hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-13 19:16:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,708 Branches 162 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alvaro Muñoz
09f1fd1a81 Bump qlpack versions 2024-10-16 11:48:19 +02:00
Alvaro Muñoz
c5c3cd1726 Clean imports 2024-10-16 11:47:35 +02:00
Jeroen Ketema
1eb0b49634 C++: Improve parameter naming 2024-10-16 11:33:18 +02:00
Calum Grant
d88a674a15 C++: Change note for mayBeFromImplicitlyDeclaredFunction 2024-10-16 10:27:54 +01:00
Calum Grant
6a48ad0ee7 C++: Implement Expr::mayBeFromImplicitlyDeclaredFunction 2024-10-16 10:23:39 +01:00
Paolo Tranquilli
79c3728d1f Merge pull request #17719 from github/redsun82/bazel-lfs 
Bazel: skip git lfs endpoints presenting malformed data, and print workaround
 2024-10-16 10:57:30 +02:00
Calum Grant
853128c9c3 C++: Clean up false-positives 
C++: Change note
 2024-10-16 09:46:26 +01:00
Paolo Tranquilli
8f451515e0 Bazel: print workaround for git_lfs_probe.py failing 2024-10-16 10:16:38 +02:00
Paolo Tranquilli
fd31e6d813 Bazel: skip git lfs endpoints presenting malformed data 2024-10-16 10:01:19 +02:00
Alvaro Muñoz
b49cd3b916 Better handling of EnvVar Injection and Argument Injection 2024-10-16 08:48:32 +02:00
Kevin Stubbings
999fcca8f3 Add summary steps 2024-10-15 23:24:41 +00:00
Kevin Stubbings
374b13e1bb Remove path sanitizer 2024-10-15 14:34:11 -07:00
Kevin Stubbings
1287f1befc Address feedback 2024-10-15 14:01:14 -07:00
Taus
65dbc1de91 Python: Add copy.replace test to list of runnable tests 2024-10-15 18:17:00 +02:00
Taus
28f8874243 Merge pull request #17688 from github/tausbn/python-3.13-default-type-parser-support 
Python: Add support for type parameter defaults
 2024-10-15 18:01:51 +02:00
Taus
d4e0cb2ffa Merge pull request #17767 from github/tausbn/python-3.13-model-flow-in-replace 
Python: Model `copy.replace`
 2024-10-15 18:01:28 +02:00
yoff
9ed8fe5dd0 Update python/ql/test/library-tests/dataflow/coverage/functional.py 
Co-authored-by: Taus <tausbn@github.com>
 2024-10-15 17:35:36 +02:00
Geoffrey White
5b667026cb Rust: More fixup after some line numbers changed. 2024-10-15 16:17:03 +01:00
Jeroen Ketema
22b8e2cbb4 C++: Add missing parent scope cases 2024-10-15 17:16:58 +02:00
Calum Grant
fe85e007b3 C++: Add test for cpp/wrong-type-format-argument 2024-10-15 16:09:35 +01:00
Paolo Tranquilli
886c7f1f7a Merge pull request #17771 from github/redsun82/rust-codegen 
Rust: fix codegen to allow `--force` again
 2024-10-15 17:08:39 +02:00
Owen Mansel-Chan
5efb88ed1f Merge pull request #17737 from owen-mc/go/extractor/objecttypes-consistency-generics-2 
Go: extractor/objecttypes consistency generics (second try)
 2024-10-15 15:50:45 +01:00
Paolo Tranquilli
2c970a080d Rust: remove useless blank line 
Co-authored-by: Simon Friis Vindum <simonfv@gmail.com>
 2024-10-15 16:50:15 +02:00
Geoffrey White
feed0ebeca Rust: Autoformat. 2024-10-15 15:49:56 +01:00
Geoffrey White
f9eca42ded Merge pull request #17763 from geoffw0/cfgcount3 
Rust: Count number of CFG inconsistencies
 2024-10-15 15:43:39 +01:00
Geoffrey White
2a68d3e46e Rust: Put Yes, No back in the logical order. 2024-10-15 15:31:34 +01:00
Geoffrey White
84a74d910d Rust: Fixup after merging main. 2024-10-15 15:24:43 +01:00
Tom Hvitved
88f6d3b5ea Rust: Implement UnusedValue.ql 2024-10-15 15:05:39 +01:00
Ian Lynagh
196baa99b2 Merge pull request #17769 from igfoo/igfoo/2.1.0-beta2 
Kotlin: Fix for 2.1.0-Beta2
 2024-10-15 14:56:55 +01:00
Arthur Baars
bdec751527 Merge pull request #17768 from github/post-release-prep/codeql-cli-2.19.2 
Post-release preparation for codeql-cli-2.19.2
 2024-10-15 15:33:42 +02:00
Geoffrey White
f07f6188ae Rust: Make rust/summary/summary-statistics a metric query so that we can access data in the DCA job. 2024-10-15 14:19:46 +01:00
Geoffrey White
f4d4925239 Rust: Address QL-for-QL complaint. 2024-10-15 14:19:45 +01:00
Geoffrey White
2be5ce4f7a Rust: Change rust/summary/summary-statistics to a diagnostic query, so that it gets run as a diagnmetric query for DCA. 2024-10-15 14:19:44 +01:00
Geoffrey White
e8953fb5e4 Rust: Add diagnostic query for AST inconsistency counts. 2024-10-15 14:19:43 +01:00
Geoffrey White
e01ecd1b79 Rust: Calculate a total of AST inconsistencies. 2024-10-15 14:19:42 +01:00
Geoffrey White
2d019eb00e Rust: Add QLDoc to the AST consistency rules and make their output more consistent. 2024-10-15 14:19:40 +01:00
Geoffrey White
b5c88c7bfe Rust: Give the extraction consistency query metadata as well. 2024-10-15 14:19:39 +01:00
Geoffrey White
414fcf836e Rust: Move the AST consistency logic to a .qll. 2024-10-15 14:19:38 +01:00
Geoffrey White
79c5adfc9a Rust: Use correct versions of the consistency predicates. 2024-10-15 14:10:51 +01:00
Paolo Tranquilli
1d9767a163 Merge pull request #17770 from github/redsun82/rust-callable-base 
Rust: Add `Callable` as a base class of `Function` and `ClosureExpr`
 2024-10-15 15:00:59 +02:00
Paolo Tranquilli
8e31abaefe Rust: fix codegen to allow --force 
This passes command line arguments to codegen, allowing in particular
`--force` to be passed.

Also, a convenience `//rust/codegen:py` is added to only run the python
based code generation, which will be faster and enough when
`ast-generator` is unchanged.
 2024-10-15 14:37:30 +02:00
Jeroen Ketema
50ec2549c0 Merge pull request #17740 from jketema/requires 
C++: Add support for C++ requires expressions
 2024-10-15 14:32:28 +02:00
Paolo Tranquilli
bd08bc7923 Rust: address review 2024-10-15 14:21:11 +02:00
Ian Lynagh
b5bfd06624 Kotlin: Fix for 2.1.0-Beta2 
We need to catch a different exception now.
 2024-10-15 13:17:26 +01:00
github-actions[bot]
079ab77a38 Post-release preparation for codeql-cli-2.19.2 2024-10-15 12:16:59 +00:00
Taus
3b60d8302b Python: Add change note 2024-10-15 12:14:20 +00:00
Taus
778b96aa39 Python: Update test expectations 2024-10-15 12:14:19 +00:00
Taus
eaef783f4b Python: Add partial model for copy.replace 
Extends our modelling to partially cover the behaviour of
`copy.replace`. In particular, we model this in two ways:

Firstly, we extend the existing Models-as-Data row for `copy` and
`deepcopy` to also cover `replace`. This means that we treat the result
of `replace` as containing all of the fields of the original object.
This is somewhat _more_ than we want, as strictly speaking the fields
that are overwritten should _not_ propagate flow through the `replace`
call, but currently we don't have a good way of modelling this blocking
of flow.

Secondly, we add a flow summary that adds flow from named arguments of
the `replace` call to the corresponding fields on the base object. This
ensures that we at least have the new flow arising from the `replace`
call.

Note that the flow summary adds this flow for _all_ named arguments of
_all_ `replace` calls throughout the codebase. However, since any
particular `replace` call will only populate a subset of these (the
subset consisting of exactly those named arguments that are in that
particular call), this does not cause any unwanted crosstalk between
different `replace` calls.§
 2024-10-15 12:14:19 +00:00
Paolo Tranquilli
5b2eb88672 Merge pull request #17766 from github/aibaars/fix-cwe-link 
Fix CWE coverage link in main index
 2024-10-15 14:05:50 +02:00
Taus
6f2cfa0ba8 Python: Update CopySummary to use getMaDRepresentation 
Demonstrates the somewhat more ergonomic way to use
`getMaDRepresentation` when specifying summaries.

Note that this slightly extends the previous definition, in that
`DictionaryContentAny` is now _also_ propagated by a call to the
`.copy()` method, but I think this is correct.
 2024-10-15 11:52:37 +00:00