hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-23 15:55:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
60,954 Commits 1,742 Branches 165 Tags
dfffa1e23740e487f02ffe3e7e7f6aa287f7aefc
Commit Graph

60954 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
dfffa1e237 Apply suggestions from code review 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2023-11-21 10:07:11 +00:00
Max Schaefer
d147faba4e Update qhelp for js/path-injection. 2023-11-20 11:58:00 +00:00
Shati Patel
8b6a9180dc Merge pull request #14819 from p-/p--fix-doc-vscode-ext-property 
Doc: Fix name of VS Code settings property to use extension packs
 2023-11-16 16:23:54 +00:00
Stephan Brandauer
cb7213d87a Merge pull request #14818 from github/kaeluka/application-mode-erase-type-signatures-of-generic-types 
Java Automodel extraction: fix extracted meta information by using Object for the type of generic parameters
 2023-11-16 17:17:47 +01:00
Paolo Tranquilli
f3482684a6 Merge pull request #14805 from github/redsun82/rename-cc_binary_add_features 
Bazel/CMake: support new internal transition rules
 2023-11-16 17:10:40 +01:00
Mathias Vorreiter Pedersen
a10f94af81 Merge pull request #14810 from MathiasVP/fix-ref-deref-duplication 
C++: Fix dataflow duplication from `ReferenceDereference` expressions
 2023-11-16 16:10:07 +00:00
Peter Stöckli
de3d15b277 Doc: Fix name of VS Code settings property to use extension packs 2023-11-16 16:53:12 +01:00
Mathias Vorreiter Pedersen
c5d2866948 Merge pull request #14812 from MathiasVP/no-dtt-in-Integer-overflow-tainted 
C++: Convert `cpp/integer-overflow-tainted` away from DefaultTaintTracking
 2023-11-16 15:24:13 +00:00
Stephan Brandauer
74a195b4f4 Java Automodel extraction: fix extracted meta information by using Object for the type of generic parameters 2023-11-16 16:08:04 +01:00
Max Schaefer
ca334021ad Merge pull request #14793 from github/max-schaefer/tainted-path-qhelp 
Java: Improve QHelp for `java/path-injection` to mention less disruptive fixes.
 2023-11-16 14:09:55 +00:00
Stephan Brandauer
69ab389d9f Merge pull request #14795 from github/kaeluka/skip-this-qualifier-ctor-candidates 
Java: Automodel Extraction: Remove Qualifier Endpoints of Constructors
 2023-11-16 14:54:19 +01:00
Mathias Vorreiter Pedersen
da2215e7e5 C++: Accept test changes. 2023-11-16 13:54:13 +00:00
Mathias Vorreiter Pedersen
30f0b8ab2b Merge pull request #14808 from jketema/jketema/del-fmt-global 
C++: Delete `cpp/tainted-format-string-through-global`
 2023-11-16 13:44:21 +00:00
Tom Hvitved
75f42f4614 Merge pull request #14783 from hvitved/ruby/hash-array-literal 
Ruby: Include more nodes in `{Hash,Array}LiteralCfgNode`
 2023-11-16 13:51:35 +01:00
Henry Mercer
0c1fb8c881 Merge pull request #14811 from github/henrymercer/remove-lines-of-non-user-code-from-summary 
Remove LoC metrics from the analysis summary
 2023-11-16 12:30:55 +00:00
Rasmus Wriedt Larsen
4f9303eb02 Merge pull request #14790 from RasmusWL/clean-tests 
Python: Accept new ordering of query predicates in `.expected`
 2023-11-16 13:23:35 +01:00
Mathias Vorreiter Pedersen
078f223052 C++: Rewrite 'cpp/cpp/integer-overflow-tainted' away from DefaultTaintTracking. 2023-11-16 12:01:38 +00:00
Tom Hvitved
2c23dacca1 Ruby: Add more hash/array literal tests 2023-11-16 12:58:53 +01:00
Max Schaefer
a5e7ef424e Revert "Add additional example." 
This reverts commit 947b094387.
 2023-11-16 11:54:16 +00:00
Stephan Brandauer
84e58b77aa Java Automodel: remove Qualifiers of constructors from endpoints 2023-11-16 12:44:53 +01:00
Stephan Brandauer
3092640115 Java Automodel: make test case for Argument[this] sink candidates in ctors in framework mode 2023-11-16 12:42:50 +01:00
Max Schaefer
143e1680bd Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-11-16 11:42:35 +00:00
Henry Mercer
de83929a60 Remove LoC metrics from the analysis summary 2023-11-16 11:36:44 +00:00
Stephan Brandauer
d7c97d9d92 Java Automodel: remove constructor instance arguments from endpoints and update test expectations 2023-11-16 12:27:23 +01:00
Stephan Brandauer
30925da7d9 Java Automodel: tests that demonstrate that there is no sink candidate of an object being constructed in app mode 2023-11-16 12:24:41 +01:00
Mathias Vorreiter Pedersen
d25c24b64d C++: Reduce code duplication by moving shared code into a module. 2023-11-16 10:52:46 +00:00
Mathias Vorreiter Pedersen
5a7cb8f25a C++: Fix duplication on reference dereference expressions. 2023-11-16 10:52:35 +00:00
Mathias Vorreiter Pedersen
799873113f C++: Add a test that demonstrates reference dereference duplication. 2023-11-16 10:52:14 +00:00
Mathias Vorreiter Pedersen
f8feb84958 C++: Accept test changes from refactoring QL files. 2023-11-16 10:52:10 +00:00
Mathias Vorreiter Pedersen
6a1504b91c C++: Slightly refactor test QL files so that we can add a test which tests the nodes being selected. 2023-11-16 10:50:56 +00:00
Stephan Brandauer
f1001374fd Merge pull request #14642 from github/kaeluka/publish-automodel-querypack-007 
Java: Publish Automodel query pack 0.0.7
 2023-11-16 11:50:32 +01:00
Rasmus Wriedt Larsen
25d3af9236 Merge branch 'main' into clean-tests 2023-11-16 11:21:01 +01:00
Jeroen Ketema
1f3f1b5ec4 Merge pull request #14809 from MathiasVP/move-change-note 
C++: Move change note
 2023-11-16 11:14:14 +01:00
Max Schaefer
947b094387 Add additional example. 2023-11-16 10:06:19 +00:00
Max Schaefer
009d58034f Address suggestions from review. 2023-11-16 10:05:54 +00:00
Mathias Vorreiter Pedersen
5c0fb2030d C++: Move change note. 2023-11-16 09:57:08 +00:00
Jeroen Ketema
2eb67549e6 C++: Tweak change note slightly 2023-11-16 10:56:47 +01:00
Jeroen Ketema
afe318edbe C++: Delete cpp/tainted-format-string-through-global 2023-11-16 10:52:05 +01:00
Rasmus Wriedt Larsen
71ef98584d Merge pull request #14791 from RasmusWL/python-3.12 
Python: Update `.expected` to support Python 3.12
 2023-11-16 10:42:48 +01:00
Tom Hvitved
6bba191407 Merge pull request #14710 from hvitved/type-tracking/prepare-ruby 
Prepare shared type tracking library for adoption by Ruby
 2023-11-16 10:34:32 +01:00
Rasmus Wriedt Larsen
df144f3a1e Merge pull request #14406 from amammad/amammad-python-FileSystemAccess 
Python: New FileSystem Access
 2023-11-16 10:25:34 +01:00
Rasmus Wriedt Larsen
a46dc55e84 Merge branch 'main' into python-3.12 2023-11-16 09:34:06 +01:00
Paolo Tranquilli
615a128770 Bazel/CMake: support new internal transition rules 2023-11-16 09:04:58 +01:00
Tamás Vajk
14268f3c63 Merge pull request #14792 from tamasvajk/standalone/assembly-attribute 
C#: Fix assembly attribute extraction in standalone mode
 2023-11-16 08:09:14 +01:00
Sam Browning
408ba517e5 Merge pull request #14776 from github/sabrowning1/queries-panel-language-selector 
Add content for the queries panel and language selector
 2023-11-15 17:30:21 -05:00
Mathias Vorreiter Pedersen
4d4ca6b948 Merge pull request #14794 from MathiasVP/catch-more-return-stack-allocated-memory 
C++: Catch more returns of stack-allocated memory
 2023-11-15 19:23:24 +00:00
Sam Browning
d443354651 Apply feedback and fix syntax 2023-11-15 11:35:33 -05:00
Tom Hvitved
57f6859ddc Shared: Update type tracking consistency checks 2023-11-15 17:08:05 +01:00
Tom Hvitved
5f087f0084 Shared: Port features from Ruby's type tracking library to the shared library 
- Cache relevant predicates.
- Expose some predicates and classes (only exposed internally).
- Make some top-level `inline_late` predicates member predicates.
- Actually eliminate type check in `flowsTo`.
- Fix bug in `getACompatibleTypeTracker`.
- Adopt the `CallGraphConstruction` module.
 2023-11-15 17:08:05 +01:00
Tom Hvitved
f66f7ce8d7 Shared: Split up TypeTracking.qll into two files 2023-11-15 17:07:27 +01:00