hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-03 09:40:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,673 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
6da3972433 Rust: Simplify break/continue CFG labels 2024-10-02 15:45:18 +02:00
Tom Hvitved
1266f9757d Rust: Add {BreakExpr,ContinueExpr}.getTarget() 2024-10-02 15:45:16 +02:00
Tom Hvitved
000dedf3e8 Rust: Output CFG for library-tests/variables 2024-10-02 15:45:14 +02:00
Tom Hvitved
d6415cd0c8 Merge pull request #17642 from hvitved/rust/unused-variable 
Rust: Implement `UnusedVariable.ql`
 2024-10-02 15:41:24 +02:00
Michael Nebel
51623c3837 Java: Consider all summarized callable with generated verification as generated when counting generated vs manual. 2024-10-02 15:24:01 +02:00
Michael Nebel
104d448b16 Shared: Only use heuristic summary flow in case there is no content based flow. 2024-10-02 15:24:01 +02:00
Asger F
5d2ce172eb JS: Update a test to handle AdditionalSanitizerGuardNode 2024-10-02 14:44:42 +02:00
Asger F
6cbe04dcb7 JS: Consistently use the shared XSS barrier guards in the XSS queries 
Previously only reflected XSS used shared barrier guards.
 2024-10-02 14:44:17 +02:00
Asger F
341bacfe55 JS: Fix bug causing re-evaluation of cached barriers 2024-10-02 14:43:18 +02:00
Tom Hvitved
3a1f6efce4 Address review comments 2024-10-02 13:37:24 +02:00
Geoffrey White
8243f87179 Rust: Modify the exclusion as suggested in comments. 2024-10-02 11:38:29 +01:00
Alvaro Muñoz
68da482352 Bump qlpack versions 2024-10-02 12:36:49 +02:00
Alvaro Muñoz
cd1827e3c9 Merge pull request #98 from github/improve_arginj 
improve arginj
 2024-10-02 12:36:06 +02:00
Alvaro Muñoz
531f3d40c0 Add tests for new bash parser 2024-10-02 12:35:09 +02:00
Alvaro Muñoz
6b98a5b5b1 Update tests 2024-10-02 12:34:27 +02:00
Alvaro Muñoz
8052696836 Add new Poisonable step for bun 2024-10-02 12:34:10 +02:00
Alvaro Muñoz
c58246363e Add new Argument Injection sinks 2024-10-02 12:34:01 +02:00
Alvaro Muñoz
a5075e5216 Change queries to use the new bash parser 2024-10-02 12:33:42 +02:00
Alvaro Muñoz
2727bf5e2f Add improved Bash script parser 2024-10-02 12:33:05 +02:00
Alvaro Muñoz
4b74adec4b Account for branches filter as a way to prevent workflow_run to trigger on PRs from forks 2024-10-02 12:31:59 +02:00
Tom Hvitved
fb9ec2423c Rust: Implement UnusedVariable.ql 2024-10-02 11:22:32 +02:00
Tom Hvitved
3fa52ad680 Merge pull request #17633 from hvitved/rust/cfg-fixes 
Rust: More CFG modelling
 2024-10-02 11:21:53 +02:00
Tom Hvitved
9c7216fe4f Rust: Add another CFG test 2024-10-02 10:59:26 +02:00
Tom Hvitved
69e0ad0181 Rust: Refactor CFG implementation for loops 2024-10-02 10:55:52 +02:00
Calum Grant
8b536f54fd Merge pull request #17481 from github/calumgrant/bmn/uninitialized-local 
C++: Remove FPs from cpp/uninitialized-local when encountered extraction errors
 2024-10-02 09:29:15 +01:00
Calum Grant
d3695dce4d C++: Add change note 2024-10-02 08:14:23 +01:00
Chad Bentz
2458d16426 Clarify threat model flow sources comment in LogForgingQuery.qll 2024-10-01 23:04:22 -04:00
Ed Minnix
f8335e6163 Fix formatting 2024-10-01 15:58:07 -04:00
Edward Minnix III
91b7a6cbd8 Wording of change note 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-10-01 15:56:43 -04:00
Edward Minnix III
1f932d407f Remove unnecessary asExpr() 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-10-01 15:56:42 -04:00
Ed Minnix
26b49dd0df Fix test expectation 2024-10-01 15:56:40 -04:00
Ed Minnix
d80a1487be Add change note 2024-10-01 15:56:37 -04:00
Ed Minnix
e18389718c Implement stdin models 
Unfortunately due to how variable and varargs work, these are better
done in QL
 2024-10-01 15:56:31 -04:00
Tom Hvitved
8f0b7f0969 Rust: Use propagatesAbnormal in two places 2024-10-01 21:49:08 +02:00
Tom Hvitved
c4eafb2cf3 Rust: Skip ParenExprs in the CFG 2024-10-01 21:26:49 +02:00
Tom Hvitved
8b66dc16ad Rust: Fix CFG for labelled block expressions 2024-10-01 21:03:36 +02:00
Tom Hvitved
e8cb3490e6 Rust: Refine deadEnd consistency check 2024-10-01 21:02:55 +02:00
Tom Hvitved
85957767c9 Rust: Fix CFG for while let loops 2024-10-01 21:02:17 +02:00
Tom Hvitved
071076875c Rust: Make more CFG nodes leaves 2024-10-01 21:01:56 +02:00
Tom Hvitved
26c69b8f8a Rust: Add more CFG tests 2024-10-01 21:01:49 +02:00
Tom Hvitved
bbd0aa929f Rust: Add more missing CFG trees 2024-10-01 21:01:26 +02:00
Tom Hvitved
17770af491 Rust: Account for let statement else blocks in deadEnd 2024-10-01 21:00:39 +02:00
Tom Hvitved
a507854288 Rust: Fix bug in BooleanCompletion.isValidForSpecific0 2024-10-01 21:00:33 +02:00
Tom Hvitved
8c1fd8fa7a Rust: Implement CFG for ForExprs 2024-10-01 21:00:09 +02:00
Tom Hvitved
f3e3734424 Rust: Implement CFG for WhileExprs 2024-10-01 20:59:41 +02:00
Tom Hvitved
5444a5bf8a Rust: Extend while and for CFG tests 2024-10-01 20:59:13 +02:00
Angela P Wen
e8dd6a88e7 Revert "Release preparation for version 2.19.1" 2024-10-01 10:19:28 -07:00
Geoffrey White
3a54c10f36 Rust: For now exclude top-level AST elements from LOC counts. This is not ideal. 2024-10-01 17:35:30 +01:00
Tom Hvitved
5fb61b0304 Merge pull request #17606 from hvitved/rust/variables 2024-10-01 18:13:32 +02:00
Ian Lynagh
6af5afc184 Merge pull request #17634 from igfoo/igfoo/implicit_param_name 
Java: Add a test for parameter names
 2024-10-01 17:03:18 +01:00