hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-23 11:22:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,685 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
1b25d23531 C#: Align comments and actual test case. 2022-09-23 11:05:29 +02:00
Tom Hvitved
f8d2e0e6a8 Ruby: Improve QL doc for Module::getASubClass 2022-09-23 10:40:38 +02:00
Tom Hvitved
8b424d181a Merge pull request #10505 from hvitved/dataflow/viable-impl-in-ctx-consistency 
Data flow: Guard against `viableImplInCallContext` not being a subset of `viableCallable`
 2022-09-23 10:38:48 +02:00
Tom Hvitved
fa6da788dc Ruby: Add call graph test for unsupported constructs 2022-09-23 10:24:43 +02:00
Stephan Brandauer
1bb781ad94 Merge branch 'main' into new-atm-features-rebased 2022-09-23 09:55:29 +02:00
Asger F
d1e19a313b JS: Update test case to clarify choice of sinks 2022-09-23 09:18:15 +02:00
dependabot[bot]
5aecf0e31d Bump actions/upload-artifact from 2 to 3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-23 04:05:06 +00:00
github-actions[bot]
f5cf8cffa3 Release preparation for version 2.11.0 2022-09-22 20:14:12 +00:00
Chris Smowton
3fe1550943 Kotlin unit tests: use best plugin version compatible with environment kotlinc 2022-09-22 21:11:47 +01:00
Chris Smowton
cea90d535d Disable Kotlin element of test library-tests/frameworks/android/widget 
This is disabled for now because Kotlin doesn't extract java.lang.CharSequence.toString, even though that interface redeclares toString, and JDK18 points a call (syntactically to Editable.toString) that previous JDKs pointed at
Object.toString. This produces a database inconsistency that should be fixed Kotlin-side.
 2022-09-22 20:44:37 +01:00
Dave Bartolomeo
cee0e8e137 Merge pull request #10532 from github/henrymercer/3.7-mergeback 
Final mergeback from `rc/3.7`
 2022-09-22 13:42:59 -04:00
Michael Nebel
faf33efeb8 C#: Improve join ordering further for InterpretedCallable. 2022-09-22 19:10:14 +02:00
Michael Nebel
d4f1fc7900 C#: Add some integration tests for 'dotnet run' and do some minor validation of the output. 2022-09-22 18:42:50 +02:00
Michael Nebel
c978798308 C#: Update test program to print a default message to standard out. 2022-09-22 18:41:46 +02:00
Nora Dimitrijević
dca13f5c89 C++: Initial cpp/comma-before-misleading-indentation 
MRVA top 1000 run at: https://github.com/github/semmle-code/actions/runs/3106828111
 2022-09-22 17:44:18 +02:00
Mathias Vorreiter Pedersen
c4afb3a2b5 Merge branch 'main' into further-work-on-buffer-over-queries 2022-09-22 16:35:52 +01:00
Nora Dimitrijević
f1efc76e8c C++: Initial commit of cpp/comma-before-missing-indentation 2022-09-22 17:06:04 +02:00
Andrew Eisenberg
b58653eadc Merge pull request #10458 from github/aeisenberg/qlpack-properties 
Update qlpack properties descriptions
 2022-09-22 07:54:17 -07:00
Tom Hvitved
9937ae8ef9 Ruby: Call sensitive instance method resolution 2022-09-22 16:22:31 +02:00
Mathias Vorreiter Pedersen
7272ca79fd Merge pull request #10529 from erik-krogh/even-more-alerts 
QL: A few more improvements to `ql/alert-message-style-violation`
 2022-09-22 15:16:30 +01:00
erik-krogh
dcdff7a995 Merge branch 'main' into aliasFlow 2022-09-22 16:01:31 +02:00
Asger F
718649d505 Merge pull request #10490 from asgerf/js/remove-old-docs 
JS: Remove old Portal-based flow summary implementation
 2022-09-22 16:01:30 +02:00
erik-krogh
5fb44e9dd8 simplify and improve the example for getLaterBaseAccess 2022-09-22 15:57:54 +02:00
Erik Krogh Kristensen
fedf8fc575 correct the qldoc 
Co-authored-by: Asger F <asgerf@github.com>
 2022-09-22 15:49:29 +02:00
Tom Hvitved
64978b0138 Ruby: Add data-flow test that demonstrates spurious flow 2022-09-22 15:18:42 +02:00
Tom Hvitved
914c711940 C#: Fix broken viableImplInCallContext implementation 2022-09-22 15:01:40 +02:00
Tom Hvitved
f4b82cb2e8 Python: Update expected test output 2022-09-22 15:01:40 +02:00
Tom Hvitved
7a694d5da5 C++: Update expected test output 2022-09-22 15:01:40 +02:00
Tom Hvitved
ad6b870f94 Data flow: Sync files 2022-09-22 15:01:33 +02:00
Rasmus Wriedt Larsen
d3f811cab3 Python: Accept any arg to flask.jsonify 
Thanks @tausbn 👍
 2022-09-22 14:59:06 +02:00
Erik Krogh Kristensen
2fe6d1f562 Merge pull request #10470 from erik-krogh/flowParse 
JS: Try to parse files without using our parser extensions before enabling the extensions
 2022-09-22 14:58:43 +02:00
Alex Ford
140458b7cc Merge pull request #9932 from alexrford/ruby/rbi-typegraph-fixes 
Ruby: RBI library changes to support models-as-data model generation
 2022-09-22 13:55:33 +01:00
Rasmus Wriedt Larsen
8174120916 Python: Model flask.jsonify 2022-09-22 14:43:39 +02:00
erik-krogh
609ed709e2 use GVN to find detect when the alert-location is used as a link 2022-09-22 14:42:08 +02:00
erik-krogh
afdd7b0994 don't compute GVN for string constants of length more than 50, as this results in a infinite loop 😕 2022-09-22 14:41:21 +02:00
Rasmus Wriedt Larsen
078d3d0062 Python: Add stacktrace exposure example 2022-09-22 14:27:49 +02:00
Erik Krogh Kristensen
6e6880bbe4 Merge pull request #10486 from erik-krogh/java-unqueryable 
Java: Delete some unused code
 2022-09-22 14:21:39 +02:00
Michael Nebel
3d5767e723 C#: Make sure that dotnet clean also removes the bin and obj folders. 2022-09-22 14:01:53 +02:00
erik-krogh
a8929b6400 deprecate RegExpFlags::getFlags instead of deleting it 2022-09-22 13:43:42 +02:00
erik-krogh
b61bd56d70 un-deprecate guardControls_v2 2022-09-22 13:42:50 +02:00
Tom Hvitved
e4e9a2e1f9 Data flow: Guard against viableImplInCallContext not being a subset ofviableCallable 2022-09-22 13:37:59 +02:00
Tom Hvitved
f0f4fe7286 Merge pull request #10444 from hvitved/ruby/stmt-sequence-post-update 
Ruby: Add post-update nodes for compound arguments
 2022-09-22 13:18:51 +02:00
Henry Mercer
f8f99af8b7 Bump the minor version of packs we regularly release 2022-09-22 12:14:19 +01:00
erik-krogh
f404f1ddce add change-note 2022-09-22 13:11:49 +02:00
Nick Rolfe
7d0bfe8f98 Merge pull request #10531 from github/nickrolfe/title-case 
Ruby: use consistent capitalization with `import ... as`
 2022-09-22 12:05:44 +01:00
Tom Hvitved
ad489155c4 Merge pull request #10469 from hvitved/csharp/dotnet-run-tracer-fix 
C#: Prepend `-p:UseSharedCompilation=false` instead of append for `dotnet run`
 2022-09-22 12:59:33 +02:00
Chris Smowton
adf5f18c03 Merge pull request #10530 from github/smowton/admin/kotlin-tolerate-beta-versions 
Kotlin: Tolerate kotlinc versions like 1.7.20-Beta
 2022-09-22 11:55:02 +01:00
James Fletcher
40f77b25d1 remove duplicated anchor to fix failing tests 2022-09-22 11:15:11 +01:00
Nick Rolfe
df8a182ac2 Ruby: use consistent capitalization with import ... as 2022-09-22 11:13:41 +01:00
Nick Rolfe
ee34ac5394 Merge pull request #10512 from github/nickrolfe/hash_from_trusted_xml 
Ruby: add Hash.from_trusted_xml as an unsafe deserialization sink
 2022-09-22 10:59:49 +01:00