hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,161 Commits 1,673 Branches 157 Tags
codeql-cli-2.23.6
Commit Graph

84161 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
d667f7d411 Merge pull request #19732 from hvitved/rust/builtin-canonical-paths 
Rust: Generate canonical paths for builtins
 2025-06-12 10:47:00 +02:00
Paolo Tranquilli
85e9f5a3b0 Merge pull request #19559 from github/redsun82/rust-extract-libs 
Rust: move body skipping logic to code generation
 2025-06-12 10:45:30 +02:00
Tom Hvitved
649481e279 Merge pull request #19657 from hvitved/rust/type-inference-index-expr-simple 
Rust: Simple type inference for index expressions
 2025-06-12 10:27:09 +02:00
Owen Mansel-Chan
23cbc6abc4 Merge pull request #19723 from apsscolari/update-precision-java-concatenated-command-line 
Update precision java concatenated command line
 2025-06-12 09:23:00 +01:00
Geoffrey White
fdf1dca28f Merge pull request #19735 from geoffw0/canonical 
Rust: Update RegexInjectionExtensions to use getCanonicalPath.
 2025-06-12 09:14:52 +01:00
Napalys Klicius
c5a1421405 JS: promote suspicious-method-name-declaration to quality query. 2025-06-12 09:54:01 +02:00
Napalys Klicius
60e3b0c8e7 JS: Update qhelp and added more examples. 2025-06-12 09:53:56 +02:00
Napalys Klicius
41f4236b86 JS: expanded suspicious-method-name-declaration test suite 2025-06-12 09:29:30 +02:00
Paolo Tranquilli
326ddd6625 Merge branch 'main' into redsun82/rust-mad 2025-06-12 09:24:44 +02:00
Paolo Tranquilli
a6cc94698a Rust: fix inline flow test 2025-06-12 09:24:33 +02:00
Tom Hvitved
383cc5c2a7 Rust: Rename Bultins.qll -> Builtins.qll 2025-06-12 09:12:32 +02:00
REDMOND\brodes
20e2c7cefd Crypto: Overhaul/refactor of EVPInitialzers. Update cipher operation to disallow null key and IV on initializers (typically do not represent an actual key or IV). 2025-06-12 00:41:15 -04:00
Ana Scolari
a07ce30d30 Update java-code-scanning.qls.expected 
removing line once this query precision is changed to Medium
 2025-06-11 15:27:20 -07:00
Ana Scolari
374d7da4a2 Merge branch 'main' into update-precision-java-concatenated-command-line 2025-06-11 15:24:41 -07:00
Jon Janego
7f76f5b056 Merge pull request #19740 from github/changedocs-2.22.0 
Changedocs 2.22.0
 2025-06-11 17:18:16 -05:00
Jon Janego
94a2d0876c escaping 2025-06-11 17:02:26 -05:00
Jon Janego
62e17c108c RST sitedocs for 2.22.0 2025-06-11 16:55:14 -05:00
Jeroen Ketema
7d8d596a35 Merge pull request #19686 from github/idrissrio/lambdaparams 
C++: Add boolean for explicit lambda parameter lists
 2025-06-11 23:53:00 +02:00
Jon Janego
6ec48117b5 Merge pull request #19739 from github/changedocs-2.22.0 
fixing some improperly escaped URLs
 2025-06-11 16:24:29 -05:00
Jon Janego
6336e3d44b fixing another bracket 2025-06-11 16:02:28 -05:00
Chad Bentz
0135cf661f Attempt to edit swift change notes for CI failure 2025-06-11 21:49:26 +01:00
Jon Janego
8f55dcdd67 removing brackets around a url 2025-06-11 15:36:30 -05:00
REDMOND\brodes
8f25380655 Crypto: Consolidate tests to use node, edges, and properties. 2025-06-11 15:15:22 -04:00
Tom Hvitved
69e549f400 Rust: Generate canonical paths for builtins 2025-06-11 21:14:56 +02:00
REDMOND\brodes
d3cff2dff1 Crypto: Add support to trace keys, add support to find prior key gen properties that configure downstream operations. Add key size tests 2025-06-11 13:58:56 -04:00
Geoffrey White
087e666658 Rust: Exclude sources in macro expansions. 2025-06-11 18:48:23 +01:00
Geoffrey White
168246005c Rust: Extend tests based on cases found in DCA. 2025-06-11 18:33:59 +01:00
Nora Dimitrijević
f2bd454e99 Actions: mass enable diff-informed data flow 
An auto-generated patch that enables diff-informed data flow in the obvious cases.

Builds on https://github.com/github/codeql/pull/18346 and https://github.com/github/codeql-patch/pull/88
 2025-06-11 19:10:11 +02:00
Geoffrey White
b29deed919 Rust: Accept changes in an unrelated test reported by CI. 2025-06-11 18:09:22 +01:00
Nora Dimitrijević
f2085c2293 C#: mass enable diff-informed data flow 
An auto-generated patch that enables diff-informed data flow in the obvious cases.

Builds on https://github.com/github/codeql/pull/18344 and https://github.com/github/codeql-patch/pull/88
 2025-06-11 18:56:25 +02:00
Geoffrey White
bd21a03fc3 Merge pull request #19718 from geoffw0/taintreach 
Rust: Adjust the taint reach metric for better stability.
 2025-06-11 17:51:50 +01:00
Nora Dimitrijević
4dd07f475b C++: mass enable diff-informed data flow 
An auto-generated patch that enables diff-informed data flow in the obvious cases.

Builds on https://github.com/github/codeql/pull/18342 and https://github.com/github/codeql-patch/pull/88
 2025-06-11 18:51:01 +02:00
Nora Dimitrijević
e233501144 Go: mass enable diff-informed data flow 
An auto-generated patch that enables diff-informed data flow in the obvious cases.

Builds on https://github.com/github/codeql/pull/18345 and https://github.com/github/codeql-patch/pull/88
 2025-06-11 18:44:24 +02:00
Nora Dimitrijević
2078a34763 Disable diff-informed on InsecureTLSQuery due to DIFF-INFORMED test failures 2025-06-11 18:36:32 +02:00
Nora Dimitrijević
afec8b3153 Swift: mass enable diff-informed data flow 
An auto-generated patch that enables diff-informed data flow in the obvious cases.

Builds on https://github.com/github/codeql/pull/18343 and https://github.com/github/codeql-patch/pull/88
 2025-06-11 18:34:33 +02:00
Ana Scolari
b84f9d6c3c Update java/ql/src/change-notes/2025-06-10-reduce-precision-for-building-cmdline-with-string-concatenation.md 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2025-06-11 08:55:45 -07:00
Ana Scolari
f915984b01 Update java/ql/src/change-notes/2025-06-10-reduce-precision-for-building-cmdline-with-string-concatenation.md 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-06-11 08:55:34 -07:00
Paolo Tranquilli
97c2dfe23f Rust: fix tests 2025-06-11 17:32:43 +02:00
Paolo Tranquilli
bea5381420 Rust: replace last hand-written instances of Field[crate:: 2025-06-11 16:48:39 +02:00
Paolo Tranquilli
c6c52edbee MaD generator: tweak the scripts 
* fix a bug where the order of model generation was determined by the
  order in the `download.json` file of the experiment rather than the
  order in the config file
* allow configuring `--ram` and `--threads` in the MaD generator scripts
* use no `--ram` and `--threads=0` by default in the bulk generator
  (single generator defaults are left unchanged)
* allow to pass `--dca` multiple times, taking DBs from experiments
  listed last. This allows to run a subset of the sources in a "fixup"
  experiment and use it to "patch" a previous run without rerunning
  everything.
 2025-06-11 16:42:00 +02:00
Paolo Tranquilli
051704e59d Merge branch 'main' into redsun82/rust-mad 2025-06-11 16:39:10 +02:00
Geoffrey White
0c05fa48eb Rust: Update RegexInjectionExtensions to use getCanonicalPath. 2025-06-11 15:32:23 +01:00
Owen Mansel-Chan
25adcc8f4a Add Markdown format to guide 2025-06-11 15:03:42 +01:00
Anders Schack-Mulligen
f27e310ba3 Java: Adjust references. 2025-06-11 15:53:02 +02:00
Anders Schack-Mulligen
b3bb71f2e2 Java: Update the CFG for assert statements to make them proper guards. 2025-06-11 15:38:29 +02:00
Tom Hvitved
18392a07ce Rust: Also apply adjustedAccessType in RelevantAccess 2025-06-11 15:00:35 +02:00
Tom Hvitved
31770edc26 Merge pull request #19725 from hvitved/rust/fix-bad-joins 
Rust: Fix various bad joins
 2025-06-11 14:51:20 +02:00
Asger F
423ffc78db Merge pull request #19078 from asgerf/js/name-resolution 
JS: QL-side type/name resolution for TypeScript and JSDoc
 2025-06-11 14:17:11 +02:00
Michael Nebel
f038e2f809 Merge pull request #19589 from michaelnebel/csharp/dereference 
C#: Improve `cs/dereference-*` queries and add to the Code Quality suite.
 2025-06-11 13:40:58 +02:00
Tom Hvitved
133aca0773 Rust: Simple type inference for index expressions 2025-06-11 13:15:21 +02:00