hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-28 05:42:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,685 Branches 159 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Adam Thigpen
a37443106b reduce false positives with some sanitizers 2022-05-28 15:14:42 -04:00
Adam Thigpen
2bf160c008 initial draft of decompression-api query 2022-05-28 15:14:32 -04:00
Chris Smowton
6ea87cd718 Accept test changes 2022-05-27 22:05:57 +01:00
Mathias Vorreiter Pedersen
7c25063f7f Merge branch 'main' into swift-decls-in-cfg 2022-05-27 17:56:58 +01:00
Mathias Vorreiter Pedersen
c734646099 Swift: Accept test changes. 2022-05-27 17:42:51 +01:00
Mathias Vorreiter Pedersen
6d5504412a Swift: Only create a 'ThrowCompletion' for functions that actually can throw. 2022-05-27 17:42:51 +01:00
Henry Mercer
013b4c8768 Swift: Update mention of manifest file in docs 2022-05-27 17:31:47 +01:00
Andrew Eisenberg
ce2bf8477c Update codeql-workspace.yml 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2022-05-27 17:31:47 +01:00
Andrew Eisenberg
a82fea59e9 Add comment to codeql-workspace.yml 2022-05-27 17:31:47 +01:00
Andrew Eisenberg
7ab3a418be Convert .codeqlmanifest.json to codeql-workspace.yml 
The semantics are the same, except one is json, the other is
yaml.
 2022-05-27 17:31:47 +01:00
Mathias Vorreiter Pedersen
b9809b4219 Swift: CFG for opening existentials. 2022-05-27 17:29:22 +01:00
Mathias Vorreiter Pedersen
02c73d3c1c Swift: Fix implicit-this alert. 2022-05-27 17:25:56 +01:00
Chris Smowton
9ea139566d Disambiguate the names and trap labels of backing fields of extension properties 2022-05-27 16:27:48 +01:00
Chris Smowton
6eb2935469 Merge pull request #9220 from smowton/smowton/fix/promoted-companion-object-fields 
Associate certain companion object fields with the parent class
 2022-05-27 16:19:10 +01:00
Erik Krogh Kristensen
62fd3fd90f add test that we detect the used type variable in an infer type 2022-05-27 14:15:27 +00:00
Asger F
7e76e9a23b Merge branch 'main' into js/type-confusion-parmaeter-tampering-barrier 2022-05-27 15:55:42 +02:00
Asger F
468a4df215 Update javascript/ql/lib/semmle/javascript/security/dataflow/TypeConfusionThroughParameterTamperingQuery.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-05-27 15:55:25 +02:00
Chris Smowton
9c62b349ec Autoformat 2022-05-27 13:36:55 +01:00
Erik Krogh Kristensen
8c12a7289f collapse a few small stages 2022-05-27 13:19:06 +02:00
Mathias Vorreiter Pedersen
2dcd7e16b1 Merge pull request #9353 from MathiasVP/swift-extract-throwing-and-async 
Swift: Extract `isThrowing` and `isAsync`
 2022-05-27 12:14:02 +01:00
Chris Smowton
a204c742d8 Associate certain companion object fields with the parent class 
Specifically `const`, `lateinit` and `@JvmField` properties get a static field which belongs to the containing class not the companion object, such that Java can address them via the containing class name rather than have to navigate a companion object pointer.
 2022-05-27 11:52:39 +01:00
Chris Smowton
a0d5d414b4 Kotlin: extract methods defined on collections types with their Java signatures 
Collection, List and Map all define various methods which are either made more generic in Kotlin (e.g. `remove(Object) -> remove(E)`, `containsAll(Collection<?>) -> containsAll(Collection<E>)`), or are made invariant (e.g. `addAll(Collection<? extends E>) -> addAll(Collection<E>)`). This substitutes the types back to their Java signatures,
thereby avoiding differing trap labels and duplicated methods for these types and their descendents.
 2022-05-27 11:51:46 +01:00
Mathias Vorreiter Pedersen
6815e731d2 Swift: Add test and accept output 2022-05-27 11:48:20 +01:00
Mathias Vorreiter Pedersen
45bbd24355 Swift: Extract whether a function type is throwing or async. 2022-05-27 11:48:01 +01:00
Alex Ford
5d4473bb2a Merge pull request #8845 from alexrford/ruby/rbi-lib 
Ruby: Add partial support for working with RBI (Ruby Interface) files
 2022-05-27 11:43:44 +01:00
Henry Mercer
da02bcc4c6 Merge pull request #9352 from github/revert-9314-aeisenberg/manifest 
Revert "Convert `.codeqlmanifest.json` file to `codeql-workspace.yml`"
 2022-05-27 11:40:25 +01:00
Tom Bolton
5830db786e Merge pull request #9285 from github/codeql-ci/js-atm-new-release 
JS: Bump version numbers of ML-powered packs after 0.3.0 release
 2022-05-27 11:39:45 +01:00
Henry Mercer
4091ba758d Revert "Convert .codeqlmanifest.json file to codeql-workspace.yml" 2022-05-27 11:29:48 +01:00
Alex Ford
919555d168 Merge pull request #9341 from alexrford/ruby/activerecordinstance-public 
Ruby: Make `ActiveRecordInstance` public and fix some misidentifications
 2022-05-27 11:21:58 +01:00
Chris Smowton
55513e0dbb Merge pull request #9350 from smowton/smowton/admin/mention-gradle-daemon 
Docs: Note that Gradle builds should use `--no-daemon`
 2022-05-27 10:37:33 +01:00
Rasmus Wriedt Larsen
5924e88a86 Python: Support read on Django file 2022-05-27 11:18:26 +02:00
Mathias Vorreiter Pedersen
a63378308d Merge pull request #9340 from geoffw0/nocheckbeforeunsafeputuser 
C++: Improve cpp/linux-kernel-no-check-before-unsafe-put-user
 2022-05-27 10:17:46 +01:00
Chris Smowton
0925cf5c22 Docs: Note that Gradle builds should use --no-daemon 2022-05-27 10:06:35 +01:00
Mathias Vorreiter Pedersen
7d36bc1c73 Swift: Fix CFG for 'foreach' statements. 2022-05-27 10:01:12 +01:00
Mathias Vorreiter Pedersen
73c189957d Swift: Fix CFG inconsistencies with StmtConditions. 2022-05-27 09:58:36 +01:00
Arthur Baars
e3ef258b0e Merge pull request #9287 from aibaars/instance-variable-flow-2 
Ruby: flow through getters/setters
 2022-05-27 10:49:20 +02:00
Mathias Vorreiter Pedersen
4383aef1d2 Merge pull request #9328 from MathiasVP/swift-to-string 
Swift: Improve `toString` implementations for Ast classes
 2022-05-27 09:34:34 +01:00
Mathias Vorreiter Pedersen
795c0110e5 Swift: Accept more test changes. 2022-05-27 09:17:52 +01:00
Erik Krogh Kristensen
fef87db739 use syntactically correct JS in poly-redos example 2022-05-27 10:08:30 +02:00
Mathias Vorreiter Pedersen
52a10c826a Merge branch 'main' into swift-to-string 2022-05-27 09:06:36 +01:00
jorgectf
e577a0e836 Update .expected tests 2022-05-27 00:13:40 +02:00
${sleep,7}
76c27c685f Merge branch 'main' into jty/python/emailInjection 2022-05-26 16:27:57 -04:00
Andrew Eisenberg
57b9e6ee40 Merge pull request #9314 from github/aeisenberg/manifest 
Convert `.codeqlmanifest.json` file to `codeql-workspace.yml`
 2022-05-26 11:39:45 -07:00
Chris Smowton
f7d9238cda Merge pull request #9331 from smowton/smowton/fix/kotlin-jar-file-entry-mtimes 
Kotlin: use the same mtimes as Java
 2022-05-26 19:37:16 +01:00
Robert Marsh
32e4c496f6 Swift: Dataflow through Phi nodes 2022-05-26 17:55:25 +00:00
Alex Ford
30f24697b4 Ruby: add missing qldoc 2022-05-26 18:50:57 +01:00
Robert Marsh
507fdef028 Swift: add more data flow tests 2022-05-26 17:33:12 +00:00
Andrew Eisenberg
b456334472 Update codeql-workspace.yml 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2022-05-26 10:21:55 -07:00
Andrew Eisenberg
5a1663efd3 Add comment to codeql-workspace.yml 2022-05-26 10:06:24 -07:00
Andrew Eisenberg
434259b296 Convert .codeqlmanifest.json to codeql-workspace.yml 
The semantics are the same, except one is json, the other is
yaml.
 2022-05-26 10:03:55 -07:00