codeql

mirror of https://github.com/github/codeql.git synced 2026-01-14 23:14:59 +01:00

Author	SHA1	Message	Date
Alvaro Muñoz	89024ad604	fix(models): Reuse command delimiter regexps	2024-07-11 22:58:20 +02:00
Jami Cogswell	6b497da15f	Java: fix line number changes in tests	2024-07-11 15:33:09 -04:00
Jami Cogswell	ab9a6faaf3	Java: add change note	2024-07-11 15:10:11 -04:00
Jami Cogswell	77a8ba934c	Java: add path-injection sink for hudson.FilePath.exists()	2024-07-11 15:03:40 -04:00
Jami Cogswell	744a1a9b72	Java: fix line number changes in tests	2024-07-11 14:07:23 -04:00
Jami Cogswell	5cf05ec863	Java: add change note	2024-07-11 13:40:50 -04:00
Jami Cogswell	4a1497f367	Java: add IOUtils.toByteArray(InputStream) summary	2024-07-11 13:33:08 -04:00
Mathias Vorreiter Pedersen	1a2b4a30bb	Merge pull request #16939 from geoffw0/docsforautofix C++: Assorted minor doc improvements	2024-07-11 18:30:45 +01:00
Calum Grant	24914efcb8	Merge pull request #16956 from github/calumgrant/cpp20-array-sizes C++: Test C++20 implicit array sizes.	2024-07-11 17:44:08 +01:00
Calum Grant	13c25a494f	C++: Move change notes to correct location	2024-07-11 16:49:17 +01:00
Geoffrey White	bf47574796	Merge branch 'main' into docsforautofix	2024-07-11 16:42:27 +01:00
Ian Lynagh	5c97a5f667	Kotlin: Kotlin support is now out of beta, and generally available	2024-07-11 16:11:40 +01:00
Mathias Vorreiter Pedersen	a2a065c04e	Merge pull request #16962 from geoffw0/ga-note Swift: Add GA change note.	2024-07-11 16:04:19 +01:00
Geoffrey White	f5bfdbf5ef	Swift: Fix change note file.	2024-07-11 16:01:52 +01:00
Tom Hvitved	0459422a6c	C#: Restrict multi-body dataflow dispatch based on file-system distance	2024-07-11 16:52:20 +02:00
Tom Hvitved	35bf990f23	C#: Add data flow test for multi-body dispatch	2024-07-11 16:52:18 +02:00
Tom Hvitved	9794269550	Merge pull request #16952 from hvitved/ssa/barrier-guards-param-mod SSA: Make barrier guards a parameterized module	2024-07-11 16:46:02 +02:00
Geoffrey White	e5761d6524	Swift: Add GA change note.	2024-07-11 15:36:28 +01:00
Rasmus Wriedt Larsen	f41d2a896c	Merge pull request #16771 from porcupineyhairs/js2py Python : Arbitrary code execution due to Js2Py	2024-07-11 15:31:57 +02:00
Mathias Vorreiter Pedersen	64513fb6c2	C++: Add change note.	2024-07-11 14:26:47 +01:00
Mathias Vorreiter Pedersen	8012f3b2f7	C++: Increase the precision of 'cpp/iterator-to-expired-container' to high.	2024-07-11 14:26:05 +01:00
Joe Farebrother	8152ec7472	Merge pull request #16696 from joefarebrother/python-cookie-write-headers Python: Model CookieWrites from HeaderWrites	2024-07-11 14:25:54 +01:00
Angela P Wen	0b6714e06f	Merge pull request #16954 from github/angelapwen/remove-ci-workaround Remove CI workaround for `DatabaseQualityDiagnostics.ql`	2024-07-11 15:21:31 +02:00
Calum Grant	c6fb50095b	C++: Change note and autoformat	2024-07-11 14:21:09 +01:00
Rasmus Wriedt Larsen	5ecde387af	Python: Fix `.expected`	2024-07-11 14:42:26 +02:00
Max Schaefer	d5d0cf5d90	Java: Tag `java/non-https-url` with CWE-345	2024-07-11 13:37:09 +01:00
Calum Grant	29df3cb5b3	C++: Add test for C++20 implicit array sizes Implement NewArrayExpr.getArraySize()	2024-07-11 12:59:52 +01:00
Ian Lynagh	311799c798	Merge pull request #16899 from igfoo/igfoo/semmle_dist Java/Kotlin: Remove legacy $SEMMLE_DIST support	2024-07-11 12:48:53 +01:00
Erik Krogh Kristensen	de9370ae95	Merge pull request #16540 from aegilops/aegilops/js/insecure-helmet-middleware JS/TS: insecure Helmet middleware (new query)	2024-07-11 13:48:09 +02:00
Owen Mansel-Chan	5bdef38dd9	Merge pull request #16941 from owen-mc/go/mad-package-alias Go: Allow grouping import paths for models-as-data	2024-07-11 12:27:43 +01:00
Angela P Wen	90641a5152	Remove CI workaround for DatabaseQualityDiagnostics.ql	2024-07-11 13:22:06 +02:00
Alvaro Muñoz	7a54170b31	feat(ext): Move regexp delimiters to Config.qll	2024-07-11 12:59:34 +02:00
Jeroen Ketema	87d9218369	Merge pull request #16951 from jketema/builtin-op C++: Support more builtin operations	2024-07-11 12:50:46 +02:00
aegilops	d71be8aeaf	Moved from `experimental` into default queries	2024-07-11 11:44:01 +01:00
Michael B. Gale	45b782554c	Merge pull request #16925 from github/mbg/go/add-vendor-env-var Go: Add environment variable to include `vendor` directories in extraction	2024-07-11 11:06:31 +01:00
Paul Hodgkinson	412ad177c2	Merge branch 'main' into aegilops/js/insecure-helmet-middleware	2024-07-11 11:01:38 +01:00
Jeroen Ketema	5e0ce7efc4	C++: Fix test	2024-07-11 11:58:25 +02:00
Jeroen Ketema	ed42c3cd6f	C++: Fix class extension	2024-07-11 11:48:01 +02:00
Alvaro Muñoz	f4581d0aa5	Bump qlpack versions	2024-07-11 11:36:18 +02:00
Alvaro Muñoz	eb66114d8b	feat(models): New ArgInj sink	2024-07-11 11:35:44 +02:00
Tom Hvitved	16b142d332	SSA: Make barrier guards a parameterized module	2024-07-11 11:34:56 +02:00
Tom Hvitved	a452eadb33	Merge pull request #16946 from hvitved/csharp/fewer-version-regexps C#: Perform fewer `regexpCapture`s when matching version numbers	2024-07-11 11:22:36 +02:00
Tamás Vajk	fd8cda36e5	Merge pull request #16924 from tamasvajk/feature/winforms-linux C#: Restore Windows dependencies when Windows Forms or WPF usage is detected	2024-07-11 11:01:37 +02:00
Alvaro Muñoz	56af52a729	feat(tests): New tests for Command Injection Injections on a workflow_run triggered protected by a allow branches list should not be reported as critical	2024-07-11 10:46:37 +02:00
Alvaro Muñoz	adbb236465	fix(query): Better identification of argument injection commands	2024-07-11 10:45:49 +02:00
Jeroen Ketema	48bf06f1aa	C++: Fix `getAPrimaryQlClass`	2024-07-11 10:43:17 +02:00
Jeroen Ketema	0413e0e090	C++: Clean up QLDoc and add change note	2024-07-11 10:37:26 +02:00
Alvaro Muñoz	8d75250da7	Bump qlpack versions	2024-07-11 10:05:29 +02:00
Alvaro Muñoz	732f0dc29f	feat(queries): Argument Injection Make argument injection sinks congigurable with MaD	2024-07-11 10:04:43 +02:00
Alvaro Muñoz	73c77bc93b	Initial implementation Pending work: complete the regular expression	2024-07-11 10:04:43 +02:00

... 263 264 265 266 267 ...

82643 Commits