hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-11 13:40:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
67,951 Commits 1,679 Branches 158 Tags
69490c62cd7a740e39b21b9b64bc8e038ed307aa
Commit Graph

9701 Commits

Author SHA1 Message Date
Asger F
a36e39359f Merge pull request #16739 from RasmusWL/js-array-steps 
JS: Allow many Array steps to be used in type-tracking
 2024-06-20 11:39:46 +02:00
Rasmus Wriedt Larsen
596102d3fb Update javascript/ql/lib/change-notes/2024-06-14-type-tracking-array-steps.md 
Co-authored-by: Asger F <asgerf@github.com>
 2024-06-20 10:07:49 +02:00
Paolo Tranquilli
b7a2ea8981 CI: accept other diagnostic format related test changes 2024-06-19 11:33:50 +02:00
Rasmus Wriedt Larsen
3fc8401370 JS: Add change-note 2024-06-14 15:37:25 +02:00
Rasmus Wriedt Larsen
3f2befc3e5 JS: Support spread arguments in array.splice 2024-06-14 15:33:17 +02:00
Rasmus Wriedt Larsen
269f8ca2cd JS: Add splice(...arr) test 2024-06-14 15:19:56 +02:00
Rasmus Wriedt Larsen
68ccec3d43 JS: Prepare for new test 2024-06-14 15:18:47 +02:00
Rasmus Wriedt Larsen
194ef607f7 JS: Updated .expected 2024-06-14 14:49:34 +02:00
Cornelius Riemenschneider
ede0b5bdf4 Merge remote-tracking branch 'origin/main' into criemen/codeql-pack-group 2024-06-13 21:53:31 +02:00
Rasmus Wriedt Larsen
ec18786488 JS: Provide better model for Array.splice 2024-06-12 16:29:21 +02:00
Rasmus Wriedt Larsen
54a0e6dc45 JS: Add new test for Array.splice 2024-06-12 16:24:33 +02:00
Rasmus Wriedt Larsen
9ed6da1072 JS: prepare to extend Array tests 
Oh how I have enjoyed working with InlineExpectationTests for these sort
of things, not worrying about all the .expected files changing because
you add a few lines in the middle of your tests :D
 2024-06-12 16:22:55 +02:00
Rasmus Wriedt Larsen
1027ca266d JS: Allow many Array steps to be used in type-tracking 2024-06-12 16:14:13 +02:00
Mathias Vorreiter Pedersen
3351b9547d Merge branch 'rc/3.14' into rc-3.14-mergeback 2024-06-11 16:21:08 +01:00
Cornelius Riemenschneider
3cf719cb39 pkg.bzl: Significantly restructure codeql_pack rule. 
This PR introduces a `codeql_pack_rule` that does the heavy lifting
of extracting arch- and common zip files for production dist building.
It also factors out the installer targets for individual packs,
as well as pack groups.

This changes the contract between the internal build system and the pack
definition significantly, which is why an accompanying internal PR is required.
No backwards compatibility layer is provided, as the PR as complex enough as-is.

The individual `codeql_pack` rules are now much simpler,
as they mostly stuff their inputs into a new `_CodeQLPackInfo` provider,
and let the installer and `codeql_pack_group` rules do the heavy lifting.
For working in the external repo with self-contained packs,
the per-pack installer targets are still available.
Internally, we'll only use the new `codeql_pack_group` targets
going forward, both for defining intree-dists and for building
the production zip files.
 2024-06-11 13:15:05 +02:00
github-actions[bot]
8a25081a0e Post-release preparation for codeql-cli-2.17.5 2024-06-10 15:33:08 +00:00
Cornelius Riemenschneider
00319c5010 Upgrade bazel to 7.2.0. 
This also bumps a bunch of external dependencies.
 2024-06-10 17:03:59 +02:00
github-actions[bot]
877bfa2468 Release preparation for version 2.17.5 2024-06-10 13:40:39 +00:00
Anders Schack-Mulligen
0c47203580 Javascript: Add support for pretty-printed provenace in tests. 2024-06-07 11:47:49 +02:00
Asger F
6e0f3df573 Merge pull request #14120 from asgerf/dynamic/typemodel-istypeused 
Dynamic: add TypeModel.isTypeUsed
 2024-06-06 15:31:16 +02:00
Paolo Tranquilli
2d42ea0f2f Merge pull request #16668 from github/criemen/pkg-js-fixup 
JS: Use `resources/tools` from external repo, not internal.
 2024-06-06 11:50:54 +02:00
Mauro Baluda
0b9bafc9c3 Update AutoBuildTests.java 2024-06-04 21:07:57 +02:00
Mauro Baluda
168cba86c1 Add .xsaccess test data 2024-06-04 20:55:07 +02:00
Mauro Baluda
8791e67789 Add .xsaccess test data 2024-06-04 17:50:08 +02:00
Mauro Baluda
576ee7892d Add .xsaccess test data 2024-06-04 17:36:05 +02:00
Mauro Baluda
7b3e9b4ec1 Extract .xsaccess files as JSON 2024-06-04 16:28:08 +02:00
Mauro Baluda
73b18129d9 Extract .xsaccess files as JSON 2024-06-04 16:23:05 +02:00
Cornelius Riemenschneider
e8c1e50276 JS: Use resources/tools from external repo, not internal. 
This was missing in https://github.com/github/codeql/pull/16656, so we couldn't actually
delete the resources in the internal repo.
 2024-06-04 13:54:41 +02:00
Paolo Tranquilli
7b8c11379d Javascript: use codeql_pack for javascript extractor 2024-06-03 23:14:44 +02:00
Paolo Tranquilli
096a31dbef Mark all integration tests as legacy 
This is in preparation for the new integration test framework. Tests
marked thus will be run by the current framework and ignored by the new
one.
 2024-05-31 16:04:50 +02:00
github-actions[bot]
906b65d09c Post-release preparation for codeql-cli-2.17.4 2024-05-28 18:02:25 +00:00
github-actions[bot]
33b4ae8bbb Release preparation for version 2.17.4 2024-05-28 15:44:32 +00:00
Erik Krogh Kristensen
c743abad54 Merge pull request #14294 from am0o0/amammad-js-CodeInjection_execa 
JS: provide command execution sinks for execa package
 2024-05-24 09:20:19 +02:00
Dave Bartolomeo
613ccaac1d Add change note to all v1.0.0 packs 2024-05-23 13:01:22 -04:00
erik-krogh
c80f48b23a Merge branch 'main' into amammad-js-CodeInjection_execa 2024-05-23 08:02:22 +02:00
Dave Bartolomeo
ffe4c8c87b Update all pack versions to 1.0.0 2024-05-22 13:39:08 -04:00
erik-krogh
a30bac14e9 add change-note 2024-05-21 22:14:39 +02:00
erik-krogh
61c72361cd move the "isFileTooLarge" earlier in the pipeline, so we're only doing it once 2024-05-21 20:01:24 +02:00
erik-krogh
241f977488 fix that very large TypeScript files would crash the extractor 2024-05-21 19:52:43 +02:00
Asger F
3b211089d6 JS: Remove redundant import 2024-05-21 14:40:17 +02:00
Asger F
6f19fc2fcd JS: Add isTypeUsed to avoid overpruning 2024-05-21 14:38:52 +02:00
Asger F
632cce2c16 JS: Add failing test due to overpruning 2024-05-21 14:20:13 +02:00
Asger F
43abc72780 JS: Add TypeModel.isTypeUsed 
f
 2024-05-21 14:19:56 +02:00
Joe Farebrother
01a6c5e82f Merge pull request #16446 from joefarebrother/shared-sensitive-heuristics 
Ruby/Python/JS/Swift: Add category of Private information to shared sensitive data heuristics
 2024-05-21 09:07:13 +01:00
erik-krogh
c166cb406a Merge branch 'main' into amammad-js-CodeInjection_execa 2024-05-21 08:48:12 +02:00
Erik Krogh Kristensen
03cf9b702c Merge pull request #14291 from am0o0/amammad-js-CodeInjection_Shelljs 
JS: Shelljs improvement
 2024-05-17 11:14:11 +02:00
am0o0
42a9962519 make shellJSMember predicate private, improve predicate document 2024-05-16 14:05:06 +02:00
Asger F
499c4df79b Merge pull request #13554 from am0o0/amammad-js-bombs 
JS: Decompression Bombs
 2024-05-16 13:25:41 +02:00
erik-krogh
56dff8540f add an example of how to get a floating point value between 0 and 1 2024-05-16 11:15:07 +02:00
erik-krogh
066f3b61a2 RandomSource is deprecated, it's crypto now 2024-05-16 11:14:50 +02:00