hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-19 16:33:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,408 Commits 1,692 Branches 160 Tags
e78091e9d02497ae050e804ce588354707bdec95
Commit Graph

66408 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
e78091e9d0 C++: Sync identical files. 2024-04-26 16:19:02 +01:00
Mathias Vorreiter Pedersen
c10e00d389 C++: Add a subclass for constant instructions with pointer type. 2024-04-26 16:18:52 +01:00
Mathias Vorreiter Pedersen
bf61114284 C++: Add a test with pointer comparisons and float comparisons. 2024-04-26 16:17:45 +01:00
Mathias Vorreiter Pedersen
d6c57de650 C++: Convert one of the tests to also test the 'absolute' versions of the GuardCondition predicates. 2024-04-26 16:11:19 +01:00
Mathias Vorreiter Pedersen
6147a38bea Merge pull request #16337 from MathiasVP/cache-second-level-scope 
DataFlow: Cache `getSecondLevelScope`
 2024-04-26 15:49:11 +01:00
Tamás Vajk
a707e14495 Merge pull request #16338 from tamasvajk/buildless/extractor-timing 
C#: Store buildless extraction timing information and return in telem…
 2024-04-26 15:59:01 +02:00
Tamas Vajk
1d45e3a558 C#: Store buildless extraction timing information and return in telemetry query 2024-04-26 14:59:31 +02:00
Mathias Vorreiter Pedersen
2482519cd3 DataFlow: Cached second level scope. 2024-04-26 13:09:59 +01:00
Asger F
e44d4c45aa Merge pull request #16323 from asgerf/js/expose-internal-module-naming 
JS: Expose InternalModuleNaming
 2024-04-26 13:57:26 +02:00
Jeroen Ketema
8d962a5c28 Merge pull request #16322 from jketema/child-stmt 
C++: Print destructors for children of statements that are again statements
 2024-04-25 22:17:35 +02:00
Jeroen Ketema
389df35fb7 Merge branch 'main' into child-stmt 2024-04-25 21:47:06 +02:00
Geoffrey White
aa80dd41da Merge pull request #16329 from geoffw0/multibyte 
C++: Fix typo.
 2024-04-25 17:26:40 +01:00
Florin Coada
1d421b3b28 Merge pull request #16326 from github/changedocs/2.17.1 
Update codeql-changelog index.rst to include codeql-cli-2.17.1
 2024-04-25 16:08:41 +01:00
Michael B. Gale
a87b991d78 Merge pull request #16325 from github/mbg/go/use-parse-instead-of-parselax 2024-04-25 15:20:36 +01:00
Geoffrey White
0fb71e24cb C++: Fix typo. 2024-04-25 14:52:56 +01:00
Florin Coada
14d04903dc Update codeql-changelog index.rst to include codeql-cli-2.17.1 2024-04-25 14:40:44 +01:00
Tamás Vajk
9c139b591f Merge pull request #16321 from tamasvajk/buildless/log-messages 
C#: Improve log messages
 2024-04-25 15:12:37 +02:00
Michael B. Gale
b8cfff6d19 Go: Use Parse instead of ParseLax, since we need toolchain directives 2024-04-25 14:10:26 +01:00
Michael B. Gale
f33d7ee80d Go: Add unit tests for hasInvalidToolchainVersion 2024-04-25 14:09:47 +01:00
Michael B. Gale
15a6308c72 Go: Refactor condition for EmitInvalidToolchainVersion into separate function 2024-04-25 14:04:00 +01:00
Tamas Vajk
dd9183c345 Code quality improvements 2024-04-25 14:38:26 +02:00
Asger F
d0c9e3f7ad JS: Expose InternalModuleNaming 2024-04-25 13:33:17 +02:00
Asger F
9082972842 Merge pull request #16061 from RasmusWL/js-extractor-fix 
JS: More robust CommonJS/ES2015 detection logic for extractor
 2024-04-25 13:26:56 +02:00
Jeroen Ketema
05819a52ef C++: Print destructors for children of statements that are again statements 2024-04-25 13:25:42 +02:00
Nick Rolfe
116873c9b0 Merge pull request #16314 from github/nickrolfe/rb-sensitive 
Ruby: do fewer regexp matches in SensitiveActions
 2024-04-25 11:56:41 +01:00
Rasmus Wriedt Larsen
290b0fc4ab Merge pull request #16308 from asgerf/js/model-generation-quote 
JS: Fix naming issue in generated models
 2024-04-25 11:36:36 +02:00
Paolo Tranquilli
332d118d93 Merge pull request #16315 from github/redsun82/buildifier 
Bazel: introduce buildifier formatting
 2024-04-25 10:48:18 +02:00
Owen Mansel-Chan
82bbecc9c4 Merge pull request #16307 from owen-mc/go/fix/incomplete-hostname-regex 
Go: fix flow through string concatenation in `go/incomplete-hostname-regex`
 2024-04-25 09:43:51 +01:00
Tamas Vajk
15c1fd9425 C#: Improve log messages 2024-04-25 10:39:53 +02:00
Rasmus Wriedt Larsen
13ff9412a4 Merge pull request #16252 from RasmusWL/move-dataflow-tests 
Python: Move dataflow tests out of experimental
 2024-04-25 10:05:06 +02:00
Jeroen Ketema
9d24b5afa6 Merge pull request #16319 from jketema/ir-comment-fix 
C++: Fix comment in IR test
 2024-04-25 09:59:58 +02:00
Jeroen Ketema
95ec4e8d26 C++: Fix comment in IR test 2024-04-24 21:47:47 +02:00
Tom Hvitved
17e0cc5648 Merge pull request #16313 from hvitved/dataflow/fix-bad-join3 
Data flow: Fix bad join
 2024-04-24 17:09:14 +02:00
Paolo Tranquilli
196b6d7a1d CI: simplify reporting 2024-04-24 16:43:38 +02:00
Paolo Tranquilli
9def57250d CI: make reporting better 2024-04-24 16:35:50 +02:00
Paolo Tranquilli
9af9873e04 CI: add names to steps 2024-04-24 16:20:54 +02:00
Paolo Tranquilli
9f5782b67b Bazel: introduce buildifier formatting 
This introduces tooling and enforcement for formatting bazel files.

The tooling is provided as a bazel run target from
[keith/buildifier-prebuilt](https://github.com/keith/buildifier-prebuilt).

This is used in a [`pre-commit`](https://pre-commit.com/) hook for those
having that installed. In turn this is used in a CI check. Relying on a
`pre-commit` action gives us easy checking that buildifying did not
change anything in the files and printing the diff, without having to
hand-roll the check ourselves.

This enforcement will make usage of gazelle easier, as gazelle itself
might reformat files, even outside of `go`. Having them properly
formatted will allow gazelle to leave them unchanged, without needing
to configure awkward exclude directives.
 2024-04-24 15:49:48 +02:00
Owen Mansel-Chan
c61177cf42 Add change note 2024-04-24 14:21:59 +01:00
Owen Mansel-Chan
4140942479 Update tests 2024-04-24 14:19:33 +01:00
Owen Mansel-Chan
fd306ed79b Exclude constant names from sources to avoid duplicate results 2024-04-24 14:19:30 +01:00
Owen Mansel-Chan
8962307291 Add second good go file to tests 2024-04-24 14:19:29 +01:00
Owen Mansel-Chan
0000c72329 Remove attempt at avoiding duplicate alerts 2024-04-24 14:19:26 +01:00
Owen Mansel-Chan
3ef7a0932a Add flow through string concatenation 2024-04-24 14:19:25 +01:00
Tamás Vajk
f29d2c21bd Merge pull request #16312 from tamasvajk/fix/buildless/file-lookup 
C#: Fix `global.json` and `packages.config` lookup
 2024-04-24 15:05:55 +02:00
Tamás Vajk
3b44b131b9 Merge pull request #16311 from tamasvajk/fix/resx 
C#: Do not download `Microsoft.CodeAnalysis.ResxSourceGenerator` when…
 2024-04-24 13:49:55 +02:00
Tamas Vajk
4a97f95890 Improve code quality 2024-04-24 13:47:25 +02:00
Tamás Vajk
84ea3a9a2c Merge pull request #16310 from tamasvajk/buildless/nuget_versions 
C#: Add integration test with multiple versions of the same nuget pac…
 2024-04-24 13:33:27 +02:00
Nick Rolfe
8f2e51faa6 Ruby: do fewer regexp matches in SensitiveActions 2024-04-24 12:32:49 +01:00
Owen Mansel-Chan
f828f8ea65 Merge pull request #16250 from owen-mc/go/rename-untrusted-flow-source 
Go: Rename `UntrustedFlowSource` to `RemoteFlowSource` to match other language libraries
 2024-04-24 11:37:00 +01:00
Tom Hvitved
95d579d9de Data flow: Fix bad join 
```
Evaluated relational algebra for predicate _DataFlowImpl::Impl<HardcodedDataInterpretedAsCodeQuery::HardcodedDataInterpretedAsCodeFlow::C>::ret__#count_range@d112335l with tuple counts:
            285176  ~2%    {3} r1 = SCAN `_DataFlowDispatch::DataFlowCall.getEnclosingCallable/0#dispred#b7b78b19_DataFlowImpl::Impl<Hardcoded__#shared` OUTPUT In.1, In.0, In.2
        3265592261  ~3%    {5}    | JOIN WITH `DataFlowImpl::Impl<HardcodedDataInterpretedAsCodeQuery::HardcodedDataInterpretedAsCodeFlow::C>::returnCallEdge1/4#d02cae42_2301#join_rhs` ON FIRST 2 OUTPUT Lhs.0, Lhs.2, Rhs.2, Lhs.1, Rhs.3
             39070  ~8%    {6}    | JOIN WITH `DataFlowImplCommon::Cached::viableImplInCallContextExt/2#58e931ad` ON FIRST 3 OUTPUT Lhs.0, Lhs.3, Lhs.1, Lhs.2, Lhs.4, _
             39070  ~0%    {6}    | REWRITE WITH Out.5 := 1
                           return r1
```
 2024-04-24 12:22:28 +02:00