hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-07 16:14:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
77,106 Commits 1,732 Branches 164 Tags
30ff68dc715f5b13b04f0561245ede080d2beb36
Commit Graph

77106 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Taus
50a01b1244 Python: Remove superfluous reference to FunctionExpr 
This way we also get annotations that appear in `Lambda`s
 2025-03-04 15:53:34 +00:00
Jami Cogswell
746f022cfa Java: add 'Spring' prefix to public class names 2025-03-04 10:34:16 -05:00
Jeroen Ketema
324499e447 C++: Update template test to also output the value of template arguments 
These values are currently the same as the result that `getTemplateArgument`
yields. However, this will change with the upcoming frontend update.
 2025-03-04 16:24:21 +01:00
Owen Mansel-Chan
e2456ea59e Update go/ql/lib/change-notes/2025-03-04-improve-models-for-sync-map.md 
Co-authored-by: Michael B. Gale <mbg@github.com>
 2025-03-04 15:07:24 +00:00
Taus
5d3b40d514 Python: Add change note 2025-03-04 14:47:03 +00:00
Taus
88615f427b Python: Add support for forward declarations in unused var query 
Fixes the false positive reported in
https://github.com/github/codeql/issues/18910

Adds a new `Annotation` class (subclass of `Expr`) which encompasses all
possible kinds of annotations in Python.

Using this, we look for string literals which are part of an annotation,
and which have the same content as the name of a (potentially) unused
global variable, and in that case we do not produce an alert.

In future, we may want to support inspecting such string literals more
deeply (e.g. to support stuff like "list[unused_var]"), but I think for
now this level of support is sufficient.
 2025-03-04 14:41:45 +00:00
Tom Hvitved
b8dd2e551e Merge pull request #18919 from hvitved/rust/ast-consistency-internal 
Rust: Move `AstConsistency.qll` into `internal`
 2025-03-04 15:35:34 +01:00
Simon Friis Vindum
980ed23e63 Merge pull request #18922 from paldepind/rust-model-generation-require-name 
Rust: Exclude functions without canonical path from model generation
 2025-03-04 15:35:08 +01:00
Jeroen Ketema
45c4f3f898 Merge pull request #18914 from github/esteffin/bmn-include-file-resolution-statistics 
C++ query to extract the number of errors due to include file resolution failure
 2025-03-04 15:13:45 +01:00
Enrico Steffinlongo
e230166fe2 Add C++ query to extract the status of include file resolution 2025-03-04 13:57:17 +00:00
Taus
301ebcb12b Python: Extend test cases for "unused global var" query 
Adds two test cases having to do with type annotations. The first one
demonstrates that type annotations (even if they are never executed by
the Python interpreter) count as uses for the purposes of the unused
variable query. The second one demonstrates that this is _not_ the case
if all such uses are inside strings (i.e. forward declarations), as we
do not currently inspect the content of these strings.
 2025-03-04 13:52:31 +00:00
Paolo Tranquilli
e91911b4b4 Merge branch 'main' into redsun82/cargo-upgrade 2025-03-04 14:09:28 +01:00
Simon Friis Vindum
c89e648738 Rust: Exclude function without canonical path from model generation 2025-03-04 13:56:10 +01:00
Owen Mansel-Chan
07c041483d Add change note 2025-03-04 12:14:43 +00:00
Owen Mansel-Chan
36908e8ef0 Do not track taint for keys in sync.Map 
There is no way to get the value of a key out of a `sync.Map`.
 2025-03-04 12:11:49 +00:00
Paolo Tranquilli
4d10c4110a Rust: address review 2025-03-04 13:05:59 +01:00
Tom Hvitved
1f13f0009f Rust: Move AstConsistency.qll into internal 2025-03-04 13:00:09 +01:00
Jami
c22b05a6f4 Merge pull request #18900 from jcogs33/jcogs33/java/unreleased-lock-fp 
Java: handle lock state check stored in variable for `java/unreleased-lock`
 2025-03-04 06:38:56 -05:00
Paolo Tranquilli
e0d0dc9a80 Rust: tweak qltest logs 
* verbosity is raised to DEBUG to have more information in the logs
* color codes are now skipped in the `qltest.log` file
* they are still printed out on the console when running with
  `--show-extractor-output`.
 2025-03-04 12:33:14 +01:00
Anders Schack-Mulligen
6c89602691 SSA: Add some qldoc. 2025-03-04 12:24:25 +01:00
Anders Schack-Mulligen
f5eb2d94bc SSA: Use Definition.getLocation in DefinitionExt. 2025-03-04 12:24:25 +01:00
Anders Schack-Mulligen
5a909aa69c C#: Remove remaining DefinitionExt references. 2025-03-04 12:24:24 +01:00
Anders Schack-Mulligen
4c0e5f62cf Rust: Remove remaining DefinitionExt references. 2025-03-04 12:24:24 +01:00
Anders Schack-Mulligen
00b8c80c24 SSA/C#/Ruby/Rust: Clean up SSA consistency queries. 
The RelevantDefinition class is no longer needed since the introduction
of LocationSig.
 2025-03-04 12:24:23 +01:00
Anders Schack-Mulligen
8474a47c2b Rust: Switch test to use dedicated test module. 2025-03-04 12:24:23 +01:00
Anders Schack-Mulligen
122034fe8c Ruby: Switch test to use dedicated test module. 2025-03-04 12:24:23 +01:00
Anders Schack-Mulligen
f0993fc97e C#: Switch test to use dedicated test module. 2025-03-04 12:24:22 +01:00
Anders Schack-Mulligen
2f744ce3ec SSA: Expose module for qltesting adjacent references. 2025-03-04 12:24:22 +01:00
Anders Schack-Mulligen
9e03b12ba0 C#/Java/Ruby/Rust/SSA: Replace DefinitionExt with SourceVariable in data flow integration predicates. 2025-03-04 12:24:21 +01:00
Anders Schack-Mulligen
39bba7f5c2 SSA: Change a few DefinitionExt uses that are actually just Definitions. 2025-03-04 12:24:21 +01:00
Anders Schack-Mulligen
42eef9e4b7 SSA: Deprecate getDefinitionExt. 2025-03-04 12:24:20 +01:00
Paolo Tranquilli
2a29239b01 Merge branch 'main' into redsun82/cargo-upgrade 2025-03-04 10:05:41 +01:00
Simon Friis Vindum
0d1865d718 Merge pull request #18872 from paldepind/rust-ref-mut 
Rust: Allow SSA and some data flow for mutable borrows
 2025-03-04 09:25:18 +01:00
Michael Nebel
96c0ca87fc Merge pull request #18865 from carldybdahl-microsoft/csharp/path-combine 
Add CodeQL recommendation against Path.Combine
 2025-03-04 08:51:04 +01:00
Carl Dybdahl
2f7cdf1bfa Improvements 2025-03-03 15:32:15 +01:00
Carl Dybdahl
b3447959fa Match autoformatting, add QLDoc references 2025-03-03 15:32:15 +01:00
Carl Dybdahl
d371723fe4 Fix test 2025-03-03 15:32:15 +01:00
Carl Dybdahl
d82295c54a Add QLDoc 2025-03-03 15:32:15 +01:00
Carl Dybdahl
aa6779f19f Add changelog 2025-03-03 15:32:15 +01:00
Carl Dybdahl
35fd4d226f Oops 2025-03-03 15:32:15 +01:00
Carl Dybdahl
44e6691e6d Add implementation and tests 2025-03-03 15:32:15 +01:00
Geoffrey White
7f56c67544 Merge pull request #18837 from geoffw0/overflowbuffer 
C++: Improve and promote cpp/overflow-buffer
 2025-03-03 14:17:12 +00:00
Anders Schack-Mulligen
5d91f2e119 C++: Change countNumberOfBranchesUsingParameter to match qldoc closer. 2025-03-03 15:14:28 +01:00
Napalys
c0202f6085 Updated dbscheme 2025-03-03 14:37:47 +01:00
Napalys
fe6de2f672 Added support for character class union in regex processing 2025-03-03 14:37:46 +01:00
Napalys
1e05f327d6 Added test cases for union. 2025-03-03 14:37:44 +01:00
Napalys
3664d50772 Added support for -- subtraction opetor. 2025-03-03 14:37:43 +01:00
Napalys
ee83c42b71 Added test cases for subtraction --. 2025-03-03 14:37:42 +01:00
Napalys
381b5ebe8a Added intersection support 2025-03-03 14:37:40 +01:00
Napalys
fa5093f6ad Added test cases for intersection 2025-03-03 14:37:39 +01:00