github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
69 072 коммитов 1 534 Ветки 130 Теги 471 MiB
Граф коммитов

926 Коммитов

Автор SHA1 Сообщение Дата
Calum Grant 196dbd3a33 Exploratory query to test the API 2023-02-23 19:01:52 +00:00
Calum Grant 77871e287d Use RAExpr 2023-02-23 18:35:24 +00:00
Calum Grant e368b8f72a Add classes and predicates to StructuredLogs 2023-02-23 17:48:21 +00:00
Mathias Vorreiter Pedersen 229e291e1b QL: Fix naming. 2023-02-23 17:34:07 +00:00
Mathias Vorreiter Pedersen dcc9b66aae Merge branch 'main' into visit-recursive-evaluation 2023-02-23 17:16:47 +00:00
Mathias Vorreiter Pedersen 9c8b8dff88 QL: Output more rows in the join order query. 2023-02-23 17:07:27 +00:00
Mathias Vorreiter Pedersen 48bf15f79c
Merge pull request #12291 from github/calumgrant/slow-predicates 
Slow predicates query
 2023-02-23 16:41:39 +00:00
Mathias Vorreiter Pedersen 858b3de547 Merge branch 'main' into join-order-metric-query 2023-02-23 15:54:38 +00:00
Mathias Vorreiter Pedersen 23b9abcbbf QL: Add a query for finding the predicates with the highest tuple sums. 2023-02-23 15:53:32 +00:00
Mathias Vorreiter Pedersen 7595c1c306 QL: Add a visitor for traversing recursive evaluations. 2023-02-23 15:53:32 +00:00
Taus d48938d168
Merge branch 'main' into calumgrant/slow-predicates 2023-02-23 16:53:04 +01:00
Taus 38ca4a8d3d QL: Remove unused predicates 2023-02-23 15:25:38 +00:00
Mathias Vorreiter Pedersen d7d9bea5e8 QL: Add a query for computing the join order metric for non-recursive predicates. 2023-02-23 14:27:39 +00:00
Mathias Vorreiter Pedersen d734982e7b
Merge pull request #12286 from github/tausbn/ql-add-a-bunch-of-convenience-predicates 
QL: Add predicates for timestamps and locations
 2023-02-23 12:45:46 +00:00
Calum Grant fccf2d705e Add the expected file 2023-02-23 12:25:29 +00:00
Calum Grant 6cf575df78 Query and tests for sum without domain 2023-02-23 12:19:25 +00:00
Calum Grant 564d7c0d53 Fix bug 2023-02-23 10:22:18 +00:00
Calum Grant eb553266ae Add this. 2023-02-23 09:51:29 +00:00
Calum Grant 58563744d6 A simple query 2023-02-23 09:50:09 +00:00
Taus 6a32a3ae58 QL: Add predicates for timestamps and locations 2023-02-22 22:47:51 +00:00
Mathias Vorreiter Pedersen 24935c97bc
Merge pull request #12285 from github/calumgrant/ql-ra-parser 
RA parser first draft
 2023-02-22 19:07:03 +00:00
Calum Grant 0fdcf0338a Tidy up warnings 2023-02-22 17:02:49 +00:00
Calum Grant f3e5a8f90f Minor tidy 2023-02-22 17:01:07 +00:00
Calum Grant 9980756ee8 RA parser first draft 2023-02-22 16:51:16 +00:00
Mathias Vorreiter Pedersen 498d0c359e QL: Convert various int getters to float (to avoid overflow) and correctly handle '-1' padding. 2023-02-22 14:54:40 +00:00
Mathias Vorreiter Pedersen b738c2684b
Merge pull request #12279 from MathiasVP/kind-predicate-logs 
QL: Start of the AST for `kind: predicates` evaluator logs
 2023-02-22 14:25:11 +00:00
Mathias Vorreiter Pedersen d64d03ec48 QL: Fix Code Scanning warning. 2023-02-22 14:15:47 +00:00
Mathias Vorreiter Pedersen f155f19725 QL: Respond to comments. 2023-02-22 14:15:18 +00:00
Taus 2cdec47585 QL: Make the JSON parser a bit more robust 
Updates the grammar to allow trailing commas in objects and arrays.

Also bumps the file size limit to 10MB.
 2023-02-22 13:45:47 +00:00
Mathias Vorreiter Pedersen 161acf0ebe QL: Add more getters. 2023-02-22 13:43:51 +00:00
Mathias Vorreiter Pedersen 2c31d6863c QL: Start on the AST for kind: predicates evaluator logs. 2023-02-22 13:26:47 +00:00
Taus 5304fe2bcb QL: Clean up structured logs module 
Pushes it into an internal module and removes the abstract class.
 2023-02-22 11:07:48 +00:00
Taus a3a099cf56 QL: Add a few more methods 
Still need to implement something to encapsulate RA, link it up, etc.
 2023-02-21 21:27:17 +00:00
Taus 729563c9a3 QL: Add preliminary support for structured logs 2023-02-21 21:09:34 +00:00
Taus cf734919b9 QL: Fix bad string grammar 
What was there before made it so that you couldn't actually extract the
contents of a string.
 2023-02-21 20:20:58 +00:00
Taus bab53b5736 QL: Fix JSON extraction 
I had forgotten about this extra filtering that takes place in the
extractor.
 2023-02-21 19:50:27 +00:00
Taus b5ebd1a0fd QL: Add JSON (+C/L) extraction 2023-02-21 12:59:30 +00:00
erik-krogh db9a0d1c52
make the deprecation query calculate based on months, and adjust the cutoff to 14 months 2023-02-18 12:39:16 +01:00
erik-krogh 1a308316c6
fix join-order of ql/outdated-deprecation 2023-02-18 12:28:06 +01:00
erik-krogh fcff18aa3c
add query header for OutdatedDeprecations 2023-02-18 12:22:34 +01:00
Taus 9f4f7a76c9 QL: Add query for outdated deprecations 2023-02-17 14:27:15 +00:00
Taus db748fae6b QL: Integrate blame parser into extractor 2023-02-17 13:22:18 +00:00
Taus 59c1cfb43a QL: Add grammar for parsing blame files 2023-02-17 13:21:44 +00:00
Taus 0e0ec89e60 QL: Add tool for extracting blame info 
I had some trouble getting this to work with version 1.54 of the Rust
toolchain, so I had to bump it up to 1.59.
 2023-02-17 13:20:06 +00:00
dependabot[bot] 5e2f9e1568
build(deps): bump serde_json from 1.0.92 to 1.0.93 in /ql 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.92 to 1.0.93.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.92...v1.0.93)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-09 03:09:08 +00:00
dependabot[bot] 33e8414fc4
build(deps): bump serde_json from 1.0.91 to 1.0.92 in /ql 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.91 to 1.0.92.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.91...v1.0.92)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-06 03:29:59 +00:00
dependabot[bot] 373148decd
Bump tracing from 0.1.35 to 0.1.37 in /ql 
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.35 to 0.1.37.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.35...tracing-0.1.37)

---
updated-dependencies:
- dependency-name: tracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-01 03:11:28 +00:00
dependabot[bot] 597c71011e
Bump tracing-subscriber from 0.3.15 to 0.3.16 in /ql 
Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.15 to 0.3.16.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.15...tracing-subscriber-0.3.16)

---
updated-dependencies:
- dependency-name: tracing-subscriber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 13:09:13 +00:00
dependabot[bot] 8410e46067
Bump flate2 from 1.0.24 to 1.0.25 in /ql 
Bumps [flate2](https://github.com/rust-lang/flate2-rs) from 1.0.24 to 1.0.25.
- [Release notes](https://github.com/rust-lang/flate2-rs/releases)
- [Commits](https://github.com/rust-lang/flate2-rs/compare/1.0.24...1.0.25)

---
updated-dependencies:
- dependency-name: flate2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 12:48:10 +00:00
dependabot[bot] 423bab54d3
Bump num_cpus from 1.13.1 to 1.14.0 in /ql 
Bumps [num_cpus](https://github.com/seanmonstar/num_cpus) from 1.13.1 to 1.14.0.
- [Release notes](https://github.com/seanmonstar/num_cpus/releases)
- [Changelog](https://github.com/seanmonstar/num_cpus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/seanmonstar/num_cpus/compare/v1.13.1...v1.14.0)

---
updated-dependencies:
- dependency-name: num_cpus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 12:05:11 +00:00
dependabot[bot] 198b97ca8d
Bump serde from 1.0.140 to 1.0.152 in /ql 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.140 to 1.0.152.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.140...v1.0.152)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 11:48:44 +00:00
dependabot[bot] 807b715320
Bump tree-sitter from 0.20.8 to 0.20.9 in /ql 
Bumps [tree-sitter](https://github.com/tree-sitter/tree-sitter) from 0.20.8 to 0.20.9.
- [Release notes](https://github.com/tree-sitter/tree-sitter/releases)
- [Commits](https://github.com/tree-sitter/tree-sitter/commits)

---
updated-dependencies:
- dependency-name: tree-sitter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 11:27:40 +00:00
dependabot[bot] e3afb1640a
Bump regex from 1.6.0 to 1.7.1 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.6.0 to 1.7.1.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.6.0...1.7.1)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 11:19:30 +00:00
dependabot[bot] f430e83fca
Bump serde_json from 1.0.82 to 1.0.91 in /ql 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.82 to 1.0.91.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.82...v1.0.91)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 10:36:14 +00:00
erik-krogh 54c4c23b46
support the NewEntity module in QL-for-QL 2023-01-30 10:34:06 +01:00
erik-krogh 5a4fe71529
Revert "update clap to 3.0 in QL-for-QL" 
This reverts commit d072ed969e.
 2023-01-17 12:38:30 +01:00
Erik Krogh Kristensen 50b9f5bba0
Merge pull request #11892 from erik-krogh/clap 
QL: update clap to 3.0 in QL-for-QL
 2023-01-17 12:33:18 +01:00
erik-krogh 587adea809
QL: add --working-dir to qltest.cmd to fix qltest 2023-01-16 15:37:14 +01:00
erik-krogh 1d62751e15
test QL-for-QL on mac/win 2023-01-16 15:36:55 +01:00
erik-krogh d072ed969e
update clap to 3.0 in QL-for-QL 2023-01-16 12:34:56 +01:00
erik-krogh 6914e9a17a
Merge branch 'main' into atorralba/ql/omittable-exists 2023-01-11 13:09:38 +01:00
Tony Torralba ecf568629b Add ExprAggregate as a negative edge in getConjunctionParentRec 2023-01-11 09:41:16 +01:00
Tony Torralba ae8c75ac97 Generalize ConjunctionParent 2023-01-10 16:08:42 +01:00
Tony Torralba f6c3f77602 QL: Remove omittable exists variables 2023-01-10 13:37:58 +01:00
yoff c01ce955ba
Merge pull request #11778 from yoff/shared/inline-tests 
Shared: Inline test expectations
 2023-01-09 13:21:18 +01:00
Rasmus Lerchedahl Petersen c3b3c05cf3 Revert "Merge pull request #37 from erik-krogh/shared/inline-tests" 
This reverts commit 65fe9abcfe, reversing
changes made to 08e9d3391f.
 2023-01-05 09:19:43 +01:00
Henry Mercer b96160f0f3
Merge pull request #11783 from github/henrymercer/specify-baseline-languages 
Specify language names in extractor packs
 2023-01-04 10:42:18 +00:00
Erik Krogh Kristensen cedc9c0bff
Merge pull request #11582 from erik-krogh/heuristics 
JS: Add experimental variants of common security queries with more sources
 2023-01-04 10:46:19 +01:00
erik-krogh 9e63390c78
fix that ql/cand-missing-nomagic had a catastrophic join-order 2022-12-23 21:20:30 +01:00
Erik Krogh Kristensen 393a8c2bd8
Merge pull request #11630 from erik-krogh/useInstanceOf 
QL4QL: enable medium precision queries, and make the "suggest instanceof" query louder
 2022-12-23 14:22:23 +01:00
Henry Mercer 6be790929d Specify language names in extractor packs 2022-12-23 13:15:04 +00:00
Tony Torralba 36ca97e4f6 Add exclusions to reduce FP 
Predicate parameters that have a database type are excluded.

Also, uses of the exists variable in an agreggation or another quantifier are excluded.
 2022-12-22 11:15:07 +01:00
erik-krogh b3dd50bc36
inline Location into the shared implementation of InlineExpectationsTest 2022-12-22 11:09:43 +01:00
Rasmus Lerchedahl Petersen f28eb6bf31 ql4ql: use shared inline tests 
- add util shared pack to ql
 - remove from identical-files
 2022-12-22 10:20:07 +01:00
erik-krogh 38bd4d9b12
update expected output to have more copies of "T" 2022-12-21 21:45:59 +01:00
erik-krogh dbdc7275fc
have unique parents, also for mock AST nodes 2022-12-21 21:38:52 +01:00
erik-krogh 5728e3ee8f
Merge branch 'main' into equiv 2022-12-21 21:28:32 +01:00
Tony Torralba 7d0018c897
Update ql/ql/src/queries/style/OmittableExists.ql 2022-12-21 17:16:34 +01:00
Tony Torralba ac0c42c5c6 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-21 16:16:58 +01:00
Tony Torralba 227e099854 Apply code review suggestions 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-12-21 12:40:29 +01:00
Tony Torralba aa1d49cb95 Add OmittableExists QL-for-QL query 2022-12-21 12:26:58 +01:00
erik-krogh ab9855e196
fix `getAnnotation()` for new-type branches with parameters 2022-12-20 15:55:54 +01:00
erik-krogh 57f429ec5d
change this = this to any() 2022-12-20 13:56:25 +01:00
Erik Krogh Kristensen 0cc3232c10
fix typo 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-12-20 13:56:25 +01:00
erik-krogh 0e426090f2
update expected output 2022-12-20 13:56:23 +01:00
erik-krogh 605bfd6e93
move the "I don't care about parent relation on mocks" hack into the predicate, so the tests dont fail 2022-12-20 13:55:49 +01:00
erik-krogh 54072d29f1
add explicit this 2022-12-20 13:55:49 +01:00
erik-krogh 49277f553f
model the last parts of the EquivalenceRelation module 2022-12-20 13:55:49 +01:00
erik-krogh a11e618cfc
mock parameters 2022-12-20 13:55:49 +01:00
erik-krogh 4feb48ce5f
classless predicate, used to model the edgeSig predicate 2022-12-20 13:55:49 +01:00
erik-krogh 4dc52379ad
add a mock TypeExpr, and use it 2022-12-20 13:55:49 +01:00
erik-krogh 5db2f0aba0
mock classes, and add a Mock T class to QlBuiltins 2022-12-20 13:55:49 +01:00
erik-krogh b7e0d1f8b3
don't include mock Ast nodes in PrintAst.ql 2022-12-20 13:55:49 +01:00
erik-krogh 51d5e881de
add an Ast mocking library, and use it to create mocks of the QlBuiltins and EquivalenceRelation modules 2022-12-20 13:55:48 +01:00
erik-krogh 0ca38faa4d
add test of buildins 2022-12-20 13:54:38 +01:00
Erik Krogh Kristensen 073e9bc52f
Merge pull request #11173 from erik-krogh/notDead 
QL: improve the dead-code query
 2022-12-20 13:36:58 +01:00
Erik Krogh Kristensen b1e6a86a4b
Merge pull request #11757 from erik-krogh/treesitter-qldoc 
QL/RB: make top TreeSitter.qll comment into a qldoc
 2022-12-20 13:36:31 +01:00
erik-krogh 2ff23a6fc0
make top TreeSitter.qll comment into a qldoc 2022-12-20 11:39:06 +01:00
Arthur Baars c8255770bc QL: fix visibility of module parameters 2022-12-20 11:22:20 +01:00
Arthur Baars bad5c65144 Add test 2022-12-20 10:37:57 +01:00
erik-krogh 2f84b21c7f
QL: add getQueryName to QueryDoc 2022-12-19 11:29:20 +01:00
erik-krogh 42880f54a6
change ql/to-string-in-logic to a warning query 2022-12-14 14:48:55 +01:00
erik-krogh 1cd1b14e78
remove some more benign results in ql/suggest-instanceof-extension 2022-12-14 14:48:01 +01:00
erik-krogh 35f9f7c71b
remove some benign results from ql/suggest-instanceof-extension 2022-12-14 14:47:58 +01:00
erik-krogh 618f48b60b
lower the precision of ql/class-predicate-doesnt-use-this to low 2022-12-14 14:31:22 +01:00
erik-krogh f34f7cc41a
exclude test folders from ql/path-problem-query 2022-12-14 14:31:22 +01:00
erik-krogh 3feee23933
fix performance in ql/override-parameter-name and lower the precision to low (it has 1407 results) 2022-12-14 14:31:22 +01:00
erik-krogh 39973df869
include medium precision queries in QL-for-QL 2022-12-14 14:31:22 +01:00
erik-krogh f6c8e9af1f
don't require a member to call a range method before suggesting to use instanceof 2022-12-14 14:31:22 +01:00
Erik Krogh Kristensen 1eec067474
Merge pull request #11294 from erik-krogh/fileDoc 
QL: improve the "this block-comment should have been a QLDoc"-query
 2022-11-23 22:23:36 +01:00
Nick Rolfe e16bdc4d07 Ruby/QL: only create dbscheme case-splits for columns on defining tables 2022-11-23 10:00:08 +00:00
erik-krogh 937365141f
QL: add redundant-assignment query 2022-11-21 17:41:02 +01:00
Taus 07969260c8
Merge pull request #11132 from erik-krogh/parentQl 
QL: fix non-attached annotations for newtype branches
 2022-11-18 15:45:02 +01:00
erik-krogh de2ebe3618
QL: fix the same QLDoc being QLDoc for multiple things 2022-11-16 20:35:39 +01:00
erik-krogh 78c9fb3d76
QL: don't flag up comments placed on the same line as non-comments 2022-11-16 13:36:28 +01:00
erik-krogh f2222d32db
QL: add test 2022-11-16 12:51:57 +01:00
erik-krogh f71359c81d
QL: detect toplevel block-comments that should be QLDoc 2022-11-16 12:51:53 +01:00
erik-krogh de082260d8
QL: fixup `getQLDoc()` 2022-11-16 12:51:51 +01:00
Erik Krogh Kristensen 2291f18695
Merge pull request #9827 from erik-krogh/overrideAny 
QL: Query for detecting unused parameter in override methods
 2022-11-11 15:17:48 +01:00
erik-krogh c1727ba005
lower precision to high in ql/override-any 2022-11-08 20:35:07 +01:00
erik-krogh 107cbb29b1
guide users towards using exists(variable) in ql/override-any 2022-11-08 20:34:58 +01:00
erik-krogh c5fece7a87
QL: improve the dead-code query 2022-11-08 20:20:34 +01:00
erik-krogh d7f1491f41
fix non-attached annotations for newtype branches 2022-11-04 17:19:42 +01:00
Henry Mercer dd264c6dfb Consistently mention language in metric names 
This improves consistency between the lines of code queries and the
number of successfully extracted files queries.
 2022-11-03 11:44:10 +00:00
Henry Mercer c60d071239 Lowercase "lines" 2022-11-03 11:40:22 +00:00
Asger F 8502939b65
Merge pull request #11081 from asgerf/ql/dependency-paths 
QL4QL: Add DependencyPath.ql query
 2022-11-03 10:17:45 +01:00
Asger F fbcdb53d72 QL: Add option to follow 'cached' dependencies 2022-11-03 09:43:56 +01:00
Asger F bac573bbed QL4QL: Add DependencyPath.ql query 2022-11-02 15:46:12 +01:00
Dave Bartolomeo 9d5e5e3ee7 `${workspace}` all the things 2022-11-01 13:29:05 -04:00
Dave Bartolomeo 49c4c554c4 Merge from `main` 2022-11-01 13:22:40 -04:00
erik-krogh 86e81f523c
add explicit this 2022-10-31 15:56:01 +01:00
erik-krogh 7d0beeafad
QL: prevent some cross-talk between modules 2022-10-31 15:51:05 +01:00
Chris Smowton ee63e60bb7 qlpacks: libraryPathDependencies -> dependencies 2022-10-28 16:07:36 +01:00
Rasmus Wriedt Larsen fc7eb5b4fc
InlineExpectationsTest: sync 2022-10-27 09:02:28 +02:00
Dave Bartolomeo 23b572e9b7 Use `${workspace}` for intra-workspace dependencies 
Now that the released CLI supports replacement variables in dependency version ranges, we can now mark our published library packs as depending on whatever version of their dependency is in our workspace, without having to manually bump the dependency version every release.

Note that when the packs are published, the dependencies in the published pack file are rewritten to have the correct specific version.
 2022-10-26 16:40:01 -04:00
erik-krogh 2ace10b294
bump the version of the shared pack in the QL-for-QL qlpack.yml file 2022-10-26 22:16:42 +02:00
Rasmus Wriedt Larsen 5e9897d150
InlineExpectationsTest: sync 2022-10-26 18:21:13 +02:00
Josh Soref 7055b139bf spelling: the 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:22:34 -04:00
Josh Soref 2636f7108e spelling: subclasses 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref 08b06aa056 spelling: regular 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref e39706afc1 spelling: regex 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref 866cc1eda1 spelling: recursive 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref b3df4ab207 spelling: preferable 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref d9900fe548 spelling: possibility 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref bc029bd1b8 spelling: plentiful 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref f2ce34cd41 spelling: parameterized 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref 08d479bff4 spelling: override 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref a6e0f0e47a spelling: maintainability 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref 4d22b2aaab spelling: interesting 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref 362d143737 spelling: immediately 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref 5468dbaaf1 spelling: corresponding 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref fefea7ed4e spelling: consistencies 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref 8ced7d64d3 spelling: comment 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref 8689a9405b spelling: characteristic 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
Josh Soref f176877a29 spelling: builtin 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 04:19:27 -04:00
erik-krogh cdf9d65e44
bump typos 2022-10-11 10:44:34 +02:00
erik-krogh 73f88fbdb6
changes based on review 2022-10-07 23:28:44 +02:00
erik-krogh f3f3b9417b
fix some more style-guide violations in the alert-messages 2022-10-07 11:24:29 +02:00
Henry Mercer d80d39504f Tag successfully extracted files queries 
Tag the successfully extracted files queries with
`successfully-extracted-files` to make them easier to identify
programmatically in a language-independent way.
This follows the prior art for lines of code queries, which are tagged
`lines-of-code`.
 2022-10-05 19:19:43 +01:00
erik-krogh 2046ece2de
adjust the consistency query to not be noisy on parameterised modules 2022-09-29 09:09:23 +02:00
erik-krogh 2b316471c5
bump typos to 0.0.2 2022-09-28 13:19:32 +02:00
erik-krogh a10a2c2b01
QL: allow getURL as an acronym 2022-09-28 13:14:48 +02:00
erik-krogh 609ed709e2
use GVN to find detect when the alert-location is used as a link 2022-09-22 14:42:08 +02:00
erik-krogh afdd7b0994
don't compute GVN for string constants of length more than 50, as this results in a infinite loop 😕 2022-09-22 14:41:21 +02:00
erik-krogh 1fbfcc1e91
add TODOs in the ql/alert-message-style-violation query 2022-09-22 07:02:38 +02:00
erik-krogh 76fef28c32
don't repeat the alert-location as a link 2022-09-22 07:02:36 +02:00
erik-krogh 88439fc61c
only report alert-message style-violations on problem/path-problem queries 2022-09-22 07:02:33 +02:00
Erik Krogh Kristensen 1bdb6b45f8
fix typo 
Co-authored-by: Taus <tausbn@github.com>
 2022-09-21 18:14:00 +02:00
erik-krogh 41c1e1a4c6
get the message, and not just the second `select` expression 2022-09-21 17:23:59 +02:00
erik-krogh b61e094a86
recognize `@kind`s with a dash 2022-09-21 17:23:25 +02:00
erik-krogh 362ee71f6a
recognize alert messages defined in the where clause 2022-09-21 14:03:16 +02:00
erik-krogh 84aee871fe
find more cases of alert messages starting with a lower-case letter, or not ending with a full stop 2022-09-21 14:03:14 +02:00
erik-krogh b87befcc36
add check for double-whitespace in alert-messages 2022-09-21 14:03:10 +02:00
Erik Krogh Kristensen 91f9e89e95
Merge pull request #10405 from erik-krogh/styleGuide 
update the style guide on alert-messages
 2022-09-20 12:13:32 +02:00
Erik Krogh Kristensen 9e56128498
apply suggestions from doc review 
Co-authored-by: hubwriter <hubwriter@github.com>
 2022-09-16 11:46:06 +02:00
erik-krogh ac91b30ed0
recognize the names from all VarDefs 2022-09-15 20:48:12 +02:00
erik-krogh 8b3ba38887
changes based on review 2022-09-14 11:49:26 +02:00
erik-krogh 88f1d2ae38
add qldocs to the ql/alert-message-style-violation query 2022-09-13 22:28:50 +02:00
Erik Krogh Kristensen 59c1ac2e8d
Apply suggestions from code review 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2022-09-13 22:17:33 +02:00
erik-krogh 93a67101e7
add a QL-for-QL query highlighting some issues with alert-texts 2022-09-13 15:24:15 +02:00
erik-krogh 9446cad32e
add ql/unmentioned-guard class 2022-09-12 22:39:20 +02:00
erik-krogh 6a2fa2e37d
add -dev to the codeql/typos version 2022-09-09 12:33:43 +02:00
erik-krogh 1ec77136ec
depend on an explicit version of the typo database 2022-09-09 08:37:38 +02:00
erik-krogh 88f295fbb1
make a shared library of the typo database 2022-09-08 15:49:43 +02:00
erik-krogh 196dfd9385
update expected output of the misspelling test 2022-08-29 14:26:59 +02:00
erik-krogh 8d162fac52
add query detecting consistent casing of names 2022-08-29 14:16:41 +02:00
Erik Krogh Kristensen 68bf9f39b9
Merge pull request #10181 from erik-krogh/fixCons 
QL: remove consistency errors related to resolving multiple predicates from parameterized modules
 2022-08-29 09:40:07 +02:00
erik-krogh dda16a0a30
add a `isSignature()` predicate to `ClasslessPredicate` 2022-08-29 09:17:40 +02:00
erik-krogh c225605ed7
QL: remove consistency errors related to resolving multiple predicates from parameterized modules 2022-08-25 21:43:30 +02:00
erik-krogh cc7a9ef97a
rename more acronyms 2022-08-25 20:52:27 +02:00
erik-krogh 460eddd781
add ql/override-any 2022-08-24 09:26:34 +02:00
Chris Smowton f3ef8510d3
Merge pull request #10093 from smowton/smowton/feature/java-singular-locations 
Java: pick an arbitrary representative location when an entity has many candidate locations.
 2022-08-22 09:32:43 +01:00
Chris Smowton 8d20b9cf52 Use hasLocationInfo to match several Location fields at once 2022-08-19 19:03:17 +01:00
Chris Smowton 1ea7caf559 Fix join ordering in inline-expectations test 2022-08-19 18:17:22 +01:00
Tom Hvitved a0a3dfb93d
Merge pull request #10108 from hvitved/remove-redundant-overrides 
Remove redundant overrides
 2022-08-19 16:43:23 +02:00
Erik Krogh Kristensen 812b6bddcf
Merge pull request #10053 from erik-krogh/msgConsis-ql-query 
QL: add ql/consistent-alert-message
 2022-08-19 15:45:35 +02:00
Tom Hvitved 18fb4a87af Revert change to QL test 2022-08-19 14:37:25 +02:00
Tom Hvitved 663096fe3a Remove redundant overrides 2022-08-19 13:57:41 +02:00
Tom Hvitved c86c9ec2c3 QL: Move query logic into library 2022-08-19 10:35:47 +02:00
Tom Hvitved 50a53008cd QL: Refine 'redundant override' query 2022-08-19 10:15:47 +02:00