hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 10:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
47,874 Commits 1,742 Branches 165 Tags
f2fded64862a6717ea6ad12b70fe6a67b442c50e
Commit Graph

47874 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Smowton
f2fded6486 Accept jvmstatic-annotation changes 
These occur because the Companion field is odd, being extracted from source but not having an associated FieldDeclaration, leading to PrintAst enumerating the node differently depending on whether it has a source-file location or not but in either case choosing not to show it.
 2022-12-06 18:35:04 +00:00
Chris Smowton
5e023bf619 Remove no-longer-applicable diagnostic matches 
These resulted from the Java compiler exploring NotNull and other Kotlin-emitted annotations, which it no longer does because it finds a .class trap file already present and truncates its class-graph walk
 2022-12-06 18:35:04 +00:00
Chris Smowton
82f3c2f6d5 Mark the Companion field as static 2022-12-06 18:35:04 +00:00
Chris Smowton
d9dc8e38f9 Fix binary names for classes declared from source 
Only top-level non-class declarations need the IrFile's expected class name inserting
 2022-12-06 18:35:04 +00:00
Chris Smowton
910a1f872d Adjust opt-in required to use string-manipulation functions in Kotlin <= 1.5 2022-12-06 18:35:04 +00:00
Chris Smowton
540a2a623e Don't create stub trap files for anonymous or local classes, or unexpected kinds of top-level declaration 2022-12-06 18:35:04 +00:00
Chris Smowton
08e3431107 Also stub class files relating to file classes and top-level declarations 2022-12-06 18:35:04 +00:00
Chris Smowton
748637c2d8 Tidy and use version 0 for classes extracted from source 2022-12-06 18:35:03 +00:00
Chris Smowton
e34d72aee9 Kotlin: stub trap .class files when extracting a class from Kotlin source 2022-12-06 18:35:03 +00:00
Mathias Vorreiter Pedersen
2c500142c7 Merge pull request #11435 from jketema/rewrite-tainted-path 
C++: Rewrite `cpp/path-injection` to not use `DefaultTaintTracking`
 2022-12-06 14:54:57 +00:00
Michael Nebel
8e4190d84a Merge pull request #11516 from michaelnebel/java/externalflowcleanup 
Java: Cleanup imports of `ExternalFlow`
 2022-12-06 14:26:39 +01:00
Anders Schack-Mulligen
b579e2e7ed Merge pull request #11493 from aschackmull/java/scc-equivrel 
Java: Replace ad-hoc SCC reduction with union-find.
 2022-12-06 14:02:46 +01:00
Erik Krogh Kristensen
be168901d6 Merge pull request #11085 from dbartol/dbartol/ql-for-ql-latest 
Use latest released bundle for QL-for-QL
 2022-12-06 12:43:53 +01:00
Mathias Vorreiter Pedersen
3eea3b2f45 Merge pull request #11446 from atorralba/atorralba/swift/path-injection 
Swift: Add path injection query
 2022-12-06 11:03:26 +00:00
Chris Smowton
3b5b121aeb Merge pull request #11553 from smowton/smowton/fix/kotlin-synthetic-noarg-constructor 
Kotlin: Extract a no-arg constuctor whenever a Kotlin class has default values for all parameters
 2022-12-06 10:07:31 +00:00
Anders Schack-Mulligen
f0ac59be25 Merge pull request #11521 from aschackmull/shared/typetracking 
Shared: Add a qlpack with a parameterized module defining type-trackers.
 2022-12-06 10:56:44 +01:00
Anders Schack-Mulligen
1b77f50fd7 Shared: Address review comments. 2022-12-06 10:42:16 +01:00
Michael Nebel
4e93429026 Merge pull request #11577 from michaelnebel/java/enablemodeldifferenceworkflow 
Java: Add Model Difference workflow on model generator changes.
 2022-12-06 10:35:52 +01:00
Michael Nebel
204766b967 Java: Adjust generated model paths in Model difference workflow. 2022-12-06 09:53:39 +01:00
Tom Hvitved
b5e2e1e469 Merge pull request #11564 from hvitved/dataflow/parameter-position-consistency-checks 
Data flow: Add consistency checks for parameter positions
 2022-12-06 09:33:36 +01:00
Michael Nebel
6fa2193602 Java: Add Model Difference workflow on model generator changes. 2022-12-06 09:26:09 +01:00
Michael Nebel
cd5c0bec33 Merge pull request #11527 from michaelnebel/java/regeneratemodels 
Java/C#: Delete old model generator scripts and update Java model re-generator script.
 2022-12-06 09:24:13 +01:00
Jeroen Ketema
995efef5da C++: Add explanatory comment to hasFilteredFlowPath 2022-12-06 09:03:21 +01:00
Jeroen Ketema
5637d573c1 C++: Add test case that is no longer detected after latest changes 2022-12-06 08:31:22 +01:00
Tom Hvitved
b171dc9b7b Merge pull request #11477 from hvitved/ruby/call-ctx-rewrite 
Ruby: Rework call-context sensitivity logic
 2022-12-06 07:39:29 +01:00
Jeroen Ketema
6dbc59d5b5 C++: Simplify isSink based on reviewer comments 2022-12-05 23:23:08 +01:00
Chris Smowton
5bb1319b0f Merge pull request #9779 from porcupineyhairs/goSqlInjection 
Golang : Add SQL sinks for `gorqlite` and `GoFrame` frameworks
 2022-12-05 16:30:22 +00:00
Chris Smowton
407e4cdd07 Don't create a default constructor for annotations, or classes that explicitly declare a no-arg constructor. 2022-12-05 16:17:51 +00:00
Tom Hvitved
7972db68bc C++: Update expected test output 2022-12-05 17:07:32 +01:00
Chris Smowton
8897f5bccc Merge pull request #11552 from smowton/smowton/fix/kotlin-toplevel-internal-names 
Kotlin: Don't add name mangling to top-level internal functions
 2022-12-05 15:36:52 +00:00
Tony Torralba
7dca1b4b06 Merge branch 'main' into atorralba/swift/path-injection 2022-12-05 16:21:22 +01:00
Mathias Vorreiter Pedersen
5b31da44e1 Merge pull request #11424 from geoffw0/alamofire3 
Swift: Alamofire taint sources
 2022-12-05 15:15:58 +00:00
Tony Torralba
bf8084080b Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2022-12-05 15:37:40 +01:00
Anders Schack-Mulligen
ed1fe1447b Shared: Add more precise types in TypeTracker. 2022-12-05 15:19:20 +01:00
Anders Schack-Mulligen
27755d1551 Shared: Add a qlpack with a parameterized module defining type-trackers. 2022-12-05 14:56:11 +01:00
Anders Schack-Mulligen
9eed12af23 Shared: Initial commit with copy of Ruby TypeTracker. 2022-12-05 14:54:03 +01:00
Erik Krogh Kristensen
6b9cab23d4 Merge pull request #11248 from erik-krogh/js-redosMod 
JS: use the shared regex pack
 2022-12-05 14:48:37 +01:00
Michael Nebel
fca249a62e Java: Address review comments. 2022-12-05 14:44:52 +01:00
Geoffrey White
64fb98e46f Swift: Rewrite bits to try and get rid of red highlighting. 2022-12-05 13:41:21 +00:00
Geoffrey White
17244734d0 Swift: Results repaired by merge. 2022-12-05 13:36:14 +00:00
Tom Hvitved
8f701cf1cb Python: Update expected test output 2022-12-05 14:33:06 +01:00
Geoffrey White
07c790a430 Merge branch 'main' into alamofire3 2022-12-05 13:29:26 +00:00
Michael Nebel
19db8e5d82 Java: Address review comments and also delete comment about type based summaries only being for C#. 2022-12-05 14:07:16 +01:00
Geoffrey White
6cb69c907d Merge pull request #11514 from geoffw0/generics 
Swift: Fix for MaD with generics
 2022-12-05 13:02:35 +00:00
Tom Hvitved
52f3a48638 Data flow: Sync files 2022-12-05 12:57:27 +01:00
Tom Hvitved
e66a3c4d83 Data flow: Add consistency checks for parameter positions 2022-12-05 12:57:11 +01:00
Chris Smowton
7883bff99e Merge branch 'main' into goSqlInjection 2022-12-05 11:43:14 +00:00
AlexDenisov
ef9b503f69 Merge pull request #11559 from github/redsun82/swift-integration-test-dbs 
Swift: always upload integration test logs
 2022-12-05 12:41:45 +01:00
Tom Hvitved
faca4b5b56 Merge pull request #11461 from hvitved/ruby/unique-hash-splat-param 
Ruby: At most one hash-splat `ParameterNode` per callable
 2022-12-05 11:53:28 +01:00
Chris Smowton
07e4367151 Merge pull request #11562 from github/smowton/admin/remove-go-work 
Delete go.work
 2022-12-05 10:40:10 +00:00