hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,877 Commits 1,671 Branches 157 Tags
af1c4e0896095fa28dddc05bcc4a14d64e00124d
Commit Graph

963 Commits

Author SHA1 Message Date
Michael Nebel
af1c4e0896 Ql4Ql: Share the definition of TestFile between multiple tests. 2025-07-03 11:56:27 +02:00
Michael Nebel
60a1d02357 Ql4Ql: Add MissingQualityMetadata test. 2025-07-03 11:56:26 +02:00
Michael Nebel
e00b5351a4 Ql4Ql: Add a check for quality tag consistency. 2025-07-03 11:56:25 +02:00
Michael Nebel
c46b528c05 Ql4Ql: Add some quality tag testcases. 2025-07-03 11:56:23 +02:00
Michael Nebel
cce17743bb Ql4Ql: Re-factor the ql/mising-security-metadata query. 2025-07-03 11:56:22 +02:00
Nick Rolfe
867826466e Ruby/QL: unconditionally generate discard predicates 2025-06-25 15:35:58 +01:00
Nick Rolfe
57b866bbe1 Ruby/Rust/QL: move databaseMetadata to prefix.dbscheme 
This has no effect on ruby.dbscheme, and adds the relation to
ql.dbscheme and rust.dbscheme. (The relation will be required for
overlay support).
 2025-06-25 15:35:08 +01:00
Nick Rolfe
c6ff07ad5a Merge branch 'main' into nickrolfe/ruby-overlay-extraction 2025-06-25 05:46:26 -04:00
Kasper Svendsen
e1fc138670 QL4QL: Extend ql/inline-overlay-caller 2025-06-24 11:58:31 +02:00
Nick Rolfe
1bd7c4f11c Ruby: add databaseMetadata relation to dbscheme 
This is required for overlay support.
 2025-06-19 16:34:15 +01:00
Kasper Svendsen
01e7a33e1b QL4QL: Add test for ql/inline-overlay-caller query 2025-06-18 10:36:17 +02:00
Kasper Svendsen
23e789b421 QL: Improve toString for overlay annotations 2025-06-10 14:18:05 +02:00
Kasper Svendsen
b291b0637e Warn about possible non-inlining across overlay frontier 2025-05-28 14:41:40 +02:00
Kasper Svendsen
5f65ea60d1 QL AST: Add overlay annotations 2025-05-28 14:41:40 +02:00
Tom Hvitved
40390d1ada Address review comment 2025-04-22 15:08:39 +02:00
Tom Hvitved
a578f44af4 QL4QL: Restrict ql/qlref-inline-expectations to (path-)problem queries 2025-04-10 15:03:57 +02:00
Michael Nebel
be4c9d8815 Ql4Ql: Update test expected file. 2025-03-24 16:23:55 +01:00
Michael Nebel
7dda951a51 Ql4Ql: Exclude files named PrintAst.qlref and qlref files that uses a query with a PrintAst name from QlRefInlineExpectations. 2025-03-24 16:23:04 +01:00
Michael Nebel
2a8a8224f1 Ql4Ql: Add PrintAst test case for QlRefInlineExpectations. 2025-03-24 16:22:46 +01:00
Paolo Tranquilli
0445d886c7 QL for QL: update toolchain 2025-02-28 12:39:37 +01:00
Tom Hvitved
9f9857b547 QL4QL: Add query suggestion use of inline test expectations 2025-02-13 16:26:11 +01:00
Paolo Tranquilli
8e28d99a62 QL for QL: accept test changes 2024-12-20 10:42:19 +01:00
Michael Nebel
2ca6147932 QL: Update all test util paths to point to the new location. 2024-12-12 13:54:33 +01:00
Michael Nebel
dd06d50b7f QL: Move test utilities into the src folder. 2024-12-12 13:54:32 +01:00
Napalys
7db9b7d758 Now flag aliases with the 'get' or 'as' prefix that resolve to predicates lacking a return type. 
Co-authored-by: asgerf <asgerf@github.com>
 2024-12-02 12:50:46 +01:00
Napalys
67745e6332 Reused isGetPredicate to retrieve the prefix of the predicate 2024-12-02 09:10:54 +01:00
Napalys
7c1aa84459 Fixed bug where some predicates were flagged without return type even thought they had 2024-11-29 17:38:30 +01:00
Napalys
a462ec91f5 Now the error message reflects properly the prefix 2024-11-29 15:57:28 +01:00
Napalys
96c1086dfc Modified comments to reflect 'as' changes 2024-11-29 15:35:18 +01:00
Napalys
e33f7aa1c7 Added test cases for 'as' prefix 2024-11-29 15:23:06 +01:00
Napalys Klicius
029b567bb7 Update ql/ql/src/queries/style/ValidatePredicateGetReturns.ql 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2024-11-29 15:19:19 +01:00
Napalys Klicius
a5521b90fc Update ql/ql/src/queries/style/ValidatePredicateGetReturns.ql 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2024-11-29 15:18:06 +01:00
Napalys
a763dd7267 Fixed github-advanced-security bot warning 2024-11-29 14:58:22 +01:00
Napalys
986e1cb597 Add ValidatePredicateGetReturns query and tests 2024-11-29 14:33:40 +01:00
Cornelius Riemenschneider
e8aa5db07a Rust: Update cargo dependencies. 
There was a recent round of tree-sitter-* package releases,
so the latest code is now a) released and b) available on crates.io.

Therefore, move away from the (super slow on CI) git dependencies to released crates instead.
This also includes a run of `cargo update`, so there's a bunch of more changes to the lockfile.
 2024-11-11 12:13:14 +01:00
Tom Hvitved
f389a889ad Exclude consistency output from .gitignore files 2024-09-26 11:09:54 +02:00
Tom Hvitved
eb1b2a5594 Bump tree-sitter to 0.23.0 2024-09-04 09:47:59 +02:00
Paolo Tranquilli
7b8c11379d Javascript: use codeql_pack for javascript extractor 2024-06-03 23:14:44 +02:00
Tom Hvitved
d6a3765597 Tree-sitter: Allow for multiple file lists in simple extractor 2024-05-31 11:15:21 +02:00
Tom Hvitved
94d2e9591d Tree-sitter: Emit empty_location relation to avoid scan 2024-05-27 10:39:21 +02:00
Tom Hvitved
0dbce3d077 Merge pull request #16451 from hvitved/treesitter/codeql-verbosity 
Tree-sitter: Respect verbosity defined in `CODEQL_VERBOSITY`
 2024-05-24 11:24:01 +02:00
Dave Bartolomeo
613ccaac1d Add change note to all v1.0.0 packs 2024-05-23 13:01:22 -04:00
Tom Hvitved
e4cd9d86f6 Tree-sitter: Respect verbosity defined in CODEQL_VERBOSITY 2024-05-23 13:38:35 +02:00
Dave Bartolomeo
ffe4c8c87b Update all pack versions to 1.0.0 2024-05-22 13:39:08 -04:00
Tom Hvitved
bf2ae9890f Tree-sitter: Bump to 0.22.6 2024-05-21 11:14:06 +02:00
Henry Mercer
9409d7fdca Merge pull request #16066 from github/henrymercer/ql-run-diagnostics 
QL: Run diagnostics and summary metrics in code scanning
 2024-04-02 10:45:50 +01:00
Erik Krogh Kristensen
0fd89549da Merge pull request #16033 from github/dependabot/cargo/ql/regex-1.10.4 
Bump regex from 1.10.3 to 1.10.4 in /ql
 2024-04-02 07:52:17 +02:00
dependabot[bot]
07f9614dc2 Bump chrono from 0.4.35 to 0.4.37 in /ql 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.35 to 0.4.37.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.35...v0.4.37)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-28 03:07:21 +00:00
Henry Mercer
568442d5f8 QL: Run diagnostics and summary metrics in code scanning 
Add diagnostics and summary metric queries to the code scanning suite.
 2024-03-26 18:11:50 +00:00
dependabot[bot]
0c73340e47 Bump regex from 1.10.3 to 1.10.4 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.3 to 1.10.4.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.3...1.10.4)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-25 03:31:03 +00:00