hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-23 21:57:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,784 Branches 169 Tags
codeql-cli-2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Maiky
9ab6eabd15 add filterTaintStep, qhelp file and test files 2023-05-26 18:13:58 +02:00
Philip Ginsbach
ded98c5a5f Merge pull request #13304 from github/ginsbach/SmallSpecificationFixes 
two small QL specification fixes
 2023-05-26 16:18:36 +01:00
Taus
227c5fab40 Java: Get location ordering without toString 2023-05-26 14:52:08 +00:00
Paolo Tranquilli
ddf45b27ca Merge pull request #13300 from github/redsun82/swift-fix-autobuild-corner-case 
Swift: exclude unknown type targets ending in `Tests` or `Test` from autobuilding
 2023-05-26 16:49:01 +02:00
Philip Ginsbach
47a0d4b774 more explicit mentioning of QLL files 2023-05-26 15:03:34 +01:00
Philip Ginsbach
ba51ded516 bindingset is not really a pragma 2023-05-26 15:03:34 +01:00
Geoffrey White
32c113bc38 Swift: Fix following merge with main. 2023-05-26 14:41:48 +01:00
Geoffrey White
68354c09bf Merge branch 'main' into sqlpathinject 2023-05-26 14:33:05 +01:00
Paolo Tranquilli
15047368e8 Swift: add a warning to unmangled types 2023-05-26 15:12:21 +02:00
Paolo Tranquilli
3f7c4dec25 Swift: add a header comment to SwiftMangler 2023-05-26 15:05:40 +02:00
Asger F
3831dc7785 Merge pull request #13288 from asgerf/rb/super-and-flow-through 
Ruby: two bug fixes
 2023-05-26 15:04:52 +02:00
Paolo Tranquilli
d81dc274f6 Swift: make a TODO more assertive as there is a draft PR already 2023-05-26 14:45:29 +02:00
Asger F
cfaa27ab5d Ruby: change note 2023-05-26 14:44:00 +02:00
Paolo Tranquilli
05ed66ad8f Swift: remove debugging print 2023-05-26 14:42:02 +02:00
Paolo Tranquilli
c5cee0d419 Swift: exclude targets ending in Tests or Test from autobuilding 2023-05-26 14:19:07 +02:00
Stephan Brandauer
efe539eb32 Java: better sampling of negative examples 2023-05-26 14:15:32 +02:00
Asger F
c637b6f59a JS: Update test for RegExpAlwaysMatches 2023-05-26 14:10:26 +02:00
Asger F
9df9ca2916 JS: Update test and expectations for MissingRegExpAnchor 2023-05-26 14:07:34 +02:00
Asger F
40daa9c906 JS: Update RegExpInjection test and expectations 2023-05-26 14:05:36 +02:00
Rasmus Lerchedahl Petersen
9cb83fcdc9 python: add summaries for 
copy, pop, get, getitem, setdefault

Also add read steps to taint tracking.

Reading from a tainted collection can be done in two situations:
1. There is an acces path
    In this case a read step (possibly from a flow summary)
    gives rise to a taint step.
2. There is no access path
    In this case an explicit taint step (possibly via a flow
    summary) should exist.
 2023-05-26 14:04:15 +02:00
Jami
6867e94ed5 Merge pull request #13158 from jcogs33/jcogs33/update-csharp-sink-kinds 
C#: update MaD sink kinds
 2023-05-26 08:03:21 -04:00
yoff
af1f4c30fb Merge pull request #13299 from asgerf/rb/meta-query-summarised-callable-sites 
Ruby/Python: add meta-queries for calls to summarised callables
 2023-05-26 13:27:56 +02:00
Rasmus Lerchedahl Petersen
144df9a39e python: remove explicit dataflow steps 2023-05-26 13:24:22 +02:00
Rasmus Lerchedahl Petersen
8d4f9447b1 python: remove explicit steps 
copy, pop, get, popitem
 2023-05-26 13:22:54 +02:00
Stephan Brandauer
a89378d86d Java: add extra known frameworks and sample negative samples to manage sarif file sizes 2023-05-26 13:20:04 +02:00
Arthur Baars
e0466900ad Merge pull request #12992 from Sim4n6/ruby-UBV 
[Ruby] Add Unicode Bypass Validation query, test and help file
 2023-05-26 13:00:21 +02:00
Tony Torralba
4dfc9b13cd Java: Fix performance issue in the stub generator 2023-05-26 12:44:53 +02:00
Tony Torralba
8e16a0d144 Add tests and stubs for the summaries 2023-05-26 12:43:58 +02:00
Alex Ford
baabd2d1fa Merge pull request #12832 from maikypedia/maikypedia/pg-sqli 
Ruby: Add SQL Injection Sinks
 2023-05-26 11:36:17 +01:00
Michael Nebel
915042a881 Minor cleanup and sync files. 2023-05-26 12:25:00 +02:00
Michael Nebel
783d560e7d Swift: Re-factor getComponent. 2023-05-26 12:25:00 +02:00
Michael Nebel
58fcbc136c Ruby: Re-factor getComponent. 2023-05-26 12:25:00 +02:00
Michael Nebel
811eee1f0d Python: Re-factor getComponent. 2023-05-26 12:24:59 +02:00
Michael Nebel
b794627335 Go: Re-factor getComponent. 2023-05-26 12:24:59 +02:00
Michael Nebel
b7a8660375 Java: Re-factor getComponent. 2023-05-26 12:24:59 +02:00
Michael Nebel
066554cee6 C#: Re-factor getComponent. 2023-05-26 12:24:59 +02:00
Paolo Tranquilli
a6e21dac8f Merge pull request #13284 from github/redsun82/swift-remove-property-wrapper-inconsistencies 
Swift: remove some AST and CFG inconsistencies
 2023-05-26 12:22:56 +02:00
Geoffrey White
57d6505ee3 Swift: Move change note. 2023-05-26 11:10:29 +01:00
Asger F
2629ec1b1d JS: Be more conservative about flagging "search" call arguments as regex 2023-05-26 11:55:53 +02:00
Asger F
75fd20b3b8 Python: add meta-query for calls to summarized callables 2023-05-26 11:40:58 +02:00
Jeroen Ketema
63657396c5 Merge pull request #13267 from MathiasVP/promote-overrun-write 
C++: Promote `cpp/overrun-write` out of experimental
 2023-05-26 11:34:26 +02:00
Asger F
1c7f6dc32e Ruby: add meta-query for calls to summarized callables 2023-05-26 11:34:23 +02:00
Michael B. Gale
631ba6584d Go: Update identify-environment JSON format 
The spec changed after this was implemented and merged
 2023-05-26 10:13:40 +01:00
Michael B. Gale
af803c8886 Go: include new scripts in Makefile 2023-05-26 10:13:40 +01:00
Michael B. Gale
e48fc66782 Swift: Add identify-environment script 2023-05-26 10:13:39 +01:00
Tony Torralba
903fdb0cb8 Java: Add models for the Play Framework 2023-05-26 10:23:43 +02:00
Tamas Vajk
918cfd6f44 Add integration test 2023-05-26 09:50:06 +02:00
Geoffrey White
736f2871f9 Swift: Tweak private info regexps to restore 'account_no' results. 2023-05-26 08:43:32 +01:00
Tamas Vajk
74a585222c C#: Extract source files generated by source generators 2023-05-26 09:13:41 +02:00
Paolo Tranquilli
5a2433244e Swift: remove now passing PrintAstConsistency check 2023-05-26 08:58:49 +02:00