hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 23:56:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
55,701 Commits 1,703 Branches 162 Tags
d82c3ce11ac9efdab8e2d835fa5ca40cff41fda4
Commit Graph

55701 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeroen Ketema
d82c3ce11a Ruby: Rewrite InlineFlowTest as a parameterized module 2023-06-15 10:52:23 +02:00
Jeroen Ketema
742eb8dd12 Java: Rewrite InlineFlowTest as a parameterized module 2023-06-15 10:52:10 +02:00
Jeroen Ketema
853bf2ae4e C#: Rewrite InlineFlowTest as a parameterized module 2023-06-15 10:51:59 +02:00
Jeroen Ketema
eb62df6ece Go: Rewrite InlineFlowTest as a parameterized module 2023-06-15 10:51:29 +02:00
Tony Torralba
ad2b020b06 Merge pull request #13465 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-06-15 10:04:20 +02:00
github-actions[bot]
e6160b8e49 Add changed framework coverage reports 2023-06-15 00:18:04 +00:00
Asger F
318a60b208 Merge pull request #13456 from asgerf/js/vuex-perf 
JS: Restrict length of state path in vuex model
 2023-06-14 19:50:06 +02:00
Nora Dimitrijević
4d2e304799 Merge pull request #13240 from d10c/swift/brace-stmt-variables 
Swift: reorganize `VarDecl` instances within `BraceStmt`
 2023-06-14 18:23:25 +02:00
yoff
f5f822ca2d Merge pull request #13395 from yoff/python/container-summaries-3 2023-06-14 17:13:49 +02:00
Alexandre Boulgakov
354ebc2cb9 Merge pull request #13459 from github/sashabu/no-path-hash 
Swift: Don't use `std::hash<fs::path>`.
 2023-06-14 16:05:07 +01:00
Alexandre Boulgakov
afb7070fd3 Swift: Don't use std::hash<fs::path>. 2023-06-14 15:50:45 +01:00
Tony Torralba
37a62d3021 Merge pull request #13227 from atorralba/atorralba/java/jenkins-generated-models 
Java: Add autogenerated models for frameworks related to Jenkins
 2023-06-14 15:59:28 +02:00
Asger F
22b98c8959 JS: Restrict length of state path in vuex model 2023-06-14 15:48:58 +02:00
Nora Dimitrijević
0db321c724 Merge branch 'main' into swift/brace-stmt-variables 2023-06-14 14:57:46 +02:00
Nora Dimitrijević
77f52e4e01 Swift: better join order fix for NamedPattern.getVarDecl 
This brings it down to 85ms when run from a query, not just from quick-eval:

```

[2023-06-14 14:47:06] Evaluated non-recursive predicate NamedPattern#1696c0d8::NamedPattern::getVarDecl#0#dispred#ff@04392e6o in 85ms (size: 91309).
Evaluated relational algebra for predicate NamedPattern#1696c0d8::NamedPattern::getVarDecl#0#dispred#ff@04392e6o with tuple counts:
        1310544   ~9%    {2} r1 = SCAN var_decls OUTPUT In.0, In.1
        1209062   ~0%    {2} r2 = STREAM DEDUP r1
        1209062   ~0%    {2} r3 = JOIN r2 WITH Synth#5f134a93::Synth::convertVarDeclToRaw#1#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
          91309   ~0%    {3} r4 = JOIN r3 WITH VarDecl#914e0d1e::Generated::VarDecl::getImmediateParentPattern#0#dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0

          69599   ~0%    {3} r5 = JOIN r4 WITH #Pattern#19b8cf65::Pattern::getImmediateEnclosingPattern#0#dispredPlus#bf_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2

         160908   ~1%    {3} r6 = r4 UNION r5
          94246   ~0%    {4} r7 = JOIN r6 WITH Synth#5f134a93::Synth::convertNamedPatternToRaw#1#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.0
          91309   ~1%    {2} r8 = JOIN r7 WITH named_patterns ON FIRST 2 OUTPUT Lhs.3, Lhs.2
                         return r8
```
 2023-06-14 14:52:10 +02:00
Rasmus Lerchedahl Petersen
9a1e895fdc Python: missed removing these 
`set.add` and `list.append` do not return a value
 2023-06-14 14:51:21 +02:00
Tony Torralba
7c4cdbf0d6 Remove badly generated models 2023-06-14 14:20:16 +02:00
Michael Nebel
afec9b05e9 Merge pull request #13147 from michaelnebel/csharp/entityframeworkrefactor 
C#: Use synthetic global in the EntityFramework code instead of jump steps.
 2023-06-14 13:47:56 +02:00
Rasmus Lerchedahl Petersen
3b558a0044 python: remove spurious return flow 2023-06-14 13:35:37 +02:00
yoff
38cca08a86 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-06-14 13:27:33 +02:00
Asger F
f737054216 Merge pull request #13380 from asgerf/js/fix-sink-kind 
JS: Fix invalid source kind in test
 2023-06-14 12:56:58 +02:00
Tony Torralba
182513a981 Merge pull request #13235 from atorralba/atorralba/java/hudson-models 
Java: Add Hudson models
 2023-06-14 12:33:18 +02:00
Ian Lynagh
36e8441ed7 Merge pull request #13427 from igfoo/igfoo/references 
Kotlin: Avoid using deprecated APIs
 2023-06-14 11:15:35 +01:00
Jean Helie
209f3e26d4 Merge pull request #13239 from github/tausbn/automodel-application-mode 
Java: Add QL support for automodel application mode
 2023-06-14 11:42:26 +02:00
Michael Nebel
2200a2ae79 C#: Address review comments. 2023-06-14 11:25:31 +02:00
Asger F
5aea6fc16c JS: Remove dataExtensions clause from test qlpack 2023-06-14 10:42:31 +02:00
Asger F
21831516f4 JS: use test-local data extensions 2023-06-14 10:38:33 +02:00
Tony Torralba
8bafc22add Replace open-url sink kinds with request-forgery 2023-06-14 09:59:59 +02:00
Tony Torralba
73d2ab7d66 Add change note 2023-06-14 09:58:30 +02:00
Tony Torralba
686c35e210 Add autogenerated models 2023-06-14 09:58:30 +02:00
Anders Schack-Mulligen
1a4fca334f Merge pull request #13273 from aschackmull/dataflow/summarynode-refactor 
Dataflow: Refactor FlowSummaryImpl to synthesize nodes independently from DataFlow::Node.
 2023-06-14 09:38:36 +02:00
Rasmus Lerchedahl Petersen
f1de753400 python: add changenote 2023-06-13 21:59:51 +02:00
Rasmus Lerchedahl Petersen
4b4b9bf9da python: add missing summaries 
For append/add:
The new results in the experimental tar slip query
show that we do not recognize the sanitisers.
 2023-06-13 20:22:21 +02:00
Rasmus Lerchedahl Petersen
b72c93ff4f python: remove remaining explicit taint steps 2023-06-13 20:22:20 +02:00
yoff
1d65284011 Merge pull request #13209 from yoff/python/container-summaries-2 
python: Container summaries, part 2
 2023-06-13 18:17:09 +02:00
Rasmus Lerchedahl Petersen
775f3eaf56 python: make copy a dataflow step 2023-06-13 17:07:41 +02:00
Alexandre Boulgakov
7280f07611 Merge pull request #13336 from github/sashabu/c++20-todos 
Swift: Fix some C++20 todos.
 2023-06-13 15:25:29 +01:00
Alexandre Boulgakov
f5d6f50851 Merge pull request #13335 from github/sashabu/c++20 
Build: Bump build mode to C++20.
 2023-06-13 15:03:01 +01:00
yoff
4056358863 Merge pull request #13438 from RasmusWL/flask-render-string 
Python: Add modeling of `flask.render_template_string`
 2023-06-13 14:56:43 +02:00
Michael Nebel
9690ff6177 C#: Address review comments. 2023-06-13 14:19:17 +02:00
Rasmus Wriedt Larsen
2b7fc94aef Python: Fix validTest.py expectation 2023-06-13 12:11:28 +02:00
Erik Krogh Kristensen
4dc596f0fb Merge pull request #13381 from erik-krogh/mongooseFindByIdAndUpdate 
JS: remove the second argument of findByIdAndUpdate as a NoSQL sink
 2023-06-13 11:59:58 +02:00
Anders Schack-Mulligen
2d616d494e C#/Ruby: Add fields as per review comments. 2023-06-13 11:26:30 +02:00
Rasmus Lerchedahl Petersen
b709ed47e1 python: add test 2023-06-13 11:20:15 +02:00
Jeroen Ketema
6413fcc0f9 Merge pull request #13439 from jketema/go-dead 
Go: Remove commented out code from test
 2023-06-13 10:33:51 +02:00
Michael Nebel
577bbd531d C#: Base tests on stubs, move extractor options to options file and updated expected test output. 2023-06-13 10:17:42 +02:00
Jeroen Ketema
d035491c6f Go: Remove commented out code from test 2023-06-13 10:13:42 +02:00
Jeroen Ketema
c3ba206b6a Merge pull request #13346 from jketema/inline-2 
Update inline expectation tests to use parameterized module
 2023-06-13 10:10:55 +02:00
yoff
2a5173c331 Update python/ql/lib/semmle/python/frameworks/Stdlib.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-06-13 10:04:46 +02:00
Asger F
0d45074caa Merge pull request #13422 from asgerf/rb/map_filter 
Ruby: fix bug in filter_map summary
 2023-06-13 09:43:47 +02:00