hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 13:11:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,540 Commits 1,689 Branches 160 Tags
145dea0e9ba69670e918bd626f00cc4e28075a80
Commit Graph

47540 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
145dea0e9b C++: Introduce a node class that exists before computing SSA. 2022-12-02 10:04:52 +00:00
Jeroen Ketema
2ef13d1df7 Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-29 10:43:01 +01:00
Tom Hvitved
f3dca95958 Merge pull request #11087 from hvitved/dataflow/summary-ctx 
Data flow: Add summary/return context to pruning stages 2-4
 2022-11-29 10:36:53 +01:00
Geoffrey White
e0c8a8ecff Merge pull request #11458 from geoffw0/simplify 
Swift: Simplify some QL.
 2022-11-29 09:29:12 +00:00
Erik Krogh Kristensen
0cd50aac40 Merge pull request #11398 from erik-krogh/splat-stuff 
Rb: add some more flow through splat parameters
 2022-11-28 22:31:25 +01:00
Geoffrey White
edb6325117 Swift: Fix comment. 2022-11-28 17:07:34 +00:00
Geoffrey White
aa5c893d5e Swift: Further simplify. 2022-11-28 17:07:34 +00:00
Geoffrey White
97bd91ed19 Swift: Simplify using ApplyExpr.getArgumentWithLabel. 2022-11-28 16:51:46 +00:00
Paolo Tranquilli
28bf0c9e03 Merge pull request #11365 from github/redsun82/swift-integration-test-pack 
Swift: fix extractor tests pack
 2022-11-28 17:02:54 +01:00
Paolo Tranquilli
ace7146164 Merge pull request #11454 from erik-krogh/swift-test 
Swift: CI cache fixes
 2022-11-28 16:24:22 +01:00
Mathias Vorreiter Pedersen
3716d67cc9 Merge pull request #11451 from geoffw0/wkuserscript 
Swift: models for WKUserScript
 2022-11-28 14:24:19 +00:00
Geoffrey White
f291320655 Merge pull request #11447 from geoffw0/localflow2 
Swift: Update queries to use LocalFlowSource
 2022-11-28 14:18:01 +00:00
erik-krogh
d2824413db skip the only remaining macos job running on main 2022-11-28 14:44:34 +01:00
erik-krogh
751ffbd9c8 use different keys for different caches 2022-11-28 14:44:07 +01:00
Erik Krogh Kristensen
7049532227 Merge pull request #11364 from github/redsun82/swift-ci-cache 
Swift: cache more aggressively in CI
 2022-11-28 14:34:43 +01:00
Geoffrey White
30468dd419 Swift: Implement field content as well. 2022-11-28 12:27:33 +00:00
Geoffrey White
ffbd201450 Swift: Implement basic model of WKUserScript. 2022-11-28 12:20:29 +00:00
Geoffrey White
116d9667e7 Swift: Remove special case from query. 2022-11-28 12:15:38 +00:00
Geoffrey White
3971cbf294 Swift: Extend the taint test with WKUserScript. 2022-11-28 12:11:38 +00:00
Erik Krogh Kristensen
477a32831b Merge pull request #11448 from github/erik-krogh/lgtm-codeql-js-extractor 
JS: update `javascript/extractor/README.md` to mention CodeQL instead of LGTM
 2022-11-28 13:10:25 +01:00
Arthur Baars
a879fd519a Merge pull request #11295 from github/aibaars-patch-2 
"CodeQL False positive" -> "CodeQL false positive"
 2022-11-28 13:06:39 +01:00
Erik Krogh Kristensen
7a3898168f Update README.md 2022-11-28 12:12:36 +01:00
Tom Hvitved
cde05e1190 Data flow: Sync files 2022-11-28 12:11:38 +01:00
Tom Hvitved
c65780ee99 Data flow: Inline revFlowInNotToReturn 2022-11-28 12:11:18 +01:00
Tom Hvitved
bdb205a318 Data flow: Track return kind instead of return position in pruning stages 2-4 2022-11-28 12:11:18 +01:00
Tom Hvitved
4346a7f426 Data flow: Inline fwdFlowOutNotFromArg 2022-11-28 12:11:18 +01:00
Tom Hvitved
70d2a0df8a Data flow: Track parameter position instead of parameter in pruning stages 2-4 2022-11-28 12:11:12 +01:00
Taus
530b795eaa Merge pull request #11402 from yoff/python/port-super-not-enclosing-class 
Python: port `py/super-not-enclosing-class`
 2022-11-28 11:52:57 +01:00
Nick Rolfe
8a94cabdbf Merge pull request #11250 from github/nickrolfe/stack-trace-exposure 
Ruby: add stack-trace exposure query
 2022-11-28 10:45:59 +00:00
Geoffrey White
b3d2e759a6 Swift: Update swift/sql-injection to include local flow sources. 2022-11-28 10:11:44 +00:00
Geoffrey White
a5a459fe0a Swift: Update swift/unsafe-js-eval to include local flow sources. 2022-11-28 10:11:44 +00:00
Michael Nebel
7456f3750d Merge pull request #11432 from michaelnebel/java/flowtestgeneratortools 
Java: Flow test case generator
 2022-11-28 10:41:42 +01:00
erik-krogh
0c2ff98dc2 add flow from the first splat argument to the first splat parameter 2022-11-28 09:54:05 +01:00
erik-krogh
d5725255fe add failing test for splat parameter flow 2022-11-28 09:53:03 +01:00
Michael Nebel
24e830f91d Java: Fix some minor bugs in the CSV printing of summaries for flow test generation. 2022-11-28 09:07:40 +01:00
Michael Nebel
abe4d99e12 Java: Make some rudimentary tooling for testing the flow test case generator script. 2022-11-28 09:07:40 +01:00
Chris Smowton
5a0cce2a18 Merge pull request #11430 from erik-krogh/go-go 
GO: get the Go CI to go fast!
 2022-11-26 11:47:04 +00:00
erik-krogh
2b0ecec0c8 only run other-os on non-ql changes 2022-11-26 10:43:33 +01:00
erik-krogh
dcfa0b38c1 use a non-xl mac runner because the XL runners keep queing 2022-11-26 10:43:33 +01:00
erik-krogh
2b996f11cc use query compilation cache 2022-11-26 10:43:33 +01:00
erik-krogh
1e732ad4d7 use XL workers, and update the windows runner 2022-11-26 10:43:33 +01:00
erik-krogh
d7763f236f use more threads for codeql test 2022-11-26 10:43:33 +01:00
erik-krogh
b6034b4935 delete language specific format check 2022-11-26 10:43:30 +01:00
Chris Smowton
fb1f22144d Merge pull request #11352 from smowton/smowton/admin/kotlin-tests-1.7.20 
Kotlin: bump default CI version to 1.7.20
 2022-11-25 21:05:10 +00:00
Chris Smowton
0879f02db6 Adapt custom_plugin test to Kotlin 1.7.20 2022-11-25 17:54:53 +00:00
Jeroen Ketema
53b86fd53b Merge pull request #11428 from jketema/default-taint-tests 
C++: Add more tests that exercise the default taint barrier implementation
 2022-11-25 12:13:18 +01:00
Chris Smowton
180c3cee44 Accept integration test changes caused by variable location changes 2022-11-25 10:54:50 +00:00
Chris Smowton
32847c125a Accept more test changes due to variable locations changing 
There is also one non-location change: kotlin.Byte (and likely other primitives) now have real equals and toString overrides, which matches their native source and documentation; before they appeared to have fake overrides.
 2022-11-25 10:47:48 +00:00
Alex Ford
8362caa9d9 Merge pull request #11417 from alexrford/ruby/activesupport-json_escape 
Ruby: model ActiveSupport `json_escape` flow
 2022-11-25 10:46:34 +00:00
Chris Smowton
8ec681e61c Kotlin: bump default CI version to 1.7.20 
A bunch of test expectations change because 7f531d8426 means that we now see (a) local variable declarations with source locations covering only their identifier, not the whole statement, and (b) more SYNTHETIC_OFFSET values for the parts of a destructuring assignment
or initialiser, which show up as file.kt:0:0:0:0 in DbLocation form.
 2022-11-25 10:19:26 +00:00