hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-07 10:41:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,755 Commits 1,691 Branches 160 Tags
codeql-cli/v2.9.0
Commit Graph

34755 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
44c1e3f28d C#: Re-arrange framework imports. 2021-12-20 15:33:25 +01:00
Michael Nebel
aedfc428c2 C#: Convert at least the flow summaries for System.Collections[.Generic].IDictionary and subclasses. 2021-12-20 15:33:25 +01:00
Michael Nebel
b78ec4c693 C#: Add flow summary for System.Collections.IEnumerable in CSV format. 2021-12-20 15:33:25 +01:00
Michael Nebel
20637555b5 C#: Manual cleanup of previously added IEnumerable<>.GetEnumrator flow summaries. 2021-12-20 15:33:25 +01:00
Michael Nebel
ac5b2bfa41 C#: Add flow summary for IEnumerable<T>.GetEnumerator() and update tests. 2021-12-20 15:33:25 +01:00
Michael Nebel
f93c63aa60 C#: Convert flow summaries for extension methods for subtypes of System.Collection.IEnumerable to CSV format. 2021-12-20 15:33:25 +01:00
Michael Nebel
ec4d43fed2 C#: Add missing dataflow comment in CompilerServices. 2021-12-20 15:33:25 +01:00
Erik Krogh Kristensen
2f559696e4 QL: add "modelling/modeling" to ql/non-us-spelling 2021-12-20 15:30:46 +01:00
Tom Hvitved
aa9444b16c Address review comment 2021-12-20 15:24:14 +01:00
Nick Rolfe
f18492e39b Merge pull request #7443 from github/nickrolfe/behavior 
QL4QL: catch behaviour/behavior in ql/non-us-spelling
 2021-12-20 13:23:53 +00:00
Mathias Vorreiter Pedersen
bbb936154a C++: Increase the precision of 'cpp/uncontrolled-arithmetic' to high. 2021-12-20 14:03:13 +01:00
Mathias Vorreiter Pedersen
95fa93b274 C++: Only recognize signed integers as sinks in 'cpp/uncontrolled-arithmetic' in the case of overflow. 2021-12-20 14:02:44 +01:00
Erik Krogh Kristensen
9ffdfb263f Merge pull request #7441 from erik-krogh/ql-for-ql-next 
QL-for-QL: Followup changes
 2021-12-20 10:58:13 +01:00
Alex Ford
313e0c63fd Merge pull request #7399 from github/ruby/stdlib-logger 
Ruby: Model what is written to the log from stdlib `Logger` methods
 2021-12-20 09:52:29 +00:00
Erik Krogh Kristensen
8b53cca3e8 QL: use environment instead of dynamic shell script construction 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-12-20 09:56:10 +01:00
haby0
fed1d88268 Add shutil module path injection sinks 2021-12-20 16:09:06 +08:00
Tom Hvitved
ed006d7283 Merge pull request #7231 from hvitved/csharp/dataflow/consistency-queries 
C#: Enable data-flow consistency queries
 2021-12-20 08:46:19 +01:00
jorgectf
1f1b7a54f8 Update .expected 2021-12-19 18:58:43 +01:00
jorgectf
b6bdcd0eb8 Delete redundant exists() 2021-12-19 18:57:22 +01:00
jorgectf
98c8503ebd Fix test mismatch 2021-12-19 18:35:53 +01:00
jorgectf
f82ed8573e Model python_jwt.process_jwt 2021-12-19 18:32:14 +01:00
Erik Krogh Kristensen
af47cba09a QL: fix the remaining code-scanning errors for QL-for-QL 2021-12-17 21:34:13 +01:00
Andrew Eisenberg
7a38618e24 Solorigate: Post-release version bump 2021-12-17 12:30:09 -08:00
Erik Krogh Kristensen
30f8894854 QL: run the redundat inline cast patch 2021-12-17 20:50:15 +01:00
Erik Krogh Kristensen
571995c929 QL: run the implicit this patch 2021-12-17 20:49:32 +01:00
Erik Krogh Kristensen
31c8e4ed2a QL: Fix the autobuilder (temporary bad fix) 2021-12-17 20:23:02 +01:00
Erik Krogh Kristensen
7a9e41c97d QL: split out analysis of each CodeQL language 2021-12-17 20:22:59 +01:00
Erik Krogh Kristensen
f44f33788f QL: cache the compiled extractor 2021-12-17 20:22:55 +01:00
Erik Krogh Kristensen
380d238c31 QL: run the QL-for-QL tests when a nested folder is changed 2021-12-17 20:22:30 +01:00
Erik Krogh Kristensen
8fbd056b4e QL: add the QL-for-QL label automatically 2021-12-17 20:22:27 +01:00
Erik Krogh Kristensen
d612687ae7 QL: don't require change notes for QL-for-QL 2021-12-17 20:22:23 +01:00
Erik Krogh Kristensen
f7f9b4d3f4 QL: use erik-krogh/ql codeql-action 2021-12-17 20:22:20 +01:00
Erik Krogh Kristensen
ea1ee68fe1 QL: fix join order of ql/override-swapped-name 2021-12-17 20:22:20 +01:00
Erik Krogh Kristensen
5717a216d3 QL: fix bad join 2021-12-17 20:22:20 +01:00
Erik Krogh Kristensen
4d12d8dd5e QL: update the stats file 2021-12-17 20:22:20 +01:00
Henry Mercer
144ec8c629 JS: Update featurization for absent features optimization 
Absent features are now represented implicitly by the absence of a row
in the `tokenFeatures` relation, rather than explicitly by an empty
string. This leads to improved runtime performance. To enable this
implicit representation, we pass the set of supported token features to
the `scoreEndpoints` HOP. Requires CodeQL CLI v2.7.4.
 2021-12-17 18:04:42 +00:00
Henry Mercer
bebf4ca8fc Merge pull request #7357 from github/henrymercer/js-atm-only-featurize-with-flow 
JS: Only featurize endpoints that are part of a flow path
 2021-12-17 18:03:40 +00:00
Henry Mercer
d058d36b1f Merge pull request #7445 from github/henrymercer/bump-atm-pack-version 
Bump ATM pack version to 0.0.2
 2021-12-17 17:54:50 +00:00
Henry Mercer
055432530f Bump ATM pack version to 0.0.2 2021-12-17 16:49:59 +00:00
Henry Mercer
c1864531cd JS: Push FeaturizationConfig context into more predicates 2021-12-17 16:31:56 +00:00
Henry Mercer
383437c571 JS: Only featurize endpoints that are part of a flow path 2021-12-17 16:31:56 +00:00
Nick Rolfe
dd12eab29b Merge pull request #7444 from github/nickrolfe/ql-autobuilder 
QL for QL: add autobuilder that respects LGTM_INDEX_FILTERS
 2021-12-17 16:22:42 +00:00
Anders Schack-Mulligen
c03f189dec Merge pull request #7434 from MathiasVP/fix-join-order-in-phi-node 
C++: Fix join-order in `phi_node` predicate.
 2021-12-17 17:06:57 +01:00
Nick Rolfe
e6c60ebd41 QL for QL: add autobuilder that respects LGTM_INDEX_FILTERS 2021-12-17 16:05:21 +00:00
Nick Rolfe
28912c508f Fix non-US spelling of 'behavior' 2021-12-17 15:29:31 +00:00
CodeQL CI
5054d5b555 Merge pull request #7420 from RasmusWL/ssrf-new 
Approved by yoff
 2021-12-17 15:20:49 +00:00
Tom Hvitved
1e27ddf7c7 Ruby: Data flow for keyword arguments/parameters 2021-12-17 15:42:29 +01:00
Nick Rolfe
9ad9b81327 QL4QL: catch behaviour/behavior in ql/non-us-spelling 2021-12-17 14:30:33 +00:00
Rasmus Wriedt Larsen
83f87f0272 Python: Adjust .expected based on new comment 
That was changed in 9866214
 2021-12-17 15:29:41 +01:00
CodeQL CI
de4b655ddb Merge pull request #7327 from asgerf/js/handlebars-more-raw-interpolation 
Approved by erik-krogh
 2021-12-17 14:07:57 +00:00