codeql

mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00

Author	SHA1	Message	Date
Geoffrey White	9a8a852277	Rust: Support snake case more widely in SensitiveDataHeuristics.qll.	2025-01-10 10:23:55 +00:00
Geoffrey White	88e351ad4f	Rust: Expand sensitive data test cases.	2025-01-10 10:00:13 +00:00
Tom Hvitved	a7bb95249b	Rust: Implement `known{Source,Sink}Model`	2025-01-09 11:47:57 +01:00
Geoffrey White	3363235b1c	Merge pull request #18414 from geoffw0/sensitive Rust: Sensitive data library	2025-01-08 17:38:18 +00:00
Tom Hvitved	868caf948c	Rename `{Source,Sink}Node` to `{Source,Sink}Element`	2025-01-08 15:21:43 +01:00
Tom Hvitved	0dccbb9349	Rust: Add two more AST consistency checks	2025-01-08 14:30:01 +01:00
Tom Hvitved	033cd1778e	Rust: Include index in `Format.getArgument`	2025-01-08 14:04:48 +01:00
Paolo Tranquilli	ce2877da5d	Merge branch 'main' into redsun82/rust-mute-warnings-in-uncompiled-blocks	2025-01-07 13:00:04 +01:00
Geoffrey White	9d178ab8d6	Rust: Fix the failing integration tests.	2025-01-06 14:05:02 +00:00
Geoffrey White	f93aac07c2	Rust: Correct / clarify some QLDoc.	2025-01-06 13:50:41 +00:00
Geoffrey White	e1e980c2e8	Rust: Add sensitive data to summary queries.	2025-01-06 13:26:27 +00:00
Geoffrey White	821eb4f3e6	Rust: Add sensitive data library.	2025-01-06 13:26:26 +00:00
Geoffrey White	c77bf2b4eb	Rust: Add a test for sensitive data.	2025-01-06 13:26:25 +00:00
Tom Hvitved	8f6ae6274d	Rust: Add support for MaD sources and sinks with access paths	2025-01-06 13:26:49 +01:00
Simon Friis Vindum	c55b256d47	Rust: Remove accidentally commited expected files	2025-01-06 12:01:03 +01:00
Paolo Tranquilli	10d8aa454b	Merge branch 'main' into redsun82/rust-mute-warnings-in-uncompiled-blocks	2025-01-06 10:01:57 +01:00
Simon Friis Vindum	5c64a8c948	Rust: Accept expected changes and fix other CI complaints	2025-01-03 16:38:11 +01:00
Simon Friis Vindum	cd957ba63b	Rust: Add models for functions used inside format! macro	2025-01-03 14:09:23 +01:00
Simon Friis Vindum	0d19fb6040	Rust: Add taint from children of format_args to format_args	2025-01-03 14:06:47 +01:00
Simon Friis Vindum	2ef9339d00	Rust: Generate CFG node for FormatArgsArg	2025-01-03 13:58:25 +01:00
Simon Friis Vindum	42d125676e	Rust: Value flow through macro calls	2025-01-03 13:47:29 +01:00
Simon Friis Vindum	f09632df58	Rust: Add data flow tests for macros and format_args	2025-01-03 13:28:19 +01:00
Paolo Tranquilli	f13d03b18c	Rust: fix typo (thanks copilot!)	2024-12-20 14:18:36 +01:00
Paolo Tranquilli	485586f780	Rust: reinstate extraction of test code Users will still be able to opt out: * for unit tests, by providing the `cargo_cfg_overrides=-test` extractor option * for integration tests, by excluding the test files from the analysis using `paths-ignore` in the codescanning configuration file We may want to revisit whether we want a single option for both. Also further work will be needed to restrict our security queries to non-test code on the QL side.	2024-12-20 14:12:41 +01:00
Paolo Tranquilli	73a5a3f7ee	Rust: support `paths` and `paths-ignore` from the code scanning configuration file This is done by simply adding the autobuilder from the shared tree-sitter extractor library.	2024-12-19 17:37:56 +01:00
Simon Friis Vindum	a28ddd642c	Rust: Add variables example with let statement in macro	2024-12-19 13:12:45 +01:00
Arthur Baars	023f48ff1c	Merge pull request #18295 from github/aibaars/update-rust-ungram Rust: update rust-analyzer	2024-12-18 16:01:50 +01:00
Simon Friis Vindum	508c7e6e85	Merge pull request #18314 from paldepind/rust-tuple-ref-patterns Rust: Add read steps for tuple and reference patterns	2024-12-18 14:13:08 +01:00
Tom Hvitved	00688ebd79	Merge pull request #18312 from hvitved/rust/operator-overloading-test Rust: Add data flow tests for operator overloading	2024-12-18 13:58:39 +01:00
Paolo Tranquilli	218bc8069b	Rust: exclude extraction of code excluded by `cfg`	2024-12-18 13:34:40 +01:00
Simon Friis Vindum	09fd27af80	Rust: Add read steps for tuple and reference patterns	2024-12-18 13:22:05 +01:00
Simon Friis Vindum	b5b8af3aa2	Rust: Add data flow tests for borrows	2024-12-18 13:00:38 +01:00
Arthur Baars	a6ec51a951	Rust: update expected output	2024-12-18 13:00:14 +01:00
Tom Hvitved	3a63dbcd5d	Apply suggestions from code review Co-authored-by: Simon Friis Vindum <paldepind@github.com>	2024-12-18 12:46:11 +01:00
Simon Friis Vindum	049fab4c72	Rust: Remove taint steps	2024-12-18 11:22:56 +01:00
Tom Hvitved	025a67384f	Rust: Add data flow tests for operator overloading	2024-12-18 09:26:17 +01:00
Simon Friis Vindum	c1e21974c6	Rust: Address review comments	2024-12-17 17:24:42 +01:00
Simon Friis Vindum	d8c301a96b	Merge branch 'main' into rust-data-flow-models	2024-12-17 16:09:59 +01:00
Arthur Baars	23e6a825aa	Rust: fix QL code	2024-12-17 14:07:48 +01:00
Arthur Baars	029e2604a3	Rust: //rust/codegen	2024-12-17 14:07:44 +01:00
Tom Hvitved	8efd870192	Merge pull request #18292 from hvitved/rust/never-skip-lhs Rust: Never skip assignment LHS in data flow	2024-12-17 13:18:17 +01:00
Tom Hvitved	d8c05b5388	Merge pull request #18290 from hvitved/rust/perf-fixes Rust: Fix two bad joins	2024-12-17 13:18:05 +01:00
Simon Friis Vindum	ee87d4c948	Merge branch 'main' into rust-data-flow-models	2024-12-17 13:12:32 +01:00
Simon Friis Vindum	402d4e11c4	Rust: Re-add inline expectations query tags	2024-12-16 16:36:30 +01:00
Tom Hvitved	ddd05b5d1b	Rust: Never skip `match` scrutinee/patterns in data flow	2024-12-16 15:12:16 +01:00
Tom Hvitved	9f2b436d35	Rust: Never skip assignment LHS in data flow	2024-12-16 15:12:15 +01:00
Paolo Tranquilli	4975e7b739	Merge branch 'main' into redsun82/extract-self-param-ref	2024-12-16 15:06:16 +01:00
Tom Hvitved	5ed03e266a	Rust: Fix semantic merge conflicts	2024-12-16 14:47:13 +01:00
Paolo Tranquilli	4c4a8d7619	Rust: extract `isRef` for `SelfParam`	2024-12-16 14:24:56 +01:00
Michael Nebel	aaf0cd5dee	Merge pull request #17968 from michaelnebel/java/movetestutils Move test utilities to the query pack.	2024-12-16 13:41:30 +01:00

1 2 3 4 5 ...

982 Commits