hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,971 Commits 1,672 Branches 157 Tags
f141336f64286e09fe0c4645c651e7155f70e09c
Commit Graph

5506 Commits

Author SHA1 Message Date
Chris Smowton
5119de8d22 Merge pull request #9238 from atorralba/atorralba/remove-xxe-sinks 
Java: Remove org.dom4j.DocumentHelper:parseText as XXE sink
 2022-05-21 17:33:06 +01:00
Ian Lynagh
73759705ae Merge pull request #9121 from github/igfoo/mjson 
Kotlin: Write the log file as Line-delimited JSON
 2022-05-20 13:51:20 +01:00
Tony Torralba
98f70dc7d3 Remove org.dom4j.DocumentHelper:parseText as XXE sink 2022-05-20 14:45:26 +02:00
Tony Torralba
aba4a9aa4a Merge pull request #9233 from atorralba/atorralba/fix-field-init-test 
Kotlin: Fix test to correctly highlight lack of flow from field init
 2022-05-20 14:37:22 +02:00
Ian Lynagh
9844ae703e Merge pull request #9219 from igfoo/igfoo/livelits 
Improve LiveLiterals
 2022-05-20 11:42:16 +01:00
Anders Schack-Mulligen
8beef45599 Merge pull request #9195 from aschackmull/java/perf-local-flow 
Java: Performance fixes for local flow relation
 2022-05-20 12:38:02 +02:00
Tony Torralba
775b53b7b4 Fix test to correctly highlight lack of flow from field init 2022-05-20 12:36:10 +02:00
Michael Nebel
20af134ff0 Merge pull request #9210 from michaelnebel/dataflow/summarizedcallablerefactor 
DataFlow - SummarizedCallable refactor
 2022-05-20 09:32:30 +02:00
Tony Torralba
5498f41248 Apply code review suggestion to increase precision in getValue 2022-05-19 17:35:34 +01:00
Tony Torralba
bc84ff2031 Improve docs of LiveLiteral 
Also remove transitive closure from calls
 2022-05-19 17:35:27 +01:00
Chris Smowton
c9232c075c Autoformat 2022-05-19 15:18:10 +01:00
Ian Lynagh
e319ab1b70 Kotlin: Format a query 2022-05-19 13:56:04 +01:00
Chris Smowton
1039e29b90 Adjust test result 2022-05-19 13:42:28 +01:00
Chris Smowton
4f08981586 Expand warning message to note that there are known Java extractor bugs relating to this query 2022-05-19 13:37:18 +01:00
Chris Smowton
e722c99218 Autoformat 2022-05-19 11:55:31 +01:00
Chris Smowton
4f54bb66b8 Accept consistency check failure 
The Java extractor assigns a type with unbound type variables to the result of ImmutableSortedMap.of calls.
 2022-05-19 11:55:31 +01:00
Chris Smowton
ea9aa59627 Add test 2022-05-19 11:55:31 +01:00
Chris Smowton
8a90ddefbb Accept test changes 
These are mainly moving the source locations and type specialisations in SAM-converted methods.
 2022-05-19 11:55:31 +01:00
Chris Smowton
ada31f3075 Distinguish result type parameter names 
This makes debugging a little easier.
 2022-05-19 11:55:31 +01:00
Chris Smowton
49c9c36daf Type-variable-in-scope consistency query: account for all enclosing elements that declare type parameters. 2022-05-19 11:55:31 +01:00
Chris Smowton
048a530aac Type parameter scoping check: distinguish type arguments from type parameters 
I had forgotten that the Java QL lib regards a ParameterizedType as either an instantiation Generic<String>, or the unbound declaration Generic<T>.
 2022-05-19 11:55:31 +01:00
Chris Smowton
d291e0cf10 Fix typeParametersInScope consistency query 
The selection of type variables mentioned in a particular class previously didn't work as intended, so the consistency query would always pass.
 2022-05-19 11:55:31 +01:00
Anders Schack-Mulligen
651d9d0a44 Java: Ensure cached predicates are in the same stage. 2022-05-19 11:39:41 +02:00
Michael Nebel
22b9ef2e7b Java: Adapt ExternalApi to refactor. 2022-05-19 11:30:36 +02:00
Anders Schack-Mulligen
0e830f6052 C#/Ruby/Java: Fix pragmas. 2022-05-19 11:26:38 +02:00
Michael Nebel
94a72ec051 Java: Refactor SummarizedCallable. 2022-05-19 11:10:58 +02:00
Erik Krogh Kristensen
215a6a72cc Merge branch 'main' into useStringComp 2022-05-18 10:55:31 +02:00
Anders Schack-Mulligen
a4dac9fd2b Merge pull request #9201 from Marcono1234/marcono1234/NumericType-type-qll 
Java: Move `NumericType` to `Type.qll`
 2022-05-18 10:31:40 +02:00
Anders Schack-Mulligen
af7df79289 Autoformat 2022-05-18 09:38:11 +02:00
Anders Schack-Mulligen
a4a004a322 Java: Simplify recursion prevention. 2022-05-18 09:27:55 +02:00
Anders Schack-Mulligen
d4c9fddae3 Java: Use fastTC. 2022-05-18 09:27:54 +02:00
Anders Schack-Mulligen
48ab5b2403 C#/Ruby/Java: Fix references. 2022-05-18 09:27:54 +02:00
Anders Schack-Mulligen
25fda206b2 Java: Prevent accidental recursion through AdditionalValueStep. 2022-05-18 09:25:23 +02:00
Anders Schack-Mulligen
1d3b3204df Merge pull request #9190 from hvitved/dataflow/summary-arg-param-no-materialize 
Data flow: Do not materialize `summaryArgParam`
 2022-05-18 09:17:57 +02:00
Erik Krogh Kristensen
7245591468 Merge pull request #7763 from erik-krogh/unused-field 
QL: add unused-field query
 2022-05-18 09:15:16 +02:00
Marcono1234
c53d315697 Java: Move NumericType to Type.qll 2022-05-18 01:40:17 +02:00
Tony Torralba
53f32f5a97 Merge pull request #9186 from atorralba/atorralba/kotlin-inline-expectations-tests 
Kotlin: Add support for InlineExpectationsTest
 2022-05-17 15:28:03 +02:00
Erik Krogh Kristensen
86e97c32d6 fix all ql/use-string-compare 2022-05-17 14:11:05 +02:00
Tony Torralba
dbf249b199 Accept only EOL comments as Kotlin expectation comments 2022-05-17 13:05:51 +02:00
Tom Hvitved
284357d2a0 Data flow: Do not materialize summaryArgParam 2022-05-17 12:50:01 +02:00
Mathias Vorreiter Pedersen
1280d43e36 Merge pull request #9141 from github/post-release-prep/codeql-cli-2.9.2 
Post-release preparation for codeql-cli-2.9.2
 2022-05-17 10:01:37 +01:00
Tony Torralba
2b6d7bb3d8 Add support for InlineExpectationsTest to Kotlin 2022-05-17 10:55:00 +02:00
Tamás Vajk
3b07fe70a1 Merge pull request #9174 from tamasvajk/kotlin-fix-isUnspecialised 
Kotlin: Fix parent class lookup from field initializers in `isUnspecialised`
 2022-05-17 10:48:52 +02:00
Anders Schack-Mulligen
4f5ccfd76c Merge pull request #9181 from Marcono1234/marcono1234/FloatingPointLiteral-rename 
Java: Rename `FloatingPointLiteral` to `FloatLiteral`
 2022-05-17 10:08:49 +02:00
Tamás Vajk
350d137b2e Merge pull request #9145 from tamasvajk/kotlin-useless-param 
Kotlin: Respect `override` modifier in useless parameter query
 2022-05-17 08:43:59 +02:00
Tamás Vajk
fcb3d78eae Merge pull request #9146 from tamasvajk/kotlin-inner-class-static 
Kotlin: exclude Kotlin source from 'inner class could be static' check
 2022-05-17 08:43:39 +02:00
Tamás Vajk
26553cefc5 Merge pull request #9149 from tamasvajk/kotlin-maybe-null 
Kotlin: Exclude operands of `NotNullExpr` from NullMaybe query
 2022-05-17 08:43:24 +02:00
Tamás Vajk
d8c22901c9 Merge pull request #9150 from tamasvajk/kotlin-MissingInstanceofInEquals 
Kotlin: Add more type check casts to MissingInstanceofInEquals query
 2022-05-17 08:43:06 +02:00
Marcono1234
4e1a73f4d9 Java: Rename FloatingPointLiteral to FloatLiteral 
"Floating point" refers to both `double` and `float`, and is also used by
the JLS in this way. Therefore the old CodeQL class name for `float` literals
was misleading.
 2022-05-16 22:06:04 +02:00
Nick Rolfe
c518150b49 Merge pull request #9132 from github/nickrolfe/misspelling 
QL for QL: generalise non-US spelling query
 2022-05-16 16:03:36 +01:00