hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 17:03:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,816 Commits 1,692 Branches 161 Tags
codeql-cli/v2.12.4
Commit Graph

50816 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ian Lynagh
badb2b7f13 Update cpp/ql/lib/CHANGELOG.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-08-25 14:23:25 +01:00
Nora Dimitrijević
ad56274a73 C++: Small improvements to query qldoc and message 2022-08-25 15:22:41 +02:00
Erik Krogh Kristensen
06afe9c0f4 Merge pull request #9816 from erik-krogh/msgConsis 
Make alert messages consistent across languages
 2022-08-25 15:20:01 +02:00
Paolo Tranquilli
df3dc9677f Swift: fix missing extractions from Builtin 
There were missing extractions from the Builtin (and other) modules.

This was actually caused by two issues:
* we did not visit all required modules, as for example the `Builtin`
  module does not appear as being imported by anybody (together with
  another mysterious `__Objc` module)
* moreover the `Builtin` module works internally by only creating
  declarations on demand, and does not provide a list of its top level
  declarations.

The first problem was solved by moving module collection to the actual
visiting. This may mean we extract less modules, as we only extract the
modules we actually use something from (recursively). This change can
be reverted if we feel we need it.

The second one was solved by explicitly listing the builtin symbols
encountered during a normal extraction. This does mean this list needs
to be kept up to date.
 2022-08-25 15:18:24 +02:00
Nora Dimitrijević
a6a30b3725 C++: clarify ScanfOutput.getMinimumGuardConstant() 2022-08-25 15:07:39 +02:00
github-actions[bot]
0f63bc077f Release preparation for version 2.10.4 2022-08-25 12:52:26 +00:00
yoff
9aa8b46cbf Python: remove redundant code 2022-08-25 12:48:08 +00:00
Nora Dimitrijević
e39229d59e C++: Remove unique-Instruction kludge in ScanfOutput 
Passes tests.
 2022-08-25 14:38:58 +02:00
Nora Dimitrijević
d8800c03b6 C++: new helper predicates in ScanfFunctionCall 
Extract some of the logic from the `cpp/missing-check-scanf` query into
the more generally useful `getOutputArgument(int index)`, `getAnOutputArgument()`,
and `getNumberOfOutputArguments()` predicates.
 2022-08-25 14:32:15 +02:00
yoff
6b4716485b Python: rename file 2022-08-25 12:23:09 +00:00
yoff
54dde41329 Python: remove example code 2022-08-25 12:19:12 +00:00
Ian Lynagh
2e2621adad Merge pull request #10154 from igfoo/igfoo/findSubType 
Kotlin: Implement and use fun <T,reified S: T> Iterable<T>.findSubType
 2022-08-25 12:57:46 +01:00
Sebastian Bauersfeld
130e1892f4 Address review comments. 2022-08-25 18:49:38 +07:00
Sebastian Bauersfeld
207aebc581 Change wording of change note. 2022-08-25 18:47:36 +07:00
Sebastian Bauersfeld
36b5e5f61a Java: Add change notes. 2022-08-25 17:58:24 +07:00
Sebastian Bauersfeld
a486a89cee Java: Taint flow through org.springframework.data.repository.CrudRepository.save(). 2022-08-25 17:58:24 +07:00
Erik Krogh Kristensen
ba1ad00d2a Merge pull request #10062 from erik-krogh/redosPrefix 
JS: use the shared regular expression libraries in `js/case-sensitive-middleware-path`
 2022-08-25 12:57:16 +02:00
Nick Rolfe
acf5b11139 Merge remote-tracking branch 'origin/main' into nickrolfe/hardcoded_code 2022-08-25 11:44:55 +01:00
erik-krogh
c7aa58252a change "does not seem to check" to "does not check" in unchecked-cast-in-equals queries 2022-08-25 12:31:58 +02:00
yoff
800165d63c python: udate deprecated call 2022-08-25 09:49:46 +00:00
yoff
d9444d8b08 Python: update synced file FlowSummaryImpl.qll 2022-08-25 09:31:45 +00:00
yoff
0b5d4c59dd Merge branch 'main' of https://github.com/github/codeql into python-dataflow/flow-summaries-from-scratch 
synced files have changed
 2022-08-25 09:24:05 +00:00
Ian Lynagh
12eab3d7f0 Kotlin: Specialise findSubType to IrDeclaration 
We only use it on that type, and this makes the uses a bit quieter.
 2022-08-25 10:11:19 +01:00
Ian Lynagh
b0ae12850d Merge pull request #10160 from igfoo/igfoo/more-not-null-exprs 
Kotlin: Remove the last not-null-expressions
 2022-08-25 10:05:53 +01:00
Ian Lynagh
bf6d9f8c23 Merge pull request #10161 from igfoo/igfoo/exec 
Make a load of files non-executable
 2022-08-25 10:05:39 +01:00
Tamas Vajk
15305fd9bb Kotlin: Fix iterator extraction of IntArray, BooleanArray, ... 2022-08-25 11:05:17 +02:00
yoff
4a5fa5993d Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-08-25 10:47:16 +02:00
Anders Schack-Mulligen
c6f89aac0a Merge pull request #10141 from aschackmull/ruby/perf-apigraph 
Ruby: Perf fix for trackUseNode.
 2022-08-25 10:22:07 +02:00
Tamas Vajk
7196fdd475 Kotlin: fix array iterator extraction to work outside of for loops 2022-08-25 09:23:34 +02:00
Tamas Vajk
af2614be84 Kotlin: Add array iterator tests 2022-08-25 09:17:50 +02:00
Paolo Tranquilli
606b9e6e38 Revert "Swift: rollback removal of std::variant" 
This reverts commit 50d9a2e9cd.
 2022-08-25 09:12:35 +02:00
Edward Minnix III
e6a1b1fab9 Rename allowBackup query id 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-08-24 15:54:13 -04:00
Ed Minnix
de36372d1c Refactor android:backupAllowed query 
Refactor the query to check for the nonexistence of the
`android:allowBackup` attribute being set to false.

The default value is true, so we need to check for it being explicitly
marked false.
 2022-08-24 15:54:13 -04:00
Ed Minnix
a036639ecd Added change notes 2022-08-24 15:54:13 -04:00
Ed Minnix
dad4a403db Add support for android:allowBackup default value 
The default value of `android:allowBackup` is `true`. Added support for
detecting if the default value is used.
 2022-08-24 15:54:13 -04:00
Ed Minnix
6509426fb3 android:allowBackup query documentation 2022-08-24 15:54:13 -04:00
Ed Minnix
44b0a2b8af Android allowBackup query 2022-08-24 15:54:13 -04:00
Ed Minnix
7d15af6caa Add allowBackup check to AndroidManifest 2022-08-24 15:54:13 -04:00
Ed Minnix
dac64eeca7 Query test files 2022-08-24 15:54:13 -04:00
Nora Dimitrijević
5c894ae40b Merge branch 'main' into missing-check-scanf-squashed 2022-08-24 21:14:57 +02:00
Nora Dimitrijević
6158ee1133 Change note 2022-08-24 21:09:24 +02:00
Nora Dimitrijević
170d12bf5a Write MissingCheckScanf.qhelp 2022-08-24 19:58:19 +02:00
Mathias Vorreiter Pedersen
f2d9393928 Swift: Only test local-flow step relations for nodes with proper location information. 2022-08-24 17:14:11 +01:00
Ian Lynagh
3fcfd32eb1 Make *.ql non-executable 2022-08-24 16:55:11 +01:00
Ian Lynagh
5d97bb35d0 Make *.cs non-executable 2022-08-24 16:54:34 +01:00
Ian Lynagh
237b3670b4 Make *.xml non-executable 2022-08-24 16:53:48 +01:00
Ian Lynagh
b9a4b5ab9a Make *.qlref non-executable 2022-08-24 16:53:16 +01:00
Ian Lynagh
4cd618f81c Make *.expected non-executable 2022-08-24 16:51:50 +01:00
Henry Mercer
d9c078060a Merge pull request #10159 from github/codeql-ci/js-atm-new-release 
JS: Bump version numbers of ML-powered packs after 0.3.1 release
 2022-08-24 16:50:41 +01:00
Ian Lynagh
344863d896 Make *.qhelp non-executable 2022-08-24 16:38:15 +01:00