hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,161 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.6
Commit Graph

3351 Commits

Author SHA1 Message Date
github-actions[bot]
0a3670727f Release preparation for version 2.14.6 2023-09-19 11:40:30 +00:00
amammad
bc6a0fc776 move to CWE-347 2023-09-19 07:15:46 +10:00
Maiky
52007fb9a2 Change v3 to v2 2023-09-17 21:42:18 +02:00
Michael B. Gale
d7278be064 Go: Update versionRe to include patch version 
This is optional
 2023-09-15 16:50:24 +01:00
amammad
52d1e45b05 add comments for better quality 2023-09-15 23:25:25 +10:00
Chris Smowton
a63bb1bbed Tidy 2023-09-15 12:58:44 +01:00
amammad
e1d5c9d45b fix grammar mistake 2023-09-15 06:32:23 +10:00
amammad
5a3a8d781a fix some flowstate bug which Had caused to FP 2023-09-15 02:09:40 +10:00
amammad
08f78a2df4 fix some flowstate bug which Had caused to FP 2023-09-15 01:56:46 +10:00
Anders Schack-Mulligen
f5a4b792bd C++/Go/Python/Ruby/Swift: Add dummy localMustFlowStep. 2023-09-13 15:43:46 +02:00
Kevin Stubbings
f9fe86a1ca Added change-notes 2023-09-12 21:34:30 -07:00
Kevin Stubbings
7d213d5bb9 Add Integer/Boolean Sanitizer 2023-09-12 21:10:11 -07:00
Chris Smowton
d13f4210eb Fix space handling in Golang configure-baseline scripts 2023-09-11 10:51:35 +01:00
github-actions[bot]
d699880c86 Post-release preparation for codeql-cli-2.14.4 2023-09-08 21:17:52 +00:00
Michael B. Gale
3b708993c7 Go: Add diagnostic for 1.21 toolchain error 2023-09-07 11:51:20 +01:00
amammad
0f540f4c25 add sources to detect CVE completely 2023-09-07 18:25:48 +10:00
amammad
f6f99fb459 remove parameter as source 2023-09-07 17:47:55 +10:00
amammad
c76d0d364d fix a mistake ioutil => io/ioutil 2023-09-06 03:38:06 +10:00
github-actions[bot]
abf2b12b1c Release preparation for version 2.14.4 2023-09-05 16:56:14 +00:00
Michael B. Gale
77369a09a4 Merge pull request #13872 from Kwstubbs/Kevin_error_sanitizer 
Go: Add sanitizer to remove paths passing through http.Error
 2023-09-04 13:25:55 +01:00
amammad
f3ea72c234 proper tests with depstubber, remove Duplicates :( 2023-09-03 04:51:05 +10:00
Kevin Stubbings
84d52b94a3 Forgot delete 2023-08-29 08:38:18 -07:00
Kevin Stubbings
ffa3bdc8bb Change note changes 2023-08-29 08:37:15 -07:00
amammad
40ff16bdaf Merge branch 'main' into amammad-go-JWT 2023-08-29 20:02:57 +10:00
Jeroen Ketema
0d1fd88729 Merge pull request #14050 from jketema/inline-6 
Consolidate all `InlineFlowTest` libraries in the dataflow qlpack
 2023-08-29 09:30:35 +02:00
Kevin Stubbings
29e14f7d8d Feedback, Format, Add Change Notes 2023-08-28 14:15:21 -07:00
Dave Bartolomeo
3343b78015 Merge pull request #14074 from github/post-release-prep/codeql-cli-2.14.3 
Post-release preparation for codeql-cli-2.14.3
 2023-08-28 13:34:10 -04:00
github-actions[bot]
3eba77421a Post-release preparation for codeql-cli-2.14.3 2023-08-28 15:53:49 +00:00
amammad
68392e7ae7 V1 2023-08-28 22:23:51 +10:00
amammad
25c60c455e v1 2023-08-27 23:53:45 +10:00
Jeroen Ketema
9d573e5544 Consolidate all InlineFlowTest libraries in the dataflow qlpack 2023-08-24 21:38:46 +02:00
Michael Nebel
ce6fd8ac5f Merge pull request #13432 from michaelnebel/updateissupported 
Java/C#: Update telemetry queries to report callables with sink/source neutrals as being supported.
 2023-08-22 08:39:38 +02:00
Jeroen Ketema
2d0f73d7c2 Merge pull request #13881 from jketema/shared-taint-tracking 
Introduce shared taint tracking library
 2023-08-21 12:45:49 +02:00
Michael Nebel
106ba11e10 Address review comments. 2023-08-21 09:59:02 +02:00
Michael Nebel
d66fe08661 Add QLDoc for the getKind predicate. 2023-08-21 09:59:02 +02:00
Michael Nebel
25cc561e50 Go: Sync files and make manual adjustments. 2023-08-21 09:59:01 +02:00
github-actions[bot]
098dfb4242 Release preparation for version 2.14.3 2023-08-18 14:48:15 +00:00
Michael B. Gale
a1c9deea61 Merge pull request #13867 from github/mbg/go/1.21-support 
Go: Basic Go 1.21 support
 2023-08-18 14:37:11 +01:00
Michael B. Gale
9082fd218e Add taint flow tests for clear 2023-08-17 18:39:32 +01:00
Michael B. Gale
109b96f038 Add comment explaining TaintStep test 2023-08-17 17:50:41 +01:00
Michael B. Gale
e65269be69 Add DefaultTaintSanitizer for clear 2023-08-17 17:49:46 +01:00
Jeroen Ketema
33e8310625 Merge branch 'main' into shared-taint-tracking 2023-08-17 00:14:25 +02:00
Michael B. Gale
1bd536dd9e Rename getLocation to hasLocation 2023-08-16 11:21:35 +01:00
Michael B. Gale
c981fd714e Exclude String from TaintSteps 
For `os.dirEntry` and `os.unixDirent` which are only available
on unix and Windows respectively.
 2023-08-15 20:32:41 +01:00
Michael B. Gale
ee58dbc6f7 Add new built-ins to builtinFunction predicate 
- `clear` isn't pure because it modifies a data structure in place
- `clear` may not be used correctly, but this is determined statically
 2023-08-15 20:16:42 +01:00
Chris Smowton
3bcfbcdf68 Don't warn when Go version exactly matches go.mod 
We had only previously tested this with e.g. installed go 1.20.5 >= go.mod request `go 1.20`; now we have go 1.21.0 which shouldn't elicit a warning because 1.21.0 is equal to the go.mod request `go 1.21`.
 2023-08-15 16:49:42 +01:00
Henry Mercer
1213eba630 Merge branch 'main' into post-release-prep/codeql-cli-2.14.2 2023-08-11 13:54:55 +01:00
Michael B. Gale
513da82510 Model data flow for min and max 2023-08-11 11:51:07 +01:00
Michael B. Gale
d189a15737 Exclude poly1305.mac.Write from TaintSteps 
Not available on arm64
 2023-08-11 11:33:52 +01:00
Michael B. Gale
a623733dfa Add location info to TaintSteps query 2023-08-11 11:10:39 +01:00