hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,612 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.7
Commit Graph

3379 Commits

Author SHA1 Message Date
github-actions[bot]
aebe9f6992 Post-release preparation for codeql-cli-2.16.5 2024-03-18 12:16:26 +00:00
github-actions[bot]
0a6243d07b Release preparation for version 2.16.5 2024-03-18 10:14:07 +00:00
Arthur Baars
a810165e35 Fix minor formatting issues in changenotes 2024-03-18 10:57:05 +01:00
erik-krogh
ef8368cfc4 fix typo 2024-03-13 22:37:13 +01:00
Michael Nebel
560b355e0c C#: Remove hard-coded local sources from the uncontrolled-format-string query. 2024-03-13 14:26:30 +01:00
Henry Mercer
c325ff8a23 Mark lines of code queries as telemetry queries 
The new file coverage metrics are available in all supported GHES
versions. This PR tags lines of code queries as telemetry queries. Lines
of code information will still be available in the SARIF file, but it
will no longer be displayed in the logging output of the CLI.

The one exception is the metric queries for Java/Kotlin that provides
separate lines of code information for Java and Kotlin. I've kept these
since separate file coverage information for languages like Java and
Kotlin is only available for GHES 3.12 and later.
 2024-03-11 16:40:31 +00:00
Tom Hvitved
7a39f077d9 Data flow: Add ConfigSig::accessPathLimit 2024-03-11 13:01:58 +01:00
Ed Minnix
8187b00562 Change note 2024-03-10 22:20:52 -04:00
Edward Minnix III
58f2777532 Merge pull request #15629 from egregius313/egregius313/csharp/dataflow/threat-modeling/remove-stored-query-variants 
C#: Remove `Stored` variants of queries
 2024-03-10 22:17:03 -04:00
Edward Minnix III
e7852f520f Merge pull request #15605 from egregius313/egregius313/csharp/dataflow/sources/commandargs-and-environment 
C#: Add more `environment` and `commandargs` sources for the C# Standard Library
 2024-03-08 14:10:09 -05:00
Michael Nebel
5b48bc4a3e C#: Delete the experimental IR queries. 2024-03-07 19:22:47 +01:00
Ed Minnix
ec6e17360d Replace Main-method parameters with ThreatModelFlowSource 2024-03-07 12:30:08 -05:00
Michael Nebel
73040bd30f C#: Use fully qualified name with types instead of label in IR queries. 2024-03-07 09:40:34 +01:00
Michael Nebel
58a1353ddc C#: Clean up implementation and remove CIL dataflow implementation. 2024-03-07 09:40:33 +01:00
github-actions[bot]
dc9092c9ec Post-release preparation for codeql-cli-2.16.4 2024-03-06 22:19:33 +00:00
github-actions[bot]
2f058ffb4d Release preparation for version 2.16.4 2024-03-06 20:56:51 +00:00
Angela P Wen
ce31f8641a Revert "Release preparation for version 2.16.4" 2024-03-06 12:07:33 -08:00
github-actions[bot]
661e68dab5 Release preparation for version 2.16.4 2024-03-05 18:13:58 +00:00
Angela P Wen
967963a653 Revert "Release preparation for version 2.16.4" 2024-03-05 08:53:33 -08:00
github-actions[bot]
a67218a027 Release preparation for version 2.16.4 2024-03-04 17:42:08 +00:00
Ed Minnix
4dc605354c Second-order SQL injection 2024-03-01 12:51:59 -05:00
Ed Minnix
1ba3efb111 Change note updates 2024-03-01 12:51:58 -05:00
Ed Minnix
c3671c7625 Fix change note 2024-03-01 12:51:55 -05:00
Ed Minnix
be3c1ed0be Change note 2024-03-01 12:51:53 -05:00
Ed Minnix
c95abd47ce Remove stored variants of queries 2024-03-01 12:51:51 -05:00
Ed Minnix
f488f23a48 Add LocalFlowSource back to UncontrolledFormatString 2024-02-29 12:06:59 -05:00
Edward Minnix III
89bdb7f437 Remove discussion of local flow in change note 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2024-02-29 12:03:19 -05:00
Ed Minnix
3563c7ef03 Modify deprecated RemoteSource classes to extend DataFlow::Node directly. 
Since `ThreatModelFlowSource` contains `RemoteFlowSource` by default, we
can safely remove the `RemoteSource` from the default of the queries.
 2024-02-29 12:03:16 -05:00
Ed Minnix
5198f52351 Add references to changed queries in change note 2024-02-29 12:03:11 -05:00
Ed Minnix
22e8da2928 Update change note date 2024-02-29 12:03:09 -05:00
Ed Minnix
eb81946adc Change note changes to mention local sources as well 2024-02-29 12:03:08 -05:00
Ed Minnix
b4dabee770 Remove unnecessary flowsources.Remote imports 
Since `FlowSources` now re-exports `Remote`, these can be safely removed.
 2024-02-29 12:03:07 -05:00
Ed Minnix
434fa20646 Refactor to using ThreatModelFlowSource 2024-02-29 12:03:05 -05:00
Ed Minnix
b76795fd28 Refactor to using ThreatModelFlowSource 2024-02-29 12:03:03 -05:00
Ed Minnix
fd3738b10e Refactor to using SourceNode::getSourceType 2024-02-29 12:03:01 -05:00
Ed Minnix
75772664f2 Change note 2024-02-29 12:02:58 -05:00
Ed Minnix
f388a0f10c Deprecate direct uses of RemoteFlowSource and replace with ThreatModelFlowSource 2024-02-29 12:02:57 -05:00
Tom Hvitved
297a17975d Merge pull request #15665 from hvitved/csharp/variable-capture 
C#: Adopt shared variable capture library
 2024-02-28 15:13:03 +01:00
Tom Hvitved
606a8fed0c Merge pull request #15406 from hvitved/csharp/no-stats-experiment 
C#: Remove all DB stats
 2024-02-26 13:40:37 +01:00
Tom Hvitved
acd52192d1 C#: Adopt shared variable capture library 2024-02-26 09:53:30 +01:00
github-actions[bot]
37f8fa3413 Post-release preparation for codeql-cli-2.16.3 2024-02-20 16:50:47 +00:00
github-actions[bot]
6d061fbc35 Release preparation for version 2.16.3 2024-02-20 14:26:23 +00:00
erik-krogh
a5eb2dd906 update the QHelp for cs/web/unvalidated-url-redirection with examples inspired by the JS QHelp 2024-02-15 12:41:01 +01:00
erik-krogh
7c2465e7b7 add change-note 2024-02-14 13:53:43 +01:00
Erik Krogh Kristensen
062f16e618 Merge pull request #15519 from erik-krogh/cs-path 
C#: Improve the `cs/path-injection` QHelp
 2024-02-13 10:02:11 +01:00
Tom Hvitved
15cf695188 C#: Fix various bad joins 2024-02-12 19:49:53 +01:00
Anders Schack-Mulligen
b7d4a6926f Dataflow: Add empty provenance column to PathGraph. 2024-02-09 11:27:30 +01:00
Dave Bartolomeo
92bd550c55 Merge pull request #15531 from github/post-release-prep/codeql-cli-2.16.2 
Post-release preparation for codeql-cli-2.16.2
 2024-02-08 05:58:17 -08:00
Tamás Vajk
54c9135936 Merge pull request #15518 from tamasvajk/feature/telemetry-dependency-manager 
C#: Extract dependency restore telemetry data
 2024-02-07 08:14:01 +01:00
github-actions[bot]
b5139078d0 Post-release preparation for codeql-cli-2.16.2 2024-02-06 19:22:35 +00:00