hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-28 10:18:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
46,528 Commits 1,723 Branches 164 Tags
511fb9727343d8c46ad2c980a1728ffa460eac4b
Commit Graph

46528 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Rolfe
511fb97273 Ruby: remove redundant import 2022-11-10 14:30:06 +00:00
Nick Rolfe
0337ccb93a Ruby: add change notes for Arel.sql / SqlConstruction changes 2022-11-10 14:11:14 +00:00
Nick Rolfe
5a15558355 Ruby: treat an Arel.sql call as a SqlConstruction 2022-11-10 14:11:14 +00:00
Nick Rolfe
c9d34947b7 Ruby: add SqlConstruction concept 2022-11-10 12:17:56 +00:00
Nick Rolfe
9f31ef851f Python: fix spelling of SqlExecution class in comment 2022-11-10 11:53:12 +00:00
Nick Rolfe
4a98ef064e Ruby: use the 'customizations' pattern for the SQL injection query 2022-11-10 11:51:47 +00:00
Jeroen Ketema
e7576fdd1a Merge pull request #11197 from jketema/simplify-taint-test 
C++: Simplify dataflow taint test query
 2022-11-10 11:58:50 +01:00
Tom Hvitved
06f619875b Merge pull request #11194 from github/post-release-prep/codeql-cli-2.11.3 
Post-release preparation for codeql-cli-2.11.3
 2022-11-10 11:27:51 +01:00
Nick Rolfe
2f9f1f73b7 Merge pull request #11166 from github/nickrolfe/active_support_flow_summaries 
Ruby: generalise summaries for ActiveSupport Hash extensions
 2022-11-10 10:11:48 +00:00
Anders Schack-Mulligen
a8ed6bad34 Merge pull request #11188 from aschackmull/java/mad-gen-sinks-precision 
Java: Improve sink model generation precision by excluding variable capture.
 2022-11-10 10:49:56 +01:00
Jeroen Ketema
4d7aeced3f C++: Simplify dataflow taint test query 
The complexity seems a left-over from before these tests were turned into
inline expectation tests, where the aim seems to have been to have exactly
one sink node for each `sink` call. Multiple sink nodes for the same `sink`
call are not made visible in the inline expecation tests, and I am not
conviced this was very useful before, so remove the complexity.
 2022-11-10 10:38:22 +01:00
AlexDenisov
24ba51d11e Merge pull request #11193 from github/redsun82/swift-avoid-doc-instead-of-desc 
Swift: avoid wrongly using `doc` instead of `desc` for properties
 2022-11-10 09:53:44 +01:00
github-actions[bot]
f795025f13 Post-release preparation for codeql-cli-2.11.3 2022-11-10 08:31:58 +00:00
Paolo Tranquilli
a8e6dc7a54 Swift: avoid wrongly using doc instead of desc for properties 2022-11-10 09:29:02 +01:00
Nick Rolfe
eb2a487433 Ruby: update expected test output 2022-11-09 17:38:33 +00:00
Nick Rolfe
0d9aa0cdac Ruby: fix clashing method names from merge conflict 2022-11-09 17:06:43 +00:00
Nick Rolfe
c8c53cb424 Merge remote-tracking branch 'origin/main' into nickrolfe/active_support_flow_summaries 2022-11-09 17:02:05 +00:00
Erik Krogh Kristensen
d35e5ac752 Merge pull request #11180 from erik-krogh/yetMoreCi 
CI: compile-queries: use cache when running on main, and support more base-branches
 2022-11-09 16:16:30 +01:00
Asger F
83291f378b Merge pull request #11157 from asgerf/js/yaml-locations 
JS: fix issue with zero-column yaml locations
 2022-11-09 15:57:54 +01:00
Andrew Eisenberg
df2e259944 Merge pull request #11073 from github/aeisenberg/vscode-ttl-docs 2022-11-09 06:53:50 -08:00
Anders Schack-Mulligen
151f12ef5e Java: Improve sink model generation precision by excluding variable capture. 2022-11-09 15:32:30 +01:00
Anders Schack-Mulligen
07f50e275d Merge pull request #11182 from aschackmull/mad/split-configs 
Java/C#: Split active configurations for model generator
 2022-11-09 15:06:43 +01:00
Asger F
859dc7beb7 Merge pull request #11024 from asgerf/rb/data-flow-layer-capture2 
Ruby: expand DataFlow API
 2022-11-09 15:06:03 +01:00
erik-krogh
5ba694e909 remember to run on PRs 2022-11-09 14:55:08 +01:00
Paolo Tranquilli
a05706d89d Merge pull request #11177 from github/redsun82/swift-decls 
Swift: extract `PoundDiagnosticDecl` and `MissingMemberDecl`
 2022-11-09 14:54:57 +01:00
erik-krogh
57ad491356 adjust the triggers, run on all PRs, and more branches 2022-11-09 14:50:53 +01:00
erik-krogh
8d51aaa403 add another fallback to main 2022-11-09 14:44:10 +01:00
erik-krogh
7e522770f6 simplify the cache keys 2022-11-09 14:43:30 +01:00
erik-krogh
1b9653827f do a quicker merge-base calculation 2022-11-09 14:38:55 +01:00
Anders Schack-Mulligen
fc4f93c87a Java/C#: Undo configuration footgun firing. 2022-11-09 13:20:39 +01:00
erik-krogh
53917e506e add refs/heads/ to make the ref fully-formed 2022-11-09 12:58:31 +01:00
Nick Rolfe
97e939ae2b Ruby: refine summaries for Hash#reverse_merge etc. 
- revert the changes to the taint summaries specific to ActionController
  params
- make the general flow summaries value-preserving and use
  WithElement[any]
 2022-11-09 11:56:07 +00:00
erik-krogh
f0b09ee16c fallback to main 2022-11-09 12:55:21 +01:00
erik-krogh
b3b13bdd43 use base_ref to calculate the cache-keys when running in a PR. 2022-11-09 12:55:02 +01:00
Mathias Vorreiter Pedersen
50c2683be0 Merge pull request #11181 from github/alexdenisov/extractor-errors-suite 
Swift: add an internal query-suite for listing all the compiler errors
 2022-11-09 11:52:59 +00:00
Erik Krogh Kristensen
c537c80ed6 Merge pull request #11095 from erik-krogh/exportRead 
JS: recognize more re-exported values as exported
 2022-11-09 12:39:41 +01:00
Alex Denisov
dacbf4e798 Swift: use more common name for the query 2022-11-09 12:29:50 +01:00
Alex Denisov
4ee6ae67d6 Swift: use explicit this to conform to the coding style 2022-11-09 12:17:11 +01:00
Alex Denisov
a1fa424ec1 Swift: add an internal query-suite for listing all the compiler errors 2022-11-09 12:05:41 +01:00
Paolo Tranquilli
9d4a208c0d Swift: extract MissingMemberDecl 2022-11-09 12:04:42 +01:00
Paolo Tranquilli
235181fb21 Swift: share translateDiagnosticsKind with SwiftDiagnosticsConsumer 2022-11-09 12:00:43 +01:00
Paolo Tranquilli
7bcee6e9a8 Merge branch 'main' into redsun82/swift-decls 2022-11-09 11:59:16 +01:00
erik-krogh
aede9c3467 support general base-branches, not just main 2022-11-09 11:55:19 +01:00
erik-krogh
484dc4ad3a restore from another cache when running on main. Otherwise that workflow always takes an hour 2022-11-09 11:45:21 +01:00
AlexDenisov
8756989b4b Merge pull request #11101 from github/alexdenisov/extractor-errors 
Swift: extract diagnostics
 2022-11-09 11:33:54 +01:00
Paolo Tranquilli
73ad1307ae Swift: extract PoundDiagnosticDecl 2022-11-09 11:13:55 +01:00
Paolo Tranquilli
c95a6ea5d1 Merge pull request #11176 from github/redsun82/swift-opaque-types 
Swift: extract opaque types and their decls
 2022-11-09 10:47:32 +01:00
Asger F
ac5a1d68ea Merge pull request #11170 from asgerf/rb/taint-known-or-unknown 
Ruby: handle knownOrUnkown in default taint step
 2022-11-09 10:42:02 +01:00
Erik Krogh Kristensen
138a16f0b3 use getImportedModuleNode() 
Co-authored-by: Asger F <asgerf@github.com>
 2022-11-09 09:53:23 +01:00
Asger F
694d987365 JS: Update test output 2022-11-09 09:36:03 +01:00