hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-15 23:44:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,680 Branches 158 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Edward Minnix III
710e012e09 Java: fix precision of Android WebView File access query 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-11-30 10:41:45 -05:00
Felicity Chapman
3e1d49ad80 First draft update tutorials 2022-11-30 15:38:58 +00:00
Tony Torralba
d958a62bf2 Fix expectations in data.swift 2022-11-30 16:19:55 +01:00
Karim Ali
8f456295e0 Merge pull request #11185 from karimhamdanali/swift-string-taint-steps 
Swift: add `String` taint steps
 2022-11-30 17:03:15 +02:00
erik-krogh
cddc9db690 change back to the old order of extracting externs before Xml 2022-11-30 15:46:46 +01:00
Alex Denisov
0bfe502bb0 Swift: remove patches from the extractor 
Moved elsewhere https://github.com/dsp-testing/codeql-swift-artifacts/pull/3
 2022-11-30 15:36:09 +01:00
Karim Ali
f6bc88471a update the expected output for CWE-079 
Now that we have support for taint through fields of String, we can now detect certain flows that we previously marked as [NOT DETECTED]. This commit updates the expected output of CWE-079 (and the in-code annotation of the accompanying test case) to reflect that update.
 2022-11-30 16:34:24 +02:00
erik-krogh
6620ba8cc8 Merge branch 'main' into exit-code 2022-11-30 15:26:31 +01:00
Paolo Tranquilli
b8c11de89c Merge pull request #11498 from github/redsun82/swift-codegen 
Swift: enhance `codegen` UX
 2022-11-30 15:17:18 +01:00
Owen Mansel-Chan
45e2a13c37 Merge pull request #11494 from owen-mc/dataflow/some-trivial-fixes 
Dataflow: some trivial fixes
 2022-11-30 13:59:41 +00:00
Anders Schack-Mulligen
1ce28540fb Merge pull request #11495 from intrigus-lgtm/patch-7 
Docs: Add missing `language[monotonicAggregates]` annotation
 2022-11-30 14:58:44 +01:00
Paolo Tranquilli
b4e3554af7 Merge pull request #11370 from github/alexdenisov/swift-5.7.1 
Swift: upgrade to Swift 5.7.1
 2022-11-30 14:23:12 +01:00
Paolo Tranquilli
bb3aa9e908 Swift: add --force to codegen 2022-11-30 14:19:33 +01:00
Alex Ford
7de5113e67 Ruby: rails/globalid changenote 2022-11-30 13:01:27 +00:00
Alex Ford
e321657f59 Ruby: model rails/globalid 2022-11-30 12:50:26 +00:00
Paolo Tranquilli
d6aad13a98 Swift: make codegen run when no registry is there 2022-11-30 13:47:12 +01:00
Paolo Tranquilli
76db5f22b3 Swift: make codegen resilient to formatting errors 
More in general, the managed renderer flow does things more sensibly
in case an exception is thrown:
* it will not remove any file
* it will drop already written files from the registry, so that codegen
  won't be skipped for those files during the next run
 2022-11-30 13:43:29 +01:00
Tom Hvitved
b33f5925bb Data flow: Sync files 2022-11-30 13:39:25 +01:00
Tom Hvitved
e0bd210797 Ruby: At most one hash-splat ParameterNode per callable 2022-11-30 13:38:55 +01:00
Felicity Chapman
9eafee365f Some updates missed in earlier PRs 2022-11-30 12:30:28 +00:00
Tony Torralba
e222807693 Remove dubious sinks 2022-11-30 13:25:17 +01:00
intrigus-lgtm
4e7e70f981 Docs: Add missing language[monotonicAggregates] annotation 
This adds the `language[monotonicAggregates]` annotation so that the example compiles.
 2022-11-30 13:12:06 +01:00
Alex Denisov
fe0ae6bf0b Swift: add 5.7.1 migration scripts 2022-11-30 12:52:26 +01:00
Alex Denisov
ad663533c7 Swift: bump setup Swift action 2022-11-30 12:40:42 +01:00
Alex Denisov
67fb56deb8 Swift: workaround an internal crash coming from Swift 5.7.1 2022-11-30 12:40:42 +01:00
Alex Denisov
f618d53302 Swift: add new implicit conversion 2022-11-30 12:40:34 +01:00
Alex Denisov
90d471b486 Swift: upgrade to Swift 5.7.1 2022-11-30 12:40:27 +01:00
Felicity Chapman
6dee013baa Merge branch 'rc/3.8' into felicitymay-8441-basic-query-2 2022-11-30 11:39:20 +00:00
Mathias Vorreiter Pedersen
d53d275bba Merge pull request #11450 from d10c/swift/missing-enum-cases 
Swift: extract missing cases of `AccessorKind` and `AccessSemantics` enums
 2022-11-30 11:18:52 +00:00
Owen Mansel-Chan
75940dc8b1 Remove @codeql-go from code owners for dataflow 2022-11-30 11:16:53 +00:00
Owen Mansel-Chan
635c202ced Use ArgumentPosition instead of int 
This matches what all of the other languages do.
 2022-11-30 11:16:52 +00:00
Arthur Baars
6103c577b6 Address comments 2022-11-30 12:02:42 +01:00
Owen Mansel-Chan
55c4643b20 Dataflow: Sync. 2022-11-30 11:00:07 +00:00
Arthur Baars
cbf4197575 Ruby: add change note 2022-11-30 11:57:35 +01:00
Arthur Baars
0f2cb440b0 Ruby: add flow summary for Enumerable#sole 2022-11-30 11:57:35 +01:00
Arthur Baars
5517cfa6c0 Ruby: add flow summary for Enumerable#pluck 2022-11-30 11:57:35 +01:00
Arthur Baars
207ba86d51 Ruby: add flow summary for Enumerable#pick 2022-11-30 11:57:29 +01:00
Anders Schack-Mulligen
3d04b267ef Merge pull request #11492 from aschackmull/shared/util 
Shared: Add Util qlpack.
 2022-11-30 11:56:34 +01:00
Paolo Tranquilli
2f4cf592a7 Merge pull request #11490 from github/redsun82/cache 
CI: add workaround for nested composite actions issue
 2022-11-30 11:55:46 +01:00
Owen Mansel-Chan
ce8a20cfd1 Fix variable name (source should be sink) 2022-11-30 10:51:59 +00:00
Anders Schack-Mulligen
758cb8b412 Shared: Fix trailing and non-ascii whitespace. 2022-11-30 11:14:43 +01:00
Tony Torralba
56f5214782 Remove invalid MaD row 2022-11-30 11:10:30 +01:00
Anders Schack-Mulligen
0963b6f221 Java: Replace ad-hoc scc reduction with union-find. 2022-11-30 11:09:25 +01:00
Owen Mansel-Chan
ab276fc5d8 Merge pull request #11481 from owen-mc/dataflow/sync-go-libraries-2 
Sync go libraries
 2022-11-30 10:02:43 +00:00
Tom Hvitved
bfbe5bdfb8 Ruby: Add data flow test that illustrates spurious flow 2022-11-30 11:01:32 +01:00
Anders Schack-Mulligen
ba56565125 Update shared/util/codeql/util/Option.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-30 10:55:07 +01:00
Paolo Tranquilli
e12e86b520 Restore previous cache key 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-30 10:47:29 +01:00
Paolo Tranquilli
d165c4963d CI: add workaround for nested composite actions issue 
Because of https://github.com/actions/runner/issues/2009 the deeply
nested action cache was failing to save the cache in the post run phase.

For the moment we just avoid the nesting with a copy-pasted action
snippet.
 2022-11-30 10:47:29 +01:00
Paolo Tranquilli
22eb619235 Merge pull request #11467 from erik-krogh/test-ci 
CI: fix moving the compilation cache
 2022-11-30 10:47:07 +01:00
Anders Schack-Mulligen
71f5c8aa88 Shared: Add Util qlpack. 2022-11-30 10:43:33 +01:00