Граф коммитов

929 Коммитов

Автор SHA1 Сообщение Дата
Cornelius Riemenschneider e8aa5db07a Rust: Update cargo dependencies.
There was a recent round of tree-sitter-* package releases,
so the latest code is now a) released and b) available on crates.io.

Therefore, move away from the (super slow on CI) git dependencies to released crates instead.
This also includes a run of `cargo update`, so there's a bunch of more changes to the lockfile.
2024-11-11 12:13:14 +01:00
Tom Hvitved f389a889ad Exclude consistency output from `.gitignore` files 2024-09-26 11:09:54 +02:00
Tom Hvitved eb1b2a5594 Bump `tree-sitter` to `0.23.0` 2024-09-04 09:47:59 +02:00
Paolo Tranquilli 7b8c11379d Javascript: use `codeql_pack` for javascript extractor 2024-06-03 23:14:44 +02:00
Tom Hvitved d6a3765597 Tree-sitter: Allow for multiple file lists in simple extractor 2024-05-31 11:15:21 +02:00
Tom Hvitved 94d2e9591d Tree-sitter: Emit `empty_location` relation to avoid scan 2024-05-27 10:39:21 +02:00
Tom Hvitved 0dbce3d077
Merge pull request #16451 from hvitved/treesitter/codeql-verbosity
Tree-sitter: Respect verbosity defined in `CODEQL_VERBOSITY`
2024-05-24 11:24:01 +02:00
Dave Bartolomeo 613ccaac1d Add change note to all v1.0.0 packs 2024-05-23 13:01:22 -04:00
Tom Hvitved e4cd9d86f6 Tree-sitter: Respect verbosity defined in `CODEQL_VERBOSITY` 2024-05-23 13:38:35 +02:00
Dave Bartolomeo ffe4c8c87b Update all pack versions to `1.0.0` 2024-05-22 13:39:08 -04:00
Tom Hvitved bf2ae9890f Tree-sitter: Bump to 0.22.6 2024-05-21 11:14:06 +02:00
Henry Mercer 9409d7fdca
Merge pull request #16066 from github/henrymercer/ql-run-diagnostics
QL: Run diagnostics and summary metrics in code scanning
2024-04-02 10:45:50 +01:00
Erik Krogh Kristensen 0fd89549da
Merge pull request #16033 from github/dependabot/cargo/ql/regex-1.10.4
Bump regex from 1.10.3 to 1.10.4 in /ql
2024-04-02 07:52:17 +02:00
dependabot[bot] 07f9614dc2
Bump chrono from 0.4.35 to 0.4.37 in /ql
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.35 to 0.4.37.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.35...v0.4.37)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-28 03:07:21 +00:00
Henry Mercer 568442d5f8
QL: Run diagnostics and summary metrics in code scanning
Add diagnostics and summary metric queries to the code scanning suite.
2024-03-26 18:11:50 +00:00
dependabot[bot] 0c73340e47
Bump regex from 1.10.3 to 1.10.4 in /ql
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.3 to 1.10.4.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.3...1.10.4)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 03:31:03 +00:00
Henry Mercer 4e3a6e2140
Merge pull request #15874 from github/henrymercer/mark-loc-as-telemetry
Show lines of code data in debug mode only
2024-03-21 12:20:09 +00:00
Henry Mercer a76832f4e0 Mark LOC queries as `debug` instead 2024-03-20 21:18:55 +00:00
Tom Hvitved 31e04631d1 QL4QL: Regenerate DB scheme and stats 2024-03-19 13:04:12 +01:00
Tom Hvitved 80649786c3 QL4QL: Remove `MissingOverride` query 2024-03-15 11:06:15 +01:00
Henry Mercer c325ff8a23 Mark lines of code queries as telemetry queries
The new file coverage metrics are available in all supported GHES
versions. This PR tags lines of code queries as telemetry queries. Lines
of code information will still be available in the SARIF file, but it
will no longer be displayed in the logging output of the CLI.

The one exception is the metric queries for Java/Kotlin that provides
separate lines of code information for Java and Kotlin. I've kept these
since separate file coverage information for languages like Java and
Kotlin is only available for GHES 3.12 and later.
2024-03-11 16:40:31 +00:00
dependabot[bot] f0a5183a3f
Bump chrono from 0.4.34 to 0.4.35 in /ql
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.34 to 0.4.35.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.34...v0.4.35)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-07 03:59:07 +00:00
dependabot[bot] cc178ab58f
Bump rayon from 1.8.1 to 1.9.0 in /ql
Bumps [rayon](https://github.com/rayon-rs/rayon) from 1.8.1 to 1.9.0.
- [Changelog](https://github.com/rayon-rs/rayon/blob/main/RELEASES.md)
- [Commits](https://github.com/rayon-rs/rayon/compare/rayon-core-v1.8.1...rayon-core-v1.9.0)

---
updated-dependencies:
- dependency-name: rayon
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-28 03:24:58 +00:00
Tom Hvitved 62b16c0fa3 Share `getFileBySourceArchiveName` implementation 2024-02-23 11:25:49 +01:00
dependabot[bot] 3212f80bea
Bump chrono from 0.4.33 to 0.4.34 in /ql
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.33 to 0.4.34.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.33...v0.4.34)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-12 03:38:19 +00:00
Henry Mercer e71f0fc1ba Add supported build modes to extractor metadata 2024-02-06 19:51:13 +00:00
dependabot[bot] 5fac945b33
Bump chrono from 0.4.32 to 0.4.33 in /ql
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.32 to 0.4.33.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.32...v0.4.33)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-26 03:25:31 +00:00
Erik Krogh Kristensen f1d6f56621
Merge pull request #15393 from erik-krogh/deps-jan-2024
All: delete outdated deprecations
2024-01-23 13:52:38 +01:00
dependabot[bot] e9a1fa9592
Bump chrono from 0.4.31 to 0.4.32 in /ql
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.31 to 0.4.32.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.31...v0.4.32)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-23 03:12:14 +00:00
erik-krogh 8be7eadace
delete outdated deprecations 2024-01-22 09:11:35 +01:00
dependabot[bot] eb1a0fece8
Bump regex from 1.10.2 to 1.10.3 in /ql
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.2 to 1.10.3.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.2...1.10.3)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-22 03:54:51 +00:00
dependabot[bot] 7b574bb07a
Bump rayon from 1.8.0 to 1.8.1 in /ql
Bumps [rayon](https://github.com/rayon-rs/rayon) from 1.8.0 to 1.8.1.
- [Changelog](https://github.com/rayon-rs/rayon/blob/master/RELEASES.md)
- [Commits](https://github.com/rayon-rs/rayon/compare/rayon-core-v1.8.0...rayon-core-v1.8.1)

---
updated-dependencies:
- dependency-name: rayon
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-18 03:16:14 +00:00
Tom Hvitved 0361b2e6e8 QL4QL: Improvements to `RedundantImport` query 2023-12-08 10:19:04 +01:00
dependabot[bot] f8c8d59cb5
Bump tracing-subscriber from 0.3.17 to 0.3.18 in /ql
Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.17 to 0.3.18.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.17...tracing-subscriber-0.3.18)

---
updated-dependencies:
- dependency-name: tracing-subscriber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-14 03:56:51 +00:00
dependabot[bot] 2af1302a4a
Bump tracing from 0.1.39 to 0.1.40 in /ql
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.39 to 0.1.40.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.39...tracing-0.1.40)

---
updated-dependencies:
- dependency-name: tracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-19 03:33:14 +00:00
dependabot[bot] cf0173acad
Bump regex from 1.10.0 to 1.10.2 in /ql
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.0 to 1.10.2.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.0...1.10.2)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-16 17:49:47 +00:00
dependabot[bot] 7700210ed2
Bump tracing from 0.1.38 to 0.1.39 in /ql
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.38 to 0.1.39.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.38...tracing-0.1.39)

---
updated-dependencies:
- dependency-name: tracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-16 03:21:13 +00:00
dependabot[bot] 0e09420e7b
Bump regex from 1.9.6 to 1.10.0 in /ql
Bumps [regex](https://github.com/rust-lang/regex) from 1.9.6 to 1.10.0.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.9.6...1.10.0)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-10 03:56:00 +00:00
Henry Mercer da92da2204 Bump minor versions of packs we regularly release 2023-10-03 16:31:23 +01:00
dependabot[bot] a86b010504
Bump regex from 1.9.5 to 1.9.6 in /ql
Bumps [regex](https://github.com/rust-lang/regex) from 1.9.5 to 1.9.6.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.9.5...1.9.6)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-02 03:33:25 +00:00
Anders Schack-Mulligen 7bc0c54a41 QL: Use shared FileSystem library. 2023-09-28 08:58:55 +02:00
dependabot[bot] d0554a05f9
Bump rayon from 1.7.0 to 1.8.0 in /ql
Bumps [rayon](https://github.com/rayon-rs/rayon) from 1.7.0 to 1.8.0.
- [Changelog](https://github.com/rayon-rs/rayon/blob/master/RELEASES.md)
- [Commits](https://github.com/rayon-rs/rayon/compare/rayon-core-v1.7.0...rayon-core-v1.8.0)

---
updated-dependencies:
- dependency-name: rayon
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-21 03:10:09 +00:00
dependabot[bot] f3a746c324
Bump chrono from 0.4.30 to 0.4.31 in /ql
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.30 to 0.4.31.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.30...v0.4.31)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-18 03:10:03 +00:00
dependabot[bot] 66a4f1bf74
Bump chrono from 0.4.29 to 0.4.30 in /ql
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.29 to 0.4.30.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.29...v0.4.30)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-08 04:04:05 +00:00
dependabot[bot] 7f73c59304
Bump chrono from 0.4.28 to 0.4.29 in /ql
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.28 to 0.4.29.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.28...v0.4.29)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-06 03:58:08 +00:00
dependabot[bot] 4919cc4c4e
Bump regex from 1.9.3 to 1.9.5 in /ql
Bumps [regex](https://github.com/rust-lang/regex) from 1.9.3 to 1.9.5.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.9.3...1.9.5)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-04 03:47:05 +00:00
dependabot[bot] 4770eb0328
Bump chrono from 0.4.27 to 0.4.28 in /ql
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.27 to 0.4.28.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.27...v0.4.28)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-31 03:44:01 +00:00
dependabot[bot] e3ff7644f7
Bump chrono from 0.4.26 to 0.4.27 in /ql
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.26 to 0.4.27.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.26...v0.4.27)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-30 03:14:05 +00:00
Harry Maclean ed40d72e4f Shared: Bump extractor version 2023-08-23 14:11:22 +01:00
Harry Maclean 24ac6c0596 QL: Update for shared extractor changes 2023-08-23 14:11:21 +01:00