Tamás Vajk
7f5dcfaf0f
Merge pull request #9379 from tamasvajk/kotlin-android-specific-return-types
...
Kotlin: Change return type of Android specific `ConcurrentHashMap.keySet`
2022-05-31 14:00:36 +02:00
Porcupiney Hairs
e0f74a51ac
Include suggested changes from review.
2022-05-31 17:17:54 +05:30
Chris Smowton
d4f9c75315
Remove dead code
2022-05-31 11:14:36 +01:00
Chris Smowton
cea909f03e
Autoformat
2022-05-31 11:14:00 +01:00
CodeQL CI
9dd20f113d
Merge pull request #8603 from github/max-schaefer/better-amd-modelling
...
Approved by asgerf, erik-krogh
2022-05-31 03:10:32 -07:00
Chris Smowton
8b32eaf05c
Copyedits
2022-05-31 11:05:40 +01:00
Geoffrey White
ce3488b1b5
Update Swift readme
2022-05-31 10:56:28 +01:00
github-actions[bot]
ed2f3409bc
Post-release preparation for codeql-cli-2.9.3
2022-05-31 09:54:55 +00:00
Geoffrey White
de1fdd3bc9
Merge pull request #9382 from github/geoffw0-patch-2
...
Swift: Added Bazel install step.
2022-05-31 10:44:52 +01:00
Anders Schack-Mulligen
9212886767
Merge pull request #9286 from aschackmull/java/perf-customnullguard
...
Java: Improve customNullGuard performance.
2022-05-31 11:36:01 +02:00
Jeroen Ketema
ed9e798a81
Merge pull request #9362 from jketema/braced
...
C++: Introduce relation for tracking braced initializers
2022-05-31 11:29:10 +02:00
Geoffrey White
27968b60a5
Added Bazel install step.
2022-05-31 10:25:42 +01:00
Erik Krogh Kristensen
6cfd790cda
Merge pull request #9356 from erik-krogh/getRouting
...
JS: rewrite js/sensitive-get-query to use routing trees
2022-05-31 11:08:54 +02:00
Anders Schack-Mulligen
e36c59b285
ReDoS: Sync.
2022-05-31 11:04:42 +02:00
Anders Schack-Mulligen
e016feeb5c
ReDoS: Improve performance in ExponentialBackTracking.qll.
2022-05-31 11:04:03 +02:00
Jeroen Ketema
ce26124c01
Update cpp/ql/lib/change-notes/2022-05-30-braced-initializers.md
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-05-31 10:42:31 +02:00
Jeroen Ketema
e3046fb05b
C++: Fix typo in upgrade script
2022-05-31 10:37:46 +02:00
Tamas Vajk
90fdd7eaf9
Kotlin: Reuse codeQlWithHasQuestionMark
2022-05-31 08:47:25 +02:00
Erik Krogh Kristensen
95fae8155e
fix wrong comment
...
Co-authored-by: Asger F <asgerf@github.com >
2022-05-31 08:38:03 +02:00
Porcupiney Hairs
5c5e978d30
Remove local data flow query
2022-05-31 03:53:02 +05:30
Tamas Vajk
89ffefd45e
Kotlin: Change return type of Android specific ConcurrentHashMap.keySet
2022-05-30 23:45:38 +02:00
Jeroen Ketema
bb93179c45
Merge pull request #9279 from github/felicitymay-patch-1
...
Fix typo in recent docs update
2022-05-30 23:31:37 +02:00
Porcupiney Hairs
bd1ddc177e
Golang : Add query to detect JWT signing vulnerabilities
...
Supersedes github/codeql-go#705
2022-05-31 01:56:59 +05:30
Porcupiney Hairs
ae2cc378e5
Golang : Add Query To Detect PAM Authorization Bugs
2022-05-31 01:28:55 +05:30
Henry Mercer
a661a0cc7e
Merge pull request #9376 from github/henrymercer/internal-repo-preserve-invariant
...
Clean merge to preserve submodule invariant of internal repo
2022-05-30 20:28:43 +01:00
Henry Mercer
76375f8d73
Merge remote-tracking branch 'origin/main' into henrymercer/semmle-code-noop-merge
2022-05-30 20:14:22 +01:00
Erik Krogh Kristensen
6a6a63e1aa
Merge pull request #9354 from erik-krogh/jsStages
...
JS: collapse a few small stages
2022-05-30 20:31:54 +02:00
Henry Mercer
b1faba9880
Merge pull request #9359 from github/henrymercer/migrate-to-codeql-workspace
...
Migrate `.codeqlmanifest.json` to `codeql-workspace.yml`
2022-05-30 18:20:11 +01:00
Chris Smowton
1708719fdf
Merge pull request #9343 from smowton/smowton/fix/align-kotlin-java-generic-types
...
Kotlin: extract methods defined on collections types with their Java signatures
2022-05-30 17:52:58 +01:00
Mathias Vorreiter Pedersen
b88fe1b2b4
Swift: Add test case and accept changes.
2022-05-30 17:05:06 +01:00
Mathias Vorreiter Pedersen
eed42a4e14
Swift: Make a new scope for each KeyPath expression.
2022-05-30 17:05:06 +01:00
Mathias Vorreiter Pedersen
cd1800ec7e
Merge pull request #9371 from MathiasVP/extract-key-path-application
...
Swift: Extract KeyPath applications
2022-05-30 17:02:42 +01:00
Henry Mercer
99e6d2a925
Run relevant tests when codeql-workspace.yml is updated
2022-05-30 15:54:52 +01:00
Henry Mercer
ca764576be
Swift: Update mention of manifest file in docs
2022-05-30 15:54:52 +01:00
Andrew Eisenberg
e544a9b94b
Update codeql-workspace.yml
...
Co-authored-by: Henry Mercer <henrymercer@github.com >
2022-05-30 15:53:48 +01:00
Andrew Eisenberg
18c5474431
Add comment to codeql-workspace.yml
2022-05-30 15:53:48 +01:00
Andrew Eisenberg
c5dd8aa703
Convert .codeqlmanifest.json to codeql-workspace.yml
...
The semantics are the same, except one is json, the other is
yaml.
2022-05-30 15:53:48 +01:00
Mathias Vorreiter Pedersen
9175354bbd
Swift: Add test and accept changes.
2022-05-30 15:51:49 +01:00
Mathias Vorreiter Pedersen
52f0b0d8d8
Swift: Fix extraction of roots in 'KeyPathExpr'.
2022-05-30 15:46:54 +01:00
Mathias Vorreiter Pedersen
21527f66e1
Swift: Extract KeyPath applications and KeyPathDot expressions.
2022-05-30 15:46:18 +01:00
Jeroen Ketema
a833e77c30
C++: Update DB scheme stats
2022-05-30 16:26:26 +02:00
Jeroen Ketema
38be04461e
C++: Introduce relation for tracking braced initializers
2022-05-30 16:26:19 +02:00
Rasmus Wriedt Larsen
b6cc438390
Merge pull request #9368 from RasmusWL/test-model-api-graphs
...
Python: Port test model to API graphs
2022-05-30 15:45:13 +02:00
Mathias Vorreiter Pedersen
d8916568b6
Merge branch 'main' into fix-inconsistent-cfg
2022-05-30 14:07:10 +01:00
Mathias Vorreiter Pedersen
9b17493b3b
Merge branch 'main' into not-all-functions-throw
2022-05-30 14:03:29 +01:00
Asger F
c188aa87c7
Merge branch 'main' into js/madman-prep
2022-05-30 15:03:14 +02:00
Mathias Vorreiter Pedersen
7ca01443e8
Merge pull request #9342 from rdmarsh2/rdmarsh2/swift/dataflow-global-flow
...
Swift: initial interprocedural data flow implementation
2022-05-30 13:54:56 +01:00
Rasmus Wriedt Larsen
420dea0792
Python: Fix example TestCase
2022-05-30 14:48:06 +02:00
Rasmus Wriedt Larsen
08e64ea1b4
Python: Remove contrived test-case example
2022-05-30 14:45:34 +02:00
Rasmus Wriedt Larsen
4861a980be
Python: Fix cryptography modeling
...
The old code was my own suggestion, that I thought would just work, but
was also slightly skeptical about.
I tested out whether it works with the code below
```codeql
predicate foo(int input, string res) {
input = 1 and res = "that was one"
}
from int input, string res
where
input in [1, 2] and
if foo(input, res)
then any()
else res = "not one"
select input, res
```
which gave the 3 results
```
1 | that was one
1 | not one
2 | not one
```
only by rewriting the code to be the one below, did I get down to the 2
results I actually wanted. So I've done the same kind of rewrite in the
commit.
```codeql
predicate foo(int input, string res) {
input = 1 and res = "that was one"
}
from int input, string res
where
input in [1, 2] and
if foo(input, _)
then foo(input, res)
else res = "not one"
select input, res
```
2022-05-30 14:37:27 +02:00
