hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-04 09:11:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
53,865 Commits 1,689 Branches 159 Tags
codeql-cli/v2.13.1
Commit Graph

53865 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CodeQL CI
c1a52031cf Merge pull request #12968 from github/release-prep/2.13.1 
Release preparation for version 2.13.1
codeql-cli/v2.13.1 		2023-04-28 13:14:42 +01:00
github-actions[bot]
3bd29171fb Release preparation for version 2.13.1 2023-04-28 12:14:35 +00:00
Mathias Vorreiter Pedersen
205bb76036 Merge pull request #12960 from MathiasVP/fp-invalid-deref-2 
C++: Add more FPs for `cpp/invalid-pointer-deref`
 2023-04-28 09:47:46 +01:00
Mathias Vorreiter Pedersen
4ef58cd662 C++: Remove unused parameter in test. 2023-04-28 09:30:30 +01:00
Anders Schack-Mulligen
ce64408442 Merge pull request #12954 from aschackmull/java/implicitlypublic 
Java: Add SrcCallable.isImplicitlyPublic convenience predicate.
 2023-04-28 10:07:45 +02:00
Asger F
ee25f97ea5 Merge pull request #12956 from asgerf/js/express-array-routes 
JS: Properly recognise Express middlewares in an array
 2023-04-28 09:57:35 +02:00
Mathias Vorreiter Pedersen
5f4d0892ff Merge pull request #12900 from MathiasVP/ir-translate-constant-static-local-vars-2 2023-04-28 08:46:25 +01:00
Asger F
8a9308c8b0 JS: Update test output 2023-04-28 07:55:20 +02:00
Asger F
0c8f895e0f JS: Add one more test 2023-04-27 21:06:20 +02:00
Asger F
97a942de80 JS: Update test output 2023-04-27 21:04:35 +02:00
Mathias Vorreiter Pedersen
5c23474634 C++: Add FPs for 'cpp/invalid-pointer-deref'. 2023-04-27 18:49:05 +01:00
Mathias Vorreiter Pedersen
6c095d8143 Merge pull request #12953 from MathiasVP/fp-invalid-deref 
C++: Add FP for `cpp/invalid-pointer-deref`
 2023-04-27 17:29:37 +01:00
Mathias Vorreiter Pedersen
e46c53af1d C++: accept test changes. 2023-04-27 17:13:02 +01:00
Mathias Vorreiter Pedersen
1372ee7a44 Update cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-04-27 17:10:44 +01:00
Asger F
0fb79bdf64 JS: Include a local step before store step 2023-04-27 17:58:02 +02:00
Asger F
c674afb674 JS: Fix condition in getRouteHandlerNode 
Previous version did not account for arrays
 2023-04-27 17:58:02 +02:00
Asger F
682ff23e04 JS: Update Express test 2023-04-27 16:36:04 +02:00
Asger F
36889f6d72 JS: Fix isResponse/isRequest 2023-04-27 16:35:56 +02:00
Asger F
70331c0ea4 JS: Decouple chaining from ExplicitResponseSource 2023-04-27 16:14:27 +02:00
Asger F
96e415aba6 JS: Track express route handlers into arrays 2023-04-27 16:14:22 +02:00
Mathias Vorreiter Pedersen
432c0b508a C++: Add another FP. 2023-04-27 14:50:29 +01:00
Anders Schack-Mulligen
9df2ee00d6 Java: Add SrcCallable.isImplicitlyPublic convenience predicate. 2023-04-27 15:20:49 +02:00
Anders Schack-Mulligen
246d904712 Merge pull request #12948 from aschackmull/dataflow/pathnode-type-tostring 
Dataflow: Add type to PathNode.toString.
 2023-04-27 14:14:10 +02:00
Mathias Vorreiter Pedersen
5a8bed0285 C++: Add FP for 'cpp/invalid-pointer-deref'. 2023-04-27 13:13:21 +01:00
Tom Hvitved
f888382d35 Merge pull request #12906 from hvitved/ruby/track-block-no-self 
Ruby: Prevent flow into `self` in `trackBlock`
 2023-04-27 12:48:05 +02:00
Geoffrey White
5a77dfb5d5 Merge pull request #12905 from geoffw0/webviewdoc 
Swift: Doc review for swift/unsafe-webview-fetch
 2023-04-27 11:23:53 +01:00
Henry Mercer
9ded5b87a5 Merge pull request #12942 from github/henrymercer/update-diagnostics-integration-tests 
C#: Update diagnostics integration tests
 2023-04-27 11:23:14 +01:00
Geoffrey White
507bb61c3c Swift: Add missing '.' 2023-04-27 11:00:35 +01:00
Anders Schack-Mulligen
f685ae1fa7 Java: Update one more expected output. 2023-04-27 12:00:32 +02:00
Geoffrey White
c823c58e00 Swift: WebView -> web view. 2023-04-27 10:57:25 +01:00
Geoffrey White
cc8d7bff0b Update swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-04-27 10:12:13 +01:00
Anders Schack-Mulligen
6025feebd9 C#: Update expected output. 2023-04-27 10:24:24 +02:00
Tony Torralba
21a00f9197 Merge pull request #12946 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-04-27 10:13:07 +02:00
github-actions[bot]
e6c4bd18d6 Add changed framework coverage reports 2023-04-27 00:17:19 +00:00
Tom Hvitved
fc66aacf92 Merge pull request #12922 from hvitved/ruby/controller-template-file-join 
Ruby: Fix bad join in `controllerTemplateFile`
 2023-04-26 21:26:54 +02:00
Henry Mercer
0040025661 Update expected output of integration tests 
We now produce output using the CodeQL CLI, which ignores empty
properties during serialization.
 2023-04-26 19:41:57 +01:00
Henry Mercer
067f3259c9 C#: Update diagnostics calls to use new API 2023-04-26 19:41:57 +01:00
Henry Mercer
1ae116c4cc Merge pull request #12895 from github/henrymercer/diagnostics-verify-one-based 
JS: Update `DiagnosticLocation` call to gracefully handle invalid locations
 2023-04-26 19:22:57 +01:00
Mathias Vorreiter Pedersen
6bfdbef697 C++: Fix implicit 'this'. 2023-04-26 18:06:44 +01:00
Mathias Vorreiter Pedersen
b18e096f7f C++: Fix missing result for 'getFunction' and accept test changes. 2023-04-26 18:01:39 +01:00
Mathias Vorreiter Pedersen
1dcac76992 C++: Add a weird testcase demonstrating invalid IR. 2023-04-26 17:48:02 +01:00
Henry Mercer
d7474f91dc Merge branch 'main' into henrymercer/diagnostics-verify-one-based 2023-04-26 17:26:36 +01:00
Arthur Baars
128d102bbc Merge pull request #12871 from aibaars/py-yaml 
Python: add YAML support
 2023-04-26 18:13:26 +02:00
Mathias Vorreiter Pedersen
60aab206b0 C++: Join on two columns instead of one. 
Before:
```
Evaluated non-recursive predicate TranslatedElement#ea057665::TranslatedElement::getInstructionVariable#1#dispred#fff@146210id in 201548ms (size: 3469729).
Evaluated relational algebra for predicate TranslatedElement#ea057665::TranslatedElement::getInstructionVariable#1#dispred#fff@146210id with tuple counts:
  ...
     1812768   ~3%    {3} r65 = JOIN num#InstructionTag#c9183db3::OnlyInstructionTag#f WITH TranslatedExpr#043317a1::TranslatedNonFieldVariableAccess#ff CARTESIAN PRODUCT OUTPUT Rhs.1, Lhs.0, Rhs.0
     1812767   ~0%    {4} r66 = JOIN r65 WITH Access#8878f617::Access::getTarget#0#dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.0
  3996407117   ~3%    {5} r67 = JOIN r66 WITH TranslatedElement#ea057665::getIRUserVariable#2#fff_102#join_rhs ON FIRST 1 OUTPUT Lhs.3, Rhs.1, Lhs.1, Lhs.2, Rhs.2
     1815194   ~0%    {3} r68 = JOIN r67 WITH TranslatedExpr#043317a1::getEnclosingDeclaration#1#ff ON FIRST 2 OUTPUT Lhs.3, Lhs.2, Lhs.4
  ...
```

After:
```
Evaluated non-recursive predicate TranslatedExpr#043317a1::accessHasEnclosingDeclarationAndVariable#3#fff@665ccb8o in 865ms (size: 2769549).
Evaluated relational algebra for predicate TranslatedExpr#043317a1::accessHasEnclosingDeclarationAndVariable#3#fff@665ccb8o with tuple counts:
        2769549  ~1%    {3} r1 = JOIN Access#8878f617::Access::getTarget#0#dispred#ff WITH TranslatedExpr#043317a1::getEnclosingDeclaration#1#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0
                        return r1
...
Evaluated non-recursive predicate TranslatedElement#ea057665::TranslatedElement::getInstructionVariable#1#dispred#fff@7d4d33to in 805ms (size: 3469729).
Evaluated relational algebra for predicate TranslatedElement#ea057665::TranslatedElement::getInstructionVariable#1#dispred#fff@7d4d33to with tuple counts:
  ...
  1963209   ~0%    {2} r34 = JOIN TranslatedElement#ea057665::getIRUserVariable#2#fff WITH TranslatedExpr#043317a1::accessHasEnclosingDeclarationAndVariable#3#fff ON FIRST 2 OUTPUT Rhs.2, Lhs.2
  1815194   ~2%    {2} r35 = JOIN r34 WITH TranslatedExpr#043317a1::TranslatedNonFieldVariableAccess#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.1
  1815194   ~0%    {3} r36 = JOIN r35 WITH num#InstructionTag#c9183db3::OnlyInstructionTag#f CARTESIAN PRODUCT OUTPUT Lhs.1, Rhs.0, Lhs.0
  ...
```
 2023-04-26 16:32:43 +01:00
Mathias Vorreiter Pedersen
20f555c715 Merge pull request #12938 from MathiasVP/fix-todo-is-abnormal-exit-type 
Swift: Implement `isAbnormalExitType`
 2023-04-26 16:16:19 +01:00
Sam Browning
35788162ec Merge pull request #12915 from github/sabrowning1/query-suite-name-fix 
Update `code-scanning` query suite name to `default`
 2023-04-26 10:38:21 -04:00
Mathias Vorreiter Pedersen
d114388470 Swift: Implement 'isAbnormalExitType' and accept test changes. 2023-04-26 15:36:52 +01:00
Tony Torralba
12d181143f Merge pull request #10533 from pwntester/main 
Java: Add support for java.util.StringJoiner
 2023-04-26 16:18:35 +02:00
Mathias Vorreiter Pedersen
3d381331e1 C++: Add a test with global variable templates. 2023-04-26 15:00:32 +01:00
Anders Schack-Mulligen
8e6038577d Java: Update expected output. 2023-04-26 14:45:40 +02:00