hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-15 19:59:28 +02:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,759 Branches 167 Tags
codeql-cli-2.23.9
Commit Graph

3584 Commits

Author SHA1 Message Date
Geoffrey White
57f84873b4 Rust: Split off cookieOptionalBarrier predicate (as suggested) and expand / clarify the QLDoc. 2025-09-26 11:29:17 +01:00
Geoffrey White
21fe142955 Update rust/ql/src/queries/security/CWE-614/InsecureCookie.qhelp 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-09-26 10:39:49 +01:00
Geoffrey White
3a03bb5a0b Rust: Repair rust/hard-coded-cryptographic-value, which had an unintentional dependence on the taint flow. 2025-09-26 10:03:38 +01:00
Geoffrey White
74a350a432 Rust: Effect on tests. 2025-09-26 09:55:16 +01:00
Tom Hvitved
c52709a5f0 Merge pull request #20516 from hvitved/rust/type-inference-union-pointer-never 
Rust: Model union, never, and pointer types
 2025-09-26 10:26:05 +02:00
Tom Hvitved
7a74efcc82 Update rust/ql/lib/codeql/rust/elements/internal/UnionImpl.qll 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-09-26 09:57:13 +02:00
Geoffrey White
ff554055a6 Rust: Correct 'from' model to taint. 2025-09-26 08:43:35 +01:00
Geoffrey White
656a7bc378 Rust: Add missing Cargo.lock files to query tests. 2025-09-25 17:40:59 +01:00
Tom Hvitved
2a814dd37c Rust: Model union, never, and pointer types 2025-09-25 12:33:51 +02:00
Geoffrey White
7e8e855f28 Rust: Fix bug when there are no statements. 2025-09-24 17:16:26 +01:00
Geoffrey White
93a0198326 Rust: Add a test for StmtList. 2025-09-24 17:04:39 +01:00
Geoffrey White
9bdac9d1cf Rust: Move 'operations' test into elements subdir. 2025-09-24 17:04:38 +01:00
Geoffrey White
b12b36f302 Rust: Codegen. 2025-09-24 17:04:28 +01:00
Geoffrey White
8debce0349 Rust: Add helper predicates for accessing statements and expressions together. 2025-09-24 17:04:08 +01:00
Geoffrey White
85945dba29 Rust: Codegen. 2025-09-24 16:08:06 +01:00
Geoffrey White
7459eed435 Rust: Update doc comments for StmtList predicates. 2025-09-24 16:08:04 +01:00
Geoffrey White
ab30c786a5 Rust: Accept test changes. 2025-09-24 16:08:03 +01:00
Geoffrey White
ed3a6fd799 Rust: Codegen. 2025-09-24 15:32:10 +01:00
Geoffrey White
ed2a14a3ec Rust: Update doc comments for StmtList. 2025-09-24 15:28:23 +01:00
Tom Hvitved
e6b1e8ec56 Rust: Check call arities in path resolution 2025-09-24 10:19:56 +02:00
Tom Hvitved
92cced201e Merge pull request #20496 from hvitved/rust/path-resolution-use-visibility 
Rust: Visibility check for qualified path resolution
 2025-09-24 10:19:22 +02:00
Simon Friis Vindum
26aa938acc Merge pull request #20452 from paldepind/rust/mad-source-parameter 
Rust, shared: Support `Parameter` in source MaD models
 2025-09-24 09:37:25 +02:00
Tom Hvitved
1183e50435 Update rust/ql/lib/change-notes/2025-09-19-parameter-mad.md 2025-09-22 19:45:34 +02:00
Geoffrey White
5ad332e37f Merge pull request #20432 from github/copilot/fix-f50317f8-0a91-4bb4-a01b-353dcf0f6f3f 
Rust: Implement new query for non-HTTPS URLs (CWE-319)
 2025-09-22 18:03:52 +01:00
Geoffrey White
266624dd0f Rust: The test needs to have Source tags now. 2025-09-22 17:12:52 +01:00
Geoffrey White
86c8c3c8c0 Rust: Fix warning by making the query a path-problem. 2025-09-22 17:01:12 +01:00
Geoffrey White
6362884d16 Rust: Autoformat. 2025-09-22 16:59:11 +01:00
Geoffrey White
43ac75ed62 Rust: Address another tiny suggestion from review. 2025-09-22 16:58:07 +01:00
Geoffrey White
5b4632b432 Apply suggestions from code review 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-22 16:55:43 +01:00
Geoffrey White
cc9c4149d7 Apply suggestions from code review 2025-09-22 16:54:08 +01:00
Geoffrey White
3de191177c Rust: Change note. 2025-09-22 16:12:30 +01:00
Geoffrey White
ae9025334e Rust: Add the new query to suite lists. 2025-09-22 16:12:29 +01:00
Geoffrey White
4662e42584 Rust: Add examples as tests (and fix them). 2025-09-22 16:12:27 +01:00
Geoffrey White
bd07350bc3 Rust: Add qhelp and examples. 2025-09-22 16:12:26 +01:00
Geoffrey White
94afc82304 Rust: Fix an issue with the local flow. 2025-09-22 16:12:25 +01:00
Geoffrey White
a3ed83bfff Rust: Make state transition / barrier nodes more reliable. 2025-09-22 16:12:23 +01:00
Geoffrey White
2654affeee Rust: Account for the 'secure' and 'partitioned' attributes. 2025-09-22 16:12:22 +01:00
Geoffrey White
257a1b0179 Rust: Refactor sources, sinks into an extensions source file. 2025-09-22 16:09:30 +01:00
Geoffrey White
eadf922280 Rust: Use models-as-data, add source/sink/flow models. 2025-09-22 16:04:56 +01:00
Geoffrey White
d52b668149 Rust: Add security-severity tag. 2025-09-22 16:04:54 +01:00
Geoffrey White
7e75c1d242 Rust: Add very basic query prototype. 2025-09-22 16:04:53 +01:00
Geoffrey White
513ae2ab54 Rust: Add tests for insecure cookies. 2025-09-22 16:04:52 +01:00
Simon Friis Vindum
45b84ffb31 Rust: Ensure singleton 2025-09-22 14:23:50 +02:00
Simon Friis Vindum
4244a6569c Rust: Add change note 2025-09-22 14:19:01 +02:00
Simon Friis Vindum
a4c61f6945 Rust: Accept test changes 2025-09-22 14:18:59 +02:00
Simon Friis Vindum
265e8b3623 Shared: Pass SummaryComponentStack to isSource and getSourceType 2025-09-22 14:18:54 +02:00
Simon Friis Vindum
014c27ee8a Rust: Discard sources with spaces in inline flow tests 2025-09-22 14:13:39 +02:00
Simon Friis Vindum
05a58323c1 Rust: Add Warp test to request forgery query tests 2025-09-22 14:13:38 +02:00
Simon Friis Vindum
cd807533f2 Rust: Add tests for parameter in source model 2025-09-22 14:13:37 +02:00
Tom Hvitved
78641b4dde Rust: Reduce size of unqualifiedPathLookup 2025-09-22 09:46:28 +02:00