hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-14 15:04:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,680 Branches 158 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
7b03f3268f C++: Fix false positives. 2024-07-22 18:00:15 +01:00
Chuan-kai Lin
81ab2025a1 Merge pull request #17032 from github/release-prep/2.18.1 
Release preparation for version 2.18.1
 2024-07-22 09:46:06 -07:00
Alexandre Boulgakov
06a9599906 C++: Update stats for using enum. 2024-07-22 17:42:31 +01:00
Chuan-kai Lin
cda4339056 Minor changelog improvements 2024-07-22 09:42:31 -07:00
Alexandre Boulgakov
11f5663afc C++: Add using enum upgrade and downgrade scripts. 2024-07-22 17:42:28 +01:00
Alexandre Boulgakov
a0954f15c0 C++: Support using enum declarations. 2024-07-22 17:42:25 +01:00
Geoffrey White
45e92cec6a C++: Extend tests for cpp/suspicious-allocation-size. 2024-07-22 17:34:49 +01:00
Salah Baddou
2ad70cbee2 Move SensitiveLoggerConfig source to extensible format 2024-07-22 17:34:00 +01:00
Mathias Vorreiter Pedersen
db9cd1f612 C++: Fix QLDoc copy-paste fails. 2024-07-22 17:08:01 +01:00
Geoffrey White
b1608d815b C++: Change note. 2024-07-22 16:34:41 +01:00
Geoffrey White
b4fa23d731 C++: Address false positive results in template instantiations. 2024-07-22 16:34:39 +01:00
Mathias Vorreiter Pedersen
c256c87a7e Update cpp/ql/lib/semmle/code/cpp/models/implementations/Iterator.qll 2024-07-22 16:34:23 +01:00
Mathias Vorreiter Pedersen
281212a22c C++: Accept test changes. 2024-07-22 16:23:26 +01:00
Mathias Vorreiter Pedersen
999fb07931 C++: Add more alias models. 2024-07-22 16:19:19 +01:00
Rasmus Lerchedahl Petersen
3434c38da7 Python: update test expectations 
This is MaD...
 2024-07-22 17:03:29 +02:00
github-actions[bot]
55935fc123 Release preparation for version 2.18.1 2024-07-22 14:56:15 +00:00
Rasmus Lerchedahl Petersen
e30f725e71 Python: Remove questionable model for multiprocessing.connection.Listener 2024-07-22 15:43:06 +02:00
Anders Schack-Mulligen
272e523323 Dataflow: Add provenance to StagePathGraph. 2024-07-22 15:02:13 +02:00
Geoffrey White
8262330e4d C++: Extend the placement new test cases for cpp/incorrect-allocation-error-handling. 2024-07-22 12:38:19 +01:00
Alvaro Muñoz
2dffb865d0 Bump qlpack versions 2024-07-22 12:45:34 +02:00
Alvaro Muñoz
15649afd5c feat(queries): Improve envvar injection queries 
Consider those cases where the contents of a file are written to a var
and that var assigned to GITHUB_ENV
 2024-07-22 12:44:27 +02:00
Geoffrey White
b00e312569 C++: Replace placeholder key in the example for cpp/cleartext-storage-database. 2024-07-22 11:17:34 +01:00
Geoffrey White
f931dab14a C++: Improve the cpp/cleartext-* query examples by using libsodium rather than pseudocode. 2024-07-22 11:17:33 +01:00
Geoffrey White
ffc61ae1bb C++: Make memset_s a clearer recommendation in the .qhelp for cpp/memset-may-be-deleted. 2024-07-22 09:51:22 +01:00
Marcono1234
6d468c1bae Java: Update Annotation predicate examples in language guide 2024-07-21 19:31:55 +02:00
Jami Cogswell
4790656b79 Java: add TaintInheritingContent for URL synthetic fields 2024-07-20 23:03:32 -04:00
Owen Mansel-Chan
2a5144d9d9 Improve tests for reverse DNS sources 2024-07-20 21:40:02 +01:00
Owen Mansel-Chan
a64eafca2b Do not mention subcategories of remote 
They are not in use by any language yet.
 2024-07-20 21:31:08 +01:00
Owen Mansel-Chan
38aac1f444 Merge pull request #17024 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-07-20 21:15:45 +01:00
github-actions[bot]
f83b70dbc2 Add changed framework coverage reports 2024-07-20 00:17:36 +00:00
Jami Cogswell
d6d2a213e7 Java: add change note 2024-07-19 18:19:37 -04:00
Jami Cogswell
f3e5b55cc4 Java: add path injection sinks for Property.setFile and Property.setResource 2024-07-19 18:04:17 -04:00
Geoffrey White
183b3fe6b0 Merge pull request #16570 from geoffw0/swiftssn 
Swift: Use shared library for sensitive private information heuristics
 2024-07-19 16:06:47 +01:00
Geoffrey White
1ca0de9067 Swift: Autoformat. 2024-07-19 13:55:33 +01:00
Geoffrey White
68a21663d9 Merge branch 'main' into swiftssn 2024-07-19 13:49:40 +01:00
Cornelius Riemenschneider
a63e70d173 Merge pull request #17015 from github/criemen/pytest-js 
Integration tests: port to pytest.
 2024-07-19 11:33:55 +02:00
Owen Mansel-Chan
24261b29d5 Merge pull request #17012 from owen-mc/go/mad/convert-sources-websockets 
Go: convert models for websocket readers as remote flow sources to models-as-data
 2024-07-19 10:04:27 +01:00
Cornelius Riemenschneider
620582fc09 Address review. 2024-07-19 10:50:11 +02:00
Joe Farebrother
661a4126ac Add change note 2024-07-19 09:23:33 +01:00
Joe Farebrother
baf51334e4 Update documentation 2024-07-19 09:13:30 +01:00
Michael Nebel
2796597d1a Code quality improvements. 2024-07-19 09:36:17 +02:00
Ed Minnix
ad4bca9975 Fix provenance in tests 2024-07-18 18:18:24 -04:00
Ed Minnix
0990a370c7 Convert QL classes for Lastaflute to MaD 2024-07-18 17:41:06 -04:00
Ed Minnix
9713551448 Missing QLDoc 2024-07-18 17:41:05 -04:00
Ed Minnix
4fa45bb81c Change note 2024-07-18 17:41:03 -04:00
Ed Minnix
62944ee473 Add tests for lastaflute framework 2024-07-18 17:41:02 -04:00
Ed Minnix
3bd330423d Add some models for the org.lastaflute.web library 
Methods annotated `@Execute` are handlers for URLs. Therefore, the
parameters of the methods annotated with the
`org.lastaflute.web.Execute` annotation are likely either URL parameters
or forms.
 2024-07-18 17:41:00 -04:00
Owen Mansel-Chan
9a66e66d66 Merge branch 'main' into amammad-java-bombs 2024-07-18 21:28:23 +01:00
Cornelius Riemenschneider
4d943f8d94 Merge branch 'main' into criemen/pytest-js 2024-07-18 21:51:33 +02:00
am0o0
7bb7d83b26 remove duplicate sinks 
replace some RefType with DecompressionBomb::BombTypeInputStream
 2024-07-18 20:55:59 +02:00