86439 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Mathias Vorreiter Pedersen	4a55b6fbdf	C++: Make 'cpp/uninitialized-local' a path-problem query.	2024-03-18 15:02:33 +00:00
Harry Maclean	80ae017aa1	Ruby: Track flow into ActiveRecord scopes	2024-03-18 15:01:37 +00:00
Tom Hvitved	0cecbf5239	Update 2024-02-28-hidden-subpaths.md ... Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2024-03-18 15:36:01 +01:00
Joe Farebrother	4177c38ed4	Merge pull request #15907 from joefarebrother/ruby-uploaded-file ... Ruby: Model ActiveDispatch::Http::UploadedFile	2024-03-18 14:02:33 +00:00
Tamas Vajk	322fb6c507	Change integration test to return stable results	2024-03-18 14:53:49 +01:00
Tom Hvitved	7a3b8ebb3a	Address review comments	2024-03-18 14:49:35 +01:00
Tom Hvitved	40089e8088	Add change note	2024-03-18 14:49:35 +01:00
Tom Hvitved	e53357d376	Update expected test output	2024-03-18 14:49:32 +01:00
Tom Hvitved	d7c9bfa08b	Data flow: Account for hidden subpath wrappers	2024-03-18 14:47:11 +01:00
Alvaro Muñoz	b6a097caa4	Merge pull request #38 from GitHubSecurityLab/improve_untrusted_co	2024-03-18 14:36:42 +01:00
Sim4n6	1af8167354	updated the .expected file	2024-03-18 13:26:20 +00:00
Tamas Vajk	d749335f54	C#: Limit extracted compilation and extraction messages	2024-03-18 14:24:34 +01:00
Tom Hvitved	d83500de5d	Address review comments	2024-03-18 14:24:07 +01:00
Tamas Vajk	e8e1dc0390	C#: Add integration test with extraction and compilation messages	2024-03-18 14:23:40 +01:00
Alvaro Muñoz	874e45e3e5	feat(sources): New sources ... This PR also adds the ability to not limit a source to a trigger event	2024-03-18 13:22:53 +01:00
github-actions[bot]	aebe9f6992	Post-release preparation for codeql-cli-2.16.5	2024-03-18 12:16:26 +00:00
Rasmus Wriedt Larsen	c82f5dad56	JS: show test changes after #15823	2024-03-18 13:09:37 +01:00
Rasmus Wriedt Larsen	28c3d35e9b	Merge commit '7c35309732dd2aa4dc0b4e2949922272ad448854' into js-cg-tests	2024-03-18 13:08:46 +01:00
Rasmus Wriedt Larsen	f9309cec0b	JS: Add tests before #15823 changes	2024-03-18 13:08:39 +01:00
Alvaro Muñoz	9683ae35bc	Add tests	2024-03-18 13:04:57 +01:00
Alvaro Muñoz	8023a527a4	fix(untrusted_co): Do not report Reusable workflows called from pull_request	2024-03-18 13:02:11 +01:00
Mathias Vorreiter Pedersen	7b6accd33a	Update cpp/ql/src/experimental/Security/CWE/CWE-416/IteratorToExpiredContainer.ql ... Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2024-03-18 12:01:51 +00:00
Mathias Vorreiter Pedersen	457d71d7bc	Update cpp/ql/src/experimental/Security/CWE/CWE-416/IteratorToExpiredContainer.ql ... Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2024-03-18 12:01:44 +00:00
Arthur Baars	dbf16827bf	Merge pull request #15951 from github/aibaars/changenotes-fixes ... Fix minor formatting issues in changenotes	2024-03-18 12:56:50 +01:00
Tamás Vajk	7429fa7b96	Merge pull request #15952 from tamasvajk/buildless/impr1 ... C#: Add logging for source file parsing	2024-03-18 12:27:27 +01:00
Tamás Vajk	f63c9fa07f	Merge pull request #15953 from tamasvajk/buildless/impr2 ... C#: Iterate text files only once	2024-03-18 12:26:38 +01:00
Ian Lynagh	d2bb951ecd	Merge pull request #15943 from igfoo/igfoo/k2locs ... Kotlin 2: Accept more location changes	2024-03-18 11:26:08 +00:00
Owen Mansel-Chan	7fb05f4a76	Fix duplicate "df-" in "df-df-manual"	2024-03-18 11:17:55 +00:00
Mathias Vorreiter Pedersen	575af1a5f9	Merge branch 'main' into experimental-surprising-lifetimes-for-range-based-for-loop	2024-03-18 11:11:32 +00:00
Mathias Vorreiter Pedersen	1d12e0c9d9	Merge pull request #15941 from MathiasVP/ir-guards-from-switch-statements ... C++: Handle `switch` statements in the guards library	2024-03-18 11:07:10 +00:00
Mathias Vorreiter Pedersen	e0476b555d	Merge pull request #15934 from MathiasVP/ir-models-for-iterators ... C++: Add alias and side-effect models to `begin` and `end` functions	2024-03-18 11:06:59 +00:00
Arthur Baars	769e3469a4	Merge pull request #15954 from github/release-prep/2.16.5 ... Release preparation for version 2.16.5 codeql-cli/v2.16.5	2024-03-18 11:56:14 +01:00
Mathias Vorreiter Pedersen	0be329dbdc	C++: Delete duplicated code.	2024-03-18 10:33:40 +00:00
github-actions[bot]	0a6243d07b	Release preparation for version 2.16.5	2024-03-18 10:14:07 +00:00
Mathias Vorreiter Pedersen	51db2b0bc4	C++: Convert tabs to spaces in ir.cpp.	2024-03-18 10:11:37 +00:00
Tamas Vajk	881c426631	C#: Iterate text files only once	2024-03-18 11:06:44 +01:00
Tamas Vajk	3a8d468983	C#: Add logging for source file parsing	2024-03-18 11:02:29 +01:00
Alvaro Muñoz	0a2be55507	Merge branch 'master' of https://github.com/GitHubSecurityLab/codeql-actions	2024-03-18 11:00:30 +01:00
Alvaro Muñoz	8906bd9635	Bump versions	2024-03-18 11:00:22 +01:00
Arthur Baars	a810165e35	Fix minor formatting issues in changenotes	2024-03-18 10:57:05 +01:00
Tom Hvitved	a13391bda1	Merge pull request #15802 from hvitved/dataflow/variable-capture-overlapping-paths ... Variable capture: Avoid overlapping and false-positive data flow paths	2024-03-18 10:45:55 +01:00
Rasmus Lerchedahl Petersen	2a0c451d2d	python: No fieldFlowBranchLimit for SummarizedCallables ... Like https://github.com/github/codeql/pull/15689 for Ruby.	2024-03-18 10:29:36 +01:00
Rasmus Lerchedahl Petersen	45c65b48aa	python: make it a real package ... so python2 also respects it	2024-03-18 08:49:31 +01:00
Jami Cogswell	a8eb1d10f6	Java: remove experimental tests	2024-03-17 22:35:27 -04:00
Jami Cogswell	658fffeac1	Java: remove experimental files	2024-03-17 22:03:59 -04:00
Owen Mansel-Chan	754d4cd959	Fix model provenance to df-manual	2024-03-17 14:36:47 +00:00
Owen Mansel-Chan	23a58a0835	Add df-manual models related to existing df-manual models	2024-03-17 14:21:05 +00:00
Owen Mansel-Chan	fc367042ef	Fix df-manual model with wrong parameter type	2024-03-17 14:21:01 +00:00
Jorge	cbfd53a17c	Merge pull request #37 from GitHubSecurityLab/fix-inputs ... Fix inputs with composite action	2024-03-15 23:03:27 +01:00
Jorge	e60c0b875f	Fix inputs for composite action	2024-03-15 22:01:06 +00:00