hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 11:46:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,246 Commits 1,672 Branches 157 Tags
320c671b73dcb6a30428e6292a925fa586464da8
Commit Graph

6235 Commits

Author SHA1 Message Date
Joe Farebrother
320c671b73 Adress reveiw comments - make use of existing ql libraries 2022-06-14 14:56:24 +01:00
Joe Farebrother
9d048e78af Apply suggestions from code review - fix typos/style, make things private 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-06-14 14:56:23 +01:00
Joe Farebrother
d88d216388 Add change note 2022-06-14 14:56:23 +01:00
Joe Farebrother
2fc142f41f Add security severity 2022-06-14 14:56:23 +01:00
Joe Farebrother
8e2e8cc77f Add qhelp 2022-06-14 14:56:22 +01:00
Joe Farebrother
4aed1a1e23 Add test cases; fix handling of recievers declared through xml 2022-06-14 14:56:22 +01:00
Joe Farebrother
87f26bf033 Fix typos 2022-06-14 14:56:22 +01:00
Joe Farebrother
1959f49165 Add Improper Intent Verification query 2022-06-14 14:56:21 +01:00
Ian Lynagh
7c5a4909c6 Merge pull request #9468 from igfoo/igfoo/overloads 
Kotlin: Put overloads together
 2022-06-13 10:44:55 +01:00
Ian Lynagh
bdae353d4d Merge pull request #9475 from igfoo/igfoo/builddir 
Kotlin: Do each build in its own directory
 2022-06-13 10:44:36 +01:00
Ian Lynagh
ae472f32de Merge pull request #9453 from igfoo/igfoo/sam 
Kotlin: Simplify samMember computation
 2022-06-13 10:44:18 +01:00
Ian Lynagh
d8edc83ea2 Merge pull request #9451 from igfoo/igfoo/useValueParameter 
Kotlin: Remove some redundant code
 2022-06-13 10:43:54 +01:00
Ian Lynagh
669c1faf29 Kotlin: Do each build in its own directory 
This can make life easier when debugging.
 2022-06-10 15:01:37 +01:00
Ian Lynagh
6055aaf048 Kotlin: Put overloads together 
Makes it easier when reading the code.

The substituteTypeArguments functions aren't actually overloads, but I
think the same applies.
 2022-06-09 17:43:11 +01:00
Ian Lynagh
5c9fea2283 Kotlin: Remove unused idOverride argument to extractFunction 2022-06-07 11:34:43 +01:00
Ian Lynagh
33e11b3014 Kotlin: Simplify samMember computation 2022-06-07 11:11:00 +01:00
Ian Lynagh
763f869e3f Kotlin: Remove some redundant code 2022-06-06 20:49:36 +01:00
Tamas Vajk
0a484aadf1 Improve code quality based on PR review 2022-06-03 11:17:13 +02:00
Tamas Vajk
ba5cf5b1b2 Kotlin: Fix fake raw type symbols used by the Parcelize plugin 2022-06-03 11:17:13 +02:00
Chris Smowton
70c74bfcc0 Merge pull request #9418 from smowton/smowton/admin/test-java-kotlin-map-entries 
Kotlin: add test for Java and Kotlin both extending Map.Entry
 2022-06-02 15:52:59 +01:00
Chris Smowton
3d63cec1e8 Autoformat 2022-06-02 14:45:28 +01:00
Chris Smowton
ebb52adba6 Kotlin: add test for Java and Kotlin both extending Map.Entry 2022-06-02 13:30:39 +01:00
Chris Smowton
8b1605a617 Merge pull request #9405 from smowton/smowton/fix/restore-wildcard-types 
Kotlin: Introduce / restore implied wildcard types
 2022-06-02 13:26:11 +01:00
Chris Smowton
efc534abe7 Add implied wildcards when extracting type parameter bounds 
kotlinc seems to always insert wildcards where type parameter variance implies them, and ignores @JvmSuppressWildcards at least in 1.6.20.
 2022-06-02 11:37:15 +01:00
Chris Smowton
c1592cb1dc Accept test changes 2022-06-02 10:31:35 +01:00
Chris Smowton
910bb51094 Extract WildcardTypeAccesses 
Their absence became more noticeable now that more implicit wildcards are being produced.
 2022-06-02 10:31:08 +01:00
Tamás Vajk
d7b06aa2ba Merge pull request #9401 from tamasvajk/kotlin-cleanup 
Kotlin: Reuse `codeQlWithHasQuestionMark`
 2022-06-02 10:24:17 +02:00
github-actions[bot]
ab4b7d8509 Add changed framework coverage reports 2022-06-02 00:18:51 +00:00
Chris Smowton
dc7d07ff46 Extract correct implied wildcards for Java classes and @JvmSuppressWildcards-annotated entities 
For Java classes this means following the structure of the underlying Java type to determine where the wildcard was really present and where the Java signature ruled it out. The annotation tracking simply means looking for @JvmSuppressWildcards on any surrounding class or function to turn off wildcard introduction by default.
 2022-06-01 20:00:22 +01:00
Chris Smowton
37fce6ace9 Restore implicit wildcard types 
The Kotlin compiler represents types like List<out CharSequence> internally as List<CharSequence> due to the fact that List's type parameter is covariant, and similarly Comparable<in CharSequence> where Comparable's type parameter is contravariant. However it restores use-site variance when emitting class files, so we must do the same thing for
compatability with Java code.

Note this is a partial solution because it will also add wildcards to Java .class files that *could* have a variance / wildcard but don't -- for example, a Java method could really take an invariant Comparable<CharSequence>, which is only achievable in Kotlin via the @JvmSuppressWildcards annotation. We also don't yet support
@JvmSuppressWildcards given on a surrounding class or function.
 2022-06-01 19:58:40 +01:00
Ian Lynagh
e0d9317889 Merge pull request #9389 from igfoo/igfoo/function_loc_override 
Kotlin: Remove extractFunction's location override
 2022-06-01 11:46:22 +01:00
Ian Lynagh
703ced3fe9 Merge pull request #9390 from igfoo/igfoo/valueparam 
Kotlin: extractValueParameter: Simplify typeSubstitution logic
 2022-06-01 11:46:05 +01:00
Anders Schack-Mulligen
9abd2259d3 Merge pull request #9381 from aschackmull/redos/perf 
ReDoS: Improve performance in ExponentialBackTracking.qll.
 2022-06-01 10:39:28 +02:00
Anders Schack-Mulligen
4f3751dfea Merge pull request #9316 from hvitved/dataflow/edges-get-a-successor-consistency 
Data flow: Make `PathGraph::edges/2` and `PathNode::getASuccessor/1` consistent
 2022-06-01 10:38:25 +02:00
Michael Nebel
9cc10e4511 Merge pull request #9257 from michaelnebel/java/mad-commons-io-sha 
Java: Update commons-io SHA for model regeneration and update models.
 2022-06-01 09:46:30 +02:00
Ian Lynagh
6be4afcf36 Kotlin: extractValueParameter: Simplify typeSubstitution logic 
The type substitution is now done in the wrapper, so the worker doesn't
need to be passed typeSubstitution.
 2022-05-31 19:23:54 +01:00
Ian Lynagh
21d69ae819 Kotlin: Remove extractFunction's location override 
It wasn't being used.
 2022-05-31 17:43:25 +01:00
Nick Rolfe
f417c12c5e Merge pull request #9332 from github/post-release-prep/codeql-cli-2.9.3 
Post-release preparation for codeql-cli-2.9.3
 2022-05-31 16:17:50 +01:00
Tamás Vajk
7f5dcfaf0f Merge pull request #9379 from tamasvajk/kotlin-android-specific-return-types 
Kotlin: Change return type of Android specific `ConcurrentHashMap.keySet`
 2022-05-31 14:00:36 +02:00
github-actions[bot]
ed2f3409bc Post-release preparation for codeql-cli-2.9.3 2022-05-31 09:54:55 +00:00
Anders Schack-Mulligen
9212886767 Merge pull request #9286 from aschackmull/java/perf-customnullguard 
Java: Improve customNullGuard performance.
 2022-05-31 11:36:01 +02:00
Anders Schack-Mulligen
e016feeb5c ReDoS: Improve performance in ExponentialBackTracking.qll. 2022-05-31 11:04:03 +02:00
Tamas Vajk
90fdd7eaf9 Kotlin: Reuse codeQlWithHasQuestionMark 2022-05-31 08:47:25 +02:00
Tamas Vajk
89ffefd45e Kotlin: Change return type of Android specific ConcurrentHashMap.keySet 2022-05-30 23:45:38 +02:00
Chris Smowton
1708719fdf Merge pull request #9343 from smowton/smowton/fix/align-kotlin-java-generic-types 
Kotlin: extract methods defined on collections types with their Java signatures
 2022-05-30 17:52:58 +01:00
Michael Nebel
61151d8980 Java: Update workflows and scripts usages to only generate summaries and sinks. 2022-05-30 13:53:44 +02:00
Michael Nebel
72dd1a6ec9 Java: Generate models without sources. 2022-05-30 13:40:14 +02:00
Michael Nebel
a0ae8b3a97 Merge pull request #9361 from michaelnebel/java/capturemodels-metadata 
Java: Update capture models meta data.
 2022-05-30 13:22:09 +02:00
Chris Smowton
49d9d8e7d6 Remove unused imports 2022-05-30 09:59:11 +01:00
Michael Nebel
815dff338d Java: Update capture models meta data. 2022-05-30 09:44:39 +02:00