hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-18 17:04:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,679 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
AlexDenisov
ecd8921dcd Merge pull request #11211 from github/redsun82/swift-drop-impossible-nodes 
Swift: fix printing of unextracted entities
 2022-11-11 08:06:54 +01:00
Harry Maclean
2b4217b8a4 Ruby: Update test fixture 2022-11-11 18:41:55 +13:00
Harry Maclean
b16cecc8db Ruby: Add missing doc 2022-11-11 18:41:42 +13:00
Harry Maclean
62ea1f0a05 Ruby: Fix performance of string comparison guard 
The `or` case ran extremely slowly before this change. Also exclude
string interpolations from consideration, for correctness, and add some
more tests.
 2022-11-11 18:24:20 +13:00
github-actions[bot]
dcebe930e7 Add changed framework coverage reports 2022-11-11 00:21:31 +00:00
Harry Maclean
e25e192ef3 Ruby: Change the CFG for while clauses 
The `when` node now acts as a join point for patterns in the when
clause, with match/no-match completions. This is similar to how `or`
expressions work.

The result of this is that the `when` clause "controls" the body of the
`when`, which allows us to model barrier guards for multi-pattern when
clauses.

For this code

case x
when 1, 2
  y
end

The old CFG was

x --> when --> 1 --no-match--> 2 ---no-match---> case
                \               \                  ^
                  \               \                |
                   \                --match----+   |
                     \                         |   |
                       \                       |   |
                         ------match---------> y --+

The new CFG is

x --> 1 --no-match--> 2 --no-match--> [no-match] when --no-match--> case
       \               \                                             ^
         \               \                                           |
           \               --match--> [match] when --match--> y -----+
             \                       /
               \                   /
                 -------match-----

i.e. all patterns flow to the `when` node, which is split based on
whether the pattern matched or not. The body of the when clause then has
a single predecessor `[match] when`, which acts as condition block that
controls `y`.
 2022-11-11 11:52:27 +13:00
Rasmus Lerchedahl Petersen
71335a1a97 python: update users of try 2022-11-10 22:20:28 +01:00
Rasmus Lerchedahl Petersen
7d05ba38d5 python: convenience methods for handler types 2022-11-10 22:20:28 +01:00
Rasmus Lerchedahl Petersen
e67515fae7 python: dataflow tests names in exception handlers 2022-11-10 22:20:28 +01:00
Rasmus Lerchedahl Petersen
a7e394b2be python: SSA for names in except* 2022-11-10 22:20:28 +01:00
Rasmus Lerchedahl Petersen
30b58e7921 python: control flow node ExceptGroupStmt 
- wrap `getType` and `getName`, considering dominance
- do not implement all the handles predicates
 2022-11-10 22:20:27 +01:00
Rasmus Lerchedahl Petersen
9f9a962c03 python: wrap autogenerated ExceptGroupStmt_ 
also widen type of `Try::getHandler` to `Stmt`.
`ExceptStmt` is now too narrow,
as a handler can also be of type `ExceptGroupStmt`.
 2022-11-10 22:20:27 +01:00
Rasmus Lerchedahl Petersen
24d22ccb6e python: regenerated AST 2022-11-10 22:20:27 +01:00
Rasmus Lerchedahl Petersen
9f89325ca7 python: dummy stats for ExceptGroupStmt 2022-11-10 22:20:27 +01:00
Rasmus Lerchedahl Petersen
1fd76f02fd python: db uprade and downgrade scripts 2022-11-10 22:20:27 +01:00
Rasmus Lerchedahl Petersen
856e48c414 python: new dbscheme 2022-11-10 22:20:27 +01:00
Rasmus Wriedt Larsen
88f703af1f DataFlow: Accept changes to .expected 2022-11-10 22:13:34 +01:00
Ian Lynagh
e00f87045e Java: Add up/downgrade scripts 2022-11-10 20:31:13 +00:00
Ian Lynagh
fac839f481 Java/Kotlin: Add a changenote for Compilation.getInfo 2022-11-10 20:29:04 +00:00
Ian Lynagh
a6b8f4b674 Java/Kotlin: Update stats 2022-11-10 20:29:04 +00:00
Ian Lynagh
2fb78565a7 Kotlin: Write version information to the database 2022-11-10 20:29:04 +00:00
Ian Lynagh
d0dfb4926b Kotlin/Java: Add compilation_info table 2022-11-10 20:29:04 +00:00
Rasmus Wriedt Larsen
4caaa3a396 Python: Rewrite call-graph tests to be inline expectation (1/2) 
This adds inline expectations, next commit will remove old annotations
code... but I thought it would be easier to review like this.
 2022-11-10 21:08:29 +01:00
Erik Krogh Kristensen
90382c4d1c Merge pull request #11178 from erik-krogh/passcode 
JS/RB/PY: Recognize `passcode` as sensitive
 2022-11-10 17:58:34 +01:00
erik-krogh
866e92558c broaden the file pattern used in the format check to ensure js-ml is included 2022-11-10 17:57:45 +01:00
Paolo Tranquilli
f5b198b8b7 Swift: fix dangling test reference 2022-11-10 17:50:22 +01:00
erik-krogh
fbb2dcf7a8 remove langauge specific format checks 2022-11-10 17:47:14 +01:00
Paolo Tranquilli
88dc65cb3c Swift: extract or ignore last remaining types 2022-11-10 17:38:32 +01:00
Paolo Tranquilli
04d042308b Swift: fix QL compilation 2022-11-10 17:05:03 +01:00
Tom Hvitved
bda4b52395 Merge pull request #11206 from hvitved/ruby/self-toplevel-def 
Ruby: Fix SSA entry definitions for `self` in top-level
 2022-11-10 17:01:59 +01:00
Jeroen Ketema
f7c55a3258 Merge pull request #11202 from jketema/fix-accept-prototype 
C++: Fix the `accept` prototype in the dataflow taint tests
 2022-11-10 17:00:07 +01:00
Nick Rolfe
20f76e50c3 Ruby: actually call the isPublic() predicate I added 2022-11-10 15:53:04 +00:00
Geoffrey White
887d1893e7 Swift: Make ql-for-ql happy. 2022-11-10 15:51:02 +00:00
Paolo Tranquilli
458fb3a4a2 Swift: fix printing of unextracted entities 
This was still printing explicitly ignored classes.
 2022-11-10 16:49:32 +01:00
Paolo Tranquilli
30bbae3c22 Merge pull request #11209 from github/redsun82/swift-drop-impossible-nodes 
Swift: drop impossible nodes from schema
 2022-11-10 16:47:23 +01:00
Michael Nebel
2a26c8f340 Merge pull request #10628 from michaelnebel/java/typebasedmodels 
Java: Type based summary models.
 2022-11-10 16:34:52 +01:00
Geoffrey White
d97682991d Swift: Add Alamofire sink for cpp/cleartext-transmission. 2022-11-10 15:33:00 +00:00
Nick Rolfe
b91b3148a4 Ruby: add missing qldoc comments for SQL injection query 2022-11-10 15:26:42 +00:00
Paolo Tranquilli
a54853d3b4 Swift: cleanup orphaned test files 2022-11-10 16:20:28 +01:00
Paolo Tranquilli
6a816ba700 Swift: create common error test directory 2022-11-10 16:20:28 +01:00
Paolo Tranquilli
c5bb32d6d2 Swift: create common ErrorElement superclass 2022-11-10 16:20:28 +01:00
Jeroen Ketema
62f5d10d03 C++: Fix localTaint expected results 2022-11-10 16:08:07 +01:00
Erik Krogh Kristensen
724a31b746 fix comment that wasn't updated in test 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-11-10 15:56:44 +01:00
Ian Lynagh
a2c0d47e9c Merge pull request #11199 from igfoo/igfoo/kotlin_default 
Kotlin: Update docs and tests
 2022-11-10 14:53:06 +00:00
erik-krogh
676327d9e4 Merge branch 'main' into erb 2022-11-10 15:39:58 +01:00
erik-krogh
012fb28e25 only extract .html.erb files instead of all .erb files 2022-11-10 15:38:51 +01:00
Karim Ali
b209cac2e2 Merge pull request #11063 from karimhamdanali/swift-pbe-constant-password 
Swift: detect the use of constant passwords for password-based encryption
 2022-11-10 16:36:27 +02:00
Karim Ali
e18b2cfa39 Merge pull request #11084 from karimhamdanali/swift-static-iv 
Swift: detect the use of static initialization vectors
 2022-11-10 16:35:21 +02:00
Geoffrey White
23ff3769ac Swift: Add Alamofire tests for swift/cleartext-transmission. 2022-11-10 14:31:53 +00:00
Nick Rolfe
511fb97273 Ruby: remove redundant import 2022-11-10 14:30:06 +00:00