rhs.2, Lhs.0 'this'
                      0       ~0%     {2} r3 = JOIN r2 WITH FlowSummaryImpl::Public::SummaryComponentStack::head_dispred#ff#prev ON FIRST 1 OUTPUT Lhs.1 'this', Rhs.1 'result'

                      4171589 ~5%     {2} r4 = SCAN FlowSummaryImpl::Public::SummaryComponentStack::length#ff#prev OUTPUT In.0 'this', (In.1 - 1)
                      4171589 ~0%     {2} r5 = JOIN r4 WITH FlowSummaryImpl::Public::SummaryComponentStack::drop#fff#prev ON FIRST 2 OUTPUT Rhs.2, Lhs.0 'this'
                      0       ~0%     {2} r6 = JOIN r5 WITH FlowSummaryImpl::Public::SummaryComponentStack::head_dispred#ff#prev_delta ON FIRST 1 OUTPUT Lhs.1 'this', Rhs.1 'result'

                      62238   ~0%     {3} r7 = SCAN FlowSummaryImpl::Public::SummaryComponentStack::drop#fff#prev_delta OUTPUT In.2, In.0 'this', In.1
                      62238   ~8%     {3} r8 = JOIN r7 WITH FlowSummaryImpl::Public::SummaryComponentStack::head_dispred#ff#prev ON FIRST 1 OUTPUT Lhs.1 'this', Lhs.2, Rhs.1 'result'
                      62238   ~5%     {5} r9 = JOIN r8 WITH FlowSummaryImpl::Public::SummaryComponentStack::length#ff#prev ON FIRST 1 OUTPUT Lhs.0 'this', Lhs.1, Lhs.2 'result', Rhs.1, (Rhs.1 - 1)
                      10373   ~6%     {5} r10 = SELECT r9 ON In.4 = In.1
                      10373   ~0%     {2} r11 = SCAN r10 OUTPUT In.0 'this', In.2 'result'

                      10373   ~0%     {2} r12 = r6 UNION r11
                      10373   ~0%     {2} r13 = r3 UNION r12
                      10373   ~0%     {2} r14 = r13 AND NOT FlowSummaryImpl::Public::SummaryComponentStack::bottom_dispred#ff#prev(Lhs.0 'this', Lhs.1 'result')
                                      return r14
```

After:
```
[2022-01-28 09:52:48] (6s) Tuple counts for FlowSummaryImpl::Public::SummaryComponentStack::bottom#ff/2@i21#6243afwv after 5ms:
                      0     ~0%     {2} r1 = JOIN FlowSummaryImpl::Public::SummaryComponentStack::bottom#ff#prev_delta WITH FlowSummaryImpl::Private::TConsSummaryComponentStack#fff#reorder_1_0_2#prev ON FIRST 1 OUTPUT Lhs.1 'result', Rhs.2 'this'

                      10373 ~3%     {2} r2 = SCAN FlowSummaryImpl::Private::TConsSummaryComponentStack#fff#prev_delta OUTPUT In.1, In.2 'this'
                      10373 ~2%     {2} r3 = JOIN r2 WITH FlowSummaryImpl::Public::SummaryComponentStack::bottom#ff#prev ON FIRST 1 OUTPUT Rhs.1 'result', Lhs.1 'this'

                      10373 ~2%     {2} r4 = r1 UNION r3
                      10373 ~2%     {2} r5 = r4 AND NOT FlowSummaryImpl::Public::SummaryComponentStack::bottom#ff#prev(Lhs.1 'this', Lhs.0 'result')
                      10373 ~0%     {2} r6 = SCAN r5 OUTPUT In.1 'this', In.0 'result'
                                    return r6
```
 2022-01-28 13:00:04 +01:00
Geoffrey White
b73dc98191 C++: Exclude write to stdout etc. 2022-01-28 11:57:31 +00:00
Tom Hvitved
864b61a804 Merge pull request #7766 from hvitved/csharp/extractor/type-param-constraints 
C#: Make `TypeParameterConstraints` a `CachedEntity`
 2022-01-28 12:39:31 +01:00
Tom Hvitved
28702dff82 Merge pull request #7779 from hvitved/csharp/initial-downgrade-scheme 
C#: Add initial downgrade DB scheme for use in tests
 2022-01-28 12:38:07 +01:00
Erik Krogh Kristensen
7b925604df update expected output 2022-01-28 12:21:33 +01:00
Nick Rolfe
588e60e230 Merge pull request #7775 from github/nickrolfe/graph_test_ordering 
Ruby/C#: more stable graph test ordering
 2022-01-28 11:16:02 +00:00
Erik Krogh Kristensen
7aa59ca233 Merge pull request #7633 from erik-krogh/CWE-300 
JS: add js/http-dependency query
 2022-01-28 12:10:14 +01:00
Taus
47a57e0c0a Merge pull request #7635 from github/python/support-match 
Python/support match
 2022-01-28 11:55:46 +01:00
yoff
74d57bbb1a Update python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll 
Co-authored-by: Taus <tausbn@github.com>
 2022-01-28 11:38:29 +01:00
Arthur Baars
cada7ef1a4 Ruby: add downgrade scripts to prepare-db-upgrade.sh 2022-01-28 11:07:56 +01:00
Erik Krogh Kristensen
b5198bdaca apply suggestions from doc review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-01-28 10:46:27 +01:00
Erik Krogh Kristensen
bf9bcc9600 add a js/file-system-race query 2022-01-28 09:41:12 +01:00
Erik Krogh Kristensen
179c26da9a apply suggestions from review 2022-01-28 09:37:46 +01:00
Tony Torralba
f3e034b2be Merge pull request #7764 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-01-28 09:35:54 +01:00
Harry Maclean
0428b8ee20 Split Ruby CI into multiple parallel jobs 
Run format, compile and db upgrade checks in parallel, along with the
main tests, which run in two parallel halves.
 2022-01-28 21:23:34 +13:00
Esben Sparre Andreasen
ee52774e90 Merge pull request #7760 from erik-krogh/CWE-184 
JS: add CWE-184 to incomplete-scheme-check and bad-tag-filter
 2022-01-28 09:18:41 +01:00
Tom Hvitved
ee5495ce65 C#: Add initial downgrade DB scheme for use in tests 2022-01-28 09:05:42 +01:00
Harry Maclean
b01f81aab3 Use modified getAPath predicate for test 2022-01-28 19:45:52 +13:00
Harry Maclean
a1b0f02e6e Ruby: Introduce API::getAnImmediateSubclass() 
class A; end
    class B < A; end
    class C < B; end

In the example above, `getMember("A").getAnImmediateSubclass()` will
select only uses of B, whereas `getMember("A").getASubclass()` will
select uses of A, B and C. This is usually the behaviour you want.
 2022-01-28 16:44:03 +13:00
github-actions[bot]
c6130ea2d4 Add changed framework coverage reports 2022-01-28 00:11:49 +00:00
Dave Bartolomeo
cca74e925f Merge pull request #7724 from github/aeisenberg/examples-groups 
Add new groups for examples packs
 2022-01-27 12:11:26 -05:00
Rasmus Lerchedahl Petersen
c60df7d69c Merge branch 'main' of github.com:github/codeql into python/support-match 2022-01-27 16:45:17 +01:00