hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 06:36:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,673 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
aegilops
da68a04cd1 Merge branch 'angular-sources-sinks' of https://github.com/aegilops/codeql into angular-sources-sinks 2025-01-09 18:03:39 +00:00
Paul Hodgkinson
1ada51130f Merge branch 'main' into angular-sources-sinks 2025-01-09 18:03:04 +00:00
aegilops
b07e801c10 Add new test for new XSS sink, update expected to match 2025-01-09 18:02:45 +00:00
Mathias Vorreiter Pedersen
1822dc4860 C++: Add change note. 2025-01-09 17:56:07 +00:00
Mathias Vorreiter Pedersen
7a84132a6b C++: Add models and accept testcases. 2025-01-09 17:32:34 +00:00
Mathias Vorreiter Pedersen
23acc31885 C++: Add testcases with missing models. 2025-01-09 17:30:37 +00:00
aegilops
e7881a8c7f Fix typo 2025-01-09 17:11:06 +00:00
aegilops
62599b2a12 Formatted 2025-01-09 17:02:37 +00:00
aegilops
98b4c35844 Set doc string on getElementNode predicate 2025-01-09 17:00:01 +00:00
Paolo Tranquilli
928c66aea3 Merge pull request #18443 from github/redsun82/cargo-upgrade 
Rust: update rust-analyzer
 2025-01-09 17:33:26 +01:00
Jeroen Ketema
12048aefad Merge pull request #18408 from jketema/config-silence 
C++: Silence alerts coming from CMake test compilation files
 2025-01-09 16:31:55 +01:00
Geoffrey White
0ce409efd7 Update cpp/ql/test/query-tests/Likely Bugs/Likely Typos/ExprHasNoEffect/CMakeFiles/CMakeScratch/TryCompile-abcdef/CheckFunctionExists.c 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-01-09 15:17:57 +00:00
Paolo Tranquilli
6ded99ccb1 Merge branch 'main' into redsun82/cargo-upgrade 2025-01-09 16:05:48 +01:00
Erik Krogh Kristensen
70a1a6454d Merge pull request #18452 from asgerf/js/import-spec-strings 
JS: Fix crash in case of string literal in export specifier
 2025-01-09 15:50:40 +01:00
Paolo Tranquilli
4f79199498 Rust: replace std::fs::canonicalize with dunce::canonicalize 
Rust-analyzer turned out to be quite picky about paths, where
`//?/`-prefixed paths can lead to flaky failures. See

https://github.com/rust-lang/rust-analyzer/issues/18894

for details.

This makes paths always be canonicalized with `dunce`. Previously,
`dunce` was used as a fallback, but that stopped working somewhere
after version 0.0.248 of rust-analyzer.
 2025-01-09 15:43:15 +01:00
Paolo Tranquilli
cd95cc8f94 Rust: update rust-analyzer to 0.0.257 2025-01-09 15:34:07 +01:00
Michael B. Gale
14cfac506e Merge pull request #18456 from owen-mc/go/fix-test-jmoiron 
Go: Fix stub that is making test fail
 2025-01-09 13:20:08 +00:00
yoff
b263132ab2 Merge pull request #17998 from yoff/shared/locations-in-range-analysis 2025-01-09 14:05:54 +01:00
Jeroen Ketema
347edc4ff6 C++: Add upgrade and downgrade scripts 2025-01-09 13:26:33 +01:00
Jeroen Ketema
74bc28534f C++: Update dbscheme stats file 2025-01-09 13:23:25 +01:00
Jeroen Ketema
0a57587189 C++: Add change note 2025-01-09 13:23:23 +01:00
Jeroen Ketema
17127356e8 C++: Handle template variable specializations 2025-01-09 13:23:21 +01:00
Nora Dimitrijević
09571135e6 Merge pull request #18425 from d10c/d10c/BigInt.bitLength 
Language reference: mention BigInt.bitLength()
 2025-01-09 13:19:25 +01:00
Tom Hvitved
653d1227e3 Data flow: Cache known{Source,Sink}Model 2025-01-09 13:11:29 +01:00
Jeroen Ketema
60ae374a88 Merge pull request #18366 from github/jketema/template-parameters-5 
C++: Support concept id expressions
 2025-01-09 13:02:19 +01:00
Tom Hvitved
91b6a6573c Data flow: Fix a bad join order 2025-01-09 12:58:16 +01:00
Owen Mansel-Chan
1812be7fa8 Fix stub 2025-01-09 11:43:36 +00:00
Asger F
0f6e8bf140 Merge pull request #18451 from asgerf/jss/cleanup-todos 
JS: Clean up some TODO comments
 2025-01-09 11:50:35 +01:00
Tom Hvitved
a7bb95249b Rust: Implement known{Source,Sink}Model 2025-01-09 11:47:57 +01:00
Jeroen Ketema
ac05bfcf4e C++: Remove some redundant toStrings 2025-01-09 11:04:07 +01:00
Jeroen Ketema
6325dd2ce1 C++: Simplify toString 2025-01-09 11:03:41 +01:00
Asger F
a7fbfb2c2d JS: Change note 2025-01-09 10:48:52 +01:00
Asger F
fd5a3dad90 JS: One more test 2025-01-09 10:46:45 +01:00
Asger F
138b000891 JS: Coerce the local export node to an Identifier 2025-01-09 10:42:25 +01:00
Asger F
db98880163 JS: Add crash reproduction to test case 2025-01-09 10:39:30 +01:00
Tom Hvitved
de0deabe4c Ruby: Implement localMustFlowStep 2025-01-09 10:37:43 +01:00
Asger F
9c4d378a1d JS: Remove TODO comment 
It is not subsumed by the other case, both cases are needed
 2025-01-09 10:17:16 +01:00
Asger F
3f2882e1c6 JS: Remove an obsolete comment 
The RHS of an assignment actually has a post-update node now
 2025-01-09 09:59:23 +01:00
Asger F
b2d62a080b JS: Move a test failure explanation into the test suite 
We have an issue for fixing the underlying problem
 2025-01-09 09:57:44 +01:00
Asger F
d9da9444fa JS: Rephrase TODO 
This is useful info, but not something that can be fixed locally in this query, so a TODO comment isn't helping
 2025-01-09 09:45:39 +01:00
Asger F
3def8ecdee JS: Remove unimportant TODO 2025-01-09 09:43:03 +01:00
Asger F
388dd871e1 JS: Remove TODO tracked by an issue. 
This requires changes to the shared data flow library, not something we should track with a TODO in the JS codebase
 2025-01-09 09:41:40 +01:00
Asger F
8b060c4294 JS: Remove TODO about evaluating legacy steps 
There is an issue for tracking this. It's not a small fix.
 2025-01-09 09:40:29 +01:00
Asger F
a8f93cac05 JS: Remove obsolete comment 
The test case actually has the correct result now
 2025-01-09 09:39:32 +01:00
Asger F
dd37c474d8 JS: Remove mention of results from comments 2025-01-09 09:39:30 +01:00
Asger F
fb54a3bde8 JS: Remove obsolete TODO comment 2025-01-09 09:39:29 +01:00
Asger F
b29ee2acde JS: Remove references to localFieldStep 
These are tracked in https://github.com/github/codeql-javascript-team/issues/456
 2025-01-09 09:39:27 +01:00
Asger F
7766f97232 JS: Remove obsolete TODO 2025-01-09 09:39:26 +01:00
Asger F
8ac08db5c2 JS: Remove TODOs about WithArrayElement not being a taint step 
This isn't going to become a taint step, the workaround is the permanent solution
 2025-01-09 09:39:23 +01:00
Tom Hvitved
07910b09d0 Ruby: Add more callback flow tests 2025-01-09 09:30:08 +01:00