hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-02 09:16:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,673 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
cbd9cc6dae Java: Update request forgery expected output. 2024-10-21 15:19:30 +02:00
Michael Nebel
3b6f39931b Java: Re-add generated (mixed) summaries and neutrals for the Java SDK 17. 2024-10-21 15:19:28 +02:00
Michael Nebel
f50734f0ee Java: Delete all generated Java JDK models. 2024-10-21 15:19:27 +02:00
Tom Hvitved
e9adbf231f Merge pull request #17816 from hvitved/rust/expr-trees-module 
Rust: Move all expression CFG trees inside an `ExprTrees` module
 2024-10-21 15:12:51 +02:00
Tom Hvitved
d2623cf4c3 Merge pull request #17814 from hvitved/rust/fix-bad-join 
Rust: Fix bad join
 2024-10-21 15:01:31 +02:00
Tom Hvitved
a6a68ef8be Apply suggestions from code review 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2024-10-21 14:43:22 +02:00
Taus
d01593e571 Python: Add test for string encoding dataset check 
Note that this test checks that the current setup creates dataset check
violations. A later commit will fix this (and flip the negation in the
test).
 2024-10-21 12:08:46 +00:00
Tom Hvitved
1f5e02f539 Rust: Move all expression CFG trees inside an ExprTrees module 2024-10-21 13:41:11 +02:00
Simon Friis Vindum
85e59c9920 Merge branch 'main' into rust-saa-additions 2024-10-21 13:30:02 +02:00
Alvaro Muñoz
6dbbfa9672 Bump qlpack versions 2024-10-21 12:12:37 +02:00
Michael Nebel
1217c55c36 C#: Add change note. 2024-10-21 12:08:03 +02:00
Michael Nebel
191658f637 C#: Update expected test output. 2024-10-21 12:04:31 +02:00
Michael Nebel
b2b1a3ea65 C#: Consider string.ReplaceLineEndings(string) as a sanitizer for log forging. 2024-10-21 12:03:59 +02:00
Michael Nebel
0b8e83dc87 C#: Add log forging false positive example using ReplaceLineEndings. 2024-10-21 11:55:09 +02:00
Cornelius Riemenschneider
ce53964edf Merge pull request #17812 from github/redsun82/rust-move-integration-tests 
Rust: move integration tests to where other languages have them
 2024-10-21 11:41:16 +02:00
Tom Hvitved
7e82595cae Rust: Fix bad join 
Before
```
Evaluated relational algebra for predicate MatchExprImpl::Impl::MatchExpr.getLastArm/0#dispred#24e5f4cf@9cf607tl with tuple counts:
            660677  ~0%    {4} r1 = SCAN `MatchExprImpl::Impl::MatchExpr.getArm/1#dispred#817de8a3` OUTPUT _, In.0, In.2, In.1
            660677  ~0%    {3}    | REWRITE WITH Tmp.0 := 1, Out.0 := (Tmp.0 + In.3) KEEPING 3
        5342095756  ~0%    {3}    | JOIN WITH `MatchArmList::Generated::MatchArmList.getNumberOfArms/0#dispred#9ad72f08_10#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.2
             96597  ~3%    {2}    | JOIN WITH `MatchExpr::Generated::MatchExpr.getMatchArmList/0#dispred#11f1a73e` ON FIRST 2 OUTPUT Lhs.0, Lhs.2
                           return r1
```

After
```
Evaluated relational algebra for predicate MatchExprImpl::Impl::MatchExpr.getLastArm/0#dispred#24e5f4cf@9d7a92pu with tuple counts:
        660677   ~0%    {5} r1 = JOIN `MatchExprImpl::Impl::MatchExpr.getArm/1#344daffc` WITH `MatchExprImpl::Impl::MatchExpr.getNumberOfArms/0#ab0d8732` ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Lhs.2, _, Rhs.1
                        {4}    | REWRITE WITH Tmp.3 := 1, Out.3 := (In.4 - Tmp.3), TEST Out.3 = InOut.1 KEEPING 4
         96597   ~3%    {2}    | SCAN OUTPUT In.0, In.2
                        return r1
```
 2024-10-21 11:40:13 +02:00
Alvaro Muñoz
229d42b515 Add sonar-scanner-action as a poisonable step 2024-10-21 11:05:06 +02:00
Simon Friis Vindum
5e4ce8f66d Merge pull request #17800 from paldepind/rust-cfg-fixes 
Rust: Various fixes to the CFG construction
 2024-10-21 10:39:27 +02:00
Chris Smowton
5ba37bd7a3 Rename change note 2024-10-21 09:36:07 +01:00
Simon Friis Vindum
a1ebf98552 Merge branch 'main' into rust-cfg-fixes 2024-10-21 10:12:07 +02:00
Simon Friis Vindum
3ae04752c4 Rust: Accept less CFG inconsistencies 2024-10-21 10:07:11 +02:00
Simon Friis Vindum
9c172f62a4 Rust: Fix dead end in CFG for match expressions with no arms 2024-10-21 09:59:23 +02:00
Paolo Tranquilli
7b870d30a4 Rust: move integration tests to where other languages have them 2024-10-21 09:29:37 +02:00
Simon Friis Vindum
381f061e7f Rust: Add CFG test for match with no arms 2024-10-21 09:29:28 +02:00
Simon Friis Vindum
e149071634 Merge pull request #17803 from paldepind/unreachable2 
Rust: More test cases for rust/dead-code
 2024-10-21 08:30:36 +02:00
Porcupiney Hairs
7ef2d79b3f Include changes from review 2024-10-21 03:28:19 +05:30
Alvaro Muñoz
fc5a6703b3 Add github.event.sender.login as an Actor source 2024-10-19 17:01:47 +02:00
Alvaro Muñoz
e03ba55812 Account for checkout path on Untrusted Checkout Critical 2024-10-19 17:01:29 +02:00
Kylie Stradley
2d5cd1a61a WIP. todo: modify help text in query to be helpful, write qlhelp file, find out how to not release to customers 2024-10-18 16:51:31 -04:00
Kylie Stradley
e5508343b1 update unpinned actions tag test 2024-10-18 15:21:33 -04:00
Calum Grant
c5a082fd8e C++: Fix CWE-022 2024-10-18 19:45:29 +01:00
Chris Smowton
241f951db1 Add change-note for Java buildless packaging its required Maven plugin 2024-10-18 17:43:18 +01:00
Chris Smowton
74ef91649b Merge pull request #17780 from smowton/smowton/admin/add-buildless-maven-packaging-test 
Java buildless: add tests checking usage of a local copy of the Maven dependency graph plugin
 2024-10-18 17:38:59 +01:00
Arthur Baars
08af7d0007 Merge pull request #17810 from github/post-release-prep/codeql-cli-2.19.2 
Post-release preparation for codeql-cli-2.19.2
 2024-10-18 18:28:07 +02:00
github-actions[bot]
272f6c2541 Post-release preparation for codeql-cli-2.19.2 2024-10-18 15:56:02 +00:00
Arthur Baars
3990d0e11a Merge pull request #17808 from github/release-prep/2.19.2 
Release preparation for version 2.19.2
codeql-cli/v2.19.2 		2024-10-18 17:36:23 +02:00
Arthur Baars
aaf220d41e Fix typos in changelogs 2024-10-18 15:28:05 +00:00
github-actions[bot]
ca0345324e Release preparation for version 2.19.2 2024-10-18 15:16:21 +00:00
Arthur Baars
7c15be1f02 Merge pull request #17806 from github/revert-17764-release-prep/2.19.2 
Revert "Release preparation for version 2.19.2"
 2024-10-18 17:13:50 +02:00
Arthur Baars
eb515f884b Revert "Release preparation for version 2.19.2" 2024-10-18 17:06:20 +02:00
Calum Grant
0fcabc4e61 C++: Move mayBeFromImplicitlyDeclaredFunction to Call 2024-10-18 15:56:08 +01:00
Jami
c8d420ec57 Merge pull request #17795 from jcogs33/jcogs33/update-spring-csrf-qhelp-link 
Java: update qhelp link for `java/spring-disabled-csrf-protection`
 2024-10-18 10:11:37 -04:00
Arthur Baars
4a5a48a5b6 Rust: move PrintCfg to ide-contextual-queries 2024-10-18 16:11:18 +02:00
Arthur Baars
c9372b91f8 Rust: move ide-contextual-queries to the library pack 2024-10-18 16:11:17 +02:00
Arthur Baars
53744407ad Rust: add localDefinitions.ql 2024-10-18 16:11:08 +02:00
Calum Grant
419780591a C++: Resolve firstFormatArgumentIndex in FormattingFunction CP 2024-10-18 14:52:54 +01:00
Simon Friis Vindum
4ddc7a4592 Rust: Update unused value expected results 2024-10-18 15:49:52 +02:00
yoff
8cb339aa93 Merge pull request #17801 from yoff/python/extra-std-models 
Python: extra modelling of stdlib
 2024-10-18 15:32:01 +02:00
Jami Cogswell
335c59792c Java: remove unnecessary anchor and update page name 2024-10-18 09:26:56 -04:00
Rasmus Lerchedahl Petersen
30e5a12230 Python: udate expectations 2024-10-18 15:14:51 +02:00