hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-13 00:41:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,784 Branches 169 Tags
codeql-cli-2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alvaro Muñoz
3120d4b328 Merge branch 'master' of https://github.com/github/codeql-actions 2024-05-14 15:38:48 +02:00
Alvaro Muñoz
33b3fc67c7 Merge pull request #30 from github/peter_murray_issue-body-parser-action_model 
Add missing source for peter-murray/issue-body-parser-action
 2024-05-14 15:38:18 +02:00
Alvaro Muñoz
67c964808b Merge pull request #29 from github/toctou_queries 
TOCTOU queries
 2024-05-14 15:36:18 +02:00
Alvaro Muñoz
f96b9cc535 Update tests 2024-05-14 15:35:13 +02:00
Alvaro Muñoz
ca59423c8a Bump qlpack versions 2024-05-14 15:32:40 +02:00
Alvaro Muñoz
ff2cfa568d Merge pull request #31 from github/branch_deploy_head_source 
Treat branch-deploy action as a source of HEAD ref for untrusted checkouts
 2024-05-14 15:30:11 +02:00
Alvaro Muñoz
a0939bb0a3 Bump qlpack versions 2024-05-14 15:29:45 +02:00
Chuan-kai Lin
99335e5f29 Merge pull request #16421 from github/cklin/java-entities-reorder 
Java: Use entities in reorder directives
 2024-05-14 06:03:52 -07:00
Rasmus Lerchedahl Petersen
49ffa8bf07 Merge branch 'main' of https://github.com/github/codeql into python/test-constructor-MaD-path 2024-05-14 14:30:18 +02:00
Joe Farebrother
027e5e7291 Merge pull request #16300 from joefarebrother/python-pyramid 
Python: Model the Pyramid framework
 2024-05-14 13:24:19 +01:00
Joe Farebrother
904799b674 Merge pull request #16105 from joefarebrother/python-promote-header-injection 
Python: Promote Header Injection query from experimental
 2024-05-14 13:23:58 +01:00
Sylwia Budzynska
34c447939e Update test results 2024-05-14 14:23:36 +02:00
Cornelius Riemenschneider
869bf8afc6 C++/C#: Move the Windows autobuilder into a subfolder in ql/csharp. 
This is a necessary preparation for moving the C# dependency management to `paket`,
which in turn is a necessary preparation for moving the C# build to bazel.

As we discovered in https://github.com/github/codeql/pull/16376,
`paket` tries to restore all projects recursively from the root folder.
If we support building C# code under both `ql/csharp` and `ql/cpp`, we need
to have a single lockfile under `ql`, as both codebases share the same set of dependencies
(and utilities from `ql/csharp/extractor`).
Then, `paket` will also try to restore things that look like "C# projects" in other languages'
folders, which is not what we want.
Therefore, we address this by moving all C# code into a common root directory, `ql/csharp`.

This needs an internal PR to adjust the buildsystem to look for the autobuilder in the new location.
 2024-05-14 13:45:49 +02:00
Michael Nebel
79c6834aa3 Merge pull request #16374 from michaelnebel/java/narrowsuperimpl 
Java: Improve finding best type for models and lifting.
 2024-05-14 13:12:04 +02:00
Sylwia Budzynska
f72afdc7cb Merge branch 'main' into gradio-model 2024-05-14 12:41:00 +02:00
Óscar San José
e65a62c727 Merge pull request #16485 from github/oscarsj/fix-lfs-probe-auth-in-cs 
make sure GITHUB_TOKEN exists and is not empty before using it in auth headers
 2024-05-14 11:49:20 +02:00
Alvaro Muñoz
0473c3824f Treat branch-deploy action as a source of HEAD ref for untrusted checkouts 2024-05-14 11:38:39 +02:00
Alvaro Muñoz
00f77ca9ec Add missing source for peter-murray/issue-body-parser-action 2024-05-14 11:36:43 +02:00
Óscar San José
9105faa3fd make sure GITHUB_TOKEN exists and is not empty before using it in auth headers 2024-05-14 11:22:07 +02:00
Óscar San José
faa2dcee24 test GITHUB_TOKEN non-emptyness before using it in auth headers 2024-05-14 11:18:18 +02:00
Joe Farebrother
a62ce4c51d Merge pull request #16461 from joefarebrother/csharp-missing-cwe-metadata 
C#: Add missing CWE tags
 2024-05-14 09:32:06 +01:00
Óscar San José
5b572a2c2a make GITHUB_TOKEN in lfs_probe a fallback rather than an override 2024-05-14 10:24:02 +02:00
Alvaro Muñoz
73fbd2311b Improper access check queries and tests 2024-05-14 10:20:04 +02:00
Alvaro Muñoz
7c295e011a TOCTOU queries and tests 2024-05-14 10:19:27 +02:00
Alvaro Muñoz
b4096e0201 Refactor control checks 2024-05-14 09:56:23 +02:00
am0o0
c7adb32bc4 simply replace duplicate class references with classRef() in Fabric.qll 2024-05-14 09:51:47 +02:00
Anders Schack-Mulligen
ed0717af96 Merge pull request #16478 from aschackmull/java/hasqualifiedname 
Java: Clean up some instances of getQualifiedName.
 2024-05-14 09:19:25 +02:00
Rasmus Lerchedahl Petersen
52717f8500 python: The MaD token Instance now follows subclasses 2024-05-14 08:40:19 +02:00
Joe Farebrother
513a319149 Change cwe to 348 2024-05-13 22:38:47 +01:00
Chuan-kai Lin
b34fb7c26b Merge pull request #16423 from github/cklin/python-entities-reorder 
Python: Use entities in reorder directives
 2024-05-13 10:26:55 -07:00
Chuan-kai Lin
1758a1e04b Merge pull request #16422 from github/cklin/javascript-entities-reorder 
JS: Use entities in reorder directives
 2024-05-13 10:26:41 -07:00
Chuan-kai Lin
9456eaf5d3 Merge pull request #16420 from github/cklin/go-entities-reorder 
Go: Use entities in reorder directives
 2024-05-13 10:26:04 -07:00
Chuan-kai Lin
372746ffd4 Merge pull request #16419 from github/cklin/csharp-entities-reorder 
C#: Use entities in reorder directives
 2024-05-13 10:25:50 -07:00
Felicity Chapman
34f91f8129 Stop building the CodeQL for VS Code docs 2024-05-13 16:23:06 +01:00
Michael B. Gale
65c654e946 Go: Do not use a named return variable in buildWithoutCustomCommands 2024-05-13 15:33:52 +01:00
Alvaro Muñoz
60769f1671 Bump qlpack versions 2024-05-13 16:26:53 +02:00
Alvaro Muñoz
54d103ffe4 Merge pull request #28 from github/feat/matrix_expressions 
Resolve Matrix expression to their possible values
 2024-05-13 16:25:52 +02:00
Alvaro Muñoz
cee0389d6e Update SelfHostedQuery.qll 
Co-authored-by: Jaroslav Lobačevski <jarlob@github.com>
 2024-05-13 15:33:28 +02:00
am0o0
37d33186e5 revert classRef deletion, fix secondaryserverCmdInjection expected test results 2024-05-13 15:02:04 +02:00
am0o0
fb3d34ce11 format Torch.qll 2024-05-13 14:43:43 +02:00
amammad
bdee99ae88 stash 2024-05-13 14:37:05 +02:00
Alvaro Muñoz
a1efc78ac7 Refactor regexps 2024-05-13 13:47:01 +02:00
Chris Smowton
10e1bfcee5 Add test case for a custom Java trust store 2024-05-13 12:43:06 +01:00
Michael B. Gale
4d5f05a8dd Go: Adjust log messages depending on whether build scripts were found or not 2024-05-13 12:42:00 +01:00
Michael B. Gale
1b9e8ae86f Go: Modify Autobuild to return an array of scripts that were run 2024-05-13 12:38:51 +01:00
Michael B. Gale
bbc359ebde Go: Improve messages in buildWithoutCustomCommands 2024-05-13 12:31:04 +01:00
Anders Schack-Mulligen
76e740bc1d Java: Clean up some instances of getQualifiedName. 2024-05-13 13:06:44 +02:00
Alvaro Muñoz
9ee9314cb9 Resolve conflicts after rebasing 2024-05-13 10:37:42 +02:00
Paolo Tranquilli
5eaaf02bf5 Merge pull request #16472 from github/redsun82/go-pre-commit 
Go: disable pre-commit hook
 2024-05-13 09:49:40 +02:00
Paolo Tranquilli
f125e732b0 Go: disable pre-commit hook 2024-05-13 09:27:35 +02:00