hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-25 12:22:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,430 Commits 1,686 Branches 158 Tags
fdbe16945feef3df0c5c7778eb053529801ecdc2
Commit Graph

41430 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Harry Maclean
fdbe16945f Ruby: Add change note 2022-08-04 17:19:05 +12:00
Harry Maclean
2034498690 Ruby: Fix QLDoc warnings 2022-07-29 12:20:32 +12:00
Harry Maclean
f42d33312f Ruby: Model Mime::Type 
Add type summaries to recognise instances of Mime::Type, and recognise
arguments to Mime::Type.match? and Mime::Type.=~ as regular expression
interpretations.
 2022-07-29 11:41:48 +12:00
Harry Maclean
b7be25e18f Ruby: Make isInterpretedAsRegExp extensible 
This allows frameworks to add new instances where a node is interpreted
as a regular expression. We introduce a class
RegExpInterpretation::Range that represents these nodes. In the future
we may want to make this a full Concept, but it's not necessary at the
moment.
 2022-07-29 11:39:41 +12:00
Harry Maclean
c29eb814b2 Ruby: Reorganise ActionDispatch framework 
Put routing modelling inside a Routing module.
 2022-07-29 10:44:36 +12:00
Chris Smowton
e140d2ab4f Merge pull request #9824 from smowton/smowton/admin/wildcard-substitution-test 
Add test for Java wildcard substitution
 2022-07-28 17:07:41 +01:00
Chris Smowton
1737ed50ba Add test cases for wildcard lowering of array types 2022-07-28 15:52:00 +01:00
Chris Smowton
8cd2aeb65d Accept test changes 2022-07-28 15:52:00 +01:00
Chris Smowton
7475f84ea5 Fix type-parameter-out-of-scope test 2022-07-28 15:51:59 +01:00
Chris Smowton
e7f275382e Add test for Java wildcard substitution 2022-07-28 15:51:59 +01:00
Paolo Tranquilli
8a36a2b563 Merge pull request #9912 from github/redsun82/swift-human-readable-trap-prefixes 
Swift: make trap key prefixes readable
 2022-07-28 14:34:57 +02:00
Paolo Tranquilli
ddf715e6a9 Merge pull request #9911 from github/redsun82/swift-deduplicate-vardecls 
Swift: deduplicate `VarDecl`
 2022-07-28 14:31:59 +02:00
Paolo Tranquilli
d547a417c9 Swift: accept new test results 2022-07-28 12:57:12 +02:00
Paolo Tranquilli
cb006900cd Merge branch 'main' into redsun82/swift-deduplicate-vardecls 2022-07-28 12:55:31 +02:00
Paolo Tranquilli
7d7966e711 Swift: make trap key prefixes readable 
This replaces numeric tag-based prefixes with the actual tag name.
While this means in general slightly larger trap files, it aids
debugging them for a human.

In the future we can make this conditional on some kind of trap debug
option, but for the moment it does not seem detrimental.
 2022-07-28 12:43:30 +02:00
Paolo Tranquilli
b491884996 Merge pull request #9910 from github/redsun82/swift-no-cleanup-on-integration-tests 
Swift: add `--no-cleanup` to integration tests
 2022-07-28 12:41:53 +02:00
Paolo Tranquilli
76ea63ffbe Swift: deduplicate VarDecl 
Deduplication of `ConcreteVarDecl` is triggered only if its
`DeclContext` is not local. This avoids a mangled name conflict.

Also added more thourough tests for `ConcreteVarDecl` and `ParamDecl`.
 2022-07-28 12:28:52 +02:00
Paolo Tranquilli
ab1370cc8f Swift: add --no-cleanup to integration tests 2022-07-28 11:19:45 +02:00
Paolo Tranquilli
e43755b34f Merge pull request #9905 from github/redsun82/cfg-order 
Control Flow: extend ordering
 2022-07-28 10:25:49 +02:00
Paolo Tranquilli
9b26921cb6 Control flow: add order disambuigation customization 2022-07-28 09:11:42 +02:00
Paolo Tranquilli
ebf650c0c0 Control Flow: add more ordering for edges 2022-07-27 15:01:17 +02:00
Anders Schack-Mulligen
70e6db3ce1 Merge pull request #9902 from aschackmull/java/junit5-assertnotnull 
Java: Add support for JUnit5 assertions in the nullness queries.
 2022-07-27 13:52:01 +02:00
Chris Smowton
9e7fc1731f Merge pull request #9898 from smowton/smowton/fix/kotlin-super-calls 
Kotlin: implement super-method calls
 2022-07-27 11:31:36 +01:00
Tony Torralba
e179126abb Merge pull request #9129 from atorralba/atorralba/get-underlying-expr 
Java: Add Expr::getUnderlyingExpr predicate
 2022-07-27 11:42:28 +02:00
Anders Schack-Mulligen
cc423af8f1 Java: Add support for JUnit5 assertions in the nullness queries. 2022-07-27 10:20:47 +02:00
Anders Schack-Mulligen
f2670bcd61 Merge pull request #9900 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-07-27 09:14:28 +02:00
AlexDenisov
f9bdca3079 Merge pull request #9818 from github/redsun82/swift-file-label-caching 
Swift: cache file labels
 2022-07-27 09:12:20 +02:00
github-actions[bot]
30accecd8a Add changed framework coverage reports 2022-07-27 00:19:16 +00:00
Chris Smowton
5086841b46 Kotlin: implement super-method calls 
If we only look at the dispatch receiver, these show up like `this` references rather than `super` references, preventing flow through super-calls. The super-interface case requires properly noting that interface methods with a body get a `default` modifier in order to avoid QL discarding the method as a possible callee.
 2022-07-26 17:03:46 +01:00
Paolo Tranquilli
42f462504e Merge branch 'main' into redsun82/swift-file-label-caching 2022-07-26 15:20:27 +02:00
Tony Torralba
edc8f6f0f2 Merge pull request #9894 from atorralba/atorralba/scanner_models 
Java: Add CSV models for java.util.Scanner
 2022-07-26 12:00:08 +02:00
Tony Torralba
33f5620782 Add more models 2022-07-26 11:06:11 +02:00
Tony Torralba
c56e0f7c0d Add change note 2022-07-26 10:50:34 +02:00
Tony Torralba
95db81658b Add CSV models for java.util.Scanner 2022-07-26 10:42:24 +02:00
Andrew Eisenberg
43ae5d4285 Merge pull request #9838 from github/aeisenberg/python-local-ref-def 
Move python contextual queries to lib folders
 2022-07-25 09:00:32 -07:00
Chris Smowton
3f6925e7be Merge pull request #9875 from smowton/smowton/fix/charat-naming 
Kotlin: Special-case String.charAt naming
 2022-07-25 16:10:13 +01:00
Chris Smowton
715b0b3fb8 Accept test changes 2022-07-25 15:17:14 +01:00
Chris Smowton
3af2e71932 Merge pull request #9874 from smowton/smowton/fix/kotlin-for-loop-iterators 
Kotlin: fix for-loop iterators over primitive or wildcard types
 2022-07-25 15:02:49 +01:00
Jeroen Ketema
8cd0a9d245 Merge pull request #9735 from jketema/inline-yolo 
C++: Remove `pragma[noinline]` from `ResolveGlobalVariable.ql`
 2022-07-25 11:25:26 +02:00
Nick Rolfe
a61ec78f03 Merge pull request #9883 from github/nickrolfe/trap-buffering 
Ruby/QL: speed up trap writing by putting BufWriter in front of GzEncoder
 2022-07-25 08:48:54 +01:00
Paolo Tranquilli
fe73601a4e Merge pull request #9805 from github/redsun82/swift-type-repr-collapse 
Swift: collapse `TypeRepr` hierarchy
 2022-07-25 09:31:41 +02:00
Harry Maclean
681e58c8e0 Merge pull request #9850 from hmac/hmac/arel 
Ruby: Model Arel.sql
 2022-07-25 12:09:18 +12:00
Harry Maclean
cb3ebeedf9 Merge pull request #9696 from thiggy1342/experimental-strong-params 
RB: Experimental strong params query
 2022-07-25 12:08:55 +12:00
Harry Maclean
db41ce5f76 Merge pull request #9605 from thiggy1342/experimental-manually-check-request-verb 
RB: Experimental query to manually check request verb
 2022-07-25 12:08:11 +12:00
thiggy1342
6cfde70898 Merge branch 'main' into experimental-strong-params 2022-07-22 20:41:33 -04:00
thiggy1342
b4d762fb21 Merge branch 'main' into experimental-manually-check-request-verb 2022-07-22 20:41:23 -04:00
thiggy1342
0c0ba925a7 this one should have no tag 2022-07-22 18:44:03 +00:00
thiggy1342
f39ca1aad2 correct cwe tagged 2022-07-22 18:36:25 +00:00
Robert Marsh
0a35f97074 Merge pull request #9872 from jketema/return-join 
C++: Fix join-order problem in `cpp/return-stack-allocated-memory`
 2022-07-22 14:32:10 -04:00
thiggy1342
c2710fb038 Update ruby/ql/src/change-notes/2022-07-21-check-http-verb.md 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-07-22 13:52:00 -04:00