hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-24 02:43:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,256 Commits 1,693 Branches 161 Tags
3fbe348f99252ee043185ba48c9823b22eed1888
Commit Graph

80256 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Napalys Klicius
3fbe348f99 Merge pull request #19784 from Napalys/js/express_middleware 
JS: Improve Express middleware taint tracking
 2025-06-20 15:36:26 +02:00
Tom Hvitved
b234d775ac Merge pull request #19816 from hvitved/rust/path-resolution-crate-self 
Rust: Path resolution for `crate::{self as foo}`
 2025-06-20 14:50:28 +02:00
Paolo Tranquilli
f1f36db068 Merge pull request #19828 from github/redsun82/rust-fix-nightly-toolchain 
Rust: fix nightly toolchain version for tests using it
 2025-06-20 14:40:05 +02:00
Napalys Klicius
c1b2fd86b2 Update javascript/ql/lib/semmle/javascript/frameworks/Express.qll 
Co-authored-by: Taus <tausbn@github.com>
 2025-06-20 14:29:51 +02:00
Simon Friis Vindum
6773903786 Merge pull request #19820 from paldepind/rust/explicit-dereference 
Rust: Fix type inference for explicit dereference with `*` to the `Deref` trait
 2025-06-20 14:23:14 +02:00
Paolo Tranquilli
7f1769e8d1 Rust: fix nightly toolchain version for tests using it 
Rather than fixing the version separately for each test, we can just
request to use a nightly in the `options.yml` file, with the specific
version hard-coded in `qltest.rs`. We can update it if we need to.

It's better to have a single nightly version for all tests that require
it, in order to avoid downloading more versions than necessary.
 2025-06-20 14:03:42 +02:00
Simon Friis Vindum
bd2812c821 Rust: Only resolve deref methods on references to avoid blowup 2025-06-20 12:49:22 +02:00
Napalys Klicius
8b3137626c Merge pull request #19743 from Napalys/js/quality/loop_shift 
JS: Promote `js/loop-iteration-skipped-due-to-shifting` to the Code Quality suite
 2025-06-20 12:36:29 +02:00
Napalys Klicius
bca536c5b6 Merge remote-tracking branch 'origin/main' into js/quality/loop_shift 2025-06-20 11:30:20 +02:00
Napalys Klicius
8c2bda32df Merge pull request #19776 from Napalys/js/mass_quality_promotion 
JS: Mass promotion of queries to `quality` status
 2025-06-20 10:53:32 +02:00
Owen Mansel-Chan
529b6a5365 Merge pull request #19730 from owen-mc/update-qhelp-style-guide-for-markdown-format 
Update qhelp style guide for markdown format
 2025-06-20 09:53:12 +01:00
Napalys Klicius
7c25bcdad1 Changed js/duplicate-condition to reliability and correctness 2025-06-20 08:06:03 +02:00
Simon Friis Vindum
6b2c125bb0 Rust: Updated expected files 2025-06-19 21:01:53 +02:00
Simon Friis Vindum
09bf05f0df Rust: Fix types for * to deref overload 2025-06-19 21:01:26 +02:00
Napalys Klicius
aa3e9c6579 Changed js/unreachable-statement to reliability and correctness 2025-06-19 19:52:03 +02:00
Napalys Klicius
32dd665472 Changed js/unused-loop-variable to reliability and correctness 2025-06-19 19:45:20 +02:00
Napalys Klicius
4fd3ef8f1c Changed js/useless-assignment-in-return to reliability and correctness 2025-06-19 19:37:13 +02:00
Napalys Klicius
4bc97326d1 Changed js/label-in-switch to reliability and correctness 2025-06-19 19:30:53 +02:00
Napalys Klicius
125add1e19 Changed js/node/missing-exports-qualifier to reliability and correctness 2025-06-19 19:24:00 +02:00
Napalys Klicius
2ab35d6a45 Changed js/node/assignment-to-exports-variable to reliability and correctness 2025-06-19 19:21:06 +02:00
Napalys Klicius
c1d29cc48a Changed js/whitespace-contradicts-precedence to reliability and correctness 2025-06-19 18:26:12 +02:00
Napalys Klicius
bb9a2289a3 Changed js/conditional-comment to reliability and correctness 2025-06-19 18:25:31 +02:00
Owen Mansel-Chan
cdd6245b98 Merge pull request #19799 from owen-mc/java/quality-tags 
Java: Tag quality queries with `quality` and sub-category
 2025-06-19 16:43:02 +01:00
Napalys Klicius
ad6c6b2d26 Changed js/angular/dependency-injection-mismatch to reliability and correctness 2025-06-19 17:16:32 +02:00
Taus
036489c6bd Merge pull request #19812 from joefarebrother/python-qual-tagging 
Python: Tag quality queries with `quality` and sub category.
 2025-06-19 16:30:51 +02:00
Napalys Klicius
c18fe303d0 JS: Changed MissingThisQualifier to reliability and correctness 2025-06-19 16:27:00 +02:00
Napalys Klicius
244bf428a1 JS: Fixed typo. 2025-06-19 16:26:07 +02:00
Jon Janego
a1e95069f3 Merge pull request #19815 from github/quality-top-level-tags 
Update query-metadata-style-guide.md
 2025-06-19 09:01:22 -05:00
Joe Farebrother
f457453647 Update redundant assignment to be a correctness issue for cross language consistency 2025-06-19 14:22:12 +01:00
Joe Farebrother
e67f057b85 Update integration test output 2025-06-19 14:09:55 +01:00
Joe Farebrother
63d7eac127 Ensure exactly one subcategory is used 2025-06-19 14:09:07 +01:00
Joe Farebrother
c8c92a7139 Update tags for mixed-tuple-returns to include exactly 1 subcategory 2025-06-19 14:09:00 +01:00
Joe Farebrother
c3f7b18055 Review suggestions - update some tags 2025-06-19 14:08:51 +01:00
Joe Farebrother
09516a47d3 Fix integration test output 2025-06-19 14:08:42 +01:00
Joe Farebrother
d28a19c961 Update integration test output & add changenote 2025-06-19 14:08:30 +01:00
Joe Farebrother
fa5b2ef794 Tag remaining high precision quality queries 
Excluded queries that are python 2 specific; as well as the cyclic import queries
 2025-06-19 14:08:07 +01:00
Joe Farebrother
02f8ec33f2 Tag 'type-checking'-like quality queries 2025-06-19 14:07:55 +01:00
Joe Farebrother
4b1d31c976 Tag 'linter-like' quality queries that don't use pointsto 2025-06-19 14:07:42 +01:00
Joe Farebrother
869e33e38c Tag 'linter-like' quality queries that use pointto 
Excluded for now: unnecassary-delete; since the pattern is often intentional to break reference cycles, which the query doesn't account for; so uncertain about its claim of high precision
 2025-06-19 14:07:15 +01:00
Joe Farebrother
5c4548df45 Tag more quality queries. 
Excluded for now for uncertainty: incomplete ordering, import deprecated module
 2025-06-19 14:06:57 +01:00
Joe Farebrother
049c0705a9 Tag quality queries that are high precision and dont use pointsto 2025-06-19 14:06:46 +01:00
Simon Friis Vindum
7d536a3c80 Rust: When resolving methods on reference also consider the reference itself 2025-06-19 14:57:52 +02:00
Nora Dimitrijević
b62a6db314 Merge pull request #19760 from d10c/d10c/go/diff-informed-2 
Go: mass-enable diff-informed queries phase 2 - `getASelected{Source,Sink}Location() { none() }`
 2025-06-19 14:44:56 +02:00
Nora Dimitrijević
9974f9e93b Merge pull request #19759 from d10c/d10c/cpp/diff-informed-2 
C++: mass-enable diff-informed queries phase 2 - `getASelected{Source,Sink}Location() { none() }`
 2025-06-19 14:44:04 +02:00
Simon Friis Vindum
845179665c Rust: Add type inference test with borrow of unknown argument 2025-06-19 14:29:27 +02:00
Simon Friis Vindum
7c9d15b605 Rust: Add test with method on borrow 2025-06-19 14:29:26 +02:00
Simon Friis Vindum
9bdb541065 Rust: Add type inference tests for dereferencing 2025-06-19 14:29:15 +02:00
Napalys Klicius
8679151ace Update javascript/ql/src/change-notes/2025-06-12-loop-iteration.md 
Co-authored-by: Taus <tausbn@github.com>
 2025-06-19 14:21:08 +02:00
Napalys Klicius
5448071e09 Update javascript/ql/src/change-notes/2025-06-12-loop-iteration-fix.md 
Co-authored-by: Taus <tausbn@github.com>
 2025-06-19 14:20:37 +02:00
Nora Dimitrijević
699c82a540 Merge pull request #19757 from d10c/d10c/actions/diff-informed-2 
Actions: mass-enable diff-informed queries phase 2 - `getASelected{Source,Sink}Location() { none() }`
 2025-06-19 14:19:55 +02:00