hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-24 00:16:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
45,849 Commits 1,714 Branches 163 Tags
45a4cd89a6faee1ad478f09b59e2456552c60fb2
Commit Graph

45849 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Smowton
45a4cd89a6 Kotlin: specialise extension receivers the same as other function parameters 
This arises when a generic class extends one of its parameters; for example, `class G<T> { val T.v; get() = 1 }`, where specialisation `G<List>` should generate a method specialisation `getV(List)`.
 2022-10-27 18:31:19 +01:00
Henry Mercer
19b7e9ebc7 Merge pull request #10997 from github/henrymercer/go-extract-file-locations 
Go: Extract locations of successfully extracted files
 2022-10-27 16:12:15 +01:00
Chris Smowton
5ef99ca5bd Merge pull request #11003 from smowton/smowton/fix/reintroduce-pointless-wildcards 
Kotlin: reintroduce pointless wildcards when a Java declaration explicitly uses them
 2022-10-27 16:06:21 +01:00
Ian Lynagh
6533e2ea5c Merge pull request #10976 from igfoo/igfoo/version 
Kotlin: Ignore tags when comparing versions
 2022-10-27 15:50:39 +01:00
Ian Lynagh
b4242dd913 Merge pull request #11012 from igfoo/igfoo/mkdir 
Kotlin: Fix integration tests on Mac
 2022-10-27 15:39:10 +01:00
Erik Krogh Kristensen
bbdda9ef70 Merge pull request #10727 from erik-krogh/js-last-msg 
JS: fix some more style-guide violations in the alert-messages
 2022-10-27 15:48:12 +02:00
Ian Lynagh
f237360d81 Merge pull request #11011 from igfoo/igfoo/modules 
Kotlin: Handle /modules/... paths specially too
 2022-10-27 13:48:32 +01:00
Ian Lynagh
6c232f95bc Kotlin: Fix integration tests on Mac 2022-10-27 13:48:04 +01:00
Paolo Tranquilli
507e3b35ad Merge pull request #10987 from github/redsun82/swift-filesystem 
Swift: use `std::filesystem` and `picoSHA2`
 2022-10-27 14:14:37 +02:00
Taus
503cc560cf Merge pull request #10943 from bananabr/main 
Javascript/Python: Tokens built from predictable UUIDs
 2022-10-27 14:12:34 +02:00
Ian Lynagh
bafa80667c Kotlin: Handle /modules/... paths specially too 
On Windows, we don't want a C: prefix on these either.
 2022-10-27 12:24:28 +01:00
Ian Lynagh
6d77b34323 Merge pull request #11000 from igfoo/igfoo/unknown-binary-location 
Kotlin: Handle /!unknown-binary-location/... paths specially on Windows
 2022-10-27 12:09:32 +01:00
Jeroen Ketema
1d7efd8e82 Merge pull request #10905 from jsoref/spelling-code-scanning-product 
Spelling code scanning product
 2022-10-27 12:55:37 +02:00
Erik Krogh Kristensen
cecb498bf3 Merge pull request #10984 from tyage/add-next-js-source 
JS: Add Next.js parameters as source
 2022-10-27 10:36:12 +02:00
Erik Krogh Kristensen
71f29f037a Merge pull request #10988 from erik-krogh/passwrd 
JS: remove some FPs in `js/password-in-configuration-file`
 2022-10-27 10:34:56 +02:00
Tamás Vajk
a428ab5f73 Merge pull request #11006 from tamasvajk/kotlin-fix-test-1 
Kotlin: fix test to expect diagnostic
 2022-10-27 10:34:24 +02:00
Paolo Tranquilli
09f549ab38 Merge pull request #11007 from github/redsun82/cmake-generator 
Swift: fix cmake generator on Linux
 2022-10-27 09:52:55 +02:00
Paolo Tranquilli
09a51ecdd5 Swift: fix cmake generator on Linux 2022-10-27 09:32:05 +02:00
Paolo Tranquilli
3fca25310f Swift: fix copy option 2022-10-27 09:29:05 +02:00
Paolo Tranquilli
22db4932ee Swift: add overwrite_existing to source archiving 2022-10-27 09:26:57 +02:00
Tamas Vajk
1727fcb845 Kotlin: fix test to expect diagnostic 2022-10-27 09:14:23 +02:00
Tamás Vajk
f1fcb64e94 Merge pull request #10992 from tamasvajk/kotlin-unused-extension 
Kotlin: do not report on unused `object` extension parameters
 2022-10-27 08:50:33 +02:00
tyage
c22f9443f2 Refactoring Next.js parameter 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-10-27 10:28:51 +09:00
tyage
e8b751ae17 Update javascript/ql/src/change-notes/2022-10-26-nextjs-params.md 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-10-27 10:24:08 +09:00
tyage
ac27307a2b Update javascript/ql/lib/semmle/javascript/frameworks/Next.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-10-27 10:23:59 +09:00
tyage
54050bf1b6 update test result XssWithAdditionalSources 2022-10-27 10:23:37 +09:00
Harry Maclean
bdb143cf83 Merge pull request #10913 from thiggy1342/expand-ruby-ssrf-sinks-faraday-connection-new 
Ruby: Add Faraday::Connection.new as sink for SSRF query
 2022-10-27 10:33:44 +13:00
Chris Smowton
28b6e263ec Kotlin: reintroduce pointless wildcards when a Java declaration explicitly uses them 
For example, Java code might use `HasOutVariance<? extends String>`, or `HasInVariance<? super Object>`, both of which are needless wildcards and which the Kotlin extractor would previously have refused to reintroduce due to their not specifying a larger type than their bound. However this led to inconsistency with Java extraction, which
extracts the type as it appears in source.

This seems to particularly happen with generated code, e.g. the output of the Kotlin protobuf compiler.
 2022-10-26 20:05:27 +01:00
Daniel Santos
63c71b7d09 Merge branch 'main' into main 2022-10-26 14:05:26 -05:00
Ian Lynagh
0a470b0864 Kotlin: Handle /!unknown-binary-location/... paths specially on Windows 
The standard code wants to normalise it to C:/!unknown-binary-location/...
which is particularly annoying for cross-platform test output.
 2022-10-26 19:20:32 +01:00
Henry Mercer
c1984ea35f Go: Update expected output 2022-10-26 19:11:21 +01:00
Daniel Santos
64da2cec50 removed unnecessary getACall and fixed formatting 2022-10-26 12:02:55 -05:00
Henry Mercer
b0b321a16f Go: Standardise formatting 2022-10-26 16:31:08 +01:00
Henry Mercer
4bc8529490 Go: Extract locations of successfully extracted files 
Switch the successfully extracted files query to the `location, message` results format so that we get rich location information when exporting the results of this query to SARIF.  Previously the query used the `message` results format, which meant the interpreted results lacked a location.
 2022-10-26 16:28:02 +01:00
Chris Smowton
fac383a3ac Merge pull request #10974 from smowton/smowton/fix/dont-translate-tochar 
Kotlin: don't try to call nonexistent `j.l.Number.toChar`
 2022-10-26 14:18:03 +01:00
Tamas Vajk
9cc7a30a75 Kotlin: do not report on unused object extension parameters 2022-10-26 15:06:51 +02:00
Tamas Vajk
fbcf7ea669 Kotlin: Add test case for unused extension parameters 2022-10-26 15:05:59 +02:00
Asger F
c9dfba344a Merge pull request #10925 from asgerf/ql/navigate-doc 
Docs: Mention new navigation commands
 2022-10-26 14:29:42 +02:00
Ian Lynagh
37c40c58d2 Merge pull request #10959 from igfoo/igfoo/diags 
Java/Kotlin: Add a diagnostics consistency query
 2022-10-26 13:07:01 +01:00
Paolo Tranquilli
521e6235b5 Swift: use std::filesystem and picoSHA2 
This replaces usages of `llvm::fs` and string manipulation with
`std::filesystem`, also replacing `std::string` with
`std::filesystem::path` where it made sense.

Moreover MD5 hashing used in macOS file remapping was replaced by
SHA256 hashing using a small header-only SHA256 C++ library with an
MIT license, https://github.com/okdshin/PicoSHA2.

File contents hashing was relocated to the newly created `file` library
for later planned reuse.
 2022-10-26 13:23:44 +02:00
Ian Lynagh
dd7ec499df Kotlin: Ignore tags when comparing versions 
We thought that 1.7.20-Beta > 1.7.20, and so tried to use 1.7.0's
extractor with 1.7.20.
 2022-10-26 12:21:55 +01:00
erik-krogh
0f9b4334cc remove some FPs in js/password-in-configuration-file 2022-10-26 11:51:56 +02:00
Paolo Tranquilli
e422a4eef9 Swift: move TargetFile to a separate lib 2022-10-26 10:54:51 +02:00
Erik Krogh Kristensen
52cd200ca0 Merge pull request #10985 from asgerf/js/reaches-return-escape 
JS: Do not track returned values out of the enclosing function
 2022-10-26 10:52:11 +02:00
Tony Torralba
924995d9e1 Merge pull request #10977 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-10-26 09:51:17 +02:00
Asger F
414bd40c41 JS: Do not track returned values out of the enclosing function 2022-10-26 09:29:49 +02:00
Paolo Tranquilli
a3234503b8 Merge pull request #10983 from github/redsun82/swift-third-party 
Swift: move libraries from `tools` to `third_party`
 2022-10-26 08:59:50 +02:00
Mathias Vorreiter Pedersen
58b6c45d27 Merge pull request #10958 from geoffw0/comma 
C++: Fix performance issue on cpp/comma-before-misleading-indentation
 2022-10-26 08:29:18 +02:00
tyage
7a19744cf2 add change note 2022-10-26 15:17:50 +09:00
tyage
95dca7c3ed update comment 2022-10-26 15:13:59 +09:00