Paolo Tranquilli
5f8e7e67b4
Swift: extract ObjectLiteralExpr
2022-11-09 15:51:08 +01:00
Anders Schack-Mulligen
151f12ef5e
Java: Improve sink model generation precision by excluding variable capture.
2022-11-09 15:32:30 +01:00
Nick Rolfe
199b3f4d71
Ruby: add change note for ActionCable channel remote flow sources
2022-11-09 14:18:44 +00:00
Nick Rolfe
db20e7d143
Ruby: add ActionCable channel RPC params as remote-flow sources
2022-11-09 14:16:04 +00:00
Anders Schack-Mulligen
07f50e275d
Merge pull request #11182 from aschackmull/mad/split-configs
...
Java/C#: Split active configurations for model generator
2022-11-09 15:06:43 +01:00
Asger F
859dc7beb7
Merge pull request #11024 from asgerf/rb/data-flow-layer-capture2
...
Ruby: expand DataFlow API
2022-11-09 15:06:03 +01:00
erik-krogh
5ba694e909
remember to run on PRs
2022-11-09 14:55:08 +01:00
Paolo Tranquilli
a05706d89d
Merge pull request #11177 from github/redsun82/swift-decls
...
Swift: extract `PoundDiagnosticDecl` and `MissingMemberDecl`
2022-11-09 14:54:57 +01:00
Michael Nebel
57e31c11da
C#: Add change note.
2022-11-09 14:54:37 +01:00
erik-krogh
57ad491356
adjust the triggers, run on all PRs, and more branches
2022-11-09 14:50:53 +01:00
erik-krogh
8d51aaa403
add another fallback to main
2022-11-09 14:44:10 +01:00
erik-krogh
7e522770f6
simplify the cache keys
2022-11-09 14:43:30 +01:00
erik-krogh
1b9653827f
do a quicker merge-base calculation
2022-11-09 14:38:55 +01:00
Anders Schack-Mulligen
b3b7711149
Dataflow: Sync.
2022-11-09 14:23:15 +01:00
Anders Schack-Mulligen
ade83b3cfe
Dataflow: Introduce support for src/sink grouping in path results.
2022-11-09 14:22:24 +01:00
Anders Schack-Mulligen
fc4f93c87a
Java/C#: Undo configuration footgun firing.
2022-11-09 13:20:39 +01:00
Nora Dimitrijević
5940f17b83
Swift: Docs + doctests
2022-11-09 13:10:08 +01:00
erik-krogh
53917e506e
add refs/heads/ to make the ref fully-formed
2022-11-09 12:58:31 +01:00
Nick Rolfe
97e939ae2b
Ruby: refine summaries for Hash#reverse_merge etc.
...
- revert the changes to the taint summaries specific to ActionController
params
- make the general flow summaries value-preserving and use
WithElement[any]
2022-11-09 11:56:07 +00:00
erik-krogh
f0b09ee16c
fallback to main
2022-11-09 12:55:21 +01:00
erik-krogh
b3b13bdd43
use base_ref to calculate the cache-keys when running in a PR.
2022-11-09 12:55:02 +01:00
Mathias Vorreiter Pedersen
50c2683be0
Merge pull request #11181 from github/alexdenisov/extractor-errors-suite
...
Swift: add an internal query-suite for listing all the compiler errors
2022-11-09 11:52:59 +00:00
erik-krogh
ad7fc34efd
extract .erb files as html
2022-11-09 12:43:19 +01:00
Erik Krogh Kristensen
c537c80ed6
Merge pull request #11095 from erik-krogh/exportRead
...
JS: recognize more re-exported values as exported
2022-11-09 12:39:41 +01:00
Alex Denisov
dacbf4e798
Swift: use more common name for the query
2022-11-09 12:29:50 +01:00
Alex Denisov
4ee6ae67d6
Swift: use explicit this to conform to the coding style
2022-11-09 12:17:11 +01:00
Alex Denisov
a1fa424ec1
Swift: add an internal query-suite for listing all the compiler errors
2022-11-09 12:05:41 +01:00
Paolo Tranquilli
9d4a208c0d
Swift: extract MissingMemberDecl
2022-11-09 12:04:42 +01:00
Paolo Tranquilli
235181fb21
Swift: share translateDiagnosticsKind with SwiftDiagnosticsConsumer
2022-11-09 12:00:43 +01:00
Paolo Tranquilli
7bcee6e9a8
Merge branch 'main' into redsun82/swift-decls
2022-11-09 11:59:16 +01:00
erik-krogh
aede9c3467
support general base-branches, not just main
2022-11-09 11:55:19 +01:00
erik-krogh
484dc4ad3a
restore from another cache when running on main. Otherwise that workflow always takes an hour
2022-11-09 11:45:21 +01:00
AlexDenisov
8756989b4b
Merge pull request #11101 from github/alexdenisov/extractor-errors
...
Swift: extract diagnostics
2022-11-09 11:33:54 +01:00
erik-krogh
c8b7eccc6f
sync files
2022-11-09 11:31:13 +01:00
erik-krogh
23add8a72b
recognize passcode as sensitive
2022-11-09 11:30:57 +01:00
erik-krogh
e0bcfe2afb
add failing test
2022-11-09 11:30:31 +01:00
Paolo Tranquilli
73ad1307ae
Swift: extract PoundDiagnosticDecl
2022-11-09 11:13:55 +01:00
Paolo Tranquilli
c95a6ea5d1
Merge pull request #11176 from github/redsun82/swift-opaque-types
...
Swift: extract opaque types and their decls
2022-11-09 10:47:32 +01:00
Asger F
ac5a1d68ea
Merge pull request #11170 from asgerf/rb/taint-known-or-unknown
...
Ruby: handle knownOrUnkown in default taint step
2022-11-09 10:42:02 +01:00
Erik Krogh Kristensen
138a16f0b3
use getImportedModuleNode()
...
Co-authored-by: Asger F <asgerf@github.com >
2022-11-09 09:53:23 +01:00
Asger F
694d987365
JS: Update test output
2022-11-09 09:36:03 +01:00
Asger F
f4b2af730d
Update ruby/ql/lib/codeql/ruby/dataflow/internal/TaintTrackingPrivate.qll
...
Co-authored-by: Tom Hvitved <hvitved@github.com >
2022-11-09 09:28:07 +01:00
Paolo Tranquilli
b399d8df7e
Swift: extract opaque types and their decls
2022-11-09 09:27:25 +01:00
Harry Maclean
ad7b5ae7ed
Ruby: Add inline barrier guard test
2022-11-09 16:35:28 +13:00
Harry Maclean
f1b63c4df3
Ruby: Fix in clause barrier guard
2022-11-09 16:10:17 +13:00
Harry Maclean
0ab88c2e29
Ruby: Handle simple in clauses in barrier guard
2022-11-09 16:01:33 +13:00
Harry Maclean
87944a3a75
Ruby: Add test for another case guard variant
2022-11-09 15:05:03 +13:00
Harry Maclean
25ceeaf241
Ruby: Fix SplatExprCfgNode
2022-11-09 15:03:15 +13:00
Harry Maclean
4bc9096446
Ruby: Add case string comparison barrier guard
...
This recognises barriers of the form
STRINGS = ["foo", "bar"]
case foo
when "some string literal"
foo
when *["other", "strings"]
foo
when *STRINGS
foo
end
where the reads of `foo` inside each `when` are guarded by the comparison
of `foo` with the string literals.
We don't yet recognise this construct:
case foo
when "foo", "bar"
foo
end
This is due to a limitation in the shared barrier guard logic.
2022-11-09 15:03:13 +13:00
Jami
cfbaf5e53b
Merge pull request #10785 from jcogs33/insuff-key-size-globalflow-keysize
...
Java: Promote insufficient key size query from experimental
2022-11-08 18:05:01 -05:00
