hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,117 Commits 1,671 Branches 157 Tags
a578f44af4a19f9eff6f1bdf28f66295867884ed
Commit Graph

948 Commits

Author SHA1 Message Date
Tom Hvitved
a578f44af4 QL4QL: Restrict ql/qlref-inline-expectations to (path-)problem queries 2025-04-10 15:03:57 +02:00
Michael Nebel
be4c9d8815 Ql4Ql: Update test expected file. 2025-03-24 16:23:55 +01:00
Michael Nebel
7dda951a51 Ql4Ql: Exclude files named PrintAst.qlref and qlref files that uses a query with a PrintAst name from QlRefInlineExpectations. 2025-03-24 16:23:04 +01:00
Michael Nebel
2a8a8224f1 Ql4Ql: Add PrintAst test case for QlRefInlineExpectations. 2025-03-24 16:22:46 +01:00
Paolo Tranquilli
0445d886c7 QL for QL: update toolchain 2025-02-28 12:39:37 +01:00
Tom Hvitved
9f9857b547 QL4QL: Add query suggestion use of inline test expectations 2025-02-13 16:26:11 +01:00
Paolo Tranquilli
8e28d99a62 QL for QL: accept test changes 2024-12-20 10:42:19 +01:00
Michael Nebel
2ca6147932 QL: Update all test util paths to point to the new location. 2024-12-12 13:54:33 +01:00
Michael Nebel
dd06d50b7f QL: Move test utilities into the src folder. 2024-12-12 13:54:32 +01:00
Napalys
7db9b7d758 Now flag aliases with the 'get' or 'as' prefix that resolve to predicates lacking a return type. 
Co-authored-by: asgerf <asgerf@github.com>
 2024-12-02 12:50:46 +01:00
Napalys
67745e6332 Reused isGetPredicate to retrieve the prefix of the predicate 2024-12-02 09:10:54 +01:00
Napalys
7c1aa84459 Fixed bug where some predicates were flagged without return type even thought they had 2024-11-29 17:38:30 +01:00
Napalys
a462ec91f5 Now the error message reflects properly the prefix 2024-11-29 15:57:28 +01:00
Napalys
96c1086dfc Modified comments to reflect 'as' changes 2024-11-29 15:35:18 +01:00
Napalys
e33f7aa1c7 Added test cases for 'as' prefix 2024-11-29 15:23:06 +01:00
Napalys Klicius
029b567bb7 Update ql/ql/src/queries/style/ValidatePredicateGetReturns.ql 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2024-11-29 15:19:19 +01:00
Napalys Klicius
a5521b90fc Update ql/ql/src/queries/style/ValidatePredicateGetReturns.ql 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2024-11-29 15:18:06 +01:00
Napalys
a763dd7267 Fixed github-advanced-security bot warning 2024-11-29 14:58:22 +01:00
Napalys
986e1cb597 Add ValidatePredicateGetReturns query and tests 2024-11-29 14:33:40 +01:00
Cornelius Riemenschneider
e8aa5db07a Rust: Update cargo dependencies. 
There was a recent round of tree-sitter-* package releases,
so the latest code is now a) released and b) available on crates.io.

Therefore, move away from the (super slow on CI) git dependencies to released crates instead.
This also includes a run of `cargo update`, so there's a bunch of more changes to the lockfile.
 2024-11-11 12:13:14 +01:00
Tom Hvitved
f389a889ad Exclude consistency output from .gitignore files 2024-09-26 11:09:54 +02:00
Tom Hvitved
eb1b2a5594 Bump tree-sitter to 0.23.0 2024-09-04 09:47:59 +02:00
Paolo Tranquilli
7b8c11379d Javascript: use codeql_pack for javascript extractor 2024-06-03 23:14:44 +02:00
Tom Hvitved
d6a3765597 Tree-sitter: Allow for multiple file lists in simple extractor 2024-05-31 11:15:21 +02:00
Tom Hvitved
94d2e9591d Tree-sitter: Emit empty_location relation to avoid scan 2024-05-27 10:39:21 +02:00
Tom Hvitved
0dbce3d077 Merge pull request #16451 from hvitved/treesitter/codeql-verbosity 
Tree-sitter: Respect verbosity defined in `CODEQL_VERBOSITY`
 2024-05-24 11:24:01 +02:00
Dave Bartolomeo
613ccaac1d Add change note to all v1.0.0 packs 2024-05-23 13:01:22 -04:00
Tom Hvitved
e4cd9d86f6 Tree-sitter: Respect verbosity defined in CODEQL_VERBOSITY 2024-05-23 13:38:35 +02:00
Dave Bartolomeo
ffe4c8c87b Update all pack versions to 1.0.0 2024-05-22 13:39:08 -04:00
Tom Hvitved
bf2ae9890f Tree-sitter: Bump to 0.22.6 2024-05-21 11:14:06 +02:00
Henry Mercer
9409d7fdca Merge pull request #16066 from github/henrymercer/ql-run-diagnostics 
QL: Run diagnostics and summary metrics in code scanning
 2024-04-02 10:45:50 +01:00
Erik Krogh Kristensen
0fd89549da Merge pull request #16033 from github/dependabot/cargo/ql/regex-1.10.4 
Bump regex from 1.10.3 to 1.10.4 in /ql
 2024-04-02 07:52:17 +02:00
dependabot[bot]
07f9614dc2 Bump chrono from 0.4.35 to 0.4.37 in /ql 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.35 to 0.4.37.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.35...v0.4.37)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-28 03:07:21 +00:00
Henry Mercer
568442d5f8 QL: Run diagnostics and summary metrics in code scanning 
Add diagnostics and summary metric queries to the code scanning suite.
 2024-03-26 18:11:50 +00:00
dependabot[bot]
0c73340e47 Bump regex from 1.10.3 to 1.10.4 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.3 to 1.10.4.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.3...1.10.4)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-25 03:31:03 +00:00
Henry Mercer
4e3a6e2140 Merge pull request #15874 from github/henrymercer/mark-loc-as-telemetry 
Show lines of code data in debug mode only
 2024-03-21 12:20:09 +00:00
Henry Mercer
a76832f4e0 Mark LOC queries as debug instead 2024-03-20 21:18:55 +00:00
Tom Hvitved
31e04631d1 QL4QL: Regenerate DB scheme and stats 2024-03-19 13:04:12 +01:00
Tom Hvitved
80649786c3 QL4QL: Remove MissingOverride query 2024-03-15 11:06:15 +01:00
Henry Mercer
c325ff8a23 Mark lines of code queries as telemetry queries 
The new file coverage metrics are available in all supported GHES
versions. This PR tags lines of code queries as telemetry queries. Lines
of code information will still be available in the SARIF file, but it
will no longer be displayed in the logging output of the CLI.

The one exception is the metric queries for Java/Kotlin that provides
separate lines of code information for Java and Kotlin. I've kept these
since separate file coverage information for languages like Java and
Kotlin is only available for GHES 3.12 and later.
 2024-03-11 16:40:31 +00:00
dependabot[bot]
f0a5183a3f Bump chrono from 0.4.34 to 0.4.35 in /ql 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.34 to 0.4.35.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.34...v0.4.35)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-07 03:59:07 +00:00
dependabot[bot]
cc178ab58f Bump rayon from 1.8.1 to 1.9.0 in /ql 
Bumps [rayon](https://github.com/rayon-rs/rayon) from 1.8.1 to 1.9.0.
- [Changelog](https://github.com/rayon-rs/rayon/blob/main/RELEASES.md)
- [Commits](https://github.com/rayon-rs/rayon/compare/rayon-core-v1.8.1...rayon-core-v1.9.0)

---
updated-dependencies:
- dependency-name: rayon
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-28 03:24:58 +00:00
Tom Hvitved
62b16c0fa3 Share getFileBySourceArchiveName implementation 2024-02-23 11:25:49 +01:00
dependabot[bot]
3212f80bea Bump chrono from 0.4.33 to 0.4.34 in /ql 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.33 to 0.4.34.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.33...v0.4.34)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-12 03:38:19 +00:00
Henry Mercer
e71f0fc1ba Add supported build modes to extractor metadata 2024-02-06 19:51:13 +00:00
dependabot[bot]
5fac945b33 Bump chrono from 0.4.32 to 0.4.33 in /ql 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.32 to 0.4.33.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.32...v0.4.33)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-26 03:25:31 +00:00
Erik Krogh Kristensen
f1d6f56621 Merge pull request #15393 from erik-krogh/deps-jan-2024 
All: delete outdated deprecations
 2024-01-23 13:52:38 +01:00
dependabot[bot]
e9a1fa9592 Bump chrono from 0.4.31 to 0.4.32 in /ql 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.31 to 0.4.32.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.31...v0.4.32)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-23 03:12:14 +00:00
erik-krogh
8be7eadace delete outdated deprecations 2024-01-22 09:11:35 +01:00
dependabot[bot]
eb1a0fece8 Bump regex from 1.10.2 to 1.10.3 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.2 to 1.10.3.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.2...1.10.3)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-22 03:54:51 +00:00