hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,672 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeroen Ketema
10f6e1ceb8 C++: Add change note 2025-05-23 19:17:17 +02:00
Jeroen Ketema
fbc9615287 C++: Update expected test results 2025-05-23 16:03:47 +02:00
Jeroen Ketema
a77ddd7532 C++: Add Windows command line and environment models 2025-05-23 15:56:09 +02:00
Jeroen Ketema
b800040c73 C++: Add tests for various local Windows dataflow sources 2025-05-23 15:55:02 +02:00
Joe Farebrother
c070d04231 Fix qhelp 2025-05-23 14:31:13 +01:00
Joe Farebrother
e933a27cd9 Add changenote 2025-05-23 14:25:38 +01:00
Joe Farebrother
b15fec0fb9 Fix qhelp and tests 2025-05-23 14:17:21 +01:00
Mathias Vorreiter Pedersen
0822ded899 Merge pull request #19569 from MathiasVP/fix-return-value-surces-in-mad 
Shared/C++: Handle non-standard return values in MaD flow sources/sinks
 2025-05-23 13:58:26 +01:00
Paolo Tranquilli
5c294617c5 Rust: update a comment 2025-05-23 14:43:18 +02:00
Anders Schack-Mulligen
5b21188e0d C#: Sync. 2025-05-23 14:17:21 +02:00
Joe Farebrother
44a678a3f4 remove redundant import 2025-05-23 13:16:13 +01:00
Joe Farebrother
06504f2cb6 Update tests 2025-05-23 13:04:56 +01:00
Tom Hvitved
c8ff69af9a Rust: Fix bad join 2025-05-23 13:57:19 +02:00
Napalys Klicius
000e69fd48 Replaced fuzzy NonNodeStream MaD to a ql predicate to deal easier with submodules 2025-05-23 13:55:40 +02:00
Anders Schack-Mulligen
62000319fe Rangeanalysis: Simplify Guards integration. 2025-05-23 13:39:53 +02:00
Tom Hvitved
05288d3952 Type inference: Simplify internal representation of type paths 2025-05-23 13:36:58 +02:00
Napalys Klicius
248f83c4db Added qhelp for UnhandledStreamPipe query 2025-05-23 13:35:36 +02:00
Anders Schack-Mulligen
1b2d23b23c Merge pull request #19567 from aschackmull/ssa/branchedge 
SSA: Distinguish between has and controls branch edge.
 2025-05-23 13:35:04 +02:00
Anders Schack-Mulligen
f4fb717a34 SSA: Add change note. 2025-05-23 12:49:01 +02:00
Mathias Vorreiter Pedersen
92e0b64307 Shared: Fix QLDoc. 2025-05-23 11:43:27 +01:00
yoff
909c1bbcd9 Merge pull request #19494 from neilmendum/actions/more-minimal-permission 
actions: add some missing permissions
 2025-05-23 12:42:10 +02:00
Anders Schack-Mulligen
893cb592b5 SSA: Elaborate qldoc a bit. 2025-05-23 12:35:30 +02:00
Napalys Klicius
c6db32ed73 Add exceptions for arktype, execa, and highland to prevent them from being flagged by unhandled pipe error query 2025-05-23 12:34:11 +02:00
Napalys Klicius
15ff7cb41a Added more test cases which common js libraries uses .pipe() 2025-05-23 12:30:49 +02:00
Mathias Vorreiter Pedersen
cf39103df3 C++: Accept test changes. 2025-05-23 11:19:25 +01:00
Mathias Vorreiter Pedersen
07c4eca4d8 C++: Implement the new predicate for C++. 2025-05-23 11:16:49 +01:00
Mathias Vorreiter Pedersen
69ea19cb8b Shared: Add a 'getReturnValueKind' predicate and use it in 'interpretOutput' and 'interpretInput' to handle non-standard return value input/output. This is needed to support C++'s ReturnValue[**] notation. 2025-05-23 11:16:29 +01:00
Paolo Tranquilli
01e22b7266 Rust: remove wrong comment 2025-05-23 12:01:50 +02:00
Paolo Tranquilli
5183d1610f Rust: enhance macro expansion integration test 2025-05-23 12:01:33 +02:00
Paolo Tranquilli
31b48e18e6 Rust: fix BadCtorInitialization test 2025-05-23 12:01:14 +02:00
Paolo Tranquilli
abf21ba767 Rust: skip macro expansion in unexpanded attribute macro AST 2025-05-23 12:01:00 +02:00
Paolo Tranquilli
32cece3a43 Rust: adapt BadCtorInitialization.ql to attribute macro expansion 2025-05-23 12:00:42 +02:00
Joe Farebrother
f27057a747 Update qhelp 2025-05-23 10:56:43 +01:00
Arthur Baars
23b4e5042f Rust: update expected output 2025-05-23 11:18:23 +02:00
Arthur Baars
b62d52ede0 Rust: prevent source files from being extracted in both source and library mode 
When analysing a repository with multiple separate but related sub-projects there is a
risk that some source file are extracted in library mode as well as source  mode.

To prevent this we pre-fill 'processed_files' set with all source files, even though they have
not be processed yet, but are known to be processed later..

This prevents source file to be
 2025-05-23 10:35:16 +02:00
Anders Schack-Mulligen
1d30103559 SSA: Distinguish between has and controls branch edge. 2025-05-23 09:56:22 +02:00
Michael Nebel
c046a306ba Merge pull request #19566 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2025-05-23 08:45:06 +02:00
Arthur Baars
df99e06c81 Rust: temporarily disable attribute macro expansion in library mode 2025-05-23 07:47:31 +02:00
github-actions[bot]
372d1c68a4 Add changed framework coverage reports 2025-05-23 00:23:59 +00:00
Nicolas Will
47ffa3cedf Merge pull request #19553 from bdrodes/generic_constant_filtering 
Crypto: Improve literal filtering for OpenSSL for algorithms and generic sources
 2025-05-23 00:34:45 +02:00
Owen Mansel-Chan
fb92999f8a Add bigquery to frameworks.csv 
Also fix up github.com/kanikanema/gorqlite
 2025-05-22 22:02:20 +01:00
REDMOND\brodes
007683f06a Crypto: Simplifying constant comparisons. 2025-05-22 14:06:13 -04:00
REDMOND\brodes
28f48246fc Crypto: Adding signature constant support, and fixing key exchange and signature mapping for ED and X elliptic curve variants. 2025-05-22 13:13:35 -04:00
REDMOND\brodes
ca1d4e270a Crypto: Separating out an IntLiteral class so it is clearer that some constraints for generic input sources are heuristics to filter sources, and other constraints narrow the literals to a general type (ints). Also adding fixes in KnownAlgorithmConstants to classify some algorithms as key exchange and signature correctly, and added support for a signature constant wrapper. 2025-05-22 12:53:11 -04:00
Napalys Klicius
b10a9481f3 Fixed false positives from strapi and rxjs/testing as well as when one passes function as second arg to pipe 2025-05-22 18:50:02 +02:00
Napalys Klicius
e6ae8bbde4 Added test cases where second parameter passed to pipe is a function and some popular library ones 2025-05-22 18:50:01 +02:00
Napalys Klicius
ac24fdd348 Add predicate to detect non-stream-like usage in sources of pipe calls 2025-05-22 18:49:59 +02:00
Napalys Klicius
5b1af0c0bd Added detection of custom gulp-plumber sanitizer, thus one would not flag such instances. 2025-05-22 18:49:53 +02:00
Geoffrey White
9ac24c7f4f Merge branch 'main' into moresensitive 2025-05-22 16:11:12 +01:00
Geoffrey White
09dd00089b Merge pull request #19546 from geoffw0/logsinks 
Rust: Models for log_err
 2025-05-22 16:06:26 +01:00