hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-10 12:11:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
46,266 Commits 1,689 Branches 160 Tags
04575674db28350a3002a317b405cfaf268eb598
Commit Graph

46266 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Rolfe
04575674db Ruby: generalise summaries for ActiveSupport Hash extensions 2022-11-08 15:48:20 +00:00
Erik Krogh Kristensen
e01cbb2ffa Merge pull request #10378 from erik-krogh/aliasFlow 
JS: expand localFieldStep to use access-paths, and build access-paths in more cases
 2022-11-08 14:26:12 +01:00
Paolo Tranquilli
552c5249ac Merge pull request #11131 from github/redsun82/swift-incomplete-ast 
Swift: deal with incomplete ASTs
 2022-11-08 14:01:58 +01:00
Tom Hvitved
f0554fcdee Merge pull request #11155 from hvitved/ruby/avoid-stage-recomputation 
Ruby: Avoid stage recomputation
 2022-11-08 13:46:53 +01:00
Tom Hvitved
edde3defed Merge pull request #11153 from hvitved/ruby/basic-block-at-conditions 
Ruby: Split basic blocks around constant conditionals
 2022-11-08 13:35:52 +01:00
Tony Torralba
d813590780 Merge pull request #11156 from atorralba/atorralba/swift/bitwise-operation 
Swift: Add `BitwiseOperation.qll`
 2022-11-08 12:15:00 +01:00
Paolo Tranquilli
9731048836 Swift: remove an assert from swift headers 
An interesting byproduct was finding a problematic `assert` in the
Swift headers. An incomplete `FallthroughStmt` was asserting on having
a destination. I did not find any other sensible way of getting rid of
the crash when running in debug mode than to patch the header.
 2022-11-08 11:47:12 +01:00
Paolo Tranquilli
fda9d19a97 Swift: replace undefined labels with UnspecifiedElement 2022-11-08 11:47:12 +01:00
Paolo Tranquilli
8d3e6ff8a7 Swift: add label iteration 2022-11-08 11:47:12 +01:00
Paolo Tranquilli
450a4a04af Swift: add incomplete ast test 
The test was inspired by locally running the query against files in
https://github.com/apple/swift/tree/main/test/Parse

A query for missing elements was also added to the AST tests, expecting
nothing to be found.
 2022-11-08 11:46:07 +01:00
Paolo Tranquilli
d6fb6bf036 Swift: customize UnspecifiedElement 2022-11-08 11:40:27 +01:00
Paolo Tranquilli
e17bc6c581 Swift: add UnspecifiedElement 2022-11-08 11:40:27 +01:00
Tony Torralba
4411852e59 Add BitwiseOperation.qll 2022-11-08 11:33:10 +01:00
Paolo Tranquilli
2aa528852e Swift: add possibility to specify null class 2022-11-08 11:27:14 +01:00
Tom Hvitved
f0b9ca4bf9 Ruby: Add more guards tests 2022-11-08 11:09:54 +01:00
Jeroen Ketema
e00585ca24 Merge pull request #11154 from jketema/dataflow-test-fix 
C++: Fix wrong return types and missing statement in dataflow test
 2022-11-08 10:55:09 +01:00
Tom Hvitved
37a69b4569 Ruby: Avoid stage recomputation 2022-11-08 10:51:30 +01:00
AlexDenisov
d1848194eb Merge pull request #11152 from github/redsun82/swift-bitwise-test 
Swift: add bitwise ops to `PrintAst` test
 2022-11-08 10:25:48 +01:00
Tamás Vajk
38abd389eb Merge pull request #11045 from tamasvajk/kotlin-confusing-default 
Kotlin: Excluded compiler generated methods from `java/confusing-method-signature`
 2022-11-08 10:25:36 +01:00
Jeroen Ketema
0d4a2239fc C++: Fix wrong return types and missing statement in dataflow test 2022-11-08 09:55:10 +01:00
Paolo Tranquilli
072edad0fd Swift: accept new test changes 2022-11-08 09:30:25 +01:00
Erik Krogh Kristensen
c82410fd16 Merge pull request #10680 from erik-krogh/unsafeRbCmd 
RB: add an unsafe-shell-command-construction query
 2022-11-08 09:22:33 +01:00
Tom Hvitved
7ba0682297 Ruby: Split basic blocks around constant conditionals 2022-11-08 09:07:23 +01:00
Tom Hvitved
c86f597153 Ruby: Add test for disjunctive guard 2022-11-08 09:01:22 +01:00
Paolo Tranquilli
21adcca065 Swift: add bitwise ops to PrintAst test 2022-11-08 08:53:36 +01:00
Harry Maclean
8c8f1418d5 Merge pull request #11150 from hmac/try-fixup 
Ruby: Cosmetic change
 2022-11-08 12:19:47 +13:00
Harry Maclean
03aa8df8e2 Ruby: Cosmetic change 2022-11-08 10:24:21 +13:00
Harry Maclean
d392cdaab6 Merge pull request #11022 from hmac/try-code-injection 
Ruby: try/try! as code execution
 2022-11-08 09:42:52 +13:00
Tony Torralba
ef967b6a21 Merge pull request #10890 from atorralba/atorralba/android-startactivities-summaries 
Java: Add flow summaries for startActivities
 2022-11-07 18:06:30 +01:00
Alexander Eyers-Taylor
c6c4a7b14f Merge pull request #11068 from alexet/alexet/qlspec-instanceof 
QL Spec: Add instanceof in classes
 2022-11-07 16:15:09 +00:00
Erik Krogh Kristensen
3f871a08e2 apply suggestions from doc review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-11-07 16:29:10 +01:00
Tamás Vajk
ed305d2699 Merge pull request #11032 from tamasvajk/kotlin-unused-for-loop-var 
Kotlin: exclude loop variables on ranges from 'unused locals' check
 2022-11-07 15:44:10 +01:00
Karim Ali
5766ff21d0 Merge pull request #10993 from karimhamdanali/swift-pbe-constant-salts 
Swift: detect the use of constant salts
 2022-11-07 16:22:41 +02:00
Stephan Brandauer
577f1a588b Merge pull request #11143 from github/codeql-ci/atm/release-0.4.0 
JS: Bump version numbers of ML-powered packs after 0.4.0 release
 2022-11-07 15:03:24 +01:00
Erik Krogh Kristensen
d67235b3c1 Merge pull request #11071 from erik-krogh/fixCanon 
ReDoS: fix canonicalization in NfaUtils
 2022-11-07 14:10:50 +01:00
github-actions[bot]
69df9f9daa JS: Bump version of ML-powered library and query packs to 0.4.1 2022-11-07 13:06:46 +00:00
github-actions[bot]
82277d8f56 JS: Bump minor version of ML-powered library and query packs 2022-11-07 13:00:28 +00:00
github-actions[bot]
268a990aa6 JS: Bump version of ML-powered model pack to 0.3.1 2022-11-07 13:00:28 +00:00
github-actions[bot]
a1e0bf022e ATM: Update model pack dependency of ML-powered model building and query packs 2022-11-07 13:00:27 +00:00
github-actions[bot]
be808deb59 JS: Bump minor version of ML-powered model pack 2022-11-07 12:59:44 +00:00
Chris Smowton
eb365c1d24 Merge pull request #11079 from smowton/smowton/test/test-java-extractor-vs-captured-type-variables 
Java: Add test for multiply-bounded wildcards
 2022-11-07 12:31:19 +00:00
Tamás Vajk
830be92f1d Merge pull request #11089 from tamasvajk/kotlin-enum-ctor-call 
Kotlin: Extract missing arguments of enum constructor calls
 2022-11-07 12:55:27 +01:00
AlexDenisov
f8e80f96ff Merge pull request #11124 from github/redsun82/swift-await 
Swift: extract `AwaitExpr`
 2022-11-07 12:52:42 +01:00
Karim Ali
1756feae71 address docs review 2022-11-07 13:20:02 +02:00
Paolo Tranquilli
b30a6d36b5 Swift: extract AwaitExpr 2022-11-07 12:08:51 +01:00
Paolo Tranquilli
b94066acd8 Merge pull request #11094 from github/redsun82/swift-translators 
Swift: refactor visitors to use translations
 2022-11-07 12:01:44 +01:00
Geoffrey White
7b62bed9db Merge pull request #10947 from karimhamdanali/swift-pbe-iterations 
Swift: detect hash functions with low # of iterations
 2022-11-07 10:38:29 +00:00
Chris Smowton
e877967a62 Add test verifying no malformed wildcards result from captured type variables with a Collection<? extends ...> type 2022-11-07 10:29:04 +00:00
Chris Smowton
d999c1d3dd Java: Add test for multiply-bounded wildcards 
This exercises several cases of variables bounded both by a wildcard and by a bound on the type parameter, checking that the extractor strips the wildcards and captures to decide on a concrete type for the parameters and return values.
 2022-11-07 10:29:04 +00:00
Chris Smowton
1cd30847f6 Merge pull request #11121 from smowton/smowton/fix/java-wildcard-extraction 
Kotlin: fix extraction of Java nested wildcards; wildcards in return types
 2022-11-07 10:23:02 +00:00