hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-22 10:52:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,685 Branches 158 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
ab296d4d62 Merge pull request #10396 from asgerf/js/regexp-always-matches-fp 
JS: Fix FP in js/regexp/always-matches
 2022-09-19 09:32:00 +02:00
Andrew Eisenberg
e6eaf37e22 Add redirect for removed 'About QL packs' article 
Note that sphinx gives an error if you have a document to build that
is not part of a toctree. In order to avoid this error and not show
the document in any toctree that users will see, I added a hidden
toctree to the redirect article.
 2022-09-18 10:45:59 -07:00
Tom Hvitved
a8cc669251 Ruby: Address review comments 2022-09-18 19:34:54 +02:00
Tom Hvitved
9004e82820 Ruby: Add another call graph test 2022-09-18 19:34:00 +02:00
Mathias Vorreiter Pedersen
02076074ff C++: Add more comments. 2022-09-18 12:48:13 +01:00
Mathias Vorreiter Pedersen
3e6576bfaf C++: Add example of missing result. 2022-09-18 12:18:04 +01:00
Mathias Vorreiter Pedersen
d1cf688abf C++: Fix test function naming. 2022-09-18 12:17:46 +01:00
Mathias Vorreiter Pedersen
78535dc70b C++: Autoformat. 2022-09-18 12:02:32 +01:00
Michael Nebel
a464e5be72 C#: Address review comments. 2022-09-17 13:51:03 +02:00
Andrew Eisenberg
13d4c4a5b9 Merge pull request #10460 from github/aeisenberg/lang-spec-packs 
Updates the library path section of the CodeQL spec
 2022-09-16 15:01:43 -07:00
Andrew Eisenberg
867e31693d Updates the library path section of the CodeQL spec 
- Remove references to `queries.xml`. It is still supported, but we
  don't want people using it.
- Add reference to `codeql-pack.yml`. It is just an alias for
  `qlpack.yml` and not being used.
- Remove reference to `libraryPathDependencies` and use `dependencies`
  instead.

Note that this section does not give a complete description of library
paths. That will be a part of the "Developing a codeql pack" article
that is forthcoming.
 2022-09-16 14:31:17 -07:00
Andrew Eisenberg
027365c246 Update the analyze databases article 
This change updates the analyze databases article to clarify examples.
It reorganizes to put packs examples first and rearranges a few
paragraphs.
 2022-09-16 14:05:28 -07:00
Andrew Eisenberg
bbf09c8f8a Update qlpack properties descriptions 
Makes table easier to read.
 2022-09-16 12:53:27 -07:00
Tom Hvitved
29bfb4d185 Ruby: Revert changes to isLocalSourceNode and localFlowStepTypeTracker 
Instead, use small-step type tracking, as suggested by @rasmuswl offline.
 2022-09-16 19:38:26 +02:00
Chris Smowton
3fa1f17b83 Java: really return a unique location for non-source entities 
This was always supposed to pick one of several candidate non-source locations (usually for a generic type instantiation), but since `getFile().toString()` just produces the basename of the class file actually the results would almost always tie and all of the candidate locations would be returned. Use the full class file path as a tiebreaker instead.
 2022-09-16 18:23:31 +01:00
Ian Lynagh
4a4cd8a770 Merge pull request #10456 from github/post-release-prep/codeql-cli-2.10.5 
Post-release preparation for codeql-cli-2.10.5
 2022-09-16 17:18:05 +01:00
Mathias Vorreiter Pedersen
dc00643ad1 C++: More QLDoc. 2022-09-16 17:14:29 +01:00
Mathias Vorreiter Pedersen
031f20a0eb C++: Respond to review comments. 2022-09-16 16:19:06 +01:00
Chris Smowton
0ab5d466f6 Update test expectations now that the Java extractor's nested annotation handling has been fixed 2022-09-16 15:50:54 +01:00
Anders Schack-Mulligen
1945f185ed Apply suggestions from code review 
Autoformat
 2022-09-16 15:49:16 +01:00
Marcono1234
c8b922937b Java: Extend AnnotationType.isATargetType documentation 2022-09-16 15:49:16 +01:00
Marcono1234
37b18914ac Java: Add annotation tests 2022-09-16 15:49:16 +01:00
Marcono1234
8c9bdeb3be Java: Address Annotation review comments and add change note 2022-09-16 15:49:16 +01:00
Marcono1234
659a3a7925 Java: Deprecate RetentionAnnotation.getRetentionPolicyExpression() 2022-09-16 15:49:16 +01:00
Marcono1234
90a9364b00 Java: Rename Annotation.getAnArrayValue with index 
As mentioned by smowton during review, the predicate only has a single result
due to being restricted by the index and therefore its name should not start
with "getA...".

Also remove deprecated `getAValue(string, int)` because it never existed on
the `main` branch.
 2022-09-16 15:49:16 +01:00
Marcono1234
4ef2d156c4 Java: Deprecate error-prone and rarely used annotation predicates 2022-09-16 15:49:16 +01:00
Marcono1234
e3c1b96830 Java: Fix incorrect annotation handling for SpringControllerRequestMappingGetMethod 2022-09-16 15:49:16 +01:00
Marcono1234
998aa95eae Java: Add convenience array value Annotation predicates 2022-09-16 15:49:16 +01:00
Marcono1234
47e38952d1 Java: Improve Annotation.getAnAssociatedAnnotation 
As suggested by smowton during review.
 2022-09-16 15:49:16 +01:00
Marcono1234
fd5fdd89d9 Java: Rename Annotation.getAValue predicates for array values 
Predicate name could lead to confusion with non-array predicate getAValue()
 2022-09-16 15:49:16 +01:00
Marcono1234
b96061aa7e Java: Rename Annotation value predicates 2022-09-16 15:49:16 +01:00
Marcono1234
c226758889 Java: Add classes and predicates for @Repeatable 2022-09-16 15:49:16 +01:00
Marcono1234
02c8fe9346 Java: Add convenience predicates for AnnotationType 2022-09-16 15:49:16 +01:00
Marcono1234
f69b6eef7a Java: Clarify that Annotatable predicates consider inherited annotations 
Additionally changes `hasAnnotation()` to consider inherited annotations
for consistency.
 2022-09-16 15:49:16 +01:00
Marcono1234
afb7462052 Java: Clarify that Annotation value predicates have default value as result 2022-09-16 15:49:15 +01:00
Marcono1234
536f5c7f89 Java: Add Annotation value convenience predicates 2022-09-16 15:49:15 +01:00
Chris Smowton
3165babc88 Merge pull request #10445 from smowton/smowton/fix/annotaton-array-trap-label 
Java: Add test for annotations with annotation-array-typed fields
 2022-09-16 15:45:36 +01:00
Alex Ford
08c8db8937 Ruby: stop rb/sensitive-get-query from considering ID type data as sensitive 2022-09-16 15:40:13 +01:00
Alex Ford
79ad7d293f Ruby: make SensitiveExpr a dataflow node rather than an Expr 2022-09-16 15:39:16 +01:00
github-actions[bot]
67ce442674 Post-release preparation for codeql-cli-2.10.5 2022-09-16 14:23:44 +00:00
Mathias Vorreiter Pedersen
f14df6426e Merge pull request #10455 from geoffw0/cleartexttest 
Swift: Update test for swift/cleartext-transmission
 2022-09-16 14:59:30 +01:00
yoff
0703b88f92 Merge pull request #10404 from RasmusWL/update-range-pattern 
Docs: Use `instanceof` in `::Range` pattern description
 2022-09-16 15:18:35 +02:00
Tony Torralba
e140f04881 Merge pull request #10393 from zbazztian/uri-constructor-flow 
Java: Model taint flow for java.net.URI constructors in tainted path queries
 2022-09-16 15:10:40 +02:00
Tony Torralba
3141fdae72 Address review comments re: flow states 2022-09-16 14:48:30 +02:00
Geoffrey White
213cd94047 Swift: Update the test. 2022-09-16 13:24:37 +01:00
Anders Schack-Mulligen
e6d4e87458 Merge pull request #10416 from aschackmull/java/dispatch-confidence 
Java: Remove low confidence dispatch for which we have a manual summary.
 2022-09-16 13:36:04 +02:00
Alex Denisov
d6d8480b2a Swift: fix internal builds 2022-09-16 12:59:43 +02:00
Chris Smowton
80968eef47 Add test for annotations with annotation-array-typed fields 2022-09-16 11:30:16 +01:00
James Fletcher
bc93a22e7d Merge pull request #10449 from github/jf205-patch-1 
Correct link to API docs for 'Get a CodeQL database for a repository'
 2022-09-16 11:13:20 +01:00
Alex Denisov
c638789f3e Swift: open(2) interception 2022-09-16 12:02:16 +02:00