hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,161 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.6
Commit Graph

84161 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
401315c4f5 Update rust/ql/lib/codeql/rust/frameworks/rustcrypto/RustCrypto.qll 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2025-08-19 09:22:53 +01:00
Tom Hvitved
714423d6b9 Rust: Adjust jump-to-def for paths with generic arguments 2025-08-19 10:22:32 +02:00
Tom Hvitved
0cd8c9009f Rust: Add more jump-to-def tests 2025-08-19 10:20:59 +02:00
Tom Hvitved
4684ac1ed9 Merge pull request #20191 from hvitved/rust/path-resolution-successor-kind 
Rust: Distinguish internal/external items in path resolution
 2025-08-19 10:20:05 +02:00
Anders Schack-Mulligen
a8f394fedb Merge pull request #20237 from aschackmull/guards/nullguard-caching 
Guards: Cache nullGuard predicate.
 2025-08-19 09:51:31 +02:00
Geoffrey White
9f04de859f Rust: Update test results following merge. 2025-08-19 08:50:23 +01:00
Geoffrey White
ab49c33915 Merge branch 'main' into scinit 2025-08-19 08:50:12 +01:00
Tom Hvitved
e6150e2079 Merge pull request #20243 from hvitved/rust/canonical-path-transitive-deps 
Rust: Take transitive dependencies into account when computing canonical paths
 2025-08-19 09:46:53 +02:00
Asger F
6783456213 JS: Add discard predicates 2025-08-19 09:20:00 +02:00
Asger F
ba585b8af5 JS: Add upgrade/downgrade scripts 2025-08-19 09:19:58 +02:00
Asger F
30baf0acec JS: Add overlayChangedFiles 2025-08-19 09:19:57 +02:00
Asger F
c1df8a95cb JS: Overlay extraction support 2025-08-19 09:19:55 +02:00
Asger F
6872f51725 JS: Add metadata to dbscheme and stats 2025-08-19 09:19:54 +02:00
Tom Hvitved
60b2cf6638 Rust: Take transitive dependencies into account when computing canonical paths 2025-08-18 22:02:44 +02:00
Tom Hvitved
5a69845485 Rust: Elaborate QL doc 2025-08-18 21:31:37 +02:00
Geoffrey White
bf33d1b870 Rust: Make a couple of new imports private. 2025-08-18 18:51:33 +01:00
Geoffrey White
fdec780921 Rust: Accept consistency .expected changes. 2025-08-18 18:42:06 +01:00
Geoffrey White
402e901811 Merge branch 'main' into scinit 2025-08-18 18:35:03 +01:00
Chris Smowton
238cb9ca68 Merge pull request #20241 from github/post-release-prep/codeql-cli-2.22.4 
Post-release preparation for codeql-cli-2.22.4
 2025-08-18 17:34:58 +01:00
Mathias Vorreiter Pedersen
af00e46fc8 C++: Mark fprintf and friends as a partial write of the stream argument. 2025-08-18 18:15:14 +02:00
Mathias Vorreiter Pedersen
6a57da79de C++: Add a test with missing flow. 2025-08-18 18:12:52 +02:00
Mathias Vorreiter Pedersen
4551875e2e C++: Drive-by improvement: Use 'partialFlowFunc' since it is in scope anyway. 2025-08-18 18:10:35 +02:00
Paolo Tranquilli
a658fa168d Rust: refine upgrade script 2025-08-18 17:19:47 +02:00
Paolo Tranquilli
6266d6e7b0 Rust: add downgrade script 2025-08-18 17:12:05 +02:00
github-actions[bot]
42e3d31c49 Post-release preparation for codeql-cli-2.22.4 2025-08-18 14:42:42 +00:00
Chris Smowton
57378ec4e4 Merge pull request #20240 from github/release-prep/2.22.4 
Release preparation for version 2.22.4
codeql-cli/v2.22.4 		2025-08-18 15:09:03 +01:00
github-actions[bot]
90d29994c8 Release preparation for version 2.22.4 2025-08-18 14:06:09 +00:00
Paolo Tranquilli
3d2bd8fedb Merge branch 'main' into redsun82/cargo-upgrade-2 2025-08-18 15:55:15 +02:00
Paolo Tranquilli
4df479471f Rust: accept test changes 2025-08-18 15:55:06 +02:00
Tom Hvitved
f1ca0ecc3c Merge pull request #20233 from hvitved/rust/remove-tc 
Rust: Remove TC from `ImplTraitTypeRepr.isInReturnPos`
 2025-08-18 14:46:26 +02:00
Paolo Tranquilli
a8671452fc Rust: add upgrade script 2025-08-18 13:06:30 +02:00
Michael Nebel
4b0c725367 C#: Add change note. 2025-08-18 12:56:15 +02:00
Michael Nebel
7431ee8df9 C#: Update the barrier in HashWithoutSalt to avoid an FP. It worked by accident before as we didn't allow implicit element reads at sinks. 2025-08-18 12:56:13 +02:00
Michael Nebel
1d25a20c9c C#: Update the external flow test and expected test output. 2025-08-18 12:56:12 +02:00
Michael Nebel
abd0b2e2f9 C#: Update test expected output. 2025-08-18 12:56:10 +02:00
Michael Nebel
81751ea591 C#: Allow implicit reads from collections in argument nodes (sinks and additional flow steps) for default taint tracking configurations. 2025-08-18 12:56:09 +02:00
Michael Nebel
d8215a35c0 C#: Add example of failing taint flow for collections in sinks. 2025-08-18 12:56:07 +02:00
Ian Lynagh
fd020b52e4 Merge pull request #20232 from igfoo/igfoo/SloppyGlobal 
C++: SloppyGlobal: Don't alert on template instantiations, only the template
 2025-08-18 11:39:30 +01:00
Tom Hvitved
299ccb68f5 Merge pull request #20230 from hvitved/cfg/standard-tree-skip-non-tree-children 
Shared: Skip non-CFG children in `StandardTree`
 2025-08-18 12:13:31 +02:00
Geoffrey White
4eea4431b5 Merge pull request #20222 from geoffw0/pathbuf 
Rust: Add a type inference test case resembling PathBuf.canonicalize.
 2025-08-18 11:06:41 +01:00
Geoffrey White
e84135a6de Update rust/ql/src/queries/security/CWE-117/LogInjection.qhelp 
Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
 2025-08-18 10:34:43 +01:00
Geoffrey White
265c2e3603 Rust: Change note. 2025-08-18 10:29:14 +01:00
Anders Schack-Mulligen
877d397eb9 Merge pull request #20228 from 5idg5/java/data-extensions-change 
Add data extensions for remote tainted sources
 2025-08-18 11:26:38 +02:00
Geoffrey White
a9650e02ca Rust: Add a slightly simpler / more explicit test case. 2025-08-18 10:20:30 +01:00
Anders Schack-Mulligen
e17382d179 Guards: Cache nullGuard predicate. 2025-08-18 11:09:11 +02:00
Nora Dimitrijević
f1b55641e1 Merge pull request #20073 from d10c/d10c/diff-informed-phase-3-cpp 
C++: Diff-informed queries: phase 3 (non-trivial locations)
 2025-08-18 09:41:38 +02:00
Nora Dimitrijević
4199859eaa Merge pull request #20079 from d10c/d10c/diff-informed-phase-3-python 
Python: Diff-informed queries: phase 3 (non-trivial locations)
 2025-08-18 09:33:57 +02:00
Napalys Klicius
b19d1e0f57 Merge pull request #20151 from Napalys/js/command-line-libs 
JS: Enhance command injection detection for CLI argument parsing libraries
 2025-08-18 09:32:29 +02:00
Napalys Klicius
b2346183d6 Merge pull request #20148 from Napalys/js/reg-exp-env-variable-threat-model 
JS: Exclude environment variables from `js/regex-injection` query by default
 2025-08-18 09:32:15 +02:00
Paolo Tranquilli
7a95d5aaa6 Merge branch 'main' into redsun82/cargo-upgrade-2 2025-08-18 09:21:37 +02:00