hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-07 10:41:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,527 Commits 1,691 Branches 160 Tags
codeql-cli/v2.16.0
Commit Graph

62527 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erik-krogh
59cc90e547 move Regex into a ParseRegExp file, and rename the class to RegExp 2023-05-01 10:42:14 +02:00
erik-krogh
556bb41999 move all code to find Regex flag into a module 2023-05-01 10:42:14 +02:00
erik-krogh
f0254fc089 introduce RegExpInterpretation instead of RegexString, and move RegexTreeView.qll into a regexp folder 2023-05-01 10:42:13 +02:00
erik-krogh
e677b62241 use type-tracking instead of global dataflow for tracking regular expressions 2023-05-01 10:41:53 +02:00
Michael Nebel
36ea61c25e C#: Address review comments. 2023-05-01 10:38:39 +02:00
Asger F
e9f1e99526 Merge pull request #12887 from asgerf/js/unsafe-yaml-deserialization 
JS: Update model of js-yaml
 2023-05-01 09:57:20 +02:00
Rasmus Wriedt Larsen
1bba5258d6 Merge pull request #11280 from RasmusWL/dict-dataflow-steps 
Python: Support more dictionary read/store steps
 2023-04-30 16:07:29 +02:00
Rasmus Wriedt Larsen
f2def84337 Misc: Add script to accept .expected changes from CI 
This script can be used to go over `codeql test run` expected/actual log
output from actions CI checks for a PR, and apply patches locally to
make the tests pass.

Designed for use by GitHub employees, since it needs access to internal
CI runs. Just run this tool while the branch for the PR is checked out!

You need the `gh` cli tool installed and authenticated.

Example can be seen in https://github.com/github/codeql/pull/12950
 2023-04-30 14:59:50 +02:00
tyage
f52c845663 Fix comment. 2023-04-30 19:52:11 +09:00
tyage
80d401fba8 JS: change note 2023-04-30 18:26:46 +09:00
tyage
71952fe551 JS: Add test for sub module 2023-04-30 18:18:35 +09:00
tyage
c0cf0b430e JS: support submodules 2023-04-30 18:07:52 +09:00
Mathias Vorreiter Pedersen
a7d238f4c4 C++: Accept consistency changes. 2023-04-28 22:41:58 +01:00
Erik Krogh Kristensen
3d41cd583f Merge pull request #12963 from tyage/track-interfile-use-router 
JS: Track interfile useRouter
 2023-04-28 22:41:43 +02:00
Asger F
d1c8e0abd7 Merge pull request #12951 from asgerf/js/json-with-comments 
JS: Stop complaining about comments in JSON files
 2023-04-28 20:53:35 +02:00
Felicity Chapman
1094018088 Remove unused file 2023-04-28 18:35:57 +01:00
Mathias Vorreiter Pedersen
490b253dc8 C++: Add change note. 2023-04-28 17:48:01 +01:00
Mathias Vorreiter Pedersen
498395b50e C++: Add QLDoc to getA(nIndirect)BarrierNode. 2023-04-28 17:42:14 +01:00
Mathias Vorreiter Pedersen
8c8b919dfb C++: Add an API for indirect barrier guards and use it in tests. 2023-04-28 14:09:08 +01:00
Mathias Vorreiter Pedersen
a6adf825bc C++: Add a test that needs indirect barrier guards. 2023-04-28 13:56:31 +01:00
Tony Torralba
77ec181cac Java: Fix sink model generator for instance parameters 2023-04-28 14:49:04 +02:00
Mathias Vorreiter Pedersen
0f0384cff6 C++: Rewrite the barrier guard tests to be expression based. This is really what we expect people to write in queries. 2023-04-28 13:49:01 +01:00
Asger F
f87740ab18 Merge pull request #12867 from asgerf/js/webpack-bundles 
JS: Ignore more webpack modules
 2023-04-28 14:35:57 +02:00
Tony Torralba
e0074d52eb Add autogenerated models for org.apache.commons.net 2023-04-28 14:33:23 +02:00
Asger F
1b75afb5b1 JS: Change note 2023-04-28 14:32:11 +02:00
CodeQL CI
c1a52031cf Merge pull request #12968 from github/release-prep/2.13.1 
Release preparation for version 2.13.1
codeql-cli/v2.13.1 		2023-04-28 13:14:42 +01:00
github-actions[bot]
3bd29171fb Release preparation for version 2.13.1 2023-04-28 12:14:35 +00:00
Geoffrey White
837f16c212 Swift: Address singleton set literal warning 2023-04-28 12:16:28 +01:00
Michael B. Gale
edfe2d7ab7 Merge pull request #12944 from github/mbg/go/html-template-sanitizers 
Go: Add `html/template` functions as sanitisers for XSS queries
 2023-04-28 12:15:57 +01:00
Felicity Chapman
8ca80d3170 Update links to CodeQL manual 
Make CodeQL CLI a single item in the side navigation
 2023-04-28 12:07:26 +01:00
Mathias Vorreiter Pedersen
43527573d0 C++: Fix back edge detection for phi nodes. 2023-04-28 11:58:56 +01:00
Mathias Vorreiter Pedersen
faf846bd58 C++: Disable flow through nodes that are sources of phi edges' back edges. 2023-04-28 11:36:42 +01:00
Michael B. Gale
5a44fae515 Go: add test for unrelated A->C data flow 2023-04-28 10:56:12 +01:00
Mathias Vorreiter Pedersen
2716c73f87 C++: Add change note. 2023-04-28 10:49:49 +01:00
Mathias Vorreiter Pedersen
c35cb70c9f C++: Fix inconsistencies. 2023-04-28 10:40:18 +01:00
Mathias Vorreiter Pedersen
fd2f0257b6 C++: Accept query changes. 2023-04-28 10:25:12 +01:00
Mathias Vorreiter Pedersen
24d1cac9d7 C++: Accept test changes. 2023-04-28 10:25:07 +01:00
Mathias Vorreiter Pedersen
ee7b137c24 C++: Add dataflow for static locals. 2023-04-28 10:24:57 +01:00
Mathias Vorreiter Pedersen
3eca60cc40 C++: Add static local testcases. 2023-04-28 10:23:36 +01:00
Mathias Vorreiter Pedersen
205bb76036 Merge pull request #12960 from MathiasVP/fp-invalid-deref-2 
C++: Add more FPs for `cpp/invalid-pointer-deref`
 2023-04-28 09:47:46 +01:00
Mathias Vorreiter Pedersen
4ef58cd662 C++: Remove unused parameter in test. 2023-04-28 09:30:30 +01:00
Owen Mansel-Chan
8415c4a4eb Remove ArgumentNode assumption 2023-04-28 09:23:38 +01:00
Owen Mansel-Chan
c7c0a73b90 Accept review suggestions 2023-04-28 09:23:37 +01:00
Owen Mansel-Chan
52cc61198d Use CallExpr.hasImplicitArgs() 2023-04-28 09:23:37 +01:00
Owen Mansel-Chan
b928f13d94 Add CallExpr.hasImplicitArgs() 2023-04-28 09:23:36 +01:00
Owen Mansel-Chan
f3c1c53b54 Add CallExpr.getCalleeType() 
This avoids using `getTarget()`, so it works even when that doesn't
exist (for example when calling a variable with function type).
 2023-04-28 09:23:36 +01:00
Stephan Brandauer
bd3aaf0306 remove comment that no longer applies 2023-04-28 10:16:18 +02:00
Anders Schack-Mulligen
ce64408442 Merge pull request #12954 from aschackmull/java/implicitlypublic 
Java: Add SrcCallable.isImplicitlyPublic convenience predicate.
 2023-04-28 10:07:45 +02:00
Asger F
ee25f97ea5 Merge pull request #12956 from asgerf/js/express-array-routes 
JS: Properly recognise Express middlewares in an array
 2023-04-28 09:57:35 +02:00
Mathias Vorreiter Pedersen
5f4d0892ff Merge pull request #12900 from MathiasVP/ir-translate-constant-static-local-vars-2 2023-04-28 08:46:25 +01:00