hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-18 17:04:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,679 Branches 158 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
0e4287e378 Kotlin: Exclude .kt files from java/unreachable-catch-clause 2022-10-25 11:06:51 +02:00
Tamas Vajk
4b042f9770 Kotlin: Add test cases for java/unreachable-catch-clause 2022-10-25 11:06:15 +02:00
github-actions[bot]
5d100c8036 JS: Bump patch version of ML-powered library and query packs 2022-10-25 09:00:40 +00:00
Tamas Vajk
a0490f454b Kotlin: Improve java/abstract-to-concrete-cast to handle when branches 2022-10-25 10:17:47 +02:00
Tamas Vajk
690d6517d7 Kotlin: Add abstract to concrete type cast guarded by when 2022-10-25 10:16:40 +02:00
Jami Cogswell
1a1245343d remove getNodeIntValue 2022-10-24 17:09:24 -04:00
Daniel Santos
3051903037 Merge branch 'github:main' into main 2022-10-24 15:47:11 -05:00
Jami Cogswell
c742a09def remove AlgoSpec class 2022-10-24 16:15:18 -04:00
Jami Cogswell
d569f93e78 update getAlgoSpec 2022-10-24 16:05:57 -04:00
Jami Cogswell
09829d7f7a simplify instanceof usage 2022-10-24 15:49:41 -04:00
Jami Cogswell
8bc0a64863 remove KeyGenInitMethodAccess class 2022-10-24 15:42:36 -04:00
Philip Ginsbach
b9f1cc5c6f Merge pull request #10929 from github/ginsbach/TypeSignatureDocumentation 
documentation for type signature members
 2022-10-24 20:41:25 +01:00
Jami Cogswell
eb69b98dff remove separators 2022-10-24 15:28:31 -04:00
Jami Cogswell
2ee23f004e update qldoc for AlgorithmParameterSpec 2022-10-24 15:22:33 -04:00
Jami Cogswell
4c8e0a7648 update qldoc of JavaSecurityKeyPairGenerator and JavaSecurityAlgoParamGenerator 2022-10-24 15:05:05 -04:00
Chris Smowton
d171decad7 Accept test changes 
All of java.util.{Collection,List,Map} redeclare `boolean equals(Object)` in order to add documentation, as a side-effect creating a real symbol that can be used as a dispatch target.
 2022-10-24 19:49:29 +01:00
Chris Smowton
843f847960 Merge pull request #10921 from smowton/smowton/fix/ignore-enhanced-nullability 
Kotlin: ignore enhanced nullability when extracting primitive types
 2022-10-24 19:43:04 +01:00
Chris Smowton
7a0bded2ac Kotlin: support argument-range specifications for $default methods 2022-10-24 19:31:03 +01:00
Chris Smowton
8d10b1b77b Convert test to inline-expectation test 2022-10-24 19:15:35 +01:00
Paolo Tranquilli
89ca7e26fe Merge pull request #10955 from github/redsun82/swift-fix-missing-bodies 
Swift: fix missing extraction of function bodies in SPM builds
 2022-10-24 20:00:02 +02:00
Geoffrey White
6f77e14aef C++: Fix rare performance issue on cpp/comma-before-misleading-indentation. 2022-10-24 18:21:10 +01:00
Erik Krogh Kristensen
ef5132b0ae Merge pull request #10883 from erik-krogh/codeSink 
RB: don't flag code-injection for dynamic loading where an attacker only controls a substring
 2022-10-24 18:59:36 +02:00
erik-krogh
aafef382dc refactor StringPercentCall#getFormatArgument 2022-10-24 18:57:24 +02:00
Daniel Santos
5ab068a3cc Update python/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql 
Co-authored-by: Taus <tausbn@github.com>
 2022-10-24 11:55:21 -05:00
Daniel Santos
be8780742b Update python/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql 
You are totally right! I just scanned the module's document and assumed it would implement it all. Pasting the documentation here for future reference https://docs.python.org/3/library/uuid.html?highlight=uuid#uuid.UUID.

Co-authored-by: Taus <tausbn@github.com>
 2022-10-24 11:49:17 -05:00
Paolo Tranquilli
d419749eb2 Swift: fix missing extraction of function bodies in SPM builds 
For some reason `-experimental-skip-non-inlinable-function-bodies-without-types`
is passed to the frontend, which will skip extraction of most bodies.

By suppressing that option the problem goes away.
 2022-10-24 17:11:13 +02:00
Paolo Tranquilli
6651c9447e Swift: failing test for extracting function bodies 2022-10-24 17:10:38 +02:00
Daniel Santos
a2ad924376 Minor formatting fixes 2022-10-24 09:38:17 -05:00
Alvaro Muñoz
742e4aa471 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-10-24 16:17:11 +02:00
thiggy1342
952ad6ea46 Merge branch 'main' into expand-ruby-ssrf-sinks-faraday-connection-new 2022-10-24 09:52:24 -04:00
Asger F
ac4cac889f Ruby: add DataFlow::ModuleNode 
sdf
 2022-10-24 15:35:17 +02:00
Asger F
65add15416 Ruby: add getALocalUse() 
This is the inverse of getALocalSource()
 2022-10-24 15:35:17 +02:00
Asger F
aab1e1f5b4 Ruby: add some helpers at the AST level 2022-10-24 15:35:17 +02:00
Tony Torralba
2148e8be4d Merge pull request #10892 from atorralba/atorralba/swift/customurlschemes 
Swift: Add a new Custom URL Scheme source
 2022-10-24 15:33:27 +02:00
Tony Torralba
30f5fb6d83 Update expectations after merge 2022-10-24 14:24:13 +02:00
Paolo Tranquilli
1866a98c77 Bazel/CMake: fix typo in README.md 2022-10-24 14:19:11 +02:00
Erik Krogh Kristensen
5ff98cd80e Merge pull request #10888 from erik-krogh/glob 
Ruby: add model for Dir.glob and other Dir methods
 2022-10-24 14:17:37 +02:00
Paolo Tranquilli
f49f6430a1 Bazel/CMake: make cmake runnable from outside the workspace 
Also added a small `README.md` file.
 2022-10-24 14:15:45 +02:00
Asger F
bcfe4ece6f Merge pull request #10918 from asgerf/rb/constant-compound-assignment 
Ruby: handle compound constant-assignment
 2022-10-24 14:07:28 +02:00
Asger F
cac2e2e2e4 Merge pull request #10928 from asgerf/rb/assumed-global-const 
Ruby: assume some global constants are defined
 2022-10-24 14:06:34 +02:00
Chris Smowton
c6f4742f29 Kotlin: extract interface redeclarations of Object methods 
Due to a probable compiler bug (?) the redeclaration looks like a fake symbol, leading to Java dispatching against a declaration that Kotlin doesn't believe exists.
 2022-10-24 12:45:07 +01:00
Paolo Tranquilli
22adf21dd3 Merge pull request #10912 from jketema/templ-func-prototype 
C++: Update test result after extractor changes
 2022-10-24 13:44:02 +02:00
Tamás Vajk
1d2087b92a Merge pull request #10949 from tamasvajk/kotlin-underscore-var 
Kotlin: exclude Kotlin files from `java/underscore-identifier`
 2022-10-24 13:32:49 +02:00
Asger F
0ffb0f6d4d Ruby: constant lookup is unaffected by blocks 2022-10-24 13:07:21 +02:00
Chris Smowton
86e99c497d Merge pull request #10930 from smowton/smowton/fix/external-property-overloads 
Kotlin: give external extension properties with matching name and file distinct trap filenames
 2022-10-24 11:32:37 +01:00
erik-krogh
07d90b34df use instanceof in DirPathAccess 2022-10-24 12:05:26 +02:00
Erik Krogh Kristensen
669b0c35fe fix qldoc 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-10-24 12:05:26 +02:00
erik-krogh
85cd7f9121 add model for Dir.glob and other Dir methods 2022-10-24 12:05:26 +02:00
Tony Torralba
f523fbc9d0 Merge branch 'main' into atorralba/swift/customurlschemes 2022-10-24 11:41:50 +02:00
Tony Torralba
3973e1ce04 Update swift/ql/test/library-tests/dataflow/dataflow/FlowConfig.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-10-24 11:37:51 +02:00