hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 20:26:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,161 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.6
Commit Graph

84161 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Farebrother
22a6fa3ebf Remove case for being last in initialisation. This pattern can still be a problem if the subclass overrides initialisation. 2025-06-17 13:57:36 +01:00
Joe Farebrother
95153c172c Add some more details to the documentation 2025-06-17 13:57:30 +01:00
Joe Farebrother
90bf45a3ba Fix docs 2025-06-17 13:57:23 +01:00
Joe Farebrother
75bb743ce3 Update documentation 2025-06-17 13:57:18 +01:00
Joe Farebrother
a04fbc59f5 Update tests 2025-06-17 13:57:10 +01:00
Joe Farebrother
f3ce57840d Filter out some results; for if the overridden method doesn't use self, or the call is last in the initialisation. 2025-06-17 13:57:04 +01:00
Joe Farebrother
ed3cf84efd Update init calls subclass to not use pointto 2025-06-17 13:56:55 +01:00
Nora Dimitrijević
781f78813f Merge pull request #19662 from d10c/d10c/swift/diff-informed 
Swift: mass enable diff-informed data flow
 2025-06-17 14:53:15 +02:00
Nora Dimitrijević
a8dc3008ef Merge pull request #19660 from d10c/d10c/go/diff-informed 
Go: mass enable diff-informed data flow
 2025-06-17 14:52:46 +02:00
Nora Dimitrijević
47623aa138 Merge pull request #19663 from d10c/d10c/cpp/diff-informed 
C++: mass enable diff-informed data flow
 2025-06-17 14:52:35 +02:00
Nora Dimitrijević
79e982af38 Merge pull request #19661 from d10c/d10c/csharp/diff-informed 
C#: mass enable diff-informed data flow
 2025-06-17 14:52:24 +02:00
Nora Dimitrijević
84a7975a63 Merge pull request #19659 from d10c/d10c/actions/diff-informed 
Actions: mass enable diff-informed data flow
 2025-06-17 14:52:11 +02:00
Tom Hvitved
433756debb Rust: Make SummarizedCallable extend Function instead of string 2025-06-17 14:12:38 +02:00
Nora Dimitrijević
aa5dd7bb4e Java: mass enable diff-informed data flow + none() overrides 
An auto-generated patch that enables diff-informed data flow in the obvious cases.

Builds on github#18346 and github/codeql-patch#88
 2025-06-17 14:05:36 +02:00
Michael Nebel
08d28a5b85 Ruby: Add change-note. 2025-06-17 13:20:56 +02:00
Michael Nebel
ddc429cfeb Ruby: Update quality related tags. 2025-06-17 13:16:20 +02:00
Idriss Riouak
a702f7a45e Merge pull request #19773 from github/idrissrio/namespace-attributes 
C++: Retrieve namespace attributes
 2025-06-17 12:03:55 +02:00
Geoffrey White
4292b03b5c Rust: Add logic for Vecs and slices. 2025-06-17 10:58:26 +01:00
Geoffrey White
66d6770c3f Rust: If we're inferring both ways, it should really be to any element. 2025-06-17 10:47:35 +01:00
Geoffrey White
69da4e7462 Rust: Move inferArrayExprType logic into typeEquality predicate. 2025-06-17 10:45:57 +01:00
Paolo Tranquilli
e9a071032c Rust: address review on docs 2025-06-17 11:19:59 +02:00
Mathias Vorreiter Pedersen
e1b9d9fe75 Merge pull request #19787 from MathiasVP/add-cpp-exception-edges-out-of-calls 
C++: Add exception edges out of calls inside `try` statements
 2025-06-17 10:05:46 +01:00
idrissrio
9fb47cc125 C++: add tests for attribute extraction on namespace 2025-06-17 10:52:27 +02:00
Simon Friis Vindum
f18acdf11f Rust: Generalize type of debug predicate 2025-06-17 10:34:42 +02:00
Simon Friis Vindum
a0bc455d53 Rust: Account for borrows in operators in type inference 2025-06-17 10:34:41 +02:00
Simon Friis Vindum
cc234f2d19 Rust: Add a type inference test 2025-06-17 10:34:39 +02:00
Simon Friis Vindum
ebdffcc4ef Rust: Refactor and generalize Call 2025-06-17 10:34:38 +02:00
Napalys Klicius
ac533ea809 Merge pull request #19771 from Napalys/js/sanitizer_serialize 
JS: Improve XSS detection for `serialize-javascript` with tainted objects
 2025-06-17 10:02:39 +02:00
Michael Nebel
d296ee7d50 C#: Update integration test expected output. 2025-06-17 10:00:12 +02:00
Michael Nebel
819ee33239 C#: Do not add complexity queries that should be configurable to the Code Quality suite. 2025-06-17 10:00:11 +02:00
Michael Nebel
758a6b5487 C#: Add change note. 2025-06-17 10:00:09 +02:00
Michael Nebel
3301924777 C#: Update integration test expected output. 2025-06-17 10:00:02 +02:00
Tom Hvitved
909e95f373 Merge pull request #19782 from hvitved/csharp/type-arg-unique 
C#: Handle non-unique type arguments when computing generics strings
 2025-06-17 09:59:48 +02:00
Michael Nebel
96b7250b61 C#: Mass enable quality queries and update tags. 2025-06-17 09:56:43 +02:00
Tom Hvitved
a188adc09b C#: Handle non-unique type arguments when computing generics strings 2025-06-17 09:30:49 +02:00
Michael Nebel
87b52cc347 Merge pull request #19716 from michaelnebel/csharp/gethashcodeisnotdefined 
C#: Add `cs/gethashcode-is-not-defined` to the Code Quality suite.
 2025-06-17 08:43:26 +02:00
Napalys Klicius
72528749f2 JS: add change note 2025-06-17 08:34:34 +02:00
Napalys Klicius
060b98d36c JS: enchance middleware taint tracking via local source 2025-06-17 08:30:19 +02:00
Napalys Klicius
fc0c8a8f5a JS: update change note 2025-06-17 08:20:35 +02:00
Kasper Svendsen
7f38a7ff2f Merge pull request #19590 from kaspersv/kaspersv/overlay-inline-warning 
Overlay: Add QL for QL query to warn about possible non-inlining across overlay frontier
 2025-06-17 08:03:34 +02:00
Tom Hvitved
4576880622 Merge pull request #19777 from hvitved/shared/summary-stack-mad-repr-unique 
Shared: Make sure `getMadRepresentation` is unique
 2025-06-16 20:00:18 +02:00
REDMOND\brodes
2b6a8321fd Crypto: Update JCA model to account for Model.qll changes. 2025-06-16 12:53:48 -04:00
Mathias Vorreiter Pedersen
9f3569b980 C++: Accept test changes. 2025-06-16 17:53:35 +01:00
REDMOND\brodes
6c9c969573 Crypto: Remove dead comments 2025-06-16 12:43:29 -04:00
Mathias Vorreiter Pedersen
7355f555a5 C++: Add an exception edge out of calls inside try statements. 2025-06-16 17:27:11 +01:00
REDMOND\brodes
7c18686462 Crypto: Further ql-for-ql alert alert fixes. 2025-06-16 12:14:09 -04:00
Jeroen Ketema
4bed44d4d2 Merge pull request #19775 from jketema/seh-2 
C++: Generate SEH edges for pointer dereference loads/stores in `__try` blocks
 2025-06-16 18:00:39 +02:00
REDMOND\brodes
790a60784e Crypto: Acronym change from OpenSSL to OpenSsl, AVC to Avc and EVP to Evp. 2025-06-16 10:56:31 -04:00
Napalys Klicius
da21a064ac JS: add _parsedUrl as remote input source 2025-06-16 16:28:30 +02:00
Napalys Klicius
67aac7abfa JS: add test cases for middleware property assignment tracking 2025-06-16 16:26:08 +02:00