hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
44,331 Commits 1,740 Branches 165 Tags
ee59bdab253d30788eff2faa434bff3478245a90
Commit Graph

44331 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamás Vajk
ee59bdab25 Merge pull request #10624 from tamasvajk/kotlin-java-fn-equivalence-remove 
Kotlin: find java-kotlin equivalent functions by erased parameter types
 2022-09-30 12:00:46 +02:00
Ian Lynagh
9be2ca2f1e Merge pull request #10630 from igfoo/igfoo/ver0 
Kotlin: Make newerThan symmetric
 2022-09-30 10:52:42 +01:00
Henti Smith
476960e699 Merge pull request #10625 from github/henti/ql_jobrunson 
Added job.getRunsOn
 2022-09-30 10:19:14 +01:00
Erik Krogh Kristensen
06ea829537 Merge pull request #10636 from erik-krogh/fixHardcoded 
JS: recognize another kind of dummy passwords to fix an FP in hardcoded-credentials
 2022-09-30 10:42:01 +02:00
Henti Smith
074fac8f2f Ran autoformatter on Actions.qll 2022-09-30 09:24:12 +01:00
Michael Nebel
82294c1349 Merge pull request #10622 from michaelnebel/ruby/postupdateassignexpr 
Ruby: Postupdate notes for assignment expressions.
 2022-09-30 10:00:02 +02:00
Michael Nebel
c867f2ba5b Merge pull request #10594 from michaelnebel/csharp/postupdatenotes 
C#: Postupdate notes for ternary expressions.
 2022-09-30 09:56:21 +02:00
Harry Maclean
4a39bc8f47 Merge pull request #10598 from hmac/hmac/actioncontroller-metal 
Ruby: Identify ActionController::Metal controllers
 2022-09-30 13:07:03 +13:00
erik-krogh
9f2d7dfb29 update expected output 2022-09-29 22:48:41 +02:00
erik-krogh
0a5ff1b79a recognize another kind of dummy passwords to fix an FP in hardcoded-credentials 2022-09-29 21:25:40 +02:00
yoff
8ab5617b51 Merge pull request #10539 from yoff/python/improve-API-graphs 
Python: add subscript to API graphs
 2022-09-29 21:05:22 +02:00
James Fletcher
7ffbc738fb Merge pull request #10632 from jf205/lgtm-updates 
Remove a mentions of LGTM.com from the README and style guides
 2022-09-29 19:29:32 +01:00
Henry Mercer
35e9e7d233 Merge pull request #10613 from github/henrymercer/atm-update-expected-output 
ATM: Update expected test output
 2022-09-29 17:57:51 +01:00
James Fletcher
8f6de12785 Merge branch 'main' into lgtm-updates 2022-09-29 17:37:54 +01:00
james
d75b1e399d remove a few mentions of LGTM.com 2022-09-29 17:29:03 +01:00
Ian Lynagh
66a8bc5a96 Kotlin: Make newerThan symmetric 
"0.0 last-modified 0" and "0.0 last-modified 123" were giving
different comparisons depending on which way round they were.
 2022-09-29 16:55:03 +01:00
Robert Marsh
9b03e1c0b1 Merge pull request #10609 from MathiasVP/overrun-write-only-flag-overrunning-write 
C++: Make `OverrunWriteProductFlow` raise alerts on overflows
 2022-09-29 10:03:05 -04:00
Henti Smith
700eaf5e41 Added JobRunson 2022-09-29 14:19:02 +01:00
Mathias Vorreiter Pedersen
4e3b445515 C++: Accept test changes. 2022-09-29 13:35:23 +01:00
Mathias Vorreiter Pedersen
70837dbd93 C++: Use range analysis to properly deduce the initial 'state2' instead of traversing the AST. Also fix state-passing related to negative states. 2022-09-29 13:32:39 +01:00
Mathias Vorreiter Pedersen
6537c817ef C++: Add more CWE-199 tests that allocates memory based on the result of a SubExpr. 2022-09-29 13:31:34 +01:00
Tamas Vajk
b79c10c419 Kotlin: find java-kotlin equivalent functions by erased parameter types 2022-09-29 14:29:22 +02:00
Tamas Vajk
64c953bee0 Kotlin: add test for not found equivalent of MutableList.remove 2022-09-29 14:24:09 +02:00
Michael Nebel
dd0f19d0b0 Ruby: Update expected test output. 2022-09-29 14:12:20 +02:00
Michael Nebel
999eb19c3d Ruby: Support postupdate notes for assignment expressions. 2022-09-29 14:12:20 +02:00
Tom Hvitved
1fcd22b0f6 Merge pull request #10621 from hvitved/ruby/fix-bad-join 
Ruby: Fix bad join-order
 2022-09-29 13:56:18 +02:00
Michael Nebel
af4db77046 Ruby: Update expected test output. 2022-09-29 13:54:59 +02:00
Michael Nebel
9ee831a378 Ruby: Add (failing) test case for flow out via assignment expression. 2022-09-29 13:54:32 +02:00
Tom Hvitved
2bf087677f Ruby: Fix bad join-order 
Before
```
Evaluated relational algebra for predicate DataFlowDispatch#36b84300::mayBenefitFromCallContext1#6#ffffff@ba617c9q with tuple counts:
          1066626  ~2%    {3} r1 = SCAN project#Module#fe82a56b::Cached::lookupMethod#2 OUTPUT In.0, In.0, In.1
        931393128  ~0%    {4} r2 = JOIN r1 WITH DataFlowDispatch#36b84300::isInstanceLocalMustFlow#3#fff_102#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.2, Lhs.1, Rhs.2
           298573  ~0%    {6} r3 = JOIN r2 WITH DataFlowDispatch#36b84300::mayBenefitFromCallContext0#5#fffff_14023#join_rhs ON FIRST 2 OUTPUT Rhs.2, Rhs.3, Rhs.4, Lhs.2, Lhs.3, Lhs.1
                          return r3
```

After
```
Evaluated relational algebra for predicate DataFlowDispatch#36b84300::mayBenefitFromCallContext1#6#ffffff@f68de4dn with tuple counts:
        583298  ~1%    {5} r1 = SCAN DataFlowDispatch#36b84300::mayBenefitFromCallContext0#5#fffff OUTPUT In.1, In.0, In.2, In.3, In.4
        583298  ~1%    {5} r2 = JOIN r1 WITH DataFlowPrivate#462ff392::ArgumentNode#class#f ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Lhs.2, Lhs.3, Lhs.4
        442278  ~0%    {6} r3 = JOIN r2 WITH DataFlowDispatch#36b84300::isInstanceLocalMustFlow#3#fff ON FIRST 1 OUTPUT Rhs.1, Lhs.4, Lhs.1, Lhs.2, Lhs.3, Rhs.2
        298573  ~0%    {6} r4 = JOIN r3 WITH project#Module#fe82a56b::Cached::lookupMethod#2 ON FIRST 2 OUTPUT Lhs.2, Lhs.3, Lhs.4, Lhs.0, Lhs.5, Lhs.1
                       return r4
```
 2022-09-29 12:00:26 +02:00
Asger F
296c0a7925 Merge pull request #10603 from asgerf/type-model-api-node 
Add TypeModel.getAnApiNode
 2022-09-29 11:39:09 +02:00
Michael Nebel
95488bf133 C#: Update expected test output. 2022-09-29 11:35:35 +02:00
Michael Nebel
903abd0f3e C#: Exhaustive validation of postupdate notes in conditional expression example. 2022-09-29 11:35:35 +02:00
Michael Nebel
131a6ac492 C#: Update expected test output. 2022-09-29 11:35:35 +02:00
Michael Nebel
e06afb69cc C#: Support postupdate notes for assignment expressions. 2022-09-29 11:35:35 +02:00
Michael Nebel
9ced3956d6 C#: Add assignment expression example. 2022-09-29 11:35:35 +02:00
Michael Nebel
e1ea1a464d C#: Update expected test output. 2022-09-29 11:35:35 +02:00
Michael Nebel
3d971d239f C#: Support postupdate notes for suppress nullable warning expressions. 2022-09-29 11:35:35 +02:00
Michael Nebel
58bf283023 C#: Add suppress nullable warning expressions example. 2022-09-29 11:35:35 +02:00
Michael Nebel
940e925c31 C#: Update expected test output. 2022-09-29 11:35:35 +02:00
Michael Nebel
b24fd13946 C#: Add postupdate note support for switch expressions. 2022-09-29 11:35:35 +02:00
Michael Nebel
d54406d599 C#: Add switch example. 2022-09-29 11:35:35 +02:00
Michael Nebel
65b32b665d C#: Update test expected output. 2022-09-29 11:35:35 +02:00
Michael Nebel
6b74e433ee C#: Support postupdate notes for NullCoalescing expressions. 2022-09-29 11:35:35 +02:00
Michael Nebel
11d67744f7 C#: Add NullCoalescing example. 2022-09-29 11:35:35 +02:00
Michael Nebel
2e5fc19e38 C#: Update expected test output. 2022-09-29 11:35:35 +02:00
Michael Nebel
3c6f538d5c C#: Support Cast expressions to have post update notes. 2022-09-29 11:35:35 +02:00
Michael Nebel
ba4794790e C#: Add Cast example. 2022-09-29 11:35:35 +02:00
Michael Nebel
d3530b0083 C#: Re-factor nested exists into a single exists. 2022-09-29 11:35:35 +02:00
Michael Nebel
c49a16c840 C#: Update expected test output for the local flow testcases. 2022-09-29 11:35:21 +02:00
Mathias Vorreiter Pedersen
cda05ed3ea Merge pull request #10616 from erik-krogh/ql-consistencies 
QL: adjust the consistency query to not be noisy on parameterised modules
 2022-09-29 08:46:49 +01:00