hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-25 04:12:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,078 Commits 1,686 Branches 158 Tags
codeql-cli/v2.11.6
Commit Graph

47078 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paolo Tranquilli
38d65d3fae Swift: make ConstructorDecl's name include params 
In order to distinguish overloads of the constructor and for consistency
with other function calls, `ConstructorDecl` string representation uses
the name which includes parentheses and parameter labels.

For consistency also the destructor got the same change, which means
all `DestructorDecl`s will now show as `deinit()` rather than `deinit`.
 2022-08-30 11:11:50 +02:00
Paolo Tranquilli
75a7bcd3b1 Swift: add missing qlgen.py docstring 2022-08-30 11:03:23 +02:00
Mathias Vorreiter Pedersen
f5471e4e1a Merge pull request #10211 from github/redsun82/swift-generate-printast-first-step 
Swift: generate indexed parent/child relationship
 2022-08-30 09:55:05 +01:00
Erik Krogh Kristensen
2aec53b7fb Merge pull request #10215 from erik-krogh/wayToLargeRangeAgainstRC 
put a limit on the length of the equivalent range
 2022-08-30 10:37:07 +02:00
Paolo Tranquilli
9102cb5d0d Swift: make some ParentChild predicates private 2022-08-30 10:35:08 +02:00
Erik Krogh Kristensen
8f0b999c31 Merge pull request #10207 from erik-krogh/fixRank 
fix performance issue in the ReDoS query
 2022-08-30 10:17:11 +02:00
Paolo Tranquilli
beb0472811 Swift: fix ParentChild generation 
There was an issue in case multiple inheritance from classes with
children was involved, where indexes would overlap.

The generated code structure has been reshuffled a bit, with
`Impl::getImmediateChildOf<Class>` predicates giving 0-based children
for a given class, including those coming from bases, and the final
`Impl::getImmediateChild` disjuncting the above on final classes only.

This removes the need of `getMaximumChildrenIndex<Class>`, and also
removes the code scanning alerts.

Also, comments were fixed addressing the review.
 2022-08-30 10:15:11 +02:00
Erik Krogh Kristensen
25ee5545e6 Merge pull request #9751 from erik-krogh/dynCall 
JS: add call-edge for dynamic dispatch to unknown property from an object literal
 2022-08-30 10:07:08 +02:00
erik-krogh
e2caf3e8c0 put a limit on the length of the equivalent range 2022-08-30 09:29:22 +02:00
Erik Krogh Kristensen
c2679d8632 Merge pull request #10213 from erik-krogh/wayToLargeRange 
put a limit on the length of the equivalent range in overly-large-range
 2022-08-30 09:28:16 +02:00
erik-krogh
9963def300 update expected output of test that was failing on main. semantic merge conflict between #10202 and #10184 2022-08-30 09:15:36 +02:00
Anders Schack-Mulligen
4a2209752e Merge pull request #10214 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-08-30 09:13:30 +02:00
github-actions[bot]
f2e37d25b3 Add changed framework coverage reports 2022-08-30 00:21:28 +00:00
Andrew Eisenberg
e14b803125 Add paragraph about lock files in library packs with tests 2022-08-29 14:08:12 -07:00
Andrew Eisenberg
f737e07e2b Apply suggestions from code review 
Co-authored-by: Dave Bartolomeo <dbartol@github.com>
 2022-08-29 14:00:46 -07:00
Andrew Eisenberg
6ff006ce67 Add sentence about not needing to upgrade on CLI >= v2.3.4 2022-08-29 13:56:07 -07:00
Aditya Sharad
f175c60069 Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-08-29 12:26:35 -07:00
erik-krogh
f47b097d7c put a limit on the length of the equivalent range 2022-08-29 21:03:52 +02:00
Paolo Tranquilli
3f4a330658 Swift: make ParentChild::Impl module private 2022-08-29 17:35:16 +02:00
Paolo Tranquilli
f14f9375e0 Merge pull request #10210 from github/redsun82/swift-fix-double-parent 
Swift: fix double parent
 2022-08-29 17:27:57 +02:00
Paolo Tranquilli
20e94b8a38 Swift: add more tests for the generated parent-child relationship 2022-08-29 17:10:46 +02:00
Paolo Tranquilli
105c0d0dce Swift: update after generated parent-child changes 2022-08-29 17:10:46 +02:00
Paolo Tranquilli
b5aad04f65 Swift: add indexes to generated parent-child library 2022-08-29 17:10:46 +02:00
Paolo Tranquilli
7b50c958f7 Swift: fix Cfg.expected 2022-08-29 17:09:42 +02:00
erik-krogh
52b9ff81c5 Merge branch 'main' into dynCall 2022-08-29 15:30:01 +02:00
Erik Krogh Kristensen
27bc69883c Merge pull request #10184 from erik-krogh/ts48 
JavaScript: Update to TypeScript 4.8
 2022-08-29 15:03:32 +02:00
Anders Schack-Mulligen
e26a7fc4f3 Merge pull request #10173 from zbazztian/spring-crudrepository 
Java: Add data flow model for Spring's CrudRepository.save() method
 2022-08-29 15:00:07 +02:00
Paolo Tranquilli
4e453b1ac5 Swift: accept test changes 2022-08-29 14:57:03 +02:00
Paolo Tranquilli
0aecbc2a01 Swift: reorganize some children in schema.yml 2022-08-29 14:52:14 +02:00
Michael Nebel
e8d726606b C#/Java: Add descriptive comment on negative summaries in ExternalFlow. 2022-08-29 14:29:32 +02:00
Michael Nebel
91abf79404 Java: Update negative summaries where static initializers has been excluded. 2022-08-29 14:29:32 +02:00
Michael Nebel
2b1423dd74 Java: Exclude static initializers from model generation. 2022-08-29 14:29:32 +02:00
Michael Nebel
37aa6b2c5f C#: Add file level QL Doc. 2022-08-29 14:29:32 +02:00
Michael Nebel
dbfd16647b Java: Add negative model CSV validation test. 2022-08-29 14:29:32 +02:00
Michael Nebel
290c35e7c6 Java: Use negative summary models in unsupported external api telemetry query. 2022-08-29 14:28:55 +02:00
Michael Nebel
23e0ee66e0 Java: Add negative models for commons-io. 2022-08-29 14:28:55 +02:00
Michael Nebel
beb85c20f2 Java: Update commons-io generated positive models based on main. 2022-08-29 14:28:55 +02:00
erik-krogh
196dfd9385 update expected output of the misspelling test 2022-08-29 14:26:59 +02:00
Asger F
d6ee54eb09 Merge pull request #10202 from asgerf/js/typescript-conditional-types 
JS: Enable type extraction inside conditional types again
 2022-08-29 14:26:06 +02:00
erik-krogh
8d162fac52 add query detecting consistent casing of names 2022-08-29 14:16:41 +02:00
Anders Schack-Mulligen
bd6acc0d75 Java: Refactor upcastCand, and track type flow for upcasts to unbound generics. 2022-08-29 13:57:39 +02:00
Anders Schack-Mulligen
fc415b32c2 Java: Bugfix in TypeFlow. 2022-08-29 13:50:13 +02:00
Anders Schack-Mulligen
e89b42fc11 Java: Allow dispatch to methods on abstract classes without subtypes. 2022-08-29 13:48:55 +02:00
erik-krogh
77949cbeb3 add context to the rankState predicate in ExponentialBackTracking.qll 2022-08-29 13:42:05 +02:00
Anders Schack-Mulligen
6e7dcfcc6e Merge pull request #10097 from aschackmull/java/unification 
Java: Improve virtual dispatch via better unification check and deduplicate code with parameterised module
 2022-08-29 13:28:04 +02:00
erik-krogh
b1e53280a6 fix that the wrong line got deleted 2022-08-29 13:26:02 +02:00
Erik Krogh Kristensen
bd5fd7d963 fix typo in change-note 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-08-29 13:25:54 +02:00
erik-krogh
56292cad26 don't modify the TypeScript nodes, instead forward illegalDecorators to the java extractor 2022-08-29 13:22:04 +02:00
erik-krogh
d0814aa37c Go: add change-note for go 2022-08-29 13:10:23 +02:00
erik-krogh
33ba01927f Go: add CWE tag and @security-severity tag to go/insecure-hostkeycallback 2022-08-29 13:10:23 +02:00