hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-10 17:44:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,739 Branches 164 Tags
codeql-cli/v2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
3bb89ea863 Rust: Move type inference/path resolution out of elements folder 2025-03-13 15:05:00 +01:00
Tom Hvitved
af91152f5c Address review comments 2025-03-13 15:04:59 +01:00
Simon Friis Vindum
1ae28c7907 Merge branch 'main' into rust-cleartext-transmission 2025-03-13 15:01:11 +01:00
Paolo Tranquilli
179021ea69 Upgrade rules_rust to 0.58.0 2025-03-13 14:47:34 +01:00
Michael Nebel
4681f28f92 Merge pull request #19005 from michaelnebel/csharp/local-not-disposed 
C#: Revisit `cs/local-not-disposed` tests.
 2025-03-13 14:04:48 +01:00
Owen Mansel-Chan
aed51644ba Convert to inline expectations test 2025-03-13 12:55:02 +00:00
Napalys
0df2069575 Added change note. 2025-03-13 13:47:46 +01:00
Napalys
de5c7efd63 Added test case for unescape. 2025-03-13 13:47:42 +01:00
Michael Nebel
dff66c7b28 C#: Add change-note. 2025-03-13 13:42:58 +01:00
Michael Nebel
36a524929f C#: Update tests and test expected output. 2025-03-13 13:38:13 +01:00
Tom Hvitved
78280af570 Rust: Use 'infer' instead of 'resolve' in type inference library 2025-03-13 13:34:43 +01:00
Michael Nebel
4b02198652 C#: Only consider calling GetHashCode on byte, sbyte, short, ushort and int as useless. 2025-03-13 13:32:22 +01:00
Michael Nebel
a6ec8b6a25 C#: Convert tests cs/useless-gethashcode-call to inline tests. 2025-03-13 13:31:20 +01:00
Tom Hvitved
2394f2fab8 Rust: Fix bug in path resolution library 2025-03-13 13:23:18 +01:00
Tom Hvitved
795ba25895 Rust: Add more consistency checks 2025-03-13 13:23:16 +01:00
Tom Hvitved
fcdffc4e73 Rust: Use type inference in path resolution test 2025-03-13 13:23:14 +01:00
Tom Hvitved
e8505ad33d Rust: Use type inference to resolve method calls and field accesses 2025-03-13 13:23:13 +01:00
Tom Hvitved
62d4e6fe3f Rust: Implement basic type inference in QL 2025-03-13 13:23:11 +01:00
Tom Hvitved
3a58611271 Shared: Add shared type inference library 2025-03-13 13:23:09 +01:00
Taus
f3353dc3fb Python: Ignore special methods with placeholder bodies 
Instances of this include
- Bodies that contain just a docstring (common in Zope interfaces)
- Bodies that do nothing but raise an exception.
 2025-03-13 12:18:43 +00:00
Taus
862b89207d Python: Disable "usused default" logic 
Adds a new boolean parameter `is_unused_default` that indicates whether
the given result is one where a parameter to a special method has a
default value (which will never be used when invoked in the normal way).
These results are somewhat less useful (because the special method
_might_ be invoked directly, in which case the default value would still
be relevant), but it seemed like a shame to simply remove the code, so
instead I opted to disable it in this way.
 2025-03-13 12:18:43 +00:00
Taus
24b2eb24c1 Python: Refactor special method query 
Moves a bunch of `owner.declaredAttribute(name) = f` instances to the
top level, in the process greatly cleaning up the code. The behaviour
should be the unchanged.

Having done this, there's only one place where we depend on points-to,
and that's in the remaining `declaredAttribute` call. This should
greatly simplify the move away from points to.
 2025-03-13 12:18:43 +00:00
Taus
f30ebf1571 Merge pull request #18871 from github/tausbn/python-modernise-special-method-signature-query 
Python: Move min/maxParameter methods to `Function` class
 2025-03-13 13:03:21 +01:00
Asger F
08ee51cbc4 JS: Move some promise-related store steps into PromiseFlow::storeStep 
API graphs calls PromiseFlow::storeStep to propagate promises, which means it missed a store steps added elsewhere in the old promise library model.

We want API graphs to rely on type-tracking steps in general, like in Ruby, but for now just fixing the bug.
 2025-03-13 12:53:04 +01:00
Tom Hvitved
1636abb81b Merge pull request #18985 from hvitved/rust/immediate-child 
Rust/Swift: Add `get(Immediate)Child` predicate
 2025-03-13 12:50:53 +01:00
Napalys
5dff23de6b Added change note. 2025-03-13 12:45:27 +01:00
Napalys
3640e5e425 Added model for tanstack-react useQueries 2025-03-13 12:45:26 +01:00
Napalys
03330ef24d Added test cases for tanstack-react useQueries. 2025-03-13 12:45:25 +01:00
Napalys
6c9aa0e872 Added modeling of tanstack-vue useQueries. 2025-03-13 12:45:23 +01:00
Napalys
4917d64ce7 Added test cases for tanstack-vue useQueries. 2025-03-13 12:45:05 +01:00
Napalys
0c0158899e Added tanstack-vue useQuery modeling 2025-03-13 12:25:07 +01:00
Napalys
7712ca368a Added useQuery tanstack-vue test case 2025-03-13 12:25:05 +01:00
Asger F
89410d07b3 JS: Add failing test 2025-03-13 11:59:23 +01:00
Geoffrey White
1aa223652f Merge pull request #18977 from geoffw0/sourcesinkdoc 
Rust: Source and sink doc / tidy up
 2025-03-13 10:53:44 +00:00
Simon Friis Vindum
3c644144b1 Rust: Extract data flow node and content into separate files 2025-03-13 11:22:04 +01:00
Michael Nebel
b1edd9294b C#: Add some more test cases to cs/local-not-disposed. 2025-03-13 11:19:37 +01:00
Tom Hvitved
dd21dab055 Swift: Add get(Immediate)Child predicate 2025-03-13 11:13:04 +01:00
Tom Hvitved
8777bc42c7 Rust: Add get(Immediate)Child predicate 2025-03-13 11:13:01 +01:00
Michael Nebel
209b9c6114 C#: Re-factor to use inline expectation tests instead. 2025-03-13 11:11:23 +01:00
Michael Nebel
40375a0387 C#: Use stubs for the cs/local-not-disposed tests. 2025-03-13 10:47:45 +01:00
Michael Nebel
5eb9a535a4 C#: Remove disposal test for library code as we are no longer doing CIL extraction or data flow. 2025-03-13 10:45:00 +01:00
Michael Nebel
72c7024c8b Merge pull request #18999 from michaelnebel/csharp/ccr-constant-condition 
C#: Add cs/constant-condition to the CCR suite.
 2025-03-13 10:02:00 +01:00
Arthur Baars
fa79dbc89a Merge pull request #18228 from github/aibaars/crate-graph 
Rust: extract crate graph
 2025-03-13 10:00:48 +01:00
Simon Friis Vindum
4de69c70a8 Rust: Add cleartext transmission query 2025-03-13 08:45:36 +01:00
Andrew Eisenberg
e05b172c88 Merge pull request #19002 from github/aeisenberg/actions-security-and-quality 
Update actions query suites
 2025-03-12 13:43:49 -07:00
yoff
10a9b78bc5 Merge pull request #18738 from github/tausbn/python-fix-match-pruning-logic 
Python: Don't prune any `MatchLiteralPattern`s
 2025-03-12 20:01:26 +01:00
Andrew Eisenberg
02051ff7b1 Update the security experimental suite 2025-03-12 11:46:03 -07:00
Andrew Eisenberg
cd63e7cf54 Fix the actions-security-and-quality.qls suite 
It was not using the proper selectors. It is now the same as
other quality suites in other languages.
 2025-03-12 11:43:59 -07:00
Mathias Vorreiter Pedersen
aeb1acba97 C++: Use the new API in queries. 2025-03-12 17:09:05 +00:00
Mathias Vorreiter Pedersen
66e8b2d7e5 C++: Add an 'asDefinition' overload to check if a definition is certain or not. 2025-03-12 17:07:07 +00:00