codeql

mirror of https://github.com/github/codeql.git synced 2026-01-22 10:52:58 +01:00

Author	SHA1	Message	Date
Harry Maclean	24b582d77a	Add missing QLDoc	2022-09-20 15:55:34 +01:00
Harry Maclean	96a34c3690	QL4QL fix	2022-09-20 15:55:34 +01:00
Harry Maclean	53a34174b9	Model ActiveStorage	2022-09-20 15:55:34 +01:00
Harry Maclean	39a1cf5bd8	Ruby: Allow custom edges in API graph EntryPoints	2022-09-20 15:55:34 +01:00
Paolo Tranquilli	0f74674319	Merge pull request #10492 from github/redsun82/bazel-codeowners Bazel: add some bazel files to `CODEOWNERS`	2022-09-20 16:50:37 +02:00
Mathias Vorreiter Pedersen	9d50fc6aa3	Merge pull request #10487 from MathiasVP/fix-identical-files-for-cpp C++: Add shared files in `experimental` to `identical-files.json`.	2022-09-20 15:43:43 +01:00
Paolo Tranquilli	5df4ca808f	Bazel: add some bazel files to `CODEOWNERS`	2022-09-20 16:31:05 +02:00
Tom Hvitved	2677ab6b19	Ruby: Fix bad join-order Before ``` Evaluated relational algebra for predicate Module#fe82a56b::lookupMethodOrConst0#2#fff#antijoin_rhs@e23c32nf with tuple counts: 118006 ~0% {3} r1 = SCAN Module#fe82a56b::getMethodOrConst#2#fff OUTPUT In.1, In.0, In.2 35267848 ~3% {4} r2 = JOIN r1 WITH project#Module#fe82a56b::getMethodOrConst#2#fff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Lhs.2, Rhs.1 21883 ~0% {5} r3 = JOIN r2 WITH Module#fe82a56b::Cached::getAPrependedModule#1#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.3, Lhs.0, Lhs.1, Lhs.2 7 ~16% {3} r4 = JOIN r3 WITH Module#fe82a56b::getAncestors#1#ff ON FIRST 2 OUTPUT Lhs.2, Lhs.3, Lhs.4 return r4 ``` After ``` Evaluated relational algebra for predicate Module#fe82a56b::lookupMethodOrConst0#2#fff#antijoin_rhs@839f6a1k with tuple counts: 118006 ~1% {3} r1 = SCAN Module#fe82a56b::getMethodOrConst#2#fff OUTPUT In.0, In.2, In.1 151 ~0% {4} r2 = JOIN r1 WITH Module#fe82a56b::Cached::getAPrependedModule#1#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.0, Lhs.1, Lhs.2 155 ~1% {4} r3 = JOIN r2 WITH Module#fe82a56b::getAncestors#1#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.3, Lhs.1, Lhs.2 7 ~0% {3} r4 = JOIN r3 WITH project#Module#fe82a56b::getMethodOrConst#2#fff ON FIRST 2 OUTPUT Lhs.2, Lhs.3, Lhs.1 return r4 ```	2022-09-20 16:24:39 +02:00
Geoffrey White	c599b02e98	C++: Add test case.	2022-09-20 15:23:13 +01:00
Ian Lynagh	6e249dad7f	Kotlin: TrapLocker: Pass the TRAP file to be opened We already know what it is, as we've just locked it.	2022-09-20 15:12:58 +01:00
Erik Krogh Kristensen	0720fa75df	Merge pull request #10286 from erik-krogh/js-followMsg JS: change alert messages of path queries to use the same template	2022-09-20 16:12:45 +02:00
Tony Torralba	cbb64cc8c1	Merge pull request #10352 from atorralba/atorralba/promote-template-injection Java: Promote Server-side template injection from experimental	2022-09-20 16:11:58 +02:00
Ian Lynagh	2731740c67	Kotlin: TrapLocker: Remove unused isNonSourceTrapFile	2022-09-20 15:07:35 +01:00
Paolo Tranquilli	b4df557c5a	Merge branch 'main' into redsun82/swift-do-not-extract-inactive-ifconfig-clauses	2022-09-20 15:41:34 +02:00
Paolo Tranquilli	3fd8136dc7	Swift: accept test results	2022-09-20 15:37:09 +02:00
AlexDenisov	4614074d01	Merge pull request #10452 from github/alexdenisov/remove-swift-vfs Swift: remove (dead) VFS related code	2022-09-20 15:36:58 +02:00
Paolo Tranquilli	d0e3edf7ad	Merge pull request #10482 from github/redsun82/swift-action-triggers Swift: trigger workflows on bazel changes	2022-09-20 15:33:33 +02:00
Tom Hvitved	647397759e	Merge pull request #10336 from hvitved/ruby/call-graph-rework Ruby: Rework call graph implementation	2022-09-20 15:29:40 +02:00
Paolo Tranquilli	250965b140	Swift: update extractor for `TypeRepr` changes	2022-09-20 15:24:51 +02:00
Mathias Vorreiter Pedersen	90f24d3e82	Merge pull request #10430 from geoffw0/cleartextmissing Swift: Fix missing results in swift/cleartext-storage-database	2022-09-20 14:23:29 +01:00
Paolo Tranquilli	dfc91bb0f0	Swift: make `type` non optional in `TypeRepr`	2022-09-20 15:23:27 +02:00
Paolo Tranquilli	72a4bd3f1e	Swift: group unresolved elements and remove their tests	2022-09-20 15:22:20 +02:00
Nick Rolfe	30b54b2abe	Merge pull request #10450 from github/nickrolfe/filesystemresolver Ruby: model ActionView::FileSystemResolver as a FileSystemAccess	2022-09-20 14:21:28 +01:00
Paolo Tranquilli	0e62d6f123	Swift: update extractor to new `IfConfigDecl`	2022-09-20 15:12:37 +02:00
Paolo Tranquilli	7ae68fcc03	Swift: rework `IfConfigDecl` schema	2022-09-20 15:11:58 +02:00
Alex Denisov	c020bee529	Swift: remove VFS related code	2022-09-20 15:06:25 +02:00
Alex Denisov	dafa9d24f1	Swift: skip one more unsupported CLI arg	2022-09-20 15:04:54 +02:00
Mathias Vorreiter Pedersen	74ccec75c8	C++: Sync identical files.	2022-09-20 13:37:54 +01:00
Mathias Vorreiter Pedersen	351e517786	Update config/identical-files.json Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2022-09-20 13:34:31 +01:00
Paolo Tranquilli	9fb4ff70b4	Merge branch 'main' into redsun82/swift-action-triggers	2022-09-20 14:23:22 +02:00
Asger F	0294444054	JS: Remove docs for the old portal-based flow summaries	2022-09-20 14:20:46 +02:00
yoff	ea743173d5	Merge pull request #8781 from yoff/python-dataflow/flow-summaries-from-scratch Python dataflow: flow summaries restart	2022-09-20 14:08:31 +02:00
Mathias Vorreiter Pedersen	79654d978d	C++: Sync identical files.	2022-09-20 12:57:21 +01:00
Mathias Vorreiter Pedersen	e661c981e4	C++: Add shared files in experimental to 'identical-files.json'.	2022-09-20 12:53:43 +01:00
AlexDenisov	805aa94799	Merge pull request #10485 from github/redsun82/swift-fix-version-in-integration-tests Swift: fix version in integration tests	2022-09-20 13:44:50 +02:00
Rasmus Lerchedahl Petersen	318e3290f2	Python: use "extracted" instead of "source" The precedence for the use of "source" to denote elements of source code is found in `EssaVariable::getSourceVariable` as well as in the Ruby code base. But it clashes with the many uses of source to mean "source of flow" found in the data flow library.	2022-09-20 13:26:04 +02:00
Erik Krogh Kristensen	38b23f1bc1	Merge pull request #10471 from erik-krogh/tooRacy JS: filter out "file read after existence check" from js/file-system-race	2022-09-20 13:22:06 +02:00
Erik Krogh Kristensen	72d326126a	Merge pull request #10476 from erik-krogh/ruby-unqueryable ruby: remove unused predicate from NfaUtilsSpecific	2022-09-20 13:21:44 +02:00
Geoffrey White	3573dd6728	Swift: Address review comments.	2022-09-20 12:17:21 +01:00
Paolo Tranquilli	45fc1d5cdf	Swift: fix version in integration tests	2022-09-20 12:51:48 +02:00
Chris Smowton	f826342112	Merge pull request #6246 from Marcono1234/marcono1234/annotation-improvements Java: Improve and add predicates and classes for annotations	2022-09-20 11:48:29 +01:00
Rasmus Lerchedahl Petersen	9a7afa9d8d	Python: more idiomatic cartesian product	2022-09-20 12:47:56 +02:00
erik-krogh	70eced62b6	delete unused predicate that couldn't be imported from outside the folder	2022-09-20 12:40:39 +02:00
erik-krogh	8eefa4c1b0	deprecate internal predicate that was never used	2022-09-20 12:39:41 +02:00
erik-krogh	bec381a1dc	remove unused predicate from NfaUtilsSpecific.qll	2022-09-20 12:38:34 +02:00
Erik Krogh Kristensen	91f9e89e95	Merge pull request #10405 from erik-krogh/styleGuide update the style guide on alert-messages	2022-09-20 12:13:32 +02:00
Erik Krogh Kristensen	cd71546915	Merge pull request #10475 from erik-krogh/go-unqueryable Go: Fix source/sanitizer class that were never used	2022-09-20 12:12:33 +02:00
Erik Krogh Kristensen	d1e662dff4	Merge pull request #10472 from erik-krogh/rename JS: don't mention classes that don't exist in TaintTracking.qll	2022-09-20 12:08:15 +02:00
Tony Torralba	4af29e6abf	Update java/ql/src/Security/CWE/CWE-094/TemplateInjection.qhelp Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>	2022-09-20 11:48:40 +02:00
Tony Torralba	4997f36f05	Apply suggestions from code review Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>	2022-09-20 11:48:18 +02:00

... 108 109 110 111 112 ...

49367 Commits