hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,793 Commits 1,673 Branches 157 Tags
f2e28c311acea71891b1ce18444ee342be8fc03e
Commit Graph

1143 Commits

Author SHA1 Message Date
Nick Rolfe
c518150b49 Merge pull request #9132 from github/nickrolfe/misspelling 
QL for QL: generalise non-US spelling query
 2022-05-16 16:03:36 +01:00
Tom Hvitved
a9f6d203cd Merge pull request #8971 from aibaars/safe-nagivation 
Ruby: add safe navigation operator
 2022-05-16 10:53:56 +02:00
Anders Schack-Mulligen
83f817ca45 Merge pull request #9134 from aschackmull/dataflow/perf-std-order 
Dataflow: Improve standard order through easier type check elimination.
 2022-05-16 10:05:17 +02:00
Nick Rolfe
1115227f9d Merge remote-tracking branch 'origin/main' into nickrolfe/misspelling 2022-05-12 16:10:27 +01:00
Nick Rolfe
8caad12011 Ruby: fix typos in comments 2022-05-12 16:02:20 +01:00
Anders Schack-Mulligen
8c8440a58a Merge pull request #9101 from hvitved/dataflow/include-hidden 
Data flow: Add `Configuration::includeHiddenNodes()`
 2022-05-12 15:36:12 +02:00
Joe Farebrother
59e400d2e0 Merge pull request #7723 from joefarebrother/redos 
Java: Add ReDoS queries
 2022-05-12 13:50:38 +01:00
Anders Schack-Mulligen
adb56dfa39 Dataflow: Improve standard order through easier type check elimination. 2022-05-12 14:31:38 +02:00
Tom Hvitved
0a7892797e Merge pull request #8938 from hvitved/ruby/with-without-mad-tokens 
Ruby: Introduce `With(out)Element` MaD input tokens
 2022-05-12 11:49:51 +02:00
Harry Maclean
e8972b814f Merge pull request #8635 from hmac/hmac/io-popen 
Ruby: Model IO.popen
 2022-05-12 21:17:55 +12:00
Tom Hvitved
46ab25b61e Merge pull request #9098 from aschackmull/dataflow/perf 
Dataflow: Performance fixes
 2022-05-11 20:41:48 +02:00
Anders Schack-Mulligen
4884520ee1 Dataflow: Review fix. 2022-05-11 15:40:49 +02:00
Tom Hvitved
884d3b2ff4 Ruby: Introduce With(out)Element MaD input tokens 2022-05-11 15:17:27 +02:00
Tom Hvitved
333780e635 Merge pull request #8898 from hvitved/dataflow/clear-expect-summary-components 
Data flow: Introduce 'with/without content' summary components
 2022-05-11 15:16:42 +02:00
Arthur Baars
e1e13b599a Fix CFG 2022-05-11 12:09:17 +02:00
Arthur Baars
d91b1891f1 Add change note 2022-05-11 12:06:08 +02:00
Arthur Baars
dbd9c1859d Add more test cases for &. operator 2022-05-11 12:06:08 +02:00
Arthur Baars
76f806159c Ruby: desugar safe navigation calls 2022-05-11 12:06:08 +02:00
Arthur Baars
c9f7568ca3 Ruby: add Call::isSafeNavigation 2022-05-11 12:06:08 +02:00
Arthur Baars
a47e429945 Merge pull request #8909 from aibaars/tree-sitter-update 
Tree sitter update
 2022-05-11 12:02:14 +02:00
Rasmus Wriedt Larsen
add6579385 Merge pull request #9022 from RasmusWL/ruby-fix 
Ruby: Fix `isLocalSourceNode` implementation
 2022-05-11 11:52:44 +02:00
Arthur Baars
907c3db5ca Address comments 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-05-11 09:59:42 +02:00
Tom Hvitved
712fe002b9 Data flow: Sync files 2022-05-10 12:41:10 +02:00
Tom Hvitved
bfabfc3601 Data flow: Add Configuration::includeHiddenNodes() 2022-05-10 12:40:46 +02:00
yoff
6c3e2db7fd Merge branch 'main' into python/simple-csrf 2022-05-10 10:55:28 +02:00
Anders Schack-Mulligen
f85e06c2e4 Dataflow: Sync. 2022-05-10 10:12:39 +02:00
Harry Maclean
a6cab022f6 Ruby: Add missing import 2022-05-10 17:32:01 +12:00
Harry Maclean
7b63493fa9 Ruby: Fix identification IO.open args 2022-05-10 17:32:00 +12:00
Harry Maclean
79c6dc1af0 Refactor IO/File modelling 
The main goal here is to get rid of the duplicate definitions of module
`IO`, which currently exist in both `frameworks/core/IO.qll` and
`frameworks/Files.qll`.

We do this by moving the classes inside `Files::IO` to `core/IO.qll`,
but moving most of the actual definitions of those classes to an
internal module `core.internal.FileOrIO`. This means both `Files.qll`
and `IO.qll` can depend on them without leaking them to end users.
 2022-05-10 17:32:00 +12:00
Harry Maclean
2d12ad6238 Ruby: Model IO.popen 
This method is very similar to `Kernel.system`: it executes its
arguments as a system command in various ways.
 2022-05-10 17:32:00 +12:00
Anders Schack-Mulligen
f24364d951 Merge pull request #9045 from hvitved/dataflow/subpaths-perf-take2 
Data flow: Speedup `subpaths` predicate (take 2)
 2022-05-09 15:39:11 +02:00
Michael Nebel
9a45949e8c Merge pull request #9044 from michaelnebel/csharp/flowsummariestest 
C#: Flow summaries test should print, whether a summary is generated or not.
 2022-05-09 10:06:19 +02:00
Michael Nebel
76fd424795 C#: Turn isAutogenerated predicate into a predicate without result. 2022-05-09 07:30:06 +02:00
Mathias Vorreiter Pedersen
176e40f139 Merge pull request #9052 from github/post-release-prep/codeql-cli-2.9.1 
Post-release preparation for codeql-cli-2.9.1
 2022-05-06 13:15:17 +01:00
github-actions[bot]
1a25457178 Post-release preparation for codeql-cli-2.9.1 2022-05-05 19:05:50 +00:00
Tom Hvitved
2e780154e2 Ruby: Introduce 'with/without content' summary components 2022-05-05 14:25:48 +02:00
Tom Hvitved
d9d5372f28 Data flow: Sync files 2022-05-05 13:36:26 +02:00
Michael Nebel
2dc35c123a Java/Ruby: Sync files. 2022-05-05 13:08:55 +02:00
Tom Hvitved
66a9759329 Merge pull request #8870 from hvitved/dataflow/expect-content 
Data flow: Introduce `expectsContent`
 2022-05-05 09:01:40 +02:00
Joe Farebrother
c1290d9e2b Sync shared redos library files. 2022-05-04 15:41:38 +01:00
Joe Farebrother
0a5268aeb4 Sync shared library changes across languages. 2022-05-04 15:41:38 +01:00
Tom Hvitved
8e33653d25 Merge pull request #9017 from hvitved/dataflow/subpaths-perf 
Data flow: Speedup `subpaths` predicate
 2022-05-04 16:37:52 +02:00
Rasmus Wriedt Larsen
7bd7bedb1b Ruby: Simplify isLocalSourceNode implementation 
The need for `SynthReturnNode` goes away if we don't restrict the nodes
that can't be reached from another entry definition or expression to be
`ExprNode`s
 2022-05-04 16:12:20 +02:00
Tom Hvitved
9cb63c0a5e Data flow: Sync files 2022-05-04 14:49:26 +02:00
Nick Rolfe
276f8d40f9 Ruby: add comments to address review feedback 2022-05-04 12:07:46 +01:00
Tom Hvitved
74e99302d6 Address review comments 2022-05-04 09:57:59 +02:00
Tom Hvitved
da72ba46d4 Data flow: Add stub expectsContent for all languages 2022-05-04 09:57:59 +02:00
Tom Hvitved
6e2e8440eb Data flow: Sync files 2022-05-04 09:57:59 +02:00
Tom Hvitved
a50f18ab50 Data flow: Introduce expectsContent 2022-05-04 09:57:58 +02:00
Rasmus Wriedt Larsen
a7b43f7356 Ruby: Accept changes to TypeTracker tests 
Since this is not using inline-expectation-tests, I'm not entirely sure
whether these changes are OK or not, so hope to get someone else to
signoff on that.
 2022-05-03 14:59:06 +02:00