hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-06 10:11:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,816 Commits 1,690 Branches 160 Tags
codeql-cli/v2.12.4
Commit Graph

50816 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Smowton
d849e27b37 Merge pull request #12259 from smowton/smowton/admin/gradle-wrappers-rc37 
[rc/3.7]: Add Gradle wrappers for Kotlin tests
 2023-02-21 21:04:39 +00:00
Taus
cf734919b9 QL: Fix bad string grammar 
What was there before made it so that you couldn't actually extract the
contents of a string.
 2023-02-21 20:20:58 +00:00
Taus
bab53b5736 QL: Fix JSON extraction 
I had forgotten about this extra filtering that takes place in the
extractor.
 2023-02-21 19:50:27 +00:00
Mathias Vorreiter Pedersen
ad8d9c5b91 Merge pull request #12269 from github/tausbn/ql-add-json-extraction 
QL: Add JSON (+C/L) extraction
 2023-02-21 16:42:19 +00:00
Arthur Baars
aac65b0df0 Merge pull request #12268 from aibaars/update-erb 
Ruby: update tree-sitter-embedded-template
 2023-02-21 14:31:30 +01:00
Taus
b5ebd1a0fd QL: Add JSON (+C/L) extraction 2023-02-21 12:59:30 +00:00
Arthur Baars
814bef021d Ruby: update tree-sitter-embedded-template 2023-02-21 13:49:33 +01:00
Geoffrey White
c462e010d1 Merge pull request #12266 from geoffw0/taintplusequals 
Swift: Taint through arithmetic
 2023-02-21 09:32:53 +00:00
Tom Hvitved
c3679d0661 Fix bad join 2023-02-21 19:28:55 +13:00
Tom Hvitved
9880952e72 Revert "Ruby: Fix performance of Filter.getAnAction" 
This reverts commit f6c863c13bc840cba983ed12232725b8a8552cb4.
 2023-02-21 19:28:55 +13:00
Harry Maclean
710ddb1f96 Ruby: Fix performance of Filter.getAnAction 
Only look at the current class and the immediate superclass.
This will miss some edge cases but is much faster.
 2023-02-21 19:28:54 +13:00
Harry Maclean
2bc7d4e1ee Ruby: Clean up 2023-02-21 19:28:54 +13:00
Harry Maclean
7a01c4a974 Ruby: Add change note for filter dataflow 2023-02-21 19:28:54 +13:00
Harry Maclean
ba4d0a81d5 Ruby: Simplify filter dataflow 
This introduces some false flow (the `ThreeController` and
`FourController` examples in `filter_flow.rb`) but is simpler and
in line with how we model flow for normal method calls.
 2023-02-21 19:28:53 +13:00
Harry Maclean
0a02b45ad7 Ruby: More filter flow steps 
Add a jump step from the last self post-update node in a method to the self parameter of the
next method.
 2023-02-21 19:28:26 +13:00
Harry Maclean
fae5320c3a Ruby: Add filter flow tests 2023-02-21 19:27:53 +13:00
Harry Maclean
04e80fa48f Ruby: Use lookupMethod 
The hope is that this predicate is already used elsewhere, so its cost
is amortized.
 2023-02-21 19:26:36 +13:00
Harry Maclean
889d97163e Ruby: Refactor getFilterCallable 
Try to force a join with the filter argument string first, to reduce
tuple counts.
 2023-02-21 19:26:36 +13:00
Harry Maclean
2590682262 Ruby: inline RenderCallUtils::getBaseName 
This seems to yield a small performance increase.
 2023-02-21 19:26:36 +13:00
Harry Maclean
ae3d91b546 Ruby: First draft of rails callback flow 2023-02-21 19:26:36 +13:00
Harry Maclean
6eeb711988 Ruby: Add AdditionalJumpStep class 2023-02-21 19:26:36 +13:00
Geoffrey White
9b117fefd7 Swift: Generalize the arithmetic we allow taint through. 2023-02-20 18:18:15 +00:00
Geoffrey White
a5bb336647 Merge pull request #12265 from geoffw0/taintunaryplus 
Swift: Add unary +
 2023-02-20 18:04:37 +00:00
Geoffrey White
87c0b6195f Swift: Add taint tests for various arithmetic operators. 2023-02-20 17:22:51 +00:00
Geoffrey White
3038543242 Swift: Add UnaryPlusExpr. 2023-02-20 17:15:20 +00:00
Calum Grant
779c2365fe Merge pull request #12091 from github/cg/shared-code-metrics 
Script to generate shared code metrics
 2023-02-20 16:58:30 +00:00
Geoffrey White
e19e28fbb9 Merge pull request #12263 from geoffw0/flowsourceinline 
Swift: Convert the flow sources test to inline expectations.
 2023-02-20 16:13:01 +00:00
Erik Krogh Kristensen
6894803b14 Merge pull request #12257 from erik-krogh/compile-stuff 
CI: Fix CI use of the compilation cache
 2023-02-20 16:46:09 +01:00
Geoffrey White
31967cc032 Swift: Add a couple of dataflow test cases for operators that behave as an identity function. 2023-02-20 15:42:07 +00:00
Stephan Brandauer
7714acea82 delete a model that should pbly be a summary step 2023-02-20 15:44:58 +01:00
erik-krogh
389b7ceff5 support the new shared compilation cache directory 2023-02-20 15:34:03 +01:00
erik-krogh
f6fdf45359 remember to actually output the compilation dir 2023-02-20 15:32:50 +01:00
Geoffrey White
690b5debf4 Swift: Remove the old test. 2023-02-20 13:58:53 +00:00
Geoffrey White
dd7f54677b Swift: Add inline expectation tags. 2023-02-20 13:57:24 +00:00
Joe Farebrother
1fb27354b9 Merge pull request #12242 from joefarebrother/testgen-improvements 
Java: Test generator fixes
 2023-02-20 13:53:18 +00:00
Arthur Baars
f71c3301b3 Ruby: address review comment 2023-02-20 14:32:24 +01:00
Arthur Baars
6fd836d3a9 Ruby: improve wording of error messages 2023-02-20 14:32:02 +01:00
Alex Ford
774030a8db Merge pull request #12083 from pwntester/ruby_twirp_support 
[Ruby] Add support for Twirp framework
 2023-02-20 13:16:52 +00:00
Michael Nebel
86888b894a Java: Re-factor isSupported for the telemetry queries. 2023-02-20 13:53:18 +01:00
Michael Nebel
f594411c43 C#: Re-factor isSupported for the telemetry queries. 2023-02-20 13:53:18 +01:00
yoff
52dd1f451c Merge pull request #12260 from yoff/python/fix-precision-usafe-unpack 
python: Lower precision as discussed
 2023-02-20 13:38:50 +01:00
Michael Nebel
cdda4005fd C#: Add missing hasProvenance overrides. 2023-02-20 13:19:56 +01:00
Michael Nebel
813ffa440c Java: Consider ai-generated flow summaries to as generated summaries in dataflow. 2023-02-20 12:11:48 +01:00
Geoffrey White
b66ed57e17 Swift: Fix a mistake in FlowSources.qll. 2023-02-20 11:11:46 +00:00
Rasmus Lerchedahl Petersen
9e97877938 python: lower precision as discussed 2023-02-20 12:06:19 +01:00
Geoffrey White
d9f2d348f4 Swift: Add an inline expectations test for flow sources. 2023-02-20 11:03:10 +00:00
Chris Smowton
dbe0797063 Add Gradle wrappers for Kotlin tests 
This avoids tests' behaviour changing due to environmental Gradle version changes
 2023-02-20 10:51:51 +00:00
Michael Nebel
54c0404110 Java: Allow ai-generated as a provenance value. 2023-02-20 11:47:09 +01:00
Tom Hvitved
658cc33bb8 Merge pull request #12212 from hvitved/util/inline-expect-test-use-end-line 
Util: Use end line instead of start line for actual results
 2023-02-20 11:41:02 +01:00
Stephan Brandauer
cf5a651b1f use provenance ai-generated for triage data and use the read-file MaD label 2023-02-20 11:33:18 +01:00