hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,161 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.6
Commit Graph

84161 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
REDMOND\brodes
25599e9b4b crypto: Update JCA model macs to take into consideration update calls (use prior pattern for signatures). Misc. bug fixes. 2025-10-15 16:25:36 -04:00
Geoffrey White
510597666a Rust: Change note. 2025-10-15 20:31:47 +01:00
Geoffrey White
612e95b7a4 Rust: More deduplication. 2025-10-15 20:31:46 +01:00
Geoffrey White
483ab5929a Rust: Combine and expand some of the models. 2025-10-15 20:31:43 +01:00
REDMOND\brodes
15e266db94 Crypto: Tweaks to bad crypto ordering queries. 2025-10-15 14:20:40 -04:00
REDMOND\brodes
9a6aac1300 Crypto: To get unreferenced parameters as general sources for Java, I've included the caveat that if a function is called, all the calls appear to be in test files. 2025-10-15 14:20:16 -04:00
REDMOND\brodes
c6174fbb93 Crypto: remove precision tag 2025-10-15 14:10:16 -04:00
Geoffrey White
ea6c7cfba0 Rust: Generalize stdlib 'a as b' models. 2025-10-15 19:08:05 +01:00
Geoffrey White
072eca233d Rust: Update consistency check .expected. 2025-10-15 16:50:47 +01:00
Geoffrey White
eb1555c45e Rust: Update the suite list .expected files. 2025-10-15 16:08:08 +01:00
Geoffrey White
f4a6efa9e0 Rust: Rename stdlib model files to be consistent with others. 2025-10-15 16:02:42 +01:00
REDMOND\brodes
631e482fd6 Crytpo: when key encapsulation or cipher operations have multiple modes at a node, the node name must reflect that it may be any mode. 2025-10-15 11:01:49 -04:00
Geoffrey White
c68112fb60 Rust: Move the CWE-328 test. 2025-10-15 15:24:25 +01:00
Geoffrey White
c7f0e41660 Rust: Move the existing CWE-327 test. 2025-10-15 15:24:14 +01:00
Geoffrey White
9dcc0a0d81 Rust: Move rust/weak-sensitive-data-hashing to CWE-327. 2025-10-15 15:14:16 +01:00
Geoffrey White
48ca04bc40 Rust: Repair test annotations following format and accept .expected changes. 2025-10-15 15:00:28 +01:00
Geoffrey White
28c139abfb Rust: Format the test. 2025-10-15 14:42:12 +01:00
Geoffrey White
5544dfff6d Update rust/ql/test/query-tests/security/CWE-089/mysql.rs 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-10-15 14:31:10 +01:00
REDMOND\brodes
c7be23e1fe Crypto: Remove all precision tags from all experimental queries. Precision is largely in flux while the models are being developed. 2025-10-15 09:22:04 -04:00
REDMOND\brodes
bf9a249624 Crypto: Experimental queries for mac ordering 2025-10-15 08:06:50 -04:00
REDMOND\brodes
ee08385e31 Crytpo: Update JCA keyagreement to type conversion, XDH is a type of ECDH. 2025-10-15 08:06:19 -04:00
Jeroen Ketema
129c8bf2e0 Merge pull request #20639 from jketema/swift-trace 
Swift: Make tracer config handle resource-dirs passed to clang
 2025-10-15 13:16:15 +02:00
Asger F
c6577c8590 JS: Avoid magic and improve a join in type resolution 2025-10-15 11:54:28 +02:00
Simon Friis Vindum
70a8c4f37f C++: Add range analysis examples that explode 2025-10-15 11:42:17 +02:00
Joe Farebrother
f57526eedc Merge pull request #20572 from joefarebrother/java-httponly-cookie-promote 
Java: Promote Sensitive Cookie without HttpOnly query from experimental
 2025-10-15 10:28:40 +01:00
Simon Friis Vindum
8aaf9f696a C++: Factor out widening of bounds 2025-10-15 11:11:45 +02:00
Anders Schack-Mulligen
b196714794 SSA: Add a shared signature for SSA and a module to implement it. 2025-10-15 11:01:58 +02:00
Jeroen Ketema
9fc8faa048 Swift: Address review comments 2025-10-15 10:09:13 +02:00
Napalys Klicius
7bf677d056 Merge pull request #20644 from Napalys/napalys/remove_quality_syntax_err 
JS: remove quality tag from SyntaxError query
 2025-10-15 09:45:02 +02:00
Napalys Klicius
45e8164f14 JS: remove quality tag from SyntaxError query 2025-10-15 09:07:11 +02:00
Joe Farebrother
e95e1a0386 Update integration test 2025-10-14 16:27:28 +01:00
Joe Farebrother
d8b37d0cde Review suggestions - update comments and description 2025-10-14 16:03:40 +01:00
Paolo Tranquilli
b6aee67b42 Pytest: fix the build-as-test mode on Windows 
This mode (enabled with `--codeql=build-as-test` or setting
`PYTEST_CODEQL=build-as-test` in the environment) is an experimental
mode that makes the pytest dist installation run as a test. This
allows to avoid running the installation in case nothing changed in the
dist, leveraging bazel's test caching mechanism, and accelrating the
dev loop when working on integration test code. This mode might become
the default for devs in the future.

Up until now, this mode was only working on POSIX systems. This commit
fixes it on Windows. The issue was `native_test` being unable to wrap
a `py_binary` target because of an `.exe` suffix mismatch. Turning the
`native_test` into a full-fledged `py_test` solves the issue.
 2025-10-14 15:44:07 +02:00
Owen Mansel-Chan
2e0915ebed Add missing links to "Creating path queries" 2025-10-14 13:21:52 +01:00
Henry Mercer
c2309a9aca Merge pull request #20638 from github/post-release-prep/codeql-cli-2.23.3 
Post-release preparation for codeql-cli-2.23.3
 2025-10-14 13:03:22 +01:00
Jeroen Ketema
b6b3767460 Swift: Make tracer config handle resource-dirs passed to clang 2025-10-14 13:50:36 +02:00
Anders Schack-Mulligen
da0b168b2e Merge pull request #20627 from hvitved/csharp/property-descriptor-get-value-neutral 
C#: Add neutral model for `System.ComponentModel.PropertyDescriptor.GetValue`
 2025-10-14 13:31:40 +02:00
github-actions[bot]
6dd07790ac Post-release preparation for codeql-cli-2.23.3 2025-10-14 11:16:33 +00:00
Henry Mercer
aa3000df13 Merge pull request #20637 from github/henrymercer/update-expected-output 
Actions: Update `SecretExfiltration` output for typo fix
codeql-cli/v2.23.3 		2025-10-14 11:47:18 +01:00
Henry Mercer
b737bccb07 Python: Fix "be be" typos in qhelp 2025-10-14 11:33:24 +01:00
Henry Mercer
5310469d69 Actions: Update SecretExfiltration output for typo fix 2025-10-14 11:33:01 +01:00
Henry Mercer
836e3958a9 Merge pull request #20635 from github/release-prep/2.23.3 
Release preparation for version 2.23.3
 2025-10-14 11:17:48 +01:00
Henry Mercer
17352a101d Rephrase C++ BMN changelog note 2025-10-14 11:13:23 +01:00
Henry Mercer
9466279909 Prefer code quotes for BMN 2025-10-14 11:10:42 +01:00
Henry Mercer
9507ec0853 Fix "be be" typos 2025-10-14 11:09:43 +01:00
github-actions[bot]
33542f7d40 Release preparation for version 2.23.3 2025-10-14 09:30:24 +00:00
REDMOND\brodes
55bbcee301 Crypto: Make WeakAsymmetricKeyGenSize a path problem. 2025-10-13 17:04:29 -04:00
REDMOND\brodes
7e8acd76c3 Crypto: Update WeakAsymmetricKeyGenSize to a path problem. 2025-10-13 15:48:32 -04:00
REDMOND\brodes
8b5a42328e Crypto: Convert ReusedNonce.ql into a path problem. 2025-10-13 15:34:41 -04:00
REDMOND\brodes
7847e92670 Crypto: Update KDF iteration and count to be path problems 2025-10-13 15:30:53 -04:00