hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 08:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
80,068 Commits 1,741 Branches 165 Tags
c19085e56e6830c190efd307c271f44851ed06df
Commit Graph

80068 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
3fed7f5397 Merge pull request #19714 from hvitved/rust/fix-bad-join 
Rust: Fix bad join
 2025-06-11 09:08:52 +02:00
Simon Friis Vindum
8f5d9d7702 Rust: Add type inference tests for borrowing 2025-06-11 08:40:15 +02:00
Ana Scolari
510bbac0e4 Create 2025-06-10-reduce-precision-for-building-cmdline-with-string-concatenation.md 2025-06-10 16:17:32 -07:00
Ana Scolari
857b51be58 Update ExecUnescaped.ql - causing FPs with hard coded strings 
This query is generating False positives with hard coded strings declared within the function - issue reported by customer. We had a discussion on code_scanning channel on 6/5/25 and the team agreed upon reducing its precision to Medium.
 2025-06-10 16:06:22 -07:00
Aditya Sharad
d659d40d58 Merge pull request #19701 from adityasharad/actions/bash-parsing-ranking-performance 
Actions: Improve Bash parsing performance on command and string interpolations
 2025-06-11 00:59:19 +05:30
Tom Hvitved
64ab7c78c8 Merge pull request #19717 from hvitved/rust/use-get-arg-param 
Rust: Use `get(An){Arg,Param}` helper predicates
 2025-06-10 18:48:51 +02:00
Geoffrey White
e64d083fc1 Rust: Lets also output the total number of nodes to make understanding this easier. 2025-06-10 17:37:42 +01:00
Geoffrey White
50bf246add Rust: Adjust the taint reach metric for better stability. 2025-06-10 17:08:15 +01:00
Asger F
72cc439125 JS: Normalize a few more extensions 2025-06-10 17:36:56 +02:00
Jeroen Ketema
1bd6446f7e Merge pull request #19715 from jketema/neon-ir-test 
C++: Add basic Aarch64 Neon IR test
 2025-06-10 16:57:46 +02:00
Geoffrey White
652d32d4ff Merge pull request #19626 from geoffw0/futures 
Rust: Model futures-io, rustls, futures-rustls
 2025-06-10 15:23:43 +01:00
Michael Nebel
dc81f5a6b2 Merge pull request #19713 from michaelnebel/csharp/freezequalityinsecurityandquality 
C#: Freeze quality queries in the security-and-quality suite.
 2025-06-10 16:19:45 +02:00
Asger F
18f9133715 JS: Rename and clarify comment for trackFunctionType 2025-06-10 16:14:46 +02:00
Asger F
a6488cbad9 Update javascript/ql/lib/semmle/javascript/internal/NameResolution.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2025-06-10 16:06:42 +02:00
Jeroen Ketema
a4be27659b C++: Minor test case reformatting 2025-06-10 15:55:18 +02:00
Michael Nebel
99dc923f1f C#: Add cs/gethashcode-is-not-defined to the Code Quality suite. 2025-06-10 15:45:41 +02:00
Tom Hvitved
e41b4f4022 Rust: Use get(An){Arg,Param} helper predicates 2025-06-10 15:45:34 +02:00
Jeroen Ketema
7d1b5ce584 C++: Add basic Aarch64 Neon test 2025-06-10 15:34:06 +02:00
Paolo Tranquilli
8f0f2006a8 Merge pull request #19708 from github/redsun82/rust-getArg-getParam 
Rust: add `Callable::getParam` and `CallExprBase::getArg` shortcuts
 2025-06-10 15:31:05 +02:00
Tom Hvitved
209cfb78a3 Rust: Fix bad join 
```
[2025-06-10 15:21:37] (83s) Tuple counts for TypeMention::PathTypeReprMention.aliasResolveTypeAt/1#dispred#ae16f47b#fbf#cpe#13/2@i5#5a5451wi after 57.7s:
                      205999      ~1028%     {3} r1 = JOIN `TypeMention::TypeMention.resolveTypeAt/1#dispred#a125c821#bff#reorder_1_0_2#prev_delta` WITH `_TypeAlias::Generated::TypeAlias.getTypeRepr/0#dispred#5fd7e521_TypeMention::PathTypeReprMention#a35__#join_rhs#1` ON FIRST 2 OUTPUT Rhs.2, Lhs.2 'result', Rhs.3 'this'
                                             {3}    | AND NOT `project#TypeMention::pathGetTypeParameter/2#fd301eed#2`(FIRST 2)
                      204000      ~982%      {2}    | SCAN OUTPUT In.2 'this', In.1 'result'

                      5499        ~448%      {7} r2 = JOIN `TypeMention::TypeMention.resolveTypeAt/1#dispred#a125c821#bff#reorder_0_2_1#prev_delta` WITH `_GenericArgList::GenericArgList.getTypeArg/1#dispred#1c780027_PathSegment::Generated::PathSegment.ge__#join_rhs#1` ON FIRST 1 OUTPUT Rhs.1, Rhs.2 'this', Rhs.3, Lhs.1 'result', _, Lhs.2, _
                                             {5}    | REWRITE WITH Tmp.4 := "", Tmp.6 := "", Out.4 := InverseAppend(Tmp.4,In.5,Tmp.6) KEEPING 5
                      2500        ~398%      {5}    | SCAN OUTPUT In.0, In.2, In.4, In.1 'this', In.3 'result'
                      0           ~0%        {2}    | JOIN WITH `TypeMention::TypeMention.resolveTypeAt/1#dispred#a125c821#bff#reorder_0_2_1#prev` ON FIRST 3 OUTPUT Lhs.3 'this', Lhs.4 'result'

                      9000        ~489%      {7} r3 = JOIN `TypeMention::TypeMention.resolveTypeAt/1#dispred#a125c821#bff#reorder_0_2_1#prev_delta` WITH `_PathSegment::Generated::PathSegment.getGenericArgList/0#dispred#e072653b__Path::Generated::Path.get__#join_rhs#1` ON FIRST 1 OUTPUT Rhs.1, Rhs.2 'this', Rhs.3, Lhs.1, _, Lhs.2, _
                                             {5}    | REWRITE WITH Tmp.4 := "", Tmp.6 := "", Out.4 := InverseAppend(In.5,Tmp.4,Tmp.6) KEEPING 5
                      5000        ~411%      {5}    | SCAN OUTPUT In.4, In.0, In.1 'this', In.2, In.3
                      10461919500 ~610%      {6}    | JOIN WITH `TypeMention::TypeMention.resolveTypeAt/1#dispred#a125c821#bff#reorder_1_0_2#prev` ON FIRST 1 OUTPUT Lhs.3, Rhs.1, Lhs.1, Lhs.2 'this', Lhs.4, Rhs.2 'result'
                      500         ~0%        {5}    | JOIN WITH `GenericArgList::GenericArgList.getTypeArg/1#dispred#1c780027_021#join_rhs` ON FIRST 2 OUTPUT Lhs.2, Rhs.2, Lhs.4, Lhs.3 'this', Lhs.5 'result'
                      0           ~0%        {2}    | JOIN WITH `TypeMention::pathGetTypeParameter/2#fd301eed` ON FIRST 3 OUTPUT Lhs.3 'this', Lhs.4 'result'

                      204000      ~982%      {2} r4 = r1 UNION r2 UNION r3
                      203964      ~982%      {2}    | AND NOT `TypeMention::PathTypeReprMention.aliasResolveTypeAt/1#dispred#ae16f47b#fbf#cpe#13#prev`(FIRST 2)
                                             return r4
```
 2025-06-10 15:25:05 +02:00
Napalys Klicius
51b83dbce5 Merge pull request #19579 from Napalys/js/dom_property_access 
JS: Improve `useless-expression` query to avoid duplicate alerts on compound expressions
 2025-06-10 15:17:13 +02:00
Geoffrey White
fd2154d389 Merge branch 'main' into futures 2025-06-10 14:16:06 +01:00
Tom Hvitved
791369dd0e Merge pull request #19584 from hvitved/rust/type-inference-await 
Rust: Type inference for `.await` expressions
 2025-06-10 14:56:28 +02:00
Paolo Tranquilli
4ac4e44b50 Rust: accept test changes 2025-06-10 14:45:57 +02:00
Geoffrey White
918fa3684f Merge branch 'main' into futures 2025-06-10 13:24:09 +01:00
Kasper Svendsen
23e789b421 QL: Improve toString for overlay annotations 2025-06-10 14:18:05 +02:00
Paolo Tranquilli
0d036992e0 Merge branch 'main' into redsun82/mad 2025-06-10 13:39:10 +02:00
Tom Hvitved
3d395dde47 Address review comments 2025-06-10 13:38:31 +02:00
Napalys Klicius
d968dd0fa1 Removed <strong> usage and updated r?e[m|x] example 2025-06-10 13:34:24 +02:00
Michael Nebel
a15b9a8eae C#: Freeze quality queries in the security-and-quality suite. 2025-06-10 13:34:03 +02:00
Napalys Klicius
65b1275a19 Update javascript/ql/src/RegExp/DuplicateCharacterInCharacterClass.qhelp 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-10 13:26:08 +02:00
Napalys Klicius
e46581163a Update javascript/ql/lib/Expressions/ExprHasNoEffect.qll 
Co-Authored-By: Asger F <316427+asgerf@users.noreply.github.com>
 2025-06-10 13:23:31 +02:00
Napalys Klicius
496d8d44eb Update javascript/ql/lib/Expressions/ExprHasNoEffect.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-10 13:19:48 +02:00
Napalys Klicius
e6f071ce46 Update javascript/ql/lib/Expressions/ExprHasNoEffect.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-10 13:18:48 +02:00
Paolo Tranquilli
3562c48068 Merge branch 'main' into redsun82/rust-getArg-getParam 2025-06-10 13:15:37 +02:00
Paolo Tranquilli
3af10d2c6c Merge pull request #19710 from github/redsun82/rust-fix-crate-graph-test 
Rust: fix crate graph test
 2025-06-10 13:15:22 +02:00
Napalys Klicius
a0db250dc3 Update javascript/ql/test/query-tests/RegExp/DuplicateCharacterInCharacterClass/tst.js 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-06-10 12:50:07 +02:00
Tom Hvitved
c6efc05de1 Rust: Reimplement type inference for impl Traits and await expressions 2025-06-10 12:39:20 +02:00
Tom Hvitved
f2832712bc Rust: Add more type inference tests 2025-06-10 12:38:40 +02:00
Tom Hvitved
821f2fd681 Rust: Type inference for .await expressions 2025-06-10 12:38:39 +02:00
Tom Hvitved
e6109cfcf1 Rust: Add type inference tests for impl Trait 2025-06-10 12:38:38 +02:00
Tom Hvitved
c32e05cc8a Rust: Add async type inference tests 2025-06-10 12:38:37 +02:00
Tom Hvitved
79a8942b0f Merge pull request #19614 from hvitved/rust/path-resolution-extern-crate 
Rust: Path resolution for `extern crate`s
 2025-06-10 12:37:46 +02:00
Idriss Riouak
f8b192ce3d Merge pull request #19688 from jketema/mfp8 
C++: Support the `__mfp8` floating point type
 2025-06-10 12:37:05 +02:00
Paolo Tranquilli
2a160e0687 CI: rename codegen workflow to be more generic 
Also remove the python setup stage as it shouldn't be necessary any more
seen that bazel uses a specific bundled one.
 2025-06-10 12:33:30 +02:00
Paolo Tranquilli
52760b1e28 CI: use black instead of autopep8 2025-06-10 12:30:33 +02:00
Paolo Tranquilli
14d48e9d58 Add black pre-commit hook 
This switched `codegen` from the `autopep8` formatting to the `black`
one, and applies it to `bulk_mad_generator.py` as well. We can enroll
more python scripts to it in the future.
 2025-06-10 12:25:39 +02:00
Paolo Tranquilli
ca99add7d6 MaD generator: address review 2025-06-10 12:14:39 +02:00
Paolo Tranquilli
ecc35e5a07 MaD generator: run formatter 2025-06-10 12:11:00 +02:00
Napalys Klicius
d68f5ebddb Added quality tag to js/regex/duplicate-in-character-class 2025-06-10 12:10:33 +02:00