hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-07 14:28:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,777 Branches 169 Tags
codeql-cli-2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
7279cc42f8 Rust: Add resolved macros to rust/summary/summary-stats. 2024-11-08 09:49:47 +00:00
Simon Friis Vindum
f2569c45a9 Merge pull request #17921 from paldepind/rust-df-enclosing-callable 
Rust: Implement enclosing callable
 2024-11-08 10:36:59 +01:00
Paolo Tranquilli
083394073a Rust: rename target_dir to cargo_target_dir, add to extraction options 
Also removed the now unused `extract_dependencies` one.
 2024-11-08 09:53:50 +01:00
Napalys
70cf1a57bc Now catches usage of RegExp. after matchAll usage. 2024-11-08 08:59:31 +01:00
Napalys
c2baf0bd6d Added test where RegExp. is used after matchAll but it not flagged as potential issue 2024-11-08 08:56:12 +01:00
dependabot[bot]
ccb92357a2 Bump golang.org/x/mod 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/mod](https://github.com/golang/mod).


Updates `golang.org/x/mod` from 0.21.0 to 0.22.0
- [Commits](https://github.com/golang/mod/compare/v0.21.0...v0.22.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-08 04:00:30 +00:00
Kylie Stradley
e8ee798ffa add temporary immutable actions doc page 2024-11-07 15:29:28 -05:00
Dave Bartolomeo
1f3bab2b65 Move data extensions to use codeql org 2024-11-07 11:15:52 -05:00
Dave Bartolomeo
b2100d00aa Add security-and-quality suite 2024-11-07 11:15:34 -05:00
Dave Bartolomeo
99a49fb27f Move packs to codeql org 2024-11-07 10:43:05 -05:00
Calum Grant
39b2d2c3d8 Merge pull request #17906 from github/calumgrant/bmn/wrong-number-format-args 
C++: Fix FPs in cpp/wrong-number-format-arguments
 2024-11-07 15:05:39 +00:00
Anders Schack-Mulligen
5602570e18 Kotlin: Support NotNullExpr in TypeFlow. 2024-11-07 15:25:23 +01:00
Simon Friis Vindum
22835c28ff Rust: Make a return node the last node before function exit 2024-11-07 15:21:11 +01:00
Tom Hvitved
a35a4b2d98 Merge pull request #17887 from hvitved/dataflow/provenance-order 
Data flow: Order provenance output by textual representation
 2024-11-07 14:19:18 +01:00
Napalys
dbd57e3870 Fixed issue where TaintTracking was not catching matchAll vulnerability 2024-11-07 13:40:10 +01:00
Napalys
a4fe728af2 Added matchAll test which is not marked as vulnurability by CodeQL 2024-11-07 13:35:09 +01:00
Simon Friis Vindum
1a000ecb46 Rust: Make minor data flow changes based on PR feedback 2024-11-07 13:04:54 +01:00
Napalys
514375dbf9 Fixes false positives from commit 42600c93ff 2024-11-07 13:00:54 +01:00
Paolo Tranquilli
4f6fda0100 Rust: allow to specify the target directory 2024-11-07 12:45:20 +01:00
Michael Nebel
b45b40ea4f C#: Add change note. 2024-11-07 11:55:55 +01:00
Napalys
42600c93ff Added tests which shows false positive SSRF via matchAll 2024-11-07 11:40:20 +01:00
Michael Nebel
71bf900c6c C#: Update FlowSummaries expected tests. 2024-11-07 11:14:02 +01:00
Michael Nebel
a60d9c2ca2 C#: Update .NET8 Runtime models to include generated models for higher order methods. 2024-11-07 11:14:01 +01:00
Michael Nebel
fc8d8bbbb1 Merge pull request #17742 from michaelnebel/csharp/higherordermodels 
C#: Models for higher order methods.
 2024-11-07 11:12:46 +01:00
Paolo Tranquilli
3488b9fbca Merge pull request #17920 from github/redsun82/rust-files 
Rust: exclude uncompiled files from semantics and surface semantic-less reason
 2024-11-07 11:04:12 +01:00
Geoffrey White
df7bcfd116 Rust: Accept dataflow consistency check changes. 2024-11-07 09:54:39 +00:00
Tom Hvitved
26b048a645 Address review comment 2024-11-07 10:40:03 +01:00
Napalys
449cee91c8 Fixes false positives from commit 445552d3b53ec9592e8e3892cb337d1004b6a432 2024-11-07 10:33:13 +01:00
Napalys
4106663d89 Added tests for regex sanitization to identify false positives matchAll 2024-11-07 10:27:58 +01:00
Paolo Tranquilli
147d66b587 Merge branch 'main' into redsun82/python-match-fps 2024-11-07 09:46:32 +01:00
Paolo Tranquilli
64d522e447 Rust: address review 2024-11-07 09:39:44 +01:00
Michael Nebel
8041f00bf5 C#: Address more review comments. 2024-11-07 09:24:26 +01:00
Jami
07bb60da92 Merge pull request #17925 from jcogs33/jcogs33/vscode-setting-matchOnWordStartOnly-false 
VSCode setting: turn off `editor.suggest.matchOnWordStartOnly`
 2024-11-06 18:05:26 -05:00
Jami Cogswell
8e4a312ac7 Turn off editor.suggest.matchOnWordStartOnly 2024-11-06 16:41:20 -05:00
Brandon Stewart
6a1e814cde Merge pull request #106 from github/advanced-config 
Add rule to detect cases where CodeQL default setup could be used instead of advanced setup
 2024-11-06 15:21:31 -05:00
Brandon Stewart
686e30a52a add qlhelp 2024-11-06 20:20:26 +00:00
Geoffrey White
b3f7a8a46f Merge pull request #17908 from geoffw0/dfcons 
Rust: Expose counts of data flow inconsistencies
 2024-11-06 19:11:04 +00:00
Geoffrey White
18ce8be302 Update rust/ql/lib/codeql/rust/elements/internal/VariableImpl.qll 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2024-11-06 19:00:10 +00:00
Geoffrey White
fbfdd57383 Rust: Additional test cases for rust/dead-code. 2024-11-06 17:43:04 +00:00
Geoffrey White
a8b1cb3243 Rust: Make it so that all of the test functions may return. 2024-11-06 17:23:01 +00:00
Paolo Tranquilli
200715773f Rust: fix no_semantics_reason 2024-11-06 17:19:06 +01:00
Michael Nebel
e9c9519d90 C#: Address review comments. 2024-11-06 16:29:20 +01:00
Michael Nebel
55cfbccd43 C#/Java: Exclude summaries using callbacks in fields, properties and synthetic fields. 2024-11-06 16:29:19 +01:00
Michael Nebel
5c389355d0 C#: Simplify delegate read and store steps (remove dependency on parameter). 2024-11-06 16:29:17 +01:00
Michael Nebel
a86cd181a6 Java: Make language specific modifications. 2024-11-06 16:29:16 +01:00
Michael Nebel
395cababb3 C#: Add some model generator examples for higher order methods. 2024-11-06 16:29:14 +01:00
Michael Nebel
fe854812ec C#: Add read and store steps for delegate calls. 2024-11-06 16:29:13 +01:00
Simon Friis Vindum
dadc6059a8 Rust: Implement enclosing callable 2024-11-06 16:23:24 +01:00
Paolo Tranquilli
2987743e44 Rust: exclude uncompiled files from semantics and surface semanticless reason 2024-11-06 15:22:28 +01:00
Geoffrey White
bf0e1008ce Rust: Move some test cases together. 2024-11-06 13:14:52 +00:00