hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 20:56:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,673 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
b1edd9294b C#: Add some more test cases to cs/local-not-disposed. 2025-03-13 11:19:37 +01:00
Tom Hvitved
dd21dab055 Swift: Add get(Immediate)Child predicate 2025-03-13 11:13:04 +01:00
Tom Hvitved
8777bc42c7 Rust: Add get(Immediate)Child predicate 2025-03-13 11:13:01 +01:00
Michael Nebel
209b9c6114 C#: Re-factor to use inline expectation tests instead. 2025-03-13 11:11:23 +01:00
Michael Nebel
40375a0387 C#: Use stubs for the cs/local-not-disposed tests. 2025-03-13 10:47:45 +01:00
Michael Nebel
5eb9a535a4 C#: Remove disposal test for library code as we are no longer doing CIL extraction or data flow. 2025-03-13 10:45:00 +01:00
Michael Nebel
72c7024c8b Merge pull request #18999 from michaelnebel/csharp/ccr-constant-condition 
C#: Add cs/constant-condition to the CCR suite.
 2025-03-13 10:02:00 +01:00
Arthur Baars
fa79dbc89a Merge pull request #18228 from github/aibaars/crate-graph 
Rust: extract crate graph
 2025-03-13 10:00:48 +01:00
Simon Friis Vindum
4de69c70a8 Rust: Add cleartext transmission query 2025-03-13 08:45:36 +01:00
Andrew Eisenberg
e05b172c88 Merge pull request #19002 from github/aeisenberg/actions-security-and-quality 
Update actions query suites
 2025-03-12 13:43:49 -07:00
yoff
10a9b78bc5 Merge pull request #18738 from github/tausbn/python-fix-match-pruning-logic 
Python: Don't prune any `MatchLiteralPattern`s
 2025-03-12 20:01:26 +01:00
Andrew Eisenberg
02051ff7b1 Update the security experimental suite 2025-03-12 11:46:03 -07:00
Andrew Eisenberg
cd63e7cf54 Fix the actions-security-and-quality.qls suite 
It was not using the proper selectors. It is now the same as
other quality suites in other languages.
 2025-03-12 11:43:59 -07:00
Mathias Vorreiter Pedersen
aeb1acba97 C++: Use the new API in queries. 2025-03-12 17:09:05 +00:00
Mathias Vorreiter Pedersen
66e8b2d7e5 C++: Add an 'asDefinition' overload to check if a definition is certain or not. 2025-03-12 17:07:07 +00:00
Geoffrey White
0df652b297 Rust: Autoformat. 2025-03-12 16:38:00 +00:00
Geoffrey White
64b57679bf Rust: ... one more fix. 2025-03-12 16:32:53 +00:00
Geoffrey White
ee6455a7b1 Rust: ... and extend QuerySink to complete the above. 2025-03-12 16:23:41 +00:00
Geoffrey White
56f6a67d5f Rust: Add sinks for rust/regex-injection to stats. 2025-03-12 16:08:33 +00:00
Geoffrey White
f8112945a8 Merge branch 'main' into sourcesinkdoc 2025-03-12 16:04:56 +00:00
Geoffrey White
df4f117a7c Rust: QLDoc formatting. 2025-03-12 15:59:44 +00:00
Napalys Klicius
40903a9643 Merge pull request #18975 from Napalys/js/tanstack_angular 
JS: Update Angular Client Request's with API graph and `Tanstack` Angular modeling
 2025-03-12 15:30:26 +01:00
yoff
a5101bdae6 Merge pull request #18855 from Kwstubbs/ssrf_documentation 
Python: Add more documentation in regards to SSRF
 2025-03-12 15:27:01 +01:00
Michael Nebel
b76527fa84 C#: Add cs/constant-condition to the CCR suite. 2025-03-12 14:55:20 +01:00
Michael Nebel
e79cb443da Merge pull request #18976 from michaelnebel/csharp/constant-condition 
C#: Increase precision of `cs/constant-condition`.
 2025-03-12 14:42:15 +01:00
Napalys
f867e0fae8 Added angular-query so when it is released it would be still modeled. 2025-03-12 14:00:44 +01:00
Napalys Klicius
bf24f7794f Update javascript/ql/lib/change-notes/2025-03-11-tanstack-angular.md 
Co-authored-by: Asger F <asgerf@github.com>
 2025-03-12 13:58:09 +01:00
Napalys Klicius
86bd3b8d26 Merge pull request #18986 from Napalys/js/remove_dedundant_stats 
JS: Removed auto generated stats file
 2025-03-12 12:51:26 +01:00
Napalys
8a8defd48f Removed redundant stats file genarated from check-db-upgrades-javascript 2025-03-12 11:57:27 +01:00
Napalys
09986bc26c Added change note. 2025-03-12 11:54:57 +01:00
Napalys
770920e738 Add new model configuration for @tanstack/angular-query-experimental. 2025-03-12 11:54:55 +01:00
Napalys
184d23df46 Add test cases for @tanstack/angular-query-experimental injectQuery 2025-03-12 11:54:53 +01:00
Asger F
b4016c144b Merge pull request #18973 from asgerf/js/vue-fix 
JS: Fix attributes nodes missing an enclosing callable
 2025-03-12 11:23:25 +01:00
Arthur Baars
b2e0eaf664 Merge pull request #18965 from JarLob/docs 
Minor example workflow fix
 2025-03-12 11:17:42 +01:00
Michael Nebel
42f86a8234 Update csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2025-03-12 11:13:25 +01:00
Chris Smowton
312f201ce0 Merge pull request #18836 from smowton/smowton/admin/maven-download-failure-test 
Java: Add integration test for failure to download a particular Maven version
 2025-03-12 10:11:14 +00:00
Tom Hvitved
902b2ff641 Merge pull request #18983 from hvitved/ruby/synth-global-test 
Ruby: Add `SyntheticGlobal` test
 2025-03-12 10:57:42 +01:00
Chris Smowton
4205d5ecea Change note 2025-03-12 09:21:09 +00:00
Chris Smowton
c43b2b167f Fix test on Windows 2025-03-12 09:21:08 +00:00
Chris Smowton
0c99ae2800 Add Win32 Maven command 2025-03-12 09:21:07 +00:00
Chris Smowton
cd0aebefa4 Add integration test for failure to download a particular Maven version 2025-03-12 09:21:06 +00:00
Óscar San José
ca6f3ffa43 Merge pull request #18742 from github/oscarsj/add-actions-analysis 
Add actions to codeql analysis workflow
 2025-03-12 10:11:58 +01:00
Napalys Klicius
eddd724ea0 Merge pull request #18981 from Napalys/js/db_stats_fix 
JS: Update database.stats
 2025-03-12 09:24:09 +01:00
Tom Hvitved
a574c9f276 Ruby: Add SyntheticGlobal test 2025-03-12 09:22:41 +01:00
Michael Nebel
9e8339db6d Merge pull request #18961 from michaelnebel/csharp/ccr-local-not-disposed 
C#: Add `cs/local-not-disposed` to the CCR suite.
 2025-03-12 09:18:40 +01:00
Michael Nebel
4a3e463918 Merge pull request #18950 from michaelnebel/csharp/localnotdisposed 
C#: Exclude Task from cs/local-not-disposed.
 2025-03-12 09:17:22 +01:00
Napalys
979a5b4587 Updated stats file with intersection, subtraction and quoted_string. 2025-03-12 09:02:53 +01:00
Simon Friis Vindum
b3601b1ac2 Merge pull request #18946 from paldepind/rust-regex-injection 
Rust: Add regular expression injection query
 2025-03-12 08:15:54 +01:00
M Starch
f01737a4c0 Fixing BasicIntTypes to allow C Standard Integers and 'bool' 
The purpose of this check is to ensure that all integral types used by the code point to some fixed size type (e.g. an unsigned 8-bit integer). However; the previous implementation only allowed JPL style typedefs (i.e. U8) and ignored C standard integer types (i.e. uint8_t). This causes the query to false-positive when a typedef resolves to a C standard int type.

'bool' has also be allowed as part of the exclusions list as it represents distinct values 'true' and 'false' in C++ code.
 2025-03-11 14:56:57 -07:00
Jami
269f9fa7c9 Merge pull request #18978 from jcogs33/jcogs33/java/rename-springframework-stubs-dir 
Java: rename springframework stubs directory from 5.3.8 to 5.8.x
 2025-03-11 16:39:30 -04:00