hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

2773 Commits

Author SHA1 Message Date
github-actions[bot]
88b6f1e79a Release preparation for version 2.20.1 2025-01-07 20:50:36 +00:00
Dave Bartolomeo
1323b3f067 Revert "Merge pull request #18235 from owen-mc/go/varargs-out-param" 
This reverts commit 4f8645b4dd, reversing
changes made to 22aaf74184.
 2025-01-07 14:59:31 -05:00
Dave Bartolomeo
3dcf49cea0 Revert "Merge pull request #18275 from owen-mc/go/mad/variadic-params-sources" 
This reverts commit 7ab06fca2f, reversing
changes made to 0c5e260ae6.
 2025-01-07 14:55:06 -05:00
Dave Bartolomeo
72a53c4b23 Revert "Release preparation for version 2.20.1" 2025-01-07 13:32:23 -05:00
github-actions[bot]
fbf9f2fff8 Release preparation for version 2.20.1 2025-01-07 17:20:13 +00:00
Dave Bartolomeo
22e030584c Revert "Release preparation for version 2.20.1" 2025-01-07 12:14:27 -05:00
github-actions[bot]
a121c5a5d0 Release preparation for version 2.20.1 2025-01-06 18:20:22 +00:00
github-actions[bot]
f9d739c173 Add changed framework coverage reports 2024-12-17 00:22:24 +00:00
Michael Nebel
d0e9c3bb70 Fix failing tests on main. 2024-12-16 14:16:47 +01:00
Michael Nebel
aaf0cd5dee Merge pull request #17968 from michaelnebel/java/movetestutils 
Move test utilities to the query pack.
 2024-12-16 13:41:30 +01:00
Owen Mansel-Chan
7ab06fca2f Merge pull request #18275 from owen-mc/go/mad/variadic-params-sources 
Go: Make models-as-data source models for variadic parameters work
 2024-12-15 13:22:21 +00:00
Ed Minnix
7852c8666c Update provenance in test results 2024-12-13 15:22:17 -05:00
Ed Minnix
88256e269a Convert model from QL to MaD 2024-12-13 14:59:32 -05:00
Edward Minnix III
f844105722 Fix test result 2024-12-13 14:53:58 -05:00
Ed Minnix
f8cfa39492 Change note 2024-12-13 12:42:02 -05:00
Ed Minnix
3f9af5bfe4 Tests 2024-12-13 12:42:01 -05:00
Ed Minnix
63a3054aeb os.Args variable read 2024-12-13 12:41:59 -05:00
Owen Mansel-Chan
e9dcd69cc0 Add readStep back to local taint flow 2024-12-13 13:30:18 +00:00
Owen Mansel-Chan
3a3e053f12 Only add taint steps for implicit varargs slice post-update nodes 2024-12-13 13:17:44 +00:00
Owen Mansel-Chan
b58e6ebade Address review comments for localTaintStep 2024-12-12 22:07:15 +00:00
Michael Nebel
0bfc1b6ea8 Also move the postprocessing queries to the library pack. 2024-12-12 15:03:03 +01:00
Michael Nebel
941b0abbf6 Move modules to the library packs. 2024-12-12 15:03:01 +01:00
Owen Mansel-Chan
26b52078c0 Add change note 2024-12-12 13:41:35 +00:00
Michael Nebel
96fe1449f8 Go: Update all test util paths to point to the new location. 2024-12-12 13:54:21 +01:00
Michael Nebel
f8e0c4799d Go: Move test utilities into the query pack. 2024-12-12 13:21:35 +01:00
Owen Mansel-Chan
3f7c37e1ed Treat container flow as taint flow in global taint flow 2024-12-12 11:41:32 +00:00
Owen Mansel-Chan
e13c4b7550 Treat container flow as taint flow in localTaintStep 2024-12-12 10:41:23 +00:00
Owen Mansel-Chan
4f8645b4dd Merge pull request #18235 from owen-mc/go/varargs-out-param 
Go: Improve data flow out of variadic parameter
 2024-12-11 13:18:29 +00:00
Cornelius Riemenschneider
53ca5083a9 Upgrade bazel to 8.0.0. 
Previously, we were using 8.0.0rc1.
In particular, this upgrade means we need to explicitly
import more rules, as they've been moved out of the core bazel repo.
 2024-12-10 12:05:37 +01:00
Owen Mansel-Chan
7e5e634bc7 Update .expected files (no new results) 2024-12-06 15:41:28 +00:00
Owen Mansel-Chan
75331ea268 Add change note 2024-12-06 15:03:34 +00:00
Owen Mansel-Chan
67572712ea Fix flow out of varargs param with models-as-data 
This still doesn't allow for a variadic out parameter to be defined as
a source using MaD. This is due to the lack of an implicit store step
at sources, to match implicit read steps at sinks.
 2024-12-06 15:00:40 +00:00
Owen Mansel-Chan
8cc4cd58c6 Add failing test for flow out of varargs param with models-as-data 2024-12-06 15:00:37 +00:00
Owen Mansel-Chan
96c8af8943 Test flow out of varargs param with function models 2024-12-06 15:00:34 +00:00
Owen Mansel-Chan
1612a7a9a0 Delete accidentally committed binary 2024-12-06 15:00:33 +00:00
Owen Mansel-Chan
69f087a46d Fix pre-existing failing test in VarArgsWithFunctionModels 
It was failing for a silly reason.
 2024-12-06 15:00:31 +00:00
Owen Mansel-Chan
ec7cbf93d9 Add failing test for flow out of varargs parameter 2024-12-06 15:00:30 +00:00
Owen Mansel-Chan
1935c26b56 Trivial variable name fixes 2024-12-06 15:00:28 +00:00
dependabot[bot]
d25045c936 Bump golang.org/x/tools 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.27.0 to 0.28.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.27.0...v0.28.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-05 03:26:59 +00:00
Henry Mercer
ccfb32e989 Merge pull request #18211 from github/post-release-prep/codeql-cli-2.20.0 
Post-release preparation for codeql-cli-2.20.0
 2024-12-04 20:45:07 +00:00
Andrew Eisenberg
1ac6c3751b Update action.yml to use artifacts@v4 
v3 is getting deprecated.
 2024-12-04 11:41:40 -08:00
github-actions[bot]
cf71a1525b Post-release preparation for codeql-cli-2.20.0 2024-12-04 18:36:17 +00:00
github-actions[bot]
96564b7128 Release preparation for version 2.20.0 2024-12-04 16:01:14 +00:00
Owen Mansel-Chan
f56b2c912a Merge pull request #18201 from owen-mc/go/mad/improve-externalflowinheritance-tests 
Go: Fix some spurious results in ExternalFlowInheritance tests
 2024-12-04 14:24:30 +00:00
Henry Mercer
963f084d87 Merge branch 'main' into henrymercer/merge-back-rc-3.16 2024-12-04 13:39:10 +00:00
Owen Mansel-Chan
ec0c0f1b35 Fix some spurious results in ExternalFlowInheritance tests 
Several struct types were being considered as the same. The fix is to
give them unique fields.
 2024-12-04 11:57:32 +00:00
Jeroen Ketema
10592bb1c4 Merge pull request #18192 from jketema/inline-rm 
Remove deprecated `InlineExpectationsTest` class-based API
 2024-12-04 11:34:39 +01:00
Anders Schack-Mulligen
03fdceb0fd Merge pull request #18191 from aschackmull/dataflow/remove-deprecated-lib 
Dataflow: Delete the old configuration-class based api.
 2024-12-04 11:31:46 +01:00
Anders Schack-Mulligen
e846855bca Go: Remove deprecated configuration classes referencing deleted api. 2024-12-03 20:08:44 +01:00
Anders Schack-Mulligen
cca27e4c77 Add change notes for all languages. 2024-12-03 19:42:33 +01:00