hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 23:02:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
302 Commits 1,684 Branches 159 Tags
6c78490bbeadb4dad64bc026e3de4d013a9c2aaa
Commit Graph

205 Commits

Author SHA1 Message Date
Sauyon Lee
6c78490bbe Add libraries modeling dependencies 2020-03-06 06:51:18 -08:00
Sauyon Lee
d92e49fb17 Add libraries for go.mod expressions 2020-03-06 06:51:17 -08:00
Sauyon Lee
e75497ed3b update stats sha and stats 2020-03-04 06:26:43 -08:00
Sauyon Lee
db4efd6124 Add support for extracting go.mod files 2020-03-04 06:26:42 -08:00
Max Schaefer
1ae0dd46ec Clarify method identity. 2020-03-04 12:53:37 +00:00
Max Schaefer
264478f4b8 Remove a mistaken uniqueness annotation. 2020-03-04 10:34:55 +00:00
Sauyon Lee
5e71a04fdf Merge pull request #42 from max-schaefer/experimental-guidelines 
Add guidelines for experimental CodeQL queries and libraries.
 2020-03-02 10:22:41 -08:00
Max Schaefer
56e07356fc Update ql/test/experimental/README.md 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-03-02 10:20:07 +00:00
Max Schaefer
cef017071f Move guidelines into ql folder. 2020-03-02 09:23:06 +00:00
Max Schaefer
2629f55d95 Add guidelines for experimental CodeQL queries and libraries. 2020-02-28 14:43:00 +00:00
Max Schaefer
90f1a7da75 Fix NamedType.getMethod to take interface embedding into account. 2020-02-28 10:37:14 +00:00
Max Schaefer
2eba7dee6f Add new table methodhosts associating interface methods with named types. 
In particular, methods from embedded interfaces will be associated with the same named type as those from the outer interface, even though their receiver types may be different.
 2020-02-28 10:24:04 +00:00
Max Schaefer
6dfd5fd934 Extend Types tests to cover interfaces. 2020-02-28 10:22:59 +00:00
Max Schaefer
9bf5a31351 Clarify field identity. 
Like-named fields declared in identical types are identical. This can be a little confusing, since such fields will have multiple declarations and multiple locations, so it's worth calling out explicitly in the documentation.
 2020-02-26 10:10:47 +00:00
Sauyon Lee
b931539f68 Merge pull request #36 from max-schaefer/remove-unused-predicate 
Remove an unused predicate.
 2020-02-25 09:40:42 -08:00
Max Schaefer
34c66c4245 Remove an unused predicate. 2020-02-25 10:46:09 +00:00
Sauyon Lee
7a918efbf8 Merge pull request #34 from max-schaefer/receiver-flow 
Propagate data flow through receivers
 2020-02-24 23:58:28 -08:00
Max Schaefer
0f99842f34 Make Field.getPackage() behave sensibly. 
Previously it was never defined, now it gives you the package of the type the field is declared in. This means we have to override `Field.hasQualifiedName/2` to avoid a field `f` in a package `pkg` being considered to have qualified name `pkg.f`.
 2020-02-24 12:14:51 +00:00
Max Schaefer
5fbae15d0e Don't track receivers into virtual calls. 2020-02-24 09:56:09 +00:00
Max Schaefer
d1e020f74d Treat receiver variables as parameters. 
The inter-procedural data-flow libraries expects this to be the case, but I actually never got round to implementing it.
 2020-02-24 09:56:09 +00:00
Max Schaefer
77613a38c5 Add test, which does not work yet. 2020-02-24 09:55:42 +00:00
Sauyon Lee
4d58ebbae6 Merge pull request #32 from max-schaefer/update-data-flow 
Port recent data-flow improvements
 2020-02-21 09:45:14 -08:00
Sauyon Lee
bfbd08c51d Merge pull request #31 from max-schaefer/string-break-source 
Sharpen the sources for `StringBreak`.
 2020-02-21 09:35:58 -08:00
Max Schaefer
6251f1141c Simplify getACallee(). 2020-02-21 11:14:35 +00:00
Max Schaefer
285f392a12 Sharpen the sources for StringBreak. 
`json.Marshal` returns two results, we only want to consider the first one as a source.
 2020-02-21 10:19:09 +00:00
Max Schaefer
7230912e56 Track simple call contexts in nodeCand[Fwd]1. 
See https://github.com/Semmle/ql/pull/2822.
 2020-02-21 09:30:53 +00:00
Max Schaefer
90cdf4857f Improve join-order in pathStep predicate. 
See https://github.com/Semmle/ql/pull/2872.
 2020-02-21 09:29:13 +00:00
Max Schaefer
e9447a0e16 Merge pull request #29 from max-schaefer/fix-missing-qldoc 
Add missing QLDoc for public elements.
 2020-02-21 08:11:27 +00:00
Max Schaefer
6375be7089 Address review comment. 2020-02-20 20:36:58 +00:00
Max Schaefer
dc6a8917a4 Add missing QLDoc for public elements. 2020-02-20 13:59:12 +00:00
Sauyon Lee
3e6a96d21b IncompleteHostnameRegexp: Use a reluctant regexp 
This should help make results more comprehensible by including the
maximal string after an unescaped dot.
 2020-02-19 13:04:16 -08:00
Sauyon Lee
1b7186347d Merge pull request #25 from max-schaefer/library-overview 
Add library overview
 2020-02-19 01:39:14 -08:00
Max Schaefer
4b371ac85a Remove rogue full stop. 2020-02-19 08:14:15 +00:00
Max Schaefer
2764b70364 Data flow: generalize flow-through summaries. 2020-02-18 14:30:25 +00:00
Max Schaefer
31557e8c19 Rename ArrowExpr to RecvExpr and address further review comments. 2020-02-18 08:39:31 +00:00
Max Schaefer
d3288f19f9 Improve data-flow performance. 2020-02-17 09:49:13 +00:00
Max Schaefer
ec9ba8aa7f Address review comments. 2020-02-17 09:23:08 +00:00
Max Schaefer
f60b5daf94 Apply suggestions from code review 
Co-Authored-By: Shati Patel <42641846+shati-patel@users.noreply.github.com>
Co-Authored-By: Sauyon Lee <sauyon@github.com>
 2020-02-17 08:48:16 +00:00
Max Schaefer
65c116538c Write library overview. 2020-02-14 12:50:04 +00:00
Max Schaefer
9379f74308 Merge pull request #24 from sauyon/runelit 
Add a RuneLit alias for CharLit
 2020-02-13 09:07:38 +00:00
Max Schaefer
c7d29311e6 Merge pull request #232 from sauyon/makefile-improvements 
Makefile improvements
 2020-02-13 08:51:51 +00:00
Max Schaefer
69eae987d1 Merge pull request #240 from sauyon/rune-literal-string-value 
Make rune literal string value its value
 2020-02-13 08:47:56 +00:00
Sauyon Lee
1262935085 Update stats 2020-02-12 15:52:41 -08:00
Sauyon Lee
92025ad9bd Add a RuneLit alias for CharLit 
Also change the doc comment on CharLit to RuneLit
 2020-02-12 15:17:14 -08:00
Sauyon Lee
eb990c9de7 BadRedirectCheck: Use new rune literal string values 2020-02-12 15:14:59 -08:00
Sauyon Lee
74bb4f707d Make rune literal string value its value 2020-02-12 15:14:58 -08:00
Sauyon Lee
1365da2224 examples/variable: Select declaration as well as the variable 
This makes the test platform-independent
 2020-02-12 10:41:58 -08:00
Sauyon Lee
ae96bd88bc Merge pull request #239 from max/virtual-dispatch 
Call-graph API cleanup
 2020-02-10 15:05:13 -08:00
Max Schaefer
acd27cdee6 Merge pull request #238 from sauyon/semmle-to-github 
Rename the go module to github.com/github/codeql-go
 2020-02-10 21:02:05 +00:00
Max Schaefer
6aa0d631dd Address review comments. 2020-02-10 20:59:13 +00:00