hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-11 20:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,816 Commits 1,689 Branches 160 Tags
codeql-cli/v2.12.4
Commit Graph

50816 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
83a3af2fff Go: Summarized Callable 
Corresponds to https://github.com/github/codeql/pull/9270
 2022-11-17 14:27:04 +00:00
Owen Mansel-Chan
10ed4ad3df Go: Split summaryThroughStep into two predicates 
Cf. https://github.com/github/codeql/pull/9195
 2022-11-17 14:27:04 +00:00
Owen Mansel-Chan
1ee5d3e80e Move ParameterPosition etc to DataflowDispatch.qll 2022-11-17 14:27:04 +00:00
Owen Mansel-Chan
e5829201e1 Go: Implement ContentSet 2022-11-17 14:27:03 +00:00
Owen Mansel-Chan
282699e5b5 Go: Refactor SummarizedCallable. 
Equivalent of https://github.com/github/codeql/pull/9210
 2022-11-17 14:27:03 +00:00
Owen Mansel-Chan
c768f04e32 Go: Introduce generated flag as a part of the kind column for flow summaries 
Equivalent of https://github.com/github/codeql/pull/8628
 2022-11-17 14:27:03 +00:00
Owen Mansel-Chan
dae60c9deb Update data flow libraries to 55e052af26 2022-11-17 14:27:02 +00:00
Taus
811426c586 Python: Remove manual magic entirely 
This was causing issues with imports with many "dots" in the name.

Previously, the test added in this commit would not have the desired
result for the `check` call.
 2022-11-17 14:15:55 +00:00
Tom Hvitved
9f13cdadcb C#: Add use-use stress test 2022-11-17 13:42:56 +01:00
Chris Smowton
254a5b0928 Merge pull request #11293 from smowton/smowton/admin/exclude-kotlin-metadata-annotation 
Java: Remove no-longer-needed expected diagnostics
 2022-11-17 11:50:21 +00:00
Tom Hvitved
bbcef98e06 Merge pull request #11317 from hvitved/cpp/update-autobuilder-nuget-packages 
C++: Update auto-builder nuget packages
 2022-11-17 12:38:26 +01:00
Tamás Vajk
d8b5a04f97 Merge pull request #11291 from tamasvajk/kotlin-confusing-overload 
Kotlin: Add test case for confusing overloading query
 2022-11-17 11:11:33 +01:00
Tamás Vajk
c92989ca04 Merge pull request #11289 from tamasvajk/kotlin-empty-block 
Kotlin: Exclude .kt files from empty block query
 2022-11-17 11:11:25 +01:00
Chris Smowton
659f86cecf Merge pull request #11310 from tamasvajk/kotlin-dead-code 
Kotlin: Exclude .kt files from dead code queries
 2022-11-17 10:10:51 +00:00
Chris Smowton
95fdea8b77 Merge pull request #11308 from tamasvajk/kotlin-non-serializable-field 
Kotlin: Exclude .kt files from non serializable field query
 2022-11-17 10:10:05 +00:00
Chris Smowton
11188304a7 Merge pull request #11306 from tamasvajk/kotlin-equals-missing 
Kotlin: Exclude .kt files from missing `instanceof` in `equals` query
 2022-11-17 10:09:35 +00:00
Tom Hvitved
780297152c C#: Downgrade Microsoft.Build nuget package 
17.4.0 does not officially support .NET 6 (it supports .NET 7), so downgrade
to avoid warnings.
 2022-11-17 11:00:25 +01:00
Tom Hvitved
5ab77600b8 C++: Update auto-builder nuget packages 2022-11-17 10:44:23 +01:00
Erik Krogh Kristensen
45d4318e0e Merge pull request #11272 from erik-krogh/clean-cache 
CI: clean up the cache when compiling on main
 2022-11-17 10:37:08 +01:00
Tom Hvitved
f24fa402f3 Adjust CFG 2022-11-17 10:32:28 +01:00
Erik Krogh Kristensen
ba894e21e8 Merge pull request #11146 from mbaluda-org/main 
JS: Improved Hapi support
 2022-11-17 10:22:48 +01:00
Mauro Baluda
a7dc29bad4 Merge branch 'main' into main 2022-11-16 23:53:16 +01:00
Mauro Baluda
49f476d3b4 Update javascript/ql/lib/semmle/javascript/frameworks/Hapi.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-16 23:53:07 +01:00
Taus
8ed8161d5c Python: Fix tests for Python 2 
This should make it so that the `prints3` tag is skipped when running
then Python 2 Language tests.
 2022-11-16 22:20:08 +00:00
tiferet
4a1382925e Remove some imports that are no longer used 2022-11-16 14:01:16 -08:00
yoff
505f454878 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswl@github.com>
 2022-11-16 22:20:19 +01:00
tiferet
ccbf1ca2a9 Add a comment 2022-11-16 13:05:06 -08:00
tiferet
38c40a7192 isEffectiveSink can't be final because ExtractMisclassifiedEndpointFeatures overrides it. 2022-11-16 12:12:50 -08:00
tiferet
8fee9cb0d5 Fix CodeQL warnings 2022-11-16 12:06:52 -08:00
Taus
81348049df Python: Fix missing module resolution 
This was due to bad manual magic: restricting the attribute name makes
sense when we're talking about submodules of a package, but it doesn't
when we're talking about reexported modules.

Also (hopefully) fixes the tests so that the Python 3-specific bits are
ignored under Python 2.
 2022-11-16 19:58:32 +00:00
tiferet
c2035e85d2 Be explicit in requiring that each ATM config set its endpoint type. 2022-11-16 11:55:23 -08:00
tiferet
0fd013f9fd Update the reason names in FilteredTruePositives.expected. 
This is needed because we changed the names of three endpoint filters that were all called "not a direct argument to a likely external library call or a heuristic sink" in order to disambiguate them (fc56c5a022).
 2022-11-16 11:54:10 -08:00
tiferet
eab270eb84 Move the definitions of isEffectiveSink and getAReasonSinkExcluded to the base class. 
They can now be implemented generically for all sink types.
 2022-11-16 11:47:24 -08:00
erik-krogh
de2ebe3618 QL: fix the same QLDoc being QLDoc for multiple things 2022-11-16 20:35:39 +01:00
Harry Maclean
a6f6936719 Merge pull request #11058 from hmac/actioncontroller-logger 
Ruby: Model various ActionController methods
 2022-11-17 08:21:00 +13:00
tiferet
fc56c5a022 Implement the type-specific endpoint filters as EndpointCharacteristics. 
Also disambiguate three filters from three different sink types that all have the same name, "not a direct argument to a likely external library call or a heuristic sink".
 2022-11-16 11:14:25 -08:00
Tom Hvitved
baaafadeb0 Merge pull request #11266 from hvitved/csharp/update-nuget-packages 
C#: Update all nuget packages
 2022-11-16 19:53:45 +01:00
Taus
19261ecfbf Python: Remove spurious module references 2022-11-16 18:19:54 +00:00
Taus
2717b9a47d Python: Extend import resolution tests 
Extends the tests to

1. Account parts of the test code that may be specific to Python 2 or 3,
2. Also track which arguments passed to `check` are references to
   modules.

The latter revealed a bunch of spurious results, which I have annotated
accordingly.
 2022-11-16 17:58:24 +00:00
Tamás Vajk
b70a9d172b Merge pull request #11304 from tamasvajk/kotlin-mut-dep 
Kotlin: Exclude .kt files from mutual dependency query
 2022-11-16 17:02:46 +01:00
Tamás Vajk
ae38d5d8b7 Merge pull request #11303 from tamasvajk/kotlin-one-stmt-line 
Kotlin: Exclude .kt files from one stmt in line query
 2022-11-16 17:02:35 +01:00
Mathias Vorreiter Pedersen
2796c46598 Merge pull request #11292 from github/redsun82/swift-remove-ipa-from-dbscheme-cpp 
Swift: remove synthesized classes from the dbscheme
 2022-11-16 16:00:58 +00:00
Paolo Tranquilli
1c69a1f012 Swift: fix typo in docstring 2022-11-16 16:36:48 +01:00
Paolo Tranquilli
27df44f5ad Swift: replace empty IpaInfo() with a clearer True value 2022-11-16 16:35:17 +01:00
Joe Farebrother
d6c5132f39 Merge pull request #10684 from joefarebrother/android-keyboard-cache 
Java: Add query for Sensitive Keyboard Cache
 2022-11-16 15:27:44 +00:00
Tamás Vajk
dfc72edba2 Merge pull request #11302 from tamasvajk/kotlin-ignored-return 
Kotlin: Exclude .kt files from ignored return value query
 2022-11-16 16:23:58 +01:00
Tamás Vajk
ad7c0f9ebc Merge pull request #11301 from tamasvajk/kotlin-naming-ref-type 
Kotlin: Exclude .kt files from misnamed reftype query
 2022-11-16 16:22:40 +01:00
Tamás Vajk
a3ff83595a Merge pull request #11300 from tamasvajk/kotlin-useless-param-2 
Kotlin: Exclude .kt files from useless parameter query
 2022-11-16 16:22:27 +01:00
Tamás Vajk
b4b8649fd6 Merge pull request #11299 from tamasvajk/kotlin-nested-serializable 
Kotlin: Exclude .kt files from serializable inner class query
 2022-11-16 16:22:13 +01:00
Tamas Vajk
8b6bf910ba Kotlin: Exclude .kt files from dead code queries 2022-11-16 16:20:09 +01:00