hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 21:25:44 +02:00
Code Issues Packages Projects Releases Wiki Activity
69,939 Commits 1,742 Branches 166 Tags
038bc832a7cf21e02aa3ccbd4ec478688f68b3f2
Commit Graph

69939 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
db51604f46 Java: Promote some generated models and add some manual neutrals. 2024-08-27 13:28:05 +02:00
Michael Nebel
6cb5e13a23 Java: Re-factor tests and update expected test output. 2024-08-27 13:28:00 +02:00
Michael Nebel
68880b2056 Java: Update expected test output. Generated models are no longer applied as there exist a source implementation. 2024-08-27 13:27:55 +02:00
Michael Nebel
fe6693739a Java: Make more finegrained dataflow dispatch viable callable heuristic. 2024-08-27 13:27:52 +02:00
Cornelius Riemenschneider
1c3b9f7031 Delete legacy test utils. 2024-08-27 13:14:24 +02:00
Cornelius Riemenschneider
c69df1a6e3 Port java integration tests to pytest. 
Some notes:
* These tests rely on a variety of fixtures
* The previous maven-wrapper checks were checking for the version of maven installed by looking at the checked-in wrapper script. I dropped this behavior.
* I replaced a lot of test queries that queried for a (subset of) source archive files with the source_archive fixture. In particular, tests that excluded properties files from being listed in the expected output now include them.
   It's much faster to generate this list via the fixture instead of using CodeQL for it.
 2024-08-27 13:14:23 +02:00
Cornelius Riemenschneider
5fa30c33b8 Remove legacy java files. 2024-08-27 13:14:21 +02:00
Cornelius Riemenschneider
19606b1903 Add *.actual to the gitignore file. 
This is also used by the integration tests.
 2024-08-27 13:14:20 +02:00
Ian Lynagh
3a864d3de2 Merge pull request #17292 from igfoo/igfoo/open 
Kotlin: Remove a redundant 'open'
 2024-08-27 12:14:04 +01:00
Ian Lynagh
085bf2f662 Merge pull request #17293 from igfoo/igfoo/dtw 
Kotlin: Restrict some TrapWriter types to DiagnosticTrapWriter
 2024-08-27 12:13:59 +01:00
Cornelius Riemenschneider
123507e2dc No need to disable the layering check anymore, this was fixed upstream. 2024-08-27 13:00:56 +02:00
Cornelius Riemenschneider
62219fae60 Bazel: switch to a 7.4.0 prerelease. 2024-08-27 12:27:53 +02:00
Henry Mercer
e0013eec1b Merge pull request #17294 from github/codeql-cli-2.18.3 
Merge `codeql-cli-2.18.3` back into `rc/3.15`
 2024-08-27 10:46:05 +01:00
Michael Nebel
287857c5db Merge pull request #17301 from michaelnebel/shared/contentflowbadjoin 
Shared: Fix bad join in content flow.
 2024-08-27 10:17:04 +02:00
Paolo Tranquilli
b79be718e1 Merge pull request #17306 from github/redsun82/bazel-lfs 
Bazel: fix logging bug in `git_lfs_probe.py`
 2024-08-27 09:42:39 +02:00
Anders Schack-Mulligen
b3fa4f3d9e Merge pull request #17289 from aschackmull/dataflow/summaryctx 
Dataflow: Simplify using a SummaryCtx type.
 2024-08-27 09:32:43 +02:00
Paolo Tranquilli
0738e01e7e Bazel: fix logging bug in git_lfs_probe.py 
The case of an `HTTPError` was printed to stdout (and therefore globbed
by bazel).

While I'm at it, I also introduced a timeout to `urlopen` and improved
the `no endpoints found` error message.
 2024-08-27 09:12:37 +02:00
Andrew Eisenberg
d19102c399 Separate into two groups 2024-08-26 14:38:32 -07:00
Michael Nebel
e81fdc951a Merge pull request #17246 from michaelnebel/modelgendebug 
C#/Java: Add some model generator summary debugging queries.
 2024-08-26 16:13:03 +02:00
Michael Nebel
77bfe39ca7 Shared: Address review comments. 2024-08-26 15:24:56 +02:00
Michael Nebel
4381bae5d1 Shared: Fix bad join. 2024-08-26 15:24:54 +02:00
Anders Schack-Mulligen
d8c8bcd386 Dataflow: Tweak qldoc. 2024-08-26 15:12:37 +02:00
Anders Schack-Mulligen
cbb58d0041 Dataflow: Add a getLocation rootdef. 2024-08-26 15:05:30 +02:00
Michael Nebel
34d83a6b0d C#/Java: Address review comments. 2024-08-26 15:02:27 +02:00
Simon Friis Vindum
d9dbcdba34 C++: Fix imports 2024-08-26 12:42:44 +02:00
Asger F
4e3440aad0 Merge pull request #17275 from asgerf/cpp/taint-test-case-false-negative 
C++: Reveal false negative in test case
 2024-08-26 12:36:03 +02:00
Asger F
16c2cf24b3 C++: use inline annotation for missing flow 2024-08-26 11:53:31 +02:00
Asger F
592e2eafb6 Merge pull request #17262 from asgerf/shared/implicit-read 
Shared: restrict flow after using implicit read
 2024-08-26 11:48:50 +02:00
Tom Hvitved
e5d626f907 Data flow: Only recompute local big step in stage 6 2024-08-26 09:58:29 +02:00
Simon Friis Vindum
128053e214 C++: Add basic modeling of functions that don't throw 2024-08-26 09:37:44 +02:00
Tom Hvitved
c92c96fa78 Data flow: Compute local big step relation per stage 2024-08-26 09:15:27 +02:00
Chris Smowton
92910f961a Merge pull request #17296 from smowton/smowton/admin/revert-mad-sink-conversion 
Go: Revert problematic conversion from QL-specified sink nodes to models-as-data; add change note for one correct but undocumented fix
 2024-08-25 15:10:49 +01:00
Chris Smowton
7cb67a50be Add change note for ioutil fix 2024-08-24 17:49:26 +01:00
Chris Smowton
a832730a11 Revert "Convert squirrel sql-injection sinks to MaD (non-existent methods removed)" 
This reverts commit 06f86dd22f.
 2024-08-24 17:44:40 +01:00
Chris Smowton
ab88b9b136 Revert "Upgrade and convert gorqlite sql-injection sinks to MaD" 
This reverts commit ce0cb12c29.
 2024-08-24 17:43:15 +01:00
Chris Smowton
8fc3b00fb9 Revert "Convert gogf/gf sql-injection sinks to MaD" 
This reverts commit db559f75b6.
 2024-08-24 17:43:12 +01:00
Chris Smowton
e7f788ae35 Revert "Convert sqlx sql-injection sinks to MaD" 
This reverts commit 7ad63fc3e6.
 2024-08-24 17:43:09 +01:00
Chris Smowton
4e6d7fcb29 Revert "Convert Gorm sql-injection sinks to MaD" 
This reverts commit ba310417a8.
 2024-08-24 17:43:06 +01:00
Chris Smowton
d8a2c08f12 Revert "Convert Xorm sql-injection sinks to MaD" 
This reverts commit 3b2b7d7d1c.
 2024-08-24 17:43:03 +01:00
Chris Smowton
59bb142e8b Revert "Convert Bun sql-injection sinks to MaD" 
This reverts commit 3eb5b2669b.
 2024-08-24 17:43:00 +01:00
Chris Smowton
ec59492866 Revert "Convert Beego orm sql-injection sinks to MaD" 
This reverts commit ad213579a1.
 2024-08-24 17:42:57 +01:00
Chris Smowton
fa07f16bcc Revert "Convert database/sql sql-injection sinks to MaD" 
This reverts commit 501bb3eb56.
 2024-08-24 17:42:55 +01:00
Chris Smowton
b3326babba Revert "Convert database/sql/driver sql-injection sinks to MaD" 
This reverts commit 652dd88c36.
 2024-08-24 17:42:52 +01:00
Chris Smowton
c33568b602 Revert "Convert mongodb nosql-injection sinks to MaD" 
This reverts commit ec9d88b364.
 2024-08-24 17:42:49 +01:00
Chris Smowton
437df5c2a5 Revert "Convert gocb nosql-injection sinks to MaD" 
This reverts commit 2d2afb17ad.
 2024-08-24 17:42:45 +01:00
Chris Smowton
a6e3b913d0 Revert "Convert logging sinks to use MaD" 
This reverts commit fa472f5e18.
 2024-08-24 17:39:24 +01:00
Chris Smowton
686f47af98 Revert "Fix typo in package path" 
This reverts commit 6f5a045437.
 2024-08-24 17:34:34 +01:00
Paolo Tranquilli
c4c8c9ddc1 Merge pull request #17291 from github/criemen/ripunzip 
Make ripunzip installer accessible from outside this repo.
 2024-08-23 20:14:44 +02:00
Cornelius Riemenschneider
3ac8108c4a Address review. 2024-08-23 17:26:05 +02:00
Ian Lynagh
6a7d8b5301 Kotlin: Restrict some TrapWriter types to DiagnosticTrapWriter 
We never use the greater generality, so this makes it easier to see
what's happening.
 2024-08-23 15:41:21 +01:00