640 Commits

Author	SHA1	Message	Date
Alex Ford	5d79a8cec0	account for keyword args in rb/hardcoded-credentials and simplify query	2021-06-07 14:49:49 +01:00
Tom Hvitved	962768e7c0	Disambiguate toStrings for nested synthetic local variables	2021-06-04 19:20:11 +02:00
Tom Hvitved	82fbc03889	Merge pull request #200 from github/hvitved/dataflow/call-sensitivity ... Data flow: Call-sensitive resolution of lambda/block calls	2021-06-04 16:25:13 +02:00
Alex Ford	ec326bfcb7	Merge pull request #201 from github/perm-file-report-source ... Report rb/weak-file-permission alerts at source rather than sink and improve alert message	2021-06-04 14:52:48 +01:00
Alex Ford	8a3ffb6dca	add missing toString	2021-06-04 13:25:03 +01:00
Alex Ford	b2d36babc4	report rb/weak-file-permission alerts at source rather than sink and improve alert message	2021-06-04 13:10:18 +01:00
Nick Rolfe	523a0b1f12	Merge pull request #197 from github/upgrade-pack	2021-06-04 13:03:39 +01:00
Tom Hvitved	61e35ddae1	Data flow: Call-sensitive resolution of lambda/block calls	2021-06-04 12:58:38 +02:00
Tom Hvitved	77146e4e04	Data flow: Reduce caching ... These predicates are now cached in the shared implementation.	2021-06-04 12:53:47 +02:00
Tom Hvitved	f9eecfb59f	Bump codeql submodule	2021-06-04 12:52:05 +02:00
Tom Hvitved	6678ac0347	Desugar compound assignments	2021-06-04 10:39:06 +02:00
Tom Hvitved	da9adfbab4	Improve performance of desugaring transformations	2021-06-04 10:34:00 +02:00
Tom Hvitved	57eee0368d	Add CFG tests for compound assignments	2021-06-04 10:34:00 +02:00
Tom Hvitved	1007f2aaff	Rename (Hash)SplatArgument to (Hash)SplatExpr and make them UnaryOperations	2021-06-04 10:04:06 +02:00
Tom Hvitved	372f8645a9	Add (hash)splat AST tests	2021-06-04 09:53:14 +02:00
Nick Rolfe	8b987757c6	Merge upgrades qlpack into ql/src	2021-06-03 18:28:20 +01:00
Tom Hvitved	908e9ff3b5	Include desugared node in AstDesugar.ql	2021-06-03 14:46:32 +02:00
Nick Rolfe	9c199b6c2a	Merge pull request #193 from github/tausbn/autogenerate-qldoc ... Autogenerate QLDoc for `TreeSitter.qll`	2021-06-01 13:31:32 +01:00
Tom Hvitved	5bafc0c708	Merge pull request #183 from github/hvitved/assign-op-desugar ... Desugar setter assignments	2021-06-01 14:00:04 +02:00
Alex Ford	f27dd45e4c	run formatter	2021-06-01 12:29:45 +01:00
Alex Ford	907bb9b556	add a comment	2021-06-01 12:22:04 +01:00
Alex Ford	1f931d6f76	rb/hardcoded-credentials: fix bad bracketing	2021-06-01 12:22:04 +01:00
Alex Ford	fdd4f7f616	attempt to use typetracker in rb/hardcoded-credentials	2021-06-01 12:22:04 +01:00
Alex Ford	c530ba5b11	format ql	2021-06-01 12:22:04 +01:00
Alex Ford	f1303e0ced	remove WIP files	2021-06-01 12:22:04 +01:00
Alex Ford	10175e1398	remove WIP files	2021-06-01 12:22:04 +01:00
Alex Ford	4fdd072603	WIP: HardcodedCredentials query	2021-06-01 12:22:04 +01:00
Taus	53b7492aa3	Generate QLDoc for getChild	2021-06-01 10:57:39 +00:00
Taus	64090b086c	Autogenerate QLDoc for TreeSitter.qll ... It's not quite perfect, as there's still some QLDoc missing on the various `getChild` methods, but it wasn't immediately clear to me how to get this working (especially since the QLDoc would ideally be different depending on whether there was a child index or not). Then again, `getChild` probably has a pretty intuitive meaning...	2021-05-31 20:54:10 +00:00
Tom Hvitved	3ffef634d7	More synthesis refactoring ... - Join `TElementReferenceSynth` and `TMethodCallSynth`. - Move arity and setter information into `MethodCallKind`. - Add `Synthesis::methodCall` for specifying which method calls need synthesis.	2021-05-31 16:29:41 +02:00
Tom Hvitved	e8841e6482	Simplify getSynthChild	2021-05-27 10:20:31 +02:00
Tom Hvitved	f8b99291a7	Improve desugaring of setter assignments	2021-05-26 18:41:21 +02:00
Arthur Baars	af6f050d06	Merge pull request #189 from github/aibaars/fix-lgtm-suite ... Fix LGTM suites	2021-05-26 16:02:14 +02:00
Arthur Baars	ec905e0866	Merge pull request #168 from github/aibaars/typetrack-method ... Call graph	2021-05-26 14:19:21 +02:00
Arthur Baars	bacbd5e997	Address comments	2021-05-26 13:35:45 +02:00
Arthur Baars	a044f41aad	Merge pull request #188 from github/aibaars/qlpack ... Build Ruby bundle	2021-05-26 12:18:51 +02:00
Tom Hvitved	abcabeef06	Remove *Real predicates and enable recursive desugaring	2021-05-25 21:27:39 +02:00
Tom Hvitved	3f412e4fad	Desugar setter assignment operations	2021-05-25 21:27:39 +02:00
Tom Hvitved	b173cc332a	Desugar setter assignments	2021-05-25 21:27:39 +02:00
Tom Hvitved	b812012b71	Add CFG setter assignment test	2021-05-25 21:27:39 +02:00
Tom Hvitved	e85677a040	Adjust locations of synthesized AST nodes	2021-05-25 21:27:34 +02:00
Arthur Baars	ce23ae33e7	Fix Scope::parentOf for HereDocBody	2021-05-25 11:27:45 +02:00
Arthur Baars	bb62564c9e	Add test for heredoc with variables	2021-05-25 11:16:55 +02:00
Arthur Baars	86d57d3e26	Fix LGTM suites	2021-05-25 10:41:07 +02:00
Arthur Baars	4f404e9b11	Temporarily include some queries in the code scanning suite ... This should be reverted once we have a decent set of default queries.	2021-05-25 09:21:40 +02:00
Tom Hvitved	423a1b39e1	Improve call graph performance by forcing non-linear joins first	2021-05-20 14:36:56 +02:00
Tom Hvitved	492f41d399	Fix performance	2021-05-20 14:27:13 +02:00
Arthur Baars	0ccca47b01	Dataflow for implicit self argument of methods	2021-05-20 14:27:13 +02:00
Arthur Baars	eb8b2558da	Add types of lambdas and methods	2021-05-20 14:27:13 +02:00
Arthur Baars	e787d99cd1	Resolve yield calls to blocks	2021-05-20 14:27:13 +02:00