hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 20:26:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
72,681 Commits 1,672 Branches 157 Tags
dbe8f98e183b58c716a44c025dab58ec69b9d65c
Commit Graph

72681 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Napalys
41f21d429b JS: Added test case which is not flagged but should be abusing new RegExp with global flag 2024-11-28 11:26:33 +01:00
Tamas Vajk
5727fda07a C#: Exclude get-only property accesses from CallTargetStats 2024-11-28 11:02:39 +01:00
Simon Friis Vindum
e8ddb6b180 Rust: Add getStaticTarget to CallExprBase 2024-11-28 10:57:07 +01:00
Edward Minnix III
1b224c1ab2 Merge pull request #17258 from egregius313/egregius313/go/mad/documentation 
Go: Models as Data Documentation
 2024-11-27 22:55:50 -05:00
Óscar San José
1a0442c5a6 Adding correct wildcard 2024-11-27 19:34:34 +01:00
Óscar San José
5790f5d5dc Include paths on pull_request event trigger for compile-queries.yml workflow 2024-11-27 18:37:12 +01:00
Óscar San José
2bc89900fb Update codespaces default config to ubuntu 24 2024-11-27 16:16:45 +01:00
Paolo Tranquilli
5c2a6b8865 Merge pull request #18083 from github/redsun82/rust-canonical-enum 
Rust: add extended canonical paths on enum variants
 2024-11-27 15:22:07 +01:00
Paolo Tranquilli
a8188598b0 Merge branch 'main' into redsun82/rust-canonical-enum 2024-11-27 15:01:47 +01:00
Paolo Tranquilli
4e7115538b Rust: move steps breakdown from JSON diagnostics to the DB 2024-11-27 14:55:46 +01:00
Simon Friis Vindum
d89678f49f Rust: Data flow through tuple and struct fields 2024-11-27 14:53:01 +01:00
Paolo Tranquilli
5251dc2058 Rust: use check_diagnostics improvements 2024-11-27 13:36:27 +01:00
Mathias Vorreiter Pedersen
d86fea5ba5 Merge pull request #18114 from MathiasVP/actually-check-func-name-in-mad 
C++: Actually check function names in MaD
 2024-11-27 11:22:10 +00:00
Paolo Tranquilli
27738eaacc Rust: reorganize perf diagnostics 2024-11-27 12:05:06 +01:00
Geoffrey White
c113a0b5a1 Rust: Fix typo. 2024-11-27 10:51:42 +00:00
Geoffrey White
60c212bb10 Rust: Update for changes on main. 2024-11-27 10:42:24 +00:00
Geoffrey White
ba560f2fe9 Rust: Model SQLx. 2024-11-27 10:31:05 +00:00
Geoffrey White
e96f15d9b4 Rust: Add a test exposing SQL Injection sinks directly. 2024-11-27 10:31:04 +00:00
Anders Schack-Mulligen
df2e2e503a Merge pull request #17901 from aschackmull/java/allowlist-sanitizer 
Java: Add a default taint sanitizer for contains-checks on lists of constants
 2024-11-27 11:09:05 +01:00
Owen Mansel-Chan
c580046f8c Merge pull request #18121 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-11-27 09:37:19 +00:00
Simon Friis Vindum
9ec9d79b4f Rust: Add additional tests for flow through structs 2024-11-27 10:10:49 +01:00
Simon Friis Vindum
46abb9083b Merge pull request #18115 from paldepind/rust-rename-expr 
Rust: Rename `expr` on `CallExpr` and `LetExpr`
 2024-11-27 09:41:04 +01:00
Anders Schack-Mulligen
5ef496dd1b Java: Add more qldoc. 2024-11-27 09:07:35 +01:00
Tom Hvitved
7402276ec7 Data flow: Move more logic into DataFlowImplCommon 2024-11-27 09:03:37 +01:00
Anders Schack-Mulligen
85778f7fea Java: Fix semantic merge conflict in expected file. 2024-11-27 08:53:41 +01:00
Simon Friis Vindum
8f886c6603 Merge pull request #18088 from paldepind/rust-self-parameters 
Rust: Handle `self` parameters in variables and SSA library
 2024-11-27 08:42:58 +01:00
Ed Minnix
2b0c7a209b Fix test results 2024-11-26 22:42:24 -05:00
Ed Minnix
a4b2ee1205 Fix generic 2024-11-26 22:42:13 -05:00
Ed Minnix
b820b324bd Change note 2024-11-26 22:32:45 -05:00
Ed Minnix
216d298780 Microsoft.JSInterop models 2024-11-26 22:29:43 -05:00
github-actions[bot]
89b2a6b726 Add changed framework coverage reports 2024-11-27 00:21:55 +00:00
Owen Mansel-Chan
0e94ee81ae Don't getUnderlyingType before looking through pointer type 
If `T` is the type of an embedded field, it is invalid for `T` to be a
named type defined to be a pointer type (`type T *S`). It is also
invalid for `T` to be a type parameter. So this `getUnderlyingType()` is
redundant.
 2024-11-26 22:25:56 +00:00
Owen Mansel-Chan
2cba97e87d Small stylistic improvement 2024-11-26 22:25:55 +00:00
Owen Mansel-Chan
1bc1472b0b Add change note 2024-11-26 22:25:53 +00:00
Owen Mansel-Chan
4990f16ba5 Refactor struct field predicate to remove redundancy 2024-11-26 22:25:48 +00:00
Owen Mansel-Chan
8dc0688b6f Fix bug 2024-11-26 22:25:47 +00:00
Owen Mansel-Chan
593896b40e Add test showing promoted field bug 
NCField should be promoted to EmbedsNameClash. Currently it isn't
because its embedded parent pkg2.NameClash is not a promoted field in
EmbedsNameClash (because of a name clash with pkg1.NameClash), but this
should not make a difference.
 2024-11-26 22:25:41 +00:00
Owen Mansel-Chan
553bc8c13d Merge pull request #18108 from owen-mc/go/mad/model-slices-package 
Go: model `slices` package (skipping functions that involve iterating over a function)
 2024-11-26 21:24:22 +00:00
Edward Minnix III
86c7a49264 Apply suggestions from code review 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-11-26 13:12:16 -05:00
Paolo Tranquilli
556774edc7 Rust: do not put extraction steps in the expected diagnostics 2024-11-26 18:00:15 +01:00
Simon Friis Vindum
92427ab0c1 Merge branch 'main' into rust-rename-expr 2024-11-26 17:40:47 +01:00
Paolo Tranquilli
8abd3c4707 Rust: Remove windows difference from diagnostics 2024-11-26 16:48:49 +01:00
Taus
d779ae5c3e Python: Add change note for CFG pruning fix 
... And also bump the extractor version.
 2024-11-26 15:39:15 +00:00
Paolo Tranquilli
24eb65692f Rust: add some performance diagnostics 
This outputs some duration counts for various parts of the extraction
process in the database in the form of telemetry diagnostics.

The diagnostics format was preferred to putting things in the relational
database as that will scale better to code scanning and is more flexible
as for the data we can put into it without passing through the dbscheme.
Also, although it's not the case yet, it will be possible to output
diagnostics even if creation of the database fails.
 2024-11-26 16:35:38 +01:00
Owen Mansel-Chan
141259c003 Update go/ql/lib/ext/slices.model.yml 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-11-26 14:48:20 +00:00
Simon Friis Vindum
7ab5663fa6 Rust: Address PR feedback 2024-11-26 15:42:19 +01:00
Jeroen Ketema
8d59159691 C++: Fix qlref file 2024-11-26 15:35:52 +01:00
Simon Friis Vindum
d30f3e2822 Rust: Renamed expr on CallExpr and LetExpr 2024-11-26 15:22:14 +01:00
Mathias Vorreiter Pedersen
e42c7452ef C++: Cleanup conjuncts. This doesn't change any behavior. 2024-11-26 13:57:51 +00:00
Mathias Vorreiter Pedersen
39b61598e9 C++: Accept test changes. 2024-11-26 13:57:38 +00:00