hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,255 Commits 1,672 Branches 157 Tags
bbce52535a84e38ffd8fc1036fbcdf7a758c935e
Commit Graph

8325 Commits

Author SHA1 Message Date
Chris Smowton
115d4de0e0 Kotlin: keep method overloads together 2022-10-07 13:50:27 +01:00
Chris Smowton
2df1d63d1c Extract the corresponding classes of enum entries, where they exist. 2022-10-07 12:23:08 +01:00
Chris Smowton
bb6e575689 Kotlin: allow building a single embeddable plugin version 2022-10-07 10:56:33 +01:00
Chris Smowton
0d98eba604 Merge pull request #10683 from smowton/smowton/feature/kotlin-function-overloads 
Kotlin: implement $default function synthesis
 2022-10-07 10:27:24 +01:00
Tamas Vajk
26c4216fef Kotlin: Extract override modifier on SAM methods 2022-10-07 11:23:14 +02:00
Tamas Vajk
9f6240b38c Kotlin: Add test for missing override modifier on SAM methods 2022-10-07 11:22:15 +02:00
Tamas Vajk
f51c13f0c1 Kotlin: Recognize generated files 2022-10-07 09:32:00 +02:00
Tamas Vajk
51f9314a50 Kotlin: Consider ::class type check in equals 2022-10-07 09:23:01 +02:00
Tamas Vajk
f7f12076df Kotlin: Add test case for ::class type check in equals 2022-10-07 09:22:10 +02:00
Tamas Vajk
cd64faf635 Kotlin: ignore properties in java/internal-representation-exposure check 2022-10-07 09:13:14 +02:00
Tamas Vajk
e9a304bad0 Kotlin: Add test for exposed internal representation 2022-10-07 09:12:36 +02:00
github-actions[bot]
a02dcdc5e1 Release preparation for version 2.11.1 2022-10-07 02:20:28 +00:00
github-actions[bot]
47c461a241 Add changed framework coverage reports 2022-10-07 00:26:57 +00:00
Chris Smowton
289843eb83 Remove accidentally duplicated test 
This was moved to a unit test, but the integration test version was somehow retained.
 2022-10-06 16:00:56 +01:00
Tony Torralba
ceae5eef28 Revert "Decouple from #10177" 
This reverts commit 7b34b10cee.
 2022-10-06 16:30:23 +02:00
Tony Torralba
21a0c446b4 Update java/ql/lib/semmle/code/java/security/UnsafeContentUriResolution.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2022-10-06 16:28:17 +02:00
Tony Torralba
015d48ef66 Fix select message 2022-10-06 16:28:17 +02:00
Tony Torralba
7b34b10cee Decouple from #10177 2022-10-06 16:28:17 +02:00
Tony Torralba
1bf1349167 Test all sinks 2022-10-06 16:28:17 +02:00
Tony Torralba
39b5ebfd7b Fix qhelp 2022-10-06 16:28:17 +02:00
Tony Torralba
76ea255277 Add security-severity 2022-10-06 16:28:17 +02:00
Tony Torralba
4a18892da9 Second query version 
Remove sinks flowing to write operations requirement
 2022-10-06 16:28:17 +02:00
Tony Torralba
153ec5368e First query version requiring sinks to flow to write operations 2022-10-06 16:28:17 +02:00
Henry Mercer
7a7d164b07 Merge pull request #10698 from github/henrymercer/successfully-extracted-files-tag 
Tag successfully extracted files queries
 2022-10-06 13:21:52 +01:00
Chris Smowton
fcf24f7671 Fix typo 2022-10-06 12:59:43 +01:00
Chris Smowton
1d8547d4c1 Avoid using count(...) = 0 2022-10-06 12:57:56 +01:00
Chris Smowton
0024e54e63 Make method private 2022-10-06 12:55:17 +01:00
Chris Smowton
86e5e4c4bc Accept test changes 2022-10-06 12:40:04 +01:00
Chris Smowton
020f29a1ab Add visibility tests 2022-10-06 12:40:03 +01:00
Chris Smowton
764c139e3e Visibility consistency query: allow $default methods to have package-private (default) visibility 2022-10-06 12:40:03 +01:00
Chris Smowton
34b83f01d0 Fix naming of internal default methods 2022-10-06 12:40:03 +01:00
Chris Smowton
5e182755a5 Fix generated $default method visibilities 2022-10-06 12:40:03 +01:00
Chris Smowton
bec948682d Fix calls to static methods defined in association with local functions 
These are a bit weird since they involve static calls to unnamed synthetic class members, but while unwriteable as Java they ought to work as a database description.
 2022-10-06 12:40:03 +01:00
Chris Smowton
b79d273de4 When calling a $default method, ensure the real method gets extracted 2022-10-06 12:40:02 +01:00
Chris Smowton
3452dcbced Fix class type parameter erasure within $default methods 2022-10-06 12:40:02 +01:00
Chris Smowton
be655432d6 Use new terse extraction functions where applicable 2022-10-06 12:40:02 +01:00
Chris Smowton
03c895853b Clarify test and accept test changes 2022-10-06 12:40:02 +01:00
Chris Smowton
6119670be8 Suppress use of function type parameters in the context of building a $defaults method 
These methods have erased signatures and no type parameters, so anything that refers to one must itself be erased. For signatures this would be easy, but for potentially deep default expressions these types can occur in various places and need erasing at each occurence.
 2022-10-06 12:40:02 +01:00
Chris Smowton
720cf5682b Exclude enum constructor invocations from defaults handling 
These seem to provide null arguments even though the constructor doesn't provide defaults, presumably for completion by a later compiler phase.
 2022-10-06 12:40:01 +01:00
Chris Smowton
6cc74da004 Defaults function extraction: respect the extract-type-accesses flag 2022-10-06 12:39:57 +01:00
Chris Smowton
34a0a0d080 Implement $default method synthesis 
This adds methods that fill in default parameters whenever a constructor or method uses default parameter values. I use as similar an approach to the real Kotlin compiler as possible both because this produces the desirable dataflow, and because it should merge cleanly with the same class file seen by the Java extractor, which will see and
extract the signatures of the default methods.
 2022-10-06 12:38:55 +01:00
Chris Smowton
6f3c9e4403 Split up extractRawMethodAccess 2022-10-06 11:05:27 +01:00
Anders Schack-Mulligen
5b67ba2939 Merge pull request #10177 from atorralba/atorralba/path-sanitizer 
Java: Promote `PathSanitizer.qll` from experimental
 2022-10-06 10:29:33 +02:00
Anders Schack-Mulligen
cbeff4efc8 Merge pull request #10693 from atorralba/atorralba/fix-guard-bad-magic 
Java: Fixes bad magic in `Guard::guardControls_v3`
 2022-10-06 10:14:48 +02:00
Tom Hvitved
0e6735b804 Merge pull request #10691 from hvitved/dataflow/conjunctive-clears 
Data flow: Take conjunctive `With(out)Contents` into account in `prohibitsUseUseFlow`
 2022-10-06 09:03:30 +02:00
Tamas Vajk
0bbc7adca0 Accept test changes 2022-10-06 08:45:57 +02:00
Henry Mercer
d80d39504f Tag successfully extracted files queries 
Tag the successfully extracted files queries with
`successfully-extracted-files` to make them easier to identify
programmatically in a language-independent way.
This follows the prior art for lines of code queries, which are tagged
`lines-of-code`.
 2022-10-05 19:19:43 +01:00
Tamas Vajk
46fb9865ac Add lateinit test to print the extracted AST 2022-10-05 16:09:00 +02:00
Chris Smowton
7f8bcf76bf Merge pull request #10665 from dilanbhalla/dilan-java/guidance-exectainted 
Java Guidance: ExecTainted.ql (experimental version)
 2022-10-05 15:05:10 +01:00
Tom Hvitved
0beea9fd1a Fix typos 2022-10-05 15:54:52 +02:00