mirror of
https://github.com/github/codeql.git
synced 2026-07-05 11:35:30 +02:00
Compare commits
20 Commits
codeql-cli
...
redsun82/s
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
bd1f548fbc | ||
|
|
1dbe908024 | ||
|
|
39ad4d4a89 | ||
|
|
2c5f007687 | ||
|
|
f87e680185 | ||
|
|
496e76c1c5 | ||
|
|
16660ab1df | ||
|
|
8df2e4952c | ||
|
|
a774aacfa8 | ||
|
|
9cfd06c761 | ||
|
|
68929d1f73 | ||
|
|
eec2aa82a6 | ||
|
|
962c73da16 | ||
|
|
80bd361607 | ||
|
|
bb78536804 | ||
|
|
d5d04f2f4c | ||
|
|
ae3aba061b | ||
|
|
0421ceff93 | ||
|
|
a30e7d2cfd | ||
|
|
002e1eb730 |
@@ -6,6 +6,9 @@
|
|||||||
"slevesque.vscode-zipexplorer",
|
"slevesque.vscode-zipexplorer",
|
||||||
"ms-vscode.cpptools"
|
"ms-vscode.cpptools"
|
||||||
],
|
],
|
||||||
|
"features": {
|
||||||
|
"git-lfs": "latest"
|
||||||
|
},
|
||||||
"settings": {
|
"settings": {
|
||||||
"files.watcherExclude": {
|
"files.watcherExclude": {
|
||||||
"**/target/**": true
|
"**/target/**": true
|
||||||
|
|||||||
@@ -3,9 +3,6 @@ set -xe
|
|||||||
BAZELISK_VERSION=v1.12.0
|
BAZELISK_VERSION=v1.12.0
|
||||||
BAZELISK_DOWNLOAD_SHA=6b0bcb2ea15bca16fffabe6fda75803440375354c085480fe361d2cbf32501db
|
BAZELISK_DOWNLOAD_SHA=6b0bcb2ea15bca16fffabe6fda75803440375354c085480fe361d2cbf32501db
|
||||||
|
|
||||||
# install git lfs apt source
|
|
||||||
curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash
|
|
||||||
|
|
||||||
# install gh apt source
|
# install gh apt source
|
||||||
(type -p wget >/dev/null || (sudo apt update && sudo apt-get install wget -y)) \
|
(type -p wget >/dev/null || (sudo apt update && sudo apt-get install wget -y)) \
|
||||||
&& sudo mkdir -p -m 755 /etc/apt/keyrings \
|
&& sudo mkdir -p -m 755 /etc/apt/keyrings \
|
||||||
@@ -21,7 +18,6 @@ apt-get -y install --no-install-recommends \
|
|||||||
python3-distutils \
|
python3-distutils \
|
||||||
python3-pip \
|
python3-pip \
|
||||||
bash-completion \
|
bash-completion \
|
||||||
git-lfs \
|
|
||||||
gh
|
gh
|
||||||
|
|
||||||
# Install Bazel
|
# Install Bazel
|
||||||
|
|||||||
@@ -1,7 +1,5 @@
|
|||||||
set -xe
|
set -xe
|
||||||
|
|
||||||
git lfs install
|
|
||||||
|
|
||||||
# add the workspace to the codeql search path
|
# add the workspace to the codeql search path
|
||||||
mkdir -p /home/vscode/.config/codeql
|
mkdir -p /home/vscode/.config/codeql
|
||||||
echo "--search-path /workspaces/codeql" > /home/vscode/.config/codeql/config
|
echo "--search-path /workspaces/codeql" > /home/vscode/.config/codeql/config
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/cpp-all
|
name: codeql/cpp-all
|
||||||
version: 1.2.0
|
version: 1.2.1-dev
|
||||||
groups: cpp
|
groups: cpp
|
||||||
dbscheme: semmlecode.cpp.dbscheme
|
dbscheme: semmlecode.cpp.dbscheme
|
||||||
extractor: cpp
|
extractor: cpp
|
||||||
|
|||||||
@@ -4,7 +4,7 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @security-severity 9.3
|
* @security-severity 9.3
|
||||||
* @precision medium
|
* @precision high
|
||||||
* @id cpp/unsafe-strncat
|
* @id cpp/unsafe-strncat
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* correctness
|
* correctness
|
||||||
|
|||||||
@@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
category: queryMetadata
|
||||||
|
---
|
||||||
|
* The precision of `cpp/unsafe-strncat` ("Potentially unsafe call to strncat") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite.
|
||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/cpp-queries
|
name: codeql/cpp-queries
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups:
|
groups:
|
||||||
- cpp
|
- cpp
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -3,3 +3,5 @@
|
|||||||
| test.c:67:3:67:9 | call to strncat | Potentially unsafe call to strncat. |
|
| test.c:67:3:67:9 | call to strncat | Potentially unsafe call to strncat. |
|
||||||
| test.c:75:3:75:9 | call to strncat | Potentially unsafe call to strncat. |
|
| test.c:75:3:75:9 | call to strncat | Potentially unsafe call to strncat. |
|
||||||
| test.c:76:3:76:9 | call to strncat | Potentially unsafe call to strncat. |
|
| test.c:76:3:76:9 | call to strncat | Potentially unsafe call to strncat. |
|
||||||
|
| test.c:91:3:91:9 | call to strncat | Potentially unsafe call to strncat. |
|
||||||
|
| test.c:99:3:99:9 | call to strncat | Potentially unsafe call to strncat. |
|
||||||
|
|||||||
@@ -82,3 +82,20 @@ void strncat_test5(char *s) {
|
|||||||
strncat(buf, s, len - strlen(buf) - 1); // GOOD
|
strncat(buf, s, len - strlen(buf) - 1); // GOOD
|
||||||
strncat(buf, s, len - strlen(buf)); // GOOD
|
strncat(buf, s, len - strlen(buf)); // GOOD
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void strncat_test6() {
|
||||||
|
{
|
||||||
|
char dest[60];
|
||||||
|
dest[0] = '\0';
|
||||||
|
// Will write `dest[0 .. 5]`
|
||||||
|
strncat(dest, "small", sizeof(dest)); // GOOD [FALSE POSITIVE]
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
char dest[60];
|
||||||
|
memset(dest, 'a', sizeof(dest));
|
||||||
|
dest[54] = '\0';
|
||||||
|
// Will write `dest[54 .. 59]`
|
||||||
|
strncat(dest, "small", sizeof(dest)); // GOOD [FALSE POSITIVE]
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/csharp-solorigate-all
|
name: codeql/csharp-solorigate-all
|
||||||
version: 1.7.20
|
version: 1.7.21-dev
|
||||||
groups:
|
groups:
|
||||||
- csharp
|
- csharp
|
||||||
- solorigate
|
- solorigate
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/csharp-solorigate-queries
|
name: codeql/csharp-solorigate-queries
|
||||||
version: 1.7.20
|
version: 1.7.21-dev
|
||||||
groups:
|
groups:
|
||||||
- csharp
|
- csharp
|
||||||
- solorigate
|
- solorigate
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/csharp-all
|
name: codeql/csharp-all
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: csharp
|
groups: csharp
|
||||||
dbscheme: semmlecode.csharp.dbscheme
|
dbscheme: semmlecode.csharp.dbscheme
|
||||||
extractor: csharp
|
extractor: csharp
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/csharp-queries
|
name: codeql/csharp-queries
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups:
|
groups:
|
||||||
- csharp
|
- csharp
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql-go-consistency-queries
|
name: codeql-go-consistency-queries
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups:
|
groups:
|
||||||
- go
|
- go
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
4
go/ql/lib/change-notes/2024-07-08-fix-clear-sanitizer.md
Normal file
4
go/ql/lib/change-notes/2024-07-08-fix-clear-sanitizer.md
Normal file
@@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
category: minorAnalysis
|
||||||
|
---
|
||||||
|
* There was a bug which meant that the built-in function `clear` was considered as a sanitizer in some cases when it shouldn't have been. This has now been fixed, which may lead to more alerts.
|
||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/go-all
|
name: codeql/go-all
|
||||||
version: 1.1.2
|
version: 1.1.3-dev
|
||||||
groups: go
|
groups: go
|
||||||
dbscheme: go.dbscheme
|
dbscheme: go.dbscheme
|
||||||
extractor: go
|
extractor: go
|
||||||
|
|||||||
@@ -423,7 +423,7 @@ private class ClearSanitizer extends DefaultTaintSanitizer {
|
|||||||
arg = call.getAnArgument() and
|
arg = call.getAnArgument() and
|
||||||
arg = var.getAUse() and
|
arg = var.getAUse() and
|
||||||
arg != this and
|
arg != this and
|
||||||
this.getBasicBlock().(ReachableBasicBlock).dominates(this.getBasicBlock())
|
arg.getBasicBlock().(ReachableBasicBlock).dominates(this.getBasicBlock())
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/go-queries
|
name: codeql/go-queries
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups:
|
groups:
|
||||||
- go
|
- go
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -8,9 +8,38 @@ func clearTestBad(sourceReq *http.Request) string {
|
|||||||
return string(b)
|
return string(b)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func clearTestBad2(sourceReq *http.Request, x bool) string {
|
||||||
|
b := make([]byte, 8)
|
||||||
|
sourceReq.Body.Read(b)
|
||||||
|
if x {
|
||||||
|
clear(b)
|
||||||
|
}
|
||||||
|
return string(b)
|
||||||
|
}
|
||||||
|
|
||||||
|
func clearTestBad3(sourceReq *http.Request, x bool) string {
|
||||||
|
b := make([]byte, 8)
|
||||||
|
sourceReq.Body.Read(b)
|
||||||
|
if x {
|
||||||
|
return string(b)
|
||||||
|
}
|
||||||
|
clear(b)
|
||||||
|
return string(b)
|
||||||
|
}
|
||||||
|
|
||||||
func clearTestGood(sourceReq *http.Request) string {
|
func clearTestGood(sourceReq *http.Request) string {
|
||||||
b := make([]byte, 8)
|
b := make([]byte, 8)
|
||||||
sourceReq.Body.Read(b)
|
sourceReq.Body.Read(b)
|
||||||
clear(b) // should prevent taint flow
|
clear(b) // should prevent taint flow
|
||||||
return string(b)
|
return string(b)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func clearTestGood2(sourceReq *http.Request, x bool) string {
|
||||||
|
b := make([]byte, 8)
|
||||||
|
sourceReq.Body.Read(b)
|
||||||
|
clear(b) // should prevent taint flow
|
||||||
|
if x {
|
||||||
|
return string(b)
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|||||||
@@ -1,10 +1,22 @@
|
|||||||
edges
|
edges
|
||||||
| Builtin.go:6:2:6:2 | definition of b | Builtin.go:8:9:8:17 | type conversion | provenance | |
|
| Builtin.go:6:2:6:2 | definition of b | Builtin.go:8:9:8:17 | type conversion | provenance | |
|
||||||
| Builtin.go:7:2:7:15 | selection of Body | Builtin.go:6:2:6:2 | definition of b | provenance | MaD:626 |
|
| Builtin.go:7:2:7:15 | selection of Body | Builtin.go:6:2:6:2 | definition of b | provenance | MaD:626 |
|
||||||
|
| Builtin.go:12:2:12:2 | definition of b | Builtin.go:17:9:17:17 | type conversion | provenance | |
|
||||||
|
| Builtin.go:13:2:13:15 | selection of Body | Builtin.go:12:2:12:2 | definition of b | provenance | MaD:626 |
|
||||||
|
| Builtin.go:21:2:21:2 | definition of b | Builtin.go:24:10:24:18 | type conversion | provenance | |
|
||||||
|
| Builtin.go:22:2:22:15 | selection of Body | Builtin.go:21:2:21:2 | definition of b | provenance | MaD:626 |
|
||||||
nodes
|
nodes
|
||||||
| Builtin.go:6:2:6:2 | definition of b | semmle.label | definition of b |
|
| Builtin.go:6:2:6:2 | definition of b | semmle.label | definition of b |
|
||||||
| Builtin.go:7:2:7:15 | selection of Body | semmle.label | selection of Body |
|
| Builtin.go:7:2:7:15 | selection of Body | semmle.label | selection of Body |
|
||||||
| Builtin.go:8:9:8:17 | type conversion | semmle.label | type conversion |
|
| Builtin.go:8:9:8:17 | type conversion | semmle.label | type conversion |
|
||||||
|
| Builtin.go:12:2:12:2 | definition of b | semmle.label | definition of b |
|
||||||
|
| Builtin.go:13:2:13:15 | selection of Body | semmle.label | selection of Body |
|
||||||
|
| Builtin.go:17:9:17:17 | type conversion | semmle.label | type conversion |
|
||||||
|
| Builtin.go:21:2:21:2 | definition of b | semmle.label | definition of b |
|
||||||
|
| Builtin.go:22:2:22:15 | selection of Body | semmle.label | selection of Body |
|
||||||
|
| Builtin.go:24:10:24:18 | type conversion | semmle.label | type conversion |
|
||||||
subpaths
|
subpaths
|
||||||
#select
|
#select
|
||||||
| Builtin.go:8:9:8:17 | type conversion | Builtin.go:7:2:7:15 | selection of Body | Builtin.go:8:9:8:17 | type conversion | Found taint flow |
|
| Builtin.go:8:9:8:17 | type conversion | Builtin.go:7:2:7:15 | selection of Body | Builtin.go:8:9:8:17 | type conversion | Found taint flow |
|
||||||
|
| Builtin.go:17:9:17:17 | type conversion | Builtin.go:13:2:13:15 | selection of Body | Builtin.go:17:9:17:17 | type conversion | Found taint flow |
|
||||||
|
| Builtin.go:24:10:24:18 | type conversion | Builtin.go:22:2:22:15 | selection of Body | Builtin.go:24:10:24:18 | type conversion | Found taint flow |
|
||||||
|
|||||||
3
java/kotlin-extractor/dev/.gitignore
vendored
3
java/kotlin-extractor/dev/.gitignore
vendored
@@ -1,2 +1 @@
|
|||||||
/.kotlinc_version
|
/.kotlinc_*
|
||||||
/.kotlinc_installed
|
|
||||||
|
|||||||
@@ -29,6 +29,7 @@ import os
|
|||||||
|
|
||||||
DEFAULT_VERSION = "2.0.0"
|
DEFAULT_VERSION = "2.0.0"
|
||||||
|
|
||||||
|
|
||||||
def options():
|
def options():
|
||||||
parser = argparse.ArgumentParser(add_help=False)
|
parser = argparse.ArgumentParser(add_help=False)
|
||||||
parser.add_argument("tool")
|
parser.add_argument("tool")
|
||||||
@@ -38,11 +39,15 @@ def options():
|
|||||||
return parser.parse_known_args()
|
return parser.parse_known_args()
|
||||||
|
|
||||||
|
|
||||||
url_template = 'https://github.com/JetBrains/kotlin/releases/download/v{version}/kotlin-compiler-{version}.zip'
|
file_template = "kotlin-compiler-{version}.zip"
|
||||||
|
url_template = "https://github.com/JetBrains/kotlin/releases/download/v{version}/kotlin-compiler-{version}.zip"
|
||||||
this_dir = pathlib.Path(__file__).resolve().parent
|
this_dir = pathlib.Path(__file__).resolve().parent
|
||||||
version_file = this_dir / ".kotlinc_version"
|
version_file = this_dir / ".kotlinc_version"
|
||||||
install_dir = this_dir / ".kotlinc_installed"
|
install_dir = this_dir / ".kotlinc_installed"
|
||||||
windows_ripunzip = this_dir.parents[4] / "resources" / "lib" / "windows" / "ripunzip" / "ripunzip.exe"
|
zips_dir = this_dir / ".kotlinc_zips"
|
||||||
|
windows_ripunzip = (
|
||||||
|
this_dir.parents[4] / "resources" / "lib" / "windows" / "ripunzip" / "ripunzip.exe"
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
class Error(Exception):
|
class Error(Exception):
|
||||||
@@ -62,16 +67,6 @@ class ZipFilePreservingPermissions(zipfile.ZipFile):
|
|||||||
return targetpath
|
return targetpath
|
||||||
|
|
||||||
|
|
||||||
def check_version(version: str):
|
|
||||||
try:
|
|
||||||
with urllib.request.urlopen(url_template.format(version=version)) as response:
|
|
||||||
pass
|
|
||||||
except urllib.error.HTTPError as e:
|
|
||||||
if e.code == 404:
|
|
||||||
raise Error(f"Version {version} not found in github.com/JetBrains/kotlin/releases") from e
|
|
||||||
raise
|
|
||||||
|
|
||||||
|
|
||||||
def get_version():
|
def get_version():
|
||||||
try:
|
try:
|
||||||
return version_file.read_text()
|
return version_file.read_text()
|
||||||
@@ -86,29 +81,39 @@ def install(version: str, quiet: bool):
|
|||||||
else:
|
else:
|
||||||
info_out = sys.stderr
|
info_out = sys.stderr
|
||||||
info = lambda *args: print(*args, file=sys.stderr)
|
info = lambda *args: print(*args, file=sys.stderr)
|
||||||
|
file = file_template.format(version=version)
|
||||||
url = url_template.format(version=version)
|
url = url_template.format(version=version)
|
||||||
if install_dir.exists():
|
if install_dir.exists():
|
||||||
shutil.rmtree(install_dir)
|
shutil.rmtree(install_dir)
|
||||||
install_dir.mkdir()
|
install_dir.mkdir()
|
||||||
|
zips_dir.mkdir(exist_ok=True)
|
||||||
|
zip = zips_dir / file
|
||||||
|
|
||||||
|
if not zip.exists():
|
||||||
|
info(f"downloading {url}")
|
||||||
|
tmp_zip = zip.with_suffix(".tmp")
|
||||||
|
with open(tmp_zip, "wb") as out, urllib.request.urlopen(url) as response:
|
||||||
|
shutil.copyfileobj(response, out)
|
||||||
|
tmp_zip.rename(zip)
|
||||||
ripunzip = shutil.which("ripunzip")
|
ripunzip = shutil.which("ripunzip")
|
||||||
if ripunzip is None and platform.system() == "Windows" and windows_ripunzip.exists():
|
if (
|
||||||
|
ripunzip is None
|
||||||
|
and platform.system() == "Windows"
|
||||||
|
and windows_ripunzip.exists()
|
||||||
|
):
|
||||||
ripunzip = windows_ripunzip
|
ripunzip = windows_ripunzip
|
||||||
if ripunzip:
|
if ripunzip:
|
||||||
info(f"downloading and extracting {url} using ripunzip")
|
info(f"extracting {zip} using ripunzip")
|
||||||
subprocess.run([ripunzip, "unzip-uri", url], stdout=info_out, stderr=info_out, cwd=install_dir,
|
subprocess.run(
|
||||||
check=True)
|
[ripunzip, "unzip-file", zip],
|
||||||
return
|
stdout=info_out,
|
||||||
with io.BytesIO() as buffer:
|
stderr=info_out,
|
||||||
info(f"downloading {url}")
|
cwd=install_dir,
|
||||||
with urllib.request.urlopen(url) as response:
|
check=True,
|
||||||
while True:
|
)
|
||||||
bytes = response.read()
|
else:
|
||||||
if not bytes:
|
info(f"extracting {zip}")
|
||||||
break
|
with ZipFilePreservingPermissions(zip) as archive:
|
||||||
buffer.write(bytes)
|
|
||||||
buffer.seek(0)
|
|
||||||
info(f"extracting kotlin-compiler-{version}.zip")
|
|
||||||
with ZipFilePreservingPermissions(buffer) as archive:
|
|
||||||
archive.extractall(install_dir)
|
archive.extractall(install_dir)
|
||||||
|
|
||||||
|
|
||||||
@@ -130,6 +135,9 @@ def clear():
|
|||||||
if version_file.exists():
|
if version_file.exists():
|
||||||
print(f"removing {version_file}", file=sys.stderr)
|
print(f"removing {version_file}", file=sys.stderr)
|
||||||
version_file.unlink()
|
version_file.unlink()
|
||||||
|
if zips_dir.exists():
|
||||||
|
print(f"removing {zips_dir}", file=sys.stderr)
|
||||||
|
shutil.rmtree(zips_dir)
|
||||||
|
|
||||||
|
|
||||||
def main(opts, forwarded_opts):
|
def main(opts, forwarded_opts):
|
||||||
@@ -140,7 +148,6 @@ def main(opts, forwarded_opts):
|
|||||||
if opts.select == "default":
|
if opts.select == "default":
|
||||||
selected_version = DEFAULT_VERSION
|
selected_version = DEFAULT_VERSION
|
||||||
elif opts.select is not None:
|
elif opts.select is not None:
|
||||||
check_version(opts.select)
|
|
||||||
selected_version = opts.select
|
selected_version = opts.select
|
||||||
else:
|
else:
|
||||||
selected_version = current_version or DEFAULT_VERSION
|
selected_version = current_version or DEFAULT_VERSION
|
||||||
@@ -153,7 +160,10 @@ def main(opts, forwarded_opts):
|
|||||||
return
|
return
|
||||||
if opts.version:
|
if opts.version:
|
||||||
if opts.tool == "kotlinc":
|
if opts.tool == "kotlinc":
|
||||||
print(f"info: kotlinc-jvm {selected_version} (codeql dev wrapper)", file=sys.stderr)
|
print(
|
||||||
|
f"info: kotlinc-jvm {selected_version} (codeql dev wrapper)",
|
||||||
|
file=sys.stderr,
|
||||||
|
)
|
||||||
return
|
return
|
||||||
forwarded_opts.append("-version")
|
forwarded_opts.append("-version")
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/java-automodel-queries
|
name: codeql/java-automodel-queries
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups:
|
groups:
|
||||||
- java
|
- java
|
||||||
- automodel
|
- automodel
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/java-all
|
name: codeql/java-all
|
||||||
version: 1.1.2
|
version: 1.1.3-dev
|
||||||
groups: java
|
groups: java
|
||||||
dbscheme: config/semmlecode.dbscheme
|
dbscheme: config/semmlecode.dbscheme
|
||||||
extractor: java
|
extractor: java
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/java-queries
|
name: codeql/java-queries
|
||||||
version: 1.1.0
|
version: 1.1.1-dev
|
||||||
groups:
|
groups:
|
||||||
- java
|
- java
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/javascript-all
|
name: codeql/javascript-all
|
||||||
version: 1.1.0
|
version: 1.1.1-dev
|
||||||
groups: javascript
|
groups: javascript
|
||||||
dbscheme: semmlecode.javascript.dbscheme
|
dbscheme: semmlecode.javascript.dbscheme
|
||||||
extractor: javascript
|
extractor: javascript
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/javascript-queries
|
name: codeql/javascript-queries
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups:
|
groups:
|
||||||
- javascript
|
- javascript
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -11,6 +11,8 @@ import argparse
|
|||||||
import pathlib
|
import pathlib
|
||||||
import shutil
|
import shutil
|
||||||
import subprocess
|
import subprocess
|
||||||
|
import platform
|
||||||
|
import time
|
||||||
from python.runfiles import runfiles
|
from python.runfiles import runfiles
|
||||||
|
|
||||||
runfiles = runfiles.Create()
|
runfiles = runfiles.Create()
|
||||||
@@ -41,7 +43,24 @@ else:
|
|||||||
assert destdir.is_absolute(), "Provide `--build-file` to resolve destination directory"
|
assert destdir.is_absolute(), "Provide `--build-file` to resolve destination directory"
|
||||||
script = runfiles.Rlocation(opts.pkg_install_script)
|
script = runfiles.Rlocation(opts.pkg_install_script)
|
||||||
|
|
||||||
|
_WIN_FILE_IN_USE_ERROR_CODE = 32
|
||||||
|
|
||||||
if destdir.exists() and opts.cleanup:
|
if destdir.exists() and opts.cleanup:
|
||||||
|
if platform.system() == 'Windows':
|
||||||
|
# On Windows we might have virus scanner still looking at the path so
|
||||||
|
# attempt removal a couple of times sleeping between each attempt.
|
||||||
|
for retry_delay in [1, 2, 2]:
|
||||||
|
try:
|
||||||
|
shutil.rmtree(destdir)
|
||||||
|
break
|
||||||
|
except OSError as e:
|
||||||
|
if e.winerror == _WIN_FILE_IN_USE_ERROR_CODE:
|
||||||
|
time.sleep(retry_delay)
|
||||||
|
else:
|
||||||
|
raise
|
||||||
|
else:
|
||||||
|
shutil.rmtree(destdir)
|
||||||
|
else:
|
||||||
shutil.rmtree(destdir)
|
shutil.rmtree(destdir)
|
||||||
|
|
||||||
destdir.mkdir(parents=True, exist_ok=True)
|
destdir.mkdir(parents=True, exist_ok=True)
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
name: codeql/suite-helpers
|
name: codeql/suite-helpers
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
warnOnImplicitThis: true
|
warnOnImplicitThis: true
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/python-all
|
name: codeql/python-all
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: python
|
groups: python
|
||||||
dbscheme: semmlecode.python.dbscheme
|
dbscheme: semmlecode.python.dbscheme
|
||||||
extractor: python
|
extractor: python
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/python-queries
|
name: codeql/python-queries
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups:
|
groups:
|
||||||
- python
|
- python
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/ruby-all
|
name: codeql/ruby-all
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: ruby
|
groups: ruby
|
||||||
extractor: ruby
|
extractor: ruby
|
||||||
dbscheme: ruby.dbscheme
|
dbscheme: ruby.dbscheme
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/ruby-queries
|
name: codeql/ruby-queries
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups:
|
groups:
|
||||||
- ruby
|
- ruby
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/controlflow
|
name: codeql/controlflow
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/dataflow
|
name: codeql/dataflow
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/mad
|
name: codeql/mad
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/rangeanalysis
|
name: codeql/rangeanalysis
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/regex
|
name: codeql/regex
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/ssa
|
name: codeql/ssa
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/threat-models
|
name: codeql/threat-models
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
library: true
|
library: true
|
||||||
groups: shared
|
groups: shared
|
||||||
dataExtensions:
|
dataExtensions:
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
name: codeql/tutorial
|
name: codeql/tutorial
|
||||||
description: Library for the CodeQL detective tutorials, helping new users learn to
|
description: Library for the CodeQL detective tutorials, helping new users learn to
|
||||||
write CodeQL queries.
|
write CodeQL queries.
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
warnOnImplicitThis: true
|
warnOnImplicitThis: true
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/typeflow
|
name: codeql/typeflow
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/typetracking
|
name: codeql/typetracking
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/typos
|
name: codeql/typos
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
warnOnImplicitThis: true
|
warnOnImplicitThis: true
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/util
|
name: codeql/util
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
dependencies: null
|
dependencies: null
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/xml
|
name: codeql/xml
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/yaml
|
name: codeql/yaml
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: shared
|
groups: shared
|
||||||
library: true
|
library: true
|
||||||
warnOnImplicitThis: true
|
warnOnImplicitThis: true
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/swift-all
|
name: codeql/swift-all
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups: swift
|
groups: swift
|
||||||
extractor: swift
|
extractor: swift
|
||||||
dbscheme: swift.dbscheme
|
dbscheme: swift.dbscheme
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/swift-queries
|
name: codeql/swift-queries
|
||||||
version: 1.0.3
|
version: 1.0.4-dev
|
||||||
groups:
|
groups:
|
||||||
- swift
|
- swift
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
Reference in New Issue
Block a user