hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-14 06:54:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,680 Branches 158 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
am0o0
d560c1ea0f fix formatting 2024-07-31 11:08:06 +02:00
Owen Mansel-Chan
f8e8b362ab Merge branch 'main' into workflow/coverage/update 2024-07-31 10:07:35 +01:00
am0o0
9110df6e80 Merge branch 'amammad-java-JWT' of https://github.com/am0o0/codeql into amammad-java-JWT 2024-07-31 11:04:24 +02:00
am0o0
c6814fcf47 merge duplicate module into a module file 2024-07-31 11:04:03 +02:00
am0o0
701e3d7e53 add same query but with local source support to comply with the CVE-2021-37580 2024-07-31 10:58:22 +02:00
Owen Mansel-Chan
3ece3ec50f Merge pull request #17092 from owen-mc/go/provenance-postprocess-qltest 
Go: Add support for provenance pretty-printing
 2024-07-31 09:54:28 +01:00
Cornelius Riemenschneider
1ce15ae2fd Fix exit code when ripunzip isn't called. 2024-07-31 08:09:53 +02:00
github-actions[bot]
d0c2b4a60f Add changed framework coverage reports 2024-07-31 00:15:22 +00:00
Edward Minnix III
bae0ea5599 Merge pull request #17042 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-07-30 20:04:23 -04:00
Cornelius Riemenschneider
fa6d61809e Fix hang for targets without ripunzip. 2024-07-31 00:38:50 +02:00
Jami
d04dc9afe0 Merge pull request #17087 from jcogs33/jcogs33/java/provenance-postprocess-qltest 
Java: Add support for provenance pretty-printing as a qltest postprocess step
 2024-07-30 16:55:26 -04:00
Jeroen Ketema
f986484813 Merge pull request #17098 from jketema/deduction 
C++: Update tests after extractor changes
 2024-07-30 21:08:40 +02:00
Alvaro Muñoz
8ffac2935e Bump qlpack versions 2024-07-30 18:22:20 +02:00
Cornelius Riemenschneider
674a5bb9b4 Bazel installer: Retry ripunzip step. 
Ripunzip is great, but occasionally bugs out due to a parallelism issue.
As we don't want this to fail CI, retry the entire ripunzip/installation step
up to 3 times.
We need to clean up the working directory as ripunzip doesn't support overwriting
files. I've not been able to test this with the original issue (it doesn't seem
to reproduce locally for me), but I injected another error and got 3 retries
of installation.
 2024-07-30 18:20:19 +02:00
Alvaro Muñoz
65ad387543 fix: Add printf as an equivalent to echo 2024-07-30 18:18:22 +02:00
Jami Cogswell
2db07bdbf3 Java: add missing models to experimental expected files 2024-07-30 12:13:18 -04:00
am0o0
40eef25133 use more specefic Classes instead of Call 2024-07-30 18:07:03 +02:00
Geoffrey White
3d6a889d24 Swift: Make use of CBC blockmode in examples and tests mode accurate. 2024-07-30 16:59:11 +01:00
am0o0
591b1b4f07 use $ SPURIOUS: instead of "this test gives a FP" 2024-07-30 17:53:23 +02:00
am0o0
f97b1039cd update test files, add one more additional flow step for inflate function, fix gzopen additional flow step thanks to @jketema 2024-07-30 17:49:34 +02:00
Sylwia Budzynska
81f3609c4b Formatting 2024-07-30 17:49:20 +02:00
Sylwia Budzynska
dfc51922ba Change regex 2024-07-30 17:39:34 +02:00
Sylwia Budzynska
ef2b225144 Fix PascalCase 2024-07-30 17:36:55 +02:00
Owen Mansel-Chan
1cb5f35c56 Add change note 2024-07-30 16:29:38 +01:00
Owen Mansel-Chan
cd0af0fc57 Ignore types with methods which have annotations 
The motivation is test classes in JUnit 4 and 5 are currently FPs for this. They have methods with `@Test`, so this should fix the FPs.
 2024-07-30 16:29:35 +01:00
Owen Mansel-Chan
050dcb1370 Add some tests for java/unused-reference-type 2024-07-30 16:29:11 +01:00
Sylwia Budzynska
f796efe470 Add Streamlit SQLAlchemy models 2024-07-30 17:20:52 +02:00
Sylwia Budzynska
9741ddb926 Add remoteflowsoucre test 2024-07-30 17:20:14 +02:00
Mathias Vorreiter Pedersen
31f68d2da8 Merge pull request #17095 from MathiasVP/mad-free-functions 
C++: Proper MaD support for free functions
 2024-07-30 16:00:31 +01:00
Jami
2c8f3a58b3 Merge branch 'main' into jcogs33/java/provenance-postprocess-qltest 2024-07-30 10:53:52 -04:00
Owen Mansel-Chan
44b6309e07 Add change note 2024-07-30 15:44:00 +01:00
Owen Mansel-Chan
e259b25428 Add "tokenizer" to sensitive variable name FPs 2024-07-30 15:38:32 +01:00
Owen Mansel-Chan
0704946324 Factor out matching sensitive variable name FPs 2024-07-30 15:37:54 +01:00
Owen Mansel-Chan
bdff0fdcc5 Add test for "tokenizer" 2024-07-30 15:37:46 +01:00
Owen Mansel-Chan
0d71072f94 Make test more compact 2024-07-30 15:36:59 +01:00
Mathias Vorreiter Pedersen
6d8a83fc1f C++: Take out the 'Element' content from std::format model. 2024-07-30 15:31:18 +01:00
Arthur Baars
0d469536ae Merge pull request #17065 from github/aibaars/proxy-tests 
Java: integration tests with proxy server
 2024-07-30 15:53:45 +02:00
Mathias Vorreiter Pedersen
ef0370b64e C++: Respond to review comments. 2024-07-30 13:19:02 +01:00
Owen Mansel-Chan
a8236e1545 Revert post-processing for 6 queries pending bug fix 
This commit will be reverted when a bug is fixed which is currently
stopping these tests from working with post-processing.
 2024-07-30 12:58:01 +01:00
Owen Mansel-Chan
ffeb86c1f5 Update .expected files 2024-07-30 12:54:42 +01:00
Jeroen Ketema
5455a365d1 C++: Update tests after extractor changes 2024-07-30 13:52:23 +02:00
Anders Schack-Mulligen
5073f4f7dd Merge pull request #17096 from aschackmull/java/pp-experimental-models 
Java: Pretty-print experimental models for qltest.
 2024-07-30 13:31:15 +02:00
am0o0
9662950405 add comments for FPs 2024-07-30 13:24:46 +02:00
Chris Smowton
8f52b2cd95 Fix link 2024-07-30 12:23:38 +01:00
Chris Smowton
a781522ca0 Copyedit documentation 2024-07-30 12:19:16 +01:00
Sylwia Budzynska
bfd2e4350b Add StreamlitConnection model 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2024-07-30 12:58:49 +02:00
Mathias Vorreiter Pedersen
afc0d0a078 C++: Accept test changes. 2024-07-30 11:54:20 +01:00
Owen Mansel-Chan
5c8f21d596 Use post-process provenance pretty-printing in ql tests 2024-07-30 11:35:10 +01:00
Owen Mansel-Chan
94f290411f Use post-process provenance pretty-printing in qlref tests 2024-07-30 11:35:09 +01:00
Owen Mansel-Chan
1347f55d89 Merge pull request #17072 from owen-mc/go/mad/convert-sinks 
Go: convert request-forgery, xpath-injection and credentials sinks to MaD
 2024-07-30 11:18:37 +01:00