hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 10:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
49,874 Commits 1,742 Branches 165 Tags
02364d072e8a9829fd736874834838cb1801bfbc
Commit Graph

49874 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
02364d072e Java: Fix bad join in TestLibrary characteristic predicate. 2023-02-08 11:59:59 +01:00
Michael Nebel
f8dbbe006e C#/Java: Materialize sink/source/summary predicates to avoid join on input/output before filtering. 2023-02-08 10:04:43 +01:00
Henry Mercer
6e9484970f Merge pull request #12128 from github/codeql-ci/atm/release-0.4.7 
JS: Bump version numbers of ML-powered packs after 0.4.7 release
 2023-02-07 22:29:20 +00:00
Henry Mercer
e972cb069e Merge branch 'main' into codeql-ci/atm/release-0.4.7 2023-02-07 21:31:08 +00:00
github-actions[bot]
4f76ebbb0b JS: Bump version of ML-powered library and query packs to 0.4.8 2023-02-07 19:44:25 +00:00
github-actions[bot]
30b2644f17 JS: Bump patch version of ML-powered library and query packs 2023-02-07 19:34:58 +00:00
Mathias Vorreiter Pedersen
334c41c3e1 Merge pull request #12122 from github/post-release-prep/codeql-cli-2.12.2 
Post-release preparation for codeql-cli-2.12.2
 2023-02-07 16:17:57 +00:00
Mathias Vorreiter Pedersen
1980e25ac9 Merge pull request #12120 from MathiasVP/even-fewer-strings 
C++: Avoid unnecessary calls to `toLowerCase()`
 2023-02-07 13:57:12 +00:00
github-actions[bot]
522a892d32 Post-release preparation for codeql-cli-2.12.2 2023-02-07 13:19:06 +00:00
Mathias Vorreiter Pedersen
746f04bafc C++: Construct fewer strings. 2023-02-07 11:44:32 +00:00
Tom Hvitved
984729f9b0 Merge pull request #12117 from hvitved/ruby/delay-location-to-string 
Ruby: Avoid computing `Location::toString` in full
 2023-02-07 12:42:03 +01:00
Mathias Vorreiter Pedersen
ff29356ae9 Merge pull request #12106 from MathiasVP/fewer-strings 
C++: Replace `toUpperCase().matches("...")` with case-insensitive `regexpMatch`
 2023-02-07 11:31:36 +00:00
Paolo Tranquilli
c9397a5abf Merge pull request #10950 from github/redsun82/swift-regex 
Swift: extract `RegexLiteralExpr`
 2023-02-07 11:30:43 +01:00
Geoffrey White
d8616e77d5 Merge pull request #12108 from geoffw0/strings3 
Swift: Remove a no-longer-needed special case from swift/unsafe-js-eval.
 2023-02-07 09:44:41 +00:00
Mathias Vorreiter Pedersen
aef66c462a Merge pull request #12107 from aibaars/downgrade-tree-sitter 
Ruby: downgrade tree-sitter to 0.20.7
codeql-cli/v2.12.2 		2023-02-07 09:29:42 +00:00
Paolo Tranquilli
a3b443c310 Swift: add upgrade/downgrade scripts for regex extraction 2023-02-07 10:21:37 +01:00
Paolo Tranquilli
ad04a408c7 Swift: add doc to RegexLiteralExpression 2023-02-07 10:21:37 +01:00
Paolo Tranquilli
50889b8fa1 Swift: move regex test to integration tests 2023-02-07 10:21:37 +01:00
Tom Hvitved
c0e3186607 Ruby: Avoid computing Location::toString in full 2023-02-07 10:06:47 +01:00
Paolo Tranquilli
d201c1eadd Swift: support linux-only tests 2023-02-07 09:41:06 +01:00
Paolo Tranquilli
a244b825df Merge branch 'main' into redsun82/swift-regex 2023-02-07 09:37:09 +01:00
Anders Schack-Mulligen
3c580896dc Merge pull request #11712 from aschackmull/java/constant-guards 
Java: Apply deadcode guard to data flow nodes.
 2023-02-07 09:14:20 +01:00
Jeroen Ketema
a4c3ea2efc Merge pull request #9245 from ihsinme/ihsinme-patch-102 
CPP: Add query for CWE-805: Buffer Access with Incorrect Length Value using some functions
 2023-02-06 21:24:07 +01:00
Jeroen Ketema
1c35109675 C++: Add experimental tag to experimental query 2023-02-06 20:31:26 +01:00
Jeroen Ketema
868f07bc91 Merge branch 'main' into ihsinme-patch-102 2023-02-06 20:16:53 +01:00
Geoffrey White
996536b08e Swift: Remove a no-longer-needed special case from swift/unsafe-js-eval. 2023-02-06 17:35:21 +00:00
Mathias Vorreiter Pedersen
4016299aa8 Update cpp/ql/lib/semmle/code/cpp/security/Encryption.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-02-06 15:55:15 +00:00
Arthur Baars
12f5732782 Ruby: downgrade tree-sitter to 0.20.7 
The 0.20.9 version caused a stack overflow error on
the mongo-ruby-driver repository.
 2023-02-06 16:27:51 +01:00
Erik Krogh Kristensen
4eebeab8a8 Merge pull request #12078 from erik-krogh/qlCache 
QL: simplify the QL-for-QL workflow, which should also fix the cache
 2023-02-06 16:21:45 +01:00
Mathias Vorreiter Pedersen
1c9a526afa C++: Construct fewer strings. 2023-02-06 15:18:15 +00:00
erik-krogh
9364a85e49 add Rust format check to QL-for-QL tests 2023-02-06 14:26:30 +01:00
Erik Krogh Kristensen
9360ae9638 Merge pull request #12076 from erik-krogh/poly-sink-track 
PY: add tracking of strings to compile-sites for poly-redos
 2023-02-06 14:21:04 +01:00
Anders Schack-Mulligen
b4607d3fab Java: Add change notes. 2023-02-06 13:55:34 +01:00
Geoffrey White
dc59ed08f9 Merge pull request #12094 from geoffw0/string2 
Swift: Models for the String class
 2023-02-06 11:24:19 +00:00
Chris Smowton
cd2fc6566f Merge pull request #12101 from owen-mc/go/gofmt-remove-confusing-error-message 
Fix files that gofmt can't parse
 2023-02-06 10:58:54 +00:00
Mathias Vorreiter Pedersen
00fe448e3a Merge pull request #12072 from aschackmull/dataflow/stage3-perf 
Dataflow: Fix join in `fwdFlowRead` (take 2)
 2023-02-06 10:43:11 +00:00
Erik Krogh Kristensen
f32fa25c1a Merge pull request #12100 from github/dependabot/cargo/ql/serde_json-1.0.92 
build(deps): bump serde_json from 1.0.91 to 1.0.92 in /ql
 2023-02-06 10:33:32 +01:00
Tamás Vajk
c03fe70b8d Merge pull request #12086 from tamasvajk/feature/fix-exception-handling-archive 
C#: Change handled exception in `TrapWriter.ArchiveContents`
 2023-02-06 08:53:56 +01:00
Owen Mansel-Chan
9ed7836367 Fix files that gofmt can't parse 
We have some .go files that gofmt can't parse because they don't start
with "package". This was intentional, as they are fragments to be
included in .qhelp files. They don't affect the return code as gofmt
doesn't change their formatting, so this wasn't changing the result of
the check. However, it was confusing that when the check failed because
some other files weren't formatted correctly, the user would see the
stderr complaining about those files, so we capture stderr.

It would be an improvement to print which files are not formatted
correctly, but that was beyond my abilities with bash and makefiles.
 2023-02-06 07:16:58 +00:00
dependabot[bot]
33e8414fc4 build(deps): bump serde_json from 1.0.91 to 1.0.92 in /ql 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.91 to 1.0.92.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.91...v1.0.92)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-06 03:29:59 +00:00
Chris Smowton
03385ac0b5 Merge pull request #12097 from github/smowton/admin/macos-ventura 
Add MacOS Ventura to supported platforms
 2023-02-04 17:54:21 +00:00
Philip Ginsbach
8cefde36bf Merge pull request #12088 from github/ginsbach/DocumentFinalAlias 
document final type aliases
 2023-02-04 12:23:03 +00:00
Chris Smowton
f8b574c654 Add MacOS Ventura to supported platforms 
Rebase of e8bf8fe7a4
 2023-02-04 08:28:03 +00:00
Mathias Vorreiter Pedersen
7642245747 Merge pull request #12095 from github/post-release-prep/codeql-cli-2.12.2 
Post-release preparation for codeql-cli-2.12.2
 2023-02-04 01:03:14 +00:00
github-actions[bot]
57f40ccd48 Post-release preparation for codeql-cli-2.12.2 2023-02-03 21:12:22 +00:00
Jami
b6805c6913 Merge pull request #11863 from jcogs33/jcogs33/update-paramsString 
Java: update paramsString
 2023-02-03 15:47:38 -05:00
Sarita Iyer
8edd378290 Merge pull request #12077 from github/codeql-cli-articles-migration-update 
Update CodeQL CLI docs articles and links to point to new location on GitHub Docs site
 2023-02-03 15:25:33 -05:00
Geoffrey White
364c173fc3 Swift: Accept additional taint flow in UnsafeJsEval test. 2023-02-03 19:21:10 +00:00
Geoffrey White
1f69fff26c Swift: Fix mistake caught by QL-for-QL. 2023-02-03 19:15:08 +00:00
Geoffrey White
f82a548cf9 Swift: Comments and formatting. 2023-02-03 18:50:51 +00:00