hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-30 15:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,673 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
be5bd1da0a Rust: Also add the good example and a couple of other cited good cases to the test. 2024-11-25 19:54:04 +00:00
Geoffrey White
82f2c6075f Rust: Add qhelp + examples. 2024-11-25 19:54:03 +00:00
Geoffrey White
88fc7be0a2 Rust: Implement the query. 2024-11-25 19:22:13 +00:00
Geoffrey White
9ead2dc03c Rust: Add a query test. 2024-11-25 19:14:16 +00:00
Geoffrey White
93e7202a69 Merge pull request #17940 from geoffw0/resolvable 
Rust: Add unresolved macro calls diagnostic
 2024-11-25 19:08:29 +00:00
Tom Hvitved
5e7cd46117 Rust: Flow through variants 2024-11-25 19:17:57 +01:00
Tom Hvitved
2fb670a27c Rust: Do not print unit type in data flow 2024-11-25 19:14:44 +01:00
Tom Hvitved
511f791511 Rust: Add more flow tests 2024-11-25 19:14:42 +01:00
Paolo Tranquilli
c3b4447586 Merge branch 'main' into redsun82/rust-canonical-enum 2024-11-25 17:46:48 +01:00
Paolo Tranquilli
74aa47a809 Merge pull request #18094 from github/redsun82/rust-rename 
Codegen/Rust: allow renaming in QL
 2024-11-25 17:42:25 +01:00
Paolo Tranquilli
269ea75036 Rust: matched_expr -> scrutinee 2024-11-25 17:23:47 +01:00
Paolo Tranquilli
b47e9612eb Rust: fix MatchExpr.getExpr renaming 2024-11-25 17:14:05 +01:00
Paolo Tranquilli
261e0a1a53 Codegen/Rust: allow renaming in QL 
This adds a `ql.name` codegen pragma to change the name of a property on
the QL side. This is useful to give more meaningful names than what we
get from the generated rust AST.
 2024-11-25 17:04:03 +01:00
Mathias Vorreiter Pedersen
8fd581dd7e Merge pull request #18093 from MathiasVP/more-win32-command-execution-functions 
C++: Add more `CommandExecutionFunction`s
 2024-11-25 15:26:50 +00:00
Simon Friis Vindum
d06b5833cf Rust: Add an additional variables test with a self parameter 2024-11-25 16:08:26 +01:00
Geoffrey White
f92e8555a6 Rust: update for toString changes in main. 2024-11-25 14:35:12 +00:00
Geoffrey White
e9a13aec1d Merge branch 'main' into resolvable 2024-11-25 14:33:56 +00:00
Paolo Tranquilli
adafe3e5b0 Merge branch 'main' into redsun82/rust-canonical-enum 2024-11-25 15:28:45 +01:00
Jami Cogswell
05b6700607 Java: add SHA384 to list of secure algorithms 2024-11-25 09:27:53 -05:00
Arthur Baars
c2b342f1a0 Merge pull request #18084 from github/aibaars/java-sha3 
Java: add SHA3 family to list of secure crypto algorithms
 2024-11-25 15:07:43 +01:00
Simon Friis Vindum
d5c8dfd88c Merge pull request #18092 from paldepind/rust-param-base 
Rust: Generate `ParamBase`, a superclass of `Param` and `SelfParam`
 2024-11-25 14:58:07 +01:00
Rasmus Lerchedahl Petersen
25664d0e53 Java: Add support for non-integer bounds in inline expectations 2024-11-25 14:48:17 +01:00
Mathias Vorreiter Pedersen
03ab74e07d C++: Add more 'CommandExecutionFunction's. 2024-11-25 13:43:20 +00:00
Simon Friis Vindum
0de6658660 Rust: Use ParamBase in data flow implementation 2024-11-25 14:18:08 +01:00
Napalys Klicius
e9dff4d68f Merge pull request #17953 from Napalys/napalys/ts57 
JS: upgrade TypeScript to 5.7
 2024-11-25 14:16:40 +01:00
Simon Friis Vindum
0d02126f12 Generate ParamBase, superclass of Param and SelfParam 2024-11-25 14:07:50 +01:00
Rasmus Lerchedahl Petersen
37935eea3b java: separate bounds onto different lines 2024-11-25 12:32:11 +01:00
Napalys Klicius
d6372aebc7 Update javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.ql 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2024-11-25 12:12:12 +01:00
Napalys
e38b63ebcd JS: previously js/case-sensitive-middleware-path was not taking into consideration unknown flags 2024-11-25 11:56:06 +01:00
Napalys
178da21fb8 JS: Added test case for CWE-178 RegExp with unknown flags 2024-11-25 11:53:00 +01:00
Tom Hvitved
e6161a5019 Merge pull request #18070 from hvitved/rust/canonical-path-dataflow 
Rust: Use extended canonical paths to resolve calls in data flow
 2024-11-25 11:48:19 +01:00
Arthur Baars
5eb91fd516 Drop SHA3-224 
Drop the 224bits variant as it looks like SHA3-224 may be deprecated soon based on NIST's most recent draft revision of Transitioning the Use of Cryptographic Algorithms and Key Lengths
 2024-11-25 11:25:45 +01:00
Geoffrey White
68a4ea3be0 Rust: New query rust/ctor-initialization (placeholder). 
undo
 2024-11-25 10:09:42 +00:00
Geoffrey White
bded7085f0 Rust: Effect of toString changes in main. 2024-11-25 10:01:57 +00:00
Geoffrey White
d38f0eec7b Merge branch 'main' into sourcemodels 2024-11-25 09:59:08 +00:00
Napalys
3d467b24f8 Added change notes 2024-11-25 09:30:01 +01:00
Tom Hvitved
4b0b038513 Merge pull request #18035 from github/redsun82/rust-str 
Rust: add some `toString` implementations
 2024-11-25 09:29:18 +01:00
Napalys
f8d623e905 JS: Bumped TS version to 5.7.2 2024-11-25 09:08:51 +01:00
Edward Minnix III
940a99db3b Fix typo 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-11-24 21:25:09 -05:00
Edward Minnix III
fb04e39935 ReturnValue[i] text 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-11-24 21:24:53 -05:00
Edward Minnix III
7210786721 Subtypes/overrides documentation 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-11-24 21:24:24 -05:00
Jami
f0045692a7 Merge pull request #17869 from jcogs33/jcogs33/improve-weak-crypto 
Java: Improve weak crypto query
 2024-11-24 12:04:00 -05:00
Taus
addef2f171 Add script and VSCode task for creating change notes 
Adds a VSCode Task (accessible from the "Run Task" menu) for creating
change notes, prompting the user for the language, name, and category of
the change.

The language options presented are based on the existing occurrences of
`change-notes` folders in the repo. There are more such files (in
particular every shared library has a `change-notes` directory), but it
seemed to me that the language change notes are the ones that are most
common, and so in an effort to not clutter the list too much, I only
included the languages.

The selection of categories is based on existing usage -- more
specifically the result of grepping for occurrences of '^category: ' in
the repo. It's possible there are more change categories that could be
added.

Hopefully this should make it more convenient to create change notes
from within VSCode.
 2024-11-22 22:32:15 +00:00
Arthur Baars
c6eaed343d Java: add SHA3 family to list of secure crypto algorithms 2024-11-22 19:03:00 +01:00
Arthur Baars
7f84cf6d72 Add test case 2024-11-22 19:02:11 +01:00
Calum Grant
7baaa2373f Merge pull request #18080 from github/revert-18072-revert-18009-calumgrant/bmn/record-build-mode 
C++: Implement compilation_build_mode
 2024-11-22 17:15:26 +00:00
Geoffrey White
4c50c083fb Rust: Implement good suggestions from ql-for-ql. 2024-11-22 17:12:09 +00:00
Geoffrey White
f2f577f86c Rust: Fix toString(). 2024-11-22 17:09:52 +00:00
Geoffrey White
d8b58f21c7 Rust: Restrict ReqwestGet by crate origin. 2024-11-22 16:42:24 +00:00
Calum Grant
b1b62f2362 Merge pull request #17919 from github/calumgrant/bmn/too-few-arguments 
C++: Remove FPs from cpp/too-few-arguments
 2024-11-22 16:40:07 +00:00