hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-06 02:01:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,554 Commits 1,690 Branches 160 Tags
codeql-cli/v2.9.2
Commit Graph

36554 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jorgectf
ed60d16367 Refactor the way to check the verifying call 2022-02-08 23:33:30 +01:00
Jorge
f1fab98ea2 Merge branch 'github:main' into python_jwt 2022-02-08 23:12:58 +01:00
Taus Brock-Nannestad
54ae744b2c Python: Also update Python 2 file 2022-02-08 22:08:53 +01:00
Harry Maclean
3206384884 Merge pull request #7824 from github/hmac/constantize 2022-02-09 08:30:21 +13:00
Chuan-kai Lin
a7f1ee574c Upgrade scripts testing: set initial dbschemes 
This commit sets initial dbschemes for cpp, csharp, java, javascript, and
python so that automated testing for upgrade scripts would also cover legacy
upgrades.
 2022-02-08 11:11:41 -08:00
Tom Hvitved
b2419d60bd Merge pull request #7090 from hvitved/ruby/perf 
Ruby: Cache more predicates
 2022-02-08 20:02:33 +01:00
Chris Smowton
143d64c92c Merge pull request #7879 from github/smowton/admin/getting-started-mention-codeql-go-deps 
Docs: Note codeql-go needs an install step before use
 2022-02-08 18:07:26 +00:00
Alex Ford
81ed5d0ff7 Ruby: comment and node description fixes 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-02-08 18:03:29 +00:00
jorgectf
b00051e4ab Update .expected 2022-02-08 17:52:37 +01:00
jorgectf
01ad25f3f0 Apply .getALocalSource() and fix xmltodict's vulnerable predicate 2022-02-08 17:51:09 +01:00
jorgectf
7c4a6a12b0 Test polish 2022-02-08 17:50:39 +01:00
jorgectf
8f9cd16806 Update 2022-02-08 17:23:18 +01:00
Taus Brock-Nannestad
6ea8986daa Python: Normalise string prefixes 2022-02-08 16:48:17 +01:00
Erik Krogh Kristensen
4bbb7ad320 Merge pull request #7876 from erik-krogh/zipRelative 
JS: recognize more startswith sanitizers for path-injection queries
 2022-02-08 15:22:39 +01:00
Nick Rolfe
ade7921079 Merge pull request #7890 from github/nickrolfe/unique_node 
Ruby/QL: add `unique` annotation on `node` column
 2022-02-08 13:15:17 +00:00
Tom Hvitved
984e01ecf0 C#: Remove FPs from cs/dereferenced-value-may-be-null 
Apply a conservative approach by filtering out results for accesses to
captured nullable values, when there is an (implicit) call to the capturing
callable which is `null`-guarded. For example:

```
bool M(int? i, IEnumerable<int> @is)
{
    if (i.HasValue)
        return @is.Any(j => j == i.Value); // GOOD
    return false;
}
```
 2022-02-08 14:01:57 +01:00
Tom Hvitved
7948d965a0 C#: Add nullness tests for captured variables 2022-02-08 13:52:29 +01:00
Tom Hvitved
3b5267eca5 Ruby: Cache DataFlow::Node::{toString,getLocation} 2022-02-08 13:03:42 +01:00
Tom Hvitved
f337459a4a Ruby: Cache capturedEntryWrite 2022-02-08 13:03:42 +01:00
Tom Hvitved
b041bc03d1 Ruby: Cache ConditionBlock::(immediately)Controls 2022-02-08 13:03:41 +01:00
Tom Hvitved
4037d1ff96 Ruby: Cache ErbDirective::getAChildStmt 2022-02-08 13:03:41 +01:00
Tom Hvitved
4c5f32ba4a Ruby: Cache exprNodeReturnedFrom 2022-02-08 13:03:31 +01:00
Tom Hvitved
45412fa17f Cache hasLocalSource 2022-02-08 13:03:27 +01:00
Chris Smowton
a6596ea7ce Fix test requirements, formatting 2022-02-08 12:01:32 +00:00
Rasmus Lerchedahl Petersen
3f36ccba92 python: add name to concept 2022-02-08 12:40:13 +01:00
Rasmus Lerchedahl Petersen
8665fe4817 python: add concept for XPath construction 
also small fixup in `SqlConstruction`
 2022-02-08 12:31:37 +01:00
Erik Krogh Kristensen
28ba78cb76 add explicit this 2022-02-08 12:20:21 +01:00
Rasmus Wriedt Larsen
3e01816f0c Python: Add change-note 2022-02-08 12:03:40 +01:00
Rasmus Lerchedahl Petersen
7d287f1698 python: add concept for xpath execution 2022-02-08 11:46:28 +01:00
Rasmus Lerchedahl Petersen
103b5761f3 python: remove superfluous configuration 
this also removes duplicated nodes and edges
in the path results
 2022-02-08 11:34:11 +01:00
Michael Nebel
c04e344192 Merge pull request #7749 from michaelnebel/csharp/lambda-improvements 
C# 10 - Lambda improvements.
 2022-02-08 11:28:55 +01:00
Benjamin Muskalla
b62df5a9ad Merge pull request #7872 from bmuskalla/fixCoverageCollection 
Collect framework coverage on demand
 2022-02-08 11:27:48 +01:00
Rasmus Lerchedahl Petersen
a9cfc60ea1 python: move supporting libraries 
and update reference in query
 2022-02-08 11:27:45 +01:00
Henry Mercer
eff0ca01b1 Merge pull request #7417 from github/henrymercer/java/update-telemetry-query-metadata 
Java: Start running telemetry queries on Code Scanning
 2022-02-08 10:26:30 +00:00
Rasmus Lerchedahl Petersen
88efcff818 python: move query 
and update reference in query test
 2022-02-08 11:24:09 +01:00
Chris Smowton
79654592d9 Apply suggestions from code review 2022-02-08 10:23:46 +00:00
Rasmus Lerchedahl Petersen
e51ba6f421 python: rename test directory 2022-02-08 11:20:10 +01:00
Rasmus Lerchedahl Petersen
e52dca0a35 python: move tests 2022-02-08 11:19:28 +01:00
Benjamin Muskalla
ff8a96b96d Rename framework coverage query 
Move it to the other summary queries, update all references.
 2022-02-08 11:14:03 +01:00
Rasmus Wriedt Larsen
a8edd44a3c Python: Update .expected 2022-02-08 11:12:34 +01:00
Benjamin Muskalla
85a8efab63 Update .github/workflows/csv-coverage-metrics.yml 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-02-08 11:07:56 +01:00
Benjamin Muskalla
6e3d2a2046 Update misc/suite-helpers/security-and-quality-selectors.yml 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-02-08 11:07:35 +01:00
Benjamin Muskalla
fb91821882 Update misc/suite-helpers/security-extended-selectors.yml 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-02-08 11:06:51 +01:00
Benjamin Muskalla
94c517efd6 Update misc/suite-helpers/code-scanning-selectors.yml 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-02-08 11:06:35 +01:00
Benjamin Muskalla
284c397883 Update misc/suite-helpers/lgtm-selectors.yml 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-02-08 11:06:30 +01:00
Benjamin Muskalla
e7823a78ef Update .github/workflows/csv-coverage-metrics.yml 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-02-08 11:06:21 +01:00
Nick Rolfe
fa16ff9ffc QL for QL: make node column unique 2022-02-08 09:59:11 +00:00
Nick Rolfe
8881031d0a Ruby: add upgrade/downgrade scripts 2022-02-08 09:57:55 +00:00
Nick Rolfe
2037368f62 Ruby: make node column unique 2022-02-08 09:55:34 +00:00
Nick Rolfe
dbe2951aec Merge pull request #7880 from github/nickrolfe/locations_column_ql 
QL for QL: sync changes from Ruby
 2022-02-08 09:53:06 +00:00