hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
39,583 Commits 1,673 Branches 157 Tags
cf5f1e593e4953528fa430ef752ad090538c417d
Commit Graph

39583 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
cf5f1e593e Swift: Extract new entities. 2022-05-24 08:57:05 +01:00
Mathias Vorreiter Pedersen
cdb081eaec Swift: Update schema and update generated files. 2022-05-24 08:57:05 +01:00
Arthur Baars
8248f607e4 Merge pull request #9277 from github/aibaars/go-test-workflow 
Go: trigger CI jobs on Go related changes only
 2022-05-23 23:51:34 +02:00
Aditya Sharad
7853ea607f Merge pull request #9243 from github/adityasharad/merge-codeql-go-docs 
Docs: Update references to github/codeql-go
 2022-05-23 14:37:23 -07:00
Arthur Baars
7a85ab1690 Go: trigger CI jobs on Go related changes only 2022-05-23 21:25:27 +02:00
Erik Krogh Kristensen
aa01cf11c2 Merge pull request #9125 from erik-krogh/exportObj 
JS: recognize functions that return object of methods as library input
 2022-05-23 19:57:34 +02:00
Erik Krogh Kristensen
0c10927adc Merge pull request #9261 from erik-krogh/passport 
JS: remove support for passport in the session-fixation query
 2022-05-23 19:56:42 +02:00
Aditya Sharad
42f2fc2287 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-05-23 10:55:50 -07:00
Chuan-kai Lin
d3ebc814f5 Merge pull request #8631 from github/cklin/merge-codeql-go 
Merge codeql-go repository into codeql
 2022-05-23 09:22:28 -07:00
Mathias Vorreiter Pedersen
9b0d84c1a3 Merge pull request #9268 from MathiasVP/swift-add-cfg-library 
Swift: Extend AST classes and add control-flow library
 2022-05-23 16:37:51 +01:00
Harry Maclean
905a37c273 Merge pull request #9137 from hmac/hmac/cfg-ql-class 
Ruby: Add getAPrimaryQlClass to CfgNodes classes
 2022-05-23 15:37:51 +01:00
Mathias Vorreiter Pedersen
358a8aba7a Merge pull request #8994 from HansmannThibaut/main 
C/C++ : Wrong Uint access
 2022-05-23 15:31:23 +01:00
Mathias Vorreiter Pedersen
4ba29845e9 Swift: Fix Code Scanning alerts. 2022-05-23 15:18:36 +01:00
Taus
3745526d69 Merge pull request #9108 from RasmusWL/promote-pam 
Python: Promote `py/pam-auth-bypass`
 2022-05-23 15:27:12 +02:00
Mathias Vorreiter Pedersen
ba28632c96 Update cpp/ql/src/experimental/Best Practices/WrongUintAccess.qhelp 2022-05-23 14:11:13 +01:00
CodeQL CI
04ca9cfaf4 Merge pull request #9234 from asgerf/js/api-graph-accessors 
Approved by erik-krogh
 2022-05-23 06:08:50 -07:00
Erik Krogh Kristensen
aadbc989ce fix typo in comment 
Co-authored-by: Asger F <asgerf@github.com>
 2022-05-23 15:07:29 +02:00
Harry Maclean
ae3a30256b Ruby: Add getAPrimaryQlClass to CfgNode 2022-05-23 14:02:23 +01:00
Tom Hvitved
64be958c52 Merge pull request #9262 from hvitved/ruby/local-source-node-antijoin 
Ruby: Eliminate bad `isLocalSourceNode` antijoin
 2022-05-23 14:36:03 +02:00
Erik Krogh Kristensen
ba844aa0ab Merge branch 'main' into exportObj 2022-05-23 14:18:31 +02:00
yoff
23d64ffa04 Merge pull request #9135 from tausbn/python-modernise-py-jinja2-autoescape-false 
Python: Modernise py/jinja2/autoescape-false
 2022-05-23 14:18:06 +02:00
Mathias Vorreiter Pedersen
2882c42698 Swift: Sync identical files. 2022-05-23 13:13:26 +01:00
Mathias Vorreiter Pedersen
6540e1e8bf Swift: Share 'ControlFlowGraphImplShared.qll' for Swift with Ruby and C#. 2022-05-23 13:12:45 +01:00
Mathias Vorreiter Pedersen
e98728b788 Swift: Fix casing on import alias. 2022-05-23 13:08:09 +01:00
Mathias Vorreiter Pedersen
83bcb53199 Swift: Add tests accept test changes. 2022-05-23 13:05:55 +01:00
Tamás Vajk
487425670e Merge pull request #9229 from tamasvajk/kotlin-df-fix-list 
Kotlin: extract non-private members of class supertypes
 2022-05-23 14:04:31 +02:00
Mathias Vorreiter Pedersen
9f8fbd7aa7 Swift: Add control-flow library. 2022-05-23 12:59:06 +01:00
Mathias Vorreiter Pedersen
26f0d3ac43 Swift: Add helper predicates on AST classes 2022-05-23 12:51:51 +01:00
Paolo Tranquilli
06a8cf6f1e Merge pull request #9198 from github/redsun82/swift-self-contained-cpp-code-gen 
Swift: make C++ code generation more self-contained
 2022-05-23 13:45:58 +02:00
Asger F
0929f5eb49 JS: Update test assertions to new syntax 2022-05-23 13:12:52 +02:00
Asger Feldthaus
33dac5e95f JS: API graph support for accessors (and classes) 2022-05-23 13:12:52 +02:00
Paolo Tranquilli
1e9fcfb338 Merge pull request #9265 from github/redsun82/swift-rm-codeqlmanifest 
Swift: remove `.codeqlmanifest`
 2022-05-23 13:00:58 +02:00
Erik Krogh Kristensen
7a3bbede1b remove support for passport in the session-fixation query 2022-05-23 12:55:11 +02:00
Paolo Tranquilli
63f5a86699 Merge pull request #9264 from github/redsun82/swift-fix-ndebug-build 
Swift: fix extractor built with `NDEBUG`
 2022-05-23 12:50:49 +02:00
Paolo Tranquilli
a3f6682bbb Swift: remove .codeqlmanifest 
The extractor pack entry in there has been moved to the root manifest.
 2022-05-23 12:49:08 +02:00
Paolo Tranquilli
ea6a249fee Swift: fix extractor built with NDEBUG 
There was a call with side effects in an `assert`, that was therefore
not being called with `NDEBUG` turned on, changing extractor results.
 2022-05-23 12:35:54 +02:00
Tom Hvitved
bbdedf5f14 Ruby: Eliminate bad isLocalSourceNode antijoin 
Gets rid of
```
Tuple counts for DataFlowPrivate::Cached::isLocalSourceNode#462ff392#f#antijoin_rhs@dd2f927s:
        20905019     ~3%    {2} r1 = JOIN DataFlowPrivate::Cached::TExprNode#462ff392#ff_1#higher_order_body WITH boundedFastTC(DataFlowPrivate::Cached::localFlowStepTypeTracker#462ff392#ff_10#higher_order_body,DataFlowPrivate::Cached::TExprNode#462ff392#ff_1#higher_order_body) ON FIRST 1 OUTPUT Rhs.1, Lhs.0

        10420128  ~1496%    {1} r2 = JOIN r1 WITH DataFlowPrivate::Cached::TExprNode#462ff392#ff_1#higher_order_body ON FIRST 1 OUTPUT Lhs.1

          480918     ~8%    {1} r3 = JOIN r1 WITH DataFlowPrivate::Cached::entrySsaDefinition#462ff392#f ON FIRST 1 OUTPUT Lhs.1

        10901046  ~1218%    {1} r4 = r2 UNION r3
                            return r4
```
 2022-05-23 10:54:17 +02:00
Tamas Vajk
4732793fb6 Change type tests 
Linux and MacOS produced different results, so the queried types are now limited to ones that are visible in the source code.
 2022-05-23 10:39:22 +02:00
Tamas Vajk
d3e64f5135 Kotlin: extract non-private members of class supertypes 2022-05-23 10:39:22 +02:00
Tamas Vajk
b0c6db4cfc Kotlin: add missing dataflow test for List::iterator 2022-05-23 10:39:22 +02:00
Tamas Vajk
ab920d31dc Repro for kotlin-java difference with generic types 2022-05-23 10:39:22 +02:00
Michael Nebel
bf958ff5bb Merge pull request #9255 from michaelnebel/csharp/test-clearscontent 
C#: Remove default clears content.
 2022-05-23 10:30:30 +02:00
Michael Nebel
c82ab6813f Merge pull request #9256 from michaelnebel/csharp/test-ranking 
C#: Rank summaries and source code in dataflow callables.
 2022-05-23 10:29:52 +02:00
Anders Schack-Mulligen
f2218944f6 Merge pull request #9214 from hvitved/dataflow/lambda-fp-flow 
Data flow: Do not discard call context when computing reverse lambda flow through jumps
 2022-05-23 10:02:51 +02:00
Michael Nebel
217c414b6e C#: Now that SummarizedCallableDefaultClears content has been removed, we need to explicitly say that fields are cleared. 2022-05-23 08:58:09 +02:00
Michael Nebel
ddde1d4607 C#: Remove default clears content. 2022-05-22 15:16:44 +02:00
Michael Nebel
f141336f64 C#: Fake location of methods as we want to use the defined summaries for testing purposes. 2022-05-22 15:14:58 +02:00
Michael Nebel
9f611d79ac C#: Rank summaries and source code such that only one is used. 2022-05-22 15:14:19 +02:00
Chris Smowton
5119de8d22 Merge pull request #9238 from atorralba/atorralba/remove-xxe-sinks 
Java: Remove org.dom4j.DocumentHelper:parseText as XXE sink
 2022-05-21 17:33:06 +01:00
Erik Krogh Kristensen
7971b54771 Merge pull request #8891 from erik-krogh/qlMergeFix 
QL: point the dataset measure workflow to a merge_stats.py file that exists
 2022-05-20 22:33:59 +02:00