hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-04 02:00:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
70,902 Commits 1,673 Branches 157 Tags
f7392d6498aa1780700db6b9987fae42fd39384f
Commit Graph

70902 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
f7392d6498 C++: Range analysis of 'getc'. 2024-10-08 10:08:13 +01:00
Mathias Vorreiter Pedersen
6ca978e1cc C++: Add FP test. 2024-10-08 10:08:12 +01:00
Mathias Vorreiter Pedersen
823d5acd69 C++: Spacing. 2024-10-08 10:05:11 +01:00
Mathias Vorreiter Pedersen
8bb21e1b49 C++: Accept test changes. 2024-10-08 10:05:10 +01:00
Mathias Vorreiter Pedersen
a2cdb9c173 C++: Use range analysis at the sink to exclude trivial FPs. 2024-10-08 10:05:08 +01:00
Mathias Vorreiter Pedersen
c3d9ea1820 C++: Add FP. 2024-10-08 10:05:07 +01:00
Mathias Vorreiter Pedersen
afb5e4f841 C++: Add test spacing. 2024-10-08 10:05:06 +01:00
Mathias Vorreiter Pedersen
f6f5f5d4b4 C++: Accept test changes. 2024-10-08 10:05:04 +01:00
Mathias Vorreiter Pedersen
c9bd9e9303 C++: Modernize the 'cpp/unclear-array-index-validation' query by getting rid of the DefaultTaintTracking barriers and replacing them with a 'BarrierGuard' instantiation. 2024-10-08 10:05:03 +01:00
Michael B. Gale
9bfd461fad Merge pull request #17669 from github/dependabot/go_modules/go/extractor/extractor-dependencies-ae022431d0 
Bump golang.org/x/tools from 0.25.0 to 0.26.0 in /go/extractor in the extractor-dependencies group
 2024-10-07 11:44:05 +01:00
dependabot[bot]
26f8e64a35 Bump golang.org/x/tools 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.25.0 to 0.26.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-07 09:26:56 +00:00
Chris Smowton
770774ed52 Merge pull request #17671 from hvitved/go/fix-tests 
Go: Update expected test output
 2024-10-07 09:23:59 +01:00
Tom Hvitved
c15749f342 Merge pull request #17672 from hvitved/swift/fix-test 
Swift: Update expected test output
 2024-10-07 10:07:20 +02:00
Tom Hvitved
6196fd2cc1 Swift: Update expected test output 2024-10-07 09:45:08 +02:00
Arthur Baars
c04315a7cf Merge pull request #17670 from hvitved/ruby/fix-test 
Ruby: Fix expected test output
 2024-10-07 09:44:51 +02:00
Tom Hvitved
16feaf15e2 Go: Update expected test output 2024-10-07 09:23:39 +02:00
Tom Hvitved
f1afa2bf59 Ruby: Fix expected test output 2024-10-07 09:16:12 +02:00
Owen Mansel-Chan
927b402a3a Merge pull request #17668 from igfoo/igfoo/typo 
Java: Typo in a comment
 2024-10-06 13:22:08 +01:00
Ian Lynagh
d24bdbb4e4 Java: Typo in a comment 2024-10-04 17:34:39 +01:00
yoff
6bb98b02a8 Merge pull request #17577 from yoff/python/add-comprehension-capture-flow 
python: capture flow through comprehensions
 2024-10-04 15:51:06 +02:00
Rasmus Lerchedahl Petersen
6f5b949ec8 Python: adjust test expectations 
note that we do retain precision in
`test_dict_from_keyword()`
 2024-10-04 15:30:02 +02:00
Tom Hvitved
04a4fb2143 Merge pull request #17655 from hvitved/rust/variable-mut 
Rust: `&(mut) x` is neither a read nor a write
 2024-10-04 15:29:36 +02:00
Rasmus Lerchedahl Petersen
a4c1a622b7 Merge branch 'main' of https://github.com/github/codeql into python/add-comprehension-capture-flow 2024-10-04 14:53:03 +02:00
Tom Hvitved
50c2d108ca Rust: Fix CompoundAssignmentExpr charpred 2024-10-04 14:48:07 +02:00
yoff
306b087b6e Merge pull request #17566 from yoff/python/dict-can-take-multiple-args 
Python: All dict constructor args are relevant
 2024-10-04 14:30:10 +02:00
Rasmus Lerchedahl Petersen
977767b0d6 Python: comment around dictionary comprehensions 2024-10-04 14:14:30 +02:00
Rasmus Lerchedahl Petersen
201c4aad13 Python: add comment 2024-10-04 14:09:33 +02:00
yoff
c064a9e092 Update python/ql/lib/semmle/python/frameworks/Stdlib.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2024-10-04 14:01:18 +02:00
Tom Hvitved
db5e452178 Merge pull request #17536 from hvitved/ql-test-source-root 
Adapt to `sourceLocationPrefix` change in `qltest`
 2024-10-04 12:48:51 +02:00
Michael Nebel
c629867191 Merge pull request #17654 from michaelnebel/modelgen/mixedbugfix 
C#/Java: Only use heuristic if no content based model exist (in mixed mode).
 2024-10-04 10:28:49 +02:00
Tom Hvitved
d0ca39fb03 JS: Update expected test output 2024-10-04 08:35:33 +02:00
Tom Hvitved
b3b9406e45 Python: Update test 2024-10-04 08:35:32 +02:00
Tom Hvitved
953461d1aa C++: Update expected test output 2024-10-04 08:35:31 +02:00
Tom Hvitved
bf0675e5ba Kotlin: Update two tests 2024-10-04 08:35:30 +02:00
Tom Hvitved
2832318711 Java: Account for top-level res folders in AndroidLayoutXmlFile 2024-10-04 08:35:28 +02:00
Tom Hvitved
a9cf33ce18 Rust: &x is neither a read nor a write 2024-10-03 20:20:59 +02:00
Angela P Wen
8542992b0d Merge pull request #17651 from github/post-release-prep/codeql-cli-2.19.1 
Post-release preparation for codeql-cli-2.19.1
 2024-10-03 11:18:54 -07:00
Tom Hvitved
05f85497ed Rust: Add &mut variable tests 2024-10-03 19:55:07 +02:00
Chris Smowton
321eb34eff Merge pull request #17637 from smowton/smowton/admin/go-test-extraction-tests 
Go: augment test-extraction tests
 2024-10-03 16:06:53 +01:00
Geoffrey White
64720adccb Merge pull request #17656 from geoffw0/unusedvar2 
Rust: Diagnose unused variable false positives
 2024-10-03 14:56:27 +01:00
Michael Nebel
7600c243de Merge pull request #17639 from felickz/patch-1 
Update Comment - Clarify threat model flow sources comment in LogForgingQuery.qll
 2024-10-03 15:51:40 +02:00
Geoffrey White
369241e1ea Merge pull request #5 from hvitved/unusedvar2 
Rust: Account for variables bound in `while let` expressions
 2024-10-03 14:04:38 +01:00
Geoffrey White
ccaf2dd9ea Rust: Temporarily limit results (hopefully enough for the DCA job to cope). 2024-10-03 13:44:04 +01:00
yoff
88b3d1ffd7 Merge pull request #17565 from yoff/python/model-urllib-parse-parse-qs 
Python: model `urllib.parse.parse_qs`
 2024-10-03 14:32:08 +02:00
Tom Hvitved
cd04500dd9 Rust: Account for variables bound in while let expressions 2024-10-03 14:05:24 +02:00
Geoffrey White
0304aa846c Rust: Add more tests for uused variables. 2024-10-03 12:37:02 +01:00
Rasmus Lerchedahl Petersen
777279dc29 Python: MaD test expectations 2024-10-03 13:29:56 +02:00
Geoffrey White
821398715c Rust: Test spacing. 2024-10-03 11:55:11 +01:00
Rasmus Lerchedahl Petersen
768d866e72 python: model urllib.parse.parse_qs 2024-10-03 12:20:40 +02:00
Rasmus Lerchedahl Petersen
0462809edc Python: add taint test for urllib 2024-10-03 12:20:38 +02:00