hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-17 16:34:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,679 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ian Lynagh
a423f5f695 Kotlin: Enable java/misnamed-type query 
We used to get alerts for the class around a local function, a lambda,
or a function reference, which we give name "". Now those are marked as
compiler-generated, and the query ignores compiler-generated types.
 2022-11-25 17:11:40 +00:00
Paolo Tranquilli
edddaaa838 Swift: make mapping from swift types to tags explicit 
This should decouple schema names from swift names, allowing to
rename schema names regardless of internal swift compiler names.
 2022-11-25 13:10:33 +01:00
Jeroen Ketema
53b86fd53b Merge pull request #11428 from jketema/default-taint-tests 
C++: Add more tests that exercise the default taint barrier implementation
 2022-11-25 12:13:18 +01:00
Chris Smowton
180c3cee44 Accept integration test changes caused by variable location changes 2022-11-25 10:54:50 +00:00
Chris Smowton
32847c125a Accept more test changes due to variable locations changing 
There is also one non-location change: kotlin.Byte (and likely other primitives) now have real equals and toString overrides, which matches their native source and documentation; before they appeared to have fake overrides.
 2022-11-25 10:47:48 +00:00
Alex Ford
8362caa9d9 Merge pull request #11417 from alexrford/ruby/activesupport-json_escape 
Ruby: model ActiveSupport `json_escape` flow
 2022-11-25 10:46:34 +00:00
Chris Smowton
8ec681e61c Kotlin: bump default CI version to 1.7.20 
A bunch of test expectations change because 7f531d8426 means that we now see (a) local variable declarations with source locations covering only their identifier, not the whole statement, and (b) more SYNTHETIC_OFFSET values for the parts of a destructuring assignment
or initialiser, which show up as file.kt:0:0:0:0 in DbLocation form.
 2022-11-25 10:19:26 +00:00
Owen Mansel-Chan
ebdea243b2 Make qldoc clearer about behaviour of override 2022-11-25 09:46:07 +00:00
Jeroen Ketema
4607f5990e C++: Add more tests that exercise the default taint barrier implementation 2022-11-25 10:19:45 +01:00
Paolo Tranquilli
8df7d465cb Swift: cache more aggressively in CI 
* the QL compilation cache action is used for ql and integration tests
* all caches (Bazel and QL) are populated on push
 2022-11-25 08:52:46 +01:00
Rasmus Lerchedahl Petersen
77d98b217e Python: add import 2022-11-25 08:52:35 +01:00
yoff
d804acdef7 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2022-11-25 08:50:37 +01:00
Paolo Tranquilli
9b4b29cab7 Merge branch 'main' into redsun82/swift-integration-test-pack 2022-11-25 08:49:36 +01:00
Harry Maclean
f49507e59a Ruby: Add note about WithElement usage 2022-11-25 16:55:37 +13:00
Harry Maclean
df398fb9a0 Ruby: Add more flow summary tests 2022-11-25 16:55:37 +13:00
Harry Maclean
fe13ac188f Ruby: US spelling 2022-11-25 16:55:37 +13:00
Harry Maclean
0b065001a8 Ruby: Add tests for flow summary behaviour 
These test cases are a companion to the flow summary docs, and ensure
that the documentated behaviour matches reality.
 2022-11-25 16:55:37 +13:00
Harry Maclean
c0501c189e Ruby: Document ?/any behaviour in output paths 2022-11-25 16:55:37 +13:00
Harry Maclean
5b07c3a746 Ruby: Elaborate WithoutElement docs 2022-11-25 16:55:37 +13:00
Harry Maclean
5e3a817064 Ruby: With[out]Element only valid in input 2022-11-25 16:55:37 +13:00
Harry Maclean
0c2dd1a5a6 Ruby: Flesh out hash-splat docs 2022-11-25 16:55:37 +13:00
Harry Maclean
43f2713925 Ruby: Update test fixture 2022-11-25 16:55:37 +13:00
Harry Maclean
78f604aef1 Ruby: Document Field access path token 2022-11-25 16:55:37 +13:00
Harry Maclean
6f852aad0b Ruby: Document flow summary syntax 2022-11-25 16:55:36 +13:00
Harry Maclean
0a4a8516eb Ruby: simplify Hash#transform_keys! flow summary 2022-11-25 16:55:36 +13:00
Geoffrey White
208a728d39 Swift: Fixes. 2022-11-25 00:28:53 +00:00
Geoffrey White
37cdef7ab1 Swift: add basic Alamofire taint source model. 2022-11-25 00:14:23 +00:00
Geoffrey White
afb5dc7da3 Swift: Add test for Alamofire sources. 2022-11-25 00:08:51 +00:00
Harry Maclean
2822c94aa7 Ruby: Minor refactor of barrier guard code 2022-11-25 09:12:51 +13:00
Harry Maclean
6897fb46cb Ruby: Clean up WhenClause CFG 2022-11-25 09:12:51 +13:00
Alexander Eyers-Taylor
3c7f7511be Merge pull request #11418 from alexet/alexet/mockito-class-rename 
Java: Add new Mockito runner class location.
 2022-11-24 17:49:31 +00:00
alexet
e24e3bf13f Java: Add new Mockito runner class location. 2022-11-24 16:43:57 +00:00
Henry Mercer
df3dc6fadc Merge pull request #11414 from github/codeql-ci/atm/release-0.4.2 
JS: Bump version numbers of ML-powered packs after 0.4.2 release
 2022-11-24 16:07:28 +00:00
Alex Ford
e6446e501c Ruby: fix docs failure 2022-11-24 15:37:03 +00:00
Alex Ford
893c8763bb Ruby: model ActiveSupport json_escape flow 2022-11-24 15:33:08 +00:00
Edoardo Pirovano
9071acea01 Merge pull request #11416 from github/edoardo/mergeback-3.8 
Merge `rc/3.8` into `main`
 2022-11-24 15:05:28 +00:00
Erik Krogh Kristensen
03737543d4 Merge pull request #11403 from erik-krogh/additional 
ReDoS: add missing additional keywords
 2022-11-24 15:53:51 +01:00
Edoardo Pirovano
8eeba92a47 Merge pull request #11415 from github/edoardo/mergeback-2.11.4 
Merge `codeql-cli-2.11.4` into `rc/3.8`
 2022-11-24 14:42:36 +00:00
Henry Mercer
56e5f01ce0 Merge branch 'main' into codeql-ci/atm/release-0.4.2 2022-11-24 14:41:49 +00:00
github-actions[bot]
78d49e44b1 JS: Bump version of ML-powered library and query packs to 0.4.3 2022-11-24 14:22:14 +00:00
github-actions[bot]
8d96bfe973 JS: Bump patch version of ML-powered library and query packs 2022-11-24 14:18:13 +00:00
Nick Rolfe
50b10be2db Ruby: StackTraceExposure: add test for a specific rescue type 2022-11-24 14:08:34 +00:00
Nick Rolfe
1c407a28cd Apply suggestions from code review 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-11-24 14:02:32 +00:00
Tony Torralba
adf905d838 Merge pull request #11368 from ka1n4t/main 
Java: Add binding between annotation and sink-param in MyBatis SQL Injection query
 2022-11-24 14:34:57 +01:00
Tony Torralba
1d57663343 Merge pull request #11345 from atorralba/atorralba/swift/data-models 
Swift: Add taint models for the Data class
 2022-11-24 14:23:41 +01:00
Geoffrey White
32442a33de Merge pull request #11270 from geoffw0/optionals2 
Swift: Dataflow through ?? and ? :
 2022-11-24 13:20:54 +00:00
Ian Lynagh
184c903ec7 Merge pull request #11401 from igfoo/igfoo/unused 
Kotlin: Remove an unused argument
 2022-11-24 12:47:50 +00:00
Ian Lynagh
501ea31c25 Merge pull request #11404 from igfoo/igfoo/build_refactor 
Kotlin build system: Refactor jar-finder
 2022-11-24 12:47:34 +00:00
Anders Schack-Mulligen
f2897f5bfc Merge pull request #11392 from aschackmull/java/adjust-mad-dispatch-priority 
Java: Adjust the prioritisation between MaD and source dispatch.
 2022-11-24 13:10:48 +01:00
Tony Torralba
e4e5291511 Fix more test expectations after rebase 2022-11-24 13:03:12 +01:00