hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-27 05:13:00 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,812 Commits 1,689 Branches 159 Tags
codeql-cli/v2.10.3
Commit Graph

41812 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
77b8ceb976 Swift: Make sure property setters and getters also have ExprNodes. 2022-06-22 17:53:41 +01:00
Nick Rolfe
d91e8a6309 JS: create downgrades pack 2022-06-22 17:31:49 +01:00
AlexDenisov
19bc9cf301 Merge pull request #9666 from github/redsun82/swift-code-reorg 
Swift: reorganize code
 2022-06-22 18:28:08 +02:00
Paolo Tranquilli
cfde68023d Swift: fix includes jumbled by IDE 2022-06-22 18:17:40 +02:00
Paolo Tranquilli
22321aa124 Swift: reorganize code 
Visitor code has been split between header and sources to speed up
incremental build. Moreover the code was reorganized using a new `infra`
bazel package (and `visitors` got promoted to a bazel package as well).
 2022-06-22 18:11:58 +02:00
Paolo Tranquilli
7c958dfbb9 Merge pull request #9639 from github/redsun82/swift-extraction 
Swift: some expression extractions
 2022-06-22 17:19:20 +02:00
Paolo Tranquilli
e25f22da26 Merge main into redsun82/swift-extraction 2022-06-22 16:54:52 +02:00
Chris Smowton
46e6203493 Merge pull request #9626 from smowton/smowton/fix/dont-emit-synthetic-parameter-names 
Kotlin: don't emit synthetic parameter names
 2022-06-22 15:30:54 +01:00
Paolo Tranquilli
1fc2bc4938 Swift: really fix tests 2022-06-22 16:15:02 +02:00
Jeroen Ketema
f9e09da604 Merge pull request #9643 from jketema/namespace-variable-test 
C++: Add variable in namespace test
 2022-06-22 15:58:26 +02:00
Mathias Vorreiter Pedersen
43bfa2af55 Merge pull request #9635 from MathiasVP/swift-add-remote-flow-sources 
Swift: Add `RemoteFlowSource`
 2022-06-22 14:41:19 +01:00
Mathias Vorreiter Pedersen
a293fd1f3e Merge pull request #9638 from geoffw0/stringlengthconflation 
Swift: String length conflation tests (for CVE-2022-23625)
 2022-06-22 14:39:34 +01:00
Chris Smowton
00b4070866 Merge pull request #9659 from smowton/smowton/admin/invert-java-log-injection-query 
Java: Report log-injection at the source rather than the sink
 2022-06-22 14:27:50 +01:00
Mathias Vorreiter Pedersen
07c4308a32 Merge branch 'main' into swift-add-remote-flow-sources 2022-06-22 14:27:44 +01:00
Robert Marsh
d13d4c6cd1 Merge pull request #9623 from MathiasVP/swift-interpretElement0 
Swift: Interpret MaD strings
 2022-06-22 09:27:13 -04:00
Geoffrey White
e07df0d0c8 Swift: make setters private in test. 2022-06-22 14:13:30 +01:00
Mathias Vorreiter Pedersen
1febe87356 Merge pull request #9644 from jketema/class-entry-fix 
C++: Ensure we can round trip between (forward) class declarations
 2022-06-22 14:12:11 +01:00
Chris Smowton
44cf260762 Merge pull request #9571 from smowton/smowton/fix/array-variance-lowering 
Kotlin: Implement array type variance lowering
 2022-06-22 13:38:21 +01:00
Chris Smowton
1f9f6d7c33 Java: Report log-injection at the source rather than the sink 
This should remove the problem of excessive grouping of different alerts that share a sink location, often due to wrapper functions that form the ultimate sink of all logging calls in a given codebase.
 2022-06-22 13:05:20 +01:00
Tony Torralba
cc354caa1f Merge pull request #9319 from atorralba/atorralba/add-editable-valueof-step 
Kotlin: Add taint step for String.valueOf(Editable)
 2022-06-22 13:50:30 +02:00
Geoffrey White
f9e1e630f7 Swift: more accurate NSObject / NSString hierarchy in test. 2022-06-22 12:36:40 +01:00
Tamás Vajk
c0e115700d Merge pull request #9647 from tamasvajk/kotlin-when-branch-encl-stmt 
Kotlin: Fix enclosing statement of `when` branches
 2022-06-22 13:18:56 +02:00
Michael Nebel
8899bf7f05 C#: Update tests. 2022-06-22 13:03:23 +02:00
Michael Nebel
0ef97b41c8 C#: Update .NET Runtime models and add sources and sinks. 2022-06-22 13:03:10 +02:00
Jeroen Ketema
b1dd8da587 C++: Fix query formatting 2022-06-22 12:59:49 +02:00
Ian Lynagh
c7a6b1e9a7 Merge pull request #9640 from igfoo/igfoo/vis 
Kotlin/Java: Add the beginnings of a "visibility" consistency query
 2022-06-22 11:34:15 +01:00
Paolo Tranquilli
3ed783df7f Swift: fix tests 2022-06-22 12:14:47 +02:00
Paolo Tranquilli
aea4910be4 Merge pull request #9620 from github/redsun82/swift-codespace 
Swift: add devcontainer setup
 2022-06-22 11:52:08 +02:00
Rasmus Wriedt Larsen
876ba71d9b Python/JS/Ruby: Add change-note 2022-06-22 11:14:05 +02:00
Paolo Tranquilli
ee5c30ebda Merge main into redsun82/swift-extraction 2022-06-22 11:11:20 +02:00
Paolo Tranquilli
e0784e0680 Swift: fix update-codeql 
Also require sudo at the start of the script if updating.
 2022-06-22 11:05:30 +02:00
Rasmus Wriedt Larsen
2ce4b7b9fc SensitiveDataHeuristics: sync 2022-06-22 11:05:14 +02:00
Rasmus Wriedt Larsen
4be375521f Python: Handle _ in sensitive-data-sources 2022-06-22 11:05:14 +02:00
Rasmus Wriedt Larsen
4a844312f4 Python: _ in var name not handled by sensitive-data-sources 2022-06-22 11:05:14 +02:00
Rasmus Wriedt Larsen
5dc2bb717a Python: ignore common words (certain/concert) as sensitive source 2022-06-22 11:05:05 +02:00
Paolo Tranquilli
4377fb0552 Swift: auto-install codeql on codespace 2022-06-22 10:51:30 +02:00
Anders Schack-Mulligen
df6d68b215 Merge pull request #9618 from aschackmull/dataflow/deprecate-barrierguard-class 
Dataflow: Deprecate BarrierGuard class
 2022-06-22 10:44:08 +02:00
Michael Nebel
24ba5cc06e Merge pull request #9025 from michaelnebel/csharp/generatedrefactor 
C#: Provenance column in Models as Data CSV format.
 2022-06-22 10:34:31 +02:00
Rasmus Wriedt Larsen
abdcfd55c3 Python: uncertainty is treated as a certificate :O 2022-06-22 10:16:28 +02:00
Paolo Tranquilli
400d7afc94 Swift: tweaks to codespace setup 2022-06-22 09:59:12 +02:00
Tamas Vajk
a50e062b3c Kotlin: Fix enclosing statement of when branches 2022-06-22 09:10:27 +02:00
Tamas Vajk
640026d387 Kotlin: add enclosing statement test 2022-06-22 09:09:57 +02:00
Jeroen Ketema
4a78c9b06d C++: Add change note 2022-06-22 08:11:24 +02:00
Jeroen Ketema
880c785efe C++: Ensure we can round trip between (forward) class declarations 
This was already possible when the forward class declaration and the class
definition occurred in the same scope. However, there is a common C++ usage
pattern in which this is not the case (when only a pointer to the class is
needed). In this latter scenario we could not round trip between the (forward)
`DeclarationEntry` and the `Declaration`.

Effectively this changes the code to:
```
if exists(TypeDeclarationEntry e | e.getType() = this)
then result.getType() = this
else ...
```
We use `type_decls` instead to stay close to the original code.
 2022-06-22 07:58:45 +02:00
Jeroen Ketema
0f37e4e7b2 C++: Add variable in namespace test 2022-06-22 07:56:27 +02:00
Jeroen Ketema
a8833a0c70 C++: Test showing going from a forward class declaration to a class but not back 2022-06-22 07:53:50 +02:00
Jeroen Ketema
40e0356177 C++: Test that we can go from a DeclarationEntry to a Declaration and back 2022-06-22 07:53:50 +02:00
Michael Nebel
2b892bc000 Merge pull request #9553 from michaelnebel/csharp/narrowtelemetry 
C#/Java: Only display 1k most relevant results for ExternalApi telemetry queries.
 2022-06-22 07:35:56 +02:00
thiggy1342
995f365568 just check string literal 2022-06-22 02:17:01 +00:00
thiggy1342
c767f241ad narrow query scope 2022-06-22 02:12:23 +00:00