hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,688 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.0
Commit Graph

8663 Commits

Author SHA1 Message Date
Michael Nebel
20b5a7b6f0 C#: Update expected test output. 2024-10-23 13:08:10 +02:00
Michael Nebel
062a2ad97d C#: Include exception property accesses in the exception information exposure query. 2024-10-23 13:08:08 +02:00
Michael Nebel
1217c55c36 C#: Add change note. 2024-10-21 12:08:03 +02:00
Michael Nebel
191658f637 C#: Update expected test output. 2024-10-21 12:04:31 +02:00
Michael Nebel
b2b1a3ea65 C#: Consider string.ReplaceLineEndings(string) as a sanitizer for log forging. 2024-10-21 12:03:59 +02:00
Michael Nebel
0b8e83dc87 C#: Add log forging false positive example using ReplaceLineEndings. 2024-10-21 11:55:09 +02:00
Anders Schack-Mulligen
c20f12fa6c Add qldoc. 2024-10-16 14:35:23 +02:00
Anders Schack-Mulligen
7b43100af5 C#: Add support for speculative taint flow. 2024-10-16 14:35:19 +02:00
Anders Schack-Mulligen
c80627a3d3 Dataflow: add plumbing for adding provenance to state-steps. 2024-10-16 14:35:18 +02:00
github-actions[bot]
079ab77a38 Post-release preparation for codeql-cli-2.19.2 2024-10-15 12:16:59 +00:00
github-actions[bot]
255f55cf1a Release preparation for version 2.19.2 2024-10-15 10:29:25 +00:00
Tom Hvitved
4df9cd88ef Merge pull request #17658 from hvitved/shared/cfg-conditional-splitting 
Shared `ConditionalCompletionSplitting` implementation
 2024-10-10 13:21:38 +02:00
Michael Nebel
5d4ceeebb5 Shared: Only generate df summary model in the mixed query in case no context sensitive model exist. 2024-10-09 13:04:32 +02:00
Tom Hvitved
5d925d36d3 C#: Adopt shared ConditionalCompletionSplitting implementation 2024-10-09 11:02:15 +02:00
Chad Bentz
2458d16426 Clarify threat model flow sources comment in LogForgingQuery.qll 2024-10-01 23:04:22 -04:00
Anders Schack-Mulligen
6081ba5902 Merge pull request #17604 from aschackmull/java/neutral-overrides 
Java/C#: Add overrides to the interpretation of neutral MaD models.
 2024-10-01 14:55:54 +02:00
github-actions[bot]
e97878ed63 Post-release preparation for codeql-cli-2.19.1 2024-09-30 19:49:00 +00:00
github-actions[bot]
455c8c5953 Release preparation for version 2.19.1 2024-09-30 17:59:48 +00:00
Anders Schack-Mulligen
5c4b4d644a C#: Accept test changes. 2024-09-30 16:27:50 +02:00
Anders Schack-Mulligen
a8f55d93cb C#: Add overrides to the interpretation of neutral MaD models. 2024-09-30 15:23:27 +02:00
Tamas Vajk
29948e4c0b C#: reduce extraction message severity for missing text files 2024-09-30 12:31:07 +02:00
Michael Nebel
6f74387600 Merge pull request #17521 from michaelnebel/modelgen/moreimprovements 
C#/Java: Content based model generation improvements.
 2024-09-30 11:22:30 +02:00
Michael Nebel
0b39c5b982 C#/Java: Update model generator expected output. 2024-09-27 09:22:29 +02:00
Michael Nebel
80497f551e Shared: Only make unlifted models in case the API itself is relevant. 2024-09-27 09:22:25 +02:00
Michael Nebel
3d1a403655 C#: Add example of content based summary on private method. 2024-09-27 09:22:20 +02:00
Michael Nebel
8310faa2e9 C#/Java: Add a query that uses both content based and non-content based model generation. 2024-09-27 09:22:11 +02:00
Tom Hvitved
7c473c38c0 Merge pull request #17585 from hvitved/shared/cfg-scope-no-first-consistency 
Shared: Add CFG consistency check for scopes with missing entry points
 2024-09-26 14:05:08 +02:00
Rasmus Wriedt Larsen
381ea93ec3 Merge pull request #17424 from RasmusWL/active-threat-model-source 
Go/Java/C#: Rename `ThreatModelFlowSource` to `ActiveThreatModelSource`
 2024-09-26 13:08:17 +02:00
Michael Nebel
a128383760 C#/Java: Add some dfc-generated test cases. 2024-09-26 13:01:01 +02:00
Michael Nebel
9a923d62ad C#/Java: Updated expected test output. 2024-09-26 13:00:52 +02:00
Michael Nebel
0cd4ccb790 C#/Java: Update model generator expected test output. 2024-09-26 12:49:18 +02:00
Michael Nebel
aae8660acc C#/Java: Add some examples of missing synthetic field element flow. 2024-09-26 12:00:29 +02:00
Michael Nebel
58513cadbf C#/Java: Add model generator test examples. 2024-09-26 12:00:25 +02:00
Michael Nebel
dd993c3900 Merge pull request #17509 from michaelnebel/modelgen/parammodule 
C#/Java: Re-factor the model generator to be a parameterized module.
 2024-09-26 10:57:16 +02:00
Michael Nebel
297d32180c Merge pull request #17582 from michaelnebel/csharp/attributecollectionsinks 
C#: `AttributeCollection` is no longer considered a HTML sink.
 2024-09-26 09:17:31 +02:00
Michael Nebel
1dcc6ac2b1 C#: Address review comments. 2024-09-25 17:06:19 +02:00
Tom Hvitved
1bd504bf61 C#: Restrict CfgScope 2024-09-25 16:43:15 +02:00
Michael Nebel
af80797eda C#: Add change note. 2024-09-25 14:13:06 +02:00
Michael Nebel
e89a47f2f5 C#: Update XSS expected test output. 2024-09-25 14:13:03 +02:00
Michael Nebel
d00e27916d C#: No longer consider attribute collections as HTML sinks. 2024-09-25 14:12:59 +02:00
Michael Nebel
28c48fb471 C#: Add Xss attribute collection test example and update expected output. 2024-09-25 14:12:55 +02:00
Tom Hvitved
d299380a5a Rust: Enable CFG consistency checks 2024-09-25 10:56:44 +02:00
Michael Nebel
e6085759ae Shared: Put the content of CaptureSummaryFlowQuery into the shared library code. 2024-09-24 15:46:44 +02:00
Michael Nebel
fd45d2dcbb Shared: Move the model generator implementation to an internal folder. 2024-09-24 15:27:29 +02:00
Michael Nebel
22c2522aac Shared: Make a ContentSensitive module with predicates and classes related to content flow. 2024-09-24 15:16:16 +02:00
Chuan-kai Lin
1cd8af54f2 Merge pull request #17190 from github/cklin/diff-informed-java-queries 
Java: add support for alert location restrictions
 2024-09-23 08:39:24 -07:00
Rasmus Wriedt Larsen
63c3a71d95 Merge branch 'main' into active-threat-model-source 2024-09-23 11:18:14 +02:00
Anders Schack-Mulligen
3a1e50dcf9 Dataflow: Simplify diff-informed implementation and tweak flag name. 2024-09-20 07:07:10 -07:00
Tom Hvitved
16813240ae Shared: Do not use @kind graph for CFG test output 2024-09-19 18:13:31 +02:00
Chris Smowton
0deefaddc5 Merge pull request #17483 from smowton/smowton/feature/csharp-dataflow-fewer-nodes-including-virtual-dispatch 
C#: Restrict dataflow node creation to source and source-referenced entities [virtual-dispatch-inclusive variant]
 2024-09-19 15:33:47 +01:00