hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,451 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.4
Commit Graph

3471 Commits

Author SHA1 Message Date
Chuan-kai Lin
23320b6e5e Revert "Release preparation for version 2.18.1" 2024-07-22 13:22:49 -07:00
github-actions[bot]
55935fc123 Release preparation for version 2.18.1 2024-07-22 14:56:15 +00:00
Michael Nebel
18cde3bd78 Merge pull request #16873 from michaelnebel/csharp/narrowsourcegeneration 
C#: Narrow source model generation.
 2024-07-15 15:53:13 +02:00
Michael Nebel
8eba4a3e51 C#: Code quality improvement. 2024-07-15 08:05:13 +02:00
Tom Hvitved
0459422a6c C#: Restrict multi-body dataflow dispatch based on file-system distance 2024-07-11 16:52:20 +02:00
github-actions[bot]
ae3aba061b Post-release preparation for codeql-cli-2.18.0 2024-07-08 13:30:13 +00:00
github-actions[bot]
b0d6778652 Release preparation for version 2.18.0 2024-07-08 09:10:51 +00:00
Tom Hvitved
d675304703 Merge pull request #16875 from hvitved/csharp/ssa-param-def 
C#: Move implicit entry definitions inside method bodies in SSA construction
 2024-07-04 10:51:06 +02:00
Michael Nebel
5639ada3ed C#: Do not generate source models for Overriable callables that overrides or implements something. 2024-07-02 07:52:26 +01:00
Michael Nebel
25b20186af Merge pull request #16861 from michaelnebel/modelgen/sourcesinklift 
C#/Java: Do not lift source and sink models.
 2024-07-02 08:50:31 +02:00
Tom Hvitved
c5c97aca50 C#: Move implicit entry definitions inside method bodies in SSA construction 2024-07-01 10:48:13 +02:00
Arthur Baars
b12b33c8f9 Merge remote-tracking branch 'upstream/main' into 'rc/3.14' 2024-06-28 19:50:35 +02:00
Michael Nebel
64ac52e918 C#: Only lift summary models in the model generator. 2024-06-27 09:54:00 +02:00
github-actions[bot]
fd385736e6 Post-release preparation for codeql-cli-2.17.6 2024-06-25 06:39:45 +00:00
github-actions[bot]
e32a587078 Release preparation for version 2.17.6 2024-06-24 14:33:10 +00:00
Michael Nebel
b27a9d948a C#: Exclude APIs with a manual source neutral from source model generation and allow source generation for all source kinds. 2024-06-24 13:07:14 +02:00
Michael Nebel
b7bc540325 C#: Adjust implementation to use the shared model printer. 2024-06-24 11:50:46 +02:00
Michael Nebel
40204911bc C#: Only allow source propgatation upwards in the call stack if the call path consists of unique call targets (to avoid unwanted virtual dispatch). This severely tightens the generation of extrapolated sources. 2024-06-19 14:10:49 +02:00
Michael Nebel
1c3ceacf04 C#: Some renaming and re-factoring. 2024-06-18 13:05:21 +02:00
Michael Nebel
b5d6a6db7e C#: Use the same types as sanitizers for source and sink model as we use for summary model generation. 2024-06-18 13:05:12 +02:00
Michael Nebel
a29446a566 C#/Java: Address review comments. 2024-06-14 10:46:19 +02:00
Michael Nebel
91ebeee429 C#: Perceive field and property reads as additional flow steps in sink extrapolation. 2024-06-12 14:16:26 +02:00
github-actions[bot]
8a25081a0e Post-release preparation for codeql-cli-2.17.5 2024-06-10 15:33:08 +00:00
github-actions[bot]
877bfa2468 Release preparation for version 2.17.5 2024-06-10 13:40:39 +00:00
Chanel
7b5297b882 Merge branch 'main' into jb1/chanely-insecure-sql-connection 2024-06-05 09:02:13 -07:00
Chanel Young
716e2737d1 formatting 2024-06-05 09:01:10 -07:00
Michael Nebel
8b75bb2ba9 C#: The model generator should consider System.Type and System.DateTime as sanitizers. 2024-05-31 12:50:18 +02:00
Michael Nebel
121378a262 C#: Add change-note. 2024-05-31 12:50:02 +02:00
github-actions[bot]
906b65d09c Post-release preparation for codeql-cli-2.17.4 2024-05-28 18:02:25 +00:00
github-actions[bot]
33b4ae8bbb Release preparation for version 2.17.4 2024-05-28 15:44:32 +00:00
Michael Nebel
5a25967019 C#: Address review comments. 2024-05-28 13:38:23 +02:00
Michael Nebel
c59c7cf02a C#: Use manual sink callables as exclusion for extrapolated sinks. 2024-05-24 12:50:48 +02:00
Michael Nebel
a8feda2e2b C#: Introduce lifting of callables in the model generator. 2024-05-24 12:50:48 +02:00
Michael Nebel
3ad29d843d C#: Re-factor model generator specific to align with Java. 2024-05-24 12:50:48 +02:00
Michael Nebel
95473c06fc Merge pull request #16520 from michaelnebel/csharp/fixsummarizedcallabledataflow 
C#: Make the flow summary filtering in the adapter.
 2024-05-24 12:48:03 +02:00
Dave Bartolomeo
f498e05099 Merge branch 'main' into dbartol/v1 2024-05-23 14:37:28 -04:00
Dave Bartolomeo
613ccaac1d Add change note to all v1.0.0 packs 2024-05-23 13:01:22 -04:00
Tom Hvitved
f517c00658 Merge pull request #16559 from hvitved/csharp/callable-always-returns-true 
C#: Simplify logic in `JsonWebTokenHandlerLib.qll`
 2024-05-23 09:25:19 +02:00
Dave Bartolomeo
ffe4c8c87b Update all pack versions to 1.0.0 2024-05-22 13:39:08 -04:00
Michael Nebel
2449074f3d C#: Remove the DataFlowSummarizedCallable as this narrowing is now handled in the adapter. 2024-05-22 15:11:41 +02:00
Tom Hvitved
39019b3b62 C#: Simplify logic in JsonWebTokenHandlerLib.qll 2024-05-22 14:24:32 +02:00
Tom Hvitved
bebcd679a4 Address review comments 2024-05-21 14:51:52 +02:00
Tom Hvitved
454687d583 Data flow: Synthesize parameter return nodes 2024-05-21 14:47:42 +02:00
Chanel Young
5ee7004a62 fp case if encrypt set in initializer 2024-05-16 17:59:17 -07:00
Michael Nebel
763d53afed C#: Remove the override and ext column from the summaries printing test. 2024-05-16 15:08:45 +02:00
github-actions[bot]
32e8b5c667 Post-release preparation for codeql-cli-2.17.3 2024-05-14 21:14:08 +00:00
github-actions[bot]
100166fa53 Release preparation for version 2.17.3 2024-05-14 19:23:18 +00:00
Michael Nebel
79c6834aa3 Merge pull request #16374 from michaelnebel/java/narrowsuperimpl 
Java: Improve finding best type for models and lifting.
 2024-05-14 13:12:04 +02:00
Joe Farebrother
513a319149 Change cwe to 348 2024-05-13 22:38:47 +01:00
Joe Farebrother
20a1e22c44 Add missing CWE tags 2024-05-09 10:33:48 +01:00