hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-23 03:12:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,685 Branches 158 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erik-krogh
abb5c38bcd move the guides on link-texts into a new subsection 2022-09-16 11:56:52 +02:00
erik-krogh
e3990e824d add a line about link texts 2022-09-16 11:52:27 +02:00
Erik Krogh Kristensen
9e56128498 apply suggestions from doc review 
Co-authored-by: hubwriter <hubwriter@github.com>
 2022-09-16 11:46:06 +02:00
Anders Schack-Mulligen
9714497268 Java: Add change note. 2022-09-16 11:14:44 +02:00
Sebastian Bauersfeld
8c35803749 Add more details to change note. 2022-09-16 16:11:34 +07:00
Anders Schack-Mulligen
726772220c Merge pull request #10191 from smowton/smowton/admin/java-implicit-this-type-tests 
Java: Add test regarding the type of an implicit `this` expression
 2022-09-16 10:58:48 +02:00
Tony Torralba
fdc8453a59 Introduce TaintedPathAdditionalTaintStep 
Use separate configurations for tainted path and tainted path local again.
 2022-09-16 10:42:15 +02:00
Nick Rolfe
b5d648a6b0 Ruby: model ActionView::FileSystemResolver as a FileSystemAccess 2022-09-16 09:24:14 +01:00
James Fletcher
8e30754356 Update download-github-database.rst 2022-09-16 09:22:32 +01:00
Tom Hvitved
ac4d4ff613 Ruby: Rework call graph implementation 2022-09-16 10:22:26 +02:00
Tom Hvitved
41c45c26bc Ruby: Add more call graph tests, and make calls.rb interpretable by irb 2022-09-16 10:22:20 +02:00
AlexDenisov
d8b000fae3 Merge pull request #10448 from github/alexdenisov/swift-xcode-14 
Swift: skip more unsupported CLI args (new in Xcode 14)
 2022-09-16 10:08:21 +02:00
Sebastian Bauersfeld
95478f1af6 Address review comments. 2022-09-16 14:35:30 +07:00
Alex Denisov
2b12aece63 Swift: skip more unsupported CLI args (new in Xcode 14) 2022-09-16 09:24:20 +02:00
Anders Schack-Mulligen
142d9eb6ef Merge pull request #10446 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-09-16 09:00:33 +02:00
github-actions[bot]
0e1aca547b Add changed framework coverage reports 2022-09-16 00:23:05 +00:00
Erik Krogh Kristensen
f648dd4a2e Merge pull request #10443 from erik-krogh/moreNames 
QL: recognize the names from all VarDefs
 2022-09-15 22:34:17 +02:00
erik-krogh
af045a025d Merge branch 'main' into moreNames 2022-09-15 21:04:49 +02:00
Philip Ginsbach
87e782560c Merge pull request #10439 from github/ginsbach/JavascriptUpperCaseVariables 
JavaScript: remove upper-case variable names
 2022-09-15 20:03:20 +01:00
erik-krogh
ac91b30ed0 recognize the names from all VarDefs 2022-09-15 20:48:12 +02:00
Tamás Vajk
d958c04a79 Merge pull request #9693 from raulgarciamsft/Token_validation 
Token validation
 2022-09-15 20:18:33 +02:00
Tony Torralba
c0762dfdb0 Merge pull request #10437 from github/atorralba/fix-0.3.4-changenote 
Java: Fix wrong packages in minor analysis change note
 2022-09-15 19:12:57 +02:00
Philip Ginsbach
d1df2aa457 remove upper-case variable names 2022-09-15 18:08:50 +01:00
Philip Ginsbach
0a2d0f7f68 Merge pull request #10440 from github/ginsbach/JavaUpperCaseVariables 
Java: remove upper-case variable name
 2022-09-15 18:07:51 +01:00
Mathias Vorreiter Pedersen
4482669d7e C++: Add a new 'InvalidPointerDeref' query to experimental. 2022-09-15 17:47:15 +01:00
Mathias Vorreiter Pedersen
b8a5aa5d85 C++: Fix a couple of range analysis issues: 
1. The new query is expecting pointer arithmetic operations to generate
range-analysis bounds, but this wasn't true on main.
2. The bounds generated by `boundFlowCond` was incorrectly inferred as
non-strict when comparing a pointers (unlike when comparing values of
integral types). This gave FPs in the new query.

This also fixes a couple of missing results in existing queries that
use the new range-analysis library.
 2022-09-15 17:46:52 +01:00
Philip Ginsbach
c2bdb69476 remove upper-case variable name 2022-09-15 16:32:16 +01:00
Mathias Vorreiter Pedersen
d981f898e4 C++: Add flow states to the product dataflow library. 2022-09-15 15:54:09 +01:00
Jeroen Ketema
8b292351b7 Merge pull request #10435 from github/ginsbach/RemoveEvenMoreUpperCaseVariables 
C++: remove more upper-case variable names
 2022-09-15 16:43:50 +02:00
Chris Smowton
88644b6e76 Add change note 2022-09-15 15:35:52 +01:00
Tony Torralba
62b1091c17 Fix wrong packages in minor analysis change 2022-09-15 16:30:12 +02:00
Philip Ginsbach
26099d6ab7 remove more upper-case variable names 2022-09-15 14:36:02 +01:00
Rasmus Wriedt Larsen
0e3821d3e3 Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-09-15 15:13:08 +02:00
Tony Torralba
df5178d7ee Merge pull request #10330 from atorralba/atorralba/implicit-pendingintents-compat-sinks 
Java: Add Implicit PendingIntents sinks for Compat classes
 2022-09-15 14:39:19 +02:00
Tony Torralba
714b37e77b Merge pull request #10318 from atorralba/atorralba/notificationcompat-steps 
Java: Add summaries for NotificationCompat and its inner classes
 2022-09-15 14:38:39 +02:00
Geoffrey White
6b21563018 C++: Update change note. 2022-09-15 13:37:20 +01:00
Anders Schack-Mulligen
a4ae9a09f9 Java: Use MaD summaries for java.util.Hashtable. 2022-09-15 13:55:44 +02:00
Chris Smowton
5a56bb97fc deprecated-call query: notice calls to methods of specialised generic classes 2022-09-15 12:49:12 +01:00
AlexDenisov
b8bc7fb926 Merge pull request #10434 from github/redsun82/fix-c-compilation 
Bazel: only pass `-std=c++17` for C++ compilation
 2022-09-15 13:00:07 +02:00
Paolo Tranquilli
ce6109547b Bazel: only pass -std=c++17 for C++ compilation 2022-09-15 12:30:30 +02:00
Tom Hvitved
40241acbfc Merge pull request #10425 from hvitved/ruby/bad-join-fix 
Ruby: Fix bad join-order in DB upgrade script
 2022-09-15 12:09:14 +02:00
Ian Lynagh
a939156ade Merge pull request #10419 from igfoo/igfoo/unused 
Kotlin: Remove an unused method
 2022-09-15 10:57:58 +01:00
Ian Lynagh
618a5b9b8c Merge pull request #10427 from igfoo/igfoo/werror 
Kotlin: Compile with -Werror, and fix warnings
 2022-09-15 10:57:45 +01:00
Jeroen Ketema
a20b41685e Merge pull request #10420 from github/ginsbach/RemoveMoreUpperCaseVariables 
remove several upper-case `NamedExpression` variable names
 2022-09-15 11:50:02 +02:00
Sebastian Bauersfeld
20d78972f5 Address review comments. 2022-09-15 16:44:36 +07:00
Michael Nebel
32816fa68f C#: Improve join in the InterpretedCallable characteristic predicate. 2022-09-15 10:54:27 +02:00
Chris Smowton
b926bc9efa Fix and add test for java/subtle-inherited-call involving inheritence from generic types 2022-09-14 22:17:19 +01:00
Chris Smowton
da04673cb0 Fix query java/internal-representation-exposure regarding generic callees, and add a test 2022-09-14 22:17:19 +01:00
Chris Smowton
c149754c6b Fix java/iterator-remove-failure to handle calls to specialised generic functions 2022-09-14 22:17:19 +01:00
Chris Smowton
3bdccb38b6 Adapt inner-class-could-be-static query now that specialised methods are callable via an implicit this qualifier. 
Previously such a call always targeted the unbound method, so we checked for an inherited method that could be a specialisation thereof; now we expect it should be directly inherited.
 2022-09-14 22:17:19 +01:00