hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,734 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.4
Commit Graph

1052 Commits

Author SHA1 Message Date
github-actions[bot]
573e53e454 Release preparation for version 2.20.4 2025-02-03 15:19:35 +00:00
Chuan-kai Lin
b3b7817a2b Merge pull request #18603 from github/cklin/restrict-alerts-to-exact 
AlertFiltering: add restrictAlertsToExactLocation
 2025-01-30 06:40:39 -08:00
Chuan-kai Lin
96caa686fc AlertFiltering: add restrictAlertsToExactLocation 
This commit introduces a new extensible predicate
restrictAlertsToExactLocation, which is similar to the existing
restrictAlertsTo predicate but matches alert locations exactly.
 2025-01-29 07:50:45 -08:00
Simon Friis Vindum
9d87f26145 Shared: Use strictconcat in model generator printing 2025-01-29 11:56:39 +01:00
Chuan-kai Lin
b9b9394259 AlertFiltering: allow multiple filtering predicates 
This commit rephrases the documentation for the restrictAlertsTo
predicate and renames the predicate columns for clarity. The new
documentation should be equivalent to the old documentation, except
allowing for the possibility that there may be multiple alert filtering
predicates.
 2025-01-28 07:51:45 -08:00
Simon Friis Vindum
13e0829d19 Shared: Generalize the number of columns in a generated MaD row 2025-01-28 15:36:09 +01:00
erik-krogh
a1afa20d4b add change-notes 2025-01-27 22:43:13 +01:00
erik-krogh
34f5f61a10 all: use my script to delete outdated deprecations 2025-01-27 22:16:48 +01:00
Asger F
1b7977bf90 Merge pull request #18466 from asgerf/js/view-component-inputs 
JS: Add view-component-input threat model
 2025-01-24 10:59:25 +01:00
Simon Friis Vindum
e13a7a224f Merge branch 'main' into shared-basic-block-library 2025-01-24 09:54:26 +01:00
Simon Friis Vindum
a537f347d3 Shared: Tweak basic block documentation 2025-01-23 17:21:46 +01:00
Tom Hvitved
33e07edcbf Rust: Translate more MaD IDs in tests 2025-01-23 14:45:33 +01:00
Simon Friis Vindum
9547a5cd27 Shared: Update basic block documentation and make minor tweaks 2025-01-22 16:07:30 +01:00
Jonas Jensen
773a98a9eb Merge pull request #18340 from jbj/diff-informed-getASelectedLocation 
Java: make more queries diff-informed with getASelectedLocation
 2025-01-22 14:25:33 +01:00
Asger F
8771bf81b3 Mention view-component-input in docs and threat model grouping 2025-01-22 11:23:05 +01:00
Simon Friis Vindum
e5f419ce75 Shared: Define getNode inside cached module 2025-01-22 09:45:02 +01:00
github-actions[bot]
fbb7f0a0c6 Post-release preparation for codeql-cli-2.20.2 2025-01-20 21:11:14 +00:00
github-actions[bot]
a0512a50f2 Release preparation for version 2.20.2 2025-01-20 21:11:12 +00:00
Simon Friis Vindum
9a4bf7513d Shared: Add more detailed documentation for immediatelyControls 2025-01-20 14:20:48 +01:00
Simon Friis Vindum
f7e90497bc Shared: Implement getScope in BB module instead of CFG module 2025-01-20 13:44:51 +01:00
Anders Schack-Mulligen
28d0d65c41 Merge pull request #18515 from aschackmull/dataflow/simplify-rev-throughflow 
Dataflow: Simplify the call-edge join in reverse through-flow.
 2025-01-20 13:37:42 +01:00
Simon Friis Vindum
62a459d3d7 Shared: Address basic block review comments 2025-01-20 13:33:27 +01:00
Simon Friis Vindum
e382ffc5d2 Shared: Address review comments for basic block library 2025-01-17 15:12:11 +01:00
Simon Friis Vindum
4d05b6a0a5 Shared: Address review comments for shared basic block library 2025-01-17 13:11:49 +01:00
Asger F
26a11efc5b Merge branch 'main' into js/test-suite 2025-01-17 10:09:06 +01:00
Simon Friis Vindum
8b20b0d334 Shared: Add change note for basic block addition 2025-01-16 16:36:52 +01:00
Simon Friis Vindum
c051eecfb4 Shared: Add shared basic block library 2025-01-16 16:36:45 +01:00
Anders Schack-Mulligen
20af2d5fe2 Dataflow: Fix poor join-order 2025-01-16 16:22:56 +01:00
Anders Schack-Mulligen
3ffc616179 Dataflow: Slight join improvement. 2025-01-16 16:22:55 +01:00
Anders Schack-Mulligen
f310780257 Dataflow: Simplify the call-edge join in reverse through-flow. 2025-01-16 16:07:24 +01:00
Asger F
1964b347c7 Merge branch 'main' into js/test-suite 2025-01-16 13:19:07 +01:00
Anders Schack-Mulligen
4223971f14 Dataflow: Remove outdated comment. 2025-01-16 10:26:40 +01:00
Anders Schack-Mulligen
f11ae49312 Dataflow: Fix a poor join-order. 2025-01-16 10:25:55 +01:00
yoff
599411b440 Merge pull request #17787 from yoff/shared/add-location-to-typetracking-nodes 
shared: Add locations to type tracking nodes
 2025-01-13 23:06:09 +01:00
Asger F
ce8912ddcc Test: Handle 'problems' result set as an alias for '#select' 2025-01-10 14:18:21 +01:00
Tom Hvitved
303b11ec36 Merge pull request #18298 from hvitved/rust/mad-source-sink 
Rust: Add support for MaD sources and sinks with access paths
 2025-01-10 11:49:51 +01:00
Tom Hvitved
039b2ecf9b Merge pull request #18457 from hvitved/dataflow/disallowed-return-inline-late 
Data flow: Fix a bad join order
 2025-01-10 09:37:58 +01:00
yoff
b263132ab2 Merge pull request #17998 from yoff/shared/locations-in-range-analysis 2025-01-09 14:05:54 +01:00
Tom Hvitved
653d1227e3 Data flow: Cache known{Source,Sink}Model 2025-01-09 13:11:29 +01:00
Tom Hvitved
91b6a6573c Data flow: Fix a bad join order 2025-01-09 12:58:16 +01:00
Tom Hvitved
a7bb95249b Rust: Implement known{Source,Sink}Model 2025-01-09 11:47:57 +01:00
Owen Mansel-Chan
0f8f5d2793 Merge branch 'main' into post-release-prep/codeql-cli-2.20.1 2025-01-08 16:28:23 +00:00
yoff
21e7a0e828 Merge branch 'main' into shared/locations-in-range-analysis 2025-01-08 16:40:59 +01:00
Tom Hvitved
9e5a814f72 Merge pull request #18315 from hvitved/ruby/dataflow-types 
Ruby: Track types in data flow
 2025-01-08 15:26:38 +01:00
Tom Hvitved
868caf948c Rename {Source,Sink}Node to {Source,Sink}Element 2025-01-08 15:21:43 +01:00
yoff
f02995d72b shared: add qldoc 2025-01-08 13:33:03 +01:00
yoff
aca5a51a78 Merge branch 'main' into shared/add-location-to-typetracking-nodes 2025-01-08 12:47:05 +01:00
Paolo Tranquilli
d2c7decd02 Rust/Ruby: upgrade all cargo dependencies excluding rust-analyzer 
The rust-analyzer update will need more work as it seems to break rust
analysis on windows.

This was carried out using `cargo upgrade` from `cargo-edit`:
* getting exclusions options for rust-analyzer with
   ```bash
   cargo upgrade -i --dry-run | grep -o 'ra_ap_\S\+' | sort -u | sed 's/^/--exclude=/' > /tmp/exclude
   ```
* running
   ```bash
   cargo upgrade -i $(cat /tmp/exclude)
   misc/bazel/3rdparty/update_cargo_deps.sh
   ```
 2025-01-08 09:57:11 +01:00
Tom Hvitved
96bf81ad6c Merge pull request #18333 from hvitved/dataflow/stage1-param-self-prune 
Data flow: Prune parameter-self flow in stage 1
 2025-01-08 09:16:12 +01:00
github-actions[bot]
fb20f6ca63 Post-release preparation for codeql-cli-2.20.1 2025-01-07 22:07:40 +00:00