hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-12 08:21:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
85,654 Commits 1,785 Branches 169 Tags
codeql-cli-2.24.1
Commit Graph

85654 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felicity Chapman
daf19a2468 Merge pull request #16496 from github/felicitymay/sphinx-config 
Stop building the CodeQL for VS Code docs now they've been migrated
 2024-05-17 13:37:36 +01:00
Paolo Tranquilli
ad1188be1f Merge pull request #16518 from github/redsun82/bazel-update 
Bazel: update bazel to version 7.1.2
 2024-05-17 12:14:48 +01:00
Cornelius Riemenschneider
a6ce24dc39 C#: Reformat project files with paket. 
When running `dotnet paket update` or `dotnet paket install`, `paket`
forcefully reformats the project files. This is unfortunate.
One option is to accept these changes, as they're not harmful.
They do mean that each project includes the Paket restore targets individually,
instead of doing so via `Directory.Build.targets`.
Another option would be to not merge this PR, and then I'll document that
the changes to the csproj files should be ignored when running `paket` instead.
I don't really mind either way.
 2024-05-17 12:19:53 +02:00
Paolo Tranquilli
cc4f8e038d Bazel: update bazel to version 7.1.2 2024-05-17 10:52:29 +01:00
Alvaro Muñoz
66138df61d Merge pull request #37 from github/toctou_refinements 
Reduce FP for actor/association checks that cannot be bypassed this way
 2024-05-17 11:25:39 +02:00
Alvaro Muñoz
0456dcdc8f Merge pull request #38 from github/expr_trigger_mapping 
Ensure event sources are available for triggering events
 2024-05-17 11:25:14 +02:00
Erik Krogh Kristensen
03cf9b702c Merge pull request #14291 from am0o0/amammad-js-CodeInjection_Shelljs 
JS: Shelljs improvement
 2024-05-17 11:14:11 +02:00
Rasmus Lerchedahl Petersen
a568873a8e Python: update test expectations 2024-05-17 10:59:49 +02:00
Rasmus Lerchedahl Petersen
92a5b6f6d6 python: add change note 2024-05-17 10:02:38 +02:00
Rasmus Lerchedahl Petersen
e66cce7fe1 python: add qldoc and refactor 
The logic of which steps an `AdditionalTaintStep` has defined
is now pushed into the defitnion of `AdditionalTaintStep`.
 2024-05-17 09:49:31 +02:00
Michael Nebel
e198d0105f C#: Re-factor the model generator tests. 2024-05-17 09:44:58 +02:00
Michael Nebel
adeff8c602 C#: Convert neutral capture test to inline expectation. 2024-05-17 09:44:58 +02:00
Michael Nebel
e3b6ee1aaf C#: Convert type based summary capture test to inline expectation. 2024-05-17 09:44:58 +02:00
Michael Nebel
a5fd433c20 C#: Convert sink capture test to inline expectation. 2024-05-17 09:44:58 +02:00
Michael Nebel
26f9297d62 C#: Convert source capture test to inline expectation. 2024-05-17 09:44:58 +02:00
Michael Nebel
404b39b6e6 C#: Convert summary capture test to inline expectation. 2024-05-17 09:44:57 +02:00
Michael Nebel
2cda1a207e C#: Add language specific part of the models as data inline expectation. 2024-05-17 09:44:57 +02:00
Michael Nebel
78b8a9259a Share the Models as Data inline expect predicates. 2024-05-17 09:44:57 +02:00
Michael Nebel
e483948c19 Merge pull request #16513 from michaelnebel/csharp/flowsummariestest 
C#: Change the printed information in the Flow summaries tests.
 2024-05-17 09:43:28 +02:00
erik-krogh
384649b336 changes based on review, and improve the new command-injection test 2024-05-17 08:38:54 +02:00
Chanel Young
5ee7004a62 fp case if encrypt set in initializer 2024-05-16 17:59:17 -07:00
Rasmus Lerchedahl Petersen
d4d6b48f98 python: add test for subclass instance method 2024-05-17 00:03:01 +02:00
Rasmus Lerchedahl Petersen
3d0c42f44d python: rewrite text models to use rich paths 2024-05-17 00:03:01 +02:00
Rasmus Lerchedahl Petersen
a88c007c05 python: Allow dotted paths in type column 2024-05-17 00:03:00 +02:00
Tamas Vajk
a79105e2ae C#: Use nuget.exe from the executing machine instead of always downloading it 2024-05-16 23:15:04 +02:00
Alvaro Muñoz
47a66e1075 Add TODO 2024-05-16 21:43:00 +02:00
erik-krogh
2848ccf0e2 fix frontend errors that Go complained about 2024-05-16 20:06:26 +02:00
erik-krogh
08c0d8ec60 autoformat go files 2024-05-16 19:59:40 +02:00
erik-krogh
9aeebc6f39 update the QHelp to add a "--" example 2024-05-16 19:49:22 +02:00
Owen Mansel-Chan
a8201a19ae Merge pull request #16506 from github/smowton/admin/gradle-version-detection-change-note 
Java: Add change note for Gradle JDK version detection
 2024-05-16 17:11:03 +01:00
Cornelius Riemenschneider
3a224871ee Merge pull request #16476 from github/criemen/update-deps 
C#: Update non-Roslyn thirdparty dependencies
 2024-05-16 17:58:10 +02:00
Alex Ford
19e2af8a1d Merge pull request #13556 from am0o0/amammad-ruby-bombs 
Ruby: Decompression Bombs
 2024-05-16 16:23:02 +01:00
Paolo Tranquilli
75709bf1ec Merge branch 'main' into redsun82/kotlin 2024-05-16 15:55:08 +01:00
Alvaro Muñoz
dfeefe0caa Consider actor and association checks as bypassable checks ONLY for issueOps 2024-05-16 16:17:26 +02:00
Alvaro Muñoz
84d4c573f9 Merge branch 'toctou_refinements' of https://github.com/github/codeql-actions into toctou_refinements 2024-05-16 16:14:48 +02:00
Alvaro Muñoz
612be64ffc Consider actor and association checks as bypassable checks ONLY for issueOps 2024-05-16 16:10:26 +02:00
Paolo Tranquilli
92699d18ac Merge pull request #16508 from github/redsun82/updated-prebuilt 
Swift: update prebuilt package
 2024-05-16 14:58:17 +01:00
Jaroslav Lobačevski
558bea84d4 Create label_actor.yml 2024-05-16 15:57:13 +02:00
Alvaro Muñoz
e28ad1d644 Reduce FP for actor/association checks that cannot be bypassed this way 2024-05-16 15:57:13 +02:00
Alvaro Muñoz
f325d40a22 Ensure event sources are available for triggering events 2024-05-16 15:55:12 +02:00
am0o0
dcadda23cd update expected file 2024-05-16 15:15:27 +02:00
am0o0
f06c3fddd9 fix qhelp, fix duplicate query id 2024-05-16 15:12:31 +02:00
Michael Nebel
18fc92247b C#: Update flowsummaries expected output. 2024-05-16 15:09:04 +02:00
Michael Nebel
763d53afed C#: Remove the override and ext column from the summaries printing test. 2024-05-16 15:08:45 +02:00
Alex Ford
78dc6502f5 Merge branch 'main' into amammad-ruby-bombs 2024-05-16 13:53:31 +01:00
Michael Nebel
b1329fd806 Merge pull request #16362 from michaelnebel/java/removelocalqueries 
Java: Remove local query variants.
 2024-05-16 14:34:04 +02:00
am0o0
42a9962519 make shellJSMember predicate private, improve predicate document 2024-05-16 14:05:06 +02:00
Rasmus Lerchedahl Petersen
4378924785 Python: Example use of provenance for additional taint steps 2024-05-16 14:04:35 +02:00
Rasmus Lerchedahl Petersen
20ea9255a1 Python: Allow provenance in additional taint steps 2024-05-16 14:04:10 +02:00
yoff
ea3cc51286 Merge pull request #16194 from yoff/python/test-constructor-MaD-path 
Python: test the MaD path for constructor calls
 2024-05-16 13:52:30 +02:00