hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,614 Commits 1,671 Branches 157 Tags
c20ee76826e10318f8f39c6fae901b743c2e8254
Commit Graph

35614 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paolo Tranquilli
773ef62406 Swift: added trapgen 
This checks in the trapgen script generating trap entries in C++.

The codegen suite has been slightly reorganized, moving the templates
directory up one level and chopping everything into smaller bazel
packages. Running tests is now done via
```
bazel run //swift/codegen/test
```

With respect to the PoC, the nested `codeql::trap` namespace has been
dropped in favour of a `Trap` prefix (or suffix in case of entries)
within the `codeql` namespace. Also, generated C++ code is not checked
in in git any more, and generated during build. Finally, labels get
printed in hex in the trap file.

`TrapLabel` is for the moment only default-constructible, so only one
single label is possible. `TrapArena`, that is responsible for creating
disjoint labels will come in a later commit.
 2022-04-28 12:01:59 +02:00
Tony Torralba
604a5fc71f Merge pull request #8639 from atorralba/atorralba/spring-beans-improvements 
Java: Improve Spring models
 2022-04-28 11:59:51 +02:00
Michael Nebel
150d9ba52c Update .github/workflows/csv-coverage-metrics.yml 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-04-28 11:57:53 +02:00
Henry Mercer
52a417b02d Merge pull request #8921 from github/dependabot/github_actions/actions/setup-python-3 
Bump actions/setup-python from 2 to 3
 2022-04-28 10:57:02 +01:00
Jeroen Ketema
62831e93fe QL: Add filter for NewType to camel case query 2022-04-28 11:54:42 +02:00
Henry Mercer
03c311181a Merge pull request #8922 from github/dependabot/github_actions/actions/download-artifact-3 
Bump actions/download-artifact from 2 to 3
 2022-04-28 10:45:49 +01:00
Jeroen Ketema
3db9d56259 QL: Improve message for camel cazse query 2022-04-28 11:41:17 +02:00
Jeroen Ketema
52fc2dac47 QL: Add camel case tests 2022-04-28 11:38:14 +02:00
Mathias Vorreiter Pedersen
2517371a37 Merge pull request #8933 from MathiasVP/revert-globals 
C++: Revert #8515
 2022-04-28 10:38:08 +01:00
Tom Hvitved
29f1c533a9 Ruby: Add type tracker tests for flow through keyword/positional parameters 2022-04-28 11:34:12 +02:00
Michael Nebel
c606121ae7 C#: Move autogenerated comment to file level instead of having it on each class. 2022-04-28 11:27:49 +02:00
Michael Nebel
57fc4d987f C#: Fix indentation. 2022-04-28 11:19:54 +02:00
Michael Nebel
583b9b61de C#: Add job for running the framework coverage query for C#. 2022-04-28 11:19:49 +02:00
Michael Nebel
98b2bc06ce C#: Port the java FrameworkCoverage query. 2022-04-28 11:18:12 +02:00
Tom Hvitved
db856798b9 Merge pull request #8920 from github/dependabot/github_actions/actions/setup-dotnet-2 
Bump actions/setup-dotnet from 1 to 2
 2022-04-28 10:47:28 +02:00
Stephan Brandauer
f4104e2b72 Merge pull request #8886 from kaeluka/add-rest-parameter-flowstep 
JS: Add flow step to `...rest` parameters
 2022-04-28 08:39:50 +01:00
Tony Torralba
1f1581cc97 Merge pull request #8913 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-04-28 09:34:52 +02:00
Jonas Jensen
0c65e67d18 QL language reference: variables must be lowerId 
To prepare for a future QL language change where variable names must
start with a lower-case letter, this commit updates the QL language
reference (including the language specification) to change the variable
name grammar from `simpleId` to `lowerId`.
 2022-04-28 09:13:36 +02:00
dependabot[bot]
8c4e92d065 Bump actions/download-artifact from 2 to 3 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-28 03:32:59 +00:00
dependabot[bot]
c8fd94a830 Bump actions/setup-python from 2 to 3 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 3.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-28 03:32:57 +00:00
dependabot[bot]
6526ee797d Bump actions/setup-dotnet from 1 to 2 
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 1 to 2.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](https://github.com/actions/setup-dotnet/compare/v1...v2)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-28 03:32:55 +00:00
github-actions[bot]
018558b823 Add changed framework coverage reports 2022-04-28 00:18:25 +00:00
Harry Maclean
ba1d43dd42 Merge pull request #8658 from hmac/hmac/insecure-download 
Ruby: Add InsecureDownload query
 2022-04-28 11:07:35 +12:00
Harry Maclean
f4453f4da2 Merge pull request #8573 from hmac/hmac/missing-regexp-anchor 
Ruby: Add MissingRegExpAnchor query
 2022-04-28 11:06:33 +12:00
luchua-bc
590b9d8519 Standardize the query and update qldoc 2022-04-27 22:17:17 +00:00
Chris Smowton
bb049bffbd Merge pull request #8765 from artem-smotrakov/cover-jms 
Java: Add flow sources and steps for RabbitMQ and JMS
 2022-04-27 21:27:05 +01:00
Taus
b4a31e572f Python: Add global attribute writes 2022-04-27 16:45:00 +00:00
Taus
f71cf2e1fc Python: Add test 2022-04-27 15:48:11 +00:00
Paolo Tranquilli
f95b5853c1 Merge pull request #8788 from AlexDenisov/alexdenisov/swift-first-extractor-test 
Swift: file extraction
 2022-04-27 17:47:17 +02:00
Mathias Vorreiter Pedersen
dc96d55943 Merge pull request #8888 from geoffw0/xxe2 
C++: Add support for createLSParser to the CWE-611 XXE query.
 2022-04-27 16:24:27 +01:00
Anna Railton
00b74d8b1c Merge pull request #8895 from github/annarailton-patch-1 
ATM: Update `TaintedPathInjection` -> `TaintedPath`
 2022-04-27 16:15:46 +01:00
Mathias Vorreiter Pedersen
abbb7f861f Merge pull request #8904 from MathiasVP/sync-swift-schema 
Swift: Sync schema after extractor changes
 2022-04-27 16:14:46 +01:00
Alex Denisov
272aa594cc Swift: compiler options moved to .bazelrc 2022-04-27 17:11:16 +02:00
Mathias Vorreiter Pedersen
75c1e56bbd Revert "Merge pull request #8515 from rdmarsh2/rdmarsh2/ir-global-vars" 
This reverts commit 800e4ea7df, reversing
changes made to 7ce040f331.
 2022-04-27 16:04:28 +01:00
Henry Mercer
897bc2374a Merge pull request #8906 from github/henrymercer/workflow-codeowners 
Add CODEOWNERS for Actions workflows
 2022-04-27 15:47:11 +01:00
Tony Torralba
e99cee4913 Merge branch 'main' into java/unsafe-get-resource 2022-04-27 16:45:42 +02:00
Geoffrey White
d04078f989 C++: Fix. 2022-04-27 15:45:23 +01:00
Henry Mercer
c39eaf64ca Merge pull request #8901 from github/dependabot/github_actions/actions/checkout-3 
Bump actions/checkout from 2 to 3
 2022-04-27 15:40:07 +01:00
Henry Mercer
6777090f36 Add CODEOWNERS for Actions workflows 2022-04-27 15:26:15 +01:00
Stephan Brandauer
ee280cda32 Improve docs after PR comment 
Co-authored-by: Asger F <asgerf@github.com>
 2022-04-27 16:24:20 +02:00
dependabot[bot]
c63a0e7010 Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-27 14:13:33 +00:00
Henry Mercer
3e80c78612 Merge pull request #8903 from github/dependabot/github_actions/actions/stale-5 
Bump actions/stale from 3 to 5
 2022-04-27 15:13:03 +01:00
Henry Mercer
b6a787d4a0 Merge pull request #8902 from github/dependabot/github_actions/actions/cache-3 
Bump actions/cache from 2 to 3
 2022-04-27 15:12:58 +01:00
Henry Mercer
f876ef91a3 Merge pull request #8900 from github/dependabot/github_actions/actions/labeler-4 
Bump actions/labeler from 2 to 4
 2022-04-27 15:12:52 +01:00
Henry Mercer
52475cd917 Merge pull request #8899 from github/dependabot/github_actions/actions/upload-artifact-3 
Bump actions/upload-artifact from 2 to 3
 2022-04-27 15:12:39 +01:00
Paolo Tranquilli
cde5ba7987 Merge pull request #8889 from redsun82/swift-codegen-unit-tests 
Swift: add unit tests to code generation
 2022-04-27 16:07:54 +02:00
Stephan Brandauer
4964f2df9a add flow step to rest parameters 2022-04-27 16:03:19 +02:00
Chris Smowton
db90bf9900 Move change note 2022-04-27 15:00:26 +01:00
Michael Nebel
52b59d0eed C#: Add auto generated comment to generated models as data files. 2022-04-27 15:40:23 +02:00
Mathias Vorreiter Pedersen
141e8fcd5b Swift: Sync schema. 2022-04-27 14:39:13 +01:00