codeql

mirror of https://github.com/github/codeql.git synced 2025-12-27 06:06:32 +01:00

Author	SHA1	Message	Date
Mathias Vorreiter Pedersen	1643a66183	C++: Add 'cpp/overflow-buffer' FP tests.	2025-01-28 15:44:53 +00:00
Andrew Eisenberg	4e7d364f4d	Delete .github/pull_request_template.md The template is not useful.	2025-01-28 07:40:56 -08:00
Owen Mansel-Chan	2d76466405	Add change note	2025-01-28 15:35:28 +00:00
Owen Mansel-Chan	0ccf4cecb8	Fix XSS FPs when content type is safe	2025-01-28 15:32:30 +00:00
Arthur Baars	8d96c87abe	Rust: add UseTree::is_star	2025-01-28 16:12:25 +01:00
Simon Friis Vindum	13e0829d19	Shared: Generalize the number of columns in a generated MaD row	2025-01-28 15:36:09 +01:00
Mathias Vorreiter Pedersen	38b66e5a8e	C++: Fix a few type errors.	2025-01-28 14:08:12 +00:00
Calum Grant	cc35ec49e4	C++: Remove linker-awareness FPs	2025-01-28 14:06:38 +00:00
Calum Grant	6df8fdc233	C++: Add test for cpp/wrong-type-format-argument	2025-01-28 14:04:33 +00:00
Mathias Vorreiter Pedersen	d40322f9eb	C++: (Bugfix 3) Don't conflate summarized callables and source callables in 'nodeGetEnclosingCallable'.	2025-01-28 13:59:19 +00:00
Mathias Vorreiter Pedersen	06bc8add9d	C++: (Bugfix 2) Don't remap isParameterOf.	2025-01-28 13:59:17 +00:00
Mathias Vorreiter Pedersen	662e74924b	C++: (Bugfix 1) There should be a callable representing the source code even if there is a summarized version.	2025-01-28 13:59:16 +00:00
Mathias Vorreiter Pedersen	01d7ab93e2	C++: Add consistency check to the MaD folder.	2025-01-28 13:59:14 +00:00
Jonas Jensen	865073a75a	QL spec: result of looking through `float` I searched for `float` everywhere in the QL language reference and considered whether each occurrence should be generalised to cover `BigInt`.	2025-01-28 13:58:17 +01:00
Tom Hvitved	8b82eaa633	Rust: Fix data flow through callbacks passed to library functions	2025-01-28 13:44:27 +01:00
Erik Krogh Kristensen	f0755bfb5d	Merge pull request #18601 from erik-krogh/del-deps-jan-2025 All: delete outdated deprecations	2025-01-28 13:31:41 +01:00
Geoffrey White	f2564c351f	Rust: Changes to other tests - mostly MaD IDs :(.	2025-01-28 09:22:30 +00:00
Geoffrey White	6337f5a08b	Merge pull request #18586 from geoffw0/floatguards C++: Test and (perhaps) fix an issue with guards on floating point comparisons.	2025-01-28 09:05:13 +00:00
Asger F	16634e6dc9	Merge pull request #18540 from JarLob/bash Actions: Improve bash support	2025-01-28 09:49:58 +01:00
Geoffrey White	dfd1865b96	Rust: Add some basic flow models.	2025-01-28 08:47:15 +00:00
Geoffrey White	9d42be8305	Rust: Alphabetize lang-core.model.yml.	2025-01-28 08:47:14 +00:00
Geoffrey White	c04d619a3c	Rust: Add a couple of extra data flow test cases.	2025-01-28 08:47:13 +00:00
Geoffrey White	185a23b3c6	Rust: Allow implicit flow out of content at the test sinks, so that we see our results.	2025-01-28 08:43:06 +00:00
Geoffrey White	a1980d4d08	Rust: Make sources more accurate (Option / Result contents).	2025-01-28 08:43:05 +00:00
Geoffrey White	78d0c5c529	Merge pull request #18602 from geoffw0/reqwest2 Rust: Additional models for Reqwest	2025-01-28 08:40:38 +00:00
erik-krogh	c7fc164680	java: remove the `2` from `SafeTransformerFactoryFlow`, not that the previous naming conflict has been deleted	2025-01-28 09:13:59 +01:00
Nicolas Will	e027b0e9a0	WIP: add properties	2025-01-28 02:02:06 +01:00
Geoffrey White	fd9fb10bb9	Rust: Accept changes from fixing the ].	2025-01-27 22:50:09 +00:00
Geoffrey White	494d8f2da0	Rust: Update MaD IDs for an unrelated test. :(	2025-01-27 22:22:41 +00:00
Geoffrey White	9d6a13cec2	Rust: Accept improved results for `rust/sql-injection`. Note that the lost annotations are only sources, not results, and I suspect will return when we have sufficient flow in these cases.	2025-01-27 22:22:38 +00:00
erik-krogh	a1afa20d4b	add change-notes	2025-01-27 22:43:13 +01:00
erik-krogh	d46a2d4e80	ruby: delete the remainders of the old deprecated typetracking library	2025-01-27 22:38:07 +01:00
erik-krogh	90b403b40b	py: delete the remainder of the deprecated TypeTracker libary	2025-01-27 22:17:18 +01:00
erik-krogh	e1b14cb0be	ruby: delete now dead Ruby method	2025-01-27 22:17:13 +01:00
erik-krogh	0056e923ea	js: revert the JS deprecations. The old dataflow library is not that old yet	2025-01-27 22:17:07 +01:00
erik-krogh	7b1b366d98	ruby: update ruby tests after deleting deprecated test predicates	2025-01-27 22:17:00 +01:00
erik-krogh	bd8ed1dc04	cpp: revert two cpp dataflow deprecations that take more work	2025-01-27 22:16:54 +01:00
erik-krogh	34f5f61a10	all: use my script to delete outdated deprecations	2025-01-27 22:16:48 +01:00
Geoffrey White	9ea9f3ae19	Update rust/ql/lib/codeql/rust/frameworks/reqwest.model.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-01-27 21:09:21 +00:00
Geoffrey White	7cf872baad	Rust: Adjust the tests to work around test processing of /.	2025-01-27 21:00:08 +00:00
Geoffrey White	23ac35e5ca	Rust: Model more Reqwest methods (.await still doesn't work though).	2025-01-27 20:52:31 +00:00
Geoffrey White	9583a2a7d3	Rust: Additional test cases for reqwest sources.	2025-01-27 20:42:35 +00:00
Mathias Vorreiter Pedersen	4e44201ba8	C++: Remap calls to source functions to the summarized function.	2025-01-27 16:58:53 +00:00
Mathias Vorreiter Pedersen	98265dda7b	Revert "C++: Don't generate dataflow nodes for instructions inside summarized callables." This reverts commit `fc39df28b0`.	2025-01-27 16:58:46 +00:00
Jeroen Ketema	37b67dd9eb	C++: Update stats file	2025-01-27 15:42:35 +01:00
Owen Mansel-Chan	9f3572d15a	Reformat inline expectations (space after `$`)	2025-01-27 14:36:26 +00:00
Owen Mansel-Chan	05fb22e8ff	Make test easier to understand	2025-01-27 14:10:19 +00:00
Jonas Jensen	e7f3e03c40	QL spec: Fix up pre-BigInt language	2025-01-27 14:50:41 +01:00
Jeroen Ketema	f49d8209e5	C++: Add upgrade and downgrade scripts	2025-01-27 13:32:00 +01:00
Tom Hvitved	253ccd1210	Merge pull request #14303 from hvitved/ruby/must-flow Ruby: Implement `localMustFlowStep `	2025-01-27 12:51:29 +01:00

... 138 139 140 141 142 ...

82643 Commits