hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-16 06:53:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,816 Commits 1,690 Branches 160 Tags
codeql-cli/v2.12.4
Commit Graph

50816 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
6c6b4ce131 C#: Fix issue with TestLibraries not being excluded in the Telemetry queries and add Moq as a testlibrary. 2022-10-04 14:58:37 +02:00
Ian Lynagh
db673c0355 Merge pull request #10646 from tamasvajk/kotlin-java-kotlin-function-mapping 
Kotlin: Simplify `kotlinFunctionToJavaEquivalent`
 2022-10-04 13:46:22 +01:00
Rasmus Wriedt Larsen
60527dfc17 Python: Fix py/meta/alerts/remote-flow-sources-reach 2022-10-04 14:42:51 +02:00
erik-krogh
dedbe66619 update expected output 2022-10-04 14:16:07 +02:00
Michael Nebel
3455dd5e06 C#: Re-factor telemetry queries to avoid code duplication. 2022-10-04 14:13:50 +02:00
Tamas Vajk
81fffce79b Kotlin: Extract parameter modifiers (noinline, crossinline) 2022-10-04 14:02:06 +02:00
Michael Nebel
2bbfdcf598 C#: Use api info string ordering and results to avoid multiplicity issues. 2022-10-04 13:51:35 +02:00
Erik Krogh Kristensen
5ba7c13ecd fix alert-message by adding the link 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-10-04 13:50:25 +02:00
erik-krogh
d370b2a51e simplify the where clause of rb/kernel-open 2022-10-04 13:49:50 +02:00
Arthur Baars
ae7e6ef701 Ruby: update dependencies 2022-10-04 13:44:22 +02:00
erik-krogh
bf74481f65 add a link to the source in the alert-message for rb/kernel-open 2022-10-04 13:41:50 +02:00
Tamas Vajk
09051e76cf Kotlin: extract isEnumConstant relation 2022-10-04 13:30:02 +02:00
Tamas Vajk
876bea653d Kotlin: Add test case for missing enum constants 2022-10-04 13:29:15 +02:00
Tamas Vajk
d2861361d9 Kotlin: extract implInterface 2022-10-04 13:12:01 +02:00
Tamas Vajk
d50be83f57 Kotlin: add test to distinguish implements vs extends 2022-10-04 13:10:19 +02:00
Arthur Baars
88b5d4da16 Ruby: extend may have multiple arguments 2022-10-04 12:58:50 +02:00
Arthur Baars
ab3a62de3c Update ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll 2022-10-04 12:58:50 +02:00
Tom Hvitved
6e61ef10b8 Ruby: Add another dataflow copy 2022-10-04 12:58:50 +02:00
Tom Hvitved
9d7d6c29f9 Review comments 2022-10-04 12:58:50 +02:00
Tom Hvitved
77c47bc856 Ruby: Add another call graph test 2022-10-04 12:58:49 +02:00
Arthur Baars
44cc6f7350 Ruby: improve tracking of regular expressions 
There are two flavours of `match?`. If the receiver of `match?` has type String
then the argument to `match?` is a regular expression. However, if the receiver of
`match?` has type Regexp then the argument is the text.

The role of receiver and argument flips depending on the type of the receiver, this
caused a lot of false positives when looking for string-like literals that are
used as a regular expression.

This commit attempts to improve things by trying to determine whether the type of the
receiver is known to be of type Regexp. In such cases we know that the argument
is unlikely to be  regular expression.
 2022-10-04 12:58:49 +02:00
Arthur Baars
0160c374e4 Ruby: add flow summaries for Object#dup and Kernel#tap 2022-10-04 12:58:49 +02:00
Arthur Baars
5d55daa491 Ruby: use resolveConstantReadAccess instead of trackModuleAccess for 'extend' calls 
This avoids non-linear recursion at the cost of losing some results.
 2022-10-04 12:58:49 +02:00
Arthur Baars
c2b98a4761 Ruby: add support for 'extend' method 2022-10-04 12:58:49 +02:00
Arthur Baars
09bc78eafc Ruby: local dataflow step for || and && 2022-10-04 12:58:49 +02:00
Arthur Baars
e95b5468d9 Ruby: use Dataflow for Pathname instead of TypeTracking 2022-10-04 12:58:49 +02:00
Arthur Baars
f9b952f04f Ruby: Pathname use TypeTracker instead of local flow 2022-10-04 12:58:49 +02:00
Jami Cogswell
25cb3236a2 apply review suggestions 2022-10-04 12:33:24 +02:00
Jami Cogswell
91db1be399 update Intent file 2022-10-04 12:33:24 +02:00
Jami Cogswell
960e9db2fb add missing expectation to tests 2022-10-04 12:33:24 +02:00
Tony Torralba
1857a5d311 Refactor Intent flow steps 2022-10-04 12:33:24 +02:00
Jami Cogswell
00b0a6bf38 update act tests 2022-10-04 12:33:23 +02:00
Jami Cogswell
834927c50b update tests 2022-10-04 12:33:23 +02:00
Jami Cogswell
9a7cf7db65 simplify hasName usage 2022-10-04 12:33:23 +02:00
Jami Cogswell
c7e7e24cf8 clean up files 2022-10-04 12:33:23 +02:00
Jami Cogswell
012cfebd7a resolve merge conflict 2022-10-04 12:33:23 +02:00
Jami Cogswell
da7f27a7f2 add change note 2022-10-04 12:33:23 +02:00
Jami Cogswell
66b3c4687d resolve merge conflict 2022-10-04 12:33:23 +02:00
Jami Cogswell
0a135a7f21 resolve merge conflict 2022-10-04 12:33:23 +02:00
Jami Cogswell
0f64361065 remove simple query 2022-10-04 12:33:23 +02:00
Jami Cogswell
af812cf407 fix code scanning bot warnings 2022-10-04 12:33:23 +02:00
Jami Cogswell
47fcbdd4b4 resolve merge conflict 2022-10-04 12:33:23 +02:00
Jami Cogswell
d07babe3c5 add initial framework for service and receiver test cases 2022-10-04 12:33:23 +02:00
Jami Cogswell
6cf3898101 add experimental global flow config, and clean-up some code 2022-10-04 12:33:23 +02:00
Jami Cogswell
9947b32446 resolve merge conflict 2022-10-04 12:33:23 +02:00
Jami Cogswell
11ce910c38 resolved merge conflict in FlowSources 2022-10-04 12:33:23 +02:00
Jami Cogswell
7576047214 create simple query and initial experimentation 2022-10-04 12:33:23 +02:00
Nick Rolfe
dd1b302fce Ruby: revert making inActionViewContext private 2022-10-04 11:29:09 +01:00
Tony Torralba
9db65eae7f Address review comments 2022-10-04 12:27:01 +02:00
Tony Torralba
b8fa9433be Fix duplicated test 2022-10-04 12:27:01 +02:00