hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-03 22:28:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,732 Branches 164 Tags
codeql-cli/v2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Taus
95a84ad655 Python: Fix false positive for unmatchable dollar/caret 
Our previous modelling did not account for the fact that a lookahead can
potentially extend all the way to the end of the input (and similarly,
that a lookbehind can extend all the way to the beginning).

To fix this, I extended `firstPart` and `lastPart` to handle lookbehinds
and lookaheads correctly, and added some test cases (all of which yield
no new results).

Fixes #20429.
 2025-09-19 15:06:46 +00:00
Joe Farebrother
a9a258e743 Add changenote 2025-09-19 15:11:02 +01:00
Joe Farebrother
2e95c2b3c2 Split test cases for insecure cookie queries 2025-09-19 14:41:02 +01:00
Alexander Eyers-Taylor
c1c0828082 Merge pull request #20378 from github/alexet/java-regex-local 
Jave: Use force local to make parsing local after global regex finding.
 2025-09-19 13:48:43 +01:00
Alexander Eyers-Taylor
27e2c4d580 Merge pull request #20459 from github/alexet/caller_tc 
Java: Make a TC overlay caller.
 2025-09-19 13:48:34 +01:00
Napalys Klicius
3a6a537986 JS: Add change note 2025-09-19 14:47:58 +02:00
Napalys Klicius
6cfc950159 JS: Model GraphQLObjectType resolve params as sources 2025-09-19 14:39:36 +02:00
Simon Friis Vindum
afb6d30762 Rust: Fix typo in superseded 2025-09-19 14:27:14 +02:00
Simon Friis Vindum
72103adacc Rust: Fix spurious path resolution 
The annotated impl block was filtered away, but it's children where not. This caused the associated type `Foo` to appear as if it was an item in the scope outside of the impl block.
 2025-09-19 14:25:11 +02:00
Simon Friis Vindum
60ceb89f01 Rust: Add debug predicate for ItemNode 2025-09-19 14:23:44 +02:00
Napalys Klicius
d88bc8e408 JS: Add test case for GraphQLObjectType 2025-09-19 14:23:40 +02:00
Simon Friis Vindum
a9d7662bb7 Rust: Add path resolution test with attribute on impl block 2025-09-19 14:23:39 +02:00
Simon Friis Vindum
2c84b49ced Rust: Update test expecations 2025-09-19 14:22:10 +02:00
Simon Friis Vindum
32365fd673 Rust: Account for attribute expansions in path resolution 2025-09-19 14:22:00 +02:00
Simon Friis Vindum
c7a9cc5a42 Rust: Use annotations also for items in macro expansions 2025-09-19 14:19:27 +02:00
Joe Farebrother
04316d306f Update qhelp 2025-09-19 12:42:30 +01:00
Tom Hvitved
5d3b5424ba Merge pull request #20453 from hvitved/rust/path-resolution-use-reexport 
Rust: Path resolution improvements
 2025-09-19 13:34:56 +02:00
Philip Ginsbach
b85ab3c0ab Merge pull request #20490 from github/ginsbach/AdditionalAndExtensible 
documentation: add some missing mentions of `additional` and `extensible`
 2025-09-19 11:54:45 +01:00
Philip Ginsbach
b27d374578 mention 'additional' and 'extensible' annotations 2025-09-19 10:57:03 +01:00
Philip Ginsbach
a6c1ffc45d sort the annotations alphabetically 2025-09-19 10:56:57 +01:00
Tom Hvitved
f6bdfba3b3 Rust: Path resolution improvements 2025-09-19 09:43:22 +02:00
Tom Hvitved
c831a8c2d9 Rust: Add more path resolution tests 2025-09-19 09:36:54 +02:00
Joe Farebrother
7eabed6594 Split insecure cookies queries into 3 queries 2025-09-18 13:34:10 +01:00
Mathias Vorreiter Pedersen
c481be8ea7 C++: Accept test changes for tests that select all types of an expression. 2025-09-18 12:16:28 +01:00
Mathias Vorreiter Pedersen
a4dbee3b13 C++: Add change note. 2025-09-18 12:16:26 +01:00
Mathias Vorreiter Pedersen
e22d6656fe C++: Fix barrier guards. 2025-09-18 12:16:25 +01:00
Mathias Vorreiter Pedersen
d8f34dba17 C++: Do not use the deprecated predicate in queries. 2025-09-18 12:16:23 +01:00
Mathias Vorreiter Pedersen
5e82eb9b24 C++: Fixup queries which assumes that a guard is always an expression. 2025-09-18 12:16:21 +01:00
Mathias Vorreiter Pedersen
fbd877a118 C++: Delete a test. This is no longer useful when every expression is a guard condition. 2025-09-18 12:16:20 +01:00
Mathias Vorreiter Pedersen
2dc783d91f C++: Accept test changes. 2025-09-18 12:16:16 +01:00
Mathias Vorreiter Pedersen
0b81fbbb2b C++: Fixup tests. 2025-09-18 12:16:11 +01:00
Mathias Vorreiter Pedersen
9ed8b75c5d C++: Add a few helper predicates on 'Definition' which the guards library needs. 2025-09-18 11:05:55 +01:00
Mathias Vorreiter Pedersen
ac5233d19c C++: Lots of renamings. 2025-09-18 11:05:54 +01:00
Mathias Vorreiter Pedersen
840097f121 C++: Instantiate the shared guards library. 2025-09-18 11:05:52 +01:00
Mathias Vorreiter Pedersen
3a8f77d6f4 C++: Qualified import of cpp. 2025-09-18 11:05:50 +01:00
Mathias Vorreiter Pedersen
2b0b8402ce C++: Delete a bunch of predicates. Also set up things so that they work after instantiating the shared guards library. 2025-09-18 11:05:49 +01:00
Mathias Vorreiter Pedersen
f0f4311b65 C++: Sync identical files. 2025-09-18 11:05:47 +01:00
Mathias Vorreiter Pedersen
70a8364a38 C++: Add another convenience predicate on 'BinaryInstruction'. 2025-09-18 11:05:45 +01:00
Mathias Vorreiter Pedersen
19b8e0db9c C++: Add a few subclasses to 'EdgeKind'. 2025-09-18 11:05:43 +01:00
Mathias Vorreiter Pedersen
be8195ab7d C++: Do not rely on dataflow nodes when implement 'getAUse' and 'getAnIndirectUse'. This will solve a non-monotonic recursion issue later. 2025-09-18 11:05:39 +01:00
Mathias Vorreiter Pedersen
f47dd2bbc6 C++: Add a 'hasInputFromBlock' predicate. 2025-09-18 11:05:38 +01:00
Kasper Svendsen
dbb9a26f78 Overlay: Future-proof Java XML discarding 2025-09-18 11:37:38 +02:00
Mathias Vorreiter Pedersen
f55ace8311 C++: Make the return type a bit more precise. 2025-09-18 10:10:07 +01:00
Kasper Svendsen
3cd737e40d Overlay: Future-proof Java config discarding 2025-09-18 10:57:22 +02:00
Joe Farebrother
2cd1d2fd2f Merge pull request #20392 from joefarebrother/python-qual-file-not-closed 
Python: Improve File Not Closed query to reduce false positives and provide clearer alerts
 2025-09-18 09:33:08 +01:00
Anders Schack-Mulligen
8f859647c4 Merge pull request #20457 from aschackmull/shared/cfg-fix-joinblock-pred 
Shared/Cfg: Fix missing JoinBlockPredecessor.
 2025-09-18 09:28:24 +02:00
Tom Hvitved
51a33c279d Merge pull request #20460 from hvitved/rust/source-inline-flow-path-problem 2025-09-18 09:27:06 +02:00
Anders Schack-Mulligen
d93b2edc0d Ruby: Accept test changes. 2025-09-18 08:13:43 +02:00
Tom Hvitved
aba2cb487e Rust: Convert data flow test to @kind path-problem 2025-09-17 20:52:17 +02:00
Chad Bentz
141b470002 Merge branch 'main' into ruby-framework-grape 2025-09-17 12:12:13 -04:00