hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-03 22:28:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,732 Branches 164 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ian Lynagh
d511d46cde Kotlin: Use packageFqName rather than fqName 
Upstream master says:
   error: using 'fqName: FqName' is an error. Please use `packageFqName` instead
 2023-08-31 19:28:05 +01:00
Alex Ford
ce35d6921f Ruby: configsig rb/hardcoded-data-interpreted-as-code 2023-08-31 16:20:18 +01:00
Mathias Vorreiter Pedersen
10548b57d7 Merge pull request #14103 from MathiasVP/non-certain-def-is-a-use 
C++: Non-certain definitions should always be uses
 2023-08-31 16:15:30 +01:00
Geoffrey White
0cb00c9091 Swift: Change note. 2023-08-31 15:50:54 +01:00
Geoffrey White
93c39c5fdd Swift: Add data flow through OpenExistentialExpr. 2023-08-31 15:50:32 +01:00
Geoffrey White
b8d29e8fc1 Swift: Add a more realistic test case as well. 2023-08-31 15:46:47 +01:00
Geoffrey White
aeeafd75bf Swift: Add a test for flow through OpenExistentialExpr. 2023-08-31 15:27:18 +01:00
amammad
193693565c add Inflater 2023-08-31 23:21:33 +10:00
Erik Krogh Kristensen
cd590d356d Merge pull request #14053 from erik-krogh/ts52 
JS: Add support for TypeScript 5.2
 2023-08-31 14:39:50 +02:00
Tamas Vajk
c1d8091891 C#: Exclude base type extraction of recursive generics 2023-08-31 14:15:38 +02:00
Tom Hvitved
89e9d25f02 Ruby: Hide desugared assignments from data flow path graph 2023-08-31 14:04:57 +02:00
erik-krogh
8dad4950a9 add sanitizer guard for url_has_allowed_host_and_scheme 2023-08-31 13:48:42 +02:00
Tom Hvitved
23857267db Merge pull request #14110 from hvitved/ruby/remove-emptiness-successor 
Ruby: Get rid of unused `EmptinessSuccessor`
 2023-08-31 13:41:25 +02:00
erik-krogh
d4bc6e434a add test with false positive 2023-08-31 13:40:47 +02:00
amammad
77dcd68a86 v2 2023-08-31 21:26:25 +10:00
Tamas Vajk
3476437bfe C#: Add test case with recursive generics 2023-08-31 13:21:46 +02:00
Tom Hvitved
50db6916c8 Ruby: Get rid of unused EmptinessSuccessor 2023-08-31 13:17:05 +02:00
Tom Hvitved
73370e7282 Merge pull request #14100 from hvitved/dataflow/consistency-pack 
Data flow: Add consistency checks to shared ql pack
 2023-08-31 11:47:40 +02:00
Tom Hvitved
756886808d Merge pull request #14098 from hvitved/csharp/cil-best-impl 
C#: Speedup `bestImplementation`
 2023-08-31 10:57:28 +02:00
Mathias Vorreiter Pedersen
f5509da4bb Merge pull request #14038 from alexet/delete-ir 
CPP: Add delete/delete[] calls to the IR.
 2023-08-31 09:22:34 +01:00
Asger F
2d5c40db31 Merge pull request #14048 from asgerf/shared/variable-capture-write-source-node 
Variable capture: allow arbitrary data-flow nodes to be the source of a write
 2023-08-31 10:20:48 +02:00
Tom Hvitved
c68d0bc936 Merge pull request #14099 from hvitved/csharp/transitive-capture-call-unique 
C#: Do not embed target callable in `TransitiveCapturedCall`
 2023-08-31 10:12:26 +02:00
Alex Denisov
c1da2dfa73 Swift: fix autobuild.sh 2023-08-31 09:40:13 +02:00
Michael Nebel
ded49015e0 Merge pull request #13970 from michaelnebel/csharp/usereferenceassemlblies 
C#: Compile against the reference assemblies in the standalone extractor (if possible)
 2023-08-31 09:00:30 +02:00
Erik Krogh Kristensen
cd289f8207 Merge pull request #14105 from github/dependabot/cargo/ql/chrono-0.4.28 
Bump chrono from 0.4.27 to 0.4.28 in /ql
 2023-08-31 08:16:42 +02:00
Alex Denisov
803adae9c6 Swift: rename autobuilder. NFC 2023-08-31 08:12:52 +02:00
dependabot[bot]
4770eb0328 Bump chrono from 0.4.27 to 0.4.28 in /ql 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.27 to 0.4.28.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.27...v0.4.28)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-31 03:44:01 +00:00
Mathias Vorreiter Pedersen
1159508e4f Merge pull request #14008 from MathiasVP/reuse-even-more-nodes 
C++: Reuse even more `DataFlow::Node`s
 2023-08-30 19:38:52 +01:00
Alex Eyers-Taylor
59a77666a6 CPP: Remove uneeded indirection around delete calls in the IR. 2023-08-30 16:31:51 +01:00
Michael Nebel
3afa4aa91e C#: Add change note. 2023-08-30 16:51:16 +02:00
Mathias Vorreiter Pedersen
261ba8e02d C++: Add QLDoc to 'isDereference'. 2023-08-30 14:34:30 +01:00
Tom Hvitved
253f932d2a Python: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
Tom Hvitved
9af706c2a5 Swift: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
Tom Hvitved
db304d118b C++: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
Tom Hvitved
fefe64bf0c Java: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
Tom Hvitved
5c8367a695 C#: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
Tom Hvitved
c4b626a416 Ruby: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
Tom Hvitved
de7c9bdd9b Data flow: Add consistency checks to shared ql pack 2023-08-30 15:29:41 +02:00
Michael Nebel
291d7b3e05 C#: Use reference assemblies instead of implementation assemblies. 2023-08-30 14:19:11 +02:00
Michael Nebel
a966c0e1eb C#: Do not include the mscorlib assembly and remove the option. 2023-08-30 14:19:11 +02:00
Tom Hvitved
ce229fe21f Merge pull request #14096 from hvitved/ruby/expected-test-fix 
Ruby: Update expected test output
 2023-08-30 13:50:49 +02:00
Tom Hvitved
29982fe30e C#: Do not embed target callable in TransitiveCapturedCall 2023-08-30 13:48:44 +02:00
Tom Hvitved
66f5e4a05b C#: Speedup bestImplementation 
Avoids an expensive anti-join:

```
[2023-08-29 15:25:48] Evaluated non-recursive predicate _FileSystem#df18ed9a::Make#File#1a556f64::Input#::Container::toString#0#dispred#bf_Method#621e9e2e::__#antijoin_rhs@96d08bc8 in 272332ms (size: 1841891).
Evaluated relational algebra for predicate _FileSystem#df18ed9a::Make#File#1a556f64::Input#::Container::toString#0#dispred#bf_Method#621e9e2e::__#antijoin_rhs@96d08bc8 with tuple counts:
         4632443     ~2%    {3} r1 = JOIN _cil_instruction_3#antijoin_rhs_cil_method_implementation#shared WITH cil_method_implementation ON FIRST 1 OUTPUT Rhs.1, Lhs.0, Lhs.1

        71945701     ~3%    {3} r2 = JOIN r1 WITH cil_method_implementation_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2
        71945701  ~1329%    {3} r3 = JOIN r2 WITH Method#621e9e2e::MethodImplementation::getNumberOfInstructions#0#dispred#ff ON FIRST 1 OUTPUT Lhs.1, Lhs.2, Rhs.1
         5016836     ~4%    {4} r4 = JOIN r3 WITH Method#621e9e2e::MethodImplementation::getNumberOfInstructions#0#dispred#ff ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Lhs.2, Rhs.1
                            {4} r5 = SELECT r4 ON In.3 < In.2
           65637     ~3%    {2} r6 = SCAN r5 OUTPUT In.0, In.1

        71945701     ~0%    {3} r7 = JOIN r1 WITH cil_method_implementation_10#join_rhs ON FIRST 1 OUTPUT Lhs.2, Lhs.1, Rhs.1
        71945701     ~1%    {4} r8 = JOIN r7 WITH assemblies ON FIRST 1 OUTPUT Lhs.2, Lhs.1, Lhs.0, Rhs.1
        71945701     ~0%    {5} r9 = JOIN r8 WITH cil_method_implementation ON FIRST 1 OUTPUT Rhs.2, Lhs.1, Lhs.2, Lhs.0, Lhs.3
        71945701     ~0%    {5} r10 = JOIN r9 WITH assemblies ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3, Lhs.4
        71945701     ~0%    {5} r11 = JOIN r10 WITH FileSystem#df18ed9a::Make#File#1a556f64::Input#::Container::toString#0#dispred#bf ON FIRST 1 OUTPUT Lhs.4, Lhs.1, Lhs.2, Lhs.3, Rhs.1
        71945701     ~2%    {5} r12 = JOIN r11 WITH FileSystem#df18ed9a::Make#File#1a556f64::Input#::Container::toString#0#dispred#bf ON FIRST 1 OUTPUT Lhs.1, Lhs.2, Lhs.3, Lhs.4, Rhs.1
                            {5} r13 = SELECT r12 ON In.4 > In.3
        33509342     ~0%    {3} r14 = SCAN r13 OUTPUT In.0, In.1, In.2
        33509342     ~0%    {4} r15 = JOIN r14 WITH Method#621e9e2e::MethodImplementation::getNumberOfInstructions#0#dispred#ff ON FIRST 1 OUTPUT Lhs.2, Rhs.1, Lhs.0, Lhs.1
        33051362  ~1670%    {2} r16 = JOIN r15 WITH Method#621e9e2e::MethodImplementation::getNumberOfInstructions#0#dispred#ff ON FIRST 2 OUTPUT Lhs.2, Lhs.3

        33116999  ~1646%    {2} r17 = r6 UNION r16
                            return r17
```
 2023-08-30 13:46:11 +02:00
Tom Hvitved
7e77c77d92 Ruby: Update expected test output 2023-08-30 13:33:48 +02:00
erik-krogh
984795ee46 fix off-by-one 2023-08-30 13:29:23 +02:00
Anders Starcke Henriksen
44a83a71a8 Merge pull request #13879 from github/starcke/automodel-pack 
Create separate automodel pack
 2023-08-30 13:24:25 +02:00
Rasmus Wriedt Larsen
62c2316124 Merge pull request #14084 from RasmusWL/flask-jsonify 
Python: Remove XSS FP from use of `flask.jsonify`
 2023-08-30 13:07:54 +02:00
Mathias Vorreiter Pedersen
4ca259b200 C++: Non-exact definitions should always be a use. 2023-08-30 11:50:57 +01:00
amammad
7a577ddd98 change Source to ConstantString, it seems that we have some duplicate results now, ConstantString is suggested as a better alternative for finding constant sources 2023-08-30 20:47:43 +10:00
Mathias Vorreiter Pedersen
6a21fa04cd Merge pull request #14034 from geoffw0/hostname 
Swift: New query: Incomplete regular expression for hostnames
 2023-08-30 11:33:36 +01:00