hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
60,258 Commits 1,673 Branches 157 Tags
0837e400a216422e3ef12d8631057bc1dc4926cd
Commit Graph

9480 Commits

Author SHA1 Message Date
Ian Lynagh
d46442245b Merge pull request #14518 from igfoo/igfoo/trap_files 
Kotlin: Log when we start and finish writing to TRAP files
 2023-10-30 13:53:04 +00:00
Dave Bartolomeo
b18a6d5e0b Merge pull request #14582 from github/dbartol/threat-models-2 
Java: Threat model implementation with priorities.
 2023-10-27 09:33:53 -04:00
Ian Lynagh
0cf702a74f Kotlin: Tweak the logs test to not be confused by the new logs 2023-10-27 12:04:43 +01:00
Anders Schack-Mulligen
9769953669 Java: Split the different layers of virtual dispatch into separate cached stages. 2023-10-27 09:40:20 +02:00
Dave Bartolomeo
d2afb20f3f Merge remote-tracking branch 'origin/main' into dbartol/threat-models-2 2023-10-26 14:05:40 -04:00
Alexander Eyers-Taylor
55ec9d0a91 Merge pull request #14601 from aschackmull/java/fix-tests 
Java: Update tests to new partial flow api
 2023-10-26 17:52:01 +01:00
Mathias Vorreiter Pedersen
30ecb4b0c8 Merge pull request #14588 from aschackmull/shared/rangeanalysis 
C++/Java: Share core range analysis
 2023-10-26 16:32:46 +01:00
Anders Schack-Mulligen
35f6e6ebb4 Java: Update tests to new partial flow api 2023-10-26 14:09:03 +02:00
Chris Smowton
8198898d73 Merge pull request #14583 from smowton/smowton/admin/really-deprecate-old-java-names 
Java: Deprecate MethodAccess and SuperMethodAccess
 2023-10-26 10:25:05 +01:00
Stephan Brandauer
5fe6a5a730 Merge pull request #14487 from github/kaeluka/extraction-query-docs 
Java: basic version of automodel extraction query docs
 2023-10-26 11:10:01 +02:00
Anders Schack-Mulligen
ec58b209e3 Merge pull request #14584 from Marcono1234/kotlin-Literal-getLiteral 
Kotlin: Mention `Literal::getLiteral()` difference from source code
 2023-10-26 10:03:57 +02:00
Chris Smowton
29d57d82b7 Deprecate MethodAccess and SuperMethodAccess 2023-10-25 22:26:38 +01:00
Anders Schack-Mulligen
283d6efdf8 Rangeanalysis/Java/C++: Address some ql4ql findings. 2023-10-25 14:06:35 +02:00
Jami
53d92d58fc Merge pull request #14581 from jcogs33/jcogs33/add-internal-to-model-exclusions 
Java: exclude internal packages globally from MaD models
 2023-10-25 08:04:03 -04:00
Michael Nebel
b3e5b86f0a Java: Cleanup threat models tests. 2023-10-25 14:02:31 +02:00
Anders Schack-Mulligen
2592c94c54 Java: Replace range analysis with shared version. 2023-10-25 11:29:55 +02:00
Anders Schack-Mulligen
36082808d3 Java: Implement shared range analysis signatures. 2023-10-25 11:29:55 +02:00
Stephan Brandauer
cffcc7334d Java: automodel extraction docs: add two intro sentences 2023-10-25 09:45:00 +02:00
Stephan Brandauer
0f2db1bcdb Java: automodel extraction docs: use markdown footnote 2023-10-25 09:32:59 +02:00
Stephan Brandauer
3eeb6ffec4 Java: automodel extraction docs: spell out positive and negative 2023-10-25 09:05:22 +02:00
Stephan Brandauer
44c87561b3 Java: review suggestion from adityasharad 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2023-10-25 09:00:28 +02:00
Stephan Brandauer
c240c1b3f5 Java: review suggestions from aeisenberg 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2023-10-25 08:59:21 +02:00
Marcono1234
bf20b8e5a5 Kotlin: Mention Literal::getLiteral() difference from source code 
It appears the Kotlin extractor does not have access to the actual
string representation in the source code, and for most literal types
uses simply the represented value also as `getLiteral` result, see
https://github.com/github/codeql/blob/codeql-cli/v2.15.1/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt#L4443
 2023-10-25 02:04:54 +02:00
Dave Bartolomeo
5fd56ce866 Alternate threat model implementation 2023-10-24 13:12:37 -04:00
Jami Cogswell
121fd0896b Java: exclude internal packages in general from models 2023-10-24 12:49:49 -04:00
Chris Smowton
30610c9a3f Temporarily de-deprecate SuperMethodAccess to accommodate private tests 2023-10-24 16:05:52 +01:00
Stephan Brandauer
e97456f5fc Java: automodel extraction docs: note on packaging and backwards compatibility 2023-10-24 16:30:59 +02:00
Chris Smowton
92d3d9d83f Update integration test expectations 2023-10-24 14:47:19 +01:00
Chris Smowton
4205f1bd03 Temporarily un-deprecate MethodAccess to decouple from private tests 2023-10-24 14:03:26 +01:00
Chris Smowton
b849a66c97 Update test expectations 2023-10-24 14:02:30 +01:00
Chris Smowton
06238dd5f6 Improve reflective class names 2023-10-24 13:29:32 +01:00
Chris Smowton
011666b48c Fix description and improve predicate name of VarWrite. 2023-10-24 12:59:57 +01:00
Chris Smowton
ede17585a6 Amend NewClassExpr description 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-10-24 12:51:42 +01:00
Chris Smowton
e3edea2a5f Apply simple suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-10-24 12:51:03 +01:00
Stephan Brandauer
eb97ce3294 Java: automodel extraction query docs, candidate examples 2023-10-24 13:49:38 +02:00
Chris Smowton
efb63aada3 Add change note 2023-10-24 11:45:41 +01:00
Chris Smowton
3627eb2bcf Add missing qldoc 2023-10-24 11:15:08 +01:00
Chris Smowton
e8c9708282 Autoformat 2023-10-24 11:06:19 +01:00
Chris Smowton
09e83d1173 Fix isEnclosingMethodAccess wrapper 2023-10-24 11:03:57 +01:00
Chris Smowton
ac38d4c9c6 Mass rename L/RValue -> VarWrite/Read 2023-10-24 10:58:29 +01:00
Chris Smowton
59a49eef0b Add aliases for public, importable renamed classes and predicates. 
Also rename and aliases a couple of uses of Access noted along the way.
 2023-10-24 10:54:35 +01:00
Chris Smowton
f552a15aae Mass-rename MethodAccess -> MethodCall 2023-10-24 10:30:26 +01:00
Chris Smowton
a10731c591 Java: introduce more-intuitive names for ClassInstanceExpr, L/RValue and MethodAccess. 2023-10-24 09:38:49 +01:00
Tony Torralba
cd10dc8a27 Java: Added up to date models for Spring's ResponseEntity 2023-10-23 16:06:11 +02:00
Ian Lynagh
b89088737a Merge pull request #14551 from igfoo/igfoo/loc 
Java/Kotlin: Reshuffle our LoC queries
 2023-10-23 11:50:03 +01:00
Stephan Brandauer
1d7c2f4799 Java: format 2023-10-20 16:37:46 +02:00
Stephan Brandauer
f0c0bbf4c8 remove bug: needless restriction to sink examples in framework mode +examples 2023-10-20 16:34:29 +02:00
Ian Lynagh
26634a3266 Java/Kotlin: Add a changenote for the lines-of-code changes 2023-10-20 13:04:39 +01:00
Ian Lynagh
d816035da6 Java/Kotlin: Tweak LoC message 2023-10-20 13:02:11 +01:00
Ian Lynagh
13a9e83e6a Java/Kotlin: Reshuffle our LoC queries 
There's now a single lines-of-code query that gives the total number of
lines of code over both languages.

Per-language LoC queries are now just summaries.
 2023-10-20 12:43:41 +01:00