hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-07 16:14:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
77,106 Commits 1,732 Branches 164 Tags
30ff68dc715f5b13b04f0561245ede080d2beb36
Commit Graph

77106 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Taus
a9ab39da1b Merge pull request #18448 from github/tausbn/python-add-type-annotation-metrics-query 
Python: Add metrics query for type annotations
 2025-03-06 13:52:26 +01:00
Anders Schack-Mulligen
5e722eecf7 Ruby: Push in casts to Definition to delete the then unused DefinitionExt. 2025-03-06 13:31:31 +01:00
Anders Schack-Mulligen
9e6bdbbcbb SSA: Don't add phi-reads for frontiers of uncertain reads. 2025-03-06 12:47:38 +01:00
Anders Schack-Mulligen
947a85ed28 Java: Enable SSA consistency queries. 2025-03-06 12:47:38 +01:00
Anders Schack-Mulligen
d95114fb1d SSA: Extend consistency queries. 2025-03-06 12:47:37 +01:00
Michael Nebel
fb3ce464be C#: Address review comments. 2025-03-06 11:48:35 +01:00
Michael B. Gale
7e984ad48e Merge pull request #18938 from github/dependabot/go_modules/go/extractor/extractor-dependencies-94582fc3a1 
Bump the extractor-dependencies group in /go/extractor with 2 updates
 2025-03-06 10:47:50 +00:00
Owen Mansel-Chan
7b2912376b Add failing test for os.File.Sync with defered Close calls 2025-03-06 10:14:28 +00:00
Owen Mansel-Chan
cbe7edd9c6 Merge pull request #18907 from teuron/cwe-925 
[CWE-925] Intent verification is only needed on non-empty onReceive methods.
 2025-03-06 10:00:05 +00:00
Joe Farebrother
2692b8fa9f Merge pull request #18936 from joefarebrother/python-add-not-named-self-cls-ccr 
Python: Include `py/not-named-self` and `py/not-named-cls` in the CCR suite
 2025-03-06 09:51:14 +00:00
Owen Mansel-Chan
0c091ffe31 Merge pull request #18920 from owen-mc/go/mad/improve-sync-models 
Go: Do not track taint into a `sync.Map` via the key of a key-value pair
 2025-03-06 09:40:49 +00:00
Lukas Abfalterer
32e1589745 Update java/ql/src/change-notes/2025-03-03-fix-improper-intent-verification-query.md 
Co-authored-by: Edward Minnix III <egregius313@github.com>
 2025-03-06 09:57:16 +01:00
Tom Hvitved
ec063d0dbd Rust: Fix bad joins 
```
Evaluated relational algebra for predicate _Synth::Synth::TFormatArgument#5cbf2ffd_63#join_rhs__Format::Format.getArgumentRef/0#dispred#38d664c__#antijoin_rhs@889ee4br with tuple counts:
           11356  ~0%    {5} r1 = JOIN `_Format::Format.getArgumentRef/0#dispred#38d664cb_Format::Format.getParent/0#dispred#f6ec3e8b_10#joi__#shared` WITH Synth::Synth::TFormatArgument#5cbf2ffd_63#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3, Lhs.0
        19631351  ~0%    {6}    | JOIN WITH name_texts_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3, Lhs.4, Lhs.0
           45933  ~0%    {6}    | JOIN WITH format_args_arg_names_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.2, Lhs.3, Lhs.4, Lhs.5
             747  ~0%    {5}    | JOIN WITH format_args_expr_args_02#join_rhs ON FIRST 2 OUTPUT Lhs.0, Lhs.2, Lhs.3, Lhs.4, Lhs.5
                         return r1

Evaluated relational algebra for predicate __Format::Format.getParent/0#dispred#f6ec3e8b_FormatArgument::FormatArgument.getParent/0#dispred#864__#antijoin_rhs@01d9d70k with tuple counts:
        19631351  ~1%    {6} r1 = JOIN `_Format::Format.getParent/0#dispred#f6ec3e8b_FormatArgument::FormatArgument.getParent/0#dispred#8641__#shared` WITH name_texts_10#join_rhs ON FIRST 1 OUTPUT Lhs.4, Lhs.0, Lhs.1, Lhs.2, Lhs.3, Rhs.1
         5173010  ~0%    {7}    | JOIN WITH format_args_expr_args ON FIRST 1 OUTPUT Rhs.2, Lhs.5, Lhs.1, Lhs.2, Lhs.3, Lhs.4, Lhs.0
             747  ~0%    {5}    | JOIN WITH format_args_arg_names ON FIRST 2 OUTPUT Lhs.2, Lhs.3, Lhs.4, Lhs.5, Lhs.6
                         return r1

Evaluated relational algebra for predicate _NamedFormatArgument::NamedFormatArgument#18940f8e__Format::Format.getParent/0#dispred#f6ec3e8b_10#j__#antijoin_rhs@dafbd6hr with tuple counts:
           11356  ~0%    {5} r1 = JOIN `_Format::Format.getParent/0#dispred#f6ec3e8b_10#join_rhs_FormatArgument::FormatArgument.getParent/0#__#shared` WITH NamedFormatArgument::NamedFormatArgument#18940f8e ON FIRST 1 OUTPUT Rhs.4, Lhs.1, Lhs.2, Lhs.3, Lhs.0
        19631351  ~0%    {6}    | JOIN WITH name_texts_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3, Lhs.4, Lhs.0
           45933  ~0%    {6}    | JOIN WITH format_args_arg_names_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.2, Lhs.3, Lhs.4, Lhs.5
             747  ~0%    {5}    | JOIN WITH format_args_expr_args_02#join_rhs ON FIRST 2 OUTPUT Lhs.0, Lhs.2, Lhs.3, Lhs.4, Lhs.5
                         return r1

```
 2025-03-06 09:02:42 +01:00
dependabot[bot]
1037626a28 Bump the extractor-dependencies group in /go/extractor with 2 updates 
Bumps the extractor-dependencies group in /go/extractor with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/mod` from 0.23.0 to 0.24.0
- [Commits](https://github.com/golang/mod/compare/v0.23.0...v0.24.0)

Updates `golang.org/x/tools` from 0.30.0 to 0.31.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.30.0...v0.31.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-06 04:02:51 +00:00
Owen Mansel-Chan
63bfa36be8 Convert to inline expectations test 2025-03-05 21:39:04 +00:00
Joe Farebrother
a06de21f45 Python: Include py/not-named-self and py/not-named-cls in the CCR suite. 2025-03-05 15:13:20 +00:00
Michael Nebel
c73eeec814 C#: Add change note. 2025-03-05 15:33:02 +01:00
Michael Nebel
dd7d5d031c C#: Update test expected output. 2025-03-05 15:27:01 +01:00
Michael Nebel
35fbaf4ac3 C#: Do flag empty if statements if there is a comment in cs/useless-if-statement. 2025-03-05 15:26:39 +01:00
Michael Nebel
361bdfac12 C#: Add a testcase with an empty if statement containing a comment. 2025-03-05 15:22:22 +01:00
Owen Mansel-Chan
f2947f7066 Fix indentation 2025-03-05 14:13:53 +00:00
Jami Cogswell
0eec951218 Java: update change note to mention removal from Community Packs 2025-03-05 08:55:51 -05:00
Michael Nebel
a9d45a2aa2 C#: Add some tests for cs/useless-if-statement. 2025-03-05 14:32:41 +01:00
Lukas Abfalterer
b4c75d832c Merge branch 'main' into cwe-925 2025-03-05 14:15:07 +01:00
Anders Schack-Mulligen
c6761db2fc SSA: Replace the Guards interface in the SSA data flow integration. 2025-03-05 13:29:31 +01:00
Anders Schack-Mulligen
a02735326a Ruby: Remove some DefinitionExt references and deprecate the rest. 2025-03-05 12:57:15 +01:00
Lukas Abfalterer
41e9a837e5 Fix naming 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2025-03-05 12:50:54 +01:00
Mathias Vorreiter Pedersen
38bf9c6835 Merge pull request #18908 from aschackmull/cpp/branchlimit-adjustment-refactor 
C++: Change countNumberOfBranchesUsingParameter to match qldoc closer.
 2025-03-05 11:21:38 +00:00
Anders Schack-Mulligen
709d36b502 Merge pull request #18869 from aschackmull/ssa/refactor3 
Ssa: Update qltests including consistency checks
 2025-03-05 11:40:27 +01:00
Napalys
d884e5fe6b Upgraded javascrip database schema 2025-03-05 11:06:56 +01:00
Napalys
95d05ceab8 Now store vFlagEnabled instead of each time searching for it. 
Added `uFlagEnabled` for checking how should `\p{}` be treated. And small optimization.
 2025-03-05 10:34:38 +01:00
Lukas Abfalterer
c9b75afc2a Fix QLL and add change notes with tests 2025-03-05 10:23:35 +01:00
Napalys
8086c25abe Removed Union as standard character class is already an union. 2025-03-05 10:07:20 +01:00
Michael Nebel
5c931fa897 C#: Improve comments. 2025-03-05 09:50:52 +01:00
Napalys
8099423b6d Renamed character class operators lists to elements. 2025-03-05 09:34:21 +01:00
Napalys
9ea89cd63f Added a test case from #18854 2025-03-05 09:34:20 +01:00
Napalys
c7f03df1eb Added change note 2025-03-05 09:34:18 +01:00
Michael Nebel
d5ee93dbbc C#: Anonymous types should not be considered unknown. 2025-03-05 09:04:58 +01:00
Michael Nebel
3b764b0640 C#: Update test expected output. 2025-03-05 09:04:56 +01:00
Michael Nebel
fc5a49ef84 C#: Handle some broken types in BMN. 2025-03-05 09:04:54 +01:00
Michael Nebel
e835d8b168 C#: Change the populate logic context. It looks like a mistake that the only flag set is Standalone. 2025-03-05 09:04:53 +01:00
Michael Nebel
c2b835da40 C#: Re-factor the check whether we are in standalone mode. 2025-03-05 09:04:52 +01:00
Michael Nebel
9af170f60e C#: Add BMN test using broken types. 2025-03-05 09:04:50 +01:00
Michael Nebel
5551aebaa9 C#: Add a primary ql class for UnknownType. 2025-03-05 09:04:49 +01:00
Taus
bf3d9ee6a9 Python: Address review comments 2025-03-04 22:30:55 +00:00
Jeroen Ketema
e50ebfc8c2 C++: Improve query description and fix alignment of the text 2025-03-04 20:50:27 +01:00
Taus
f246ef764a Python: Update change note 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2025-03-04 18:09:54 +01:00
Jeroen Ketema
795a2e1175 Merge pull request #18923 from jketema/template-arguments 
C++: Update template test to also output the value of template arguments
 2025-03-04 17:56:14 +01:00
Paolo Tranquilli
7a78766584 Merge pull request #18789 from github/redsun82/cargo-upgrade 
Upgrade cargo dependencies
 2025-03-04 17:34:58 +01:00
Jami Cogswell
82062e2847 Java: update test 2025-03-04 11:15:00 -05:00