hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
81,377 Commits 1,747 Branches 166 Tags
d8083add3e0c9b8923471a3c16d2fb105f661024
Commit Graph

9072 Commits

Author SHA1 Message Date
Joe Farebrother
d8083add3e Doc updates 2025-08-01 12:35:01 +01:00
Joe Farebrother
c0da9c407e Fix typo in test dir name + update examples 2025-07-25 13:15:46 +01:00
Joe Farebrother
958fddb638 cleanup order and remove duplicates for arithmetic methods 2025-07-25 10:57:19 +01:00
Joe Farebrother
d7b855c4e3 qhelp fix 2025-07-25 10:24:58 +01:00
Joe Farebrother
9af2ab83dc Cleanups 2025-07-25 10:22:51 +01:00
Joe Farebrother
8bdf6801b3 Add qldoc 2025-07-25 10:05:09 +01:00
Joe Farebrother
3525e83ad2 Add changenote + some doc updates 2025-07-25 09:52:54 +01:00
Joe Farebrother
871688f026 Update docs 2025-07-24 16:01:57 +01:00
Joe Farebrother
362bfba049 Update unit tests 2025-07-24 14:50:36 +01:00
Joe Farebrother
b9f6657ade Remove use of toString. This does also reduce reaults from cases where the exception is not a simple identifier. 2025-07-24 13:50:27 +01:00
Joe Farebrother
b9738066de try excluding set methods, add methods, update alert messages 2025-07-24 11:18:28 +01:00
Joe Farebrother
73d257e538 Port unexpected raise away from pointsto 2025-07-23 14:13:58 +01:00
github-actions[bot]
37cc78255a Post-release preparation for codeql-cli-2.22.2 2025-07-22 14:22:20 +00:00
github-actions[bot]
997547b8ef Release preparation for version 2.22.2 2025-07-22 14:04:14 +00:00
Nick Rolfe
825c813095 Revert "Release preparation for version 2.22.2" 2025-07-22 14:33:45 +01:00
github-actions[bot]
c8632b70b7 Release preparation for version 2.22.2 2025-07-21 16:45:45 +00:00
Nick Rolfe
ad9b637bec Revert "Merge pull request #19994 from github/post-release-prep/codeql-cli-2.22.2" 
This reverts commit e5b4a15e35, reversing
changes made to 33e63109bb.
 2025-07-21 15:18:59 +01:00
Jeroen Ketema
cbde11ddc9 Properly share ConceptsShared.qll 2025-07-14 16:30:45 +02:00
Jeroen Ketema
f07d8ee493 Remove duplicate copies of CryptoAlgorithms and CryptoAlgorithmNames 2025-07-14 11:39:06 +02:00
Jeroen Ketema
f4ba2e1fd0 Properly share CryptoAlgorithms and CryptoAlgorithmNames 2025-07-14 11:39:00 +02:00
Jeroen Ketema
c582a9ccd6 Remove duplicate copies of SensitiveDataHeuristics 2025-07-14 11:38:52 +02:00
Jeroen Ketema
8b828cecf1 Use shared SensitiveDataHeuristics 2025-07-14 11:38:47 +02:00
Taus
c6c6a857df Python: Add tests 
Also fixes an issue with the return type annotations that caused these
to not work properly.

Currently, annotated assignments don't work properly, due to the fact
that our flow relation doesn't consider flow going to the "type" part of
an annotated assignment. This means that in `x : Foo`, we do correctly
note that `x` is annotated with `Foo`, but we have no idea what `Foo`
is, since it has no incoming flow.

To fix this we should probably just extend the flow relation, but this
may need to be done with some care, so I have left it as future work.
 2025-07-11 12:03:14 +00:00
Taus
2c45550a9f Python: Add change note 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-07-11 12:03:14 +00:00
Taus
d1cf7f0624 Python: Support type annotations in call graph 
Adds support for tracking instances via type annotations. Also adds a
convenience method to the newly added `Annotation` class,
`getAnnotatedExpression`, that returns the expression that is annotated
with the given type. For return annotations this is any value returned
from the annotated function in question.

Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-07-11 12:03:14 +00:00
Jonas Jensen
5a1246a586 Merge remote-tracking branch 'upstream/main' into approximate-related-location 2025-07-09 10:10:20 +02:00
github-actions[bot]
24a0ac1223 Post-release preparation for codeql-cli-2.22.2 2025-07-07 18:15:04 +00:00
github-actions[bot]
f12daefabe Release preparation for version 2.22.2 2025-07-07 14:00:26 +00:00
Asger F
4a2d795076 Shared: Make approximate location filtering the default behaviour 2025-07-02 14:41:02 +02:00
Asger F
a46b5f9529 Python: enable diff-informedness for poly redos using approximate related locations 2025-07-02 14:39:42 +02:00
Michael Nebel
233b54c7fa Merge pull request #19891 from michaelnebel/michaelnebel/freezemoresuites 
Go/Ruby/Python: Freeze quality queries in `security-and-quality`.
 2025-07-01 09:04:19 +02:00
Taus
184dd5bf10 Merge pull request #19895 from github/tausbn/python-fix-match-as-identifier 
Python: Allow use of `match` as an identifier
 2025-06-30 16:24:23 +02:00
Kasper Svendsen
da1b99b921 Merge pull request #19779 from github/kaspersv/overlay-java-annotations 
Overlay: Add overlay annotations to Java & shared libraries
 2025-06-27 08:26:33 +02:00
Joe Farebrother
4cbaeb10e9 Merge pull request #19641 from joefarebrother/python-qual-file-not-closed 
Python: Improve performance of FileNotClosed query by using basic block reachability
 2025-06-26 23:35:38 +01:00
Taus
cd0e46314c Python: Add change note 2025-06-26 15:36:02 +00:00
Michael Nebel
37b3ca036a Python: Freeze the quality queries in the security-and-quality suite. 2025-06-26 14:45:05 +02:00
Kasper Svendsen
9d2dd782d9 Merge remote-tracking branch 'github/main' into kaspersv/overlay-java-annotations 2025-06-26 13:18:25 +02:00
github-actions[bot]
6972c7a872 Post-release preparation for codeql-cli-2.22.1 2025-06-24 12:55:14 +00:00
github-actions[bot]
3e074b2425 Release preparation for version 2.22.1 2025-06-24 08:55:31 +00:00
Kasper Svendsen
2da8d61984 Run config/sync-files.py 2025-06-24 10:25:06 +02:00
Joe Farebrother
f457453647 Update redundant assignment to be a correctness issue for cross language consistency 2025-06-19 14:22:12 +01:00
Joe Farebrother
e67f057b85 Update integration test output 2025-06-19 14:09:55 +01:00
Joe Farebrother
63d7eac127 Ensure exactly one subcategory is used 2025-06-19 14:09:07 +01:00
Joe Farebrother
c8c92a7139 Update tags for mixed-tuple-returns to include exactly 1 subcategory 2025-06-19 14:09:00 +01:00
Joe Farebrother
c3f7b18055 Review suggestions - update some tags 2025-06-19 14:08:51 +01:00
Joe Farebrother
09516a47d3 Fix integration test output 2025-06-19 14:08:42 +01:00
Joe Farebrother
d28a19c961 Update integration test output & add changenote 2025-06-19 14:08:30 +01:00
Joe Farebrother
fa5b2ef794 Tag remaining high precision quality queries 
Excluded queries that are python 2 specific; as well as the cyclic import queries
 2025-06-19 14:08:07 +01:00
Joe Farebrother
02f8ec33f2 Tag 'type-checking'-like quality queries 2025-06-19 14:07:55 +01:00
Joe Farebrother
4b1d31c976 Tag 'linter-like' quality queries that don't use pointsto 2025-06-19 14:07:42 +01:00