hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 12:16:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
55,715 Commits 1,672 Branches 157 Tags
daf274314331318ecffd16e1bf7de399fe06cadc
Commit Graph

55715 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jean Helie
daf2743143 only use neutral models of kind "sink" 2023-06-16 13:58:23 +02:00
AlexDenisov
b572974536 Merge pull request #13476 from github/alexdenisov/rc3.10_mergeback 
rc3.10 mergeback: getting Swift changes back to main
 2023-06-16 11:59:23 +02:00
Alex Denisov
0479ef5b9c Merge remote-tracking branch 'origin/rc/3.10' into alexdenisov/rc3.10_mergeback 2023-06-16 10:13:23 +02:00
AlexDenisov
22124409fe Merge pull request #13458 from github/alexdenisov/swift-5.8-against-3.10 
Swift: upgrade extractor to support Swift 5.8.1
 2023-06-16 10:07:02 +02:00
Michael Nebel
47638123d0 Merge pull request #13150 from michaelnebel/csharp/removejumpstep 
C#: Remove jump step
 2023-06-15 12:53:37 +02:00
Ian Lynagh
b7e9915151 Merge pull request #13463 from igfoo/igfoo/AccessControlException 
Kotlin: Remove use of AccessControlException
 2023-06-15 10:53:28 +01:00
Tony Torralba
ad2b020b06 Merge pull request #13465 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-06-15 10:04:20 +02:00
Michael Nebel
04736b6e10 C#: Add lost QL Doc. 2023-06-15 10:00:09 +02:00
github-actions[bot]
e6160b8e49 Add changed framework coverage reports 2023-06-15 00:18:04 +00:00
Asger F
318a60b208 Merge pull request #13456 from asgerf/js/vuex-perf 
JS: Restrict length of state path in vuex model
 2023-06-14 19:50:06 +02:00
Ian Lynagh
0419b6e505 Kotlin: Remove use of AccessControlException 
We were getting warnings about it being deprecated, and it was all dead
code anyway.
 2023-06-14 17:45:58 +01:00
Nora Dimitrijević
4d2e304799 Merge pull request #13240 from d10c/swift/brace-stmt-variables 
Swift: reorganize `VarDecl` instances within `BraceStmt`
 2023-06-14 18:23:25 +02:00
yoff
f5f822ca2d Merge pull request #13395 from yoff/python/container-summaries-3 2023-06-14 17:13:49 +02:00
Alexandre Boulgakov
354ebc2cb9 Merge pull request #13459 from github/sashabu/no-path-hash 
Swift: Don't use `std::hash<fs::path>`.
 2023-06-14 16:05:07 +01:00
Alexandre Boulgakov
afb7070fd3 Swift: Don't use std::hash<fs::path>. 2023-06-14 15:50:45 +01:00
Alex Denisov
c080cba88d Swift: add database migration scripts 2023-06-14 16:17:44 +02:00
Alex Denisov
526f6cd5b5 Swift: skip print_unextracted 2023-06-14 16:17:44 +02:00
Alex Denisov
2daa001109 Swift: setup Swift 5.8 unconditionally 2023-06-14 16:17:44 +02:00
Paolo Tranquilli
17111c96e4 Swift: accept test expectation changes 2023-06-14 16:17:44 +02:00
Alex Denisov
93b9115217 Swift: package resource dir from precomiled toolchain 2023-06-14 16:17:44 +02:00
Paolo Tranquilli
c945d65b2d Swift: add clang ignored flag 2023-06-14 16:17:44 +02:00
Paolo Tranquilli
b9c4adee31 Swift: print only toBeTested errors in Errors.ql test 2023-06-14 16:17:44 +02:00
Paolo Tranquilli
75684eebe9 Swift: add 5.8 update QL test 2023-06-14 16:17:44 +02:00
Paolo Tranquilli
396b57696c Swift: minimal 5.8 compatibility 2023-06-14 16:17:44 +02:00
Tony Torralba
37a62d3021 Merge pull request #13227 from atorralba/atorralba/java/jenkins-generated-models 
Java: Add autogenerated models for frameworks related to Jenkins
 2023-06-14 15:59:28 +02:00
Asger F
22b98c8959 JS: Restrict length of state path in vuex model 2023-06-14 15:48:58 +02:00
Nora Dimitrijević
0db321c724 Merge branch 'main' into swift/brace-stmt-variables 2023-06-14 14:57:46 +02:00
Nora Dimitrijević
77f52e4e01 Swift: better join order fix for NamedPattern.getVarDecl 
This brings it down to 85ms when run from a query, not just from quick-eval:

```

[2023-06-14 14:47:06] Evaluated non-recursive predicate NamedPattern#1696c0d8::NamedPattern::getVarDecl#0#dispred#ff@04392e6o in 85ms (size: 91309).
Evaluated relational algebra for predicate NamedPattern#1696c0d8::NamedPattern::getVarDecl#0#dispred#ff@04392e6o with tuple counts:
        1310544   ~9%    {2} r1 = SCAN var_decls OUTPUT In.0, In.1
        1209062   ~0%    {2} r2 = STREAM DEDUP r1
        1209062   ~0%    {2} r3 = JOIN r2 WITH Synth#5f134a93::Synth::convertVarDeclToRaw#1#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
          91309   ~0%    {3} r4 = JOIN r3 WITH VarDecl#914e0d1e::Generated::VarDecl::getImmediateParentPattern#0#dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0

          69599   ~0%    {3} r5 = JOIN r4 WITH #Pattern#19b8cf65::Pattern::getImmediateEnclosingPattern#0#dispredPlus#bf_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2

         160908   ~1%    {3} r6 = r4 UNION r5
          94246   ~0%    {4} r7 = JOIN r6 WITH Synth#5f134a93::Synth::convertNamedPatternToRaw#1#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.0
          91309   ~1%    {2} r8 = JOIN r7 WITH named_patterns ON FIRST 2 OUTPUT Lhs.3, Lhs.2
                         return r8
```
 2023-06-14 14:52:10 +02:00
Rasmus Lerchedahl Petersen
9a1e895fdc Python: missed removing these 
`set.add` and `list.append` do not return a value
 2023-06-14 14:51:21 +02:00
Tony Torralba
7c4cdbf0d6 Remove badly generated models 2023-06-14 14:20:16 +02:00
Michael Nebel
f26c514426 C#: Remove the JumpReturnKind and the related summary component stack. 2023-06-14 14:00:19 +02:00
Michael Nebel
afec9b05e9 Merge pull request #13147 from michaelnebel/csharp/entityframeworkrefactor 
C#: Use synthetic global in the EntityFramework code instead of jump steps.
 2023-06-14 13:47:56 +02:00
Rasmus Lerchedahl Petersen
3b558a0044 python: remove spurious return flow 2023-06-14 13:35:37 +02:00
yoff
38cca08a86 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-06-14 13:27:33 +02:00
Asger F
f737054216 Merge pull request #13380 from asgerf/js/fix-sink-kind 
JS: Fix invalid source kind in test
 2023-06-14 12:56:58 +02:00
Tony Torralba
182513a981 Merge pull request #13235 from atorralba/atorralba/java/hudson-models 
Java: Add Hudson models
 2023-06-14 12:33:18 +02:00
Ian Lynagh
36e8441ed7 Merge pull request #13427 from igfoo/igfoo/references 
Kotlin: Avoid using deprecated APIs
 2023-06-14 11:15:35 +01:00
Jean Helie
209f3e26d4 Merge pull request #13239 from github/tausbn/automodel-application-mode 
Java: Add QL support for automodel application mode
 2023-06-14 11:42:26 +02:00
Michael Nebel
2200a2ae79 C#: Address review comments. 2023-06-14 11:25:31 +02:00
Asger F
5aea6fc16c JS: Remove dataExtensions clause from test qlpack 2023-06-14 10:42:31 +02:00
Asger F
21831516f4 JS: use test-local data extensions 2023-06-14 10:38:33 +02:00
Tony Torralba
8bafc22add Replace open-url sink kinds with request-forgery 2023-06-14 09:59:59 +02:00
Tony Torralba
73d2ab7d66 Add change note 2023-06-14 09:58:30 +02:00
Tony Torralba
686c35e210 Add autogenerated models 2023-06-14 09:58:30 +02:00
Anders Schack-Mulligen
1a4fca334f Merge pull request #13273 from aschackmull/dataflow/summarynode-refactor 
Dataflow: Refactor FlowSummaryImpl to synthesize nodes independently from DataFlow::Node.
 2023-06-14 09:38:36 +02:00
Rasmus Lerchedahl Petersen
f1de753400 python: add changenote 2023-06-13 21:59:51 +02:00
Rasmus Lerchedahl Petersen
4b4b9bf9da python: add missing summaries 
For append/add:
The new results in the experimental tar slip query
show that we do not recognize the sanitisers.
 2023-06-13 20:22:21 +02:00
Rasmus Lerchedahl Petersen
b72c93ff4f python: remove remaining explicit taint steps 2023-06-13 20:22:20 +02:00
yoff
1d65284011 Merge pull request #13209 from yoff/python/container-summaries-2 
python: Container summaries, part 2
 2023-06-13 18:17:09 +02:00
Rasmus Lerchedahl Petersen
775f3eaf56 python: make copy a dataflow step 2023-06-13 17:07:41 +02:00