github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
46 853 коммитов 1 532 Ветки 130 Теги 474 MiB
Граф коммитов

46853 Коммитов

Автор SHA1 Сообщение Дата
erik-krogh f71359c81d
QL: detect toplevel block-comments that should be QLDoc 2022-11-16 12:51:53 +01:00
erik-krogh de082260d8
QL: fixup `getQLDoc()` 2022-11-16 12:51:51 +01:00
Erik Krogh Kristensen 7d4ea47611
Merge pull request #10855 from erik-krogh/formatTaint 
Ruby: taint-steps for printf calls - and add a `AdditionalTaintStep` class
 2022-11-16 12:08:45 +01:00
Joe Farebrother 3ebb7cfa1b
Merge pull request #11269 from joefarebrother/stub-gen-invalid-ids 
Java: Stub generator: Exclude invalid identifiers from generated stubs
 2022-11-16 10:26:22 +00:00
AlexDenisov 0c14759e86
Merge pull request #11285 from github/redsun82/swift-fix-generated-artifact 
Swift: fix path of generated C++ files artifact
 2022-11-16 10:47:01 +01:00
Paolo Tranquilli 6d1421a6f9 Swift: fix workflow mention in `CODEOWNERS` 2022-11-16 10:04:19 +01:00
Paolo Tranquilli d4f3e38062 Swift: fix path of generated C++ files artifact 2022-11-16 09:49:57 +01:00
Erik Krogh Kristensen c70f3d35d0
Merge pull request #11256 from erik-krogh/ts49 
JS: Add support for TypeScript 4.9
 2022-11-16 01:05:40 +01:00
erik-krogh 8cb68b79c1
bump extractor version 2022-11-15 22:09:09 +01:00
erik-krogh b0b5761a8c
update TS from 4.9.2-rc to 4.9.3 2022-11-15 22:08:54 +01:00
erik-krogh 364336e22a
add downgrade script 2022-11-15 22:07:25 +01:00
erik-krogh 1f90f7dd4d
add upgrade script 2022-11-15 22:07:25 +01:00
erik-krogh d4c6f873af
add test for auto-accessors 2022-11-15 22:07:25 +01:00
erik-krogh 65567fa1ce
add test for the more precise type-narrowing with the in operator 2022-11-15 22:07:25 +01:00
erik-krogh e98d1df5f4
add dataflow support 2022-11-15 22:07:25 +01:00
erik-krogh a8973c1147
add test for dataflow 2022-11-15 22:07:24 +01:00
erik-krogh 75ef5b1b0b
add support for `satisfies`-expressions 2022-11-15 22:07:24 +01:00
erik-krogh 30c66303ba
initial skeleton for TypeScript 4.9 2022-11-15 22:07:24 +01:00
Tiferet Gazit 710b215c38
Merge pull request #11263 from github/tiferet/extract-training-data 
ATM: Extract training data
 2022-11-15 12:08:13 -08:00
tiferet fc078a47fd Apply suggestion from code review 2022-11-15 11:14:01 -08:00
Tiferet Gazit 092e019de9
Apply suggestions from code review 
Co-authored-by: Stephan Brandauer <kaeluka@github.com>
 2022-11-15 10:48:32 -08:00
Andrew Eisenberg 2ffb4b6480
Merge pull request #11279 from github/aeisenberg/atm-readme 
Add more information about ATM queries for external users
 2022-11-15 10:46:03 -08:00
Andrew Eisenberg 88750a7000
Add more information about ATM queries for external users 2022-11-15 10:17:56 -08:00
AlexDenisov f069802abb
Merge pull request #11277 from github/redsun82/swift-remove-ipa-from-dbscheme-cpp 
Swift: remove IPA classes from `cppgen`
 2022-11-15 18:34:59 +01:00
AlexDenisov eb2f1ff559
Merge pull request #11274 from github/redsun82/swift-remove-double-newlines-in-schema 
Swift: remove double newlines in schema
 2022-11-15 18:34:32 +01:00
Erik Krogh Kristensen 6f4fd3ef72
Merge pull request #11175 from erik-krogh/erb 
JS: extract .erb files as html
 2022-11-15 18:21:48 +01:00
Jeroen Ketema d79c722d95
Merge pull request #11278 from jketema/dataflow-test-typo 
C++: Fix typo in dataflow test comment
 2022-11-15 17:33:06 +01:00
Jeroen Ketema 98176007d8
C++: Fix type in dataflow test comment 2022-11-15 17:18:08 +01:00
erik-krogh cec5045b52
Merge branch 'main' into erb 2022-11-15 17:16:05 +01:00
Erik Krogh Kristensen 68e513c6a4
Merge pull request #11246 from erik-krogh/java-redosMod 
Java: use the shared regex pack
 2022-11-15 17:12:52 +01:00
Paolo Tranquilli 56b207e41f Swift: remove IPA classes from `cppgen` 2022-11-15 17:07:52 +01:00
Tony Torralba 89a8ccb828
Merge pull request #11273 from atorralba/atorralba/swift/string-utf8-step 
Swift: Add `AdditionalTaintStep`
 2022-11-15 16:46:26 +01:00
Tony Torralba 0570610765
Merge pull request #11138 from atorralba/atorralba/swift/xxe-query-aexml-sinks 
Swift: Add AEXML sinks to XXE query
 2022-11-15 16:42:17 +01:00
Erik Krogh Kristensen f7b5a4d170
Merge pull request #11203 from erik-krogh/shouldBePath 
C#: update cs/assembly-path-injection cs/hardcoded-key to path-problems
 2022-11-15 16:24:05 +01:00
Tony Torralba 8ca004fde1 Add AdditionalTaintStep 2022-11-15 16:14:22 +01:00
Paolo Tranquilli 635391eae8 Swift: autopep8 integration tests 2022-11-15 15:43:05 +01:00
Paolo Tranquilli c2171c01e1 Swift: remove double newlines in schema 
While PEP8 mandates those, they look bad in the schema file.

`autopep8` already ignores those, and they were single newlines at some
point until an overeager IDE has "fixed" them at some point without me
realizing.

Also, the pre-commit configuration was updated to take `schema.py` into
account.
 2022-11-15 15:00:30 +01:00
Asger F dc440aaee6
Merge pull request #11255 from asgerf/js/dynamic-import-type-expr 
JS: Handle DynamicImport in the context of a type
 2022-11-15 13:31:08 +01:00
Stephan Brandauer 4b9b35d1c2
Merge pull request #11267 from github/atm/fix-non-sink-characteristics-hierarchy 
ATM: remove superfluous class in EndpointCharacteristics hierarchy
 2022-11-15 12:59:42 +01:00
Joe Farebrother 8d9b106be1 Exclude invalid identifiers from generated stubs 2022-11-15 11:19:40 +00:00
erik-krogh dff7b475fb
make the top-level comment in SuperlinearBackTracking.qll a QLDoc 2022-11-15 11:46:44 +01:00
Nick Rolfe 8d854e0a6b
Merge pull request #11252 from github/nickrolfe/active_support_enumerable 
Ruby: add flow summary for Enumerable#index_by
 2022-11-15 10:40:42 +00:00
Stephan Brandauer ec3578364e remove superfluous class in EndpointCharacteristics hierarchy 2022-11-15 10:17:38 +01:00
tiferet 9ecff0723c Fix non-ascii character in docs 2022-11-14 16:34:24 -08:00
tiferet 6b7612fed7 Fix import errors in `DebugResultInclusion.ql` 2022-11-14 15:33:46 -08:00
tiferet b47723d607 Delete `ExtractEndpointData`. 
Also remove the associated test files.
 2022-11-14 14:57:59 -08:00
tiferet 9d7e7735d5 Extract training data: 
Implement the new query that selects data for training. For now we include clauses that implement logic that is identical to the old queries.

Include a temporary wrapper query that converts the resulting data into the format expected by the endpoint pipeline.

Move the small pieces of `ExtractEndpointData` that are still needed into `ExtractEndpointDataTraining.qll`.
 2022-11-14 14:33:08 -08:00
erik-krogh b59a9bc95c
use instead of a fixed version number 2022-11-14 21:29:41 +01:00
erik-krogh a4acea9adf
add change-note 2022-11-14 21:29:41 +01:00
erik-krogh c029048306
port the Java regex/redos queries to use the shared pack 2022-11-14 21:29:41 +01:00