hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 07:36:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
32,734 Commits 1,703 Branches 162 Tags
7fcbdbeada338a182e1c26084feb6d951f109bf7
Commit Graph

32734 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
7fcbdbeada Shared: sync AccessPathSyntax.qll and FlowSummaryImpl.qll 2022-02-21 08:21:52 +01:00
Asger Feldthaus
d911e0abf8 Shared: use getToken instead of getLastToken 2022-02-21 08:21:52 +01:00
Asger Feldthaus
c4304a980d Shared: add explicit this 2022-02-21 08:21:52 +01:00
Asger Feldthaus
dc6a13242b Shared: update comment in AccessPathSyntax.qll 2022-02-21 08:21:52 +01:00
Asger Feldthaus
2907d53e17 Shared: sync AccessPathSyntax.qll and FlowSummaryImpl.qll 2022-02-21 08:21:52 +01:00
Asger Feldthaus
be63cf7049 Shared: fix qldoc and move getRawToken to top-level 2022-02-21 08:21:52 +01:00
Asger Feldthaus
c189df2341 Revert "JS: Add support for " of " syntax to help during transition" 
This reverts commit 9bf522b3048c3b11f7e6d734ed797a613614a095.
 2022-02-21 08:21:51 +01:00
Asger Feldthaus
57bf0b1432 Ruby: remove support for legacy syntax 2022-02-21 08:21:51 +01:00
Asger Feldthaus
e3605eed44 Ruby: update CSV rows to dot-separated syntax 2022-02-21 08:21:50 +01:00
Asger Feldthaus
7005d53a67 Ruby: manually rewrite DigSummary access path 2022-02-21 08:16:55 +01:00
Asger Feldthaus
6dbeb81f36 Ruby: use AccessPathSyntax.qll to parse input/output summary specs 2022-02-21 08:16:55 +01:00
Asger Feldthaus
0af9e8aa58 C#: remove support for legacy syntax 2022-02-21 08:16:55 +01:00
Asger Feldthaus
6bb15dcc27 C#: update CSV rows to dot-separated syntax 2022-02-21 08:16:55 +01:00
Asger Feldthaus
dffa1d1558 C#: use AccessPathSyntax.qll to parse input/output summary specs 2022-02-21 08:16:55 +01:00
Asger Feldthaus
affdbe9955 Java: remove support for legacy syntax 2022-02-21 08:16:55 +01:00
Asger Feldthaus
a121b73181 Java: update CSV rows to dot-separated syntax 2022-02-21 08:16:55 +01:00
Asger Feldthaus
7f808710ec Java: update model generator 2022-02-21 08:16:54 +01:00
Asger Feldthaus
753c557dbe Java: use AccessPathSyntax.qll to parse input/output summary specs 2022-02-21 08:16:54 +01:00
Asger Feldthaus
53935db6c6 JS: Add support for " of " syntax to help during transition 2022-02-21 08:16:54 +01:00
Asger Feldthaus
30254686d8 JS: Move ".."-parsing trick into AccessPathSyntax.qll 2022-02-21 08:16:54 +01:00
Asger Feldthaus
7c2cff3227 JS: Factor out AccessPathSyntax.qll 2022-02-21 08:16:54 +01:00
Asger Feldthaus
e2cbf47b16 JS: Fix accidental recursion 2022-02-21 08:16:53 +01:00
Harry Maclean
e4f801bea8 Merge pull request #7886 from github/hmac/split-ruby-std-library 
Ruby: split standard library models into multiple files
 2022-02-21 13:39:43 +13:00
Harry Maclean
9a60c7e4ac Ruby: Update filename in test fixture 2022-02-21 09:43:36 +13:00
Harry Maclean
bfd2c14555 Ruby: Add shim StandardLibrary.qll 
This file re-exports everything it used to define, marking each as
deprecated to warn users that they should import `Core` or `Stdlib`
instead.
 2022-02-17 20:44:04 +13:00
Harry Maclean
459f949c24 Ruby: fix old import in ActiveSupport 
codeql.ruby.frameworks.StandardLibrary is deprecated
 2022-02-17 20:44:04 +13:00
Harry Maclean
9fff2cfcff Ruby: Add missing documentation 2022-02-17 20:44:04 +13:00
Harry Maclean
546bfcb8ea Ruby: split tests to match stdlib changes 2022-02-17 20:44:04 +13:00
Harry Maclean
eb4f333c25 Ruby: Move UnknownMethodCall to ast/Call.qll 2022-02-17 20:44:04 +13:00
Harry Maclean
a397c65d36 Ruby: Split standard library modeling 
Split the classes modeling various standard library concepts into a
structured group of multiple files.

Things that are part of the core language live in framworks/core and
standard libraries (that aren't part of core) live in frameworks/stdlib.

This mirrors the structure followed by the Ruby docs
(https://docs.ruby-lang.org/en/3.1/).

Tests are split in a followup commit.
 2022-02-17 20:44:04 +13:00
Ian Lynagh
a448db11b5 Merge pull request #8052 from igfoo/igfoo/descendent 
Spelling: Use "descendant" rather than "descendent" for consistency
 2022-02-16 18:03:52 +00:00
Nick Rolfe
26e7f3273b Merge pull request #8044 from github/nickrolfe/db_upgrade_script 
Language-agnostic document on db up-/downgrades
 2022-02-16 15:02:04 +00:00
Nick Rolfe
6d02ea7870 doc: remove unneeded --search-path flag 2022-02-16 14:51:12 +00:00
Ian Lynagh
b16e4c0247 Spelling: Use "descendant" rather than "descendent" for consistency 
$ git grep -i descendant | wc -l
170
 2022-02-16 14:26:02 +00:00
Nick Rolfe
54b56c44e6 doc: avoid using Posix-specific search-path separator 2022-02-16 12:42:58 +00:00
Nick Rolfe
17450a5b27 Python/Ruby: rm old prepare-db-upgrade.sh files 2022-02-16 12:21:52 +00:00
Nick Rolfe
549436fc86 doc: typo 2022-02-16 12:00:35 +00:00
Nick Rolfe
26b2012024 Move Ruby doc on db upgrades to common docs dir 
And explain downgrades
 2022-02-16 11:35:52 +00:00
Nick Rolfe
ee5068d843 Python/Ruby: forward to generic prepare-db-upgrade.sh 2022-02-16 11:03:28 +00:00
Tony Torralba
111aabb707 Merge pull request #7712 from luchua-bc/java/file-path-injection 
Java: CWE-073 File path injection with the JFinal framework
 2022-02-16 12:01:34 +01:00
Jeroen Ketema
3170670f67 Merge pull request #8041 from jketema/prepare-db-upgrade-script 
Add version of `prepare-db-upgrade.sh` supporting multiple languages
 2022-02-16 11:45:34 +01:00
Jeroen Ketema
671528b483 Find qldir by using the location of prepare-db-upgrade.sh 2022-02-16 11:35:15 +01:00
Jeroen Ketema
8ad0d8ea69 Factor out creating upgrade.properties into a function 2022-02-16 10:54:12 +01:00
Jeroen Ketema
b27dd6ca72 Simplify check_hash_valid 2022-02-16 10:53:39 +01:00
Jeroen Ketema
f558ac5b07 Make --lang a required script argument 2022-02-16 10:18:55 +01:00
Arthur Baars
ebb87c4b36 Merge pull request #7975 from github/post-release-prep/codeql-cli-2.8.1 
Post-release preparation for codeql-cli-2.8.1
 2022-02-15 20:17:35 +01:00
Jeroen Ketema
1209bbd9b4 Add version of prepare-db-upgrade.sh supporting multiple languages 2022-02-15 18:39:21 +01:00
luchua-bc
40bf093d34 Move shared code to the lib folder and update qldoc 2022-02-15 17:28:13 +00:00
Tony Torralba
5f0ab522f3 Merge pull request #7988 from Marcono1234/marcono1234/sealed-types-predicates 
Java: Add predicates for sealed classes
 2022-02-15 15:11:56 +01:00
yo-h
cfcb06cad9 Merge pull request #8035 from tamasvajk/feature/hardcoded-cred-medium-prec 
C#: Downgrade hardcoded credentials queries to medium precision
 2022-02-15 08:09:27 -05:00