codeql

mirror of https://github.com/github/codeql.git synced 2026-02-05 09:41:10 +01:00

Author	SHA1	Message	Date
Geoffrey White	8a1b49f816	C++: Recognize password struct fields.	2022-01-28 19:10:46 +00:00
Arthur Baars	abf3ce6223	Ruby: expressions in pin operator ^	2022-01-28 19:47:31 +01:00
Arthur Baars	00fb4d3776	Ruby: Values in Hash literals and keyword arguments can be omitted	2022-01-28 19:47:31 +01:00
Arthur Baars	3e2ca61c01	Ruby: support anonymous block parameters/arguments	2022-01-28 19:47:31 +01:00
Arthur Baars	b9258e78ca	Ruby: non-local variables in variable reference pattern	2022-01-28 19:47:31 +01:00
Arthur Baars	966b8be5f9	Ruby: add downgrade scripts	2022-01-28 19:47:31 +01:00
Arthur Baars	e5eb01ca45	Ruby: add upgrade scripts	2022-01-28 19:47:31 +01:00
Arthur Baars	c85012460a	Ruby: update dbscheme stats	2022-01-28 19:47:31 +01:00
Arthur Baars	c6a36a50c2	Ruby: regenerate dbscheme and library	2022-01-28 19:47:31 +01:00
Arthur Baars	bfbc9fe144	Ruby: update tree-sitter-ruby	2022-01-28 19:47:25 +01:00
Alex Ford	57e958c372	Ruby: missing QLDoc	2022-01-28 17:38:55 +00:00
Alex Ford	269722fa86	Ruby: rb/clear-text-logging-sensitive-data changenote	2022-01-28 17:27:05 +00:00
Alex Ford	7fec2d270b	Ruby: QL format	2022-01-28 17:24:56 +00:00
Alex Ford	186623f878	Ruby: Add CleartextLogging.qhelp	2022-01-28 17:24:56 +00:00
Alex Ford	7ed447842f	Ruby: cleartext logging test output	2022-01-28 17:24:56 +00:00
Alex Ford	4fc9128350	Ruby: cleartext logging - remove an unnecessary abstract class	2022-01-28 17:24:56 +00:00
Alex Ford	91ccd307e8	Ruby: Implement rb/clear-text-logging-sensitive-data	2022-01-28 17:24:56 +00:00
Mathias Vorreiter Pedersen	0f239e315c	Merge pull request #7782 from geoffw0/clrtxt7 C++: Fix FPs for cpp/cleartext-storage-file	2022-01-28 17:24:05 +00:00
Geoffrey White	0396a84c3c	C++: Remove empty predicate / extends.	2022-01-28 17:11:38 +00:00
Alex Ford	cfb2d7ffaf	Ruby: add shared SensitiveDataHeuristics.qll	2022-01-28 16:38:58 +00:00
Geoffrey White	af09dd8af1	C++: Fixes to gets models.	2022-01-28 16:04:23 +00:00
Geoffrey White	036e1495b8	Merge branch 'main' into getslocal	2022-01-28 15:58:13 +00:00
Ian Wright	aceeb7324c	restrict AST nodes according to string length	2022-01-28 15:06:10 +00:00
Rasmus Lerchedahl Petersen	68d18ead34	python: add change note	2022-01-28 14:00:07 +01:00
Geoffrey White	a695f02af4	C++: Add change note.	2022-01-28 12:38:27 +00:00
Tom Hvitved	82cceb0a29	C#: Mark event accessors without bodies as compiler generated	2022-01-28 13:11:34 +01:00
Tom Hvitved	682163962a	Data flow: Sync files	2022-01-28 13:01:24 +01:00
Tom Hvitved	4bf07825a1	Data flow: Reduce non-linear recursion in `SummaryComponentStack::bottom` Before: ``` [2022-01-28 09:45:34] (449s) Tuple counts for FlowSummaryImpl::Public::SummaryComponentStack::bottom_dispred#ff/2@i23#25a5eew4 after 432ms: 0 ~0% {2} r1 = SCAN FlowSummaryImpl::Public::SummaryComponentStack::length#ff#prev_delta OUTPUT In.0 'this', (In.1 - 1) 0 ~0% {2} r2 = JOIN r1 WITH FlowSummaryImpl::Public::SummaryComponentStack::drop#fff#prev ON FIRST 2 OUTPUT Rhs.2, Lhs.0 'this' 0 ~0% {2} r3 = JOIN r2 WITH FlowSummaryImpl::Public::SummaryComponentStack::head_dispred#ff#prev ON FIRST 1 OUTPUT Lhs.1 'this', Rhs.1 'result' 4171589 ~5% {2} r4 = SCAN FlowSummaryImpl::Public::SummaryComponentStack::length#ff#prev OUTPUT In.0 'this', (In.1 - 1) 4171589 ~0% {2} r5 = JOIN r4 WITH FlowSummaryImpl::Public::SummaryComponentStack::drop#fff#prev ON FIRST 2 OUTPUT Rhs.2, Lhs.0 'this' 0 ~0% {2} r6 = JOIN r5 WITH FlowSummaryImpl::Public::SummaryComponentStack::head_dispred#ff#prev_delta ON FIRST 1 OUTPUT Lhs.1 'this', Rhs.1 'result' 62238 ~0% {3} r7 = SCAN FlowSummaryImpl::Public::SummaryComponentStack::drop#fff#prev_delta OUTPUT In.2, In.0 'this', In.1 62238 ~8% {3} r8 = JOIN r7 WITH FlowSummaryImpl::Public::SummaryComponentStack::head_dispred#ff#prev ON FIRST 1 OUTPUT Lhs.1 'this', Lhs.2, Rhs.1 'result' 62238 ~5% {5} r9 = JOIN r8 WITH FlowSummaryImpl::Public::SummaryComponentStack::length#ff#prev ON FIRST 1 OUTPUT Lhs.0 'this', Lhs.1, Lhs.2 'result', Rhs.1, (Rhs.1 - 1) 10373 ~6% {5} r10 = SELECT r9 ON In.4 = In.1 10373 ~0% {2} r11 = SCAN r10 OUTPUT In.0 'this', In.2 'result' 10373 ~0% {2} r12 = r6 UNION r11 10373 ~0% {2} r13 = r3 UNION r12 10373 ~0% {2} r14 = r13 AND NOT FlowSummaryImpl::Public::SummaryComponentStack::bottom_dispred#ff#prev(Lhs.0 'this', Lhs.1 'result') return r14 ``` After: ``` [2022-01-28 09:52:48] (6s) Tuple counts for FlowSummaryImpl::Public::SummaryComponentStack::bottom#ff/2@i21#6243afwv after 5ms: 0 ~0% {2} r1 = JOIN FlowSummaryImpl::Public::SummaryComponentStack::bottom#ff#prev_delta WITH FlowSummaryImpl::Private::TConsSummaryComponentStack#fff#reorder_1_0_2#prev ON FIRST 1 OUTPUT Lhs.1 'result', Rhs.2 'this' 10373 ~3% {2} r2 = SCAN FlowSummaryImpl::Private::TConsSummaryComponentStack#fff#prev_delta OUTPUT In.1, In.2 'this' 10373 ~2% {2} r3 = JOIN r2 WITH FlowSummaryImpl::Public::SummaryComponentStack::bottom#ff#prev ON FIRST 1 OUTPUT Rhs.1 'result', Lhs.1 'this' 10373 ~2% {2} r4 = r1 UNION r3 10373 ~2% {2} r5 = r4 AND NOT FlowSummaryImpl::Public::SummaryComponentStack::bottom#ff#prev(Lhs.1 'this', Lhs.0 'result') 10373 ~0% {2} r6 = SCAN r5 OUTPUT In.1 'this', In.0 'result' return r6 ```	2022-01-28 13:00:04 +01:00
Geoffrey White	b73dc98191	C++: Exclude write to stdout etc.	2022-01-28 11:57:31 +00:00
Tom Hvitved	864b61a804	Merge pull request #7766 from hvitved/csharp/extractor/type-param-constraints C#: Make `TypeParameterConstraints` a `CachedEntity`	2022-01-28 12:39:31 +01:00
Tom Hvitved	28702dff82	Merge pull request #7779 from hvitved/csharp/initial-downgrade-scheme C#: Add initial downgrade DB scheme for use in tests	2022-01-28 12:38:07 +01:00
Nick Rolfe	8248a942ce	Ruby: enable taint checking for array-flow test	2022-01-28 11:33:59 +00:00
Nick Rolfe	c0e1384f4a	Ruby: move Array/Enumerable flow summaries to their own file	2022-01-28 11:33:59 +00:00
Nick Rolfe	6c0eb8beee	Ruby: update array flow summaries to use getConstantValue()	2022-01-28 11:33:59 +00:00
Nick Rolfe	693ff6a904	Ruby: add flow summaries for remaining Array methods	2022-01-28 11:33:59 +00:00
Nick Rolfe	030cfa36da	Ruby: add flow summaries for all remaining Enumerable methods	2022-01-28 11:33:59 +00:00
Erik Krogh Kristensen	7b925604df	update expected output	2022-01-28 12:21:33 +01:00
Nick Rolfe	588e60e230	Merge pull request #7775 from github/nickrolfe/graph_test_ordering Ruby/C#: more stable graph test ordering	2022-01-28 11:16:02 +00:00
Erik Krogh Kristensen	7aa59ca233	Merge pull request #7633 from erik-krogh/CWE-300 JS: add js/http-dependency query	2022-01-28 12:10:14 +01:00
Taus	47a57e0c0a	Merge pull request #7635 from github/python/support-match Python/support match	2022-01-28 11:55:46 +01:00
yoff	74d57bbb1a	Update python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll Co-authored-by: Taus <tausbn@github.com>	2022-01-28 11:38:29 +01:00
Arthur Baars	cada7ef1a4	Ruby: add downgrade scripts to prepare-db-upgrade.sh	2022-01-28 11:07:56 +01:00
Rasmus Lerchedahl Petersen	ab43f041c3	python: rename files	2022-01-28 11:00:17 +01:00
Erik Krogh Kristensen	b5198bdaca	apply suggestions from doc review Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>	2022-01-28 10:46:27 +01:00
Erik Krogh Kristensen	bf9bcc9600	add a js/file-system-race query	2022-01-28 09:41:12 +01:00
Erik Krogh Kristensen	179c26da9a	apply suggestions from review	2022-01-28 09:37:46 +01:00
Tony Torralba	f3e034b2be	Merge pull request #7764 from github/workflow/coverage/update Update CSV framework coverage reports	2022-01-28 09:35:54 +01:00
Harry Maclean	0428b8ee20	Split Ruby CI into multiple parallel jobs Run format, compile and db upgrade checks in parallel, along with the main tests, which run in two parallel halves.	2022-01-28 21:23:34 +13:00
Rasmus Lerchedahl Petersen	4c3c4deb34	python: Move over query and tests	2022-01-28 09:19:11 +01:00
Esben Sparre Andreasen	ee52774e90	Merge pull request #7760 from erik-krogh/CWE-184 JS: add CWE-184 to incomplete-scheme-check and bad-tag-filter	2022-01-28 09:18:41 +01:00

... 32 33 34 35 36 ...

33884 Commits