hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 22:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
60,929 Commits 1,673 Branches 157 Tags
codeql-cli/v2.15.3
Commit Graph

60929 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
8937e0b313 Swift: == -> = 2023-10-27 17:18:09 +01:00
Alex Ford
cb1cd5ed2a Merge pull request #14560 from alexrford/rb/modgen 
Ruby: add a query and script for autogenerating typeModel and summaryModel data extensions entries
 2023-10-27 16:43:42 +01:00
Mathias Vorreiter Pedersen
28eb2caacb Swift: Accept test changes. 2023-10-27 16:30:01 +01:00
Mathias Vorreiter Pedersen
33494fe9e1 C++: Extend the taint model and accept test changes. 2023-10-27 16:26:37 +01:00
Mathias Vorreiter Pedersen
e4683449cb C++: Add failing test. 2023-10-27 16:26:37 +01:00
Mathias Vorreiter Pedersen
8bf8888c24 C++: Simplify 'parameterNeverEscapes' and add a comment. 2023-10-27 16:26:37 +01:00
Mathias Vorreiter Pedersen
6538a7645d Swift: Add up and downgrade scripts. 2023-10-27 15:55:12 +01:00
Mathias Vorreiter Pedersen
6062fbb475 Merge pull request #14383 from geoffw0/nsstringregex 
Swift: Add regular expression evaluation models for StringProtocol and NSString methods
 2023-10-27 15:49:23 +01:00
Mathias Vorreiter Pedersen
572cec2c55 C++: Accept test changes. 2023-10-27 15:00:25 +01:00
Mathias Vorreiter Pedersen
43e8b900bf C++: Fix 'strtol' model. 2023-10-27 14:59:11 +01:00
Geoffrey White
2a552d9721 Swift: Address QL-for-QL warning. 2023-10-27 14:56:19 +01:00
Mathias Vorreiter Pedersen
d6b6c432d9 C++: Add test with incorrect IR due to wrong model. 2023-10-27 14:53:06 +01:00
Owen Mansel-Chan
d534c93ff1 Merge pull request #14606 from owen-mc/go/incorrect-integer-conversion-fixes 
Go: Two fixes to upper bound checks in "incorrect integer conversion" query
 2023-10-27 14:50:11 +01:00
Alex Ford
f6ac63b259 Ruby: modgen - use FeatureEqualSourceSinkCallContext feature rather than late filtering for method context 2023-10-27 14:48:50 +01:00
Geoffrey White
12201d2e8e Swift: Codegen. 2023-10-27 14:37:06 +01:00
Geoffrey White
6ad5c9542b Swift: Add getCanonicalType to the NominalType test as well. 2023-10-27 14:37:06 +01:00
Dave Bartolomeo
b18a6d5e0b Merge pull request #14582 from github/dbartol/threat-models-2 
Java: Threat model implementation with priorities.
 2023-10-27 09:33:53 -04:00
Geoffrey White
ce471105e2 Swift: QLDoc getCanonicalType. 2023-10-27 14:23:51 +01:00
Mathias Vorreiter Pedersen
4aed638066 Merge pull request #14577 from MathiasVP/capture-flow-swift 
Swift: Add variable-capture flow
 2023-10-27 14:09:04 +01:00
Rasmus Lerchedahl Petersen
1f8a51cffe Python: add module for post-update flow 
The logic for adding flow out of post-update-nodes
was also duplicated, so I added a module for that also.

The two modules are now only used together. I did not
fuse them, though, as I think they may not be used
together in the case of use-use-flow.
 2023-10-27 15:07:49 +02:00
Rasmus Lerchedahl Petersen
e745df6478 Python: module for import time flow 
The logic for separating local flow into _import time_
and _runtime_ was duplicated a few times.
Create a module for it instead, and add a good qldoc.
 2023-10-27 15:07:49 +02:00
Erik Krogh Kristensen
c1a1ebfb60 Merge pull request #14616 from erik-krogh/identity-severity 
JS: lower the severity of js/identity-replacement to medium
 2023-10-27 14:27:05 +02:00
Anders Schack-Mulligen
e9cb272396 Merge pull request #14615 from aschackmull/dataflow/stage-alias 
Dataflow: simplify using stage aliases.
 2023-10-27 14:17:30 +02:00
Tom Hvitved
6ad8a4db1c C#: Only use getTypeRef when there is not already a type available 2023-10-27 14:11:55 +02:00
erik-krogh
cf958f0828 lower the severity of js/identity-replacement to medium 2023-10-27 13:54:17 +02:00
Anders Schack-Mulligen
10c657bc23 Dataflow: simplify using stage aliases. 2023-10-27 13:40:21 +02:00
Ian Lynagh
0cf702a74f Kotlin: Tweak the logs test to not be confused by the new logs 2023-10-27 12:04:43 +01:00
Alex Ford
0818354ad7 Ruby: modgen - fix unbound variable 2023-10-27 11:46:09 +01:00
Owen Mansel-Chan
00ba7e42b1 Merge pull request #14613 from owen-mc/change-note-check-on-shared 
Update `Change-note-check` workflow to detect changes in shared folder
 2023-10-27 11:45:03 +01:00
Anders Schack-Mulligen
c7be5ac527 Merge pull request #14602 from aschackmull/java/split-dispatch-cached-stages 
Java: Split the different layers of virtual dispatch into separate cached stages.
 2023-10-27 12:36:29 +02:00
Owen Mansel-Chan
1db622e740 Make check-change-note workflow include shared 2023-10-27 11:26:13 +01:00
Mathias Vorreiter Pedersen
68999f3cef Swift: Fix test by including the 'allowParameterReturnInSelf' hook from the variable capture library. 2023-10-27 11:25:19 +01:00
Mathias Vorreiter Pedersen
9b150e4ea9 Swift: Add failing test. 2023-10-27 11:22:56 +01:00
Mathias Vorreiter Pedersen
a5a7d27c4b Swift: Add change note. 2023-10-27 11:16:32 +01:00
Ian Lynagh
3c5b9ce0cd Kotlin: Make the enum test more precise 
In Kotlin 2 mode, there are more library classes matching Enum%, so the
output was spuriously different.
 2023-10-27 11:15:12 +01:00
Owen Mansel-Chan
3c9783c7c9 Add change note 2023-10-27 11:12:37 +01:00
Mathias Vorreiter Pedersen
b41ec37993 Swift: Remove the code related to constructor capture (and the related TODO). This cannot happen in Swift. 2023-10-27 11:05:48 +01:00
Tom Hvitved
ee5c014382 Merge pull request #14609 from hvitved/csharp/stub-gen-attribute-usage 
C#: Include `AttributeUsages` in stub generator
 2023-10-27 12:05:34 +02:00
Owen Mansel-Chan
581305b234 Improve QLDoc for UpperBoundCheckGuard 2023-10-27 10:59:20 +01:00
Owen Mansel-Chan
8beacb8d4a Change predicate name from getX to getOrder 2023-10-27 10:44:42 +01:00
Mathias Vorreiter Pedersen
9cae488ef4 Merge pull request #14612 from aschackmull/dataflow/type-doc 
Dataflow: Improve qldoc on the type system.
 2023-10-27 10:39:57 +01:00
Mathias Vorreiter Pedersen
65e13aa5ed Swift: Add simple version of the 'captureList' test that works. 2023-10-27 10:27:35 +01:00
Mathias Vorreiter Pedersen
93234c0b5c Swift: Add model for 'withVaList' and accept test changes. 2023-10-27 10:21:12 +01:00
Mathias Vorreiter Pedersen
9e2dd09ddc Swift: Accept test regression (caused by no model for 'withVaList'). 2023-10-27 10:20:07 +01:00
Max Schaefer
104700f6d3 Address review comment. 2023-10-27 10:19:28 +01:00
Anders Schack-Mulligen
0f4ea10638 Merge pull request #14611 from aschackmull/dataflow/partialflow-changenote 
Dataflow: Add change note for partial flow api change.
 2023-10-27 10:57:17 +02:00
Anders Schack-Mulligen
776e35279d Dataflow: Improve qldoc on the type system. 2023-10-27 10:43:54 +02:00
Michael Nebel
e4276f7adb Java: Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-10-27 10:34:20 +02:00
Anders Schack-Mulligen
b106db6fda Dataflow: Add change note for partial flow api change. 2023-10-27 09:46:46 +02:00
Anders Schack-Mulligen
9769953669 Java: Split the different layers of virtual dispatch into separate cached stages. 2023-10-27 09:40:20 +02:00