hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
46,781 Commits 1,671 Branches 157 Tags
c2171c01e1514b331f8cb41a72640a9431286699
Commit Graph

46781 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paolo Tranquilli
c2171c01e1 Swift: remove double newlines in schema 
While PEP8 mandates those, they look bad in the schema file.

`autopep8` already ignores those, and they were single newlines at some
point until an overeager IDE has "fixed" them at some point without me
realizing.

Also, the pre-commit configuration was updated to take `schema.py` into
account.
 2022-11-15 15:00:30 +01:00
Stephan Brandauer
4b9b35d1c2 Merge pull request #11267 from github/atm/fix-non-sink-characteristics-hierarchy 
ATM: remove superfluous class in EndpointCharacteristics hierarchy
 2022-11-15 12:59:42 +01:00
Nick Rolfe
8d854e0a6b Merge pull request #11252 from github/nickrolfe/active_support_enumerable 
Ruby: add flow summary for Enumerable#index_by
 2022-11-15 10:40:42 +00:00
Stephan Brandauer
ec3578364e remove superfluous class in EndpointCharacteristics hierarchy 2022-11-15 10:17:38 +01:00
Erik Krogh Kristensen
d2857006cf Merge pull request #11247 from erik-krogh/py-redosMod 
Python: use the shared regex pack
 2022-11-14 21:10:43 +01:00
Tiferet Gazit
855eddab80 Merge pull request #11174 from github/tiferet/non-sink-endpoint-characteristics 
Non-sink endpoint characteristics
 2022-11-14 09:37:25 -08:00
Erik Krogh Kristensen
99636ba344 fix typo 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-11-14 17:35:55 +01:00
erik-krogh
324e0e8f90 always sort both by location and by term tostring 2022-11-14 17:33:48 +01:00
Ian Lynagh
7bf55c5846 Merge pull request #11251 from igfoo/igfoo/total 
Kotlin: Add total number of diagnostics to telemetry
 2022-11-14 15:09:57 +00:00
Tony Torralba
3ef7f3f44d Merge pull request #11120 from atorralba/atorralba/swift/xxe-query-xmldocument-sinks 
Swift: Adds XMLDocument sinks to the XXE query
 2022-11-14 15:46:02 +01:00
Chris Smowton
61149f297c Merge pull request #11232 from grddev/patch-1 
Go: Optimize trap.Writer by buffering gzip writes
 2022-11-14 14:01:47 +00:00
Ian Lynagh
fab2d30f38 Kotlin: Make emitDiagnostic private 2022-11-14 13:53:16 +00:00
Ian Lynagh
1e6ef99a50 Merge pull request #11249 from igfoo/igfoo/telem-compilation-info 
Java/Kotlin: Add compilation info to telemetry
 2022-11-14 13:51:35 +00:00
Tom Hvitved
b242bd6468 Merge pull request #11080 from github/revert-11074-revert-10576-ssa/consistency-queries 
Revert "Revert "SSA: Turn consistency predicates into `query` predicates""
 2022-11-14 14:43:58 +01:00
Ian Lynagh
847ecd1eec Java/Kotlin: Small refactoring of ExtractorInformation 2022-11-14 13:09:49 +00:00
Nick Rolfe
c80fbff648 Ruby: add changenote for Enumerable#index_by flow summary 2022-11-14 12:47:50 +00:00
Ian Lynagh
b20f8fc8c9 Kotlin: Add total number of diagnostics to telemetry 2022-11-14 12:27:54 +00:00
Tony Torralba
52bd140213 Fix test expectations 2022-11-14 12:41:13 +01:00
Tony Torralba
c03eab2410 Add XMLDocument sinks 2022-11-14 12:41:13 +01:00
Tony Torralba
a21db3b3c2 Merge pull request #11086 from atorralba/atorralba/swift/xxe-query 
Swift: Add new query for XML External Entities (XML) vulnerabilities
 2022-11-14 12:34:30 +01:00
Ian Lynagh
87ee979a12 Java/Kotlin: Add compilation info to telemetry 
This will give info about which kotlinc versions are used.
 2022-11-14 11:31:37 +00:00
Ian Lynagh
3afd895d41 Merge pull request #11217 from igfoo/igfoo/kotlin_version_rec 
Java/Kotlin: Write Kotlin version information to the database
 2022-11-14 10:55:46 +00:00
Nick Rolfe
83b3312467 Merge pull request #11207 from github/nickrolfe/arel-sql 
Ruby: add `SqlConstruction` concept, and implement it for calls to `Arel.sql`
 2022-11-14 10:21:37 +00:00
Nick Rolfe
0dadf0bbb4 Ruby: add flow summary for Enumerable#index_by 2022-11-14 10:01:24 +00:00
yoff
dd525a4f9b Merge pull request #11061 from erik-krogh/shared-redosMod 
ReDoS: add a shared regex pack
 2022-11-14 10:53:05 +01:00
AlexDenisov
d19bde8cb1 Merge pull request #11205 from github/alexdenisov/swift-db-upgrades-infra 
Swift: db up/downgrade scripts
 2022-11-14 09:51:15 +01:00
Alex Denisov
b5400f6dc9 Swift: remove rebase artifact 2022-11-14 08:55:44 +01:00
Gustav
3514694cdf Fix direct access to trap.Writer from trap.Labeler 2022-11-11 18:39:25 +01:00
Jeroen Ketema
5c109cdef1 Merge pull request #11234 from jketema/std-iterator-fix 
C++: Recognize `basic_string::iterator` as an iterator
 2022-11-11 17:21:42 +01:00
Gustav
fea4b816af Fix double close 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-11-11 17:12:13 +01:00
Ian Lynagh
b5c7d6bfcd Kotlin: Fix build on OS X 2022-11-11 14:57:36 +00:00
Alex Denisov
d49015a7e6 Swift: infrastructure for upgrade/downgrade scripts 2022-11-11 15:51:23 +01:00
AlexDenisov
e69d003d8f Merge pull request #11196 from github/redsun82/swift-error-element 
Swift: create common `ErrorElement` superclass and tests
 2022-11-11 15:50:58 +01:00
Alex Denisov
ce1fb4c018 Swift: accept test changes 2022-11-11 15:22:58 +01:00
Mathias Vorreiter Pedersen
38acdaabfa Merge pull request #11111 from geoffw0/tuples 
Swift: Content flow through tuples
 2022-11-11 14:20:26 +00:00
Henry Mercer
edaf64c254 Merge pull request #11233 from github/codeql-ci/atm/release-0.4.1 
JS: Bump version numbers of ML-powered packs after 0.4.1 release
 2022-11-11 14:20:08 +00:00
Erik Krogh Kristensen
2291f18695 Merge pull request #9827 from erik-krogh/overrideAny 
QL: Query for detecting unused parameter in override methods
 2022-11-11 15:17:48 +01:00
Ian Lynagh
7d54b542b5 Kotlin: Put extractor name in a resource rather than generating code 2022-11-11 14:04:14 +00:00
Rasmus Wriedt Larsen
ddbcdcb4ba Merge pull request #11160 from RasmusWL/dataflow-consistency-read-store 
DataFlow: Add read/store stepIsLocal consistency checks
 2022-11-11 14:51:45 +01:00
Paolo Tranquilli
eb14348153 Merge branch 'main' into redsun82/swift-error-element 2022-11-11 14:36:02 +01:00
AlexDenisov
7b6cb70cc8 Merge pull request #11213 from github/redsun82/swift-types 
Swift: extract or ignore last remaining types
 2022-11-11 14:22:29 +01:00
Henry Mercer
afbd05d41a Merge branch 'main' into codeql-ci/atm/release-0.4.1 2022-11-11 13:19:35 +00:00
Paolo Tranquilli
d3ff4908e6 Merge branch 'main' into redsun82/swift-error-element 2022-11-11 14:05:47 +01:00
Jeroen Ketema
612624d241 C++: Recognize basic_string::iterator as an iterator 2022-11-11 14:04:50 +01:00
Paolo Tranquilli
3816361c15 Merge branch 'main' into redsun82/swift-types 2022-11-11 13:54:12 +01:00
github-actions[bot]
b5b69e9357 JS: Bump version of ML-powered library and query packs to 0.4.2 2022-11-11 12:48:00 +00:00
github-actions[bot]
3e5e695325 JS: Bump patch version of ML-powered library and query packs 2022-11-11 12:36:19 +00:00
Paolo Tranquilli
d567ab3569 Merge pull request #11231 from github/redsun82/swift-fix-synthesized-wrapper-decls 
Swift: fix synthesized wrapper decls
 2022-11-11 13:32:32 +01:00
Erik Krogh Kristensen
6dfa57a7b1 Merge pull request #11226 from erik-krogh/fixFormatCheck 
CI: use `find` in the format check to fix it
 2022-11-11 13:07:52 +01:00
Gustav
f659ee3e0b Go: Optimize trap.Writer by buffering gzip writes 
The TRAP writer already buffers writes before emitting to file, but running gzip compression is also fairly costly (especially if you only do it a couple of bytes at a time). Thus, this injects another buffer that collects the emitted tuples in string form, and only triggers gzip compression once the buffer is full. In my local testing, this buffering was actually more beneficial than the one between gzip and file (likely because the gzip writer already emits data in chunks), but that one is still beneficial.
 2022-11-11 13:07:30 +01:00