codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
This PR copy/pastes almost all the tests we had for `SimpleRangeAnalysis` into a testfile that's exercised by the new range-analysis library, and then moves the file over to use InlineExpectationsTest....
This PR does two things: - It adds a couple of new interface classes, `HeuristicAllocationExpr` and `HeuristicAllocationFunction`, that complement the already existing `AllocationExpr` and `HeuristicAllocation` classes with functions that we...
This is an experimental branch, where we dynamically create type based summaries for all library code not already covered by a summary.
LGTM.com is being deprecated (see https://github.com/orgs/community/discussions/29534) so we are updating the docs. This PR addresses the simplest updates including: - [CodeQL CLI docs](https://codeql.github.com/docs/codeql-cli/) - [CodeQL for VS Code docs](https://codeql.github.com/docs/codeql-for-visual-studio-code/) -...
**Specify custom Maven repo URL** Hi ! Is there a way to specify a custom Maven repo URL when building a Java database with Maven? Cheers
Follow on to #10539. Fix the def-nodes for subscripts. I also experimented with recovering the index of a subscript (see [the commit](https://github.com/github/codeql/pull/10608/commits/2435ccf06e6f3640d5c091d06b7ad4a1c29e85a2)). I did it for the case where the...
- C++: Initial commit of `cpp/comma-before-missing-indentation` - C++: Initial `cpp/comma-before-misleading-indentation`
Fixes a cartesian product in the `canThrow` predicate, where `callable` wasn't bound in one side of the disjunct.
