hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-13 06:24:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,652 Commits 1,681 Branches 158 Tags
ecf568629bc3fa613cebde7beda35c35f7cab573
Commit Graph

48652 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tony Torralba
ecf568629b Add ExprAggregate as a negative edge in getConjunctionParentRec 2023-01-11 09:41:16 +01:00
Tony Torralba
ae8c75ac97 Generalize ConjunctionParent 2023-01-10 16:08:42 +01:00
Tony Torralba
36ca97e4f6 Add exclusions to reduce FP 
Predicate parameters that have a database type are excluded.

Also, uses of the exists variable in an agreggation or another quantifier are excluded.
 2022-12-22 11:15:07 +01:00
Tony Torralba
7d0018c897 Update ql/ql/src/queries/style/OmittableExists.ql 2022-12-21 17:16:34 +01:00
Tony Torralba
ac0c42c5c6 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-21 16:16:58 +01:00
Tony Torralba
227e099854 Apply code review suggestions 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-12-21 12:40:29 +01:00
Tony Torralba
aa1d49cb95 Add OmittableExists QL-for-QL query 2022-12-21 12:26:58 +01:00
yoff
4480262bd1 Merge pull request #11244 from github/python/support-grouped-exceptions 
Python: support grouped exceptions
 2022-12-21 10:10:37 +01:00
Tony Torralba
690dd47990 Merge pull request #11764 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-12-21 09:30:29 +01:00
github-actions[bot]
eb98bb2842 Add changed framework coverage reports 2022-12-21 00:15:01 +00:00
Erik Krogh Kristensen
a1639c438f Merge pull request #11762 from erik-krogh/fixParent 
QL: fix `getAnnotation()` for new-type branches with parameters
 2022-12-20 18:18:39 +01:00
erik-krogh
ab9855e196 fix getAnnotation() for new-type branches with parameters 2022-12-20 15:55:54 +01:00
Jami
c9258effb6 Merge pull request #11572 from jcogs33/jcogs33/model-top-jdk-apis 
Java: model top 100 JDK APIs
 2022-12-20 09:13:53 -05:00
Jami
dc0bad3dc5 update change note 
Co-authored-by: yo-h <55373593+yo-h@users.noreply.github.com>
 2022-12-20 07:55:58 -05:00
Erik Krogh Kristensen
073e9bc52f Merge pull request #11173 from erik-krogh/notDead 
QL: improve the dead-code query
 2022-12-20 13:36:58 +01:00
Erik Krogh Kristensen
b1e6a86a4b Merge pull request #11757 from erik-krogh/treesitter-qldoc 
QL/RB: make top TreeSitter.qll comment into a qldoc
 2022-12-20 13:36:31 +01:00
Rasmus Lerchedahl Petersen
f5e33ac00a Merge remote-tracking branch 'origin/main' into python/support-grouped-exceptions 2022-12-20 13:31:50 +01:00
Erik Krogh Kristensen
b5b0a64081 Merge pull request #11751 from jacola/main 
Fix javascript syntax
 2022-12-20 13:02:23 +01:00
Rasmus Lerchedahl Petersen
ad6ed2f629 python: update expectations 
extra tests
 2022-12-20 13:01:27 +01:00
Erik Krogh Kristensen
6be223ad6d Merge pull request #11756 from aibaars/fix-ql-module-parameter 
QL: fix visibility of module parameters
 2022-12-20 12:59:07 +01:00
erik-krogh
2ff23a6fc0 make top TreeSitter.qll comment into a qldoc 2022-12-20 11:39:06 +01:00
Arthur Baars
c8255770bc QL: fix visibility of module parameters 2022-12-20 11:22:20 +01:00
Tony Torralba
149cae9603 Merge pull request #10971 from joefarebrother/android-certificate-pinning 
Java: Add Android missing certificate pinning query (CWE-295)
 2022-12-20 11:03:16 +01:00
Arthur Baars
bad5c65144 Add test 2022-12-20 10:37:57 +01:00
Mathias Vorreiter Pedersen
cbe330eb7b Merge pull request #11693 from jketema/argv-param-flowsource 
C++: Define the `argv` flow source in terms the input parameter
 2022-12-20 09:30:19 +00:00
Tony Torralba
3e7a819fe7 Simplification 2022-12-20 09:42:25 +01:00
Jeroen Ketema
edc768b43b Merge pull request #11707 from smowton/smowton/fix/java-empty-multiline-comment 
Java: handle printing an empty comment (/**/); add relevant tests
 2022-12-20 08:07:42 +01:00
Jacques
b99c500435 Fix associated test 2022-12-20 12:51:13 +09:00
Jacques
97b8126385 Fix javascript 2022-12-20 12:45:59 +09:00
Sid Shankar
52cafdf25f Merge pull request #11745 from github/sidshank/remove-lgtm-for-go 2022-12-19 21:49:02 -05:00
Sid Shankar
ae3e25786f Remove LGTM references from README.md + cleanup 2022-12-19 20:51:01 +00:00
Sid Shankar
35000e5d7e Remove LGTM reference from CONTRIBUTING.md 2022-12-19 20:12:23 +00:00
Jami Cogswell
19deb59d07 Java: sort neutral models alphabetically 2022-12-19 14:22:17 -05:00
Tony Torralba
a47ef17a0d Update java/ql/src/Security/CWE/CWE-295/AndroidMissingCertificatePinning1.java 
Co-authored-by: Edward Minnix III <egregius313@github.com>
 2022-12-19 18:11:54 +01:00
Chris Smowton
ebc0b0c4d6 Merge pull request #11665 from smowton/smowton/admin/revert-kotlin-default-method-type-erasure 
Kotlin: Revert type erasure within $default functions
 2022-12-19 16:33:20 +00:00
Edward Minnix III
39a7c7bb12 Merge pull request #11282 from egregius313/egregiu313/webview-addjavascriptinterface 
Java: Query for detecting addJavascriptInterface method calls
 2022-12-19 11:28:45 -05:00
Tony Torralba
624c9ff834 Update java/ql/src/Security/CWE/CWE-295/AndroidMissingCertificatePinning1.java 2022-12-19 17:26:41 +01:00
Jeroen Ketema
0c710479ec C++: Update experimental test changes 2022-12-19 16:35:24 +01:00
Tony Torralba
0c6ace350f Update java/ql/src/Security/CWE/CWE-295/AndroidMissingCertificatePinning.ql 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-12-19 16:24:39 +01:00
Arthur Baars
016c7a8ca7 Merge pull request #11719 from aibaars/alert-suppression-shared 
Shared AlertSuppression library
 2022-12-19 16:04:44 +01:00
Henning Makholm
ca1c46331a Merge pull request #11731 from github/hmakholm/pr/no-option 
remove com.semmle.util.data.Option from from extractor code interface II
 2022-12-19 15:36:51 +01:00
Erik Krogh Kristensen
f136651384 Merge pull request #11575 from erik-krogh/kernelLoad 
Rb: add Kernel methods as sinks to path-injection
 2022-12-19 15:09:21 +01:00
Jami Cogswell
a8ee633acd Java: apply review suggestions 2022-12-19 09:09:01 -05:00
James Fletcher
55a04e7ff8 Merge pull request #11736 from github/jf205-patch-1 
Update query-classification-and-display.md
 2022-12-19 14:00:21 +00:00
Jami Cogswell
f37f0a09aa Java: update change note 2022-12-19 08:41:56 -05:00
Jami Cogswell
42ddd66360 Java: add hasApiName predicate 2022-12-19 08:38:12 -05:00
Arthur Baars
8be882f815 Update javascript/ql/src/AlertSuppression.ql 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-19 14:35:16 +01:00
erik-krogh
d0af30b40a cleanup the implementation of toString() for `SuperCall 2022-12-19 14:28:01 +01:00
James Fletcher
23047d8246 Delete query-classification-and-display.md 2022-12-19 13:24:52 +00:00
James Fletcher
af5de55d1f Merge pull request #11737 from github/jf205-patch-2 
Update supported-queries.md
 2022-12-19 13:22:10 +00:00