github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
68 714 коммитов 1 541 ветка 130 Теги 480 MiB
Граф коммитов

306 Коммитов

Автор SHA1 Сообщение Дата
Mathias Vorreiter Pedersen 00d772f980 C++: Fix value numbering imports. 2024-06-24 11:53:24 +01:00
Michael Nebel 8630583856 C#/Java: Exclude the model printing implementation form sync files. 2024-06-24 11:50:57 +02:00
Tom Hvitved 94d2e9591d Tree-sitter: Emit `empty_location` relation to avoid scan 2024-05-27 10:39:21 +02:00
Cornelius Riemenschneider 8c46b61e85 Ruby: Change how we pull in `shared/tree-sitter-extractor` dependency 
Previously, we pulled in the shared tree-sitter extractor via a `git`
dependency in `Cargo.toml` to address a `rules_rust` limitation (no `path`
dependencies outside of the cargo workspace)). This was a problem,
as that means we're cloning `github/codeql` _again_ for the build, which is
quite slow.

I found another way that is faster, and still produces correct builds
for both `cargo`` and `rules_rust`:
* Cargo depends on a fake crate that has the same dependencies as the real crate (thanks to `sync-files.py`). Therefore, cargo pulls in the right dependencies into the lockfile, which bazel targets
* For local builds, we override the path to that dependency in a cargo config, so we're pulling in the correct code
* rules_rust only uses `path` dependencies for collecting transitive dependencies, it never pulls in the code from there. So far that, we manually provide a `BUILD.bazel` file for the shared extractor, and depend on that.
 2024-05-24 15:37:35 +02:00
Rasmus Wriedt Larsen e0e405bb31
Python: replace dataflow-test location in files 2024-04-23 09:40:59 +02:00
Tom Hvitved a6c147134a Java: Switch to shared `XML.qll` implementation 2024-03-19 13:15:45 +01:00
Tom Hvitved 754b491d09 C++: Switch to shared `XML.qll` implementation 2024-03-19 13:14:42 +01:00
Tom Hvitved 529e901fb1 C#: Switch to shared `XML.qll` implementation 2024-03-19 13:14:42 +01:00
Tom Hvitved 16cef92106 JS: Add `DataFlow::Node.getLocation` 2024-03-13 13:06:16 +01:00
Michael Nebel f2e467d8ea C#: Cleanup identical-files. 2024-03-07 19:22:47 +01:00
Tom Hvitved 62b16c0fa3 Share `getFileBySourceArchiveName` implementation 2024-02-23 11:25:49 +01:00
erik-krogh 0511786a22
delete typo files from list of synchronized files 2024-01-22 09:15:27 +01:00
Tom Hvitved 84aa9f17a0 Python/Ruby: Use `SummaryTypeTracker` from `typetracking` pack 2023-12-14 13:25:18 +01:00
Tom Hvitved 2d3f96f201 Swift: Use `FlowSummaryImpl` from `dataflow` pack 2023-12-10 11:25:44 +01:00
Tom Hvitved 35c654aa76 Go: Use `FlowSummaryImpl` from `dataflow` pack 2023-12-10 11:25:44 +01:00
Tom Hvitved faaa558ed9 Python: Use `FlowSummaryImpl` from `dataflow` pack 2023-12-10 11:25:44 +01:00
Tom Hvitved a2093c9aa2 C#: Use `FlowSummaryImpl` from `dataflow` pack 2023-12-10 11:25:43 +01:00
Tom Hvitved 28373e0fdf JS: Adapt to changes in shared code 2023-12-10 11:25:43 +01:00
Tom Hvitved 0e81577269 Ruby: Use `FlowSummaryImpl` from `dataflow` pack 2023-12-10 11:25:43 +01:00
Tom Hvitved 6ce8e0510f Ruby: Adopt shared type tracking library 2023-11-20 16:03:24 +01:00
Asger F 6df919a917 JS/Ruby: remove sync between two queries 2023-10-11 10:06:11 +02:00
Alex Ford 4031623fda Ruby: delete identical-files refs to deleted files 2023-09-21 14:22:34 +01:00
Tom Hvitved 253f932d2a Python: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
Tom Hvitved 9af706c2a5 Swift: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
Tom Hvitved db304d118b C++: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
Tom Hvitved fefe64bf0c Java: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
Tom Hvitved 5c8367a695 C#: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
Tom Hvitved c4b626a416 Ruby: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
yoff 6e05246daa
Merge pull request #13935 from yoff/python/mad-on-externals 
Python: MaD on externals
 2023-08-28 14:04:54 +02:00
Rasmus Lerchedahl Petersen ad49eada48 Python: Do not alter `codeql-workspaces.yml` 
And remove the qlpack referred to therein.
Instead we rename and duplicate the extesion file
that this qlpack pointed to.
These two extension files are kept in sync by `identical-files.json`.
 2023-08-25 11:46:41 +02:00
Jeroen Ketema 2d0f73d7c2
Merge pull request #13881 from jketema/shared-taint-tracking 
Introduce shared taint tracking library
 2023-08-21 12:45:49 +02:00
Tom Hvitved 7cc01ea8b5
Merge pull request #13595 from hvitved/csharp/use-shared-cfg-pack 
C#: Adopt shared CFG construction library from shared `controlflow` pack
 2023-08-17 10:37:09 +02:00
Jeroen Ketema 33e8310625
Merge branch 'main' into shared-taint-tracking 2023-08-17 00:14:25 +02:00
Owen Mansel-Chan 039925164d
Keep newline at the end of identical-files.json 
VS Code's JSON formatter removed it automatically. It turns out
that the easiest way to keep it is to use the
`files.insertFinalNewline` setting, which the JSON formatter obeys.
 2023-08-10 15:49:55 +01:00
Owen Mansel-Chan 653563fcbc
Make `StringsNewReplacer` use new API 
We don't have to keep a deprecated copy as this is private. This allows
us to delete a copy of the DataFlow library!
 2023-08-10 15:48:57 +01:00
Jeroen Ketema 747cd1745a
Update all languages to use the shared taint-tracking library 2023-08-04 22:53:25 +02:00
Jeroen Ketema bdd64ce86d
Introduce shared taint tracking library 2023-08-04 22:51:55 +02:00
Tom Hvitved b69188fee9 C#: Adopt shared CFG construction library from shared `controlflow` pack 2023-08-03 14:12:24 +02:00
Tom Hvitved 1988397f93 Make shared CFG construction library a parameterized module 2023-08-03 09:39:30 +02:00
Anders Schack-Mulligen 5946d5e806 Dataflow: Remove sync. 2023-08-01 14:02:34 +02:00
Rasmus Lerchedahl Petersen 0267b32904 fix eol 2023-06-14 21:17:12 +02:00
Rasmus Lerchedahl Petersen b5961c7f6b ruby: move to internal folder 2023-06-13 11:49:30 +02:00
Rasmus Lerchedahl Petersen b294f48dbe Merge branch 'main' of https://github.com/github/codeql into python-ruby/track-through-summaries-pm 2023-06-09 14:16:34 +02:00
Geoffrey White 02cae30270 Merge branch 'main' into sharedsensitive 2023-05-31 12:57:33 +01:00
Rasmus Lerchedahl Petersen 2daa9577bb ruby/python: implement shared module 
ruby:
- create new shared file `SummaryTypeTracker.qll`
- move much logic into the module
- instantiate the module
- remove old logic, now provided by module

python:
- clone shared file
- instantiate module
- use (some of the) steps provided by the module
 2023-05-30 13:31:24 +02:00
Arthur Baars e6d29af5a4 sync-dbscheme-fragments: add files argument 2023-05-22 19:37:58 +02:00
Arthur Baars ef3005ea9e Python: sync shared dbscheme fragments 2023-05-22 19:37:58 +02:00
Arthur Baars 9f83dd5c7a Tree-sitter extractor: extract shared dbscheme fragments into 'prefix.dbscheme' 2023-05-22 19:28:51 +02:00
Arthur Baars fef0e1f1c8 JS: sync shared dbscheme fragments 2023-05-16 17:03:41 +02:00
Arthur Baars 7225ef09ba Script for detecting out-of-sync dbscheme fragments 2023-05-16 17:03:41 +02:00