hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-21 02:14:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,684 Branches 158 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
ab672ded6a Ruby: strip trailing whitespace in calls.rb test 2022-10-04 11:06:44 +02:00
tyage
7205903a36 Using implicit this 2022-10-04 18:06:30 +09:00
Chris Smowton
58cb5446c3 Add cross-check to getValueParameterLabel 2022-10-04 10:04:18 +01:00
Tony Torralba
281e49daf7 Revert "Java: Add CompilationUnit.getATypeAvailableBySimpleName()" 
This reverts commit 431aa2cb79.
 2022-10-04 10:59:45 +02:00
Tony Torralba
01b950f68b Revert "Java: Rename predicate to getATypeInScope" 
This reverts commit fd99ae78b3.
 2022-10-04 10:59:43 +02:00
Tony Torralba
df29e05b9f Revert "Java: Adjust ImpossibleJavadocThrows.ql" 
This reverts commit c40b6285a2.
 2022-10-04 10:59:39 +02:00
Tom Hvitved
12536578d4 Merge pull request #10664 from hvitved/type-tracking-more-caching 
Ruby/Python: Cache more type tracking predicates
 2022-10-04 10:58:41 +02:00
tyage
f47c02431a Merge branch 'main' into property-stringify 2022-10-04 09:57:54 +01:00
tyage
6ec2abbd2d add change note 2022-10-04 17:57:08 +09:00
Tony Torralba
c1654ce7cc Revert "Java: Fix cartesian product" 2022-10-04 10:56:32 +02:00
tyage
192c1f3d89 make test json.stringify 2022-10-04 17:40:52 +09:00
Mathias Vorreiter Pedersen
2593120300 Merge pull request #10597 from geoffw0/swifttaintsource 
Swift: URL taint sources
 2022-10-04 09:22:27 +01:00
tyage
726cd2ca8a refactor test 2022-10-04 17:11:37 +09:00
tyage
9df0720da9 refactoring 2022-10-04 17:05:49 +09:00
tyage
2006ae8332 rename file 2022-10-04 17:05:15 +09:00
Tom Hvitved
76abf6fbd6 C#: Add another dotnet run integration test 2022-10-04 09:56:24 +02:00
Tom Hvitved
01830904ff C#: Recognize options to dotnet run in tracer when injecting -p:UseSharedCompilation=false 2022-10-04 09:54:48 +02:00
Tamas Vajk
2c467376ea Revert "Only log once the missing java-kotlin method mapping warnings" 
This reverts commit 7524f3372d.
 2022-10-04 08:54:07 +02:00
tyage
8a7f23a8ea support VarRef 2022-10-04 14:45:39 +09:00
tyage
33d204913c add test for json stringify xss 2022-10-04 14:45:09 +09:00
Dilan Bhalla
888d756472 Merge branch 'dilan-java/guidance-exectainted' of https://github.com/dilanbhalla/codeql into dilan-java/guidance-exectainted 2022-10-03 14:49:45 -07:00
Dilan Bhalla
536276a82b Merge branch 'main' of https://github.com/github/codeql into dilan-java/guidance-exectainted 2022-10-03 14:48:50 -07:00
dilanbhalla
35948b097d Merge branch 'main' into dilan-java/guidance-exectainted 2022-10-03 13:56:05 -07:00
Rasmus Wriedt Larsen
d7be27a1c0 Python: Fix experimental py/ip-address-spoofing 
I realized the modeling was done in a non-recommended way, so I changed
the modeling. It was very nice that I could use API graphs for the flask
part, and a little sad when I couldn't for Django/Tornado.
 2022-10-03 21:19:30 +02:00
Harry Maclean
42a97b26bb Merge pull request #10316 from hmac/hmac/actionview 
Ruby: Model ActionView
 2022-10-04 08:16:16 +13:00
Rasmus Wriedt Larsen
b01a0ae696 Python: Adjust .expected after flask source change 
It's really hard to audit that this is all good.. I tried my best with
`icdiff` though -- and there is a problem with
ql/src/experimental/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql
that needs to be fixed in the next commit
 2022-10-03 20:35:49 +02:00
Robert Marsh
98f4caf76f Merge pull request #10645 from MathiasVP/add-more-range-analysis-tests 
C++: Port SimpleRangeAnalysis tests to the new range-analysis
 2022-10-03 14:34:56 -04:00
Robert Marsh
8d1817bc48 Merge pull request #10635 from MathiasVP/add-heuristic-allocation-class 
C++: Recognize allocation functions heuristically
 2022-10-03 14:34:09 -04:00
Tom Hvitved
e57c3bec63 Sync files 2022-10-03 20:29:39 +02:00
Tom Hvitved
bc3e9339dc Ruby: Cache more type tracking predicates 2022-10-03 20:29:17 +02:00
Dilan Bhalla
bff2633f8d java guidance: experimental version of exectainted 2022-10-03 11:18:17 -07:00
Ed Minnix
c6f91500f0 Update query description to better describe issue 2022-10-03 13:12:53 -04:00
Mathias Vorreiter Pedersen
872615bd58 Merge pull request #10536 from karimhamdanali/ecbmode 
Swift: check for using ECB encryption mode
 2022-10-03 17:53:10 +01:00
Ed Minnix
52d519765a Merge ContentProvider tests into one manifest 
Merge the read-only, write-only, read-write, and full test cases into
one AndroidManifest.xml file.

Also added the not-exported test case.
 2022-10-03 12:16:45 -04:00
Ed Minnix
09077935b1 Added query change note 2022-10-03 11:30:43 -04:00
Edward Minnix III
071f082b64 Add mention of content provider in query description 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-10-03 11:21:33 -04:00
Edward Minnix III
2970e8c76a Remove redundant documentation 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2022-10-03 11:21:02 -04:00
Edward Minnix III
cfc0bb595f Documentation fix for hasIncompletePermissions 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-10-03 11:20:15 -04:00
Ian Lynagh
01fe465bdf Kotlin: Make MiniStdLib more closely match the real stdlib 2022-10-03 16:16:11 +01:00
Tony Torralba
a589d8f647 Merge pull request #10662 from atorralba/atorralba/fix-stub-generator 
Java: Fix stub generator
 2022-10-03 16:59:10 +02:00
Ed Minnix
28e7049722 Add exported requirement to ContentProvider permissions test 2022-10-03 10:52:42 -04:00
Aditya Sharad
f7d455efc5 Merge pull request #10612 from adityasharad/docs/system-requirements 
Docs: Add CodeQL system requirements page
 2022-10-03 07:50:44 -07:00
Chris Smowton
5e2c607650 PrintAst: reliably sort function overloads 2022-10-03 15:28:55 +01:00
Chris Smowton
d3d3ce843a Kotlin: Implement JvmOverloads annotation 
This generates functions that omit parameters with default values, rightmost first, such that Java can achieve a similar experience to Kotlin (which represents calls internally as if the default was supplied explicitly, and/or uses a $default method that supplies the needed arguments).

A complication: combining JvmOverloads with JvmStatic means that both the companion object and the surrounding class get overloads.
 2022-10-03 15:28:55 +01:00
Tony Torralba
ba9eb8c73c Fix stub generator 
Add line break after all stubbed annotations to avoid malformed code

See https://github.com/github/codeql/pull/8695\#discussion_r985674245
 2022-10-03 14:43:58 +02:00
Tamas Vajk
a5172791ed Code quality improvements 2022-10-03 14:03:16 +02:00
Tom Hvitved
d52d3d7b75 Merge pull request #10644 from hvitved/ruby/prevent-reevaluation 
Ruby: Prevent reevaluation of expensive predicates
 2022-10-03 13:10:39 +02:00
Tony Torralba
9942dfff21 Merge pull request #8695 from atorralba/atorralba/stub-generator-annotation-types 
Java: Add support for Annotation types stub generation
 2022-10-03 12:54:20 +02:00
Karim Ali
d44f6b0f41 fix formatting issue raised by ql-format 2022-10-03 12:18:01 +02:00
Tamas Vajk
90b28f04d8 Accept integration test changes 2022-10-03 12:10:08 +02:00