hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-28 22:02:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,684 Branches 159 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
f9e1e630f7 Swift: more accurate NSObject / NSString hierarchy in test. 2022-06-22 12:36:40 +01:00
Tamás Vajk
c0e115700d Merge pull request #9647 from tamasvajk/kotlin-when-branch-encl-stmt 
Kotlin: Fix enclosing statement of `when` branches
 2022-06-22 13:18:56 +02:00
Michael Nebel
8899bf7f05 C#: Update tests. 2022-06-22 13:03:23 +02:00
Michael Nebel
0ef97b41c8 C#: Update .NET Runtime models and add sources and sinks. 2022-06-22 13:03:10 +02:00
Jeroen Ketema
b1dd8da587 C++: Fix query formatting 2022-06-22 12:59:49 +02:00
Ian Lynagh
c7a6b1e9a7 Merge pull request #9640 from igfoo/igfoo/vis 
Kotlin/Java: Add the beginnings of a "visibility" consistency query
 2022-06-22 11:34:15 +01:00
Paolo Tranquilli
3ed783df7f Swift: fix tests 2022-06-22 12:14:47 +02:00
Paolo Tranquilli
aea4910be4 Merge pull request #9620 from github/redsun82/swift-codespace 
Swift: add devcontainer setup
 2022-06-22 11:52:08 +02:00
Rasmus Wriedt Larsen
876ba71d9b Python/JS/Ruby: Add change-note 2022-06-22 11:14:05 +02:00
Paolo Tranquilli
ee5c30ebda Merge main into redsun82/swift-extraction 2022-06-22 11:11:20 +02:00
Paolo Tranquilli
e0784e0680 Swift: fix update-codeql 
Also require sudo at the start of the script if updating.
 2022-06-22 11:05:30 +02:00
Rasmus Wriedt Larsen
2ce4b7b9fc SensitiveDataHeuristics: sync 2022-06-22 11:05:14 +02:00
Rasmus Wriedt Larsen
4be375521f Python: Handle _ in sensitive-data-sources 2022-06-22 11:05:14 +02:00
Rasmus Wriedt Larsen
4a844312f4 Python: _ in var name not handled by sensitive-data-sources 2022-06-22 11:05:14 +02:00
Rasmus Wriedt Larsen
5dc2bb717a Python: ignore common words (certain/concert) as sensitive source 2022-06-22 11:05:05 +02:00
Paolo Tranquilli
4377fb0552 Swift: auto-install codeql on codespace 2022-06-22 10:51:30 +02:00
Anders Schack-Mulligen
df6d68b215 Merge pull request #9618 from aschackmull/dataflow/deprecate-barrierguard-class 
Dataflow: Deprecate BarrierGuard class
 2022-06-22 10:44:08 +02:00
Michael Nebel
24ba5cc06e Merge pull request #9025 from michaelnebel/csharp/generatedrefactor 
C#: Provenance column in Models as Data CSV format.
 2022-06-22 10:34:31 +02:00
Rasmus Wriedt Larsen
abdcfd55c3 Python: uncertainty is treated as a certificate :O 2022-06-22 10:16:28 +02:00
Paolo Tranquilli
400d7afc94 Swift: tweaks to codespace setup 2022-06-22 09:59:12 +02:00
Tamas Vajk
a50e062b3c Kotlin: Fix enclosing statement of when branches 2022-06-22 09:10:27 +02:00
Tamas Vajk
640026d387 Kotlin: add enclosing statement test 2022-06-22 09:09:57 +02:00
Jeroen Ketema
4a78c9b06d C++: Add change note 2022-06-22 08:11:24 +02:00
Jeroen Ketema
880c785efe C++: Ensure we can round trip between (forward) class declarations 
This was already possible when the forward class declaration and the class
definition occurred in the same scope. However, there is a common C++ usage
pattern in which this is not the case (when only a pointer to the class is
needed). In this latter scenario we could not round trip between the (forward)
`DeclarationEntry` and the `Declaration`.

Effectively this changes the code to:
```
if exists(TypeDeclarationEntry e | e.getType() = this)
then result.getType() = this
else ...
```
We use `type_decls` instead to stay close to the original code.
 2022-06-22 07:58:45 +02:00
Jeroen Ketema
0f37e4e7b2 C++: Add variable in namespace test 2022-06-22 07:56:27 +02:00
Jeroen Ketema
a8833a0c70 C++: Test showing going from a forward class declaration to a class but not back 2022-06-22 07:53:50 +02:00
Jeroen Ketema
40e0356177 C++: Test that we can go from a DeclarationEntry to a Declaration and back 2022-06-22 07:53:50 +02:00
Michael Nebel
2b892bc000 Merge pull request #9553 from michaelnebel/csharp/narrowtelemetry 
C#/Java: Only display 1k most relevant results for ExternalApi telemetry queries.
 2022-06-22 07:35:56 +02:00
thiggy1342
995f365568 just check string literal 2022-06-22 02:17:01 +00:00
thiggy1342
c767f241ad narrow query scope 2022-06-22 02:12:23 +00:00
thiggy1342
f6c4b5c44b Merge branch 'experimental-manually-check-request-verb' of https://github.com/thiggy1342/codeql into experimental-manually-check-request-verb 2022-06-21 21:27:39 +00:00
thiggy1342
990747cd22 Limit findings to just those called in Controllers 2022-06-21 21:27:18 +00:00
thiggy1342
53729f99c5 restrict findings to just controller classes 2022-06-21 20:28:29 +00:00
thiggy1342
bbe17b3667 Merge branch 'experimental-strong-params' of https://github.com/thiggy1342/codeql into experimental-strong-params 2022-06-21 19:31:18 +00:00
thiggy1342
83b720d730 first draft of weak params query 2022-06-21 19:28:53 +00:00
Brandon Stewart
a2e2dcdfd5 Make ActiveRecordInstanceMethodCall Public 2022-06-21 14:44:52 -04:00
Ian Lynagh
52b229052d Kotlin/Java: Add the beginnings of a "visibility" consistency query 2022-06-21 17:24:37 +01:00
Andrew Eisenberg
1ec838e671 Update docs/codeql/codeql-cli/analyzing-databases-with-the-codeql-cli.rst 
Co-authored-by: James Fletcher <42464962+jf205@users.noreply.github.com>
 2022-06-21 09:14:23 -07:00
Paolo Tranquilli
1e4ac44362 Swift: some expression extractions 2022-06-21 17:31:40 +02:00
Mathias Vorreiter Pedersen
9fe238f20c Merge pull request #9637 from github/redsun82/swift-callable-extractor 
Swift: Callable abstraction
 2022-06-21 16:04:23 +01:00
Dave Bartolomeo
39d77d8f20 Merge pull request #9633 from github/edoardo/rc3.6-mergeback 
Merge `rc/3.6` into `main`
 2022-06-21 10:44:05 -04:00
Paolo Tranquilli
c77fc26c69 Swift: Callable abstraction 
This new class encompasses both `AbstractFunctionDecl` and
`AbstractClosureExpr`, together with their common parts (namely
parameters and the body).

`ClosureExpr` and `AutoClosureExpr` got ported to structured C++
generated translation in the process.
 2022-06-21 15:50:35 +02:00
Geoffrey White
8989210995 Swift: Fix some details so that the test works. 2022-06-21 14:22:35 +01:00
Mathias Vorreiter Pedersen
415e9742a7 Swift: Add a 'RemoteFlowSource' class. 2022-06-21 14:09:56 +01:00
yoff
dd69100dcd python: ParameterNode -> SourceParameterNode 2022-06-21 12:55:22 +00:00
yoff
2c2395ffd7 python: ParameterNode is the one used publicly 
- it contains also synthesized nodes, but getParameter returns none for these.
- hide isParameterOf
 2022-06-21 12:38:40 +00:00
Anders Schack-Mulligen
f8f9b7d3b4 Apply suggestions from code review 2022-06-21 14:11:36 +02:00
Erik Krogh Kristensen
e1c34c11ed add all jquery plugin parameters as source to js/html-constructed-from-input 2022-06-21 13:22:56 +02:00
Erik Krogh Kristensen
dde7e9e2e8 add test for jquery plugin parameters in js/html-constructed-from-input 2022-06-21 13:21:57 +02:00
Chris Smowton
7bb0d62863 Update comparisonBarrierGuard qldoc 2022-06-21 12:12:17 +01:00