hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-09 03:31:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,797 Commits 1,691 Branches 160 Tags
codeql-cli/v2.12.5
Commit Graph

51797 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tony Torralba
0017461e2d Update swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-01-16 15:35:58 +01:00
Tony Torralba
cca6a13fbb Update java/ql/src/Security/CWE/CWE-927/SensitiveResultReceiver.qhelp 2023-01-16 14:21:03 +01:00
Rasmus Wriedt Larsen
a1513cc1d3 Python: Minor QLDoc fix 2023-01-16 14:07:11 +01:00
Rasmus Wriedt Larsen
dfbb744a7a Python: Add comment on *args argument handling 2023-01-16 14:04:25 +01:00
Rasmus Wriedt Larsen
e5e5d84361 Python: Add change-note 2023-01-16 13:44:24 +01:00
Michael Nebel
8981d4c06b C#: Add change note. 2023-01-16 13:43:26 +01:00
Rasmus Wriedt Larsen
61151d4aa7 Merge branch 'main' into call-graph-code 2023-01-16 13:39:15 +01:00
Michael Nebel
2f602a629f C#: Add upgrade and downgrade scripts. 2023-01-16 13:27:37 +01:00
Erik Krogh Kristensen
8ccc384043 Merge pull request #11858 from erik-krogh/moreSpawn 
JS: track shell:true more in js/shell-command-constructed-from-input
 2023-01-16 13:24:50 +01:00
Erik Krogh Kristensen
59a8b21851 Merge pull request #10862 from erik-krogh/unsafeCodeConstruction 
Rb: Add an `unsafe-code-construction` query
 2023-01-16 13:22:58 +01:00
Michael Nebel
3552a41552 C#: Add test case for static abstract and static virtual interface members. 2023-01-16 13:07:50 +01:00
Michael Nebel
dc50b6bad3 C#: Support for operators in implements relations. 2023-01-16 13:07:50 +01:00
Michael Nebel
8c2931cbb8 C#: Operators are now allowed to be declared virtual. 2023-01-16 13:07:50 +01:00
erik-krogh
d072ed969e update clap to 3.0 in QL-for-QL 2023-01-16 12:34:56 +01:00
Paolo Tranquilli
874fe2b8f9 Swift: introduce an in-memory file hash cache 
File hashing is now done internally in `SwiftFileInterception` (and
exported as a `getHashOfRealFile` function for future use in linkage
awareness), and using a per-process in-memory cache. The persistent
caching of paths is removed, so the solution is now robust against input
file changes during the build.

For the same reason, the hash to artifact mapping have the symlinks
reversed now. The artifacts themselves are stored using the hash as
filenames, and the original paths of the artifacts are reacreated in the
scratch dir with symlinks mostly for debugging purposes (to understand
what artifact each hash corresponds to, and to follow what was built by
the extractor).
 2023-01-16 12:05:36 +01:00
Tony Torralba
fdb3b65bce Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-01-16 11:57:37 +01:00
Tony Torralba
7f880a24df Merge pull request #11886 from jelaiw/jelaiw-patch-1 
Fix small typo in good/bad code sample.
 2023-01-16 09:43:23 +01:00
Paolo Tranquilli
738412260f Merge branch 'main' into redsun82/swift-open-redirection 2023-01-16 09:09:10 +01:00
jelaiw
cf7189bb28 Fix small typo in good/bad code sample. 2023-01-13 19:16:11 -06:00
Geoffrey White
1a416884d4 C++: Do something similar with the other three cases. 2023-01-14 00:09:01 +00:00
Geoffrey White
316117f5c9 C++: Reduce number of regexps. 2023-01-13 18:50:41 +00:00
Geoffrey White
2f09f0e2c1 C++: Turn the huge list into a predicate. 2023-01-13 18:47:18 +00:00
Geoffrey White
13ae15b867 C++: Add tests for more edge cases. 2023-01-13 18:38:29 +00:00
Jami Cogswell
fb6725ddaa Java: add WithoutElement comment for clear methods 2023-01-13 13:20:45 -05:00
Mathias Vorreiter Pedersen
2dbacbc302 Merge pull request #11841 from MathiasVP/swift-add-integral-types 
Swift: Add integral type classes
 2023-01-13 17:30:57 +00:00
Robert Marsh
601b43ac0a Merge branch 'main' into rdmarsh2/parameterize-range-analysis 
Conflicting change to boundedPhiInp copied to RangeAnalysisStage.qll
 2023-01-13 12:06:21 -05:00
Geoffrey White
c9a0067705 Swift: Remove flow in cases with multiple variables. 2023-01-13 16:37:23 +00:00
Mathias Vorreiter Pedersen
c5038ed281 Merge pull request #11883 from MathiasVP/fold-definitions 
C++: Fix bad join in `definitionOf`
 2023-01-13 16:28:26 +00:00
Mathias Vorreiter Pedersen
6e6f2115c0 Merge pull request #11857 from MathiasVP/speedup-missing-check-scanf 
C++: Speedup `cpp/missing-check-scanf`
 2023-01-13 16:11:16 +00:00
Geoffrey White
2c35af51cd Swift: Move logic into Ssa::WriteDefinition.assigns. 2023-01-13 15:19:33 +00:00
Geoffrey White
8a77906296 Swift: Use Ssa::Definition rather than ConcreteVarDecl. 2023-01-13 15:01:20 +00:00
Mathias Vorreiter Pedersen
2aace0df2c Merge pull request #11743 from MathiasVP/fix-pointer-to-const-nodes 
C++: `PostUpdateNode`s for const-pointer arguments
 2023-01-13 14:03:21 +00:00
Mathias Vorreiter Pedersen
cdd9567062 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternalsCommon.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-01-13 13:54:07 +00:00
Michael Nebel
2d46272295 Merge pull request #11881 from michaelnebel/java/modeldiffignore 
Java: Ignore missing html artifacts in the Model Diff workflow.
 2023-01-13 14:11:19 +01:00
Michael Nebel
b36be009d4 Merge pull request #11834 from michaelnebel/csharp/operators 
C# 11: Extractor and library support for Unsigned right shift.
 2023-01-13 13:21:02 +01:00
erik-krogh
71af8ab022 simplifications inspired by review 2023-01-13 13:18:52 +01:00
Mathias Vorreiter Pedersen
2283eacc0b C++: Fix bad join in 'definitionOf'. 2023-01-13 11:42:15 +00:00
Mathias Vorreiter Pedersen
59072f9e81 C++: Improve QLDoc. 2023-01-13 11:01:23 +00:00
Mathias Vorreiter Pedersen
dd8bead21a C++: Fix spurious backticks. 2023-01-13 10:57:44 +00:00
Mathias Vorreiter Pedersen
cf9998b932 Merge pull request #5 from geoffw0/integraltypes 
Swift: Work on integral type classes
 2023-01-13 10:01:23 +00:00
Arthur Baars
5865b51a94 Ruby: build extractor using cross 2023-01-13 10:25:27 +01:00
Arthur Baars
dc6f5f60d1 Ruby: update stats 2023-01-13 10:22:42 +01:00
Arthur Baars
28c9b52dce Ruby: add change note 2023-01-13 10:22:42 +01:00
Arthur Baars
46063c7d04 Ruby: update expected output 2023-01-13 10:22:41 +01:00
Arthur Baars
c4ec674057 Ruby: support anonymous (hash)splat parameters/arguments 2023-01-13 10:22:41 +01:00
Arthur Baars
4d3e2bb814 Ruby: upgrade/downgrade scripts 2023-01-13 10:22:41 +01:00
Arthur Baars
290167e1a3 Ruby: re-generated dbscheme/library 2023-01-13 10:22:41 +01:00
Arthur Baars
3a887d1c92 Ruby: update tree-sitter-{ruby, embedded-template} 2023-01-13 10:22:41 +01:00
Charis Kyriakou
792d4a83f9 Rename VS Code Extension Run Query command 2023-01-13 08:46:35 +00:00
Michael Nebel
600412db48 Java: Ignore missing html artifacts. 2023-01-13 08:58:53 +01:00