hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,874 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.5
Commit Graph

1577 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
1432519cc2 Dataflow: Add totalorder predicates to all languages. 2024-05-27 11:01:52 +02:00
Anders Schack-Mulligen
bc8ca1af86 Dataflow: Introduce NodeRegions for use in isUnreachableInCall. 2024-05-27 11:01:51 +02:00
Michael Nebel
d272d6a9ca C#: Assume that models should apply when a method is overridable except for the implicit methods on Object and ValueType. 2024-05-24 12:50:48 +02:00
Michael Nebel
2449074f3d C#: Remove the DataFlowSummarizedCallable as this narrowing is now handled in the adapter. 2024-05-22 15:11:41 +02:00
Michael Nebel
e4319db18d C#: Filter out unwanted summaries at the root. 2024-05-22 12:53:55 +02:00
Tom Hvitved
d9019f9676 C#: Fix performance issue in EntityFramework modelling 2024-05-21 08:53:51 +02:00
Michael Nebel
763d53afed C#: Remove the override and ext column from the summaries printing test. 2024-05-16 15:08:45 +02:00
Michael Nebel
cfb0a862c1 Merge pull request #16356 from michaelnebel/csharp/aligntelemetryimplementation 
C#: Base telemetry Api Source/Sink nodes on abstract classes.
 2024-05-07 09:16:38 +02:00
Michael Nebel
757cf8d43a C#: Fix a comment typo. 2024-05-06 16:48:31 +02:00
Tom Hvitved
6233da3e40 Merge pull request #16399 from hvitved/csharp/unique-get-location 
C#: Make `Element.getLocation` (mostly) functional
 2024-05-05 20:18:19 +02:00
Tom Hvitved
3c91333d0b Address review comment 2024-05-03 14:09:41 +02:00
Michael Nebel
e64a2d6c9c C#: Align telemetry implementation with Java. 2024-05-03 12:48:14 +02:00
Tom Hvitved
f5d4b2e6cd C#: Make Element.getLocation (mostly) functional 2024-05-02 14:16:34 +02:00
erik-krogh
baa31e1469 delete outdated deprecations 2024-04-25 22:19:28 +02:00
Anders Schack-Mulligen
b2f09949df Merge pull request #15599 from aschackmull/dataflow/fieldflowbranchlimit-v2 
Dataflow: update fieldFlowBranchLimit semantics
 2024-04-23 10:08:05 +02:00
Michael Nebel
bc0e580683 C#: Address review comments. 2024-04-17 09:34:27 +02:00
Michael Nebel
e7bfd7df62 C#: Take more sources and sinks into account when reporting in the telemetry queries. 2024-04-16 16:05:16 +02:00
Michael Nebel
543032a3de C#: Add ParallelSink QL Doc. 2024-04-16 16:05:16 +02:00
Michael Nebel
f69737b407 C#: Move parallelsink to the library qlpack. 2024-04-16 16:05:16 +02:00
Anders Schack-Mulligen
2f0987e980 Dataflow: Add dummy DataFlowSecondLevelScope implementations. 
These could be an empty type, but Unit was available and it probably
doesn't matter.
 2024-04-15 15:16:30 +02:00
Anders Schack-Mulligen
004bda1ee0 C#: Add alert provenance plumbing. 2024-04-12 09:19:56 +02:00
Anders Schack-Mulligen
eafc0075fd Legacy dataflow: Sync. 2024-04-12 09:19:54 +02:00
Michael Nebel
10d96ee02f C#: Address review comments. 2024-04-09 10:31:48 +02:00
Michael Nebel
fc689efd1b C#: Add debug version of the getFullyQualifiedName predicate. 2024-04-08 13:47:59 +02:00
Michael Nebel
8fbfafc1d7 C#: Dont cache the deprecated getFullyQualifiedName predicate. 2024-04-08 13:46:45 +02:00
Michael Nebel
b677e89f35 C#: Deprecate getFullyQualifiedNameWithTypes. 2024-04-08 13:46:45 +02:00
Michael Nebel
8fa9191434 C#: Deprecate the getFullyQualifiedName predicate. 2024-04-08 13:46:44 +02:00
Michael Nebel
2fb9c2db6f C#: Remove deprecated qualifiedName predicates. 2024-04-08 13:46:44 +02:00
Tom Hvitved
c2f91a5ccf Merge pull request #16104 from hvitved/csharp/more-compiler-generated 
C#: Mark more expressions as compiler generated
 2024-04-04 09:09:16 +02:00
Tom Hvitved
fc02938687 Merge pull request #16088 from hvitved/csharp/library-property-store 
C#: Include all non-source-code properties in data flow
 2024-04-04 09:04:00 +02:00
Tom Hvitved
813f5b99e7 C#: Update PrintAST query 2024-04-03 20:03:02 +02:00
Tom Hvitved
1dc13cc169 Merge pull request #15923 from hvitved/shared-xml-impl 
Properly shared `XML.qll` implementation
 2024-04-03 11:39:50 +02:00
Tom Hvitved
64e82bb00e C#: Include all non-source-code properties in data flow 2024-04-03 10:22:36 +02:00
Geoffrey White
4a4c77e81d Remove claims about models-as-data that require you to select a parameter from non-Java languages. We believe this is only possible in Java. 2024-03-25 15:41:00 +00:00
Michael Nebel
6619be3137 Merge pull request #15940 from michaelnebel/csharp/sourcesinktests 
C#: Source- and sink tests.
 2024-03-21 08:12:16 +01:00
Michael Nebel
90db9b330f C#: Add MaD source and sink test query to shared library. 2024-03-19 13:45:38 +01:00
Tom Hvitved
529e901fb1 C#: Switch to shared XML.qll implementation 2024-03-19 13:14:42 +01:00
Tom Hvitved
fc55567d90 Merge pull request #15853 from hvitved/dataflow/get-location 
Data flow: Replace `hasLocationInfo` with `getLocation`
 2024-03-18 20:21:46 +01:00
Ed Minnix
71cf948650 Classes extending SourceNode for local and stored source models 
Queries such as `cs/sql-injection` cast their source to a `SourceNode`
in order to describe them. For example:

```ql
import semmle.code.csharp.security.dataflow.flowsources.FlowSources

string getSourceType(DataFlow::Node source) {
   result = source.(SourceNode).getSourceType()
}
```

Models as data source models are not included in `SourceNode` by
default, they must be wrapped with a class extending `SourceNode`.

This adds such classes, which wrap the
`sourceNode(DataFlow::Node,string)` predicate and assigns a
`getSourceType`.
 2024-03-14 22:23:54 -04:00
Edward Minnix III
c190dd21db Merge pull request #15877 from egregius313/egregius313/csharp/mad/sources/windows-registry 
C#: Add source models for values from the Windows registry
 2024-03-12 16:41:42 -04:00
Tom Hvitved
257686eb9a C#: Implement new data flow interface 2024-03-11 20:56:38 +01:00
Ed Minnix
bc745dfd5e Windows registry sources 2024-03-11 13:55:34 -04:00
Tom Hvitved
da66281fef Sync files 2024-03-11 13:02:04 +01:00
Tom Hvitved
7a39f077d9 Data flow: Add ConfigSig::accessPathLimit 2024-03-11 13:01:58 +01:00
Ed Minnix
d300736c7e Remove AddLocalSource classes 2024-03-10 22:20:51 -04:00
Edward Minnix III
e7852f520f Merge pull request #15605 from egregius313/egregius313/csharp/dataflow/sources/commandargs-and-environment 
C#: Add more `environment` and `commandargs` sources for the C# Standard Library
 2024-03-08 14:10:09 -05:00
Ed Minnix
a3f6bfe1df commandargs sources 2024-03-07 12:30:06 -05:00
Ed Minnix
51afe12ae1 Environment variable sources 2024-03-07 12:20:48 -05:00
Michael Nebel
990dec67d0 C#: Address more review comments. 2024-03-07 09:40:34 +01:00
Michael Nebel
eda345a5b8 C#: Address review comments. 2024-03-07 09:40:34 +01:00