github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
64 088 коммитов 1 542 Ветки 132 Теги 495 MiB
Граф коммитов

9464 Коммитов

Автор SHA1 Сообщение Дата
Tom Hvitved 2683e40038
Merge pull request #15708 from hvitved/share-ide-contextual 
Share `getFileBySourceArchiveName` implementation
 2024-02-23 19:56:33 +01:00
Erik Krogh Kristensen a0f91fbc15
Merge pull request #15706 from erik-krogh/pol-reg 
ReDoS: Restrict some edges related to upper/lower-case when constructing possible attack strings for polynomial-redos.
 2024-02-23 12:06:17 +01:00
Tom Hvitved 62b16c0fa3 Share `getFileBySourceArchiveName` implementation 2024-02-23 11:25:49 +01:00
erik-krogh bf22f4a870
update expected output 2024-02-22 13:21:11 +01:00
Paolo Tranquilli c15d3ab08a Merge branch 'main' into redsun82/bzlmod 2024-02-22 06:05:37 +01:00
Asger F db10c229de
Merge pull request #15663 from asgerf/js/endpoint-naming2 
JS: Improvements to endpoint naming
 2024-02-21 19:36:57 +01:00
Paolo Tranquilli 61bfe7e520 Bazel: rename internal module to `semmle_code` 2024-02-21 16:51:39 +01:00
Paolo Tranquilli c5ed96b4f8 Merge branch 'main' into redsun82/bzlmod 2024-02-21 06:22:10 +01:00
github-actions[bot] 37f8fa3413 Post-release preparation for codeql-cli-2.16.3 2024-02-20 16:50:47 +00:00
github-actions[bot] 6d061fbc35 Release preparation for version 2.16.3 2024-02-20 14:26:23 +00:00
Asger F 29ffeb6da5 JS: Fix qldoc 2024-02-20 14:00:32 +01:00
Asger F c324b2aed8 JS: Refactor 2024-02-19 13:59:49 +01:00
Asger F eb7d0244c2 JS: Global names don't have to be defined in externs 2024-02-19 13:59:49 +01:00
Asger F 493b37774f JS: More precise isFunctionSource 2024-02-19 13:59:49 +01:00
Asger F 6d597bea0d JS: Refactor 2024-02-19 13:59:49 +01:00
Asger F 8a5b907912 JS: Handle wrapper functions more gracefully 2024-02-19 13:59:48 +01:00
Asger F d96f29d6c2 JS: Disallow return steps in getASinkNode 2024-02-19 13:59:48 +01:00
Asger F 51bed86778 Update EndpointNaming.expected 2024-02-19 13:59:46 +01:00
Asger F 29258ad8c2 WIP new aliasing rule 2024-02-19 13:59:15 +01:00
Asger F 4ef1ac9250 JS: Accept bad test output 2024-02-19 13:59:12 +01:00
Asger F 15bc3c282f JS: Add test with wrapper function 2024-02-19 13:58:40 +01:00
Paolo Tranquilli 32d6c5ac3d Javascript: fix project layout for bazel tests 
On Windows, the project layout needs to match `codeql~override`, while
on POSIX we must keep on matching `ql`. We work around this by using
`*ql*` in the project layout, which matches both.
 2024-02-16 17:10:20 +01:00
Paolo Tranquilli 1626344560 Merge branch 'main' into redsun82/bzlmod 2024-02-16 17:10:02 +01:00
Cornelius Riemenschneider 798a1e250e Move the JS java tests to be a proper `java_test` target. 
Previously, we had a `sh_test` wrapping the `java_test` to do some setup.
This was extremely brittle on Windows, and relied on getting a deploy
jar from `java_test`. This breaks when updating to Bazel 7, where the
ability to get a deploy jar from `java_test` was removed.
Therefore, we now do all the test setup in `AllTests.java` instead.
This is much cleaner, and shouldn't break as easily.
 2024-02-15 17:02:28 +01:00
Asger F d94d4591da JS: Name instance methods using API nodes instead of special-casing 2024-02-14 15:08:19 +01:00
Asger F c4a0f36a08 JS: Fix handling of unknown properties 
These would shorten the expected distance to a node, but would never be usable as an edge, meaning we failed to pick a preferred predecessor.
 2024-02-14 15:08:19 +01:00
Asger F 3ff950660b JS: Add test with unknown property name 2024-02-14 15:08:19 +01:00
Asger F 9838da5395 JS: Simplify isExported 2024-02-14 15:08:19 +01:00
Asger F a3dc19fd31 JS: Check privacy earlier 2024-02-14 15:08:19 +01:00
Asger F 5c454944a9 JS: Add test for private fields 2024-02-14 15:08:19 +01:00
Asger F 2a91bb8c54 JS: Add test showing ambiguous predecessor 2024-02-14 15:08:19 +01:00
Asger F 75a95ffcd1
Merge pull request #15602 from asgerf/js/block-logical-and-flow 
JS: Fix flow through &&
 2024-02-14 12:29:40 +01:00
Asger F 2172c4863f
Merge pull request #15380 from asgerf/js/endpoint-naming 
JS: Add library for naming endpoints
 2024-02-14 10:48:13 +01:00
Asger F 18db769d6d JS: Update expected output 2024-02-14 10:45:51 +01:00
Asger F bafe5e3d8e JS: Add test case (with old expected data) 2024-02-14 10:45:51 +01:00
Asger F 9a08c27ad4 JS: Change note 2024-02-13 22:43:41 +01:00
Asger F f5c437694c Update UselessConditional.expected 2024-02-13 18:31:24 +01:00
Asger F f27fda801e Update tests.expected 2024-02-13 18:30:23 +01:00
Asger F 7122a7502a JS: Fix flow through && 
This is a long-standing bug we've been unable to fix due to noise from type inference.
 2024-02-13 14:43:03 +01:00
Asger F 6598a669a1 JS: Use set literal 2024-02-13 09:30:35 +01:00
Asger F 543e183d99 JS: Describe 1-step aliasing rule 2024-02-13 09:29:15 +01:00
Asger F baa3c35d6f JS: Refactor aliasing relation 2024-02-13 09:24:00 +01:00
Paolo Tranquilli a944443d39 Merge branch 'main' into redsun82/bzlmod 2024-02-12 16:03:50 +01:00
Paolo Tranquilli 53539226a8 Bazel: use internal codeql module 2024-02-12 14:27:55 +01:00
Asger F 8d3a19aaad JS: Fix termination criteria 
Previously it was theoretically possible to create a cycle of preferred predecessors, since badness had higher precedence than depth. We now require the preferred predecessor to have lower depth.

With this criteria we can remove the arbitray cap on badness.
 2024-02-12 11:44:52 +01:00
Asger F 0fbe530d9e JS: Fix some broken comments 2024-02-12 11:39:40 +01:00
Asger F 6d01ba67f7 JS: Check isPrivateLike in isExported instead 2024-02-12 11:39:29 +01:00
Erik Krogh Kristensen 1520305ae1
Merge pull request #15523 from erik-krogh/exclude-tagged 
JS: exclude tagged template literals from `js/superfluous-trailing-arguments`
 2024-02-12 11:31:18 +01:00
Dave Bartolomeo 92bd550c55
Merge pull request #15531 from github/post-release-prep/codeql-cli-2.16.2 
Post-release preparation for codeql-cli-2.16.2
 2024-02-08 05:58:17 -08:00
github-actions[bot] b5139078d0 Post-release preparation for codeql-cli-2.16.2 2024-02-06 19:22:35 +00:00