hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,969 Commits 1,741 Branches 165 Tags
309b703e47c93858979635df65cd7f28387f199b
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Dave Bartolomeo 309b703e47 C++: Models for side-effect-free functions 
This commit adds a new model interface that describes the known side effects (or lack thereof) of a library function. Does it read memory, does it write memory, and do any of its parameters escape? Initially, we have models for just two Standard Library functions: `std::move` and `std::forward`, which neither read nor write memory, and do not escape their parameter.

IR construction has been updated to insert the correct side effect instruction (or no side effect instruction) based on the model.
2018-11-30 12:15:23 -08:00
change-notes
Merge pull request #573 from felicity-semmle/1.19/python-change-notes
2018-11-30 12:30:57 +00:00
config
C++: IR-based dataflow
2018-11-30 12:15:11 -08:00
cpp
C++: Models for side-effect-free functions
2018-11-30 12:15:23 -08:00
csharp
Merge pull request #513 from calumgrant/cs/cwe-134
2018-11-26 14:58:54 +01:00
docs
Style guide: Fix whitespace.
2018-11-07 09:12:55 +01:00
java
Merge master into next.
2018-11-23 16:36:31 +00:00
javascript
Merge pull request #571 from xiemaisi/js/numeric-constant-interpreted-as-code
2018-11-29 17:07:48 +00:00
python/ql
Python: Fix accidentally introduced cartesian product.
2018-11-29 14:19:47 +00:00
.editorconfig
Normalize all text files to LF
2018-09-23 16:24:31 -07:00
.gitattributes
Mark several known binary extensions as -text
2018-09-23 16:24:32 -07:00
.gitignore
Don't .gitignore .vs/VSWorkspaceSettings.json
2018-09-26 15:52:44 +02:00
.lgtm.yml
Update lgtm.yml file to exclude Python source in query and test folders.
2018-11-20 14:57:36 +00:00
CODE_OF_CONDUCT.md
Introduce code of conduct
2018-08-07 12:19:02 +01:00
CODEOWNERS
C++: Add C++ analysis team to CODEOWNERS
2018-10-24 11:58:37 +02:00
CONTRIBUTING.md
Update CONTRIBUTING.md and README.md to link the the QL Style Guide.
2018-08-20 11:06:22 +01:00
COPYRIGHT
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
LICENSE
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
README.md
Update CONTRIBUTING.md and README.md to link the the QL Style Guide.
2018-08-20 11:06:22 +01:00

README.md

Semmle QL

This open source repository contains the standard QL libraries and queries that power LGTM, and the other products that Semmle makes available to its customers worldwide.

How do I learn QL and run queries?

LGTM has extensive documentation on getting started with writing QL. You can use the interactive query console or the QL for Eclipse plugin to try out your queries on any open-source project that's currently being analyzed.

Contributing

We welcome contributions to our standard library and standard checks. Do you have an idea for a new check, or how to improve an existing query? Then please go ahead and open a pull request! Before you do, though, please take the time to read our contributing guidelines and QL style guide.

License

The LGTM queries are licensed under Apache License 2.0 by Semmle.

Description
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
codeqlgithub-advanced-securitygithub-security-labsemmle-qlworks-with-codespaces
Readme MIT 19 GiB
Languages
CodeQL 32.3%
Kotlin 27.4%
C# 17.1%
Java 7.7%
Python 4.6%
Other 10.7%