github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
48 322 коммитов 1 532 Ветки 130 Теги 474 MiB
Граф коммитов

48322 Коммитов

Автор SHA1 Сообщение Дата
erik-krogh f34f7cc41a
exclude test folders from ql/path-problem-query 2022-12-14 14:31:22 +01:00
erik-krogh 3feee23933
fix performance in ql/override-parameter-name and lower the precision to low (it has 1407 results) 2022-12-14 14:31:22 +01:00
erik-krogh 39973df869
include medium precision queries in QL-for-QL 2022-12-14 14:31:22 +01:00
erik-krogh f6c8e9af1f
don't require a member to call a range method before suggesting to use instanceof 2022-12-14 14:31:22 +01:00
Erik Krogh Kristensen 7615668f92
Merge pull request #11662 from erik-krogh/c-useInstanceOf 
Swift/C++: Use instanceof in more places
 2022-12-14 14:30:21 +01:00
Jami f61b817751
Merge pull request #11631 from jcogs33/jcogs33/update-externalapi-charpredicate 
Java/C#: add `isUninteresting` to `ExternalApi` characteristic predicate
 2022-12-14 08:25:02 -05:00
Owen Mansel-Chan 0b849a319b
Merge pull request #11587 from owen-mc/go/remove-error-expr-from-dbscheme 
Go: Remove @errorexpr from the dbscheme (use @badexpr)
 2022-12-14 13:15:04 +00:00
Anders Schack-Mulligen 598b4c38b7
Merge pull request #11619 from aschackmull/java/typetrack-lambda 
Java: Switch DispatchFlow to typetracking.
 2022-12-14 14:08:29 +01:00
Tom Hvitved 25b2d11368
Merge pull request #11635 from hvitved/dataflow/approx-content 
Data flow: Introduce `ApproxContent` in a new pruning stage between stages 2 and 3
 2022-12-14 12:56:50 +01:00
Owen Mansel-Chan 3c6f466e78
Include downgrade scripts in extractor pack 2022-12-14 10:46:20 +00:00
Owen Mansel-Chan 14e6f9fee2
Remove @errorexpr from the dbscheme (use @badexpr) 2022-12-14 10:46:19 +00:00
Henry Mercer 6023a1225c
Merge pull request #11673 from github/codeql-ci/atm/release-0.4.4 
JS: Bump version numbers of ML-powered packs after 0.4.4 release
 2022-12-14 10:27:00 +00:00
Tamás Vajk a6d227d52e
Merge pull request #11599 from igfoo/igfoo/diags 
Java/Kotlin: Update the diagnostic severity documentation
 2022-12-14 10:13:30 +01:00
Michael Nebel 54701f539e
Merge pull request #11683 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-12-14 09:41:23 +01:00
Paolo Tranquilli a80e9206c8
Merge pull request #11639 from github/alexdenisov/switch-to-bootstrapped-swift 
Swift: switch to bootstrapped Swift compiler
 2022-12-14 09:04:19 +01:00
github-actions[bot] d905bed92f Add changed framework coverage reports 2022-12-14 00:17:01 +00:00
Erik Krogh Kristensen 8a89849476
Merge pull request #11660 from erik-krogh/dynamic-useInstanceOf 
Py/JS/RB: Use instanceof in more places
 2022-12-13 21:50:13 +01:00
Tamás Vajk 8e500ec0f3
Merge pull request #11675 from tamasvajk/kotlin-error-expr-consistency 
Kotlin: Report CFG dead end consistency issues on `ErrorExpr`
 2022-12-13 20:22:47 +01:00
Edward Minnix III a85de2b5f4
Merge pull request #10865 from egregius313/egregius313/android-activity-alias 
Java: Add library support for activity-alias elements in AndroidManifest.qll
 2022-12-13 11:52:01 -05:00
Jami Cogswell a889cc4f65 Java/C#: remove isTestLibrary 2022-12-13 10:34:04 -05:00
Jami 9b0163ce22
Merge pull request #11624 from jcogs33/jcogs33/exclude-paramless-constructors-from-dataflowtargetapi 
Java/C#: exclude parameterless constructors from `DataFlowTargetApi`
 2022-12-13 10:05:57 -05:00
Tamas Vajk 5cc2868857 Kotlin: Report CFG dead end consistency issues on `ErrorExpr` 2022-12-13 15:51:33 +01:00
Anders Schack-Mulligen a29e529690 Shared: Add missing qldoc. 2022-12-13 15:49:30 +01:00
Asger F bfe9ee3ead
Merge pull request #11672 from asgerf/js/extensions 
JS: Add data extension sinks
 2022-12-13 15:34:11 +01:00
Henry Mercer 423374a7b8
Merge branch 'main' into codeql-ci/atm/release-0.4.4 2022-12-13 14:26:21 +00:00
github-actions[bot] 745823ca60 JS: Bump version of ML-powered library and query packs to 0.4.5 2022-12-13 13:32:52 +00:00
github-actions[bot] ea13925a92 JS: Bump patch version of ML-powered library and query packs 2022-12-13 13:28:09 +00:00
Alex Denisov ee94849528 Swift: switch to bootstrapped Swift compiler 2022-12-13 13:59:13 +01:00
Asger F 6b15839221 JS: Add tests for the examples used in the docs 2022-12-13 11:33:12 +01:00
Asger F ba1364a4cb JS: Add sinks mentioned in doc 
Note that 'sql-injection' was already added
 2022-12-13 11:33:12 +01:00
Michael Nebel b8ef961498
Merge pull request #9415 from JarLob/sockets 
Add TCP and UDP socket client taint sources
 2022-12-13 10:39:33 +01:00
Tom Hvitved 39fea378b8 Python: Update expected test output 2022-12-13 09:53:01 +01:00
Tom Hvitved cfcb3a60ba C++: Update expected test output 2022-12-13 09:53:01 +01:00
Tom Hvitved da6a42980f Swift: Implement `ContentApprox` 2022-12-13 09:53:01 +01:00
Tom Hvitved 24b1da4d02 Python: Implement `ContentApprox` 2022-12-13 09:53:01 +01:00
Tom Hvitved 2a28953e41 Java: Implement `ContentApprox` 2022-12-13 09:53:01 +01:00
Tom Hvitved 4d2436dd82 Go: Implement `ContentApprox` 2022-12-13 09:53:01 +01:00
Tom Hvitved 64eb0cc941 C#: Implement `ContentApprox` 2022-12-13 09:53:01 +01:00
Tom Hvitved bc58cbec8c C++: Implement `ContentApprox` 2022-12-13 09:53:01 +01:00
Tom Hvitved 0c2eee2a72 Data flow: Sync files 2022-12-13 09:52:55 +01:00
Tom Hvitved 410ef4d713 Data flow: Rename stages 2022-12-13 09:52:46 +01:00
Tom Hvitved d11cb2ee0f Data flow: Introduce `ApproxContent` in a new pruning stage between existing stages 2 and 3 2022-12-13 09:52:45 +01:00
AlexDenisov 73196fd732
Merge pull request #11669 from github/redsun82/swift-wrapper 
Swift: wrap extractor with shell script
 2022-12-13 09:46:42 +01:00
Paolo Tranquilli 0dc717fd9c Swift: remove no more needed library path setting in `qltest.sh` 2022-12-13 09:13:43 +01:00
Paolo Tranquilli 03d7adb303 Swift: wrap extractor with shell script 
This is in preparation for the extractor to use shared libraries
packaged alongside it.

We could probably also move the `CODEQL_EXTRACTOR_SWIFT_RUN_UNDER` logic
in it, where it would be simpler and more robust.
 2022-12-13 09:07:37 +01:00
yoff 557a5b469f
Merge pull request #11555 from pwntester/new_python_cmdi_sinks 
Added two new CMDi sinks for python's stdlib
 2022-12-13 09:00:34 +01:00
Jami Cogswell 08b5cf1415 Java/C#: fix formatting issue 2022-12-12 20:24:00 -05:00
erik-krogh 92a7e787a8
C: do the minimal change to ValueNumberBound instead 2022-12-12 22:17:50 +01:00
Jami 84b69deb55
Merge branch 'main' into jcogs33/update-externalapi-charpredicate 2022-12-12 16:01:22 -05:00
Jami Cogswell 22f8d97f31 C#: add test case 2022-12-12 13:28:01 -05:00