hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-26 13:46:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,673 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paolo Tranquilli
cc939e64fd Python: fix bazel rule 2025-02-07 14:42:26 +01:00
Edward Minnix III
c96502478e Merge pull request #18664 from egregius313/egregius313/csharp/blazor/url-param-sources 
C#: Blazor: Add route parameters as remote flow sources
 2025-02-07 08:34:29 -05:00
yoff
b3eaac0ab7 ruby: remove superflous logic 2025-02-07 14:03:57 +01:00
Tom Hvitved
11bf4c831d Update rust/ql/src/queries/telemetry/DatabaseQualityDiagnostics.ql 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2025-02-07 13:55:11 +01:00
Simon Friis Vindum
11055760a4 Rust: Handle writes to references and add encoding of reference content 2025-02-07 13:53:17 +01:00
yoff
58fb592822 ruby: add tests 2025-02-07 13:50:27 +01:00
Simon Friis Vindum
11685a820f Rust: Add flow tests involving references 2025-02-07 13:47:58 +01:00
Paolo Tranquilli
a82ba70594 Merge branch 'main' into redsun82/rules_rust-update 2025-02-07 13:40:07 +01:00
Ian Lynagh
c4d682f686 Merge pull request #18638 from igfoo/igfoo/ferstl 
Java: Update test output
 2025-02-07 12:03:03 +00:00
Arthur Baars
a8fbb37569 TreeSitter extractors: log fewer lines 
Printing a line for every extracted file is too verbose and for large projects makes it impossible to view the log in the Actions UI.
 2025-02-07 12:28:17 +01:00
Mathew Payne
be883ad4cc fix(rust): Update naming of the DB source 2025-02-07 11:10:43 +00:00
Mathew Payne
6e5899b4ff Merge branch 'main' into rust-rusqlite 2025-02-07 10:51:02 +00:00
Mathew Payne
5c656412d1 Update rust/ql/lib/codeql/rust/frameworks/tokio-postgres.model.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-02-07 10:33:29 +00:00
GeekMasher
5943cc16e4 feat(rust): Add Database Sources + tokio-postgres support 2025-02-07 10:26:40 +00:00
Simon Friis Vindum
4581e772d6 Merge pull request #18709 from paldepind/rust-model-generation-test 
Rust: Add additional tests for model generation
 2025-02-07 11:14:41 +01:00
Tom Hvitved
d8c9427d3e Merge pull request #18700 from hvitved/rust/shorthand-struct 
Rust: Shorthand record construction in data flow
 2025-02-07 10:59:52 +01:00
Paolo Tranquilli
f6301b8ea8 Rust: remove unneeded and now broken bazel workaround 2025-02-07 10:59:11 +01:00
Paolo Tranquilli
75b5493c9b Bazel: update rules_rust 2025-02-07 10:43:10 +01:00
Simon Friis Vindum
5bef9c98ff Rust: Accept changes 2025-02-07 10:20:15 +01:00
Simon Friis Vindum
c9b5dab097 Rust: Add additional tests for model generation 2025-02-07 09:05:27 +01:00
Tom Hvitved
100de73066 Merge pull request #18689 from hvitved/rust/path-resolution-type-param 
Rust: Extend path resolution to cover type parameters
 2025-02-07 08:55:27 +01:00
Simon Friis Vindum
9bcfd010d4 Merge pull request #18676 from paldepind/rust-model-clone 
Rust: Model `clone`
 2025-02-07 08:37:44 +01:00
yoff
37ddaa36ad Merge pull request #18702 from github/tausbn/python-allow-comments-in-subscripts 
Python: Allow comments in subscripts
 2025-02-06 23:31:29 +01:00
yoff
381cc20cdd Merge pull request #18703 from github/tausbn/python-robustly-handle-loop-constructs 
Python: Handle loop constructs outside of loops
 2025-02-06 23:31:04 +01:00
Remco Vermeulen
3b87fb18a6 Add CCR suite to query list 2025-02-06 14:10:27 -08:00
Nicolas Will
7a96f5682e Merge pull request #3 from nicolaswill/nicolaswill/shared-crypto-library 
Move language-agnostic model to shared library
 2025-02-06 21:57:10 +01:00
Nicolas Will
3dc28c2d17 Move language-agnostic model to shared library 2025-02-06 21:54:18 +01:00
Ed Minnix
29d03db06b Remove unneeded disjunction 2025-02-06 15:10:06 -05:00
Chad Bentz
fd404bcbcd Update actions/ql/lib/change-notes/2025-01-07-trusted-owner-ext.md 
Co-authored-by: Dave Bartolomeo <dbartol@github.com>
 2025-02-06 14:28:07 -05:00
Ian Lynagh
05180376f2 Java: Update test output 2025-02-06 18:32:46 +00:00
Tom Hvitved
707bf16d90 Rust: Shorthand record construction in data flow 2025-02-06 19:19:18 +01:00
Tom Hvitved
9bc3b0e96e Rust: Update a test to use shorthand record syntax 2025-02-06 19:19:17 +01:00
Tom Hvitved
aca70cd1ea Merge pull request #18675 from hvitved/rust/struct-tuple-field 
Rust: Implement data flow through tuple structs
 2025-02-06 19:17:53 +01:00
Kristen Newbury
2e12bb5f5c Merge branch 'nic/crypto-test' into knewbury01/JCA-sample 2025-02-06 12:56:32 -05:00
yoff
d7ffc3fc77 Ruby: remove test code filtering 2025-02-06 18:10:06 +01:00
yoff
74155a0214 ruby: start adding comments 
I apuse here, because the code may be simplified
 2025-02-06 18:09:38 +01:00
Dave Bartolomeo
ca7bcc9714 Add change note 2025-02-06 11:50:59 -05:00
Dave Bartolomeo
cb7aeea516 Use standard query selectors for actions-code-scanning and actions-security-extended 2025-02-06 11:34:43 -05:00
Dave Bartolomeo
74619d49b3 Update precision and severity for unpinned-tag 
This ensures that it will be in `security-extended`, but not the default suite.
 2025-02-06 11:33:17 -05:00
Dave Bartolomeo
81ff4dd81c Update severity for excessive-secrets-exposure 
This ensures that it will remain in the default suite.
 2025-02-06 11:32:32 -05:00
Dave Bartolomeo
d7259c17db Add security tag for missing-actions-permissions 
This ensures that it will remain in the default suite.
 2025-02-06 11:31:36 -05:00
Dave Bartolomeo
909de5280c Update severity and precision of a few injection queries 
These will wind up in `security-extended`, when previously they were not in any of the standard suites.
 2025-02-06 11:30:43 -05:00
Dave Bartolomeo
e2ab65ea3e Update qlref paths 2025-02-06 11:20:19 -05:00
yoff
51a2d8c72f ruby: rename query 2025-02-06 17:07:12 +01:00
yoff
d9d0d3c18b ruby: add code block 2025-02-06 16:59:23 +01:00
yoff
8aa195d838 ruby: remove comment (we can create issues) 2025-02-06 16:59:08 +01:00
Dave Bartolomeo
604dbfd0d0 Actions: Move experimental to experimental directory 
This is consistent with how other languages manage experimental queries. I've left the `experimental` tags in place.
 2025-02-06 10:54:25 -05:00
Simon Friis Vindum
b2ba5f4f38 Rust: Make imports private 2025-02-06 16:07:25 +01:00
yoff
7af8fa75e6 Apply suggestions from code review 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2025-02-06 15:45:28 +01:00
Geoffrey White
78e3c89c68 Rust: Accept changes to integration tests. 2025-02-06 14:33:37 +00:00