hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-29 15:16:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,673 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
4af18be70b C#: Add change note. 2024-12-05 14:42:59 +00:00
Calum Grant
b7f47f752b C++: Remove FPs from cpp/badly-bounded-write 2024-12-05 14:37:19 +00:00
REDMOND\brodes
defa8696d3 Merge remote-tracking branch 'mathiasvp/final-alias-edge-kind' into brodes/seh_flow_phase2_splitting_seh_edges 
# Conflicts:
#	cpp/ql/lib/semmle/code/cpp/ir/implementation/EdgeKind.qll
 2024-12-05 09:35:13 -05:00
Tom Hvitved
ed4819aeab Rust: Cache defaultAdditionalTaintStep 2024-12-05 15:19:11 +01:00
Tom Hvitved
7eb3b40977 Merge pull request #18219 from hvitved/rust/update-inline-expectations 
Rust: update inline expectations
 2024-12-05 15:11:25 +01:00
yoff
81c8a702ff Merge pull request #18112 from github/tausbn/add-api-graph-support-for-parameter-annotations 2024-12-05 15:05:27 +01:00
Mathias Vorreiter Pedersen
5bebfdeb2a C#: Add a MaD model for the 'Microsoft.AspNetCore.Mvc.Controller.View' method. 2024-12-05 13:59:59 +00:00
Tom Hvitved
1c56692c02 Rust: update inline expectations 2024-12-05 14:43:39 +01:00
Geoffrey White
bdb2f3d091 Rust: Add placeholder query and tests for 'cipher' module. 2024-12-05 13:38:57 +00:00
Calum Grant
fd7469848e C++: Test case for cpp/badly-bounded-write 2024-12-05 13:16:59 +00:00
Mathias Vorreiter Pedersen
667abb19d7 C++: Expose a final alias instead of the abstract class. 2024-12-05 13:13:44 +00:00
Michael B. Gale
952488c2d8 C#: Fix possible null dereference 2024-12-05 12:32:55 +00:00
Michael B. Gale
7369d043ed C#: Don't initialise DependabotProxy on Windows or macOS 2024-12-05 12:25:45 +00:00
Michael B. Gale
2e80e09f52 C#: Apply suggestions from code review for DependabotProxy 2024-12-05 12:15:27 +00:00
Michael B. Gale
ee7f0b0f2a C#: Load Dependabot Proxy certificate in DependabotProxy, and implement IDisposable 2024-12-05 12:15:26 +00:00
Michael B. Gale
ca251fb840 C#: Set up proxy for IsFeedReachable, if configured 2024-12-05 12:15:23 +00:00
Michael B. Gale
984091d4a4 C#: Propagate DependabotProxy instance down from DependencyManager 2024-12-05 12:14:29 +00:00
Michael B. Gale
e999ec1ecf C# Expose CertificatePath from DependabotProxy 2024-12-05 12:14:28 +00:00
Michael B. Gale
87bd21e12c C#: Use Add for environment variables 2024-12-05 12:14:27 +00:00
Michael B. Gale
de415d68cf C#: Add more logging to DependabotProxy 2024-12-05 12:14:26 +00:00
Michael B. Gale
6cd5711313 C#: Set environment variables for proxy for calls to dotnet 2024-12-05 12:14:25 +00:00
Michael B. Gale
8ca75602d8 C#: Initialise DependabotProxy in DotNetCliInvoker 2024-12-05 12:14:25 +00:00
Michael B. Gale
232caa7185 C#: Add DependabotProxy class 2024-12-05 12:14:24 +00:00
Michael B. Gale
537601290b C#: Add CODEQL_PROXY_* environment variable names 2024-12-05 12:14:23 +00:00
Michael B. Gale
05f9a90fd7 Merge pull request #18216 from github/dependabot/go_modules/go/extractor/extractor-dependencies-288d2c81da 
Bump golang.org/x/tools from 0.27.0 to 0.28.0 in /go/extractor in the extractor-dependencies group
 2024-12-05 11:53:11 +00:00
Owen Mansel-Chan
347fd575a2 Refactor to avoid duplicated logic 2024-12-05 11:15:43 +00:00
Simon Friis Vindum
43e3f8406d Merge pull request #18188 from paldepind/rust-df-array 
Rust: Basic data flow through arrays
 2024-12-05 12:09:22 +01:00
Simon Friis Vindum
3061d4a516 Rust: Minor tweaks 2024-12-05 11:53:12 +01:00
Owen Mansel-Chan
b20b7c7572 Remove escaped "{" and "}" before counting placeholders 2024-12-05 10:43:13 +00:00
Simon Friis Vindum
1f4e7d1f37 Rust: Handle arrays in taint tracking 2024-12-05 11:41:32 +01:00
Simon Friis Vindum
44239cbf2e Rust: Add taint tests for arrays 2024-12-05 11:39:05 +01:00
Simon Friis Vindum
27de43fed8 Merge branch 'main' into rust-df-array 2024-12-05 11:08:54 +01:00
Michael Nebel
80be95dbf9 Merge pull request #18090 from michaelnebel/csharp/locks 
C#: Use dedicated lock type where applicable.
 2024-12-05 10:52:34 +01:00
Jeroen Ketema
65a4dc31c1 Merge pull request #18213 from MathiasVP/fix-join-order-in-guarded-free 
C++: Fix a join-order problem that happens on #18207
 2024-12-05 10:39:51 +01:00
Simon Friis Vindum
1dbcaa0ece Merge pull request #18202 from paldepind/rust-taint 
Rust: Add default taint flow steps
 2024-12-05 10:31:11 +01:00
Anders Schack-Mulligen
4bf63fedc9 Merge pull request #18179 from aschackmull/dataflow/accesspath-notypes 
Dataflow: Remove tracked types from Access Paths, track tainted object type, and tweak type pruning.
 2024-12-05 09:58:36 +01:00
Simon Friis Vindum
5b6ce3e0d0 Merge branch 'main' into rust-taint 2024-12-05 09:34:25 +01:00
Paolo Tranquilli
c4e53b842d Merge pull request #18165 from github/redsun82/rust-less-canonical-paths 
Rust: restrict canonical path calculations
 2024-12-05 08:57:41 +01:00
dependabot[bot]
d25045c936 Bump golang.org/x/tools 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.27.0 to 0.28.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.27.0...v0.28.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-05 03:26:59 +00:00
Jami Cogswell
121780c55a Java: add File.getName as a path injection sanitizer 2024-12-04 18:57:51 -05:00
Henry Mercer
ccfb32e989 Merge pull request #18211 from github/post-release-prep/codeql-cli-2.20.0 
Post-release preparation for codeql-cli-2.20.0
 2024-12-04 20:45:07 +00:00
Andrew Eisenberg
515c65058e Merge pull request #18212 from github/aeisenberg/artifacts-v4 
Update action.yml to use artifacts@v4
 2024-12-04 12:26:41 -08:00
Mathias Vorreiter Pedersen
6fd9e19673 C++: Fix a join-order problem that happens on #18207. 2024-12-04 20:10:45 +00:00
Andrew Eisenberg
1ac6c3751b Update action.yml to use artifacts@v4 
v3 is getting deprecated.
 2024-12-04 11:41:40 -08:00
github-actions[bot]
cf71a1525b Post-release preparation for codeql-cli-2.20.0 2024-12-04 18:36:17 +00:00
Ben Rodes
779376e281 Merge branch 'main' into brodes/seh_flow_phase2_splitting_seh_edges 2024-12-04 13:30:21 -05:00
REDMOND\brodes
cc43bb1969 Merge branch 'brodes/seh_flow_phase1_throwing_models' into brodes/seh_flow_phase2_splitting_seh_edges 2024-12-04 13:28:21 -05:00
Henry Mercer
80bd129621 Merge pull request #18208 from github/release-prep/2.20.0 
Release preparation for version 2.20.0
 2024-12-04 16:06:17 +00:00
Henry Mercer
e0e82ad7ad Add periods for consistency 2024-12-04 16:05:15 +00:00
github-actions[bot]
96564b7128 Release preparation for version 2.20.0 2024-12-04 16:01:14 +00:00