hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-23 19:32:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,686 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
556e93ae68 Merge pull request #10384 from RasmusWL/callnode-getargbyname 
Python: Allow `CallNode.getArgByName` for keyword args after `**kwargs`
 2022-09-19 15:05:59 +02:00
yoff
f7cbcb2fef Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-09-19 14:52:18 +02:00
Rasmus Lerchedahl Petersen
6377e6c575 Python: move summary to Stdlib.qll 2022-09-19 14:36:36 +02:00
Rasmus Lerchedahl Petersen
f560719a88 Python: expand comment on flow summaries 2022-09-19 14:30:53 +02:00
Tom Hvitved
bb08e6f0fd Ruby: Three call graph fixes for singleton methods 2022-09-19 14:20:12 +02:00
Tom Hvitved
d13332cff1 Ruby: Add more call graph tests 2022-09-19 14:19:25 +02:00
Rasmus Lerchedahl Petersen
da39c14e46 Python: comment out SummarizedCallableFromModel 2022-09-19 14:06:21 +02:00
Rasmus Lerchedahl Petersen
37fb27fa1c Python: change type of LibraryCallable::getACall 
The other callables return control flow nodes,
so it is slightly inconsistent for this to return a
data flow node, but it does make models based
on API graphs nicer.
 2022-09-19 14:02:52 +02:00
Tamas Vajk
9a6b17df0e Kotlin: Add async-await dataflow test case 2022-09-19 13:38:48 +02:00
Tamas Vajk
85d883c647 Kotlin: add test to show suspend function inconsistency between source and bytecode extraction 2022-09-19 13:38:43 +02:00
erik-krogh
58851aefd6 don't mention classes that don't exist in TaintTracking.qll 2022-09-19 13:37:06 +02:00
Tamas Vajk
a6e44ed1cf Kotlin: extract suspend modifier and handle suspend SAM conversions 2022-09-19 13:36:28 +02:00
Tamas Vajk
3e58605e8e Kotlin: Add tests with suspend functions 2022-09-19 13:28:20 +02:00
erik-krogh
fb5a04a71d filter out "file read after existence check" from js/file-system-race 2022-09-19 13:26:10 +02:00
Tamas Vajk
aae8f393fe Kotlin: Adjust test to reduce overhead of listing modifiers of lambdas 2022-09-19 13:22:00 +02:00
erik-krogh
ccae0933c7 try to parse JS files without using the supported extensions 2022-09-19 12:20:20 +02:00
erik-krogh
a16233aa7d add failing parse test 2022-09-19 12:16:45 +02:00
Michael Nebel
d0c6837a79 C#: Do not recognize 'run' as supported dotnet command for tracing. 2022-09-19 11:37:46 +02:00
Erik Krogh Kristensen
a4cd913aea Merge pull request #10312 from erik-krogh/fix-caseDiff 
ensure consistent casing of names
 2022-09-19 10:43:12 +02:00
Alex Denisov
3c12644ab1 Swift: add a guard around hashing to aboid use-after-destructor 2022-09-19 10:37:26 +02:00
CodeQL CI
b48808778f Merge pull request #10264 from yoff/python/port-RaisesTuple 
Approved by tausbn
 2022-09-19 00:51:29 -07:00
CodeQL CI
ed4b64b1c4 Merge pull request #10265 from yoff/python/port-UnguardedNextInGenerator 
Approved by tausbn
 2022-09-19 00:50:52 -07:00
CodeQL CI
36f8b0554d Merge pull request #10266 from yoff/python/port-CatchingBaseException 
Approved by tausbn
 2022-09-19 00:50:05 -07:00
Asger F
ab296d4d62 Merge pull request #10396 from asgerf/js/regexp-always-matches-fp 
JS: Fix FP in js/regexp/always-matches
 2022-09-19 09:32:00 +02:00
Andrew Eisenberg
e6eaf37e22 Add redirect for removed 'About QL packs' article 
Note that sphinx gives an error if you have a document to build that
is not part of a toctree. In order to avoid this error and not show
the document in any toctree that users will see, I added a hidden
toctree to the redirect article.
 2022-09-18 10:45:59 -07:00
Tom Hvitved
a8cc669251 Ruby: Address review comments 2022-09-18 19:34:54 +02:00
Tom Hvitved
9004e82820 Ruby: Add another call graph test 2022-09-18 19:34:00 +02:00
Mathias Vorreiter Pedersen
02076074ff C++: Add more comments. 2022-09-18 12:48:13 +01:00
Mathias Vorreiter Pedersen
3e6576bfaf C++: Add example of missing result. 2022-09-18 12:18:04 +01:00
Mathias Vorreiter Pedersen
d1cf688abf C++: Fix test function naming. 2022-09-18 12:17:46 +01:00
Mathias Vorreiter Pedersen
78535dc70b C++: Autoformat. 2022-09-18 12:02:32 +01:00
Michael Nebel
a464e5be72 C#: Address review comments. 2022-09-17 13:51:03 +02:00
Andrew Eisenberg
13d4c4a5b9 Merge pull request #10460 from github/aeisenberg/lang-spec-packs 
Updates the library path section of the CodeQL spec
 2022-09-16 15:01:43 -07:00
Andrew Eisenberg
867e31693d Updates the library path section of the CodeQL spec 
- Remove references to `queries.xml`. It is still supported, but we
  don't want people using it.
- Add reference to `codeql-pack.yml`. It is just an alias for
  `qlpack.yml` and not being used.
- Remove reference to `libraryPathDependencies` and use `dependencies`
  instead.

Note that this section does not give a complete description of library
paths. That will be a part of the "Developing a codeql pack" article
that is forthcoming.
 2022-09-16 14:31:17 -07:00
Andrew Eisenberg
027365c246 Update the analyze databases article 
This change updates the analyze databases article to clarify examples.
It reorganizes to put packs examples first and rearranges a few
paragraphs.
 2022-09-16 14:05:28 -07:00
Andrew Eisenberg
bbf09c8f8a Update qlpack properties descriptions 
Makes table easier to read.
 2022-09-16 12:53:27 -07:00
Tom Hvitved
29bfb4d185 Ruby: Revert changes to isLocalSourceNode and localFlowStepTypeTracker 
Instead, use small-step type tracking, as suggested by @rasmuswl offline.
 2022-09-16 19:38:26 +02:00
Chris Smowton
3fa1f17b83 Java: really return a unique location for non-source entities 
This was always supposed to pick one of several candidate non-source locations (usually for a generic type instantiation), but since `getFile().toString()` just produces the basename of the class file actually the results would almost always tie and all of the candidate locations would be returned. Use the full class file path as a tiebreaker instead.
 2022-09-16 18:23:31 +01:00
Ian Lynagh
4a4cd8a770 Merge pull request #10456 from github/post-release-prep/codeql-cli-2.10.5 
Post-release preparation for codeql-cli-2.10.5
 2022-09-16 17:18:05 +01:00
Mathias Vorreiter Pedersen
dc00643ad1 C++: More QLDoc. 2022-09-16 17:14:29 +01:00
Mathias Vorreiter Pedersen
031f20a0eb C++: Respond to review comments. 2022-09-16 16:19:06 +01:00
Chris Smowton
0ab5d466f6 Update test expectations now that the Java extractor's nested annotation handling has been fixed 2022-09-16 15:50:54 +01:00
Anders Schack-Mulligen
1945f185ed Apply suggestions from code review 
Autoformat
 2022-09-16 15:49:16 +01:00
Marcono1234
c8b922937b Java: Extend AnnotationType.isATargetType documentation 2022-09-16 15:49:16 +01:00
Marcono1234
37b18914ac Java: Add annotation tests 2022-09-16 15:49:16 +01:00
Marcono1234
8c9bdeb3be Java: Address Annotation review comments and add change note 2022-09-16 15:49:16 +01:00
Marcono1234
659a3a7925 Java: Deprecate RetentionAnnotation.getRetentionPolicyExpression() 2022-09-16 15:49:16 +01:00
Marcono1234
90a9364b00 Java: Rename Annotation.getAnArrayValue with index 
As mentioned by smowton during review, the predicate only has a single result
due to being restricted by the index and therefore its name should not start
with "getA...".

Also remove deprecated `getAValue(string, int)` because it never existed on
the `main` branch.
 2022-09-16 15:49:16 +01:00
Marcono1234
4ef2d156c4 Java: Deprecate error-prone and rarely used annotation predicates 2022-09-16 15:49:16 +01:00
Marcono1234
e3c1b96830 Java: Fix incorrect annotation handling for SpringControllerRequestMappingGetMethod 2022-09-16 15:49:16 +01:00