hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 13:15:21 +02:00
Code Issues Packages Projects Releases Wiki Activity
72,738 Commits 1,742 Branches 166 Tags
e52e1b0c1fe053bc096cd65fab956fea07181ce8
Commit Graph

1297 Commits

Author SHA1 Message Date
Chris Smowton
288e0ec565 component_tags -> struct_tags 2024-10-08 19:23:20 +01:00
Chris Smowton
c1a1edf24e Autoformat 2024-10-08 19:23:19 +01:00
Chris Smowton
74cba9056b Optimise join orders 2024-10-08 19:23:18 +01:00
Chris Smowton
d04a0f4b87 Add note explaining how to regenerate dbscheme 2024-10-08 19:23:17 +01:00
Chris Smowton
1511927a2b Remove unnecessary table population on upgrade 2024-10-08 19:23:15 +01:00
Chris Smowton
fd615fb7a3 Prevent bad magic 2024-10-08 19:23:14 +01:00
Chris Smowton
442e58188b Update stats 2024-10-08 19:23:13 +01:00
Chris Smowton
7a7ff4a91e Apply review comments 2024-10-08 19:23:11 +01:00
Chris Smowton
22ed2f9ae3 Autoformat CodeQL 2024-10-08 19:23:09 +01:00
Chris Smowton
9bb2a4bfce Change note 2024-10-08 19:23:07 +01:00
Chris Smowton
dcbb66d366 Go: extract and expose struct tags, interface method IDs 
This enables us to distinguish all database types in QL. Previously structs with the same field names and types but differing tags, and interface types with matching method names and at least one non-exported method but declared in differing packages, were impossible or only sometimes possible to distinguish in QL. With this change these types can be distinguished, as well as permitting queries to examine struct field tags, e.g. to read JSON field name associations.
 2024-10-08 19:23:06 +01:00
Ed Minnix
f8335e6163 Fix formatting 2024-10-01 15:58:07 -04:00
Edward Minnix III
91b7a6cbd8 Wording of change note 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-10-01 15:56:43 -04:00
Edward Minnix III
1f932d407f Remove unnecessary asExpr() 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-10-01 15:56:42 -04:00
Ed Minnix
d80a1487be Add change note 2024-10-01 15:56:37 -04:00
Ed Minnix
e18389718c Implement stdin models 
Unfortunately due to how variable and varargs work, these are better
done in QL
 2024-10-01 15:56:31 -04:00
github-actions[bot]
e97878ed63 Post-release preparation for codeql-cli-2.19.1 2024-09-30 19:49:00 +00:00
github-actions[bot]
455c8c5953 Release preparation for version 2.19.1 2024-09-30 17:59:48 +00:00
Chris Smowton
ca68aaa0de Remove test code 2024-09-27 19:07:00 +01:00
Owen Mansel-Chan
796db77104 Add comments noting methods from embedded interfaces are already included 2024-09-27 15:03:09 +01:00
Owen Mansel-Chan
fdff209938 Merge pull request #17505 from owen-mc/go/inheritance-tests 
Go: Add tests for model inheritance and fix bug in promoted methods
 2024-09-26 16:42:25 +01:00
Rasmus Wriedt Larsen
381ea93ec3 Merge pull request #17424 from RasmusWL/active-threat-model-source 
Go/Java/C#: Rename `ThreatModelFlowSource` to `ActiveThreatModelSource`
 2024-09-26 13:08:17 +02:00
Owen Mansel-Chan
bcb718ac77 Add change note 2024-09-24 21:39:49 +01:00
Chris Smowton
d673d24ca6 Revise notation to more closely resemble real Go 2024-09-24 17:22:26 +01:00
Chris Smowton
40035a0b62 Improve pretty-printer 2024-09-24 17:18:09 +01:00
Chris Smowton
4d3a140dd7 Expose whether functions are variadic in their pp() output 2024-09-24 17:18:08 +01:00
Owen Mansel-Chan
6e428d5083 Fix bug where some methods were inappropriately promoted 2024-09-24 16:25:53 +01:00
Chuan-kai Lin
1cd8af54f2 Merge pull request #17190 from github/cklin/diff-informed-java-queries 
Java: add support for alert location restrictions
 2024-09-23 08:39:24 -07:00
Rasmus Wriedt Larsen
63c3a71d95 Merge branch 'main' into active-threat-model-source 2024-09-23 11:18:14 +02:00
Anders Schack-Mulligen
3a1e50dcf9 Dataflow: Simplify diff-informed implementation and tweak flag name. 2024-09-20 07:07:10 -07:00
github-actions[bot]
79be301984 Post-release preparation for codeql-cli-2.19.0 2024-09-16 14:09:32 +00:00
Chris Smowton
be02864281 Copyedit 2024-09-16 12:25:49 +01:00
github-actions[bot]
acdafd9646 Release preparation for version 2.19.0 2024-09-16 10:56:10 +00:00
Dave Bartolomeo
485fc04029 Initial merge from main 2024-09-15 08:55:31 -04:00
Rasmus Wriedt Larsen
66b61ee25a Go/Java/C#: Add change-note 2024-09-12 10:16:55 +02:00
Rasmus Wriedt Larsen
8c10155eb7 mass rename to ActiveThreatModelSource 2024-09-12 10:16:55 +02:00
Chuan-kai Lin
ff78bebf19 Shared support for alert filtering 2024-09-11 13:18:26 -07:00
Owen Mansel-Chan
270fa8d507 Add change note 2024-09-10 16:58:24 +01:00
Rasmus Wriedt Larsen
038bc832a7 Go/Java/C#: Rename to ActiveThreatModelSource 
As part of adding support for threat-models to Python/JS (see
https://github.com/github/codeql/pull/17203), we ran into some trouble
with name clashes.

Naming in existing languages supporting threat-models:
- `SourceNode` (for QL only modeling)
- `ThreatModelFlowSource` (for active sources from QL or data-extensions)

However, since we use `LocalSourceNode` in Python, and `SourceNode` in
JS (for local source nodes), it seems a bit confusing to follow the same
naming convention as other languages, and we had to come up with new names.

Initially I used `ThreatModelSource` for the "QL only modeling", but
that meant that we needed a new name to represent the active sources
coming from either QL or data-extensions... for this I came up with
`ActiveThreatModelSource`, and I really liked it. To me, it's much
clearer that this class only contains the currently active threat
model sources.

So to align languages, I got approval from @michaelnebel to rename the
existing classes.
 2024-09-10 14:46:15 +02:00
github-actions[bot]
97edff3f70 Post-release preparation for codeql-cli-2.18.4 2024-09-09 18:45:46 +00:00
github-actions[bot]
91537cdf9a Release preparation for version 2.18.4 2024-09-09 16:08:48 +00:00
Michael B. Gale
d69c1e9af6 Accept suggestion from review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-09-09 12:19:30 +01:00
Michael B. Gale
c34fe9eda2 Go: Add change note for 1.23 support 2024-09-06 10:52:10 +01:00
Owen Mansel-Chan
013ee34de7 Merge pull request #17381 from owen-mc/go/fix/qldoc/resultvariabledecl 
Go: Fix QLDoc for ResultVariableDecl
 2024-09-05 11:57:45 +01:00
Owen Mansel-Chan
9786934d9a Remove errant space at end of line 2024-09-05 11:27:20 +01:00
Owen Mansel-Chan
5bafa8ace2 Add comment about x, y int being a single ResultVariableDecl 2024-09-05 10:27:11 +01:00
Owen Mansel-Chan
351c50afc1 Fix QLDoc for ResultVariableDecl 2024-09-04 14:02:35 +01:00
Michael B. Gale
cd8a5d7707 Merge pull request #17378 from github/mbg/go/improve-typeparamtype 
Go: Add `getParent` and `getIndex` for `TypeParamType`
 2024-09-04 13:31:51 +01:00
Michael B. Gale
db72bd4f96 Go: Add getParent and getIndex for TypeParamType 2024-09-04 12:28:58 +01:00
Erik Krogh Kristensen
4258119ba3 Merge branch 'main' into del-deps-sep-2024 2024-09-04 12:43:41 +02:00