hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-04 01:01:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,524 Commits 1,689 Branches 159 Tags
codeql-cli/v2.10.5
Commit Graph

42524 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
27d5349a74 Python: ORM: Remove imports from test code 
These are no longer needed, as data-flow now has this import by default
 2022-03-01 15:39:52 +01:00
Rasmus Wriedt Larsen
a1c7ec8c6d Python: Accept .exepcted changes from importing frameworks from data-flow 
Since `python.qll` has `private import
semmle.python.dataflow.new.DataFlow`, that means that all tests now
implicitly imports the frameworks modeling, and therefore any python
class is part of the DjangoViewClassHelper ql class.

de8ecb214f/python/ql/lib/python.qll (L44)
 2022-03-01 15:37:16 +01:00
Rasmus Lerchedahl Petersen
f55d7d627e python: model XPathEvaluator 2022-03-01 14:40:13 +01:00
Rasmus Lerchedahl Petersen
3bb17be389 python: add concept and library tests 2022-03-01 14:39:28 +01:00
ihsinme
a6654fce4a Update ImproperCheckReturnValueScanf.ql 2022-03-01 16:37:29 +03:00
ihsinme
e9fefab9b1 Update test.cpp 2022-03-01 16:36:24 +03:00
ihsinme
bfec3c5e6e Update ImproperCheckReturnValueScanf.expected 2022-03-01 16:35:31 +03:00
Tom Hvitved
92fa0071bd Update python/ql/lib/semmle/python/pointsto/MRO.qll 
Co-authored-by: Taus <tausbn@github.com>
 2022-03-01 14:16:49 +01:00
Asger Feldthaus
df379809df Ruby: support CSV rows of form ;any;Method[foo] 2022-03-01 14:08:21 +01:00
Asger Feldthaus
05ea33033b Ruby: add test for API::EntryPoint 2022-03-01 14:08:21 +01:00
Asger Feldthaus
bf83400bd2 Ruby: port API::EntryPoint from JS 2022-03-01 14:08:21 +01:00
Asger Feldthaus
e10e3b9466 Ruby: convert ActiveStorage::Filename model to MaD 2022-03-01 14:08:21 +01:00
Asger Feldthaus
e6a3747656 Ruby: add test for ActiveStorage.Filename.new 2022-03-01 14:08:21 +01:00
Asger Feldthaus
70c083fa64 Ruby: convert Regexp.escape model to MaD 2022-03-01 14:08:21 +01:00
Asger Feldthaus
cbd044a768 Ruby: add a code injection test for flwo through Regexp.escape 2022-03-01 14:08:21 +01:00
Asger Feldthaus
63e7c16d6b Ruby: add test with sinks and type-defs 2022-03-01 14:08:20 +01:00
Asger Feldthaus
388949f12e Ruby: support WithBlock and WithoutBlock 2022-03-01 14:08:20 +01:00
Asger Feldthaus
d6bc9c259e Ruby: add simple test case 2022-03-01 14:08:20 +01:00
Asger Feldthaus
d808bdc028 JS: Sync ApiGraphModels.qll 2022-03-01 14:08:20 +01:00
Asger Feldthaus
a33e89279d Ruby: instantiate ApiGraphModels library in Ruby 2022-03-01 14:08:20 +01:00
Arthur Baars
ea8187c771 Ruby: .github/workflows/ruby-qltest.yml: turn off fail-fast 2022-03-01 13:30:56 +01:00
Arthur Baars
b2745d44f2 Ruby: update ReDoS.expected 2022-03-01 13:30:56 +01:00
Arthur Baars
61fa3ba314 Add change note 2022-03-01 13:30:56 +01:00
Arthur Baars
a51f17e0ed Ruby: introduce RegExpPatternSource 2022-03-01 13:30:51 +01:00
Arthur Baars
1240c11c4b Ruby: parse some string literals as regex 
In addition to regex literals, also parse normal string literals
as regular expressions if they somehow "flow" into a method call
that is known to interpret string values as regular expressions.
 2022-03-01 13:26:51 +01:00
Geoffrey White
5402b02fd7 Merge branch 'main' into cwe497 2022-03-01 11:58:24 +00:00
Mathias Vorreiter Pedersen
52dbf2c787 C#/C++: Sync identical files. 2022-03-01 11:50:50 +00:00
Mathias Vorreiter Pedersen
b6faa207a4 C++: Remove redundant cast. 2022-03-01 11:50:44 +00:00
Mathias Vorreiter Pedersen
93bd380838 C#/C++: Sync identical files. 2022-03-01 11:37:19 +00:00
Mathias Vorreiter Pedersen
6b324fb781 C++: Filter out InheritanceConversionInstructions with multiple base or derived classes when doing global value numbering. 2022-03-01 11:34:41 +00:00
Rasmus Wriedt Larsen
cd58c12bbe Merge branch 'main' into orm 2022-03-01 12:01:54 +01:00
Michael Nebel
8312fc6895 C#: Use groups and rename to trap.compression instead. Various changes to description to align with Ruby. 2022-03-01 12:01:44 +01:00
Tamás Vajk
94cb5c2be4 Merge pull request #8296 from github/post-release-prep/codeql-cli-2.8.2 
Post-release preparation for codeql-cli-2.8.2
 2022-03-01 11:57:36 +01:00
Rasmus Wriedt Larsen
98c60a706e Python: Autoformat 
Oops
 2022-03-01 11:54:09 +01:00
Tamás Vajk
30c80622ed Merge pull request #699 from github/post-release-prep/codeql-cli-2.8.2 
Post-release preparation for codeql-cli-2.8.2
 2022-03-01 11:44:45 +01:00
Rasmus Wriedt Larsen
e32f8d98b0 Python: Always import ORM steps for data-flow 
For C#, see
fdd787b89c/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll (L16)

that import EntityFramework, which is ORM library.
 2022-03-01 11:32:36 +01:00
Rasmus Wriedt Larsen
eece2222ba Merge pull request #8252 from github/RasmusWL/debugging-dataflow-improvements 
Docs: Mention `hasPartialFlowRev` and performance problem
 2022-03-01 11:27:57 +01:00
Erik Krogh Kristensen
dfc74d728b fix duplicate words in qldoc 2022-03-01 11:22:58 +01:00
Erik Krogh Kristensen
1b5c7392f0 restrict the size of the getASubexpressionWithinQuery predicate, and remove double-recursion 2022-03-01 11:18:42 +01:00
Erik Krogh Kristensen
bdd07de7ed improve performance of getTestFile by finding possible test files first 2022-03-01 11:18:22 +01:00
Erik Krogh Kristensen
51482e4fcf Merge pull request #8295 from erik-krogh/ts46 
JS: Add support for TypeScript 4.6
 2022-03-01 11:09:02 +01:00
Michael Nebel
7522a2d248 Merge pull request #7832 from aschackmull/java/modelgen 
Java: Simplify model generator query using flow state.
 2022-03-01 10:57:07 +01:00
Rasmus Lerchedahl Petersen
ce3ee65f47 python: remove getTree for now 2022-03-01 10:49:21 +01:00
Rasmus Wriedt Larsen
f3f2c3183e Docs: Apply suggestions from code review 
Co-authored-by: James Fletcher <42464962+jf205@users.noreply.github.com>
 2022-03-01 10:45:24 +01:00
Mathias Vorreiter Pedersen
1f01d8014e Merge pull request #8225 from jketema/ir-structured-bindings-translation 
C++: Update the IR translation for structured bindings
 2022-03-01 09:43:35 +00:00
yoff
853857bd7e Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-03-01 10:26:29 +01:00
ihsinme
be11e4fc2d Apply suggestions from code review 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-03-01 12:25:57 +03:00
github-actions[bot]
980f822983 Post-release preparation for codeql-cli-2.8.2 2022-03-01 09:24:30 +00:00
Arthur Baars
7e6ef7ac74 Ruby: ApiGraphs: use private imports 2022-03-01 10:24:19 +01:00
github-actions[bot]
dd3fc2d477 Post-release preparation for codeql-cli-2.8.2 2022-03-01 09:24:17 +00:00