hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-19 16:33:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,816 Commits 1,692 Branches 160 Tags
codeql-cli/v2.12.4
Commit Graph

50816 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
2cbba65617 JS: Sync with JS 
fixup JS
 2022-09-06 09:30:02 +02:00
Tom Hvitved
62986a23f3 C#: Add dotnet build integration test 2022-09-06 09:24:54 +02:00
Asger F
afd00161e8 Ruby: introduce getExtraNodeFromType 
Using getExtraNodeFromPath with n=0 was a bit of a hack. In principle, the CodeQL libraries might care about the type, even though there are no relevant paths starting at that type.
 2022-09-06 09:17:34 +02:00
Asger F
b99e9a58e7 Update ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModels.qll 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2022-09-06 09:10:24 +02:00
Tom Hvitved
9fd9a04c2f Merge pull request #10277 from hvitved/csharp/dotnet-publish-inject 
C#: Also inject `/p:UseSharedCompilation=false` into `dotnet publish`
 2022-09-06 09:02:00 +02:00
Tamás Vajk
5f841f71db Merge pull request #10291 from tamasvajk/kotlin-fix-array-set 
Kotlin: Fix array `set` operator extraction
 2022-09-06 09:01:05 +02:00
Arthur Baars
604af4f7b3 Merge pull request #10302 from github/rc/3.7 
Merge 3.7 into main
 2022-09-06 08:42:44 +02:00
Mathias Vorreiter Pedersen
885bf427bd C++: Accept test changes. 2022-09-05 23:26:03 +01:00
Mathias Vorreiter Pedersen
f6654e3d69 C++: As a bonus we now no longer need the 'TTranslatedRangeBasedForVariableDeclaration' IPA branch. This previously existed only to account for the missing 'DeclarationEntry's happening in range-based for loops. But these are now also handled by 'PseudoDeclarationEntry's. 2022-09-05 22:18:41 +01:00
Mathias Vorreiter Pedersen
fc85ef76ed C++: Introduce 'PseudoDeclarationEntry's to handle missing 'DeclarationEntry's during IR construction. 2022-09-05 22:17:14 +01:00
Arthur Baars
e8d13d156d Merge pull request #10298 from aibaars/suppress-require 
Ruby: exclude 'require' and 'require_relative' definitions from call graph
 2022-09-05 20:58:38 +02:00
Rasmus Lerchedahl Petersen
af08c6eb08 Python: remove repeated test file 2022-09-05 20:44:55 +02:00
Philip Ginsbach
cec63e4522 Update docs/codeql/ql-language-reference/modules.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-09-05 19:17:11 +01:00
Philip Ginsbach
aa539454b5 Update docs/codeql/ql-language-reference/index.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-09-05 19:17:06 +01:00
Mathias Vorreiter Pedersen
2da46ad691 C++: Add two testcases demonstrating malformed IR from missing declaration entries from decl stmts. 2022-09-05 17:49:20 +01:00
Geoffrey White
b6d5b6731a C++: Make QLDoc meet style guide. 2022-09-05 17:17:57 +01:00
Geoffrey White
234da636a4 C++: Change note. 2022-09-05 17:01:25 +01:00
Geoffrey White
008d583da8 C++: Modernize cpp/cleartext-storage-database. 2022-09-05 16:47:14 +01:00
Arthur Baars
b2431d0b50 Ruby: exclude 'require' and 'require_relative' definitions from call graph 
The syntax_suggest library redefines Kernel.require/require_relative.
Somehow this causes performance issues on ruby/ruby. As a workaround
we exclude 'require' and 'require_relative'.
 2022-09-05 16:52:52 +02:00
Rasmus Lerchedahl Petersen
d31d763328 Python: adjust test expectations 
We now locate a `DataFlow::Node` rather than an 'AstNode`.
 2022-09-05 16:45:43 +02:00
Tamás Vajk
1178dcb507 Merge pull request #10293 from tamasvajk/fix/ql4ql-pr-trigger 
Workflow: Add paths filter to QL for QL workflow
 2022-09-05 16:22:05 +02:00
Erik Krogh Kristensen
4e14177614 fix typo in change-note 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
54eb0414cb rename an upper-cased acronym 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
90bc8a5038 run the explicit-this patch on javascript/ 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
b398f968e2 expand change-note to mention classes that have a changed basetype 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
e64f96c1ce rewrite the change-note to emphasise that the change is potentially breaking 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
26f5643f3e update the deprecation notice of RouteExpr such that it points to public APIs 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
e387ebaedd add domNode.innerHTML += sink as a DOM sink 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
74a79f8622 simplify int check 
Co-authored-by: Asger F <asgerf@github.com>
 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
73a936104a fix typo in qldoc 
Co-authored-by: Asger F <asgerf@github.com>
 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
833480d5c5 add change note 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
5b61db9fd3 refactor miscellaneous expression uses to dataflow nodes 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
6697dd1396 rewrite some expression based predicates in TaintTracking.qll 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
b4968eb645 refactor the SensitiveExpr to be a dataflow node 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
0c4f08c841 refactor the CredentialsExpr to be a dataflow node 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
c5b1588096 update the SQL/NoSQL models to use dataflow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
4d0534352e refactor a use of MethodCallExpr in ClientSideUrlRedirectCustomizations.qll 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
e0e8085b95 update the cryptoLibraries to use dataflow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
5ebea8c75a fix express in the POI test 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
aa9261f1b1 convert the AngularJS model to use DataFlow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
9bea110d24 convert the DOM model to use DataFlow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
2f429e7d29 convert some leftovers to use dataflow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
136124fbaa convert the remaining Koa models to DataFlow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
fc54ba823b update the existing expression based Express models 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
8266b083d7 update the predicates on Express::RouteHandler to use dataflow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
4cfbf15d18 deprecate RouteHandlerExpr and make RouteHandlerNode instead 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
3da34ca7a0 update Express::RouteExpr to a DataFlow::Node 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
3eb486610b update Express::RouterDefinition to a DataFlow::InvokeNode 2022-09-05 16:11:51 +02:00
Erik Krogh Kristensen
b77d77d8eb Merge pull request #10209 from erik-krogh/caseConsistency 
QL: add query detecting consistent casing of names
 2022-09-05 16:07:59 +02:00
Tamas Vajk
1c21ce0ec4 Kotlin: Lookup getter methods based on special JVM method mapping 2022-09-05 16:02:25 +02:00