hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,868 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.4
Commit Graph

2353 Commits

Author SHA1 Message Date
Alexander Eyers-Taylor
4effe9e364 Revert "Post-release preparation for codeql-cli-2.19.4" 2024-11-21 14:43:15 +00:00
github-actions[bot]
3909df75dc Post-release preparation for codeql-cli-2.19.4 2024-11-19 17:54:03 +00:00
github-actions[bot]
9783a11565 Release preparation for version 2.19.4 2024-11-19 16:21:37 +00:00
Michael Nebel
95a8881428 Merge pull request #17999 from michaelnebel/csharp/net9 
C#: Update to .NET9.
 2024-11-19 14:28:59 +01:00
Michael Nebel
e3990b7d04 C#: Add change-note. 2024-11-19 10:56:19 +01:00
Michael Nebel
b45b40ea4f C#: Add change note. 2024-11-07 11:55:55 +01:00
Michael Nebel
a60d9c2ca2 C#: Update .NET8 Runtime models to include generated models for higher order methods. 2024-11-07 11:14:01 +01:00
Michael Nebel
8041f00bf5 C#: Address more review comments. 2024-11-07 09:24:26 +01:00
Michael Nebel
e9c9519d90 C#: Address review comments. 2024-11-06 16:29:20 +01:00
Michael Nebel
5c389355d0 C#: Simplify delegate read and store steps (remove dependency on parameter). 2024-11-06 16:29:17 +01:00
Michael Nebel
fe854812ec C#: Add read and store steps for delegate calls. 2024-11-06 16:29:13 +01:00
github-actions[bot]
f107d16b4e Post-release preparation for codeql-cli-2.19.3 2024-11-04 17:20:08 +00:00
github-actions[bot]
cc7b724123 Release preparation for version 2.19.3 2024-11-04 16:37:28 +00:00
Anders Schack-Mulligen
b556590ef8 Merge pull request #17663 from aschackmull/dataflow/speculative-flow 
Dataflow: Add support for speculative taint flow.
 2024-10-31 08:12:43 +01:00
Tom Hvitved
7910af159c C#: Take mapped locations into account in Comments.qll 2024-10-28 14:21:10 +01:00
Michael Nebel
c1b1c62616 C#: Address review comments. 2024-10-23 15:25:52 +02:00
Michael Nebel
b7b6feed04 C#: Re-generate .NET 8 Runtime models. 2024-10-23 13:08:17 +02:00
Michael Nebel
9cd9ebfda9 C#: Add manual models for StringWriter. 2024-10-23 13:08:15 +02:00
Michael Nebel
87caf3d826 C#: Add change note. 2024-10-23 13:08:14 +02:00
Michael Nebel
d3a359b498 C#: Update .NET 8 models. 2024-10-23 13:08:13 +02:00
Michael Nebel
00ccd20452 C#: Delete all .NET 8 Runtime models. 2024-10-23 13:08:11 +02:00
Michael Nebel
b2b1a3ea65 C#: Consider string.ReplaceLineEndings(string) as a sanitizer for log forging. 2024-10-21 12:03:59 +02:00
Anders Schack-Mulligen
c20f12fa6c Add qldoc. 2024-10-16 14:35:23 +02:00
Anders Schack-Mulligen
7b43100af5 C#: Add support for speculative taint flow. 2024-10-16 14:35:19 +02:00
Anders Schack-Mulligen
c80627a3d3 Dataflow: add plumbing for adding provenance to state-steps. 2024-10-16 14:35:18 +02:00
github-actions[bot]
079ab77a38 Post-release preparation for codeql-cli-2.19.2 2024-10-15 12:16:59 +00:00
github-actions[bot]
255f55cf1a Release preparation for version 2.19.2 2024-10-15 10:29:25 +00:00
Tom Hvitved
5d925d36d3 C#: Adopt shared ConditionalCompletionSplitting implementation 2024-10-09 11:02:15 +02:00
Chad Bentz
2458d16426 Clarify threat model flow sources comment in LogForgingQuery.qll 2024-10-01 23:04:22 -04:00
Anders Schack-Mulligen
6081ba5902 Merge pull request #17604 from aschackmull/java/neutral-overrides 
Java/C#: Add overrides to the interpretation of neutral MaD models.
 2024-10-01 14:55:54 +02:00
github-actions[bot]
e97878ed63 Post-release preparation for codeql-cli-2.19.1 2024-09-30 19:49:00 +00:00
github-actions[bot]
455c8c5953 Release preparation for version 2.19.1 2024-09-30 17:59:48 +00:00
Anders Schack-Mulligen
a8f55d93cb C#: Add overrides to the interpretation of neutral MaD models. 2024-09-30 15:23:27 +02:00
Tom Hvitved
7c473c38c0 Merge pull request #17585 from hvitved/shared/cfg-scope-no-first-consistency 
Shared: Add CFG consistency check for scopes with missing entry points
 2024-09-26 14:05:08 +02:00
Rasmus Wriedt Larsen
381ea93ec3 Merge pull request #17424 from RasmusWL/active-threat-model-source 
Go/Java/C#: Rename `ThreatModelFlowSource` to `ActiveThreatModelSource`
 2024-09-26 13:08:17 +02:00
Michael Nebel
297d32180c Merge pull request #17582 from michaelnebel/csharp/attributecollectionsinks 
C#: `AttributeCollection` is no longer considered a HTML sink.
 2024-09-26 09:17:31 +02:00
Michael Nebel
1dcc6ac2b1 C#: Address review comments. 2024-09-25 17:06:19 +02:00
Tom Hvitved
1bd504bf61 C#: Restrict CfgScope 2024-09-25 16:43:15 +02:00
Michael Nebel
d00e27916d C#: No longer consider attribute collections as HTML sinks. 2024-09-25 14:12:59 +02:00
Chuan-kai Lin
1cd8af54f2 Merge pull request #17190 from github/cklin/diff-informed-java-queries 
Java: add support for alert location restrictions
 2024-09-23 08:39:24 -07:00
Rasmus Wriedt Larsen
63c3a71d95 Merge branch 'main' into active-threat-model-source 2024-09-23 11:18:14 +02:00
Anders Schack-Mulligen
3a1e50dcf9 Dataflow: Simplify diff-informed implementation and tweak flag name. 2024-09-20 07:07:10 -07:00
Chris Smowton
0deefaddc5 Merge pull request #17483 from smowton/smowton/feature/csharp-dataflow-fewer-nodes-including-virtual-dispatch 
C#: Restrict dataflow node creation to source and source-referenced entities [virtual-dispatch-inclusive variant]
 2024-09-19 15:33:47 +01:00
Chris Smowton
bb82dc1b18 Change note 2024-09-19 15:12:11 +01:00
Chris Smowton
bc9eb993b8 Remove unnecessary fromSource conditions 2024-09-19 15:08:08 +01:00
Michael Nebel
4a9e3ee3aa Merge pull request #17363 from michaelnebel/modelgen/fieldbasedimprovements 
C#/Java: Content based model generation improvements.
 2024-09-19 10:49:11 +02:00
Michael Nebel
24a101297c Merge pull request #15884 from michaelnebel/csharp/cleanupcil 
C#: CIL and Dotnet cleanup (removal).
 2024-09-18 11:43:41 +02:00
Michael Nebel
295861d577 Merge pull request #17459 from michaelnebel/csharp/accessormad 
C#: Add MaD support for `Attribute.Getter` and `Attribute.Setter`.
 2024-09-18 09:11:51 +02:00
Chris Smowton
3e91f0f53f Expand range of callables requiring nodes to include unbound declarations of generic instantiations, static targets, and methods that have a body even if not flagged fromSource 2024-09-17 15:00:15 +01:00
Chris Smowton
349268cbf7 Expand the range of callables used in source to include potential virtual dispatch targets and referenced callables (e.g., in assigning a delegate) 2024-09-17 15:00:14 +01:00