hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-20 18:04:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,683 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ian Lynagh
c9cf33dd20 Kotlin: Nest TRAP files inside their basename 2022-10-19 12:14:39 +01:00
Ian Lynagh
dff1cf4c48 Kotlin: Don't write TRAP files that are already out-of-date 2022-10-19 12:14:38 +01:00
Ian Lynagh
e6e0fe0cd4 Kotlin: Tweak custom_plugin/diagnostics test 2022-10-19 12:14:38 +01:00
Ian Lynagh
b251078976 Kotlin: Implement lockless TRAP writing 
Rather than using lock files and rewriting TRAP file, and storing the
metadata in a .metadata file, we now encode the metadata in the filename
and rename all but the newest TRAP file so that the importer doesn't
see them.

So we might end up with e.g.
    Text.members#0.0-1664381081060-java.trap.gz
    Text.members#55.0-1658481279000-java.trap-old.gz
    Text.members#55.0-1664381081060-java.trap-old.gz

For now, you can go back to the old system by setting
    CODEQL_EXTRACTOR_JAVA_TRAP_LOCKING=true
in the environment.
 2022-10-19 12:14:38 +01:00
erik-krogh
226bd1f321 add flow-state support to sanitizers in code-execution, and use that to refactor the string-concatenation-sanitizer 2022-10-19 13:06:54 +02:00
erik-krogh
3e51f6fa8e use flow-states to remove FPs related to an attacker only controlling a substring in code-injection 2022-10-19 13:00:44 +02:00
Erik Krogh Kristensen
caaee26ae5 Merge pull request #10880 from jsoref/spelling-ql 
Spelling ql
 2022-10-19 12:38:48 +02:00
erik-krogh
2a72e89090 add a runsImmediately predicate to CodeExecution (name chosen by Copilot) 2022-10-19 12:30:47 +02:00
Chris Smowton
7ba9a31766 Use US spelling 2022-10-19 10:41:29 +01:00
Paolo Tranquilli
861377f650 Swift: property doc tweaks 2022-10-19 11:40:05 +02:00
erik-krogh
d77b31672d add failing test for safe-ish uses of Object.send 2022-10-19 11:27:08 +02:00
erik-krogh
cb33d5aeff add test for .send(..) in code-injection 2022-10-19 11:25:30 +02:00
Tony Torralba
fd8f8cb930 Merge pull request #10223 from atorralba/atorralba/unsafe-content-resolver 
Java: New Android query to detect unsafe content URI resolution
 2022-10-19 11:22:04 +02:00
Tamás Vajk
0f499dfb75 Merge pull request #10877 from tamasvajk/kotlin-safe-call-null-check 
Kotlin: Add test for useless null check on safe calls
 2022-10-19 11:19:58 +02:00
Tamás Vajk
086362d8ee Merge pull request #10859 from tamasvajk/kotlin-field-masking 
Kotlin: Exclude fields of live literals from `java/field-masks-super-field`
 2022-10-19 11:19:44 +02:00
Josh Soref
99aa5ffea6 spelling: substitutions 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 05:10:23 -04:00
Josh Soref
24a032041f spelling: sanitize 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 05:10:23 -04:00
Henry Mercer
3afb9c1b3b Merge pull request #10845 from github/henrymercer/remove-worsening-queries 
ATM: Remove worsening-based queries
 2022-10-19 10:05:53 +01:00
Josh Soref
0bc19506e7 spelling: reinitialised 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:59:16 -04:00
Josh Soref
0079ee3d54 spelling: annotation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:59:16 -04:00
James Fletcher
e9e2e90a92 Merge pull request #10647 from jf205/lgtm-cli-vs-code 
Partially remove mentions of lgtm.com from the CodeQL documentation
 2022-10-19 09:32:01 +01:00
Josh Soref
d722448796 spelling: injection 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:27:37 -04:00
Josh Soref
a4beafbe44 spelling: classifier 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:27:37 -04:00
Josh Soref
7055b139bf spelling: the 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:22:34 -04:00
AlexDenisov
5c8fa84d30 Merge pull request #10786 from github/alexdenisov/xcode-autobuilder 
Swift: introduce Xcode autobuilder
 2022-10-19 10:19:49 +02:00
Josh Soref
2636f7108e spelling: subclasses 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
08b06aa056 spelling: regular 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
e39706afc1 spelling: regex 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
866cc1eda1 spelling: recursive 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
b3df4ab207 spelling: preferable 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
d9900fe548 spelling: possibility 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
bc029bd1b8 spelling: plentiful 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
f2ce34cd41 spelling: parameterized 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
08d479bff4 spelling: override 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
a6e0f0e47a spelling: maintainability 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
4d22b2aaab spelling: interesting 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
362d143737 spelling: immediately 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
5468dbaaf1 spelling: corresponding 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
fefea7ed4e spelling: consistencies 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
8ced7d64d3 spelling: comment 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
8689a9405b spelling: characteristic 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
f176877a29 spelling: builtin 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref
86a85b8997 spelling: unsupported 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 03:49:17 -04:00
Josh Soref
5e15c7af31 spelling: unspecified 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 03:49:17 -04:00
Josh Soref
fd562dabf3 spelling: unhandled 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 03:49:17 -04:00
Josh Soref
8e032ac8c1 spelling: suitability 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 03:49:17 -04:00
Josh Soref
32cfe77e92 spelling: successor 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 03:49:17 -04:00
Josh Soref
e228b019d5 spelling: security 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 03:49:17 -04:00
Josh Soref
03524d7e74 spelling: roslyn 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 03:49:17 -04:00
Josh Soref
524ab47c44 spelling: representing 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 03:49:17 -04:00