hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-05 21:47:10 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,777 Branches 169 Tags
codeql-cli-2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alvaro Muñoz
b80d3d56a3 exclude Simple refereces from GitHub context 2024-12-09 21:47:09 +01:00
Joe Farebrother
f82fa20249 Update test outputs 2024-12-09 20:37:11 +00:00
Joe Farebrother
8a778da253 Apply suggestions from docs review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-12-09 19:58:00 +00:00
Joe Farebrother
462be46be9 Update test output 2024-12-09 19:57:52 +00:00
Joe Farebrother
ef1d898b0d Add qldoc 2024-12-09 19:57:39 +00:00
Joe Farebrother
ebaab89933 Formatting updates 2024-12-09 19:57:25 +00:00
Joe Farebrother
dd8b7a4a8f Add additional test for safe case in documentation 2024-12-09 19:57:19 +00:00
Joe Farebrother
55557f8dd3 Use API graohs directly 2024-12-09 19:57:07 +00:00
Joe Farebrother
6e16ed52e8 Reveiw suggestions: Spelling/grammar fixes 
Co-authored-by: Taus <tausbn@github.com>
 2024-12-09 19:56:59 +00:00
Joe Farebrother
0f0c1e1609 Test update 2024-12-09 19:56:46 +00:00
Joe Farebrother
494d779541 Add changenote 2024-12-09 19:56:38 +00:00
Joe Farebrother
f0163894b6 fix link in qhelp refs 2024-12-09 19:56:25 +00:00
Joe Farebrother
4602c5c905 Remove experimental version + qhelp fixes 2024-12-09 19:56:18 +00:00
Joe Farebrother
e4e02ec674 Add security severity + fix qhelp 2024-12-09 19:56:03 +00:00
Joe Farebrother
02f395f5f8 Add qhelp 2024-12-09 19:55:57 +00:00
Joe Farebrother
cea196ec61 Add concepts tests + some fixes 2024-12-09 19:55:42 +00:00
Joe Farebrother
1cb01a286d Add tests for jinja 2024-12-09 19:55:36 +00:00
Joe Farebrother
71ab82dee0 Fix qldoc, formatting, and redundant import warnings 2024-12-09 19:55:21 +00:00
Joe Farebrother
b2c13fe351 Promote template injection sinks for each framework covered 
`Cheetah` was excluded as it was last updated 15 years ago and its documentation links are dead.
 2024-12-09 19:55:17 +00:00
Joe Farebrother
60d8a85a9c Promote jinja sinks 2024-12-09 19:54:57 +00:00
Joe Farebrother
8647073433 Copy template injection to standard pack + add jinja sinks 2024-12-09 19:47:06 +00:00
Alvaro Muñoz
f6d20195b1 When trigger event is not known, do not check context trigger maps 2024-12-09 17:33:13 +01:00
Alvaro Muñoz
f3ada4a92b Update CompositeActionSources expected file 2024-12-09 17:32:26 +01:00
Alvaro Muñoz
3591db9e9c Remove artifact source as a source of PR refs 2024-12-09 17:32:09 +01:00
Alvaro Muñoz
ef713ff13b Extract GitHub context access expression into its own class 2024-12-09 17:30:10 +01:00
Mathias Vorreiter Pedersen
1266b244f5 Merge pull request #18136 from MathiasVP/model-active-template-library 
C++: Model Microsoft's "Active Template Library"
 2024-12-09 16:05:19 +00:00
Mathias Vorreiter Pedersen
0f49ba848d C++: Accept test changes. Nothing exciting to see here. 2024-12-09 16:04:46 +00:00
Mathias Vorreiter Pedersen
9bcdfb6d01 C++: VariableAddressInstructions with array types are not single-object types. 2024-12-09 15:06:22 +00:00
Asger F
66eb458134 JS: Handle match/matchAll and unknown regexps 2024-12-09 15:38:36 +01:00
Mathias Vorreiter Pedersen
8bdd10c0c2 C++: Fix spurious columns in 'CRegKey'. 2024-12-09 14:31:17 +00:00
Mathias Vorreiter Pedersen
5f33733b6e C++: Fix 'QueryValue' model. 2024-12-09 14:27:24 +00:00
Asger F
6e7c5a3707 JS: Slightly more general getRoot() 2024-12-09 15:05:45 +01:00
Asger F
be617cee4a JS: More precise handling of .exec() 2024-12-09 15:03:51 +01:00
Asger F
703cad9e95 Expand test case 2024-12-09 15:00:56 +01:00
Asger F
2a2a4d2b67 JS: Add TaintedUrlSuffixCustomizations 
Importing TaintedUrlSuffix.qll causes the flow label to materialised in unrelated queries, so:

- Renames TaintedUrlSuffix.qll to TaintedUrlSuffixCustomizations.qll
- Make the flow label class abstract
- Adds a new TaintedUrlSuffix.qll that re-exports the above file and also materialises the flow label
- Import the *Customizations.qll file from contexts where we don't want to materialise the flow label
 2024-12-09 14:59:29 +01:00
Asger F
d1694013ff JS: Update test showing accidental flow label materialisation 
This wouldn't be an issue once FlowLabel is completely deprecated but it will cause perf issues in the interim, so this is fixed in the next commit
 2024-12-09 14:59:28 +01:00
Asger F
8fe39bdd38 JS: Update query's own output after test changes 2024-12-09 14:59:27 +01:00
Asger F
71a6a47713 JS: Fix issue with new RegExp().exec() 2024-12-09 14:59:25 +01:00
Asger F
f6d0835c64 JS: Show problem with new RegExp().exec() 2024-12-09 14:59:24 +01:00
Asger F
ef833de60e JS: Replace DocumentUrl with TaintedUrlSuffix 2024-12-09 14:59:23 +01:00
Asger F
e2b2d1c9ab JS: Allow arbitrary comments in ConsistencyChecking 
Because line comments cannot be used inside JSX elements
 2024-12-09 14:59:21 +01:00
Asger F
712c69ebc8 JS: Fixup the test expectations 2024-12-09 14:59:19 +01:00
Asger F
f8ff504f5c JS: Add ClientSideUrlRedirect test consistency 
Update Consistency.ql again
 2024-12-09 14:59:18 +01:00
Cornelius Riemenschneider
7dd10f72cb Merge pull request #18243 from github/post-release-prep/codeql-cli-2.20.0 
Post-release preparation for codeql-cli-2.20.0
 2024-12-09 14:58:01 +01:00
Mathias Vorreiter Pedersen
184dfc24b9 C++: Fix 'QueryStringValue' model. 2024-12-09 13:42:39 +00:00
Mathias Vorreiter Pedersen
7f87a25768 C++: Fix 'QueryMultiStringValue' model. 2024-12-09 13:41:14 +00:00
Mathias Vorreiter Pedersen
674dbce36d C++: Add taint flow through 'CRegKey::Create'. 2024-12-09 13:38:37 +00:00
Mathias Vorreiter Pedersen
db86f6aaf9 C++: Fix annotation. 2024-12-09 13:32:22 +00:00
Alvaro Muñoz
1fa00f1065 Capture the event name rathen than the whole event 2024-12-09 14:31:10 +01:00
Cornelius Riemenschneider
badc927cf8 Merge branch 'main' into post-release-prep/codeql-cli-2.20.0 2024-12-09 14:30:53 +01:00