hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-20 14:34:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
920 Commits 1,741 Branches 165 Tags
4fa093048cf1b459e7fcf4ff1510824cd34ea5d9
Commit Graph

920 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arthur Baars
4fa093048c Add inline expectations test framework 2021-06-21 19:37:41 +02:00
Arthur Baars
33c5312842 Merge pull request #215 from github/bump-codeql 
Bump `codeql` submodule
 2021-06-21 16:18:04 +02:00
Tom Hvitved
992d8faa06 Bump codeql submodule 2021-06-21 16:06:45 +02:00
Tom Hvitved
abe5e3d953 Merge pull request #210 from github/hvitved/dataflow/consistency 
Data flow: Add consistency queries
 2021-06-21 14:42:55 +02:00
Nick Rolfe
35eb4a3af4 Merge pull request #214 from github/regexp_naming 
Use RegExp prefix instead of Regex, for consistency with other languages.
 2021-06-21 11:06:19 +01:00
Tom Hvitved
b820f3f20d Merge pull request #212 from github/hvitved/ssa/assigns-pred 
Add `Ssa::WriteDefinition::assigns/1` predicate
 2021-06-21 10:46:48 +02:00
Nick Rolfe
65aa97c07c Use RegExp prefix instead of Regex, for consistency with other languages. 2021-06-18 15:56:19 +01:00
Tom Hvitved
7cc02e6d00 Add Ssa::WriteDefinition::assigns/1 predicate 2021-06-18 10:42:32 +02:00
Nick Rolfe
78db1bf045 Merge pull request #211 from github/smaller_trap 
Tweaks to reduce size of TRAP output
 2021-06-17 17:09:14 +01:00
Nick Rolfe
ab72b4e9e7 Use hexadecimal encoding for TRAP labels 2021-06-17 16:16:32 +01:00
Nick Rolfe
ed93233917 Remove unnecessary spaces in TRAP output 2021-06-17 16:16:06 +01:00
Tom Hvitved
41ed9f3e1b Data flow: Fix inconsistencies 2021-06-17 10:48:32 +02:00
Tom Hvitved
00e544189e Data flow: Add consistency queries 2021-06-17 10:26:56 +02:00
Tom Hvitved
ad54f2e1f4 Bump codeql submodule 2021-06-17 10:24:19 +02:00
Tom Hvitved
872c7edfc8 Merge pull request #207 from github/bump-codeql 
Bump `codeql` submodule
 2021-06-16 12:33:40 +02:00
Tom Hvitved
84d79ccae9 Bump codeql submodule 2021-06-16 11:55:38 +02:00
Tom Hvitved
3a37e321d5 Merge pull request #205 from github/hvitved/taint-tracking 
Initial taint-tracking library
 2021-06-15 09:30:59 +02:00
Tom Hvitved
5a9521372b Merge pull request #206 from github/tausbn/fix-identical-files 2021-06-15 07:31:07 +02:00
Taus
2bbcbb2200 Bump submodule pointer 2021-06-14 19:04:22 +00:00
Tom Hvitved
302b485f4c Merge pull request #204 from github/hvitved/cfg-nodes-perf 
Improve performance of `ExprChildMapping::reachesBasicBlock()`
 2021-06-14 20:14:17 +02:00
Taus
068b980517 Update identical-files.json 
As of https://github.com/github/codeql/pull/6063 we have now started using the shared type tracking library in Python as well. 🎉
 2021-06-14 19:01:24 +02:00
Tom Hvitved
8aa337ab01 Initial taint-tracking library 2021-06-14 14:19:34 +02:00
Tom Hvitved
b154c936c3 Improve performance of ExprChildMapping::reachesBasicBlock() 
Since all expressions are now post-order, the logic of `reachesBasicBlock` can
be simplified, and performance can be improved as well.
 2021-06-14 11:58:24 +02:00
Arthur Baars
88fb3c7097 Merge pull request #203 from github/aibaars/pack-qhelp-samples 
Query pack: include .rb and .erb sample files from queries directory
 2021-06-11 13:50:17 +02:00
Arthur Baars
909e6d5a62 Query pack: include .rb and .erb sample files from queries directory 
These are required by the qhelp files.
 2021-06-11 13:42:43 +02:00
Arthur Baars
78a6ed43c3 Merge pull request #202 from github/aibaars-patch-2 
HardCodedCredentials: fix query metadata comment
 2021-06-11 12:05:44 +02:00
Arthur Baars
661d6e8e38 HardCodedCredentials: fix query metadata comment 2021-06-11 11:59:46 +02:00
Tom Hvitved
8860b8adf0 Merge pull request #198 from github/hvitved/desugar-compound-assignment 2021-06-10 19:39:54 +02:00
Alex Ford
f74dff560b Merge pull request #187 from github/hardcoded-credentials 
Add rb/hardcoded-credentials query
 2021-06-10 16:12:32 +01:00
Alex Ford
8839d4c584 limit additional flow steps in rb/hardcoded-credentials to string concatenation 2021-06-10 14:59:28 +01:00
Alex Ford
fe45dadd55 set precision to high for rb/hardcoded-credentials 2021-06-10 14:52:26 +01:00
Alex Ford
e26afe91b5 move rb/hardcoded-credential alert location to the source 2021-06-07 14:53:04 +01:00
Alex Ford
5d79a8cec0 account for keyword args in rb/hardcoded-credentials and simplify query 2021-06-07 14:49:49 +01:00
Tom Hvitved
962768e7c0 Disambiguate toStrings for nested synthetic local variables 2021-06-04 19:20:11 +02:00
Tom Hvitved
82fbc03889 Merge pull request #200 from github/hvitved/dataflow/call-sensitivity 
Data flow: Call-sensitive resolution of lambda/block calls
 2021-06-04 16:25:13 +02:00
Alex Ford
ec326bfcb7 Merge pull request #201 from github/perm-file-report-source 
Report rb/weak-file-permission alerts at source rather than sink and improve alert message
 2021-06-04 14:52:48 +01:00
Alex Ford
8a3ffb6dca add missing toString 2021-06-04 13:25:03 +01:00
Alex Ford
b2d36babc4 report rb/weak-file-permission alerts at source rather than sink and improve alert message 2021-06-04 13:10:18 +01:00
Nick Rolfe
523a0b1f12 Merge pull request #197 from github/upgrade-pack 2021-06-04 13:03:39 +01:00
Nick Rolfe
6203c9019a Remove reference to deleted upgrades qlpack from manifest 2021-06-04 12:15:36 +01:00
Tom Hvitved
61e35ddae1 Data flow: Call-sensitive resolution of lambda/block calls 2021-06-04 12:58:38 +02:00
Tom Hvitved
77146e4e04 Data flow: Reduce caching 
These predicates are now cached in the shared implementation.
 2021-06-04 12:53:47 +02:00
Tom Hvitved
f9eecfb59f Bump codeql submodule 2021-06-04 12:52:05 +02:00
Tom Hvitved
6678ac0347 Desugar compound assignments 2021-06-04 10:39:06 +02:00
Tom Hvitved
da9adfbab4 Improve performance of desugaring transformations 2021-06-04 10:34:00 +02:00
Tom Hvitved
57eee0368d Add CFG tests for compound assignments 2021-06-04 10:34:00 +02:00
Tom Hvitved
dfcf4c90ab Merge pull request #199 from github/hvitved/splat-expr 
Rename `(Hash)SplatArgument` to `(Hash)SplatExpr` and make them `UnaryOperation`s
 2021-06-04 10:33:42 +02:00
Tom Hvitved
1007f2aaff Rename (Hash)SplatArgument to (Hash)SplatExpr and make them UnaryOperations 2021-06-04 10:04:06 +02:00
Tom Hvitved
372f8645a9 Add (hash)splat AST tests 2021-06-04 09:53:14 +02:00
Nick Rolfe
8b987757c6 Merge upgrades qlpack into ql/src 2021-06-03 18:28:20 +01:00