github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
47 550 коммитов 1 541 ветка 132 Теги 497 MiB
Граф коммитов

666 Коммитов

Автор SHA1 Сообщение Дата
erik-krogh 459c2a21b4
Merge branch 'main' into ql-untangle-parsers 2022-08-15 14:11:32 +02:00
erik-krogh c652f3e3dd
update grammar after https://github.com/tree-sitter/tree-sitter-ql/pull/17 has been merged 2022-08-15 14:10:10 +02:00
erik-krogh 2feb9db96c
re-enable consistency checks for swift 2022-08-11 12:33:03 +02:00
Erik Krogh Kristensen 9b1842b18e
use an exclusion filter in the ModConsistency predicates (consistency query is now empty) 2022-08-11 12:31:53 +02:00
Erik Krogh Kristensen 160208188e
remove redundant cast 2022-08-11 12:31:53 +02:00
Erik Krogh Kristensen 77277a9e1b
rename YAMLValue to YamlValue 2022-08-11 12:31:53 +02:00
Erik Krogh Kristensen ad09386c5e
add explicit this 2022-08-11 12:31:53 +02:00
Erik Krogh Kristensen 79a8f96139
disable the ModConsistency::noResolve predicate for qltests 2022-08-11 12:31:53 +02:00
Erik Krogh Kristensen fcdba7ce57
speed up resolving fields 2022-08-11 12:31:53 +02:00
Erik Krogh Kristensen c97001ede7
add support for module instantiations in import statements. Rework the import resolution logic to reuse the logic from ModuleExpr 2022-08-11 12:31:53 +02:00
Erik Krogh Kristensen 641c6b0300
re-generate bindings in the other grammars 2022-08-11 12:31:52 +02:00
Erik Krogh Kristensen 82beca6787
change the tree-sitter version constaint to ">= 0.20, < 0.21" throughout the grammars 2022-08-11 12:31:52 +02:00
Erik Krogh Kristensen 98f49e08b6
re-generate bindings in tree-sitter-ql 2022-08-11 12:31:52 +02:00
Erik Krogh Kristensen 774ae0e5da
pin the version of tree-sitter-ql-dbscheme / tree-sitter-ql 2022-08-11 12:31:52 +02:00
Erik Krogh Kristensen 1e3306d341
synchronize the version of tree-sitter-ql-yaml across the Cargo.toml files 2022-08-11 12:31:52 +02:00
Taus 41003231b0
QL: Actually match `qlpack.yml` files 2022-08-11 12:31:52 +02:00
Taus a83bd4292a
QL: Update `tree-sitter` dependency 2022-08-11 12:31:52 +02:00
Taus 66a191e4b5
QL: Update extractor 2022-08-11 12:31:52 +02:00
Taus 395414c3cf
Update generator 2022-08-11 12:31:52 +02:00
Taus 495576c438
Use upstream `tree-sitter-ql` 
This gets rid of all of the `dbscheme` and YAML bits. These will be
added in later commits. (Doing it all in one go made for an unreadable
diff.)

Also modifies `create-extractor-path.sh` to automatically install
`gh codeql` if there is no CodeQL CLI available for autoformatting.
 2022-08-11 12:31:52 +02:00
Erik Krogh Kristensen 803e079dab
fix accidental typo 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-08-10 23:23:32 +02:00
Erik Krogh Kristensen a66229ee9d
update the expected output of the misspelling test 2022-08-10 23:21:41 +02:00
Erik Krogh Kristensen 887f6557ed
fix common misspellings throughout github/codeql 2022-08-10 23:21:41 +02:00
Erik Krogh Kristensen db614bda29
generalize the ql/misspelling query to work on all kinds of comments 2022-08-10 23:21:41 +02:00
Erik Krogh Kristensen d008975ff4
Merge pull request #9825 from erik-krogh/repeatedWord 
QL: add ql/repeated-word query
 2022-08-10 07:25:26 +02:00
Esben Sparre Andreasen 0c6f28014c
Merge pull request #9821 from erik-krogh/jsQlFix 
JS: fix some QL-for-QL warnings in JS
 2022-08-09 22:06:29 +02:00
Erik Krogh Kristensen 559ec7ba56 Merge branch 'main' into repeatedWord 2022-08-09 21:22:47 +02:00
Nick Rolfe 4767d5a1ba Ruby/QL: speed up trap writing by putting BufWriter in front of GzEncoder 2022-07-22 15:37:53 +01:00
Nick Rolfe 5f96c92fac QL: sync Ruby extractor changes 2022-07-21 17:38:33 +01:00
Erik Krogh Kristensen 1037c2b182 all comments are alive 2022-07-14 13:30:12 +02:00
Erik Krogh Kristensen a7a9428dc1 split the sarif file into languages 2022-07-14 13:20:52 +02:00
Erik Krogh Kristensen 85a652f3d1 remove a bunch of repeated words 2022-07-14 12:42:48 +02:00
Erik Krogh Kristensen 2ea2bd8966 refine the repeated-word query 2022-07-14 12:35:09 +02:00
Erik Krogh Kristensen cb3a0fb5de make a Comment superclass 2022-07-14 12:25:01 +02:00
Erik Krogh Kristensen f20c186277 add ql/repeated-word query 2022-07-14 12:20:30 +02:00
Erik Krogh Kristensen ed80089d7c fix some QL-for-QL warnings in JS 2022-07-14 09:45:44 +02:00
Erik Krogh Kristensen 9e2e32f037
Merge pull request #9322 from erik-krogh/fixAutoBuild 
QL/RB: fix the QL-for-QL and ruby autobuilders
 2022-07-13 14:39:59 +02:00
Erik Krogh Kristensen cd5fbe633f update locations in test after merging in the focus-location-pr 2022-07-13 10:12:52 +02:00
Erik Krogh Kristensen a49d34cf0f Merge branch 'main' into missDocParam 2022-07-13 09:58:04 +02:00
Erik Krogh Kristensen dded3af3d8 remove more false positives from the ql/missing-parameter-qldoc query 2022-07-13 09:57:17 +02:00
Erik Krogh Kristensen 047b14e310 get the autobuilders to work after introducing test-cases 2022-07-13 09:50:55 +02:00
Erik Krogh Kristensen eb0340dcb6 get excludes to work properly 2022-07-13 09:50:55 +02:00
Erik Krogh Kristensen 2850b35a04 update, and fix, the autobuilders by using the new --also-match option 2022-07-13 09:48:29 +02:00
Erik Krogh Kristensen 89043ec4ef Merge branch 'main' into param2 2022-07-12 23:21:11 +02:00
Erik Krogh Kristensen 5cbe01d8dc
Merge pull request #8351 from erik-krogh/inconsistentDep 
QL: add query detecting inconsistent deprecations
 2022-07-12 23:12:24 +02:00
Erik Krogh Kristensen 73b657ce25 QL: focus alert locations 2022-06-21 12:26:18 +02:00
Ian Lynagh f22de1ac81
Merge pull request #9583 from igfoo/igfoo/locationdocs 
Fix broken links to information about Locations
 2022-06-20 17:28:24 +01:00
Erik Krogh Kristensen 7d62b9e131 move the pruning for module resolution of TypeExprs 2022-06-20 12:12:57 +02:00
Rasmus Wriedt Larsen ae44a941f9
Merge pull request #9421 from RasmusWL/inline-brackets 
Inline Expectation Tests: Allow `tag[foo bar]`
 2022-06-20 10:01:19 +02:00
Erik Krogh Kristensen 6d3808bd89 remove redundant cast 2022-06-19 23:19:01 +02:00
Erik Krogh Kristensen 15f9e084d5 fix spurious resolved predicate expressions 2022-06-19 22:49:02 +02:00
Erik Krogh Kristensen f8b451a514 get all calls to resolve to a unique predicate (within reason) 2022-06-19 22:38:09 +02:00
Erik Krogh Kristensen f08f02ed66 use the explicit super type to resolve calls 2022-06-19 20:38:16 +02:00
Erik Krogh Kristensen 115110475d fix `getName()` on module instantiations 2022-06-19 20:09:32 +02:00
Erik Krogh Kristensen 26df367a8a fix some instances of spuriously resolving to multiple predicates 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen 1856e2b389 fixup the $schema in all .sarif files 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen 6e2f3e2fcb merge all .sarif files at the end of the QL-for-QL workflow 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen 638a886dfe move create-extractor-pack to a `scripts` folder 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen 0391db6787 simplify some code based on review 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen 7e93416e97 only resolve module types if we know that the TypeExpr could possibly resolve to a module 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen a59f0d36f5 run the implicit-this patch on QL-for-QL 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen 3a4f0299c7 fix typo 2022-06-19 20:09:31 +02:00
Erik Krogh Kristensen a5e789c72b
Merge pull request #9537 from github/dependabot/cargo/ql/crossbeam-utils-0.8.8 
Bump crossbeam-utils from 0.8.5 to 0.8.8 in /ql
 2022-06-18 15:44:34 +02:00
Erik Krogh Kristensen 02b9745eb6
Merge pull request #9538 from github/dependabot/cargo/ql/regex-1.5.5 
Bump regex from 1.5.4 to 1.5.5 in /ql
 2022-06-18 15:44:10 +02:00
Rasmus Wriedt Larsen b65a10d1ef Inline Expectation Tests: sync 2022-06-17 17:38:19 +02:00
Erik Krogh Kristensen 84556fb93b
Merge pull request #9575 from erik-krogh/paramModules 
QL: support for parameterized modules
 2022-06-17 15:07:48 +02:00
Erik Krogh Kristensen 80f66779fb fixup Definitions.qll 2022-06-17 11:27:07 +02:00
Erik Krogh Kristensen 13b743643e everything is a TypeRef, some TypeRefs just resolve to a module 2022-06-17 11:22:04 +02:00
Erik Krogh Kristensen 2b5af15d80 comments about what we resolve, and remove a debug comment 2022-06-17 09:09:58 +02:00
dependabot[bot] e456cdb5dc
Bump thread_local from 1.1.3 to 1.1.4 in /ql 
Bumps [thread_local](https://github.com/Amanieu/thread_local-rs) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/Amanieu/thread_local-rs/releases)
- [Commits](https://github.com/Amanieu/thread_local-rs/compare/v1.1.3...1.1.4)

---
updated-dependencies:
- dependency-name: thread_local
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-17 01:42:18 +00:00
Erik Krogh Kristensen 96eacd0ea6 disable consistency checks in QL tests that does not hold with the current parameterized modules implementation 2022-06-16 23:10:09 +02:00
Erik Krogh Kristensen e557f233d7 mark the `implements` of a module as being alive 2022-06-16 23:03:06 +02:00
Erik Krogh Kristensen cf89faead0 just use TypeExpr to resolve modules 2022-06-16 22:55:11 +02:00
Erik Krogh Kristensen dce817ec4b resolve calls to all instantiations of a signature predicate 2022-06-16 22:55:11 +02:00
Erik Krogh Kristensen 2a7a0f398a add support for signature modules (warning: ugly commit) 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen 98690c8a2e add support for class signatures in parameterized modules 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen e5d3a8fe90 add callgraph test for signature predicates 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen 20c9222e23 use explicit this 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen 744e2db152 fix the parser to allow lower-case module names 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen 55b6f073c2 resolve calls to signature predicates 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen f25c4c5fdf add consistency test that parents are unique (and fix non-unique parents) 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen 14b5f8410f move the consistency predicates where they should be 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen 4be969ca3b a bit of cleanup on SignatureExpr 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen 6e7db2d37c hook up the pretty AST of a parameterized module 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen 1caafb87f7 add type arguments of ModuleInstation to the pretty AST 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen adc1466cab save the name of an instantiated module 2022-06-16 22:55:10 +02:00
Ian Lynagh b80e6421b6 Fix broken links to information about Locations 2022-06-16 16:57:59 +01:00
Erik Krogh Kristensen b16124d522
Merge pull request #9568 from tausbn/ql-add-parser-support-for-parameterised-modules 
QL: Allow module applications to the right of `::`
 2022-06-15 19:14:07 +02:00
Taus 73a807c7e8 QL: Allow module applications to the right of `::` 2022-06-15 16:18:30 +00:00
Erik Krogh Kristensen b24b275b94
Merge pull request #7669 from erik-krogh/fieldUnusedInDisjunct 
QL: field unused in disjunct
 2022-06-15 14:32:37 +02:00
dependabot[bot] d210cd4a87
Bump crossbeam-utils from 0.8.5 to 0.8.8 in /ql 
Bumps [crossbeam-utils](https://github.com/crossbeam-rs/crossbeam) from 0.8.5 to 0.8.8.
- [Release notes](https://github.com/crossbeam-rs/crossbeam/releases)
- [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crossbeam-rs/crossbeam/compare/crossbeam-utils-0.8.5...crossbeam-utils-0.8.8)

---
updated-dependencies:
- dependency-name: crossbeam-utils
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-14 14:07:41 +00:00
dependabot[bot] 5fe3ebd1d2
Bump regex from 1.5.4 to 1.5.5 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.5.4 to 1.5.5.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.5.4...1.5.5)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-14 10:35:37 +00:00
Taus 5d306c9c22 QL: Refactor `SignatureExpr` 2022-06-14 09:59:00 +00:00
Taus ba6a4c6399 QL: Use more precise type for `getImplements` 2022-06-13 16:06:05 +00:00
Taus 5a214afdb8 QL: Use more precise type for `getParameter` 2022-06-13 15:53:47 +00:00
Taus 81e41106e7 QL: Add fields for `signatureExpr` 2022-06-13 15:47:56 +00:00
Taus 8c46846b82 Add fields to `ModuleParam` children 2022-06-13 14:27:03 +00:00
Taus 0b8656e625 Rename `Application` to `Instantiation` 2022-06-13 14:25:55 +00:00
Taus a08be0d9b9 QL: Add parser support for parameterised modules 2022-06-13 13:52:26 +00:00
Rasmus Wriedt Larsen 50196d099b Inline Expectation Tests: sync 2022-06-03 11:39:57 +02:00
Erik Krogh Kristensen 7c5ac63254 Merge branch 'main' into fieldUnusedInDisjunct 2022-06-02 09:06:46 +02:00
Erik Krogh Kristensen 215a6a72cc Merge branch 'main' into useStringComp 2022-05-18 10:55:31 +02:00
Erik Krogh Kristensen 7245591468
Merge pull request #7763 from erik-krogh/unused-field 
QL: add unused-field query
 2022-05-18 09:15:16 +02:00
Mathias Vorreiter Pedersen 5d625d6156
Merge pull request #9188 from MathiasVP/fix-GetAPrimaryQlClassConsistency-for-swift 2022-05-17 20:47:24 +01:00
Erik Krogh Kristensen 6c7c9b6a4b
Merge pull request #9082 from erik-krogh/countZero 
QL: add query warning about `count(...) = 0`.
 2022-05-17 21:46:58 +02:00
Mathias Vorreiter Pedersen a6ac14f4de QL: Allow class + 'Base' in 'ql/primary-ql-class-consistency'. 2022-05-17 16:54:12 +01:00
Erik Krogh Kristensen e32a04fc06 QL: add use-string-compare query 2022-05-17 13:20:49 +02:00
Nick Rolfe 320b6a1942 QL for QL: don't check spelling of deprecated nodes 2022-05-12 16:07:17 +01:00
Nick Rolfe 70666f6351 QL for QL: fix typos in comments 2022-05-12 16:03:39 +01:00
Nick Rolfe 844eef173c QL for QL: add predicate for other typos not in the shared typo db 2022-05-12 14:25:39 +01:00
Nick Rolfe 6058352fb0 QL for QL: add small test for misspelling query 2022-05-12 13:17:32 +01:00
Nick Rolfe 4321b5e1fa QL for QL: generalise non-US spelling query 
1. Catch common misspelling as well.
2. Also check names of classes, predicates, etc.
 2022-05-12 13:17:32 +01:00
Nick Rolfe 2d246a4034 QL for QL: fix checking spelling of 'analyze' in multi-line comments 
`.` does not match a newline in `regexpMatch`, so we were missing some
comments.
 2022-05-11 17:43:39 +01:00
Erik Krogh Kristensen 94a9b3e873 fix all `ql/counting-to-zero` in some languages 2022-05-11 09:54:53 +02:00
Erik Krogh Kristensen 7149b98bb4 add `ql/counting-to-zero` 2022-05-11 09:51:56 +02:00
Erik Krogh Kristensen a5acaeb59c QL: add implicit -all to a query pack to match the CodeQL pack resolution 2022-05-10 23:25:32 +02:00
Erik Krogh Kristensen dfe2140902 slight simplification 2022-04-29 11:22:12 +02:00
Erik Krogh Kristensen b74d1fdb1a
Merge pull request #8783 from erik-krogh/jsAbstractBi 
JS: don't initialize sanitizer-guards in the standard library
 2022-04-29 11:12:16 +02:00
Jeroen Ketema b6cf536f01
QL: Fix formatting 2022-04-28 12:05:47 +02:00
Jeroen Ketema 62831e93fe
QL: Add filter for `NewType` to camel case query 2022-04-28 11:54:42 +02:00
Jeroen Ketema 3db9d56259
QL: Improve message for camel cazse query 2022-04-28 11:41:17 +02:00
Jeroen Ketema 52fc2dac47
QL: Add camel case tests 2022-04-28 11:38:14 +02:00
Erik Krogh Kristensen d389012b75 Merge branch 'main' into redundantImport 2022-04-26 14:24:51 +02:00
Erik Krogh Kristensen ba3aa4f186 QL: delete old copy of the identical files scripts 2022-04-26 10:37:14 +02:00
Erik Krogh Kristensen 17005dde2d QL: fix query-id, and add description 2022-04-25 15:21:35 +02:00
Erik Krogh Kristensen ff73dbc35c delete redundant imports 2022-04-22 12:55:28 +02:00
Erik Krogh Kristensen ae20393e38 QL: add redundant-import query 2022-04-22 12:47:13 +02:00
Erik Krogh Kristensen 58fcdbc406 QL: remove some benign results from ql/abstract-class-import 2022-04-20 18:17:08 +02:00
Asger Feldthaus a5ad4c8263 QL: Update printAst output 
Annotations are not longer their own children/parent.
 2022-04-13 10:29:21 +02:00
Asger Feldthaus c1827cfd30 QL: Add test for getAStringValue 2022-04-13 08:45:25 +02:00
Asger Feldthaus 4c72c31a5a QL: Add InlineExpectationsTest 2022-04-13 08:45:25 +02:00
Asger Feldthaus b0801c9b2f QL: Add some missing qldoc 2022-04-13 08:45:25 +02:00
Asger Feldthaus 8188e2876c QL: Autoformat 2022-04-13 08:45:25 +02:00
Asger Feldthaus 6632b7da1c QL: Add FrameworkCoverage query 2022-04-13 08:45:25 +02:00
Asger Feldthaus 4b74fa628c QL: Add global flow and type-tracking 2022-04-12 15:25:09 +02:00
Asger Feldthaus 0ffb558e48 QL: Support local flow via unification 2022-04-12 15:25:06 +02:00
Asger Feldthaus 49d5b662ff QL: Add Node.getEnclosingPredicate 2022-04-12 15:25:03 +02:00
Asger Feldthaus 2b8454001a QL: Add scoped variable nodes 2022-04-12 15:24:59 +02:00
Asger Feldthaus 2d640e7e95 QL: Add basic data flow nodes 2022-04-12 15:24:55 +02:00
Asger Feldthaus c9b9751894 QL: Add NodeNumbering library 2022-04-12 15:24:52 +02:00
Asger Feldthaus 60a22b71b4 QL: Remove redundant union part 2022-04-12 15:24:48 +02:00
Asger Feldthaus f02912bdf5 QL: Add VarDef.getAnAccess 2022-04-12 15:24:45 +02:00
Asger Feldthaus 85403cd4de QL: Fix up parent-child relation in tree 2022-04-12 15:24:42 +02:00
Erik Krogh Kristensen 06fdaacd82 just look at the field name in the "detect uses of the field in an inbetween class"-check 2022-03-31 15:30:56 +02:00
Erik Krogh Kristensen fa651d2f60 remove the override restriction from `ql/unused-field` 2022-03-31 15:30:19 +02:00
Erik Krogh Kristensen 1218c4f4ed fix ql/name-casing, and drive-by QL-for-QL typo fix 2022-03-30 22:59:14 +02:00
Erik Krogh Kristensen 7ac6f5849c fix Import::getImportString 2022-03-28 11:04:18 +02:00
Erik Krogh Kristensen 77aff04429 add a getImportString utility predicate to Import 2022-03-28 10:14:27 +02:00
Erik Krogh Kristensen d4c8f42336 add QLDoc to the child relation for TopLevel 2022-03-28 09:54:08 +02:00
Erik Krogh Kristensen fe94421d32 rename redundant-inline-cast to redundant-cast 2022-03-17 10:25:40 +01:00