hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-12 16:31:10 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,785 Branches 169 Tags
codeql-cli-2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ian Lynagh
cfc419b639 Kotlin: Remove unused ODASA_HOME variable 2024-05-09 15:59:47 +01:00
Ian Lynagh
304ad33837 Kotlin: Remove unused ODASA_TOOLS variable 2024-05-09 15:59:47 +01:00
Ian Lynagh
231918f612 Kotlin: Remove redundant variable ODASA_JAVA_LAYOUT 2024-05-09 15:59:47 +01:00
Owen Mansel-Chan
526204dc43 Merge pull request #16458 from owen-mc/go/fix-mad-for-builtin-functions 
Go: fix `hasQualifiedName` and models-as-data for built-in functions
 2024-05-09 15:06:07 +01:00
Joe Farebrother
20a1e22c44 Add missing CWE tags 2024-05-09 10:33:48 +01:00
Joe Farebrother
da93a08639 Add change notes 
No change note is needed for Swift, as the new heuristics are unused and thus should not affect any queries.
 2024-05-09 10:03:20 +01:00
Joe Farebrother
f1ab3f40f3 Add unit tests 2024-05-09 09:47:44 +01:00
Joe Farebrother
9aff22c664 Fix typos in sensitive data regex 2024-05-09 09:39:03 +01:00
Jeroen Ketema
4dfcdbccd7 Merge pull request #16459 from jketema/handler-fix 
C++: Fix destructor translation for handlers
 2024-05-09 10:23:07 +02:00
Sarita Iyer
aab5da0435 Merge pull request #16320 from github/subatoi/deprecate-codeql-for-vs-code 
[8th May 2024] Add deprecation notices to CodeQL for VS Code documentation
 2024-05-08 17:00:42 -04:00
Alvaro Muñoz
3b684d8c94 Merge pull request #19 from github/cache_poisoning_actions 
Fix error in select
 2024-05-08 22:44:57 +02:00
Alvaro Muñoz
eb4eb4e931 Merge branch 'master' into cache_poisoning_actions 2024-05-08 22:43:22 +02:00
Alvaro Muñoz
d6fb0ae84e Update tests 2024-05-08 22:41:05 +02:00
Alvaro Muñoz
ad45d319c5 Resolve conflict 2024-05-08 22:37:22 +02:00
Alvaro Muñoz
1ea0312f36 Bump qlpack versions 2024-05-08 22:35:25 +02:00
Alvaro Muñoz
d2e9411e12 Update and new tests 2024-05-08 22:35:17 +02:00
Alvaro Muñoz
44377acb08 Improve Cache Poisoning quer 2024-05-08 22:35:06 +02:00
Alvaro Muñoz
2d09d1e6d8 Fix alert text 2024-05-08 22:34:30 +02:00
Alvaro Muñoz
f95a3e5298 Refactor eventtrigger and privileged methods 
Move them from Workflows to Jobs
 2024-05-08 22:34:11 +02:00
Alvaro Muñoz
ddf72a2cf3 Add more poisonable steps 2024-05-08 22:32:24 +02:00
Alvaro Muñoz
e8f2bc3ef6 Remove debug method 2024-05-08 22:32:11 +02:00
Jeroen Ketema
9e09c5a6cf C++: Fix copy and paste error in comment 2024-05-08 22:11:19 +02:00
Owen Mansel-Chan
279b2c7a95 Merge pull request #16457 from owen-mc/go/fix-implicitvarargsslice-type 
Go: Fix `getType` on `ImplicitVarArgsSlice`
 2024-05-08 20:52:01 +01:00
erik-krogh
811c175556 add example for domain names with sub-domains to missing-regexp-anchor 2024-05-08 20:50:43 +02:00
erik-krogh
a51d24cbab apply suggestions from code review, and the examples to the test 2024-05-08 19:34:50 +02:00
Jeroen Ketema
d68d2cca41 C++: Fix destructor translation for handlers 2024-05-08 19:26:56 +02:00
Jeroen Ketema
0cbedfb28c Merge pull request #16455 from jketema/if-fix 
C++: Ensure destructors for ifs are called after both branches and for both if and constexpr if
 2024-05-08 19:15:28 +02:00
Geoffrey White
49aba25852 Merge pull request #16445 from geoffw0/qhelp4 
C++: Improve qhelp for DoubleFree.
 2024-05-08 18:02:12 +01:00
Alvaro Muñoz
409a6aa137 Update ql/src/Security/CWE-349/CachePoisoning.ql 
Co-authored-by: Jaroslav Lobačevski <jarlob@github.com>
 2024-05-08 18:48:16 +02:00
Geoffrey White
53d4a10108 Update cpp/ql/src/Critical/DoubleFree.qhelp 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-05-08 17:15:08 +01:00
Mathias Vorreiter Pedersen
59fb9cc862 Merge pull request #16299 from MathiasVP/remove-base-address-as-ipa-key 
C++: Remove an unnecessary column
 2024-05-08 16:43:30 +01:00
Owen Mansel-Chan
4f10cb5fa0 Local flow tests: do not list summary models 
This is so that when we don't change the test results every time we add
a summary model for a built-in function.
 2024-05-08 16:13:37 +01:00
Owen Mansel-Chan
57ff30c5f3 Update tests: built-in models now work 2024-05-08 16:07:02 +01:00
Owen Mansel-Chan
1ccea884ff Add change note 2024-05-08 15:37:25 +01:00
Owen Mansel-Chan
f6f594e4b5 parse empty string as package name 2024-05-08 15:33:19 +01:00
Owen Mansel-Chan
fb74a2a170 Use "" in qualified name for entities without a package 2024-05-08 15:33:19 +01:00
Owen Mansel-Chan
4d42a88c3c Add change note 2024-05-08 15:31:22 +01:00
Owen Mansel-Chan
9842445b52 Fix getType on ImplicitVarArgsSlice 
It was not defined for built-in functions or for functions called via
a function variable.
 2024-05-08 15:22:27 +01:00
Rasmus Wriedt Larsen
694b3b0fce Merge pull request #16452 from RasmusWL/fix-warning 
misc: Fix docstring warning
 2024-05-08 16:07:10 +02:00
Alvaro Muñoz
fafb44d4f6 Add CachePoisoning by Code Injection query 2024-05-08 15:20:48 +02:00
Michael B. Gale
8cba06a25c Merge pull request #16454 from github/mbg/go/fix/shadowed-variable 2024-05-08 14:13:18 +01:00
Alvaro Muñoz
b965a55339 Fix error in select 
Casting to CachingWritingStep in the select clause was shadowing all the Poisonable result
 2024-05-08 15:04:48 +02:00
Geoffrey White
088f8297b6 C++: Use nullptr. 2024-05-08 14:04:21 +01:00
Joe Farebrother
ab23d0ad23 Merge branch 'main' into python-promote-header-injection 2024-05-08 13:49:00 +01:00
Jeroen Ketema
1a53b923a6 C++: Ensure destructors for ifs are called after both branches 2024-05-08 14:48:28 +02:00
Sylwia Budzynska
944f8842b7 Change getASuccessor() to getASubscript() 2024-05-08 14:44:06 +02:00
Michael Nebel
64145cf181 Java: Make it evident that we print signature of the lifted callable. 2024-05-08 14:42:53 +02:00
Michael Nebel
f00ad7c0e7 C#/Java: Invert api filtering logic. 2024-05-08 14:42:53 +02:00
Michael Nebel
5e2e224c9c Java: Updated expected test output. 2024-05-08 14:42:53 +02:00
Michael Nebel
e8120afef9 Java: Improve super implementation and ensure that lift produces a result. 2024-05-08 14:42:52 +02:00