hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-23 19:32:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,686 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marcono1234
998aa95eae Java: Add convenience array value Annotation predicates 2022-09-16 15:49:16 +01:00
Marcono1234
47e38952d1 Java: Improve Annotation.getAnAssociatedAnnotation 
As suggested by smowton during review.
 2022-09-16 15:49:16 +01:00
Marcono1234
fd5fdd89d9 Java: Rename Annotation.getAValue predicates for array values 
Predicate name could lead to confusion with non-array predicate getAValue()
 2022-09-16 15:49:16 +01:00
Marcono1234
b96061aa7e Java: Rename Annotation value predicates 2022-09-16 15:49:16 +01:00
Marcono1234
c226758889 Java: Add classes and predicates for @Repeatable 2022-09-16 15:49:16 +01:00
Marcono1234
02c8fe9346 Java: Add convenience predicates for AnnotationType 2022-09-16 15:49:16 +01:00
Marcono1234
f69b6eef7a Java: Clarify that Annotatable predicates consider inherited annotations 
Additionally changes `hasAnnotation()` to consider inherited annotations
for consistency.
 2022-09-16 15:49:16 +01:00
Marcono1234
afb7462052 Java: Clarify that Annotation value predicates have default value as result 2022-09-16 15:49:15 +01:00
Marcono1234
536f5c7f89 Java: Add Annotation value convenience predicates 2022-09-16 15:49:15 +01:00
Chris Smowton
3165babc88 Merge pull request #10445 from smowton/smowton/fix/annotaton-array-trap-label 
Java: Add test for annotations with annotation-array-typed fields
 2022-09-16 15:45:36 +01:00
Alex Ford
08c8db8937 Ruby: stop rb/sensitive-get-query from considering ID type data as sensitive 2022-09-16 15:40:13 +01:00
Alex Ford
79ad7d293f Ruby: make SensitiveExpr a dataflow node rather than an Expr 2022-09-16 15:39:16 +01:00
github-actions[bot]
67ce442674 Post-release preparation for codeql-cli-2.10.5 2022-09-16 14:23:44 +00:00
Mathias Vorreiter Pedersen
f14df6426e Merge pull request #10455 from geoffw0/cleartexttest 
Swift: Update test for swift/cleartext-transmission
 2022-09-16 14:59:30 +01:00
yoff
0703b88f92 Merge pull request #10404 from RasmusWL/update-range-pattern 
Docs: Use `instanceof` in `::Range` pattern description
 2022-09-16 15:18:35 +02:00
Tony Torralba
e140f04881 Merge pull request #10393 from zbazztian/uri-constructor-flow 
Java: Model taint flow for java.net.URI constructors in tainted path queries
 2022-09-16 15:10:40 +02:00
Tony Torralba
3141fdae72 Address review comments re: flow states 2022-09-16 14:48:30 +02:00
Geoffrey White
213cd94047 Swift: Update the test. 2022-09-16 13:24:37 +01:00
Anders Schack-Mulligen
e6d4e87458 Merge pull request #10416 from aschackmull/java/dispatch-confidence 
Java: Remove low confidence dispatch for which we have a manual summary.
 2022-09-16 13:36:04 +02:00
Alex Denisov
d6d8480b2a Swift: fix internal builds 2022-09-16 12:59:43 +02:00
Chris Smowton
80968eef47 Add test for annotations with annotation-array-typed fields 2022-09-16 11:30:16 +01:00
James Fletcher
bc93a22e7d Merge pull request #10449 from github/jf205-patch-1 
Correct link to API docs for 'Get a CodeQL database for a repository'
 2022-09-16 11:13:20 +01:00
Alex Denisov
c638789f3e Swift: open(2) interception 2022-09-16 12:02:16 +02:00
erik-krogh
abb5c38bcd move the guides on link-texts into a new subsection 2022-09-16 11:56:52 +02:00
erik-krogh
e3990e824d add a line about link texts 2022-09-16 11:52:27 +02:00
Erik Krogh Kristensen
9e56128498 apply suggestions from doc review 
Co-authored-by: hubwriter <hubwriter@github.com>
 2022-09-16 11:46:06 +02:00
Anders Schack-Mulligen
9714497268 Java: Add change note. 2022-09-16 11:14:44 +02:00
Sebastian Bauersfeld
8c35803749 Add more details to change note. 2022-09-16 16:11:34 +07:00
Anders Schack-Mulligen
726772220c Merge pull request #10191 from smowton/smowton/admin/java-implicit-this-type-tests 
Java: Add test regarding the type of an implicit `this` expression
 2022-09-16 10:58:48 +02:00
Tony Torralba
fdc8453a59 Introduce TaintedPathAdditionalTaintStep 
Use separate configurations for tainted path and tainted path local again.
 2022-09-16 10:42:15 +02:00
Nick Rolfe
b5d648a6b0 Ruby: model ActionView::FileSystemResolver as a FileSystemAccess 2022-09-16 09:24:14 +01:00
James Fletcher
8e30754356 Update download-github-database.rst 2022-09-16 09:22:32 +01:00
Tom Hvitved
ac4d4ff613 Ruby: Rework call graph implementation 2022-09-16 10:22:26 +02:00
Tom Hvitved
41c45c26bc Ruby: Add more call graph tests, and make calls.rb interpretable by irb 2022-09-16 10:22:20 +02:00
AlexDenisov
d8b000fae3 Merge pull request #10448 from github/alexdenisov/swift-xcode-14 
Swift: skip more unsupported CLI args (new in Xcode 14)
 2022-09-16 10:08:21 +02:00
Sebastian Bauersfeld
95478f1af6 Address review comments. 2022-09-16 14:35:30 +07:00
Alex Denisov
2b12aece63 Swift: skip more unsupported CLI args (new in Xcode 14) 2022-09-16 09:24:20 +02:00
Anders Schack-Mulligen
142d9eb6ef Merge pull request #10446 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-09-16 09:00:33 +02:00
github-actions[bot]
0e1aca547b Add changed framework coverage reports 2022-09-16 00:23:05 +00:00
Erik Krogh Kristensen
f648dd4a2e Merge pull request #10443 from erik-krogh/moreNames 
QL: recognize the names from all VarDefs
 2022-09-15 22:34:17 +02:00
erik-krogh
af045a025d Merge branch 'main' into moreNames 2022-09-15 21:04:49 +02:00
Philip Ginsbach
87e782560c Merge pull request #10439 from github/ginsbach/JavascriptUpperCaseVariables 
JavaScript: remove upper-case variable names
 2022-09-15 20:03:20 +01:00
erik-krogh
ac91b30ed0 recognize the names from all VarDefs 2022-09-15 20:48:12 +02:00
Tamás Vajk
d958c04a79 Merge pull request #9693 from raulgarciamsft/Token_validation 
Token validation
 2022-09-15 20:18:33 +02:00
Tony Torralba
c0762dfdb0 Merge pull request #10437 from github/atorralba/fix-0.3.4-changenote 
Java: Fix wrong packages in minor analysis change note
 2022-09-15 19:12:57 +02:00
Philip Ginsbach
d1df2aa457 remove upper-case variable names 2022-09-15 18:08:50 +01:00
Philip Ginsbach
0a2d0f7f68 Merge pull request #10440 from github/ginsbach/JavaUpperCaseVariables 
Java: remove upper-case variable name
 2022-09-15 18:07:51 +01:00
Mathias Vorreiter Pedersen
4482669d7e C++: Add a new 'InvalidPointerDeref' query to experimental. 2022-09-15 17:47:15 +01:00
Mathias Vorreiter Pedersen
b8a5aa5d85 C++: Fix a couple of range analysis issues: 
1. The new query is expecting pointer arithmetic operations to generate
range-analysis bounds, but this wasn't true on main.
2. The bounds generated by `boundFlowCond` was incorrectly inferred as
non-strict when comparing a pointers (unlike when comparing values of
integral types). This gave FPs in the new query.

This also fixes a couple of missing results in existing queries that
use the new range-analysis library.
 2022-09-15 17:46:52 +01:00
Philip Ginsbach
c2bdb69476 remove upper-case variable name 2022-09-15 16:32:16 +01:00