hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-27 05:13:00 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,431 Commits 1,689 Branches 159 Tags
f8b451a514bcd55db4a5c3ae645171744fb64bdc
Commit Graph

40431 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
f8b451a514 get all calls to resolve to a unique predicate (within reason) 2022-06-19 22:38:09 +02:00
Erik Krogh Kristensen
f08f02ed66 use the explicit super type to resolve calls 2022-06-19 20:38:16 +02:00
Erik Krogh Kristensen
115110475d fix getName() on module instantiations 2022-06-19 20:09:32 +02:00
Erik Krogh Kristensen
26df367a8a fix some instances of spuriously resolving to multiple predicates 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen
1856e2b389 fixup the $schema in all .sarif files 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen
6e2f3e2fcb merge all .sarif files at the end of the QL-for-QL workflow 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen
638a886dfe move create-extractor-pack to a scripts folder 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen
0391db6787 simplify some code based on review 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen
7e93416e97 only resolve module types if we know that the TypeExpr could possibly resolve to a module 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen
a59f0d36f5 run the implicit-this patch on QL-for-QL 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen
3a4f0299c7 fix typo 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen
a5e789c72b Merge pull request #9537 from github/dependabot/cargo/ql/crossbeam-utils-0.8.8 
Bump crossbeam-utils from 0.8.5 to 0.8.8 in /ql
 2022-06-18 15:44:34 +02:00
Erik Krogh Kristensen
02b9745eb6 Merge pull request #9538 from github/dependabot/cargo/ql/regex-1.5.5 
Bump regex from 1.5.4 to 1.5.5 in /ql
 2022-06-18 15:44:10 +02:00
Taus
3a328f6a3f Merge pull request #6570 from yoff/python/broaden-noqa-regex 
Python: Broaden noqa regex to allow comments
 2022-06-17 23:56:39 +02:00
Chris Smowton
a7993fb455 Merge pull request #9577 from smowton/smowton/fix/go-mod-tidy-vendoring 
Go autobuilder: don't attempt a go mod tidy when there's a vendor directory present
 2022-06-17 15:26:59 +01:00
Erik Krogh Kristensen
84556fb93b Merge pull request #9575 from erik-krogh/paramModules 
QL: support for parameterized modules
 2022-06-17 15:07:48 +02:00
Chris Smowton
92b8c0f864 Merge pull request #9563 from smowton/smowton/fix/name-trap-files-after-jvmnames 
Kotlin: Name trap files after jvmnames
 2022-06-17 12:32:28 +01:00
Erik Krogh Kristensen
80f66779fb fixup Definitions.qll 2022-06-17 11:27:07 +02:00
Erik Krogh Kristensen
13b743643e everything is a TypeRef, some TypeRefs just resolve to a module 2022-06-17 11:22:04 +02:00
Alex Ford
5923eb4962 Merge pull request #9566 from alexrford/ruby/activerecord-findby-dynamic 
Ruby: recognize ActiveRecord `find_by_x` methods
 2022-06-17 09:39:46 +01:00
Nick Rolfe
cac53b5163 Merge pull request #9588 from github/dependabot/cargo/ruby/thread_local-1.1.4 
Bump thread_local from 1.1.3 to 1.1.4 in /ruby
 2022-06-17 09:28:24 +01:00
Nick Rolfe
5f61c0c0b3 Merge pull request #9587 from github/dependabot/cargo/ql/thread_local-1.1.4 
Bump thread_local from 1.1.3 to 1.1.4 in /ql
 2022-06-17 09:27:51 +01:00
Erik Krogh Kristensen
2b5af15d80 comments about what we resolve, and remove a debug comment 2022-06-17 09:09:58 +02:00
Anders Schack-Mulligen
99343c4606 Merge pull request #9582 from igfoo/igfoo/tidy 
Java: Remove some redundant string concatenations, and a double space
 2022-06-17 09:02:05 +02:00
Harry Maclean
230192df3b Merge pull request #9267 from hmac/hmac/improper-memoization 
Ruby: Add Improper Memoization query
 2022-06-17 16:31:55 +12:00
dependabot[bot]
583ab492f9 Bump thread_local from 1.1.3 to 1.1.4 in /ruby 
Bumps [thread_local](https://github.com/Amanieu/thread_local-rs) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/Amanieu/thread_local-rs/releases)
- [Commits](https://github.com/Amanieu/thread_local-rs/compare/v1.1.3...1.1.4)

---
updated-dependencies:
- dependency-name: thread_local
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-17 01:44:43 +00:00
dependabot[bot]
e456cdb5dc Bump thread_local from 1.1.3 to 1.1.4 in /ql 
Bumps [thread_local](https://github.com/Amanieu/thread_local-rs) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/Amanieu/thread_local-rs/releases)
- [Commits](https://github.com/Amanieu/thread_local-rs/compare/v1.1.3...1.1.4)

---
updated-dependencies:
- dependency-name: thread_local
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-17 01:42:18 +00:00
Erik Krogh Kristensen
96eacd0ea6 disable consistency checks in QL tests that does not hold with the current parameterized modules implementation 2022-06-16 23:10:09 +02:00
Erik Krogh Kristensen
e557f233d7 mark the implements of a module as being alive 2022-06-16 23:03:06 +02:00
Erik Krogh Kristensen
cf89faead0 just use TypeExpr to resolve modules 2022-06-16 22:55:11 +02:00
Erik Krogh Kristensen
dce817ec4b resolve calls to all instantiations of a signature predicate 2022-06-16 22:55:11 +02:00
Erik Krogh Kristensen
2a7a0f398a add support for signature modules (warning: ugly commit) 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
98690c8a2e add support for class signatures in parameterized modules 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
e5d3a8fe90 add callgraph test for signature predicates 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
20c9222e23 use explicit this 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
744e2db152 fix the parser to allow lower-case module names 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
55b6f073c2 resolve calls to signature predicates 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
f25c4c5fdf add consistency test that parents are unique (and fix non-unique parents) 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
14b5f8410f move the consistency predicates where they should be 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
4be969ca3b a bit of cleanup on SignatureExpr 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
6e7db2d37c hook up the pretty AST of a parameterized module 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
1caafb87f7 add type arguments of ModuleInstation to the pretty AST 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
adc1466cab save the name of an instantiated module 2022-06-16 22:55:10 +02:00
Ian Lynagh
5ba672f035 NonSerializableField: Accept test output changes 2022-06-16 17:34:56 +01:00
Arthur Baars
e95194ce67 Merge pull request #9477 from thiggy1342/experimental-archive-api 
RB: Adding experimental query for detecting path traversal in Archive libraries
 2022-06-16 17:45:18 +02:00
Rasmus Wriedt Larsen
45af148f05 Merge pull request #9215 from RasmusWL/ruby-mad-argument-self 
Ruby: Fixes for `Argument[any,any-named]` in MaD
 2022-06-16 17:38:32 +02:00
Ian Lynagh
e7bc2ca423 Java: Remove some redundant string concatenations 2022-06-16 16:38:17 +01:00
Ian Lynagh
13ddc4a988 Java: Remove a double space from an alert message 2022-06-16 16:35:09 +01:00
Chris Smowton
0ba2a670bd Merge pull request #9580 from smowton/smowton/fix/kotlin-build-single-trailing-version-info 
Fix Kotlin single-version build when the best candidate has trailing version info
 2022-06-16 15:11:14 +01:00
thiggy1342
84fce278f1 Merge branch 'main' into experimental-archive-api 2022-06-16 09:30:22 -04:00