hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 10:23:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,359 Commits 1,693 Branches 161 Tags
acb2bbb2a36702d9c0d7b08c3ddab6103e1a12ff
Commit Graph

66359 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
acb2bbb2a3 Java: Identify more APIs as supported in the telemetry queries (as QL defined sources). 2024-04-26 12:39:46 +02:00
Michael Nebel
06f987ad58 Java: Add test example of a supported sink defined in QL. 2024-04-26 12:39:46 +02:00
Rasmus Wriedt Larsen
13ff9412a4 Merge pull request #16252 from RasmusWL/move-dataflow-tests 
Python: Move dataflow tests out of experimental
 2024-04-25 10:05:06 +02:00
Jeroen Ketema
9d24b5afa6 Merge pull request #16319 from jketema/ir-comment-fix 
C++: Fix comment in IR test
 2024-04-25 09:59:58 +02:00
Jeroen Ketema
95ec4e8d26 C++: Fix comment in IR test 2024-04-24 21:47:47 +02:00
Tom Hvitved
17e0cc5648 Merge pull request #16313 from hvitved/dataflow/fix-bad-join3 
Data flow: Fix bad join
 2024-04-24 17:09:14 +02:00
Tamás Vajk
f29d2c21bd Merge pull request #16312 from tamasvajk/fix/buildless/file-lookup 
C#: Fix `global.json` and `packages.config` lookup
 2024-04-24 15:05:55 +02:00
Tamás Vajk
3b44b131b9 Merge pull request #16311 from tamasvajk/fix/resx 
C#: Do not download `Microsoft.CodeAnalysis.ResxSourceGenerator` when…
 2024-04-24 13:49:55 +02:00
Tamas Vajk
4a97f95890 Improve code quality 2024-04-24 13:47:25 +02:00
Tamás Vajk
84ea3a9a2c Merge pull request #16310 from tamasvajk/buildless/nuget_versions 
C#: Add integration test with multiple versions of the same nuget pac…
 2024-04-24 13:33:27 +02:00
Owen Mansel-Chan
f828f8ea65 Merge pull request #16250 from owen-mc/go/rename-untrusted-flow-source 
Go: Rename `UntrustedFlowSource` to `RemoteFlowSource` to match other language libraries
 2024-04-24 11:37:00 +01:00
Tom Hvitved
95d579d9de Data flow: Fix bad join 
```
Evaluated relational algebra for predicate _DataFlowImpl::Impl<HardcodedDataInterpretedAsCodeQuery::HardcodedDataInterpretedAsCodeFlow::C>::ret__#count_range@d112335l with tuple counts:
            285176  ~2%    {3} r1 = SCAN `_DataFlowDispatch::DataFlowCall.getEnclosingCallable/0#dispred#b7b78b19_DataFlowImpl::Impl<Hardcoded__#shared` OUTPUT In.1, In.0, In.2
        3265592261  ~3%    {5}    | JOIN WITH `DataFlowImpl::Impl<HardcodedDataInterpretedAsCodeQuery::HardcodedDataInterpretedAsCodeFlow::C>::returnCallEdge1/4#d02cae42_2301#join_rhs` ON FIRST 2 OUTPUT Lhs.0, Lhs.2, Rhs.2, Lhs.1, Rhs.3
             39070  ~8%    {6}    | JOIN WITH `DataFlowImplCommon::Cached::viableImplInCallContextExt/2#58e931ad` ON FIRST 3 OUTPUT Lhs.0, Lhs.3, Lhs.1, Lhs.2, Lhs.4, _
             39070  ~0%    {6}    | REWRITE WITH Out.5 := 1
                           return r1
```
 2024-04-24 12:22:28 +02:00
Tamas Vajk
f3daba510b C#: Fix global.json and packages.config lookup 2024-04-24 11:57:45 +02:00
Tamas Vajk
88e67715a1 C#: Do not download Microsoft.CodeAnalysis.ResxSourceGenerator when there are no resx files to process 2024-04-24 11:53:29 +02:00
Tamas Vajk
53eb753346 C#: Add integration test with multiple versions of the same nuget package 2024-04-24 11:50:43 +02:00
Mathias Vorreiter Pedersen
037114b336 Merge pull request #16309 from geoffw0/newtests 
C++: Add test cases
 2024-04-24 10:06:51 +01:00
Nick Rolfe
af72c0848e Merge pull request #16306 from github/nickrolfe/js-sensitive 
JS: do fewer regexp matches in SensitiveActions
 2024-04-24 09:49:44 +01:00
Tamás Vajk
de58ee5a22 Merge pull request #16225 from tamasvajk/buildless/resx 
C#: Add resource generator
 2024-04-24 10:10:45 +02:00
Tom Hvitved
a1a93c7331 Merge pull request #16304 from hvitved/csharp/fix-bad-join 
C#: Fix a bad join
 2024-04-24 08:11:25 +02:00
Owen Mansel-Chan
0311888fd4 Update change note 
Co-authored-by: Michael B. Gale <mbg@github.com>
 2024-04-23 19:07:02 +01:00
Geoffrey White
57a53891e9 C++: Effect of recent QL changes. 2024-04-23 18:12:05 +01:00
Geoffrey White
b6703bc25c C++: Add test cases inspired by QA results differences. 2024-04-23 18:06:12 +01:00
Nick Rolfe
003d208574 JS: do fewer regexp matches in SensitiveActions 2024-04-23 15:31:38 +01:00
Tom Hvitved
d8d7688f88 C#: Fix another bad join 2024-04-23 15:39:59 +02:00
Mathias Vorreiter Pedersen
3592e76269 Merge pull request #16302 from MathiasVP/fieldflowbranchlimit-follow-up-1 
C++: `fieldFlowBranchLimit` follow-up (1)
 2024-04-23 11:35:49 +01:00
Tom Hvitved
6aa4c5c187 C#: Fix a bad join 2024-04-23 11:47:55 +02:00
Michael B. Gale
fb8ee07b43 Merge pull request #16262 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/two-go-mods-not-nested/src/subdir1/golang.org/x/net-0.23.0 2024-04-23 10:44:54 +01:00
Michael B. Gale
4ccff1a630 Merge pull request #16263 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/ninja-sample/src/golang.org/x/net-0.23.0 2024-04-23 10:44:17 +01:00
Michael B. Gale
4b7160d4b2 Merge pull request #16267 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/go-mod-without-version/src/golang.org/x/net-0.23.0 2024-04-23 10:43:43 +01:00
Michael B. Gale
5cce5008a3 Merge pull request #16264 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/single-go-work-not-in-root/src/modules/subdir2/golang.org/x/net-0.23.0 2024-04-23 10:42:53 +01:00
Michael B. Gale
5b6ce56ca2 Merge pull request #16268 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/single-go-mod-not-in-root/src/subdir/golang.org/x/net-0.23.0 2024-04-23 10:42:24 +01:00
Michael B. Gale
2b81b6c323 Merge pull request #16265 from github/dependabot/go_modules/go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/golang.org/x/net-0.23.0 2024-04-23 10:41:50 +01:00
Mathias Vorreiter Pedersen
a39d8b7c7c C++: Ensure that each node type gets mapped to an instruction by 'getAnInstruction'. 2024-04-23 09:44:30 +01:00
Mathias Vorreiter Pedersen
553c09ada3 Merge pull request #16301 from MathiasVP/proper-coroutine-cfg-support-2 
C++: Implement proper coroutine support in IR
 2024-04-23 09:19:15 +01:00
Anders Schack-Mulligen
b2f09949df Merge pull request #15599 from aschackmull/dataflow/fieldflowbranchlimit-v2 
Dataflow: update fieldFlowBranchLimit semantics
 2024-04-23 10:08:05 +02:00
Rasmus Wriedt Larsen
1bc085c8f7 Python: Fixup for callGraphConfig 2024-04-23 09:42:35 +02:00
Rasmus Wriedt Larsen
bb00d6919a Python: Move dataflow TestUtil to importable location 2024-04-23 09:40:59 +02:00
Rasmus Wriedt Larsen
e0e405bb31 Python: replace dataflow-test location in files 2024-04-23 09:40:59 +02:00
Rasmus Wriedt Larsen
ce711f7d2f Python: Move dataflow tests out of experimental 2024-04-23 09:40:44 +02:00
Rasmus Wriedt Larsen
19974f04c9 Merge pull request #16245 from github/tausbn/python-rename-StrConst-to-StringLiteral 
Python: Rename `StrConst` to `StringLiteral`
 2024-04-23 09:35:24 +02:00
Mathias Vorreiter Pedersen
c1755603a8 Update TranslatedExpr.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-04-23 07:25:25 +01:00
Mathias Vorreiter Pedersen
24cf75a37c C++: Accept test changes. 2024-04-22 21:38:13 +01:00
Mathias Vorreiter Pedersen
8169e7ce68 C++: Add proper translation of 'co_await' and 'co_yield'. 2024-04-22 21:38:13 +01:00
Mathias Vorreiter Pedersen
8383bc1629 C++: Add getters for the other children of 'co_return' and 'co_yield'. 2024-04-22 21:38:13 +01:00
Jeroen Ketema
35d1a9202b Merge pull request #16298 from jketema/reuse-val 
C++: Update expected test results after extractor changes
 2024-04-22 21:14:42 +02:00
Mathias Vorreiter Pedersen
799c380e5f Merge pull request #16255 from MathiasVP/fix-more-fps-in-iterator-to-expired-container 
Fix more FPs in `cpp/iterator-to-expired-container`
 2024-04-22 14:25:51 +01:00
Tamas Vajk
f20812d8ad Code quality improvement 2024-04-22 15:12:01 +02:00
Tamas Vajk
05f3c64172 Fix code review findings 2024-04-22 14:46:24 +02:00
Taus
81246cd41a Python: Add missing QLDoc for isUnicode 2024-04-22 12:08:53 +00:00
Taus
bab461ffd1 Python: Add change note 2024-04-22 12:00:09 +00:00