hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-28 13:53:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,724 Commits 1,684 Branches 159 Tags
fb53fc53733948df7a4ccfabb89dcfb2edb41db8
Commit Graph

36724 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Ford
fb53fc5373 Javascript: add missing import in ConceptsImports.qll 2022-05-19 15:51:25 +01:00
Alex Ford
d3662cf54a Deprecate CryptographicOperation#isWeak and add a default implementation 2022-05-19 15:46:13 +01:00
Alex Ford
3d66905dc6 Share the CryptographicOperation and BlockMode concepts between dynamic langs 2022-05-19 15:46:03 +01:00
Alex Ford
f8576fb05b Python: avoid missing cryptography uses due to unhandled encryption modes 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-05-19 15:22:49 +01:00
Alex Ford
9e483ac4e0 Fix change note formatting 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-05-19 14:25:44 +01:00
Alex Ford
4bb6d1db3a Add missing qldoc 2022-05-17 15:01:28 +01:00
Alex Ford
f92782d4e7 Ruby: fix some cases where we assume that a CryptographicOperation is using CBC when it is not 2022-05-17 14:57:11 +01:00
Alex Ford
c620fceb82 Ruby: remove unnecessary line from test 2022-05-17 14:57:11 +01:00
Alex Ford
6b496c78ef Ruby: failing crypto op test 2022-05-17 14:57:11 +01:00
Alex Ford
0cc0494586 codeql format 2022-05-16 15:54:31 +01:00
Alex Ford
bda1c21562 BrokenCryptoAlgorithm block mode change notes 2022-05-16 15:49:19 +01:00
Alex Ford
66736ebd9d sync CryptoAlgorithmNames.qll (remove isWeakBlockMode predicate) 2022-05-13 21:26:01 +01:00
Alex Ford
bc073eb460 python: update py/weak-cryptographic-algorithm to flag use of ECB block mode 2022-05-13 16:32:36 +01:00
Alex Ford
da135448a2 python: update tests for CryptographicOperation#getBlockMode 2022-05-13 16:32:36 +01:00
Alex Ford
9f2c59cd6d python: implement getBlockMode for CryptographicOperations 2022-05-13 16:32:36 +01:00
Alex Ford
03e34e071a ruby: inline expectations tests for CryptographicOperation concept 2022-05-13 16:32:36 +01:00
Alex Ford
4752c45fe5 ruby: update rb/weak-cryptographic-algorithm to specify the block mode if appropriate 2022-05-13 16:32:30 +01:00
Alex Ford
46bb247da9 ruby: add BlockMode concept 2022-05-13 15:33:20 +01:00
Paolo Tranquilli
d531631a3a Merge pull request #9147 from github/redsun82/swift-codegen-artifacts 
Swift: publish C++ generated code as artifacts
 2022-05-13 13:36:25 +02:00
Ian Lynagh
624cd41bd5 Merge pull request #9136 from igfoo/igfoo/qldoc 
Kotlin: QLDoc tweaks from intrigus
 2022-05-13 12:17:28 +01:00
Chris Smowton
7daba0bf55 Merge pull request #9122 from smowton/smowton/admin/update-kotlin 
Kotlin: Apply changes since https://github.com/github/codeql/pull/9109 branched away from kotlin-main
 2022-05-13 12:00:03 +01:00
Chris Smowton
e91a51aae6 Merge pull request #9113 from github/smowton/admin/claim-golang-support 
Claim Go 1.18 support
 2022-05-13 11:58:53 +01:00
Paolo Tranquilli
7a8ab7d2f5 Swift: merge generated headers into one artifact 2022-05-13 12:25:48 +02:00
Paolo Tranquilli
8cb9fd7eec Swift: publish C++ generated code as artifacts 2022-05-13 11:48:27 +02:00
Tony Torralba
39fd1b48fc Merge pull request #9143 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-05-13 09:37:29 +02:00
github-actions[bot]
05070fb6c4 Add changed framework coverage reports 2022-05-13 00:19:40 +00:00
Chris Smowton
5ec9390482 Autoformat 2022-05-12 22:37:54 +01:00
Chris Smowton
63dadd88aa Revert "Identify data classes during extraction" 
This reverts commit a61ba65c9f2182a578a7f4dbdb1c1657197f16cd, pending
adding a proper upgrade script for the DB change.
 2022-05-12 22:37:30 +01:00
Tony Torralba
e3c2656ef1 Update java/ql/lib/semmle/code/java/frameworks/KotlinStdLib.qll 2022-05-12 22:37:06 +01:00
Tamas Vajk
cc92c6517b Fix labels of extension function parameters 2022-05-12 22:37:06 +01:00
Tamas Vajk
a0f4960e31 Add test case for extension function called from java 2022-05-12 22:37:06 +01:00
Tamas Vajk
ccaafd74f3 Fix declaring type of companion field 2022-05-12 22:37:06 +01:00
Tamas Vajk
a8cf0383cf Add test for companion field declaring type 2022-05-12 22:37:06 +01:00
Tamas Vajk
8b1a7c845c Fix return type of <clinit> methods 2022-05-12 22:37:06 +01:00
Tamas Vajk
de003fd122 Add test for return type of <clinit> methods 2022-05-12 22:37:06 +01:00
Tamas Vajk
b0ee557a51 Fix expected test files 2022-05-12 22:37:06 +01:00
Tamas Vajk
59581439dd Fix colliding property accessor and function names 2022-05-12 22:37:06 +01:00
Tamas Vajk
a51c2c496f Add test with colliding property accessor and function names 2022-05-12 22:37:06 +01:00
Tamas Vajk
857a74cf14 Adjust class label generation to handle classes in field initializers 2022-05-12 22:37:06 +01:00
Tamas Vajk
394ec56d9d Add test case for local class declaration in field initializer 2022-05-12 22:37:06 +01:00
Chris Smowton
4ceb2f13c4 Add test 2022-05-12 22:37:06 +01:00
Chris Smowton
2600dcd182 Fix extracting type accesses relating to proprerty getters/setters and SAM-converted methods 
These should be handled the same as regular methods: extract type accesses for parameters and methods only if we're extracting "from source", i.e. at some point we're descended from extractFileContents.
 2022-05-12 22:37:06 +01:00
Chris Smowton
301fa11450 Only extract parameter and method type-accesses once 
Previously we extracted them whenever something was non-external, but this led to re-extraction when an instance of a generic type defined in source was extracted multiple times.
 2022-05-12 22:37:06 +01:00
Chris Smowton
8d970a3cbd Don't extract private members of instantiated or external classes 
This is both consistent with the Java extractor's behaviour, and prevents us from trying to refer to anonymous types (e.g. anonymous objects that directly initialize properties) out of scope.
 2022-05-12 22:37:06 +01:00
Tamas Vajk
fbae0f5053 Revert dataflow changes, extract actual iterator function 2022-05-12 22:37:06 +01:00
Tamas Vajk
538e05995a Fix dataflow for kotlin.Array.iterator() 2022-05-12 22:37:03 +01:00
Tamas Vajk
776322bac2 Add foreach dataflow tests 2022-05-12 22:36:28 +01:00
Chris Smowton
7e17074b41 Allow arithmetic functions not mapping to Java equivalents 2022-05-12 22:36:28 +01:00
Chris Smowton
b1849f5f0a Expand error message 2022-05-12 22:36:28 +01:00
Chris Smowton
22e48ca39a Accept test changes 2022-05-12 22:36:28 +01:00