hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-26 17:28:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,721 Branches 163 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
5bbc61e83c Swift: Add a few more test cases. 2023-11-21 11:32:40 +00:00
Rasmus Wriedt Larsen
5f26790b90 Merge branch 'main' into py-restframework 2023-11-21 11:57:48 +01:00
Rasmus Wriedt Larsen
df9fb141b8 Python: Remove old manual consistency query tests 2023-11-21 11:50:23 +01:00
Tom Hvitved
12359ba733 Add change note 2023-11-21 11:46:15 +01:00
Ian Lynagh
0668b71538 Merge pull request #14831 from igfoo/igfoo/kot2 
Kotlin: Add 2.0.0-Beta1
 2023-11-21 10:35:12 +00:00
Rasmus Wriedt Larsen
b6df6b7c99 Python: Add dataflow consistency query 2023-11-21 11:33:28 +01:00
Max Schaefer
dfffa1e237 Apply suggestions from code review 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2023-11-21 10:07:11 +00:00
Michael Nebel
d8e7c9c986 Merge pull request #14767 from michaelnebel/csharp/projectframeworkassets 
C#: Framework dependency detection.
 2023-11-21 10:55:30 +01:00
Tamas Vajk
253c658ad2 C#: Tolerate missing call targets in LogMessageSink 2023-11-21 10:13:18 +01:00
Tamas Vajk
f0e20fa69e C#: Add test case for missing log message sinks with ambiguous types 2023-11-21 10:09:05 +01:00
Rasmus Wriedt Larsen
71c017f053 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2023-11-21 10:07:42 +01:00
Geoffrey White
57a1becd22 Swift: Add missing QLDoc. 2023-11-21 08:55:52 +00:00
Erik Krogh Kristensen
7263d4d650 Merge pull request #14510 from aibaars/ts53-ts 
JS: update typescript extractor to use 5.3 .
 2023-11-21 09:10:43 +01:00
Kevin Stubbings
9958ad904c thesame 2023-11-20 23:40:55 -08:00
Kevin Stubbings
28288e0d23 basic2 2023-11-20 23:40:55 -08:00
Kevin Stubbings
3b78477406 Basics 2023-11-20 23:40:55 -08:00
Rasmus Lerchedahl Petersen
c8b87f71c5 Python: add change note 2023-11-20 21:44:16 +01:00
Rasmus Lerchedahl Petersen
421d4f3497 Python: filter more sinks in stdlib 
Rename variable to reflect larger scope

We had test results inside `os.py`, I suppose we have found a little extra flow.
 2023-11-20 21:35:52 +01:00
Rasmus Lerchedahl Petersen
11c71fdd18 Python: remove EssaNodes 
This commit removes SSA nodes from the data flow graph. Specifically, for a definition and use such as
```python
  x = expr
  y = x + 2
```
we used to have flow from `expr` to an SSA variable representing x and from that SSA variable to the use of `x` in the definition of `y`. Now we instead have flow from `expr` to the control flow node for `x` at line 1 and from there to the control flow node for `x` at line 2.

Specific changes:
- `EssaNode` from the data flow layer no longer exists.
- Several glue steps between `EssaNode`s and `CfgNode`s have been deleted.
- Entry nodes are now admitted as `CfgNodes` in the data flow layer (they were filtered out before).
- Entry nodes now have a new `toString` taking into account that the module name may be ambigous.
- Some tests have been rewritten to accomodate the changes, but only `python/ql/test/experimental/dataflow/basic/maximalFlowsConfig.qll` should have semantic changes.
- Comments have been updated
- Test output has been updated, but apart from `python/ql/test/experimental/dataflow/basic/maximalFlows.expected` only `python/ql/test/experimental/dataflow/typetracking-summaries/summaries.py` should have a semantic change. This is a bonus fix, probably meaning that something was never connected up correctly.
 2023-11-20 21:35:32 +01:00
erik-krogh
5611a3e417 use exact version 2023-11-20 20:48:51 +01:00
erik-krogh
10b3efa667 update to the stable version of TypeScript 5.3 2023-11-20 20:32:24 +01:00
erik-krogh
dde9a7cd7e Merge branch 'main' into ts53-ts 2023-11-20 20:31:00 +01:00
Geoffrey White
b4b78a1bce Swift: Minor corrections. 2023-11-20 19:29:35 +00:00
Geoffrey White
50120f65a3 Swift: Change note. 2023-11-20 18:43:48 +00:00
Geoffrey White
3cecf69818 Swift: Fix spurious results for 'login' functions. 2023-11-20 18:38:47 +00:00
Geoffrey White
aa93165d24 Swift: Add heuristic sinks. 2023-11-20 18:38:47 +00:00
Geoffrey White
d91c5c0486 Swift: Model NSException sinks. 2023-11-20 18:38:46 +00:00
Geoffrey White
7e02c05164 Swift: Address the sprintf case. 2023-11-20 18:38:46 +00:00
Geoffrey White
835967a33e Swift: Fix for autoclosure sinks. 2023-11-20 18:15:16 +00:00
Geoffrey White
795f16ba56 Swift: Model 'printf' variants as cleartext logging sinks. 2023-11-20 18:15:06 +00:00
Geoffrey White
06c2c423b3 Swift: Clean up the test logic slightly. 2023-11-20 18:12:15 +00:00
Geoffrey White
b348dc2a32 Swift: Extend cleartext logging tests (test cases). 2023-11-20 18:11:52 +00:00
Geoffrey White
2a69b03092 Swift: Extend cleartext logging tests (stubs). 2023-11-20 18:11:41 +00:00
Mathias Vorreiter Pedersen
75f860595a Merge pull request #14838 from MathiasVP/no-dtt-in-arithmetic-with-extreme-values 
C++: Convert `cpp/arithmetic-with-extreme-values` away from `DefaultTaintTracking`
 2023-11-20 16:39:58 +00:00
Rasmus Wriedt Larsen
c8301fc5f0 Merge pull request #14851 from RasmusWL/variable-caputre-list-comprehension 
Python: Add test for variable reference in list comprehension
 2023-11-20 17:10:34 +01:00
Ian Lynagh
95de7495d1 Kotlin: Fix build with 2.0.0-Beta1 2023-11-20 16:08:02 +00:00
Ian Lynagh
72bafd86df Kotlin: Tweak the regex we use to find the installed Kotlin version 2023-11-20 16:08:02 +00:00
Ian Lynagh
452b68c0ca Kotlin: Add 2.0.0-Beta1 to versions 2023-11-20 16:08:02 +00:00
Rasmus Wriedt Larsen
db1499d5b0 Python: Add test for variable reference in list comprehension 2023-11-20 16:41:34 +01:00
Max Schaefer
b5c92408f4 Merge pull request #14845 from github/max-schaefer/minor 
Automodel: Fix a few nits.
 2023-11-20 15:24:45 +00:00
Tom Hvitved
6ce8e0510f Ruby: Adopt shared type tracking library 2023-11-20 16:03:24 +01:00
Tom Hvitved
620e8dcb37 Merge pull request #14787 from hvitved/ruby/prune-dataflow-nodes 
Ruby: Prune irrelevant data flow nodes and edges
 2023-11-20 16:03:00 +01:00
Taus
5b4a8884b4 Merge pull request #14636 from github/tausbn/python-add-support-for-python-3.12-type-syntax 
Python: Add support for Python 3.12 type syntax
 2023-11-20 15:52:48 +01:00
Stephan Brandauer
737aab66f5 Java automodel: drop primitive parameters from endpoints 2023-11-20 15:09:05 +01:00
Mathias Vorreiter Pedersen
ab6260600e Merge pull request #14822 from MathiasVP/fix-global-variable-flow-for-arrays 
C++: Fix global-variable flow for array types
 2023-11-20 13:46:05 +00:00
Taus
10b72a0c39 Python: Fix scope of type parameters 
This takes care of scoping for type parameters on functions, but not
type aliases or classes.

For classes, the _type parameters_ now have the correct `Class` as scope,
but all their child nodes do not (e.g. the `Name` inside a `TypeParameter`).
This has to do with how the `py_scopes` relation is emitted by the extractor,
since `Name`s are expressions.
 2023-11-20 13:31:21 +00:00
Taus
36201105b9 Merge branch 'main' into tausbn/python-add-support-for-python-3.12-type-syntax 2023-11-20 13:27:54 +00:00
Stephan Brandauer
e34a9de008 Java Automodel: drop return values of primitive return type methods from consideration for extraction in framework mode 2023-11-20 14:11:14 +01:00
Rasmus Wriedt Larsen
9bdc2d1c02 Merge pull request #14847 from ctcampbell/main 
Update cryptography bill of materials queries
 2023-11-20 14:08:11 +01:00
Stephan Brandauer
212a515fa9 Java Automodel: drop return values void methods other than ctors from consideration for extraction in framework mode 2023-11-20 14:00:59 +01:00