hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-13 21:51:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,887 Commits 1,690 Branches 160 Tags
codeql-cli/v2.13.3
Commit Graph

54887 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
28c32fc78e Merge pull request #11383 from hvitved/csharp/ci-extractor-unit-tests 
C#: Also include extractor unit tests in `csharp-qltest.yml`
 2022-11-23 11:58:07 +01:00
Henry Mercer
3b69821630 ATM: Add descriptions to ML-powered packs 2022-11-23 10:46:23 +00:00
Tom Hvitved
a55c56feed Fix typo in codeql-workspace.yml 2022-11-23 11:33:52 +01:00
Ben Ahmady
40c2b3c43b Merge branch 'codeql-cli-2.11.4' into subatoi/codeql-cli-2.11.4 2022-11-23 10:18:46 +00:00
Asger F
1c910550e6 Python: merge package/type columns 2022-11-23 11:17:42 +01:00
Asger F
22316ee4fe Ruby: merge package/type columns 2022-11-23 11:17:42 +01:00
Asger F
2e3413c9b8 JS: Merge package/type columns 2022-11-23 11:17:42 +01:00
Ben Ahmady
093ff4061d Update docs/codeql/reusables/kotlin-java-differences.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-23 10:08:45 +00:00
Ben Ahmady
7644ecad52 Update docs/codeql/reusables/kotlin-java-differences.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-23 10:08:29 +00:00
Ben Ahmady
0a91ee1019 Update docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-java-programs.rst 2022-11-23 10:08:20 +00:00
Ben Ahmady
df7f0cf9a9 Update docs/codeql/codeql-language-guides/analyzing-data-flow-in-java.rst 2022-11-23 10:08:10 +00:00
Ben Ahmady
c06b8a68e5 Update docs/codeql/reusables/kotlin-java-differences.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-23 10:08:00 +00:00
Jeroen Ketema
9e4cab74ec Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-23 11:07:03 +01:00
Ben Ahmady
c663da5be6 Update docs/codeql/reusables/kotlin-java-differences.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-23 10:07:03 +00:00
Ben Ahmady
4bd7e24b5f Update docs/codeql/reusables/kotlin-java-differences.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-23 10:06:57 +00:00
Ben Ahmady
605c7113a2 Update docs/codeql/reusables/kotlin-java-differences.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-23 10:06:48 +00:00
Ben Ahmady
e2240abc78 Update docs/codeql/codeql-language-guides/codeql-for-java.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-23 10:06:34 +00:00
Nick Rolfe
e16bdc4d07 Ruby/QL: only create dbscheme case-splits for columns on defining tables 2022-11-23 10:00:08 +00:00
Mathias Vorreiter Pedersen
349c5cd800 Merge pull request #11254 from MathiasVP/fix-ssa-flow 
C++: Fix spurious reference flow
 2022-11-23 09:52:28 +00:00
Geoffrey White
556d68aeed Update swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-11-23 09:17:18 +00:00
Paolo Tranquilli
545c2f67e9 Merge pull request #11382 from github/alexdenisov/swift-relax-file-archiving 
Swift: do not abort if cannot archive a source file
 2022-11-23 06:56:26 +01:00
Paolo Tranquilli
d345cec339 Merge pull request #11381 from github/alexdenisov/swift-fix-remapping-regression 
Swift: fix remapping bug
 2022-11-23 06:56:05 +01:00
ka1n4t
d113fb23c8 Add test case for PR-11368 2022-11-23 11:05:58 +08:00
Tom Hvitved
4ad7d2d822 C#: Also include extractor unit tests in csharp-qltest.yml 2022-11-22 19:55:38 +01:00
Ben Ahmady
24c413fbf9 Adds Kotlin (beta) content 2022-11-22 18:33:24 +00:00
Geoffrey White
7d45ca6293 Merge branch 'main' into optionals2 2022-11-22 17:35:27 +00:00
Alex Denisov
8f02463411 Swift: fix remapping bug 
This issue has slipped during a recent refactoring:
https://github.com/github/codeql/pull/10987/files#diff-c5ab26a06a93c4507a834859a6a56878d5bfe16c4d7cbac4afc4f081d46f461aL63-R64
 2022-11-22 17:25:07 +01:00
Alex Denisov
a2ac1384cb Swift: do not abort if cannot archive a source file 2022-11-22 17:18:40 +01:00
Tony Torralba
92ee0aa7ae Merge pull request #11367 from atorralba/atorralba/java/add-bitwise-implicit-intents 
Java: Consider taint through bitwise operations on PendingIntent flags
 2022-11-22 17:08:52 +01:00
Rasmus Wriedt Larsen
69b43f147a Python: Fix ql4ql alerts 
The rest will be ignored.
 2022-11-22 16:24:47 +01:00
Tony Torralba
2e1a78e1bf Add models for NSData and NSMutableData 2022-11-22 15:48:58 +01:00
Rasmus Wriedt Larsen
5866af413f Merge pull request #11347 from tausbn/python-clean-up-import-resolution 
Python: Add change note for module resolution
 2022-11-22 15:28:38 +01:00
Mathias Vorreiter Pedersen
623372238d C++: Better support for flow-through. 2022-11-22 13:54:44 +00:00
Rasmus Wriedt Larsen
04a68f8d52 Merge pull request #11372 from RasmusWL/getpass 
Python: Model `getpass.getpass` as source of passwords
 2022-11-22 14:49:04 +01:00
Rasmus Wriedt Larsen
00ec3a23ba Python: Accept fix from module-resolution PR 2022-11-22 14:46:33 +01:00
Rasmus Wriedt Larsen
ee2f7401e8 Python: Add generator-flow/dataflow-consistency.ql 2022-11-22 14:46:33 +01:00
Rasmus Wriedt Larsen
8de5cfef43 Python: Update dataflow-consistency.expected 
After merging in main
 2022-11-22 14:46:33 +01:00
Rasmus Wriedt Larsen
c0ad870949 Python: Exclude synthetic generator functions from DataFlowCallable 2022-11-22 14:46:33 +01:00
Rasmus Wriedt Larsen
d86f98d60b Python: Accept changes for enclosing-callable test 2022-11-22 14:46:33 +01:00
Rasmus Wriedt Larsen
aa382ac042 Python: Add test for strange generator taint flow 
I did check, and this was not a problem with the old call-graph on main!

I'm absolutely baffled!
 2022-11-22 14:46:33 +01:00
Rasmus Wriedt Larsen
36e8b8bfb9 Python: Add call-graph to cached dataflow stage 
I didn't do any performance investigation on this, since it just seems
so much like the right approach.
 2022-11-22 14:46:32 +01:00
Rasmus Wriedt Larsen
fc0545561e Python: Introduce points-to cached stage 
With points-to not being used for the call-graph any longer, it's time
to split them.
 2022-11-22 14:46:32 +01:00
Rasmus Wriedt Larsen
bd46b7deaa Python: Cache a few call-graph predicates 
We DON'T want to recompute these ones for sure!
 2022-11-22 14:46:32 +01:00
Rasmus Wriedt Larsen
6646e98d20 Python: Fix results outside DB for StackTraceExposure 2022-11-22 14:46:32 +01:00
Rasmus Wriedt Larsen
972cfa5cf6 Python: Accept bad StackTraceExposure.expected 
This is only Python 2 though
 2022-11-22 14:46:32 +01:00
Rasmus Wriedt Larsen
a301c93ebf Python: Fix results outside DB for CleartextLogging 2022-11-22 14:46:32 +01:00
Rasmus Wriedt Larsen
0a41d8d2c1 Python: Accept bad CleartextLogging.expected 2022-11-22 14:46:32 +01:00
Rasmus Wriedt Larsen
39ce50fadc Python: Fix problems with sinks in pathlib 
This must mean that we did not have this flow with the old call-graph,
which means the new call-graph is doing a better job (yay).
 2022-11-22 14:46:32 +01:00
Rasmus Wriedt Larsen
edcaff26af Python: Add path-injection test using pathlib 
Since it has the same problem of showing sinks inside the extracted
stdlib
 2022-11-22 14:46:32 +01:00
Rasmus Wriedt Larsen
9d29a0a044 Python: Accept changes to .expected from more pathlib flow 
But we don't want to keep this, this commit is just to show why we need a fix :)
 2022-11-22 14:46:32 +01:00