hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 08:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,970 Commits 1,693 Branches 160 Tags
e04dea10c8ea85756e10131a8febc86a3023024e
Commit Graph

79970 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Farebrother
e04dea10c8 Merge pull request #19554 from joefarebrother/python-qual-iter-not-return-self 
Python: Modernize iter not returning self query
 2025-06-13 13:13:31 +01:00
Napalys Klicius
0906d85b39 Merge pull request #19726 from Napalys/js/quality/string_interpolation 
JS: Promote `js/template-syntax-in-string-literal` to the Code Quality suite.
 2025-06-13 13:36:53 +02:00
Tom Hvitved
ad64e04475 Merge pull request #19737 from hvitved/rust/type-inference-string-str-deref 
Rust: Model `String` -> `str` implicit conversion in type inference
 2025-06-13 13:09:24 +02:00
Tom Hvitved
66c0ff61bb Rust: Model String -> str implicit conversion in type inference 2025-06-13 11:32:23 +02:00
Tom Hvitved
1acd636553 Merge pull request #19745 from hvitved/rust/path-resolution-has-implementation 
Rust: Use `hasImplementation` in path resolution
 2025-06-13 11:17:03 +02:00
Tom Hvitved
3d18e3ea8f Rust: Use hasImplementation in path resolution 2025-06-13 08:44:44 +02:00
Tom Hvitved
5b5074e922 Rust: Add another type inference test 2025-06-12 21:48:40 +02:00
Paolo Tranquilli
55eb9fb838 Merge pull request #19712 from github/redsun82/python-black 
Add `black` pre-commit hook
 2025-06-12 20:49:56 +02:00
Paolo Tranquilli
22c490ce4e Merge pull request #19667 from github/redsun82/rust-mad 
Rust: Use QL computed canonical paths in MaD `Field` tokens
 2025-06-12 20:48:41 +02:00
Paolo Tranquilli
a5dba9b54f Merge pull request #19649 from github/redsun82/rust-has-implementation 
Rust: extract `hasImplementation` on functions and consts
 2025-06-12 15:19:23 +00:00
Simon Friis Vindum
e30a9e9906 Merge pull request #19685 from paldepind/rust/df-operator-overloading 
Rust: Data flow through overloaded operators
 2025-06-12 17:08:16 +02:00
Tom Hvitved
70c3ae4609 Merge pull request #19727 from hvitved/shared/type-inference-doc 
Shared: Add elaborate QL doc to `TypeInference.qll`
 2025-06-12 16:31:50 +02:00
Paolo Tranquilli
b102d5c39d Rust: accept test changes 2025-06-12 16:19:17 +02:00
Paolo Tranquilli
836b81de40 Rust: fix mdoel 2025-06-12 15:50:21 +02:00
Paolo Tranquilli
506ea11d07 Rust: simplify upgrade script 2025-06-12 15:31:11 +02:00
Napalys Klicius
28ae39694f Merge pull request #19741 from Napalys/js/quality/suspicious_method_names 
JS: Promote `js/suspicious-method-name-declaration` to the Code Quality suite.
 2025-06-12 15:30:13 +02:00
Paolo Tranquilli
ad7fb9c061 Merge branch 'main' into redsun82/rust-has-implementation 2025-06-12 15:25:59 +02:00
Napalys Klicius
d7ad625de3 JS: restrict type tracking to strings of interest. 2025-06-12 14:28:00 +02:00
Arthur Baars
e1b4dea52f Merge pull request #19742 from github/nickrolfe/rust-readme 
Rust: fix typo in README.md
 2025-06-12 14:26:19 +02:00
Napalys Klicius
da5cd251be Update javascript/ql/src/LanguageFeatures/TemplateSyntaxInStringLiteral.ql 
Co-Authored-By: Asger F <316427+asgerf@users.noreply.github.com>
 2025-06-12 14:25:00 +02:00
Simon Friis Vindum
2dd2f2e72b Rust: Address review comments 2025-06-12 14:12:27 +02:00
Nick Rolfe
02b75e884e Rust: fix typo in README.md 2025-06-12 13:00:23 +01:00
Napalys Klicius
e6d26912e0 Update javascript/ql/src/Declarations/SuspiciousMethodNameDeclaration.qhelp 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-12 13:10:27 +02:00
Tom Hvitved
93fd6ec826 Merge pull request #19729 from hvitved/rust/type-inference-adjust-type-relevant-access 
Rust: Also apply `adjustedAccessType` in `RelevantAccess`
 2025-06-12 13:04:13 +02:00
Napalys Klicius
7b91a57eb1 JS: add change note. 2025-06-12 12:19:39 +02:00
Paolo Tranquilli
455490436c Rust: fix dataflow models test expectation 2025-06-12 12:16:37 +02:00
Tom Hvitved
9e6ce98491 Merge pull request #19728 from hvitved/rust/type-inference-debug-predicates 
Rust: Add another type inference debug predicate
 2025-06-12 12:15:19 +02:00
Tom Hvitved
1ec376073b Update shared/typeinference/codeql/typeinference/internal/TypeInference.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2025-06-12 12:14:52 +02:00
Napalys Klicius
75ee649362 JS: add change note 2025-06-12 12:14:14 +02:00
Napalys Klicius
923aff2439 JS: Fixed false positive on manual string interpolation. 2025-06-12 11:35:33 +02:00
Owen Mansel-Chan
538a5af1d1 Merge pull request #19738 from owen-mc/pr/felickz/19530 
Set CWE-134 from 9.3 to 7.3 CVSS score for memory safe languages (#2)
 2025-06-12 10:27:28 +01:00
Napalys Klicius
bafe7e66ad JS: Fix template literal detection in string concatination 2025-06-12 11:18:20 +02:00
Simon Friis Vindum
8cde1eefb2 Rust: Remove Access from adjustAccessType 2025-06-12 11:16:32 +02:00
Simon Friis Vindum
f138f77cc1 Rust: Only adjust access type for method call expressions 2025-06-12 11:16:30 +02:00
Simon Friis Vindum
03c9a78bfb Rust: Simplify accessDeclarationPositionMatch 2025-06-12 11:16:29 +02:00
Simon Friis Vindum
3463ebd8ce Rust: Adapt data flow consistency queries to ! being a call 
The exact same problem occurs in Ruby, hence the `multipleArgumentCallExclude` implementation is adapted from Ruby's.
 2025-06-12 11:16:28 +02:00
Simon Friis Vindum
fecd445e78 Rust: Use Call in data flow 2025-06-12 11:16:26 +02:00
Simon Friis Vindum
5642445e1d Rust: Fix canonical path for Deref trait 2025-06-12 11:16:25 +02:00
Simon Friis Vindum
7684e01c3a Rust: Use Call in type inference 2025-06-12 11:16:19 +02:00
Napalys Klicius
861e4ee11e JS: Added test cases including manual interpolation and string concatination. 2025-06-12 11:15:36 +02:00
Simon Friis Vindum
47864781c1 Rust: Add abstraction over all kinds of calls 2025-06-12 11:12:06 +02:00
Simon Friis Vindum
ce1c9fbec1 Rust: Account for arity in operator overloading 
For instance the binary `&` is overloadable but the prefix `&` is not. Similarly, `*` has a different target depending on if it's prefix or infix.
 2025-06-12 11:12:04 +02:00
Simon Friis Vindum
18583550ae Rust: Add data flow tests for operator overloading 2025-06-12 11:12:03 +02:00
Paolo Tranquilli
3c834de5be Rust: fix dataflow models test 2025-06-12 11:04:30 +02:00
Tom Hvitved
d667f7d411 Merge pull request #19732 from hvitved/rust/builtin-canonical-paths 
Rust: Generate canonical paths for builtins
 2025-06-12 10:47:00 +02:00
Paolo Tranquilli
85e9f5a3b0 Merge pull request #19559 from github/redsun82/rust-extract-libs 
Rust: move body skipping logic to code generation
 2025-06-12 10:45:30 +02:00
Tom Hvitved
649481e279 Merge pull request #19657 from hvitved/rust/type-inference-index-expr-simple 
Rust: Simple type inference for index expressions
 2025-06-12 10:27:09 +02:00
Owen Mansel-Chan
23cbc6abc4 Merge pull request #19723 from apsscolari/update-precision-java-concatenated-command-line 
Update precision java concatenated command line
 2025-06-12 09:23:00 +01:00
Geoffrey White
fdf1dca28f Merge pull request #19735 from geoffw0/canonical 
Rust: Update RegexInjectionExtensions to use getCanonicalPath.
 2025-06-12 09:14:52 +01:00
Napalys Klicius
c5a1421405 JS: promote suspicious-method-name-declaration to quality query. 2025-06-12 09:54:01 +02:00