hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-23 19:32:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,686 Branches 158 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
2f429e7d29 convert some leftovers to use dataflow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
136124fbaa convert the remaining Koa models to DataFlow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
fc54ba823b update the existing expression based Express models 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
8266b083d7 update the predicates on Express::RouteHandler to use dataflow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
4cfbf15d18 deprecate RouteHandlerExpr and make RouteHandlerNode instead 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
3da34ca7a0 update Express::RouteExpr to a DataFlow::Node 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
3eb486610b update Express::RouterDefinition to a DataFlow::InvokeNode 2022-09-05 16:11:51 +02:00
Erik Krogh Kristensen
b77d77d8eb Merge pull request #10209 from erik-krogh/caseConsistency 
QL: add query detecting consistent casing of names
 2022-09-05 16:07:59 +02:00
Tamas Vajk
1c21ce0ec4 Kotlin: Lookup getter methods based on special JVM method mapping 2022-09-05 16:02:25 +02:00
Tamas Vajk
6a90db9b30 Kotlin: List diagnostics for special getter method extraction 2022-09-05 16:00:40 +02:00
Erik Krogh Kristensen
92240384a9 update the tests to reflect the extra DataFlow::Nodes 2022-09-05 15:47:38 +02:00
Erik Krogh Kristensen
dfb7782be0 replace getA?RouteHandlerExpr with getA?RouteHandlerNode 2022-09-05 15:46:27 +02:00
Erik Krogh Kristensen
288230d7cf update tests to reflect the extra DataFlow::Nodes from ResponseNode and RequestNode 2022-09-05 15:46:27 +02:00
Erik Krogh Kristensen
30d929909c deprecate RequestExpr and ResponseExpr and use ResponseNode and RequestNode instead 2022-09-05 15:46:25 +02:00
Erik Krogh Kristensen
9cb7522bc1 change RouteSetup to a DataFlow::Node 2022-09-05 15:45:31 +02:00
Erik Krogh Kristensen
d98028be1a change ServerDefinition to a DataFlow::Node 2022-09-05 15:44:56 +02:00
Geoffrey White
946456acc2 C++: Apply the sanitizer improvement from cpp/cleartext-storage-buffer in cpp/cleartext-storage-file and cpp/cleartext-transmission. 2022-09-05 14:44:33 +01:00
Erik Krogh Kristensen
ced4843dd7 change CookieDefinition to a DataFlow::Node 2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen
24b845589d change ResponseBody to a DataFlow::Node 2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen
19e808186d refactor definesExplicitly to use DataFlow::Node 2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen
ce0175a046 don't use astNode in StandardHeaderDefinition 2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen
d4ccc75ce1 refactor RedirectInvocation to a DataFlow::Node 2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen
a03e6a800d deprecate the HTTP flowsTo predicates to avoid confusion with SourceNode::flowsTo 2022-09-05 15:44:12 +02:00
James Fletcher
d787d94fbd Merge branch 'main' into download-db-vs-code 2022-09-05 13:55:17 +01:00
Ian Lynagh
b38ad13f82 Merge pull request #10268 from tamasvajk/kotlin-local-function-comments 
Kotlin: fix doc comment extraction for local functions
 2022-09-05 13:35:01 +01:00
Taus
c19574b9a4 Merge pull request #10267 from yoff/python/port-EmptyExcept 
python: Rewrite EmptyExcept from `points-to` to API graph
 2022-09-05 14:11:34 +02:00
Tom Hvitved
b197eff23e Ruby: Add missing edges to the call graph for singleton methods 2022-09-05 14:11:04 +02:00
Tom Hvitved
ab22f932a5 Ruby: Add more tests for singleton methods 2022-09-05 14:09:59 +02:00
erik-krogh
aa56ca37ae make the alert messages of taint-tracking queries more consistent 2022-09-05 14:04:52 +02:00
Erik Krogh Kristensen
1fe9b3f4bd Merge pull request #10252 from erik-krogh/py-followMsg 
PY: change alert messages of path queries to use the same template
 2022-09-05 14:03:36 +02:00
Tom Hvitved
e680d1a6ec C#: No longer manually disable shared compilation in codeql-analysis.yml 
Instead, rely on the tracer to inject the flag.
 2022-09-05 13:55:58 +02:00
Rasmus Lerchedahl Petersen
5fc1bbc8c5 Python: Only alert on Python 2 code 
since
- Python 3 is ok from 3.7 onwards
- support for Python 3.6 was just dropped
- we do not actually know the minor version of the analysed code
  (only of the extractor)
 2022-09-05 13:38:14 +02:00
erik-krogh
0de0325c8e change the alert-message for py/modification-of-default-value 2022-09-05 13:30:56 +02:00
erik-krogh
a86a940df7 add getRepr() and toString() on RelevantState 2022-09-05 13:27:34 +02:00
Ian Lynagh
38ba516687 Merge pull request #10281 from igfoo/igfoo/extractFunctionReference 
Kotlin: Remove cast in extractFunctionReference
 2022-09-05 11:49:09 +01:00
Ian Lynagh
824ac9eb73 Merge pull request #10283 from igfoo/igfoo/IrTypeParameter 
Kotlin: Remove a redundant cast
 2022-09-05 11:49:00 +01:00
Ian Lynagh
e1a153a7f3 Merge pull request #10282 from igfoo/igfoo/extendsAdditionAllowed 
Kotlin: Remove a cast in extendsAdditionAllowed
 2022-09-05 11:48:50 +01:00
Ian Lynagh
43a553dffb Merge pull request #10279 from igfoo/igfoo/extractGeneratedClass 
Kotlin: Remove cast in extractGeneratedClass
 2022-09-05 11:48:38 +01:00
Tamás Vajk
674305195a Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-09-05 12:19:54 +02:00
Tamas Vajk
d50e3c77e5 Workflow: Add paths filter to QL for QL workflow 2022-09-05 11:55:03 +02:00
Edoardo Pirovano
c239871f3a Merge pull request #10292 from github/edoardo/add-search-path 
QL4QL: Add `--search-path` to `codeql resolve languages` calls
 2022-09-05 10:40:00 +01:00
James Fletcher
45182c2f46 Merge branch 'main' into download-db-vs-code 2022-09-05 10:24:55 +01:00
Edoardo Pirovano
14dafefb79 QL4QL: Add --search-path to codeql resolve languages calls 2022-09-05 10:23:23 +01:00
erik-krogh
3f1cb04f3e sync files 2022-09-05 11:22:34 +02:00
Erik Krogh Kristensen
0162bc3c77 use RelevantState inside the lastStartState predicate 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-09-05 11:22:12 +02:00
Tom Hvitved
9ebabd1e1f SSA: Strip shared from namespace and qlpack name 2022-09-05 11:17:30 +02:00
Felicity Chapman
2cacba5f66 Apply suggestions to fix typos and formatting glitches 2022-09-05 09:59:20 +01:00
Rasmus Lerchedahl Petersen
afb50212a0 Python: update version check 
doc said 3.5 experience says 3.7
 2022-09-05 10:50:53 +02:00
Tom Hvitved
d8b352c2e6 C#: Use -p: instead of /p: with dotnet 
Makes a difference for `dotnet run` where the option will otherwise be considered
an argument to the program that is run.
 2022-09-05 10:40:00 +02:00
Tamas Vajk
6f7f760682 Kotlin: Fix array set operator extraction 2022-09-05 10:20:07 +02:00