hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-20 22:27:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
42,842 Commits 1,758 Branches 167 Tags
94de5c28cc649681fefda4abb33c5686686c07e2
Commit Graph

42842 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erik-krogh
cc7a9ef97a rename more acronyms 2022-08-25 20:52:27 +02:00
Ian Lynagh
5be8e45d09 Kotlin: Add AnyDbType 
All DbType* types extend it, and `Label`s require their argument to be a
subtype of it.
 2022-08-25 16:40:27 +01:00
Erik Krogh Kristensen
06afe9c0f4 Merge pull request #9816 from erik-krogh/msgConsis 
Make alert messages consistent across languages
 2022-08-25 15:20:01 +02:00
Paolo Tranquilli
df3dc9677f Swift: fix missing extractions from Builtin 
There were missing extractions from the Builtin (and other) modules.

This was actually caused by two issues:
* we did not visit all required modules, as for example the `Builtin`
  module does not appear as being imported by anybody (together with
  another mysterious `__Objc` module)
* moreover the `Builtin` module works internally by only creating
  declarations on demand, and does not provide a list of its top level
  declarations.

The first problem was solved by moving module collection to the actual
visiting. This may mean we extract less modules, as we only extract the
modules we actually use something from (recursively). This change can
be reverted if we feel we need it.

The second one was solved by explicitly listing the builtin symbols
encountered during a normal extraction. This does mean this list needs
to be kept up to date.
 2022-08-25 15:18:24 +02:00
Ian Lynagh
2e2621adad Merge pull request #10154 from igfoo/igfoo/findSubType 
Kotlin: Implement and use fun <T,reified S: T> Iterable<T>.findSubType
 2022-08-25 12:57:46 +01:00
Sebastian Bauersfeld
130e1892f4 Address review comments. 2022-08-25 18:49:38 +07:00
Sebastian Bauersfeld
207aebc581 Change wording of change note. 2022-08-25 18:47:36 +07:00
Sebastian Bauersfeld
36b5e5f61a Java: Add change notes. 2022-08-25 17:58:24 +07:00
Sebastian Bauersfeld
a486a89cee Java: Taint flow through org.springframework.data.repository.CrudRepository.save(). 2022-08-25 17:58:24 +07:00
Erik Krogh Kristensen
ba1ad00d2a Merge pull request #10062 from erik-krogh/redosPrefix 
JS: use the shared regular expression libraries in `js/case-sensitive-middleware-path`
 2022-08-25 12:57:16 +02:00
Nick Rolfe
acf5b11139 Merge remote-tracking branch 'origin/main' into nickrolfe/hardcoded_code 2022-08-25 11:44:55 +01:00
erik-krogh
c7aa58252a change "does not seem to check" to "does not check" in unchecked-cast-in-equals queries 2022-08-25 12:31:58 +02:00
Ian Lynagh
12eab3d7f0 Kotlin: Specialise findSubType to IrDeclaration 
We only use it on that type, and this makes the uses a bit quieter.
 2022-08-25 10:11:19 +01:00
Ian Lynagh
b0ae12850d Merge pull request #10160 from igfoo/igfoo/more-not-null-exprs 
Kotlin: Remove the last not-null-expressions
 2022-08-25 10:05:53 +01:00
Ian Lynagh
bf6d9f8c23 Merge pull request #10161 from igfoo/igfoo/exec 
Make a load of files non-executable
 2022-08-25 10:05:39 +01:00
Tamas Vajk
15305fd9bb Kotlin: Fix iterator extraction of IntArray, BooleanArray, ... 2022-08-25 11:05:17 +02:00
Anders Schack-Mulligen
c6f89aac0a Merge pull request #10141 from aschackmull/ruby/perf-apigraph 
Ruby: Perf fix for trackUseNode.
 2022-08-25 10:22:07 +02:00
Tamas Vajk
7196fdd475 Kotlin: fix array iterator extraction to work outside of for loops 2022-08-25 09:23:34 +02:00
Tamas Vajk
af2614be84 Kotlin: Add array iterator tests 2022-08-25 09:17:50 +02:00
Paolo Tranquilli
606b9e6e38 Revert "Swift: rollback removal of std::variant" 
This reverts commit 50d9a2e9cd.
 2022-08-25 09:12:35 +02:00
Mathias Vorreiter Pedersen
f2d9393928 Swift: Only test local-flow step relations for nodes with proper location information. 2022-08-24 17:14:11 +01:00
Ian Lynagh
3fcfd32eb1 Make *.ql non-executable 2022-08-24 16:55:11 +01:00
Ian Lynagh
5d97bb35d0 Make *.cs non-executable 2022-08-24 16:54:34 +01:00
Ian Lynagh
237b3670b4 Make *.xml non-executable 2022-08-24 16:53:48 +01:00
Ian Lynagh
b9a4b5ab9a Make *.qlref non-executable 2022-08-24 16:53:16 +01:00
Ian Lynagh
4cd618f81c Make *.expected non-executable 2022-08-24 16:51:50 +01:00
Henry Mercer
d9c078060a Merge pull request #10159 from github/codeql-ci/js-atm-new-release 
JS: Bump version numbers of ML-powered packs after 0.3.1 release
 2022-08-24 16:50:41 +01:00
Ian Lynagh
344863d896 Make *.qhelp non-executable 2022-08-24 16:38:15 +01:00
Ian Lynagh
bb73767042 Make *.java non-executable 2022-08-24 16:38:03 +01:00
Ian Lynagh
5f8d8cdf40 Make *.dbscheme non-executable 2022-08-24 16:37:26 +01:00
Ian Lynagh
501a9b3c6b Make *.qll non-executable 2022-08-24 16:36:15 +01:00
Jami
b3e88f8234 Merge pull request #9983 from jcogs33/android-implicit-export 
Java: query to detect implicitly exported Android components
 2022-08-24 10:52:50 -04:00
erik-krogh
014dcd1454 fixup a Python query, it didn't select something with a location 2022-08-24 16:23:20 +02:00
erik-krogh
5d9b25c75d Merge branch 'main' into msgConsis 2022-08-24 16:19:32 +02:00
Mathias Vorreiter Pedersen
80bf22cf6f Swift: Accept test changes in query tests. 2022-08-24 14:52:36 +01:00
Mathias Vorreiter Pedersen
2d90940111 Swift: Add field flow. 2022-08-24 14:52:36 +01:00
Ian Lynagh
b485706fde Kotlin: Remove the last not-null-expressions 2022-08-24 14:39:03 +01:00
Henry Mercer
eb7091a6d3 Merge branch 'main' into codeql-ci/js-atm-new-release 2022-08-24 14:37:44 +01:00
Ian Lynagh
e4f66b8aa7 Kotlin: Refactor writeUpdateInPlaceExpr 
In tryExtractArrayUpdate we need to know if writeUpdateInPlaceExpr will
succeed before we start writing any TRAP.
 2022-08-24 14:31:10 +01:00
Paolo Tranquilli
610c788e34 Merge pull request #10156 from github/redsun82/swift-import-optional-module 
Swift: make `ImportDecl:imported_module` optional
 2022-08-24 15:18:04 +02:00
github-actions[bot]
3af330dce9 JS: Bump version of ML-powered library and query packs to 0.3.2 2022-08-24 13:12:12 +00:00
github-actions[bot]
613c13c2bf JS: Bump patch version of ML-powered library and query packs 2022-08-24 13:03:14 +00:00
Mathias Vorreiter Pedersen
436fe65c7b Merge pull request #10155 from MathiasVP/swift-properties-as-callables 
Swift: Model property getters, setters and observers as callables
 2022-08-24 13:57:12 +01:00
erik-krogh
1c0f2251e2 Merge branch 'main' into msgConsis 2022-08-24 14:38:57 +02:00
Paolo Tranquilli
2ee8d1a9d3 Swift: implement optional ImportDecl:imported_module 2022-08-24 14:31:55 +02:00
Mathias Vorreiter Pedersen
06a39d2b93 Swift: Accept test change. 2022-08-24 13:29:17 +01:00
Paolo Tranquilli
7873f07fac Swift: define ImportDecl:imported_module optional 2022-08-24 14:26:29 +02:00
Mathias Vorreiter Pedersen
edb29b498d Swift: Teach 'DataFlowDispatch' about property getters, observers and setters. 2022-08-24 13:08:26 +01:00
Ian Lynagh
31e1230c64 Kotlin: Remove another not-null-expr 2022-08-24 12:51:15 +01:00
Ian Lynagh
20ac15d549 Merge pull request #10152 from igfoo/igfoo/not-null-exprs 
Kotlin: Remove more not-null expressions
 2022-08-24 12:18:45 +01:00