hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-08 12:10:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
56,021 Commits 1,680 Branches 157 Tags
7331bcb02299a3f4d336b82ed31f9e2756c2fda7
Commit Graph

56021 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathew Payne
7331bcb022 feat: update tests to support client service 2023-06-30 12:47:47 +01:00
Mathew Payne
48966d65dd feat: client service support 2023-06-30 12:44:09 +01:00
Mathew Payne
62bad6c02f feat: add log injection query to testing GoMicro 2023-06-30 12:26:16 +01:00
Mathew Payne
b3df568550 fix: Update docs and import 2023-06-30 12:08:58 +01:00
Mathew Payne
5178df0b4a feat: add missing docs 2023-06-30 11:13:35 +01:00
Mathew Payne
427a1585ea feat: update change notes and add to go.qll 2023-06-29 18:33:07 +01:00
Mathew Payne
1ba619f3f2 feat: vendor modules 2023-06-29 18:29:07 +01:00
Mathew Payne
08a68b5330 feat: add initial tests for GoMicro 2023-06-29 18:28:45 +01:00
Mathew Payne
14eda73f85 feat: GoMicro test code 2023-06-29 18:28:27 +01:00
Mathew Payne
236e81da45 feat: initial GoMicro modelling 2023-06-29 18:27:58 +01:00
Jami
3fed2798c8 Merge pull request #13093 from GeekMasher/csharp-ext 
[CSharp] Additional data extensions for sink models
 2023-06-22 10:22:32 -04:00
Geoffrey White
fe71207475 Merge pull request #13537 from geoffw0/regexqldoc 
Ruby: Fix some QLDoc errors in ParseRegExp.qll
 2023-06-22 14:55:39 +01:00
Geoffrey White
d06f4b9567 Ruby: Correct QLDoc for qualifiedPart. 2023-06-22 13:56:42 +01:00
Geoffrey White
1c1637a886 Ruby: Correct QLDoc for charRange. 2023-06-22 13:56:06 +01:00
Alex Ford
24e83165ee Merge pull request #13289 from alexrford/rb/rack-redirect 
Ruby: rack - model redirect responses
 2023-06-22 13:45:02 +01:00
Mathew Payne
0fcc1cb588 Merge branch 'main' into csharp-ext 2023-06-22 13:30:08 +01:00
Ian Lynagh
7efbd8828b Merge pull request #13526 from igfoo/igfoo/diagwriter 
Kotlin: Define DiagnosticTrapWriter, for type safety
 2023-06-22 12:39:48 +01:00
AlexDenisov
9ab7a83e3f Merge pull request #13532 from github/alexdenisov/bump-cmake-c++ 
Swift: bump C++ version in CMake
 2023-06-22 12:56:34 +02:00
Owen Mansel-Chan
b3a19ef7b2 Merge pull request #13461 from owen-mc/go/show-functionmodel-steps-to-path-summaries 
Go: show FunctionModel steps in path summaries
 2023-06-22 10:46:12 +01:00
Tom Hvitved
7c2f26e0c3 Merge pull request #13534 from hvitved/ql/fix-bad-join 
QL: Fix bad join
 2023-06-22 11:24:51 +02:00
Tom Hvitved
6942925899 QL: Fix bad join 
```
[2023-06-22 10:44:20] (92s) Tuple counts for Predicate#23818b54::Cached::resolveSelfClassCalls#2#ff/2@06fd3bf5 after 1m9s:
                      30500      ~567%     {3} r1 = JOIN Ast#8e1d5bcf::ClassPredicate::getName#0#dispred#ff WITH Ast#8e1d5bcf::PredicateOrBuiltin::getArity#0#dispred#ff ON FIRST 1 OUTPUT Lhs.0 'p', Lhs.1, Rhs.1
                      26500      ~573%     {4} r2 = JOIN r1 WITH Ast#8e1d5bcf::Class::getAClassPredicate#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.2, Lhs.0 'p', Lhs.1, Rhs.1
                      3059915597 ~605%     {4} r3 = JOIN r2 WITH Ast#8e1d5bcf::Call::getNumberOfArguments#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'mc', Lhs.2, Lhs.1 'p', Lhs.3
                      20999389   ~701%     {3} r4 = JOIN r3 WITH Ast#8e1d5bcf::MemberCall::getMemberName#0#dispred#ff ON FIRST 2 OUTPUT Lhs.0 'mc', Lhs.2 'p', Lhs.3
                      20995877   ~711%     {4} r5 = JOIN r4 WITH Ast#8e1d5bcf::MemberCall::getBase#0#dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'p', Lhs.2, Lhs.0 'mc'
                      1240332    ~700%     {3} r6 = JOIN r5 WITH Ast#8e1d5bcf::ThisAccess#ff ON FIRST 1 OUTPUT Lhs.3 'mc', Lhs.1 'p', Lhs.2
                      1236711    ~716%     {4} r7 = JOIN r6 WITH Ast#8e1d5bcf::AstNode::getEnclosingPredicate#0#dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.2, Lhs.1 'p', Lhs.0 'mc'
                      4476       ~347%     {2} r8 = JOIN r7 WITH Ast#8e1d5bcf::AstNode::getParent#0#dispred#ff ON FIRST 2 OUTPUT Lhs.3 'mc', Lhs.2 'p'
                                           return r8
```
 2023-06-22 10:53:10 +02:00
Jeroen Ketema
277dbdf410 Merge pull request #13498 from jketema/inline-4 
Rework more inline expectation tests to use the parameterized module
 2023-06-22 10:01:07 +02:00
Alex Denisov
ade4d68793 Swift: bump C++ version in CMake 2023-06-22 09:26:29 +02:00
Ian Lynagh
bfd0a19d85 Kotlin: Define DiagnosticTrapWriter, for type safety 
In some cases, we were writing diagnostics to TRAP files where they
shouldn't be written. Such TRAP files don't define #compilation, so TRAP
import gave errors.

Now we use DiagnosticTrapWriter to get the type system to check that we
are writing diagnostics to the right place.
 2023-06-21 18:38:27 +01:00
Henry Mercer
5afdaf8fe1 Merge pull request #13525 from github/rc/3.10 
Merge `rc/3.10` back to `main`
 2023-06-21 17:13:36 +01:00
Erik Krogh Kristensen
3b0220d556 Merge pull request #13501 from adrienpessu/main 
JS: Add another example the Hardcoded credential help
 2023-06-21 17:02:22 +02:00
Ian Lynagh
18a5c48c79 Merge pull request #13508 from igfoo/igfoo/rc_kot 
Kotlin: Backport some Kotlin 1.9 fixes to the rc/3.10 branch
 2023-06-21 15:26:41 +01:00
Kasper Svendsen
eca3df2a16 Merge pull request #13523 from kaspersv/kaspersv/ql-lang-spec-polish 
Polish QL language spec "Call with results" section
 2023-06-21 15:57:25 +02:00
Kasper Svendsen
6d3f9fc67e Polish QL language spec "Call with results" section 2023-06-21 14:29:16 +02:00
Tom Hvitved
039bbb6288 Merge pull request #13521 from hvitved/ql/final-extends 
QL: Model `final extends`
 2023-06-21 14:18:31 +02:00
Adrien Pessu
5541fe79a8 Merge branch 'main' into main 2023-06-21 12:55:48 +01:00
Adrien Pessu
e332a4348d Update javascript/ql/src/Security/CWE-798/HardcodedCredentials.qhelp 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2023-06-21 12:55:33 +01:00
Kasper Svendsen
a4ee152efb Merge pull request #13512 from kaspersv/rc/3.10 
QL language ref: explain implicit this receivers
 2023-06-21 12:02:02 +02:00
Michael Nebel
3a81d21c1c Merge pull request #13520 from michaelnebel/csharp/usestubs3 
C#: Use stubs for query test cases.
 2023-06-21 11:41:26 +02:00
Kasper Svendsen
8015c3cf28 QL language ref: explain implicit this receivers 2023-06-21 11:07:16 +02:00
Michael Nebel
27ee4241e8 C#: Remove unused test assemblies. 2023-06-21 10:45:08 +02:00
Tom Hvitved
e6e966bd22 QL: Model final extends 2023-06-21 10:40:12 +02:00
Tom Hvitved
0edd80001b QL: Add tests for AbstractClassImport.ql 2023-06-21 10:40:12 +02:00
Michael Nebel
34e50de76d C#: Only use the dll's that are strictly needed in the API Abuse/NoDisposeCallOnLocalIDisposable test case. 2023-06-21 10:39:52 +02:00
Adrien Pessu
4d1bbe36a9 Merge branch 'main' into main 2023-06-21 09:11:57 +01:00
Adrien Pessu
7dfb404fd7 clean examples 2023-06-21 08:11:39 +00:00
Adrien Pessu
e85987bfc5 remove useless phrase 2023-06-21 07:59:24 +00:00
Erik Krogh Kristensen
12b3913a4b Merge pull request #13511 from tspascoal/patch-1 
JS: Single quote was preventing the shell from expanding the BODY variable in Expression injection in Actions example
 2023-06-21 09:57:20 +02:00
Michael Nebel
82bf27c7b2 C#: Base the remaining API Abuse query test cases on stubs. 2023-06-21 09:52:35 +02:00
Michael Nebel
52323d3990 C#: Base API Abuse/IncorrectCompareToSignature test case on stubs and update expected test output. 2023-06-21 09:40:37 +02:00
Michael Nebel
0e263fb744 C#: Base API Abuse/DisposeNotCalledOnException test case on stubs. Since the stubs requires C# 11 the language version has been removed from the options (also it doesn't affect the output). 2023-06-21 09:40:37 +02:00
Michael Nebel
4546d8f0bf C#: Base API Abuse/UncheckedReturnValue test case on stubs, clean up test and update expected output. 2023-06-21 09:40:37 +02:00
Michael Nebel
ada49dbb2c C#: Specific language version not needed in options file for API Abuse/NoDisposeCallOnLocalIDisposable. 2023-06-21 09:40:19 +02:00
Michael Nebel
d1184f0b3c C#: Base the AlertSupression test on stubs. 2023-06-21 07:59:56 +02:00
Tom Hvitved
59147ad674 QL: Add more tests for MissingOverride.ql 2023-06-20 19:30:30 +02:00