hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,351 Commits 1,671 Branches 157 Tags
8cba276b87e17fa3bfbbef3522dd9e863eaa7487
Commit Graph

66351 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ben Ahmady
8cba276b87 Deprecate the CodeQL for VS Code docs in favour of docs.github.com version 2024-04-25 07:59:33 +00:00
Tom Hvitved
17e0cc5648 Merge pull request #16313 from hvitved/dataflow/fix-bad-join3 
Data flow: Fix bad join
 2024-04-24 17:09:14 +02:00
Tamás Vajk
f29d2c21bd Merge pull request #16312 from tamasvajk/fix/buildless/file-lookup 
C#: Fix `global.json` and `packages.config` lookup
 2024-04-24 15:05:55 +02:00
Tamás Vajk
3b44b131b9 Merge pull request #16311 from tamasvajk/fix/resx 
C#: Do not download `Microsoft.CodeAnalysis.ResxSourceGenerator` when…
 2024-04-24 13:49:55 +02:00
Tamas Vajk
4a97f95890 Improve code quality 2024-04-24 13:47:25 +02:00
Tamás Vajk
84ea3a9a2c Merge pull request #16310 from tamasvajk/buildless/nuget_versions 
C#: Add integration test with multiple versions of the same nuget pac…
 2024-04-24 13:33:27 +02:00
Owen Mansel-Chan
f828f8ea65 Merge pull request #16250 from owen-mc/go/rename-untrusted-flow-source 
Go: Rename `UntrustedFlowSource` to `RemoteFlowSource` to match other language libraries
 2024-04-24 11:37:00 +01:00
Tom Hvitved
95d579d9de Data flow: Fix bad join 
```
Evaluated relational algebra for predicate _DataFlowImpl::Impl<HardcodedDataInterpretedAsCodeQuery::HardcodedDataInterpretedAsCodeFlow::C>::ret__#count_range@d112335l with tuple counts:
            285176  ~2%    {3} r1 = SCAN `_DataFlowDispatch::DataFlowCall.getEnclosingCallable/0#dispred#b7b78b19_DataFlowImpl::Impl<Hardcoded__#shared` OUTPUT In.1, In.0, In.2
        3265592261  ~3%    {5}    | JOIN WITH `DataFlowImpl::Impl<HardcodedDataInterpretedAsCodeQuery::HardcodedDataInterpretedAsCodeFlow::C>::returnCallEdge1/4#d02cae42_2301#join_rhs` ON FIRST 2 OUTPUT Lhs.0, Lhs.2, Rhs.2, Lhs.1, Rhs.3
             39070  ~8%    {6}    | JOIN WITH `DataFlowImplCommon::Cached::viableImplInCallContextExt/2#58e931ad` ON FIRST 3 OUTPUT Lhs.0, Lhs.3, Lhs.1, Lhs.2, Lhs.4, _
             39070  ~0%    {6}    | REWRITE WITH Out.5 := 1
                           return r1
```
 2024-04-24 12:22:28 +02:00
Tamas Vajk
f3daba510b C#: Fix global.json and packages.config lookup 2024-04-24 11:57:45 +02:00
Tamas Vajk
88e67715a1 C#: Do not download Microsoft.CodeAnalysis.ResxSourceGenerator when there are no resx files to process 2024-04-24 11:53:29 +02:00
Tamas Vajk
53eb753346 C#: Add integration test with multiple versions of the same nuget package 2024-04-24 11:50:43 +02:00
Mathias Vorreiter Pedersen
037114b336 Merge pull request #16309 from geoffw0/newtests 
C++: Add test cases
 2024-04-24 10:06:51 +01:00
Nick Rolfe
af72c0848e Merge pull request #16306 from github/nickrolfe/js-sensitive 
JS: do fewer regexp matches in SensitiveActions
 2024-04-24 09:49:44 +01:00
Tamás Vajk
de58ee5a22 Merge pull request #16225 from tamasvajk/buildless/resx 
C#: Add resource generator
 2024-04-24 10:10:45 +02:00
Tom Hvitved
a1a93c7331 Merge pull request #16304 from hvitved/csharp/fix-bad-join 
C#: Fix a bad join
 2024-04-24 08:11:25 +02:00
Owen Mansel-Chan
0311888fd4 Update change note 
Co-authored-by: Michael B. Gale <mbg@github.com>
 2024-04-23 19:07:02 +01:00
Geoffrey White
57a53891e9 C++: Effect of recent QL changes. 2024-04-23 18:12:05 +01:00
Geoffrey White
b6703bc25c C++: Add test cases inspired by QA results differences. 2024-04-23 18:06:12 +01:00
Nick Rolfe
003d208574 JS: do fewer regexp matches in SensitiveActions 2024-04-23 15:31:38 +01:00
Tom Hvitved
d8d7688f88 C#: Fix another bad join 2024-04-23 15:39:59 +02:00
Mathias Vorreiter Pedersen
3592e76269 Merge pull request #16302 from MathiasVP/fieldflowbranchlimit-follow-up-1 
C++: `fieldFlowBranchLimit` follow-up (1)
 2024-04-23 11:35:49 +01:00
Tom Hvitved
6aa4c5c187 C#: Fix a bad join 2024-04-23 11:47:55 +02:00
Michael B. Gale
fb8ee07b43 Merge pull request #16262 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/two-go-mods-not-nested/src/subdir1/golang.org/x/net-0.23.0 2024-04-23 10:44:54 +01:00
Michael B. Gale
4ccff1a630 Merge pull request #16263 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/ninja-sample/src/golang.org/x/net-0.23.0 2024-04-23 10:44:17 +01:00
Michael B. Gale
4b7160d4b2 Merge pull request #16267 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/go-mod-without-version/src/golang.org/x/net-0.23.0 2024-04-23 10:43:43 +01:00
Michael B. Gale
5cce5008a3 Merge pull request #16264 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/single-go-work-not-in-root/src/modules/subdir2/golang.org/x/net-0.23.0 2024-04-23 10:42:53 +01:00
Michael B. Gale
5b6ce56ca2 Merge pull request #16268 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/single-go-mod-not-in-root/src/subdir/golang.org/x/net-0.23.0 2024-04-23 10:42:24 +01:00
Michael B. Gale
2b81b6c323 Merge pull request #16265 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/golang.org/x/net-0.23.0 2024-04-23 10:41:50 +01:00
Mathias Vorreiter Pedersen
a39d8b7c7c C++: Ensure that each node type gets mapped to an instruction by 'getAnInstruction'. 2024-04-23 09:44:30 +01:00
Mathias Vorreiter Pedersen
553c09ada3 Merge pull request #16301 from MathiasVP/proper-coroutine-cfg-support-2 
C++: Implement proper coroutine support in IR
 2024-04-23 09:19:15 +01:00
Anders Schack-Mulligen
b2f09949df Merge pull request #15599 from aschackmull/dataflow/fieldflowbranchlimit-v2 
Dataflow: update fieldFlowBranchLimit semantics
 2024-04-23 10:08:05 +02:00
Rasmus Wriedt Larsen
19974f04c9 Merge pull request #16245 from github/tausbn/python-rename-StrConst-to-StringLiteral 
Python: Rename `StrConst` to `StringLiteral`
 2024-04-23 09:35:24 +02:00
Mathias Vorreiter Pedersen
c1755603a8 Update TranslatedExpr.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-04-23 07:25:25 +01:00
Mathias Vorreiter Pedersen
24cf75a37c C++: Accept test changes. 2024-04-22 21:38:13 +01:00
Mathias Vorreiter Pedersen
8169e7ce68 C++: Add proper translation of 'co_await' and 'co_yield'. 2024-04-22 21:38:13 +01:00
Mathias Vorreiter Pedersen
8383bc1629 C++: Add getters for the other children of 'co_return' and 'co_yield'. 2024-04-22 21:38:13 +01:00
Jeroen Ketema
35d1a9202b Merge pull request #16298 from jketema/reuse-val 
C++: Update expected test results after extractor changes
 2024-04-22 21:14:42 +02:00
Mathias Vorreiter Pedersen
799c380e5f Merge pull request #16255 from MathiasVP/fix-more-fps-in-iterator-to-expired-container 
Fix more FPs in `cpp/iterator-to-expired-container`
 2024-04-22 14:25:51 +01:00
Tamas Vajk
f20812d8ad Code quality improvement 2024-04-22 15:12:01 +02:00
Tamas Vajk
05f3c64172 Fix code review findings 2024-04-22 14:46:24 +02:00
Taus
81246cd41a Python: Add missing QLDoc for isUnicode 2024-04-22 12:08:53 +00:00
Taus
bab461ffd1 Python: Add change note 2024-04-22 12:00:09 +00:00
Taus
58eaddf627 Python: Update all .expected files 
I'm beginning to realise why I didn't do the `toString` overriding way
back when. Thankfully, now that all of our tests are in the same place,
this is actually not a terrible ordeal.
 2024-04-22 12:00:09 +00:00
Taus
d51fcd4f2a Python: Change Str to StringLiteral 
As far as I can tell, this was the only occurrence of `Str` as a type
throughout the entire library.
 2024-04-22 12:00:09 +00:00
Taus
b484aee39e Python: Autoformat everything 
Of course, `StringLiteral` being much longer than `StrConst` meant a
bunch of files changed formatting.
 2024-04-22 12:00:09 +00:00
Taus
1c68c987b0 Python: Change all remaining occurrences of StrConst 
Done using
```
git grep StrConst | xargs sed -i 's/StrConst/StringLiteral/g'
```
 2024-04-22 12:00:09 +00:00
Taus
f6487d7b13 Python: Rename StrConst to StringLiteral 
Does a few things:
- Renames `StrConst` to `StringLiteral`, and deprecates the former.
- Also deprecates `Str`.
- Adds an override of `StringLiteral::toString` making it output
`"StringLiteral"` rather than the inherited `"Str"`. This ensures that
the AST viewer shows these nodes as the former type, not the latter.

There are a large number of uses of `StrConst` in the codebase. These
will be fixed in a later commit.
 2024-04-22 12:00:09 +00:00
Jeroen Ketema
76637b0d03 C++: Update expected test results 2024-04-22 13:01:10 +02:00
Mathias Vorreiter Pedersen
77a7e007e3 Merge branch 'main' into fix-more-fps-in-iterator-to-expired-container 2024-04-22 10:42:06 +01:00
Jeroen Ketema
bea7b94537 Merge pull request #16296 from jketema/test-fix 
C++: Fix aliased IR test
 2024-04-22 11:34:13 +02:00